diff --git a/docs/gapic/v1p1beta1/api.rst b/docs/gapic/v1p1beta1/api.rst new file mode 100644 index 00000000..5647d08b --- /dev/null +++ b/docs/gapic/v1p1beta1/api.rst @@ -0,0 +1,6 @@ +Client for Cloud Security Command Center API +============================================ + +.. automodule:: google.cloud.securitycenter_v1p1beta1 + :members: + :inherited-members: \ No newline at end of file diff --git a/docs/gapic/v1p1beta1/types.rst b/docs/gapic/v1p1beta1/types.rst new file mode 100644 index 00000000..ca4bcfc6 --- /dev/null +++ b/docs/gapic/v1p1beta1/types.rst @@ -0,0 +1,5 @@ +Types for Cloud Security Command Center API Client +================================================== + +.. automodule:: google.cloud.securitycenter_v1p1beta1.types + :members: \ No newline at end of file diff --git a/docs/index.rst b/docs/index.rst index 57184dab..49c37383 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -2,14 +2,28 @@ Api Reference ------------- + +v1 +~~~ .. toctree:: :maxdepth: 2 gapic/v1/api gapic/v1/types + +v1beta1 +~~~~~~~ +.. toctree:: gapic/v1beta1/api gapic/v1beta1/types + +v1p1beta1 +~~~~~~~~~ +.. toctree:: + gapic/v1p1beta1/api + gapic/v1p1beta1/types + Changelog ---------- diff --git a/google/cloud/securitycenter.py b/google/cloud/securitycenter.py index e2b719ca..44fb7b3e 100644 --- a/google/cloud/securitycenter.py +++ b/google/cloud/securitycenter.py @@ -1,6 +1,6 @@ # -*- coding: utf-8 -*- # -# Copyright 2019 Google LLC +# Copyright 2020 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/google/cloud/securitycenter_v1/__init__.py b/google/cloud/securitycenter_v1/__init__.py index 090c03d1..97f5a8a2 100644 --- a/google/cloud/securitycenter_v1/__init__.py +++ b/google/cloud/securitycenter_v1/__init__.py @@ -1,6 +1,6 @@ # -*- coding: utf-8 -*- # -# Copyright 2019 Google LLC +# Copyright 2020 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,12 +16,23 @@ from __future__ import absolute_import +import sys +import warnings from google.cloud.securitycenter_v1 import types from google.cloud.securitycenter_v1.gapic import enums from google.cloud.securitycenter_v1.gapic import security_center_client +if sys.version_info[:2] == (2, 7): + message = ( + "A future version of this library will drop support for Python 2.7." + "More details about Python 2 support for Google Cloud Client Libraries" + "can be found at https://cloud.google.com/python/docs/python2-sunset/" + ) + warnings.warn(message, DeprecationWarning) + + class SecurityCenterClient(security_center_client.SecurityCenterClient): __doc__ = security_center_client.SecurityCenterClient.__doc__ enums = enums diff --git a/google/cloud/securitycenter_v1/gapic/enums.py b/google/cloud/securitycenter_v1/gapic/enums.py index 36055ab1..4c1d9277 100644 --- a/google/cloud/securitycenter_v1/gapic/enums.py +++ b/google/cloud/securitycenter_v1/gapic/enums.py @@ -1,6 +1,6 @@ # -*- coding: utf-8 -*- # -# Copyright 2019 Google LLC +# Copyright 2020 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/google/cloud/securitycenter_v1/gapic/security_center_client.py b/google/cloud/securitycenter_v1/gapic/security_center_client.py index eaf1e33a..721738f7 100644 --- a/google/cloud/securitycenter_v1/gapic/security_center_client.py +++ b/google/cloud/securitycenter_v1/gapic/security_center_client.py @@ -1,6 +1,6 @@ # -*- coding: utf-8 -*- # -# Copyright 2019 Google LLC +# Copyright 2020 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -296,10 +296,10 @@ def create_source( >>> response = client.create_source(parent, source) Args: - parent (str): Resource name of the new source's parent. Its format should be + parent (str): Required. Resource name of the new source's parent. Its format should be "organizations/[organization\_id]". - source (Union[dict, ~google.cloud.securitycenter_v1.types.Source]): The Source being created, only the display\_name and description will be - used. All other fields will be ignored. + source (Union[dict, ~google.cloud.securitycenter_v1.types.Source]): Required. The Source being created, only the display\_name and + description will be used. All other fields will be ignored. If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.securitycenter_v1.types.Source` @@ -382,13 +382,13 @@ def create_finding( >>> response = client.create_finding(parent, finding_id, finding) Args: - parent (str): Resource name of the new finding's parent. Its format should be - "organizations/[organization\_id]/sources/[source\_id]". - finding_id (str): Unique identifier provided by the client within the parent scope. + parent (str): Required. Resource name of the new finding's parent. Its format should + be "organizations/[organization\_id]/sources/[source\_id]". + finding_id (str): Required. Unique identifier provided by the client within the parent scope. It must be alphanumeric and less than or equal to 32 characters and greater than 0 characters in length. - finding (Union[dict, ~google.cloud.securitycenter_v1.types.Finding]): The Finding being created. The name and security\_marks will be ignored - as they are both output only fields on this resource. + finding (Union[dict, ~google.cloud.securitycenter_v1.types.Finding]): Required. The Finding being created. The name and security\_marks will + be ignored as they are both output only fields on this resource. If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.securitycenter_v1.types.Finding` @@ -540,8 +540,8 @@ def get_organization_settings( >>> response = client.get_organization_settings(name) Args: - name (str): Name of the organization to get organization settings for. Its format is - "organizations/[organization\_id]/organizationSettings". + name (str): Required. Name of the organization to get organization settings for. Its + format is "organizations/[organization\_id]/organizationSettings". retry (Optional[google.api_core.retry.Retry]): A retry object used to retry requests. If ``None`` is specified, requests will be retried using a default configuration. @@ -610,7 +610,7 @@ def get_source( >>> response = client.get_source(name) Args: - name (str): Relative resource name of the source. Its format is + name (str): Required. Relative resource name of the source. Its format is "organizations/[organization\_id]/source/[source\_id]". retry (Optional[google.api_core.retry.Retry]): A retry object used to retry requests. If ``None`` is specified, requests will @@ -701,22 +701,26 @@ def group_assets( ... pass Args: - parent (str): Name of the organization to groupBy. Its format is + parent (str): Required. Name of the organization to groupBy. Its format is "organizations/[organization\_id]". - group_by (str): Expression that defines what assets fields to use for grouping. The - string value should follow SQL syntax: comma separated list of fields. - For example: + group_by (str): Required. Expression that defines what assets fields to use for + grouping. The string value should follow SQL syntax: comma separated + list of fields. For example: "security\_center\_properties.resource\_project,security\_center\_properties.project". The following fields are supported when compare\_duration is not set: - security\_center\_properties.resource\_project + - security\_center\_properties.resource\_project\_display\_name - security\_center\_properties.resource\_type - security\_center\_properties.resource\_parent + - security\_center\_properties.resource\_parent\_display\_name The following fields are supported when compare\_duration is set: - security\_center\_properties.resource\_type + - security\_center\_properties.resource\_project\_display\_name + - security\_center\_properties.resource\_parent\_display\_name filter_ (str): Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators ``AND`` and ``OR``. Parentheses are supported, and ``OR`` has @@ -743,26 +747,45 @@ def group_assets( - integer literals without quotes. - boolean literals ``true`` and ``false`` without quotes. - The following field and operator combinations are supported: name \| '=' - update\_time \| '=', '>', '<', '>=', '<=' + The following field and operator combinations are supported: - Usage: This should be milliseconds since epoch or an RFC3339 string. - Examples: "update\_time = "2019-06-10T16:07:18-07:00"" "update\_time = - 1560208038000" + - name: ``=`` - create\_time \| '=', '>', '<', '>=', '<=' + - update\_time: ``=``, ``>``, ``<``, ``>=``, ``<=`` - Usage: This should be milliseconds since epoch or an RFC3339 string. - Examples: "create\_time = "2019-06-10T16:07:18-07:00"" "create\_time = - 1560208038000" + Usage: This should be milliseconds since epoch or an RFC3339 string. + Examples: "update\_time = "2019-06-10T16:07:18-07:00"" "update\_time + = 1560208038000" + + - create\_time: ``=``, ``>``, ``<``, ``>=``, ``<=`` + + Usage: This should be milliseconds since epoch or an RFC3339 string. + Examples: "create\_time = "2019-06-10T16:07:18-07:00"" "create\_time + = 1560208038000" + + - iam\_policy.policy\_blob: ``=``, ``:`` + + - resource\_properties: ``=``, ``:``, ``>``, ``<``, ``>=``, ``<=`` + + - security\_marks.marks: ``=``, ``:`` + + - security\_center\_properties.resource\_name: ``=``, ``:`` + + - security\_center\_properties.resource\_display\_name: ``=``, ``:`` + + - security\_center\_properties.resource\_type: ``=``, ``:`` + + - security\_center\_properties.resource\_parent: ``=``, ``:`` - iam\_policy.policy\_blob \| '=', ':' resource\_properties \| '=', ':', - '>', '<', '>=', '<=' security\_marks \| '=', ':' - security\_center\_properties.resource\_name \| '=', ':' - security\_center\_properties.resource\_type \| '=', ':' - security\_center\_properties.resource\_parent \| '=', ':' - security\_center\_properties.resource\_project \| '=', ':' - security\_center\_properties.resource\_owners \| '=', ':' + - security\_center\_properties.resource\_parent\_display\_name: ``=``, + ``:`` + + - security\_center\_properties.resource\_project: ``=``, ``:`` + + - security\_center\_properties.resource\_project\_display\_name: ``=``, + ``:`` + + - security\_center\_properties.resource\_owners: ``=``, ``:`` For example, ``resource_properties.size = 100`` is a valid filter string. @@ -894,7 +917,7 @@ def group_findings( specified properties. To group across all sources provide a ``-`` as the source id. Example: - /v1/organizations/123/sources/-/findings + /v1/organizations/{organization\_id}/sources/-/findings Example: >>> from google.cloud import securitycenter_v1 @@ -921,11 +944,11 @@ def group_findings( ... pass Args: - parent (str): Name of the source to groupBy. Its format is + parent (str): Required. Name of the source to groupBy. Its format is "organizations/[organization\_id]/sources/[source\_id]". To groupBy across all sources provide a source\_id of ``-``. For example: - organizations/123/sources/- - group_by (str): Expression that defines what assets fields to use for grouping + organizations/{organization\_id}/sources/- + group_by (str): Required. Expression that defines what assets fields to use for grouping (including ``state_change``). The string value should follow SQL syntax: comma separated list of fields. For example: "parent,resource\_name". @@ -963,17 +986,29 @@ def group_findings( - integer literals without quotes. - boolean literals ``true`` and ``false`` without quotes. - The following field and operator combinations are supported: name \| - ``=`` parent \| '=', ':' resource\_name \| '=', ':' state \| '=', ':' - category \| '=', ':' external\_uri \| '=', ':' event\_time \| ``=``, - ``>``, ``<``, ``>=``, ``<=`` + The following field and operator combinations are supported: - Usage: This should be milliseconds since epoch or an RFC3339 string. - Examples: "event\_time = "2019-06-10T16:07:18-07:00"" "event\_time = - 1560208038000" + - name: ``=`` + + - parent: ``=``, ``:`` + + - resource\_name: ``=``, ``:`` + + - state: ``=``, ``:`` + + - category: ``=``, ``:`` + + - external\_uri: ``=``, ``:`` + + - event\_time: ``=``, ``>``, ``<``, ``>=``, ``<=`` - security\_marks \| '=', ':' source\_properties \| '=', ':', ``>``, - ``<``, ``>=``, ``<=`` + Usage: This should be milliseconds since epoch or an RFC3339 string. + Examples: "event\_time = "2019-06-10T16:07:18-07:00"" "event\_time = + 1560208038000" + + - security\_marks.marks: ``=``, ``:`` + + - source\_properties: ``=``, ``:``, ``>``, ``<``, ``>=``, ``<=`` For example, ``source_properties.size = 100`` is a valid filter string. read_time (Union[dict, ~google.cloud.securitycenter_v1.types.Timestamp]): Time used as a reference point when filtering findings. The filter is @@ -1125,8 +1160,8 @@ def list_assets( ... pass Args: - parent (str): Name of the organization assets should belong to. Its format is - "organizations/[organization\_id]". + parent (str): Required. Name of the organization assets should belong to. Its format + is "organizations/[organization\_id]". filter_ (str): Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators ``AND`` and ``OR``. Parentheses are supported, and ``OR`` has @@ -1153,26 +1188,45 @@ def list_assets( - integer literals without quotes. - boolean literals ``true`` and ``false`` without quotes. - The following are the allowed field and operator combinations: name \| - ``=`` update\_time \| ``=``, ``>``, ``<``, ``>=``, ``<=`` + The following are the allowed field and operator combinations: - Usage: This should be milliseconds since epoch or an RFC3339 string. - Examples: "update\_time = "2019-06-10T16:07:18-07:00"" "update\_time = - 1560208038000" + - name: ``=`` - create\_time \| ``=``, ``>``, ``<``, ``>=``, ``<=`` + - update\_time: ``=``, ``>``, ``<``, ``>=``, ``<=`` - Usage: This should be milliseconds since epoch or an RFC3339 string. - Examples: "create\_time = "2019-06-10T16:07:18-07:00"" "create\_time = - 1560208038000" + Usage: This should be milliseconds since epoch or an RFC3339 string. + Examples: "update\_time = "2019-06-10T16:07:18-07:00"" "update\_time + = 1560208038000" + + - create\_time: ``=``, ``>``, ``<``, ``>=``, ``<=`` + + Usage: This should be milliseconds since epoch or an RFC3339 string. + Examples: "create\_time = "2019-06-10T16:07:18-07:00"" "create\_time + = 1560208038000" + + - iam\_policy.policy\_blob: ``=``, ``:`` + + - resource\_properties: ``=``, ``:``, ``>``, ``<``, ``>=``, ``<=`` + + - security\_marks.marks: ``=``, ``:`` + + - security\_center\_properties.resource\_name: ``=``, ``:`` - iam\_policy.policy\_blob \| '=', ':' resource\_properties \| '=', ':', - ``>``, ``<``, ``>=``, ``<=`` security\_marks \| '=', ':' - security\_center\_properties.resource\_name \| '=', ':' - security\_center\_properties.resource\_type \| '=', ':' - security\_center\_properties.resource\_parent \| '=', ':' - security\_center\_properties.resource\_project \| '=', ':' - security\_center\_properties.resource\_owners \| '=', ':' + - security\_center\_properties.resource\_display\_name: ``=``, ``:`` + + - security\_center\_properties.resource\_type: ``=``, ``:`` + + - security\_center\_properties.resource\_parent: ``=``, ``:`` + + - security\_center\_properties.resource\_parent\_display\_name: ``=``, + ``:`` + + - security\_center\_properties.resource\_project: ``=``, ``:`` + + - security\_center\_properties.resource\_project\_display\_name: ``=``, + ``:`` + + - security\_center\_properties.resource\_owners: ``=``, ``:`` For example, ``resource_properties.size = 100`` is a valid filter string. @@ -1187,10 +1241,13 @@ def list_assets( resource\_properties.a\_property " are equivalent. The following fields are supported: name update\_time - resource\_properties security\_marks + resource\_properties security\_marks.marks security\_center\_properties.resource\_name + security\_center\_properties.resource\_display\_name security\_center\_properties.resource\_parent + security\_center\_properties.resource\_parent\_display\_name security\_center\_properties.resource\_project + security\_center\_properties.resource\_project\_display\_name security\_center\_properties.resource\_type read_time (Union[dict, ~google.cloud.securitycenter_v1.types.Timestamp]): Time used as a reference point when filtering assets. The filter is limited to assets existing at the supplied time and their values are those at that @@ -1226,9 +1283,7 @@ def list_assets( If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.securitycenter_v1.types.Duration` - field_mask (Union[dict, ~google.cloud.securitycenter_v1.types.FieldMask]): Optional. - - A field mask to specify the ListAssetsResult fields to be listed in the + field_mask (Union[dict, ~google.cloud.securitycenter_v1.types.FieldMask]): Optional. A field mask to specify the ListAssetsResult fields to be listed in the response. An empty field mask will list all fields. @@ -1326,7 +1381,7 @@ def list_findings( Lists an organization or source's findings. To list across all sources provide a ``-`` as the source id. Example: - /v1/organizations/123/sources/-/findings + /v1/organizations/{organization\_id}/sources/-/findings Example: >>> from google.cloud import securitycenter_v1 @@ -1350,10 +1405,10 @@ def list_findings( ... pass Args: - parent (str): Name of the source the findings belong to. Its format is + parent (str): Required. Name of the source the findings belong to. Its format is "organizations/[organization\_id]/sources/[source\_id]". To list across all sources provide a source\_id of ``-``. For example: - organizations/123/sources/- + organizations/{organization\_id}/sources/- filter_ (str): Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators ``AND`` and ``OR``. Parentheses are supported, and ``OR`` has @@ -1378,17 +1433,18 @@ def list_findings( - integer literals without quotes. - boolean literals ``true`` and ``false`` without quotes. - The following field and operator combinations are supported: name \| - ``=`` parent \| '=', ':' resource\_name \| '=', ':' state \| '=', ':' - category \| '=', ':' external\_uri \| '=', ':' event\_time \| ``=``, - ``>``, ``<``, ``>=``, ``<=`` + The following field and operator combinations are supported: + + name: ``=`` parent: ``=``, ``:`` resource\_name: ``=``, ``:`` state: + ``=``, ``:`` category: ``=``, ``:`` external\_uri: ``=``, ``:`` + event\_time: ``=``, ``>``, ``<``, ``>=``, ``<=`` Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: "event\_time = "2019-06-10T16:07:18-07:00"" "event\_time = 1560208038000" - security\_marks \| '=', ':' source\_properties \| '=', ':', ``>``, - ``<``, ``>=``, ``<=`` + security\_marks.marks: ``=``, ``:`` source\_properties: ``=``, ``:``, + ``>``, ``<``, ``>=``, ``<=`` For example, ``source_properties.size = 100`` is a valid filter string. order_by (str): Expression that defines what fields and order to use for sorting. The @@ -1401,7 +1457,7 @@ def list_findings( " name desc , source\_properties.a\_property " are equivalent. The following fields are supported: name parent state category - resource\_name event\_time source\_properties security\_marks + resource\_name event\_time source\_properties security\_marks.marks read_time (Union[dict, ~google.cloud.securitycenter_v1.types.Timestamp]): Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the @@ -1436,9 +1492,7 @@ def list_findings( If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.securitycenter_v1.types.Duration` - field_mask (Union[dict, ~google.cloud.securitycenter_v1.types.FieldMask]): Optional. - - A field mask to specify the Finding fields to be listed in the response. + field_mask (Union[dict, ~google.cloud.securitycenter_v1.types.FieldMask]): Optional. A field mask to specify the Finding fields to be listed in the response. An empty field mask will list all fields. If a dict is provided, it must be of the same form as the protobuf @@ -1551,8 +1605,8 @@ def list_sources( ... pass Args: - parent (str): Resource name of the parent of sources to list. Its format should be - "organizations/[organization\_id]". + parent (str): Required. Resource name of the parent of sources to list. Its format + should be "organizations/[organization\_id]". page_size (int): The maximum number of resources contained in the underlying API response. If page streaming is performed per- resource, this parameter does not affect the return value. If page @@ -1656,8 +1710,8 @@ def run_asset_discovery( >>> metadata = response.metadata() Args: - parent (str): Name of the organization to run asset discovery for. Its format is - "organizations/[organization\_id]". + parent (str): Required. Name of the organization to run asset discovery for. Its + format is "organizations/[organization\_id]". retry (Optional[google.api_core.retry.Retry]): A retry object used to retry requests. If ``None`` is specified, requests will be retried using a default configuration. @@ -1741,11 +1795,12 @@ def set_finding_state( >>> response = client.set_finding_state(name, state, start_time) Args: - name (str): The relative resource name of the finding. See: + name (str): Required. The relative resource name of the finding. See: https://cloud.google.com/apis/design/resource\_names#relative\_resource\_name - Example: "organizations/123/sources/456/finding/789". - state (~google.cloud.securitycenter_v1.types.State): The desired State of the finding. - start_time (Union[dict, ~google.cloud.securitycenter_v1.types.Timestamp]): The time at which the updated state takes effect. + Example: + "organizations/{organization\_id}/sources/{source\_id}/finding/{finding\_id}". + state (~google.cloud.securitycenter_v1.types.State): Required. The desired State of the finding. + start_time (Union[dict, ~google.cloud.securitycenter_v1.types.Timestamp]): Required. The time at which the updated state takes effect. If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.securitycenter_v1.types.Timestamp` @@ -1983,8 +2038,9 @@ def update_finding( >>> response = client.update_finding(finding) Args: - finding (Union[dict, ~google.cloud.securitycenter_v1.types.Finding]): The finding resource to update or create if it does not already exist. - parent, security\_marks, and update\_time will be ignored. + finding (Union[dict, ~google.cloud.securitycenter_v1.types.Finding]): Required. The finding resource to update or create if it does not + already exist. parent, security\_marks, and update\_time will be + ignored. In the case of creation, the finding id portion of the name must be alphanumeric and less than or equal to 32 characters and greater than 0 @@ -2074,7 +2130,7 @@ def update_organization_settings( >>> response = client.update_organization_settings(organization_settings) Args: - organization_settings (Union[dict, ~google.cloud.securitycenter_v1.types.OrganizationSettings]): The organization settings resource to update. + organization_settings (Union[dict, ~google.cloud.securitycenter_v1.types.OrganizationSettings]): Required. The organization settings resource to update. If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.securitycenter_v1.types.OrganizationSettings` @@ -2160,7 +2216,7 @@ def update_source( >>> response = client.update_source(source) Args: - source (Union[dict, ~google.cloud.securitycenter_v1.types.Source]): The source resource to update. + source (Union[dict, ~google.cloud.securitycenter_v1.types.Source]): Required. The source resource to update. If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.securitycenter_v1.types.Source` @@ -2243,7 +2299,7 @@ def update_security_marks( >>> response = client.update_security_marks(security_marks) Args: - security_marks (Union[dict, ~google.cloud.securitycenter_v1.types.SecurityMarks]): The security marks resource to update. + security_marks (Union[dict, ~google.cloud.securitycenter_v1.types.SecurityMarks]): Required. The security marks resource to update. If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.securitycenter_v1.types.SecurityMarks` diff --git a/google/cloud/securitycenter_v1/gapic/security_center_client_config.py b/google/cloud/securitycenter_v1/gapic/security_center_client_config.py index e25009be..2183b3e3 100644 --- a/google/cloud/securitycenter_v1/gapic/security_center_client_config.py +++ b/google/cloud/securitycenter_v1/gapic/security_center_client_config.py @@ -10,9 +10,9 @@ "initial_retry_delay_millis": 100, "retry_delay_multiplier": 1.3, "max_retry_delay_millis": 60000, - "initial_rpc_timeout_millis": 20000, + "initial_rpc_timeout_millis": 480000, "rpc_timeout_multiplier": 1.0, - "max_rpc_timeout_millis": 20000, + "max_rpc_timeout_millis": 480000, "total_timeout_millis": 600000, } }, diff --git a/google/cloud/securitycenter_v1/gapic/transports/security_center_grpc_transport.py b/google/cloud/securitycenter_v1/gapic/transports/security_center_grpc_transport.py index 1b6be666..cf2d84a2 100644 --- a/google/cloud/securitycenter_v1/gapic/transports/security_center_grpc_transport.py +++ b/google/cloud/securitycenter_v1/gapic/transports/security_center_grpc_transport.py @@ -1,6 +1,6 @@ # -*- coding: utf-8 -*- # -# Copyright 2019 Google LLC +# Copyright 2020 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -208,7 +208,7 @@ def group_findings(self): specified properties. To group across all sources provide a ``-`` as the source id. Example: - /v1/organizations/123/sources/-/findings + /v1/organizations/{organization\_id}/sources/-/findings Returns: Callable: A callable which accepts the appropriate @@ -237,7 +237,7 @@ def list_findings(self): Lists an organization or source's findings. To list across all sources provide a ``-`` as the source id. Example: - /v1/organizations/123/sources/-/findings + /v1/organizations/{organization\_id}/sources/-/findings Returns: Callable: A callable which accepts the appropriate diff --git a/google/cloud/securitycenter_v1/proto/asset.proto b/google/cloud/securitycenter_v1/proto/asset.proto index 74ec9b21..bd4751a1 100644 --- a/google/cloud/securitycenter_v1/proto/asset.proto +++ b/google/cloud/securitycenter_v1/proto/asset.proto @@ -17,10 +17,11 @@ syntax = "proto3"; package google.cloud.securitycenter.v1; -import "google/api/annotations.proto"; +import "google/api/resource.proto"; import "google/cloud/securitycenter/v1/security_marks.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/timestamp.proto"; +import "google/api/annotations.proto"; option csharp_namespace = "Google.Cloud.SecurityCenter.V1"; option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter"; @@ -36,6 +37,11 @@ option ruby_package = "Google::Cloud::SecurityCenter::V1"; // GCP resource. All modifications to an Asset are only within the context of // Cloud SCC and don't affect the referenced GCP resource. message Asset { + option (google.api.resource) = { + type: "securitycenter.googleapis.com/Asset" + pattern: "organizations/{organization}/assets/{asset}" + }; + // Cloud SCC managed properties. These properties are managed by Cloud SCC and // cannot be modified by the user. message SecurityCenterProperties { @@ -60,6 +66,15 @@ message Asset { // Owners of the Google Cloud resource. repeated string resource_owners = 5; + + // The user defined display name for this resource. + string resource_display_name = 6; + + // The user defined display name for the parent of this resource. + string resource_parent_display_name = 7; + + // The user defined display name for the project of this resource. + string resource_project_display_name = 8; } // IAM Policy information associated with the GCP resource described by the @@ -75,7 +90,7 @@ message Asset { // The relative resource name of this asset. See: // https://cloud.google.com/apis/design/resource_names#relative_resource_name // Example: - // "organizations/123/assets/456". + // "organizations/{organization_id}/assets/{asset_id}". string name = 1; // Cloud SCC managed properties. These properties are managed by diff --git a/google/cloud/securitycenter_v1/proto/asset_pb2.py b/google/cloud/securitycenter_v1/proto/asset_pb2.py index ff176dab..9808217f 100644 --- a/google/cloud/securitycenter_v1/proto/asset_pb2.py +++ b/google/cloud/securitycenter_v1/proto/asset_pb2.py @@ -15,12 +15,13 @@ _sym_db = _symbol_database.Default() -from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 +from google.api import resource_pb2 as google_dot_api_dot_resource__pb2 from google.cloud.securitycenter_v1.proto import ( security_marks_pb2 as google_dot_cloud_dot_securitycenter__v1_dot_proto_dot_security__marks__pb2, ) from google.protobuf import struct_pb2 as google_dot_protobuf_dot_struct__pb2 from google.protobuf import timestamp_pb2 as google_dot_protobuf_dot_timestamp__pb2 +from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 DESCRIPTOR = _descriptor.FileDescriptor( @@ -31,13 +32,14 @@ '\n"com.google.cloud.securitycenter.v1P\001ZLgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter\252\002\036Google.Cloud.SecurityCenter.V1\312\002\036Google\\Cloud\\SecurityCenter\\V1\352\002!Google::Cloud::SecurityCenter::V1' ), serialized_pb=_b( - '\n0google/cloud/securitycenter_v1/proto/asset.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a\x1cgoogle/api/annotations.proto\x1a\x39google/cloud/securitycenter_v1/proto/security_marks.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a\x1fgoogle/protobuf/timestamp.proto"\xcf\x05\n\x05\x41sset\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x62\n\x1asecurity_center_properties\x18\x02 \x01(\x0b\x32>.google.cloud.securitycenter.v1.Asset.SecurityCenterProperties\x12Z\n\x13resource_properties\x18\x07 \x03(\x0b\x32=.google.cloud.securitycenter.v1.Asset.ResourcePropertiesEntry\x12\x45\n\x0esecurity_marks\x18\x08 \x01(\x0b\x32-.google.cloud.securitycenter.v1.SecurityMarks\x12/\n\x0b\x63reate_time\x18\t \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12/\n\x0bupdate_time\x18\n \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x43\n\niam_policy\x18\x0b \x01(\x0b\x32/.google.cloud.securitycenter.v1.Asset.IamPolicy\x1a\x94\x01\n\x18SecurityCenterProperties\x12\x15\n\rresource_name\x18\x01 \x01(\t\x12\x15\n\rresource_type\x18\x02 \x01(\t\x12\x17\n\x0fresource_parent\x18\x03 \x01(\t\x12\x18\n\x10resource_project\x18\x04 \x01(\t\x12\x17\n\x0fresource_owners\x18\x05 \x03(\t\x1a \n\tIamPolicy\x12\x13\n\x0bpolicy_blob\x18\x01 \x01(\t\x1aQ\n\x17ResourcePropertiesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12%\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.Value:\x02\x38\x01\x42\xda\x01\n"com.google.cloud.securitycenter.v1P\x01ZLgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3' + '\n0google/cloud/securitycenter_v1/proto/asset.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a\x19google/api/resource.proto\x1a\x39google/cloud/securitycenter_v1/proto/security_marks.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a\x1fgoogle/protobuf/timestamp.proto\x1a\x1cgoogle/api/annotations.proto"\x92\x07\n\x05\x41sset\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x62\n\x1asecurity_center_properties\x18\x02 \x01(\x0b\x32>.google.cloud.securitycenter.v1.Asset.SecurityCenterProperties\x12Z\n\x13resource_properties\x18\x07 \x03(\x0b\x32=.google.cloud.securitycenter.v1.Asset.ResourcePropertiesEntry\x12\x45\n\x0esecurity_marks\x18\x08 \x01(\x0b\x32-.google.cloud.securitycenter.v1.SecurityMarks\x12/\n\x0b\x63reate_time\x18\t \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12/\n\x0bupdate_time\x18\n \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x43\n\niam_policy\x18\x0b \x01(\x0b\x32/.google.cloud.securitycenter.v1.Asset.IamPolicy\x1a\x80\x02\n\x18SecurityCenterProperties\x12\x15\n\rresource_name\x18\x01 \x01(\t\x12\x15\n\rresource_type\x18\x02 \x01(\t\x12\x17\n\x0fresource_parent\x18\x03 \x01(\t\x12\x18\n\x10resource_project\x18\x04 \x01(\t\x12\x17\n\x0fresource_owners\x18\x05 \x03(\t\x12\x1d\n\x15resource_display_name\x18\x06 \x01(\t\x12$\n\x1cresource_parent_display_name\x18\x07 \x01(\t\x12%\n\x1dresource_project_display_name\x18\x08 \x01(\t\x1a \n\tIamPolicy\x12\x13\n\x0bpolicy_blob\x18\x01 \x01(\t\x1aQ\n\x17ResourcePropertiesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12%\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.Value:\x02\x38\x01:U\xea\x41R\n#securitycenter.googleapis.com/Asset\x12+organizations/{organization}/assets/{asset}B\xda\x01\n"com.google.cloud.securitycenter.v1P\x01ZLgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3' ), dependencies=[ - google_dot_api_dot_annotations__pb2.DESCRIPTOR, + google_dot_api_dot_resource__pb2.DESCRIPTOR, google_dot_cloud_dot_securitycenter__v1_dot_proto_dot_security__marks__pb2.DESCRIPTOR, google_dot_protobuf_dot_struct__pb2.DESCRIPTOR, google_dot_protobuf_dot_timestamp__pb2.DESCRIPTOR, + google_dot_api_dot_annotations__pb2.DESCRIPTOR, ], ) @@ -139,6 +141,60 @@ serialized_options=None, file=DESCRIPTOR, ), + _descriptor.FieldDescriptor( + name="resource_display_name", + full_name="google.cloud.securitycenter.v1.Asset.SecurityCenterProperties.resource_display_name", + index=5, + number=6, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="resource_parent_display_name", + full_name="google.cloud.securitycenter.v1.Asset.SecurityCenterProperties.resource_parent_display_name", + index=6, + number=7, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="resource_project_display_name", + full_name="google.cloud.securitycenter.v1.Asset.SecurityCenterProperties.resource_project_display_name", + index=7, + number=8, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), ], extensions=[], nested_types=[], @@ -148,8 +204,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=691, - serialized_end=839, + serialized_start=718, + serialized_end=974, ) _ASSET_IAMPOLICY = _descriptor.Descriptor( @@ -186,8 +242,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=841, - serialized_end=873, + serialized_start=976, + serialized_end=1008, ) _ASSET_RESOURCEPROPERTIESENTRY = _descriptor.Descriptor( @@ -242,8 +298,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=875, - serialized_end=956, + serialized_start=1010, + serialized_end=1091, ) _ASSET = _descriptor.Descriptor( @@ -387,13 +443,15 @@ _ASSET_RESOURCEPROPERTIESENTRY, ], enum_types=[], - serialized_options=None, + serialized_options=_b( + "\352AR\n#securitycenter.googleapis.com/Asset\022+organizations/{organization}/assets/{asset}" + ), is_extendable=False, syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=237, - serialized_end=956, + serialized_start=264, + serialized_end=1178, ) _ASSET_SECURITYCENTERPROPERTIES.containing_type = _ASSET @@ -433,8 +491,8 @@ dict( DESCRIPTOR=_ASSET_SECURITYCENTERPROPERTIES, __module__="google.cloud.securitycenter_v1.proto.asset_pb2", - __doc__="""Cloud SCC managed properties. These properties are managed by Cloud SCC - and cannot be modified by the user. + __doc__="""Cloud SCC managed properties. These properties are managed + by Cloud SCC and cannot be modified by the user. Attributes: @@ -458,6 +516,13 @@ \_resource\_name resource_owners: Owners of the Google Cloud resource. + resource_display_name: + The user defined display name for this resource. + resource_parent_display_name: + The user defined display name for the parent of this resource. + resource_project_display_name: + The user defined display name for the project of this + resource. """, # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1.Asset.SecurityCenterProperties) ), @@ -468,9 +533,9 @@ dict( DESCRIPTOR=_ASSET_IAMPOLICY, __module__="google.cloud.securitycenter_v1.proto.asset_pb2", - __doc__="""IAM Policy information associated with the GCP resource described by the - Cloud SCC asset. This information is managed and defined by the GCP - resource and cannot be modified by the user. + __doc__="""IAM Policy information associated with the GCP resource + described by the Cloud SCC asset. This information is managed and + defined by the GCP resource and cannot be modified by the user. Attributes: @@ -494,8 +559,8 @@ ), DESCRIPTOR=_ASSET, __module__="google.cloud.securitycenter_v1.proto.asset_pb2", - __doc__="""Cloud Security Command Center's (Cloud SCC) representation of a Google - Cloud Platform (GCP) resource. + __doc__="""Cloud Security Command Center's (Cloud SCC) representation + of a Google Cloud Platform (GCP) resource. The Asset is a Cloud SCC resource that captures information about a single GCP resource. All modifications to an Asset are only within the @@ -506,7 +571,8 @@ name: The relative resource name of this asset. See: https://cloud.g oogle.com/apis/design/resource\_names#relative\_resource\_name - Example: "organizations/123/assets/456". + Example: + "organizations/{organization\_id}/assets/{asset\_id}". security_center_properties: Cloud SCC managed properties. These properties are managed by Cloud SCC and cannot be modified by the user. @@ -540,4 +606,5 @@ DESCRIPTOR._options = None _ASSET_RESOURCEPROPERTIESENTRY._options = None +_ASSET._options = None # @@protoc_insertion_point(module_scope) diff --git a/google/cloud/securitycenter_v1/proto/finding.proto b/google/cloud/securitycenter_v1/proto/finding.proto index e75247e8..5d8e5a78 100644 --- a/google/cloud/securitycenter_v1/proto/finding.proto +++ b/google/cloud/securitycenter_v1/proto/finding.proto @@ -17,10 +17,12 @@ syntax = "proto3"; package google.cloud.securitycenter.v1; -import "google/api/annotations.proto"; +import "google/api/field_behavior.proto"; +import "google/api/resource.proto"; import "google/cloud/securitycenter/v1/security_marks.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/timestamp.proto"; +import "google/api/annotations.proto"; option csharp_namespace = "Google.Cloud.SecurityCenter.V1"; option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter"; @@ -31,11 +33,17 @@ option ruby_package = "Google::Cloud::SecurityCenter::V1"; // Cloud Security Command Center (Cloud SCC) finding. // -// A finding is a record of assessment data (security, risk, health or privacy) -// ingested into Cloud SCC for presentation, notification, analysis, -// policy testing, and enforcement. For example, an XSS vulnerability in an -// App Engine application is a finding. +// A finding is a record of assessment data like security, risk, health, or +// privacy, that is ingested into Cloud SCC for presentation, notification, +// analysis, policy testing, and enforcement. For example, a +// cross-site scripting (XSS) vulnerability in an App Engine application is a +// finding. message Finding { + option (google.api.resource) = { + type: "securitycenter.googleapis.com/Finding" + pattern: "organizations/{organization}/sources/{source}/findings/{finding}" + }; + // The state of the finding. enum State { // Unspecified state. @@ -52,19 +60,21 @@ message Finding { // The relative resource name of this finding. See: // https://cloud.google.com/apis/design/resource_names#relative_resource_name // Example: - // "organizations/123/sources/456/findings/789" + // "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}" string name = 1; // The relative resource name of the source the finding belongs to. See: // https://cloud.google.com/apis/design/resource_names#relative_resource_name // This field is immutable after creation time. // For example: - // "organizations/123/sources/456" + // "organizations/{organization_id}/sources/{source_id}" string parent = 2; - // The full resource name of the Google Cloud Platform (GCP) resource this - // finding is for. See: + // For findings on Google Cloud Platform (GCP) resources, the full resource + // name of the GCP resource this finding is for. See: // https://cloud.google.com/apis/design/resource_names#full_resource_name + // When the finding is for a non-GCP resource, the resourceName can be a + // customer or partner defined string. // This field is immutable after creation time. string resource_name = 3; @@ -90,11 +100,11 @@ message Finding { // Output only. User specified security marks. These marks are entirely // managed by the user and come from the SecurityMarks resource that belongs // to the finding. - SecurityMarks security_marks = 8; + SecurityMarks security_marks = 8 [(google.api.field_behavior) = OUTPUT_ONLY]; // The time at which the event took place. For example, if the finding - // represents an open firewall it would capture the time the open firewall was - // detected. + // represents an open firewall it would capture the time the detector believes + // the firewall became open. The accuracy is determined by the detector. google.protobuf.Timestamp event_time = 9; // The time at which the finding was created in Cloud SCC. diff --git a/google/cloud/securitycenter_v1/proto/finding_pb2.py b/google/cloud/securitycenter_v1/proto/finding_pb2.py index f0f53413..0b44db03 100644 --- a/google/cloud/securitycenter_v1/proto/finding_pb2.py +++ b/google/cloud/securitycenter_v1/proto/finding_pb2.py @@ -15,12 +15,14 @@ _sym_db = _symbol_database.Default() -from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 +from google.api import field_behavior_pb2 as google_dot_api_dot_field__behavior__pb2 +from google.api import resource_pb2 as google_dot_api_dot_resource__pb2 from google.cloud.securitycenter_v1.proto import ( security_marks_pb2 as google_dot_cloud_dot_securitycenter__v1_dot_proto_dot_security__marks__pb2, ) from google.protobuf import struct_pb2 as google_dot_protobuf_dot_struct__pb2 from google.protobuf import timestamp_pb2 as google_dot_protobuf_dot_timestamp__pb2 +from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 DESCRIPTOR = _descriptor.FileDescriptor( @@ -31,13 +33,15 @@ '\n"com.google.cloud.securitycenter.v1P\001ZLgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter\252\002\036Google.Cloud.SecurityCenter.V1\312\002\036Google\\Cloud\\SecurityCenter\\V1\352\002!Google::Cloud::SecurityCenter::V1' ), serialized_pb=_b( - '\n2google/cloud/securitycenter_v1/proto/finding.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a\x1cgoogle/api/annotations.proto\x1a\x39google/cloud/securitycenter_v1/proto/security_marks.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a\x1fgoogle/protobuf/timestamp.proto"\xb1\x04\n\x07\x46inding\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x0e\n\x06parent\x18\x02 \x01(\t\x12\x15\n\rresource_name\x18\x03 \x01(\t\x12<\n\x05state\x18\x04 \x01(\x0e\x32-.google.cloud.securitycenter.v1.Finding.State\x12\x10\n\x08\x63\x61tegory\x18\x05 \x01(\t\x12\x14\n\x0c\x65xternal_uri\x18\x06 \x01(\t\x12X\n\x11source_properties\x18\x07 \x03(\x0b\x32=.google.cloud.securitycenter.v1.Finding.SourcePropertiesEntry\x12\x45\n\x0esecurity_marks\x18\x08 \x01(\x0b\x32-.google.cloud.securitycenter.v1.SecurityMarks\x12.\n\nevent_time\x18\t \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12/\n\x0b\x63reate_time\x18\n \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x1aO\n\x15SourcePropertiesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12%\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.Value:\x02\x38\x01"8\n\x05State\x12\x15\n\x11STATE_UNSPECIFIED\x10\x00\x12\n\n\x06\x41\x43TIVE\x10\x01\x12\x0c\n\x08INACTIVE\x10\x02\x42\xda\x01\n"com.google.cloud.securitycenter.v1P\x01ZLgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3' + '\n2google/cloud/securitycenter_v1/proto/finding.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a\x39google/cloud/securitycenter_v1/proto/security_marks.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a\x1fgoogle/protobuf/timestamp.proto\x1a\x1cgoogle/api/annotations.proto"\xa4\x05\n\x07\x46inding\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x0e\n\x06parent\x18\x02 \x01(\t\x12\x15\n\rresource_name\x18\x03 \x01(\t\x12<\n\x05state\x18\x04 \x01(\x0e\x32-.google.cloud.securitycenter.v1.Finding.State\x12\x10\n\x08\x63\x61tegory\x18\x05 \x01(\t\x12\x14\n\x0c\x65xternal_uri\x18\x06 \x01(\t\x12X\n\x11source_properties\x18\x07 \x03(\x0b\x32=.google.cloud.securitycenter.v1.Finding.SourcePropertiesEntry\x12J\n\x0esecurity_marks\x18\x08 \x01(\x0b\x32-.google.cloud.securitycenter.v1.SecurityMarksB\x03\xe0\x41\x03\x12.\n\nevent_time\x18\t \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12/\n\x0b\x63reate_time\x18\n \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x1aO\n\x15SourcePropertiesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12%\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.Value:\x02\x38\x01"8\n\x05State\x12\x15\n\x11STATE_UNSPECIFIED\x10\x00\x12\n\n\x06\x41\x43TIVE\x10\x01\x12\x0c\n\x08INACTIVE\x10\x02:l\xea\x41i\n%securitycenter.googleapis.com/Finding\x12@organizations/{organization}/sources/{source}/findings/{finding}B\xda\x01\n"com.google.cloud.securitycenter.v1P\x01ZLgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3' ), dependencies=[ - google_dot_api_dot_annotations__pb2.DESCRIPTOR, + google_dot_api_dot_field__behavior__pb2.DESCRIPTOR, + google_dot_api_dot_resource__pb2.DESCRIPTOR, google_dot_cloud_dot_securitycenter__v1_dot_proto_dot_security__marks__pb2.DESCRIPTOR, google_dot_protobuf_dot_struct__pb2.DESCRIPTOR, google_dot_protobuf_dot_timestamp__pb2.DESCRIPTOR, + google_dot_api_dot_annotations__pb2.DESCRIPTOR, ], ) @@ -64,8 +68,8 @@ ], containing_type=None, serialized_options=None, - serialized_start=744, - serialized_end=800, + serialized_start=809, + serialized_end=865, ) _sym_db.RegisterEnumDescriptor(_FINDING_STATE) @@ -122,8 +126,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=663, - serialized_end=742, + serialized_start=728, + serialized_end=807, ) _FINDING = _descriptor.Descriptor( @@ -274,7 +278,7 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b("\340A\003"), file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -317,13 +321,15 @@ extensions=[], nested_types=[_FINDING_SOURCEPROPERTIESENTRY,], enum_types=[_FINDING_STATE,], - serialized_options=None, + serialized_options=_b( + "\352Ai\n%securitycenter.googleapis.com/Finding\022@organizations/{organization}/sources/{source}/findings/{finding}" + ), is_extendable=False, syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=239, - serialized_end=800, + serialized_start=299, + serialized_end=975, ) _FINDING_SOURCEPROPERTIESENTRY.fields_by_name[ @@ -366,27 +372,31 @@ __module__="google.cloud.securitycenter_v1.proto.finding_pb2", __doc__="""Cloud Security Command Center (Cloud SCC) finding. - A finding is a record of assessment data (security, risk, health or - privacy) ingested into Cloud SCC for presentation, notification, - analysis, policy testing, and enforcement. For example, an XSS - vulnerability in an App Engine application is a finding. + A finding is a record of assessment data like security, risk, health, or + privacy, that is ingested into Cloud SCC for presentation, notification, + analysis, policy testing, and enforcement. For example, a cross-site + scripting (XSS) vulnerability in an App Engine application is a finding. Attributes: name: The relative resource name of this finding. See: https://cloud .google.com/apis/design/resource\_names#relative\_resource\_na - me Example: "organizations/123/sources/456/findings/789" + me Example: "organizations/{organization\_id}/sources/{source\ + _id}/findings/{finding\_id}" parent: The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource\_names# relative\_resource\_name This field is immutable after - creation time. For example: "organizations/123/sources/456" + creation time. For example: + "organizations/{organization\_id}/sources/{source\_id}" resource_name: - The full resource name of the Google Cloud Platform (GCP) - resource this finding is for. See: https://cloud.google.com/ap - is/design/resource\_names#full\_resource\_name This field is - immutable after creation time. + For findings on Google Cloud Platform (GCP) resources, the + full resource name of the GCP resource this finding is for. + See: https://cloud.google.com/apis/design/resource\_names#full + \_resource\_name When the finding is for a non-GCP resource, + the resourceName can be a customer or partner defined string. + This field is immutable after creation time. state: The state of the finding. category: @@ -411,7 +421,8 @@ event_time: The time at which the event took place. For example, if the finding represents an open firewall it would capture the time - the open firewall was detected. + the detector believes the firewall became open. The accuracy + is determined by the detector. create_time: The time at which the finding was created in Cloud SCC. """, @@ -424,4 +435,6 @@ DESCRIPTOR._options = None _FINDING_SOURCEPROPERTIESENTRY._options = None +_FINDING.fields_by_name["security_marks"]._options = None +_FINDING._options = None # @@protoc_insertion_point(module_scope) diff --git a/google/cloud/securitycenter_v1/proto/organization_settings.proto b/google/cloud/securitycenter_v1/proto/organization_settings.proto index e975e566..aa4e80bd 100644 --- a/google/cloud/securitycenter_v1/proto/organization_settings.proto +++ b/google/cloud/securitycenter_v1/proto/organization_settings.proto @@ -17,6 +17,7 @@ syntax = "proto3"; package google.cloud.securitycenter.v1; +import "google/api/resource.proto"; import "google/api/annotations.proto"; option csharp_namespace = "Google.Cloud.SecurityCenter.V1"; @@ -29,6 +30,11 @@ option ruby_package = "Google::Cloud::SecurityCenter::V1"; // User specified settings that are attached to the Cloud Security Command // Center (Cloud SCC) organization. message OrganizationSettings { + option (google.api.resource) = { + type: "securitycenter.googleapis.com/OrganizationSettings" + pattern: "organizations/{organization}/organizationSettings" + }; + // The configuration used for Asset Discovery runs. message AssetDiscoveryConfig { // The mode of inclusion when running Asset Discovery. @@ -63,7 +69,7 @@ message OrganizationSettings { // The relative resource name of the settings. See: // https://cloud.google.com/apis/design/resource_names#relative_resource_name // Example: - // "organizations/123/organizationSettings". + // "organizations/{organization_id}/organizationSettings". string name = 1; // A flag that indicates if Asset Discovery should be enabled. If the flag is @@ -74,6 +80,4 @@ message OrganizationSettings { // The configuration used for Asset Discovery runs. AssetDiscoveryConfig asset_discovery_config = 3; - - reserved 4, 5; } diff --git a/google/cloud/securitycenter_v1/proto/organization_settings_pb2.py b/google/cloud/securitycenter_v1/proto/organization_settings_pb2.py index 7056f7b0..d79f4286 100644 --- a/google/cloud/securitycenter_v1/proto/organization_settings_pb2.py +++ b/google/cloud/securitycenter_v1/proto/organization_settings_pb2.py @@ -15,6 +15,7 @@ _sym_db = _symbol_database.Default() +from google.api import resource_pb2 as google_dot_api_dot_resource__pb2 from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 @@ -26,9 +27,12 @@ '\n"com.google.cloud.securitycenter.v1P\001ZLgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter\252\002\036Google.Cloud.SecurityCenter.V1\312\002\036Google\\Cloud\\SecurityCenter\\V1\352\002!Google::Cloud::SecurityCenter::V1' ), serialized_pb=_b( - '\n@google/cloud/securitycenter_v1/proto/organization_settings.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a\x1cgoogle/api/annotations.proto"\xaa\x03\n\x14OrganizationSettings\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x1e\n\x16\x65nable_asset_discovery\x18\x02 \x01(\x08\x12i\n\x16\x61sset_discovery_config\x18\x03 \x01(\x0b\x32I.google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig\x1a\xec\x01\n\x14\x41ssetDiscoveryConfig\x12\x13\n\x0bproject_ids\x18\x01 \x03(\t\x12o\n\x0einclusion_mode\x18\x02 \x01(\x0e\x32W.google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig.InclusionMode"N\n\rInclusionMode\x12\x1e\n\x1aINCLUSION_MODE_UNSPECIFIED\x10\x00\x12\x10\n\x0cINCLUDE_ONLY\x10\x01\x12\x0b\n\x07\x45XCLUDE\x10\x02J\x04\x08\x04\x10\x05J\x04\x08\x05\x10\x06\x42\xda\x01\n"com.google.cloud.securitycenter.v1P\x01ZLgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3' + '\n@google/cloud/securitycenter_v1/proto/organization_settings.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a\x19google/api/resource.proto\x1a\x1cgoogle/api/annotations.proto"\x8a\x04\n\x14OrganizationSettings\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x1e\n\x16\x65nable_asset_discovery\x18\x02 \x01(\x08\x12i\n\x16\x61sset_discovery_config\x18\x03 \x01(\x0b\x32I.google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig\x1a\xec\x01\n\x14\x41ssetDiscoveryConfig\x12\x13\n\x0bproject_ids\x18\x01 \x03(\t\x12o\n\x0einclusion_mode\x18\x02 \x01(\x0e\x32W.google.cloud.securitycenter.v1.OrganizationSettings.AssetDiscoveryConfig.InclusionMode"N\n\rInclusionMode\x12\x1e\n\x1aINCLUSION_MODE_UNSPECIFIED\x10\x00\x12\x10\n\x0cINCLUDE_ONLY\x10\x01\x12\x0b\n\x07\x45XCLUDE\x10\x02:j\xea\x41g\n2securitycenter.googleapis.com/OrganizationSettings\x12\x31organizations/{organization}/organizationSettingsB\xda\x01\n"com.google.cloud.securitycenter.v1P\x01ZLgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3' ), - dependencies=[google_dot_api_dot_annotations__pb2.DESCRIPTOR,], + dependencies=[ + google_dot_api_dot_resource__pb2.DESCRIPTOR, + google_dot_api_dot_annotations__pb2.DESCRIPTOR, + ], ) @@ -54,8 +58,8 @@ ], containing_type=None, serialized_options=None, - serialized_start=467, - serialized_end=545, + serialized_start=494, + serialized_end=572, ) _sym_db.RegisterEnumDescriptor(_ORGANIZATIONSETTINGS_ASSETDISCOVERYCONFIG_INCLUSIONMODE) @@ -112,8 +116,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=309, - serialized_end=545, + serialized_start=336, + serialized_end=572, ) _ORGANIZATIONSETTINGS = _descriptor.Descriptor( @@ -181,13 +185,15 @@ extensions=[], nested_types=[_ORGANIZATIONSETTINGS_ASSETDISCOVERYCONFIG,], enum_types=[], - serialized_options=None, + serialized_options=_b( + "\352Ag\n2securitycenter.googleapis.com/OrganizationSettings\0221organizations/{organization}/organizationSettings" + ), is_extendable=False, syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=131, - serialized_end=557, + serialized_start=158, + serialized_end=680, ) _ORGANIZATIONSETTINGS_ASSETDISCOVERYCONFIG.fields_by_name[ @@ -227,15 +233,16 @@ ), DESCRIPTOR=_ORGANIZATIONSETTINGS, __module__="google.cloud.securitycenter_v1.proto.organization_settings_pb2", - __doc__="""User specified settings that are attached to the Cloud Security Command - Center (Cloud SCC) organization. + __doc__="""User specified settings that are attached to the Cloud + Security Command Center (Cloud SCC) organization. Attributes: name: The relative resource name of the settings. See: https://cloud .google.com/apis/design/resource\_names#relative\_resource\_na - me Example: "organizations/123/organizationSettings". + me Example: + "organizations/{organization\_id}/organizationSettings". enable_asset_discovery: A flag that indicates if Asset Discovery should be enabled. If the flag is set to ``true``, then discovery of assets will @@ -252,4 +259,5 @@ DESCRIPTOR._options = None +_ORGANIZATIONSETTINGS._options = None # @@protoc_insertion_point(module_scope) diff --git a/google/cloud/securitycenter_v1/proto/run_asset_discovery_response.proto b/google/cloud/securitycenter_v1/proto/run_asset_discovery_response.proto index 1cbba38e..e7581078 100644 --- a/google/cloud/securitycenter_v1/proto/run_asset_discovery_response.proto +++ b/google/cloud/securitycenter_v1/proto/run_asset_discovery_response.proto @@ -18,7 +18,6 @@ syntax = "proto3"; package google.cloud.securitycenter.v1; import "google/protobuf/duration.proto"; -import "google/protobuf/timestamp.proto"; import "google/api/annotations.proto"; option csharp_namespace = "Google.Cloud.SecurityCenter.V1"; diff --git a/google/cloud/securitycenter_v1/proto/run_asset_discovery_response_pb2.py b/google/cloud/securitycenter_v1/proto/run_asset_discovery_response_pb2.py index 44504bf5..cf641579 100644 --- a/google/cloud/securitycenter_v1/proto/run_asset_discovery_response_pb2.py +++ b/google/cloud/securitycenter_v1/proto/run_asset_discovery_response_pb2.py @@ -16,7 +16,6 @@ from google.protobuf import duration_pb2 as google_dot_protobuf_dot_duration__pb2 -from google.protobuf import timestamp_pb2 as google_dot_protobuf_dot_timestamp__pb2 from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 @@ -28,11 +27,10 @@ '\n"com.google.cloud.securitycenter.v1P\001ZLgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter\252\002\036Google.Cloud.SecurityCenter.V1\312\002\036Google\\Cloud\\SecurityCenter\\V1\352\002!Google::Cloud::SecurityCenter::V1' ), serialized_pb=_b( - '\nGgoogle/cloud/securitycenter_v1/proto/run_asset_discovery_response.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a\x1egoogle/protobuf/duration.proto\x1a\x1fgoogle/protobuf/timestamp.proto\x1a\x1cgoogle/api/annotations.proto"\xe7\x01\n\x19RunAssetDiscoveryResponse\x12N\n\x05state\x18\x01 \x01(\x0e\x32?.google.cloud.securitycenter.v1.RunAssetDiscoveryResponse.State\x12+\n\x08\x64uration\x18\x02 \x01(\x0b\x32\x19.google.protobuf.Duration"M\n\x05State\x12\x15\n\x11STATE_UNSPECIFIED\x10\x00\x12\r\n\tCOMPLETED\x10\x01\x12\x0e\n\nSUPERSEDED\x10\x02\x12\x0e\n\nTERMINATED\x10\x03\x42\xda\x01\n"com.google.cloud.securitycenter.v1P\x01ZLgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3' + '\nGgoogle/cloud/securitycenter_v1/proto/run_asset_discovery_response.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a\x1egoogle/protobuf/duration.proto\x1a\x1cgoogle/api/annotations.proto"\xe7\x01\n\x19RunAssetDiscoveryResponse\x12N\n\x05state\x18\x01 \x01(\x0e\x32?.google.cloud.securitycenter.v1.RunAssetDiscoveryResponse.State\x12+\n\x08\x64uration\x18\x02 \x01(\x0b\x32\x19.google.protobuf.Duration"M\n\x05State\x12\x15\n\x11STATE_UNSPECIFIED\x10\x00\x12\r\n\tCOMPLETED\x10\x01\x12\x0e\n\nSUPERSEDED\x10\x02\x12\x0e\n\nTERMINATED\x10\x03\x42\xda\x01\n"com.google.cloud.securitycenter.v1P\x01ZLgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3' ), dependencies=[ google_dot_protobuf_dot_duration__pb2.DESCRIPTOR, - google_dot_protobuf_dot_timestamp__pb2.DESCRIPTOR, google_dot_api_dot_annotations__pb2.DESCRIPTOR, ], ) @@ -63,8 +61,8 @@ ], containing_type=None, serialized_options=None, - serialized_start=357, - serialized_end=434, + serialized_start=324, + serialized_end=401, ) _sym_db.RegisterEnumDescriptor(_RUNASSETDISCOVERYRESPONSE_STATE) @@ -121,8 +119,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=203, - serialized_end=434, + serialized_start=170, + serialized_end=401, ) _RUNASSETDISCOVERYRESPONSE.fields_by_name[ diff --git a/google/cloud/securitycenter_v1/proto/security_marks.proto b/google/cloud/securitycenter_v1/proto/security_marks.proto index 97b3f937..d2b53487 100644 --- a/google/cloud/securitycenter_v1/proto/security_marks.proto +++ b/google/cloud/securitycenter_v1/proto/security_marks.proto @@ -17,6 +17,7 @@ syntax = "proto3"; package google.cloud.securitycenter.v1; +import "google/api/resource.proto"; import "google/api/annotations.proto"; option csharp_namespace = "Google.Cloud.SecurityCenter.V1"; @@ -31,19 +32,26 @@ option ruby_package = "Google::Cloud::SecurityCenter::V1"; // SCC organization -- they can be modified and viewed by all users who have // proper permissions on the organization. message SecurityMarks { + option (google.api.resource) = { + type: "securitycenter.googleapis.com/SecurityMarks" + pattern: "organizations/{organization}/assets/{asset}/securityMarks" + pattern: "organizations/{organization}/sources/{source}/findings/{finding}/securityMarks" + }; + // The relative resource name of the SecurityMarks. See: // https://cloud.google.com/apis/design/resource_names#relative_resource_name // Examples: - // "organizations/123/assets/456/securityMarks" - // "organizations/123/sources/456/findings/789/securityMarks". + // "organizations/{organization_id}/assets/{asset_id}/securityMarks" + // "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks". string name = 1; // Mutable user specified security marks belonging to the parent resource. // Constraints are as follows: - // - Keys and values are treated as case insensitive - // - Keys must be between 1 - 256 characters (inclusive) - // - Keys must be letters, numbers, underscores, or dashes - // - Values have leading and trailing whitespace trimmed, remaining + // + // * Keys and values are treated as case insensitive + // * Keys must be between 1 - 256 characters (inclusive) + // * Keys must be letters, numbers, underscores, or dashes + // * Values have leading and trailing whitespace trimmed, remaining // characters must be between 1 - 4096 characters (inclusive) map marks = 2; } diff --git a/google/cloud/securitycenter_v1/proto/security_marks_pb2.py b/google/cloud/securitycenter_v1/proto/security_marks_pb2.py index f06ae1be..dbb16c7f 100644 --- a/google/cloud/securitycenter_v1/proto/security_marks_pb2.py +++ b/google/cloud/securitycenter_v1/proto/security_marks_pb2.py @@ -15,6 +15,7 @@ _sym_db = _symbol_database.Default() +from google.api import resource_pb2 as google_dot_api_dot_resource__pb2 from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 @@ -26,9 +27,12 @@ '\n"com.google.cloud.securitycenter.v1P\001ZLgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter\252\002\036Google.Cloud.SecurityCenter.V1\312\002\036Google\\Cloud\\SecurityCenter\\V1\352\002!Google::Cloud::SecurityCenter::V1' ), serialized_pb=_b( - '\n9google/cloud/securitycenter_v1/proto/security_marks.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a\x1cgoogle/api/annotations.proto"\x94\x01\n\rSecurityMarks\x12\x0c\n\x04name\x18\x01 \x01(\t\x12G\n\x05marks\x18\x02 \x03(\x0b\x32\x38.google.cloud.securitycenter.v1.SecurityMarks.MarksEntry\x1a,\n\nMarksEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\x42\xda\x01\n"com.google.cloud.securitycenter.v1P\x01ZLgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3' + '\n9google/cloud/securitycenter_v1/proto/security_marks.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a\x19google/api/resource.proto\x1a\x1cgoogle/api/annotations.proto"\xd3\x02\n\rSecurityMarks\x12\x0c\n\x04name\x18\x01 \x01(\t\x12G\n\x05marks\x18\x02 \x03(\x0b\x32\x38.google.cloud.securitycenter.v1.SecurityMarks.MarksEntry\x1a,\n\nMarksEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01:\xbc\x01\xea\x41\xb8\x01\n+securitycenter.googleapis.com/SecurityMarks\x12\x39organizations/{organization}/assets/{asset}/securityMarks\x12Norganizations/{organization}/sources/{source}/findings/{finding}/securityMarksB\xda\x01\n"com.google.cloud.securitycenter.v1P\x01ZLgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3' ), - dependencies=[google_dot_api_dot_annotations__pb2.DESCRIPTOR,], + dependencies=[ + google_dot_api_dot_resource__pb2.DESCRIPTOR, + google_dot_api_dot_annotations__pb2.DESCRIPTOR, + ], ) @@ -84,8 +88,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=228, - serialized_end=272, + serialized_start=255, + serialized_end=299, ) _SECURITYMARKS = _descriptor.Descriptor( @@ -135,13 +139,15 @@ extensions=[], nested_types=[_SECURITYMARKS_MARKSENTRY,], enum_types=[], - serialized_options=None, + serialized_options=_b( + "\352A\270\001\n+securitycenter.googleapis.com/SecurityMarks\0229organizations/{organization}/assets/{asset}/securityMarks\022Norganizations/{organization}/sources/{source}/findings/{finding}/securityMarks" + ), is_extendable=False, syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=124, - serialized_end=272, + serialized_start=151, + serialized_end=490, ) _SECURITYMARKS_MARKSENTRY.containing_type = _SECURITYMARKS @@ -164,26 +170,27 @@ ), DESCRIPTOR=_SECURITYMARKS, __module__="google.cloud.securitycenter_v1.proto.security_marks_pb2", - __doc__="""User specified security marks that are attached to the parent Cloud - Security Command Center (Cloud SCC) resource. Security marks are scoped - within a Cloud SCC organization -- they can be modified and viewed by - all users who have proper permissions on the organization. + __doc__="""User specified security marks that are attached to the + parent Cloud Security Command Center (Cloud SCC) resource. Security + marks are scoped within a Cloud SCC organization -- they can be modified + and viewed by all users who have proper permissions on the organization. Attributes: name: The relative resource name of the SecurityMarks. See: https:// cloud.google.com/apis/design/resource\_names#relative\_resourc - e\_name Examples: "organizations/123/assets/456/securityMarks" - "organizations/123/sources/456/findings/789/securityMarks". + e\_name Examples: "organizations/{organization\_id}/assets/{as + set\_id}/securityMarks" "organizations/{organization\_id}/sour + ces/{source\_id}/findings/{finding\_id}/securityMarks". marks: Mutable user specified security marks belonging to the parent - resource. Constraints are as follows: - Keys and values are - treated as case insensitive - Keys must be between 1 - 256 - characters (inclusive) - Keys must be letters, numbers, - underscores, or dashes - Values have leading and trailing - whitespace trimmed, remaining characters must be between 1 - - 4096 characters (inclusive) + resource. Constraints are as follows: - Keys and values are + treated as case insensitive - Keys must be between 1 - 256 + characters (inclusive) - Keys must be letters, numbers, + underscores, or dashes - Values have leading and trailing + whitespace trimmed, remaining characters must be between 1 + - 4096 characters (inclusive) """, # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1.SecurityMarks) ), @@ -194,4 +201,5 @@ DESCRIPTOR._options = None _SECURITYMARKS_MARKSENTRY._options = None +_SECURITYMARKS._options = None # @@protoc_insertion_point(module_scope) diff --git a/google/cloud/securitycenter_v1/proto/securitycenter_service.proto b/google/cloud/securitycenter_v1/proto/securitycenter_service.proto index 0687928f..df3e53dc 100644 --- a/google/cloud/securitycenter_v1/proto/securitycenter_service.proto +++ b/google/cloud/securitycenter_v1/proto/securitycenter_service.proto @@ -17,11 +17,14 @@ syntax = "proto3"; package google.cloud.securitycenter.v1; +import public "google/cloud/securitycenter/v1/run_asset_discovery_response.proto"; import "google/api/annotations.proto"; +import "google/api/client.proto"; +import "google/api/field_behavior.proto"; +import "google/api/resource.proto"; import "google/cloud/securitycenter/v1/asset.proto"; import "google/cloud/securitycenter/v1/finding.proto"; import "google/cloud/securitycenter/v1/organization_settings.proto"; -import "google/cloud/securitycenter/v1/run_asset_discovery_response.proto"; import "google/cloud/securitycenter/v1/security_marks.proto"; import "google/cloud/securitycenter/v1/source.proto"; import "google/iam/v1/iam_policy.proto"; @@ -42,12 +45,16 @@ option ruby_package = "Google::Cloud::SecurityCenter::V1"; // V1 APIs for Security Center service. service SecurityCenter { + option (google.api.default_host) = "securitycenter.googleapis.com"; + option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform"; + // Creates a source. rpc CreateSource(CreateSourceRequest) returns (Source) { option (google.api.http) = { post: "/v1/{parent=organizations/*}/sources" body: "source" }; + option (google.api.method_signature) = "parent,source"; } // Creates a finding. The corresponding source must exist for finding creation @@ -57,23 +64,24 @@ service SecurityCenter { post: "/v1/{parent=organizations/*/sources/*}/findings" body: "finding" }; + option (google.api.method_signature) = "parent,finding_id,finding"; } // Gets the access control policy on the specified Source. - rpc GetIamPolicy(google.iam.v1.GetIamPolicyRequest) - returns (google.iam.v1.Policy) { + rpc GetIamPolicy(google.iam.v1.GetIamPolicyRequest) returns (google.iam.v1.Policy) { option (google.api.http) = { post: "/v1/{resource=organizations/*/sources/*}:getIamPolicy" body: "*" }; + option (google.api.method_signature) = "resource"; } // Gets the settings for an organization. - rpc GetOrganizationSettings(GetOrganizationSettingsRequest) - returns (OrganizationSettings) { + rpc GetOrganizationSettings(GetOrganizationSettingsRequest) returns (OrganizationSettings) { option (google.api.http) = { get: "/v1/{name=organizations/*/organizationSettings}" }; + option (google.api.method_signature) = "name"; } // Gets a source. @@ -81,6 +89,7 @@ service SecurityCenter { option (google.api.http) = { get: "/v1/{name=organizations/*/sources/*}" }; + option (google.api.method_signature) = "name"; } // Filters an organization's assets and groups them by their specified @@ -96,12 +105,13 @@ service SecurityCenter { // specified properties. // // To group across all sources provide a `-` as the source id. - // Example: /v1/organizations/123/sources/-/findings + // Example: /v1/organizations/{organization_id}/sources/-/findings rpc GroupFindings(GroupFindingsRequest) returns (GroupFindingsResponse) { option (google.api.http) = { post: "/v1/{parent=organizations/*/sources/*}/findings:group" body: "*" }; + option (google.api.method_signature) = "parent,group_by"; } // Lists an organization's assets. @@ -114,7 +124,7 @@ service SecurityCenter { // Lists an organization or source's findings. // // To list across all sources provide a `-` as the source id. - // Example: /v1/organizations/123/sources/-/findings + // Example: /v1/organizations/{organization_id}/sources/-/findings rpc ListFindings(ListFindingsRequest) returns (ListFindingsResponse) { option (google.api.http) = { get: "/v1/{parent=organizations/*/sources/*}/findings" @@ -126,6 +136,7 @@ service SecurityCenter { option (google.api.http) = { get: "/v1/{parent=organizations/*}/sources" }; + option (google.api.method_signature) = "parent"; } // Runs asset discovery. The discovery is tracked with a long-running @@ -134,12 +145,16 @@ service SecurityCenter { // This API can only be called with limited frequency for an organization. If // it is called too frequently the caller will receive a TOO_MANY_REQUESTS // error. - rpc RunAssetDiscovery(RunAssetDiscoveryRequest) - returns (google.longrunning.Operation) { + rpc RunAssetDiscovery(RunAssetDiscoveryRequest) returns (google.longrunning.Operation) { option (google.api.http) = { post: "/v1/{parent=organizations/*}/assets:runDiscovery" body: "*" }; + option (google.api.method_signature) = "parent"; + option (google.longrunning.operation_info) = { + response_type: "google.cloud.securitycenter.v1.RunAssetDiscoveryResponse" + metadata_type: "google.protobuf.Empty" + }; } // Updates the state of a finding. @@ -148,24 +163,25 @@ service SecurityCenter { post: "/v1/{name=organizations/*/sources/*/findings/*}:setState" body: "*" }; + option (google.api.method_signature) = "name,state,start_time"; } // Sets the access control policy on the specified Source. - rpc SetIamPolicy(google.iam.v1.SetIamPolicyRequest) - returns (google.iam.v1.Policy) { + rpc SetIamPolicy(google.iam.v1.SetIamPolicyRequest) returns (google.iam.v1.Policy) { option (google.api.http) = { post: "/v1/{resource=organizations/*/sources/*}:setIamPolicy" body: "*" }; + option (google.api.method_signature) = "resource,policy"; } // Returns the permissions that a caller has on the specified source. - rpc TestIamPermissions(google.iam.v1.TestIamPermissionsRequest) - returns (google.iam.v1.TestIamPermissionsResponse) { + rpc TestIamPermissions(google.iam.v1.TestIamPermissionsRequest) returns (google.iam.v1.TestIamPermissionsResponse) { option (google.api.http) = { post: "/v1/{resource=organizations/*/sources/*}:testIamPermissions" body: "*" }; + option (google.api.method_signature) = "resource,permissions"; } // Creates or updates a finding. The corresponding source must exist for a @@ -175,15 +191,16 @@ service SecurityCenter { patch: "/v1/{finding.name=organizations/*/sources/*/findings/*}" body: "finding" }; + option (google.api.method_signature) = "finding"; } // Updates an organization's settings. - rpc UpdateOrganizationSettings(UpdateOrganizationSettingsRequest) - returns (OrganizationSettings) { + rpc UpdateOrganizationSettings(UpdateOrganizationSettingsRequest) returns (OrganizationSettings) { option (google.api.http) = { patch: "/v1/{organization_settings.name=organizations/*/organizationSettings}" body: "organization_settings" }; + option (google.api.method_signature) = "organization_settings"; } // Updates a source. @@ -192,6 +209,7 @@ service SecurityCenter { patch: "/v1/{source.name=organizations/*/sources/*}" body: "source" }; + option (google.api.method_signature) = "source"; } // Updates security marks. @@ -204,55 +222,81 @@ service SecurityCenter { body: "security_marks" } }; + option (google.api.method_signature) = "security_marks"; } } // Request message for creating a finding. message CreateFindingRequest { - // Resource name of the new finding's parent. Its format should be + // Required. Resource name of the new finding's parent. Its format should be // "organizations/[organization_id]/sources/[source_id]". - string parent = 1; + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "securitycenter.googleapis.com/Source" + } + ]; - // Unique identifier provided by the client within the parent scope. + // Required. Unique identifier provided by the client within the parent scope. // It must be alphanumeric and less than or equal to 32 characters and // greater than 0 characters in length. - string finding_id = 2; + string finding_id = 2 [(google.api.field_behavior) = REQUIRED]; - // The Finding being created. The name and security_marks will be ignored as + // Required. The Finding being created. The name and security_marks will be ignored as // they are both output only fields on this resource. - Finding finding = 3; + Finding finding = 3 [(google.api.field_behavior) = REQUIRED]; } // Request message for creating a source. message CreateSourceRequest { - // Resource name of the new source's parent. Its format should be + // Required. Resource name of the new source's parent. Its format should be // "organizations/[organization_id]". - string parent = 1; + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudresourcemanager.googleapis.com/Organization" + } + ]; - // The Source being created, only the display_name and description will be + // Required. The Source being created, only the display_name and description will be // used. All other fields will be ignored. - Source source = 2; + Source source = 2 [(google.api.field_behavior) = REQUIRED]; } // Request message for getting organization settings. message GetOrganizationSettingsRequest { - // Name of the organization to get organization settings for. Its format is + // Required. Name of the organization to get organization settings for. Its format is // "organizations/[organization_id]/organizationSettings". - string name = 1; + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "securitycenter.googleapis.com/OrganizationSettings" + } + ]; } // Request message for getting a source. message GetSourceRequest { - // Relative resource name of the source. Its format is + // Required. Relative resource name of the source. Its format is // "organizations/[organization_id]/source/[source_id]". - string name = 1; + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "securitycenter.googleapis.com/Source" + } + ]; } // Request message for grouping by assets. message GroupAssetsRequest { - // Name of the organization to groupBy. Its format is + // Required. Name of the organization to groupBy. Its format is // "organizations/[organization_id]". - string parent = 1; + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudresourcemanager.googleapis.com/Organization" + } + ]; // Expression that defines the filter to apply across assets. // The expression is a list of zero or more restrictions combined via logical @@ -281,34 +325,38 @@ message GroupAssetsRequest { // * boolean literals `true` and `false` without quotes. // // The following field and operator combinations are supported: - // name | '=' - // update_time | '=', '>', '<', '>=', '<=' + // + // * name: `=` + // * update_time: `=`, `>`, `<`, `>=`, `<=` // // Usage: This should be milliseconds since epoch or an RFC3339 string. // Examples: // "update_time = \"2019-06-10T16:07:18-07:00\"" // "update_time = 1560208038000" // - // create_time | '=', '>', '<', '>=', '<=' + // * create_time: `=`, `>`, `<`, `>=`, `<=` // // Usage: This should be milliseconds since epoch or an RFC3339 string. // Examples: // "create_time = \"2019-06-10T16:07:18-07:00\"" // "create_time = 1560208038000" // - // iam_policy.policy_blob | '=', ':' - // resource_properties | '=', ':', '>', '<', '>=', '<=' - // security_marks | '=', ':' - // security_center_properties.resource_name | '=', ':' - // security_center_properties.resource_type | '=', ':' - // security_center_properties.resource_parent | '=', ':' - // security_center_properties.resource_project | '=', ':' - // security_center_properties.resource_owners | '=', ':' + // * iam_policy.policy_blob: `=`, `:` + // * resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=` + // * security_marks.marks: `=`, `:` + // * security_center_properties.resource_name: `=`, `:` + // * security_center_properties.resource_display_name: `=`, `:` + // * security_center_properties.resource_type: `=`, `:` + // * security_center_properties.resource_parent: `=`, `:` + // * security_center_properties.resource_parent_display_name: `=`, `:` + // * security_center_properties.resource_project: `=`, `:` + // * security_center_properties.resource_project_display_name: `=`, `:` + // * security_center_properties.resource_owners: `=`, `:` // // For example, `resource_properties.size = 100` is a valid filter string. string filter = 2; - // Expression that defines what assets fields to use for grouping. The string + // Required. Expression that defines what assets fields to use for grouping. The string // value should follow SQL syntax: comma separated list of fields. For // example: // "security_center_properties.resource_project,security_center_properties.project". @@ -316,13 +364,17 @@ message GroupAssetsRequest { // The following fields are supported when compare_duration is not set: // // * security_center_properties.resource_project + // * security_center_properties.resource_project_display_name // * security_center_properties.resource_type // * security_center_properties.resource_parent + // * security_center_properties.resource_parent_display_name // // The following fields are supported when compare_duration is set: // // * security_center_properties.resource_type - string group_by = 3; + // * security_center_properties.resource_project_display_name + // * security_center_properties.resource_parent_display_name + string group_by = 3 [(google.api.field_behavior) = REQUIRED]; // When compare_duration is set, the GroupResult's "state_change" property is // updated to indicate whether the asset was added, removed, or remained @@ -367,8 +419,6 @@ message GroupAssetsRequest { // The maximum number of results to return in a single response. Default is // 10, minimum is 1, maximum is 1000. int32 page_size = 8; - - reserved 6; } // Response message for grouping by assets. @@ -391,11 +441,16 @@ message GroupAssetsResponse { // Request message for grouping by findings. message GroupFindingsRequest { - // Name of the source to groupBy. Its format is + // Required. Name of the source to groupBy. Its format is // "organizations/[organization_id]/sources/[source_id]". To groupBy across // all sources provide a source_id of `-`. For example: - // organizations/123/sources/- - string parent = 1; + // organizations/{organization_id}/sources/- + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "securitycenter.googleapis.com/Source" + } + ]; // Expression that defines the filter to apply across findings. // The expression is a list of one or more restrictions combined via logical @@ -422,26 +477,27 @@ message GroupFindingsRequest { // * boolean literals `true` and `false` without quotes. // // The following field and operator combinations are supported: - // name | `=` - // parent | '=', ':' - // resource_name | '=', ':' - // state | '=', ':' - // category | '=', ':' - // external_uri | '=', ':' - // event_time | `=`, `>`, `<`, `>=`, `<=` + // + // * name: `=` + // * parent: `=`, `:` + // * resource_name: `=`, `:` + // * state: `=`, `:` + // * category: `=`, `:` + // * external_uri: `=`, `:` + // * event_time: `=`, `>`, `<`, `>=`, `<=` // // Usage: This should be milliseconds since epoch or an RFC3339 string. // Examples: // "event_time = \"2019-06-10T16:07:18-07:00\"" // "event_time = 1560208038000" // - // security_marks | '=', ':' - // source_properties | '=', ':', `>`, `<`, `>=`, `<=` + // * security_marks.marks: `=`, `:` + // * source_properties: `=`, `:`, `>`, `<`, `>=`, `<=` // // For example, `source_properties.size = 100` is a valid filter string. string filter = 2; - // Expression that defines what assets fields to use for grouping (including + // Required. Expression that defines what assets fields to use for grouping (including // `state_change`). The string value should follow SQL syntax: comma separated // list of fields. For example: "parent,resource_name". // @@ -455,7 +511,7 @@ message GroupFindingsRequest { // The following fields are supported when compare_duration is set: // // * state_change - string group_by = 3; + string group_by = 3 [(google.api.field_behavior) = REQUIRED]; // Time used as a reference point when filtering findings. The filter is // limited to findings existing at the supplied time and their values are @@ -499,8 +555,6 @@ message GroupFindingsRequest { // The maximum number of results to return in a single response. Default is // 10, minimum is 1, maximum is 1000. int32 page_size = 8; - - reserved 6; } // Response message for group by findings. @@ -532,9 +586,14 @@ message GroupResult { // Request message for listing sources. message ListSourcesRequest { - // Resource name of the parent of sources to list. Its format should be + // Required. Resource name of the parent of sources to list. Its format should be // "organizations/[organization_id]". - string parent = 1; + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudresourcemanager.googleapis.com/Organization" + } + ]; // The value returned by the last `ListSourcesResponse`; indicates // that this is a continuation of a prior `ListSources` call, and @@ -558,9 +617,14 @@ message ListSourcesResponse { // Request message for listing assets. message ListAssetsRequest { - // Name of the organization assets should belong to. Its format is + // Required. Name of the organization assets should belong to. Its format is // "organizations/[organization_id]". - string parent = 1; + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudresourcemanager.googleapis.com/Organization" + } + ]; // Expression that defines the filter to apply across assets. // The expression is a list of zero or more restrictions combined via logical @@ -589,29 +653,33 @@ message ListAssetsRequest { // * boolean literals `true` and `false` without quotes. // // The following are the allowed field and operator combinations: - // name | `=` - // update_time | `=`, `>`, `<`, `>=`, `<=` + // + // * name: `=` + // * update_time: `=`, `>`, `<`, `>=`, `<=` // // Usage: This should be milliseconds since epoch or an RFC3339 string. // Examples: // "update_time = \"2019-06-10T16:07:18-07:00\"" // "update_time = 1560208038000" // - // create_time | `=`, `>`, `<`, `>=`, `<=` + // * create_time: `=`, `>`, `<`, `>=`, `<=` // // Usage: This should be milliseconds since epoch or an RFC3339 string. // Examples: // "create_time = \"2019-06-10T16:07:18-07:00\"" // "create_time = 1560208038000" // - // iam_policy.policy_blob | '=', ':' - // resource_properties | '=', ':', `>`, `<`, `>=`, `<=` - // security_marks | '=', ':' - // security_center_properties.resource_name | '=', ':' - // security_center_properties.resource_type | '=', ':' - // security_center_properties.resource_parent | '=', ':' - // security_center_properties.resource_project | '=', ':' - // security_center_properties.resource_owners | '=', ':' + // * iam_policy.policy_blob: `=`, `:` + // * resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=` + // * security_marks.marks: `=`, `:` + // * security_center_properties.resource_name: `=`, `:` + // * security_center_properties.resource_display_name: `=`, `:` + // * security_center_properties.resource_type: `=`, `:` + // * security_center_properties.resource_parent: `=`, `:` + // * security_center_properties.resource_parent_display_name: `=`, `:` + // * security_center_properties.resource_project: `=`, `:` + // * security_center_properties.resource_project_display_name: `=`, `:` + // * security_center_properties.resource_owners: `=`, `:` // // For example, `resource_properties.size = 100` is a valid filter string. string filter = 2; @@ -629,10 +697,13 @@ message ListAssetsRequest { // name // update_time // resource_properties - // security_marks + // security_marks.marks // security_center_properties.resource_name + // security_center_properties.resource_display_name // security_center_properties.resource_parent + // security_center_properties.resource_parent_display_name // security_center_properties.resource_project + // security_center_properties.resource_project_display_name // security_center_properties.resource_type string order_by = 3; @@ -668,12 +739,10 @@ message ListAssetsRequest { // read_time. google.protobuf.Duration compare_duration = 5; - // Optional. - // - // A field mask to specify the ListAssetsResult fields to be listed in the + // Optional. A field mask to specify the ListAssetsResult fields to be listed in the // response. // An empty field mask will list all fields. - google.protobuf.FieldMask field_mask = 7; + google.protobuf.FieldMask field_mask = 7 [(google.api.field_behavior) = OPTIONAL]; // The value returned by the last `ListAssetsResponse`; indicates // that this is a continuation of a prior `ListAssets` call, and @@ -683,8 +752,6 @@ message ListAssetsRequest { // The maximum number of results to return in a single response. Default is // 10, minimum is 1, maximum is 1000. int32 page_size = 9; - - reserved 6; } // Response message for listing assets. @@ -734,11 +801,16 @@ message ListAssetsResponse { // Request message for listing findings. message ListFindingsRequest { - // Name of the source the findings belong to. Its format is + // Required. Name of the source the findings belong to. Its format is // "organizations/[organization_id]/sources/[source_id]". To list across all // sources provide a source_id of `-`. For example: - // organizations/123/sources/- - string parent = 1; + // organizations/{organization_id}/sources/- + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "securitycenter.googleapis.com/Source" + } + ]; // Expression that defines the filter to apply across findings. // The expression is a list of one or more restrictions combined via logical @@ -765,21 +837,22 @@ message ListFindingsRequest { // * boolean literals `true` and `false` without quotes. // // The following field and operator combinations are supported: - // name | `=` - // parent | '=', ':' - // resource_name | '=', ':' - // state | '=', ':' - // category | '=', ':' - // external_uri | '=', ':' - // event_time | `=`, `>`, `<`, `>=`, `<=` + // + // name: `=` + // parent: `=`, `:` + // resource_name: `=`, `:` + // state: `=`, `:` + // category: `=`, `:` + // external_uri: `=`, `:` + // event_time: `=`, `>`, `<`, `>=`, `<=` // // Usage: This should be milliseconds since epoch or an RFC3339 string. // Examples: // "event_time = \"2019-06-10T16:07:18-07:00\"" // "event_time = 1560208038000" // - // security_marks | '=', ':' - // source_properties | '=', ':', `>`, `<`, `>=`, `<=` + // security_marks.marks: `=`, `:` + // source_properties: `=`, `:`, `>`, `<`, `>=`, `<=` // // For example, `source_properties.size = 100` is a valid filter string. string filter = 2; @@ -801,7 +874,7 @@ message ListFindingsRequest { // resource_name // event_time // source_properties - // security_marks + // security_marks.marks string order_by = 3; // Time used as a reference point when filtering findings. The filter is @@ -836,11 +909,9 @@ message ListFindingsRequest { // read_time. google.protobuf.Duration compare_duration = 5; - // Optional. - // - // A field mask to specify the Finding fields to be listed in the response. + // Optional. A field mask to specify the Finding fields to be listed in the response. // An empty field mask will list all fields. - google.protobuf.FieldMask field_mask = 7; + google.protobuf.FieldMask field_mask = 7 [(google.api.field_behavior) = OPTIONAL]; // The value returned by the last `ListFindingsResponse`; indicates // that this is a continuation of a prior `ListFindings` call, and @@ -850,14 +921,32 @@ message ListFindingsRequest { // The maximum number of results to return in a single response. Default is // 10, minimum is 1, maximum is 1000. int32 page_size = 9; - - reserved 6; } // Response message for listing findings. message ListFindingsResponse { // Result containing the Finding and its StateChange. message ListFindingsResult { + // Information related to the Google Cloud Platform (GCP) resource that is + // associated with this finding. + message Resource { + // The full resource name of the resource. See: + // https://cloud.google.com/apis/design/resource_names#full_resource_name + string name = 1; + + // The full resource name of project that the resource belongs to. + string project_name = 2; + + // The human readable name of project that the resource belongs to. + string project_display_name = 3; + + // The full resource name of resource's parent. + string parent_name = 4; + + // The human readable name of resource's parent. + string parent_display_name = 5; + } + // The change in state of the finding. // // When querying across two points in time this describes @@ -891,6 +980,9 @@ message ListFindingsResponse { // State change of the finding between the points in time. StateChange state_change = 2; + + // Output only. Resource that is associated with this finding. + Resource resource = 3; } // Findings matching the list request. @@ -909,35 +1001,45 @@ message ListFindingsResponse { // Request message for updating a finding's state. message SetFindingStateRequest { - // The relative resource name of the finding. See: + // Required. The relative resource name of the finding. See: // https://cloud.google.com/apis/design/resource_names#relative_resource_name // Example: - // "organizations/123/sources/456/finding/789". - string name = 1; + // "organizations/{organization_id}/sources/{source_id}/finding/{finding_id}". + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "securitycenter.googleapis.com/Finding" + } + ]; - // The desired State of the finding. - Finding.State state = 2; + // Required. The desired State of the finding. + Finding.State state = 2 [(google.api.field_behavior) = REQUIRED]; - // The time at which the updated state takes effect. - google.protobuf.Timestamp start_time = 3; + // Required. The time at which the updated state takes effect. + google.protobuf.Timestamp start_time = 3 [(google.api.field_behavior) = REQUIRED]; } // Request message for running asset discovery for an organization. message RunAssetDiscoveryRequest { - // Name of the organization to run asset discovery for. Its format is + // Required. Name of the organization to run asset discovery for. Its format is // "organizations/[organization_id]". - string parent = 1; + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudresourcemanager.googleapis.com/Organization" + } + ]; } // Request message for updating or creating a finding. message UpdateFindingRequest { - // The finding resource to update or create if it does not already exist. + // Required. The finding resource to update or create if it does not already exist. // parent, security_marks, and update_time will be ignored. // // In the case of creation, the finding id portion of the name must be // alphanumeric and less than or equal to 32 characters and greater than 0 // characters in length. - Finding finding = 1; + Finding finding = 1 [(google.api.field_behavior) = REQUIRED]; // The FieldMask to use when updating the finding resource. This field should // not be specified when creating a finding. @@ -951,8 +1053,8 @@ message UpdateFindingRequest { // Request message for updating an organization's settings. message UpdateOrganizationSettingsRequest { - // The organization settings resource to update. - OrganizationSettings organization_settings = 1; + // Required. The organization settings resource to update. + OrganizationSettings organization_settings = 1 [(google.api.field_behavior) = REQUIRED]; // The FieldMask to use when updating the settings resource. // @@ -962,8 +1064,8 @@ message UpdateOrganizationSettingsRequest { // Request message for updating a source. message UpdateSourceRequest { - // The source resource to update. - Source source = 1; + // Required. The source resource to update. + Source source = 1 [(google.api.field_behavior) = REQUIRED]; // The FieldMask to use when updating the source resource. // @@ -973,8 +1075,8 @@ message UpdateSourceRequest { // Request message for updating a SecurityMarks resource. message UpdateSecurityMarksRequest { - // The security marks resource to update. - SecurityMarks security_marks = 1; + // Required. The security marks resource to update. + SecurityMarks security_marks = 1 [(google.api.field_behavior) = REQUIRED]; // The FieldMask to use when updating the security marks resource. // diff --git a/google/cloud/securitycenter_v1/proto/securitycenter_service_pb2.py b/google/cloud/securitycenter_v1/proto/securitycenter_service_pb2.py index ec734191..334a32fa 100644 --- a/google/cloud/securitycenter_v1/proto/securitycenter_service_pb2.py +++ b/google/cloud/securitycenter_v1/proto/securitycenter_service_pb2.py @@ -15,7 +15,13 @@ _sym_db = _symbol_database.Default() +from google.cloud.securitycenter_v1.proto import ( + run_asset_discovery_response_pb2 as google_dot_cloud_dot_securitycenter__v1_dot_proto_dot_run__asset__discovery__response__pb2, +) from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 +from google.api import client_pb2 as google_dot_api_dot_client__pb2 +from google.api import field_behavior_pb2 as google_dot_api_dot_field__behavior__pb2 +from google.api import resource_pb2 as google_dot_api_dot_resource__pb2 from google.cloud.securitycenter_v1.proto import ( asset_pb2 as google_dot_cloud_dot_securitycenter__v1_dot_proto_dot_asset__pb2, ) @@ -25,9 +31,6 @@ from google.cloud.securitycenter_v1.proto import ( organization_settings_pb2 as google_dot_cloud_dot_securitycenter__v1_dot_proto_dot_organization__settings__pb2, ) -from google.cloud.securitycenter_v1.proto import ( - run_asset_discovery_response_pb2 as google_dot_cloud_dot_securitycenter__v1_dot_proto_dot_run__asset__discovery__response__pb2, -) from google.cloud.securitycenter_v1.proto import ( security_marks_pb2 as google_dot_cloud_dot_securitycenter__v1_dot_proto_dot_security__marks__pb2, ) @@ -54,14 +57,17 @@ '\n"com.google.cloud.securitycenter.v1P\001ZLgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter\252\002\036Google.Cloud.SecurityCenter.V1\312\002\036Google\\Cloud\\SecurityCenter\\V1\352\002!Google::Cloud::SecurityCenter::V1' ), serialized_pb=_b( - '\nAgoogle/cloud/securitycenter_v1/proto/securitycenter_service.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a\x1cgoogle/api/annotations.proto\x1a\x30google/cloud/securitycenter_v1/proto/asset.proto\x1a\x32google/cloud/securitycenter_v1/proto/finding.proto\x1a@google/cloud/securitycenter_v1/proto/organization_settings.proto\x1aGgoogle/cloud/securitycenter_v1/proto/run_asset_discovery_response.proto\x1a\x39google/cloud/securitycenter_v1/proto/security_marks.proto\x1a\x31google/cloud/securitycenter_v1/proto/source.proto\x1a\x1egoogle/iam/v1/iam_policy.proto\x1a\x1agoogle/iam/v1/policy.proto\x1a#google/longrunning/operations.proto\x1a\x1egoogle/protobuf/duration.proto\x1a\x1bgoogle/protobuf/empty.proto\x1a google/protobuf/field_mask.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a\x1fgoogle/protobuf/timestamp.proto"t\n\x14\x43reateFindingRequest\x12\x0e\n\x06parent\x18\x01 \x01(\t\x12\x12\n\nfinding_id\x18\x02 \x01(\t\x12\x38\n\x07\x66inding\x18\x03 \x01(\x0b\x32\'.google.cloud.securitycenter.v1.Finding"]\n\x13\x43reateSourceRequest\x12\x0e\n\x06parent\x18\x01 \x01(\t\x12\x36\n\x06source\x18\x02 \x01(\x0b\x32&.google.cloud.securitycenter.v1.Source".\n\x1eGetOrganizationSettingsRequest\x12\x0c\n\x04name\x18\x01 \x01(\t" \n\x10GetSourceRequest\x12\x0c\n\x04name\x18\x01 \x01(\t"\xd7\x01\n\x12GroupAssetsRequest\x12\x0e\n\x06parent\x18\x01 \x01(\t\x12\x0e\n\x06\x66ilter\x18\x02 \x01(\t\x12\x10\n\x08group_by\x18\x03 \x01(\t\x12\x33\n\x10\x63ompare_duration\x18\x04 \x01(\x0b\x32\x19.google.protobuf.Duration\x12-\n\tread_time\x18\x05 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x12\n\npage_token\x18\x07 \x01(\t\x12\x11\n\tpage_size\x18\x08 \x01(\x05J\x04\x08\x06\x10\x07"\xb8\x01\n\x13GroupAssetsResponse\x12\x45\n\x10group_by_results\x18\x01 \x03(\x0b\x32+.google.cloud.securitycenter.v1.GroupResult\x12-\n\tread_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x17\n\x0fnext_page_token\x18\x03 \x01(\t\x12\x12\n\ntotal_size\x18\x04 \x01(\x05"\xd9\x01\n\x14GroupFindingsRequest\x12\x0e\n\x06parent\x18\x01 \x01(\t\x12\x0e\n\x06\x66ilter\x18\x02 \x01(\t\x12\x10\n\x08group_by\x18\x03 \x01(\t\x12-\n\tread_time\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x33\n\x10\x63ompare_duration\x18\x05 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x12\n\npage_token\x18\x07 \x01(\t\x12\x11\n\tpage_size\x18\x08 \x01(\x05J\x04\x08\x06\x10\x07"\xba\x01\n\x15GroupFindingsResponse\x12\x45\n\x10group_by_results\x18\x01 \x03(\x0b\x32+.google.cloud.securitycenter.v1.GroupResult\x12-\n\tread_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x17\n\x0fnext_page_token\x18\x03 \x01(\t\x12\x12\n\ntotal_size\x18\x04 \x01(\x05"\xb8\x01\n\x0bGroupResult\x12O\n\nproperties\x18\x01 \x03(\x0b\x32;.google.cloud.securitycenter.v1.GroupResult.PropertiesEntry\x12\r\n\x05\x63ount\x18\x02 \x01(\x03\x1aI\n\x0fPropertiesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12%\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.Value:\x02\x38\x01"K\n\x12ListSourcesRequest\x12\x0e\n\x06parent\x18\x01 \x01(\t\x12\x12\n\npage_token\x18\x02 \x01(\t\x12\x11\n\tpage_size\x18\x07 \x01(\x05"g\n\x13ListSourcesResponse\x12\x37\n\x07sources\x18\x01 \x03(\x0b\x32&.google.cloud.securitycenter.v1.Source\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t"\x86\x02\n\x11ListAssetsRequest\x12\x0e\n\x06parent\x18\x01 \x01(\t\x12\x0e\n\x06\x66ilter\x18\x02 \x01(\t\x12\x10\n\x08order_by\x18\x03 \x01(\t\x12-\n\tread_time\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x33\n\x10\x63ompare_duration\x18\x05 \x01(\x0b\x32\x19.google.protobuf.Duration\x12.\n\nfield_mask\x18\x07 \x01(\x0b\x32\x1a.google.protobuf.FieldMask\x12\x12\n\npage_token\x18\x08 \x01(\t\x12\x11\n\tpage_size\x18\t \x01(\x05J\x04\x08\x06\x10\x07"\xc3\x03\n\x12ListAssetsResponse\x12`\n\x13list_assets_results\x18\x01 \x03(\x0b\x32\x43.google.cloud.securitycenter.v1.ListAssetsResponse.ListAssetsResult\x12-\n\tread_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x17\n\x0fnext_page_token\x18\x03 \x01(\t\x12\x12\n\ntotal_size\x18\x04 \x01(\x05\x1a\xee\x01\n\x10ListAssetsResult\x12\x34\n\x05\x61sset\x18\x01 \x01(\x0b\x32%.google.cloud.securitycenter.v1.Asset\x12\x65\n\x0cstate_change\x18\x02 \x01(\x0e\x32O.google.cloud.securitycenter.v1.ListAssetsResponse.ListAssetsResult.StateChange"=\n\x0bStateChange\x12\n\n\x06UNUSED\x10\x00\x12\t\n\x05\x41\x44\x44\x45\x44\x10\x01\x12\x0b\n\x07REMOVED\x10\x02\x12\n\n\x06\x41\x43TIVE\x10\x03"\x88\x02\n\x13ListFindingsRequest\x12\x0e\n\x06parent\x18\x01 \x01(\t\x12\x0e\n\x06\x66ilter\x18\x02 \x01(\t\x12\x10\n\x08order_by\x18\x03 \x01(\t\x12-\n\tread_time\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x33\n\x10\x63ompare_duration\x18\x05 \x01(\x0b\x32\x19.google.protobuf.Duration\x12.\n\nfield_mask\x18\x07 \x01(\x0b\x32\x1a.google.protobuf.FieldMask\x12\x12\n\npage_token\x18\x08 \x01(\t\x12\x11\n\tpage_size\x18\t \x01(\x05J\x04\x08\x06\x10\x07"\xe5\x03\n\x14ListFindingsResponse\x12\x66\n\x15list_findings_results\x18\x01 \x03(\x0b\x32G.google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult\x12-\n\tread_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x17\n\x0fnext_page_token\x18\x03 \x01(\t\x12\x12\n\ntotal_size\x18\x04 \x01(\x05\x1a\x88\x02\n\x12ListFindingsResult\x12\x38\n\x07\x66inding\x18\x01 \x01(\x0b\x32\'.google.cloud.securitycenter.v1.Finding\x12i\n\x0cstate_change\x18\x02 \x01(\x0e\x32S.google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult.StateChange"M\n\x0bStateChange\x12\n\n\x06UNUSED\x10\x00\x12\x0b\n\x07\x43HANGED\x10\x01\x12\r\n\tUNCHANGED\x10\x02\x12\t\n\x05\x41\x44\x44\x45\x44\x10\x03\x12\x0b\n\x07REMOVED\x10\x04"\x94\x01\n\x16SetFindingStateRequest\x12\x0c\n\x04name\x18\x01 \x01(\t\x12<\n\x05state\x18\x02 \x01(\x0e\x32-.google.cloud.securitycenter.v1.Finding.State\x12.\n\nstart_time\x18\x03 \x01(\x0b\x32\x1a.google.protobuf.Timestamp"*\n\x18RunAssetDiscoveryRequest\x12\x0e\n\x06parent\x18\x01 \x01(\t"\x81\x01\n\x14UpdateFindingRequest\x12\x38\n\x07\x66inding\x18\x01 \x01(\x0b\x32\'.google.cloud.securitycenter.v1.Finding\x12/\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMask"\xa9\x01\n!UpdateOrganizationSettingsRequest\x12S\n\x15organization_settings\x18\x01 \x01(\x0b\x32\x34.google.cloud.securitycenter.v1.OrganizationSettings\x12/\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMask"~\n\x13UpdateSourceRequest\x12\x36\n\x06source\x18\x01 \x01(\x0b\x32&.google.cloud.securitycenter.v1.Source\x12/\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMask"\xc4\x01\n\x1aUpdateSecurityMarksRequest\x12\x45\n\x0esecurity_marks\x18\x01 \x01(\x0b\x32-.google.cloud.securitycenter.v1.SecurityMarks\x12/\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMask\x12.\n\nstart_time\x18\x03 \x01(\x0b\x32\x1a.google.protobuf.Timestamp2\x90\x1a\n\x0eSecurityCenter\x12\xa1\x01\n\x0c\x43reateSource\x12\x33.google.cloud.securitycenter.v1.CreateSourceRequest\x1a&.google.cloud.securitycenter.v1.Source"4\x82\xd3\xe4\x93\x02."$/v1/{parent=organizations/*}/sources:\x06source\x12\xb0\x01\n\rCreateFinding\x12\x34.google.cloud.securitycenter.v1.CreateFindingRequest\x1a\'.google.cloud.securitycenter.v1.Finding"@\x82\xd3\xe4\x93\x02:"//v1/{parent=organizations/*/sources/*}/findings:\x07\x66inding\x12\x8b\x01\n\x0cGetIamPolicy\x12".google.iam.v1.GetIamPolicyRequest\x1a\x15.google.iam.v1.Policy"@\x82\xd3\xe4\x93\x02:"5/v1/{resource=organizations/*/sources/*}:getIamPolicy:\x01*\x12\xc8\x01\n\x17GetOrganizationSettings\x12>.google.cloud.securitycenter.v1.GetOrganizationSettingsRequest\x1a\x34.google.cloud.securitycenter.v1.OrganizationSettings"7\x82\xd3\xe4\x93\x02\x31\x12//v1/{name=organizations/*/organizationSettings}\x12\x93\x01\n\tGetSource\x12\x30.google.cloud.securitycenter.v1.GetSourceRequest\x1a&.google.cloud.securitycenter.v1.Source",\x82\xd3\xe4\x93\x02&\x12$/v1/{name=organizations/*/sources/*}\x12\xac\x01\n\x0bGroupAssets\x12\x32.google.cloud.securitycenter.v1.GroupAssetsRequest\x1a\x33.google.cloud.securitycenter.v1.GroupAssetsResponse"4\x82\xd3\xe4\x93\x02.")/v1/{parent=organizations/*}/assets:group:\x01*\x12\xbe\x01\n\rGroupFindings\x12\x34.google.cloud.securitycenter.v1.GroupFindingsRequest\x1a\x35.google.cloud.securitycenter.v1.GroupFindingsResponse"@\x82\xd3\xe4\x93\x02:"5/v1/{parent=organizations/*/sources/*}/findings:group:\x01*\x12\xa0\x01\n\nListAssets\x12\x31.google.cloud.securitycenter.v1.ListAssetsRequest\x1a\x32.google.cloud.securitycenter.v1.ListAssetsResponse"+\x82\xd3\xe4\x93\x02%\x12#/v1/{parent=organizations/*}/assets\x12\xb2\x01\n\x0cListFindings\x12\x33.google.cloud.securitycenter.v1.ListFindingsRequest\x1a\x34.google.cloud.securitycenter.v1.ListFindingsResponse"7\x82\xd3\xe4\x93\x02\x31\x12//v1/{parent=organizations/*/sources/*}/findings\x12\xa4\x01\n\x0bListSources\x12\x32.google.cloud.securitycenter.v1.ListSourcesRequest\x1a\x33.google.cloud.securitycenter.v1.ListSourcesResponse",\x82\xd3\xe4\x93\x02&\x12$/v1/{parent=organizations/*}/sources\x12\xa9\x01\n\x11RunAssetDiscovery\x12\x38.google.cloud.securitycenter.v1.RunAssetDiscoveryRequest\x1a\x1d.google.longrunning.Operation";\x82\xd3\xe4\x93\x02\x35"0/v1/{parent=organizations/*}/assets:runDiscovery:\x01*\x12\xb7\x01\n\x0fSetFindingState\x12\x36.google.cloud.securitycenter.v1.SetFindingStateRequest\x1a\'.google.cloud.securitycenter.v1.Finding"C\x82\xd3\xe4\x93\x02="8/v1/{name=organizations/*/sources/*/findings/*}:setState:\x01*\x12\x8b\x01\n\x0cSetIamPolicy\x12".google.iam.v1.SetIamPolicyRequest\x1a\x15.google.iam.v1.Policy"@\x82\xd3\xe4\x93\x02:"5/v1/{resource=organizations/*/sources/*}:setIamPolicy:\x01*\x12\xb1\x01\n\x12TestIamPermissions\x12(.google.iam.v1.TestIamPermissionsRequest\x1a).google.iam.v1.TestIamPermissionsResponse"F\x82\xd3\xe4\x93\x02@";/v1/{resource=organizations/*/sources/*}:testIamPermissions:\x01*\x12\xb8\x01\n\rUpdateFinding\x12\x34.google.cloud.securitycenter.v1.UpdateFindingRequest\x1a\'.google.cloud.securitycenter.v1.Finding"H\x82\xd3\xe4\x93\x02\x42\x32\x37/v1/{finding.name=organizations/*/sources/*/findings/*}:\x07\x66inding\x12\xfb\x01\n\x1aUpdateOrganizationSettings\x12\x41.google.cloud.securitycenter.v1.UpdateOrganizationSettingsRequest\x1a\x34.google.cloud.securitycenter.v1.OrganizationSettings"d\x82\xd3\xe4\x93\x02^2E/v1/{organization_settings.name=organizations/*/organizationSettings}:\x15organization_settings\x12\xa8\x01\n\x0cUpdateSource\x12\x33.google.cloud.securitycenter.v1.UpdateSourceRequest\x1a&.google.cloud.securitycenter.v1.Source";\x82\xd3\xe4\x93\x02\x35\x32+/v1/{source.name=organizations/*/sources/*}:\x06source\x12\xbc\x02\n\x13UpdateSecurityMarks\x12:.google.cloud.securitycenter.v1.UpdateSecurityMarksRequest\x1a-.google.cloud.securitycenter.v1.SecurityMarks"\xb9\x01\x82\xd3\xe4\x93\x02\xb2\x01\x32@/v1/{security_marks.name=organizations/*/assets/*/securityMarks}:\x0esecurity_marksZ^2L/v1/{security_marks.name=organizations/*/sources/*/findings/*/securityMarks}:\x0esecurity_marksB\xda\x01\n"com.google.cloud.securitycenter.v1P\x01ZLgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3' + '\nAgoogle/cloud/securitycenter_v1/proto/securitycenter_service.proto\x12\x1egoogle.cloud.securitycenter.v1\x1aGgoogle/cloud/securitycenter_v1/proto/run_asset_discovery_response.proto\x1a\x1cgoogle/api/annotations.proto\x1a\x17google/api/client.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a\x30google/cloud/securitycenter_v1/proto/asset.proto\x1a\x32google/cloud/securitycenter_v1/proto/finding.proto\x1a@google/cloud/securitycenter_v1/proto/organization_settings.proto\x1a\x39google/cloud/securitycenter_v1/proto/security_marks.proto\x1a\x31google/cloud/securitycenter_v1/proto/source.proto\x1a\x1egoogle/iam/v1/iam_policy.proto\x1a\x1agoogle/iam/v1/policy.proto\x1a#google/longrunning/operations.proto\x1a\x1egoogle/protobuf/duration.proto\x1a\x1bgoogle/protobuf/empty.proto\x1a google/protobuf/field_mask.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a\x1fgoogle/protobuf/timestamp.proto"\xac\x01\n\x14\x43reateFindingRequest\x12<\n\x06parent\x18\x01 \x01(\tB,\xe0\x41\x02\xfa\x41&\n$securitycenter.googleapis.com/Source\x12\x17\n\nfinding_id\x18\x02 \x01(\tB\x03\xe0\x41\x02\x12=\n\x07\x66inding\x18\x03 \x01(\x0b\x32\'.google.cloud.securitycenter.v1.FindingB\x03\xe0\x41\x02"\x9c\x01\n\x13\x43reateSourceRequest\x12H\n\x06parent\x18\x01 \x01(\tB8\xe0\x41\x02\xfa\x41\x32\n0cloudresourcemanager.googleapis.com/Organization\x12;\n\x06source\x18\x02 \x01(\x0b\x32&.google.cloud.securitycenter.v1.SourceB\x03\xe0\x41\x02"j\n\x1eGetOrganizationSettingsRequest\x12H\n\x04name\x18\x01 \x01(\tB:\xe0\x41\x02\xfa\x41\x34\n2securitycenter.googleapis.com/OrganizationSettings"N\n\x10GetSourceRequest\x12:\n\x04name\x18\x01 \x01(\tB,\xe0\x41\x02\xfa\x41&\n$securitycenter.googleapis.com/Source"\x90\x02\n\x12GroupAssetsRequest\x12H\n\x06parent\x18\x01 \x01(\tB8\xe0\x41\x02\xfa\x41\x32\n0cloudresourcemanager.googleapis.com/Organization\x12\x0e\n\x06\x66ilter\x18\x02 \x01(\t\x12\x15\n\x08group_by\x18\x03 \x01(\tB\x03\xe0\x41\x02\x12\x33\n\x10\x63ompare_duration\x18\x04 \x01(\x0b\x32\x19.google.protobuf.Duration\x12-\n\tread_time\x18\x05 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x12\n\npage_token\x18\x07 \x01(\t\x12\x11\n\tpage_size\x18\x08 \x01(\x05"\xb8\x01\n\x13GroupAssetsResponse\x12\x45\n\x10group_by_results\x18\x01 \x03(\x0b\x32+.google.cloud.securitycenter.v1.GroupResult\x12-\n\tread_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x17\n\x0fnext_page_token\x18\x03 \x01(\t\x12\x12\n\ntotal_size\x18\x04 \x01(\x05"\x86\x02\n\x14GroupFindingsRequest\x12<\n\x06parent\x18\x01 \x01(\tB,\xe0\x41\x02\xfa\x41&\n$securitycenter.googleapis.com/Source\x12\x0e\n\x06\x66ilter\x18\x02 \x01(\t\x12\x15\n\x08group_by\x18\x03 \x01(\tB\x03\xe0\x41\x02\x12-\n\tread_time\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x33\n\x10\x63ompare_duration\x18\x05 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x12\n\npage_token\x18\x07 \x01(\t\x12\x11\n\tpage_size\x18\x08 \x01(\x05"\xba\x01\n\x15GroupFindingsResponse\x12\x45\n\x10group_by_results\x18\x01 \x03(\x0b\x32+.google.cloud.securitycenter.v1.GroupResult\x12-\n\tread_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x17\n\x0fnext_page_token\x18\x03 \x01(\t\x12\x12\n\ntotal_size\x18\x04 \x01(\x05"\xb8\x01\n\x0bGroupResult\x12O\n\nproperties\x18\x01 \x03(\x0b\x32;.google.cloud.securitycenter.v1.GroupResult.PropertiesEntry\x12\r\n\x05\x63ount\x18\x02 \x01(\x03\x1aI\n\x0fPropertiesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12%\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.Value:\x02\x38\x01"\x85\x01\n\x12ListSourcesRequest\x12H\n\x06parent\x18\x01 \x01(\tB8\xe0\x41\x02\xfa\x41\x32\n0cloudresourcemanager.googleapis.com/Organization\x12\x12\n\npage_token\x18\x02 \x01(\t\x12\x11\n\tpage_size\x18\x07 \x01(\x05"g\n\x13ListSourcesResponse\x12\x37\n\x07sources\x18\x01 \x03(\x0b\x32&.google.cloud.securitycenter.v1.Source\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t"\xbf\x02\n\x11ListAssetsRequest\x12H\n\x06parent\x18\x01 \x01(\tB8\xe0\x41\x02\xfa\x41\x32\n0cloudresourcemanager.googleapis.com/Organization\x12\x0e\n\x06\x66ilter\x18\x02 \x01(\t\x12\x10\n\x08order_by\x18\x03 \x01(\t\x12-\n\tread_time\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x33\n\x10\x63ompare_duration\x18\x05 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x33\n\nfield_mask\x18\x07 \x01(\x0b\x32\x1a.google.protobuf.FieldMaskB\x03\xe0\x41\x01\x12\x12\n\npage_token\x18\x08 \x01(\t\x12\x11\n\tpage_size\x18\t \x01(\x05"\xc3\x03\n\x12ListAssetsResponse\x12`\n\x13list_assets_results\x18\x01 \x03(\x0b\x32\x43.google.cloud.securitycenter.v1.ListAssetsResponse.ListAssetsResult\x12-\n\tread_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x17\n\x0fnext_page_token\x18\x03 \x01(\t\x12\x12\n\ntotal_size\x18\x04 \x01(\x05\x1a\xee\x01\n\x10ListAssetsResult\x12\x34\n\x05\x61sset\x18\x01 \x01(\x0b\x32%.google.cloud.securitycenter.v1.Asset\x12\x65\n\x0cstate_change\x18\x02 \x01(\x0e\x32O.google.cloud.securitycenter.v1.ListAssetsResponse.ListAssetsResult.StateChange"=\n\x0bStateChange\x12\n\n\x06UNUSED\x10\x00\x12\t\n\x05\x41\x44\x44\x45\x44\x10\x01\x12\x0b\n\x07REMOVED\x10\x02\x12\n\n\x06\x41\x43TIVE\x10\x03"\xb5\x02\n\x13ListFindingsRequest\x12<\n\x06parent\x18\x01 \x01(\tB,\xe0\x41\x02\xfa\x41&\n$securitycenter.googleapis.com/Source\x12\x0e\n\x06\x66ilter\x18\x02 \x01(\t\x12\x10\n\x08order_by\x18\x03 \x01(\t\x12-\n\tread_time\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x33\n\x10\x63ompare_duration\x18\x05 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x33\n\nfield_mask\x18\x07 \x01(\x0b\x32\x1a.google.protobuf.FieldMaskB\x03\xe0\x41\x01\x12\x12\n\npage_token\x18\x08 \x01(\t\x12\x11\n\tpage_size\x18\t \x01(\x05"\xc9\x05\n\x14ListFindingsResponse\x12\x66\n\x15list_findings_results\x18\x01 \x03(\x0b\x32G.google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult\x12-\n\tread_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x17\n\x0fnext_page_token\x18\x03 \x01(\t\x12\x12\n\ntotal_size\x18\x04 \x01(\x05\x1a\xec\x03\n\x12ListFindingsResult\x12\x38\n\x07\x66inding\x18\x01 \x01(\x0b\x32\'.google.cloud.securitycenter.v1.Finding\x12i\n\x0cstate_change\x18\x02 \x01(\x0e\x32S.google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult.StateChange\x12\x62\n\x08resource\x18\x03 \x01(\x0b\x32P.google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult.Resource\x1a~\n\x08Resource\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x14\n\x0cproject_name\x18\x02 \x01(\t\x12\x1c\n\x14project_display_name\x18\x03 \x01(\t\x12\x13\n\x0bparent_name\x18\x04 \x01(\t\x12\x1b\n\x13parent_display_name\x18\x05 \x01(\t"M\n\x0bStateChange\x12\n\n\x06UNUSED\x10\x00\x12\x0b\n\x07\x43HANGED\x10\x01\x12\r\n\tUNCHANGED\x10\x02\x12\t\n\x05\x41\x44\x44\x45\x44\x10\x03\x12\x0b\n\x07REMOVED\x10\x04"\xcd\x01\n\x16SetFindingStateRequest\x12;\n\x04name\x18\x01 \x01(\tB-\xe0\x41\x02\xfa\x41\'\n%securitycenter.googleapis.com/Finding\x12\x41\n\x05state\x18\x02 \x01(\x0e\x32-.google.cloud.securitycenter.v1.Finding.StateB\x03\xe0\x41\x02\x12\x33\n\nstart_time\x18\x03 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x02"d\n\x18RunAssetDiscoveryRequest\x12H\n\x06parent\x18\x01 \x01(\tB8\xe0\x41\x02\xfa\x41\x32\n0cloudresourcemanager.googleapis.com/Organization"\x86\x01\n\x14UpdateFindingRequest\x12=\n\x07\x66inding\x18\x01 \x01(\x0b\x32\'.google.cloud.securitycenter.v1.FindingB\x03\xe0\x41\x02\x12/\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMask"\xae\x01\n!UpdateOrganizationSettingsRequest\x12X\n\x15organization_settings\x18\x01 \x01(\x0b\x32\x34.google.cloud.securitycenter.v1.OrganizationSettingsB\x03\xe0\x41\x02\x12/\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMask"\x83\x01\n\x13UpdateSourceRequest\x12;\n\x06source\x18\x01 \x01(\x0b\x32&.google.cloud.securitycenter.v1.SourceB\x03\xe0\x41\x02\x12/\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMask"\xc9\x01\n\x1aUpdateSecurityMarksRequest\x12J\n\x0esecurity_marks\x18\x01 \x01(\x0b\x32-.google.cloud.securitycenter.v1.SecurityMarksB\x03\xe0\x41\x02\x12/\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMask\x12.\n\nstart_time\x18\x03 \x01(\x0b\x32\x1a.google.protobuf.Timestamp2\x9e\x1d\n\x0eSecurityCenter\x12\xb1\x01\n\x0c\x43reateSource\x12\x33.google.cloud.securitycenter.v1.CreateSourceRequest\x1a&.google.cloud.securitycenter.v1.Source"D\x82\xd3\xe4\x93\x02."$/v1/{parent=organizations/*}/sources:\x06source\xda\x41\rparent,source\x12\xcc\x01\n\rCreateFinding\x12\x34.google.cloud.securitycenter.v1.CreateFindingRequest\x1a\'.google.cloud.securitycenter.v1.Finding"\\\x82\xd3\xe4\x93\x02:"//v1/{parent=organizations/*/sources/*}/findings:\x07\x66inding\xda\x41\x19parent,finding_id,finding\x12\x96\x01\n\x0cGetIamPolicy\x12".google.iam.v1.GetIamPolicyRequest\x1a\x15.google.iam.v1.Policy"K\x82\xd3\xe4\x93\x02:"5/v1/{resource=organizations/*/sources/*}:getIamPolicy:\x01*\xda\x41\x08resource\x12\xcf\x01\n\x17GetOrganizationSettings\x12>.google.cloud.securitycenter.v1.GetOrganizationSettingsRequest\x1a\x34.google.cloud.securitycenter.v1.OrganizationSettings">\x82\xd3\xe4\x93\x02\x31\x12//v1/{name=organizations/*/organizationSettings}\xda\x41\x04name\x12\x9a\x01\n\tGetSource\x12\x30.google.cloud.securitycenter.v1.GetSourceRequest\x1a&.google.cloud.securitycenter.v1.Source"3\x82\xd3\xe4\x93\x02&\x12$/v1/{name=organizations/*/sources/*}\xda\x41\x04name\x12\xac\x01\n\x0bGroupAssets\x12\x32.google.cloud.securitycenter.v1.GroupAssetsRequest\x1a\x33.google.cloud.securitycenter.v1.GroupAssetsResponse"4\x82\xd3\xe4\x93\x02.")/v1/{parent=organizations/*}/assets:group:\x01*\x12\xd0\x01\n\rGroupFindings\x12\x34.google.cloud.securitycenter.v1.GroupFindingsRequest\x1a\x35.google.cloud.securitycenter.v1.GroupFindingsResponse"R\x82\xd3\xe4\x93\x02:"5/v1/{parent=organizations/*/sources/*}/findings:group:\x01*\xda\x41\x0fparent,group_by\x12\xa0\x01\n\nListAssets\x12\x31.google.cloud.securitycenter.v1.ListAssetsRequest\x1a\x32.google.cloud.securitycenter.v1.ListAssetsResponse"+\x82\xd3\xe4\x93\x02%\x12#/v1/{parent=organizations/*}/assets\x12\xb2\x01\n\x0cListFindings\x12\x33.google.cloud.securitycenter.v1.ListFindingsRequest\x1a\x34.google.cloud.securitycenter.v1.ListFindingsResponse"7\x82\xd3\xe4\x93\x02\x31\x12//v1/{parent=organizations/*/sources/*}/findings\x12\xad\x01\n\x0bListSources\x12\x32.google.cloud.securitycenter.v1.ListSourcesRequest\x1a\x33.google.cloud.securitycenter.v1.ListSourcesResponse"5\x82\xd3\xe4\x93\x02&\x12$/v1/{parent=organizations/*}/sources\xda\x41\x06parent\x12\x87\x02\n\x11RunAssetDiscovery\x12\x38.google.cloud.securitycenter.v1.RunAssetDiscoveryRequest\x1a\x1d.google.longrunning.Operation"\x98\x01\x82\xd3\xe4\x93\x02\x35"0/v1/{parent=organizations/*}/assets:runDiscovery:\x01*\xda\x41\x06parent\xca\x41Q\n8google.cloud.securitycenter.v1.RunAssetDiscoveryResponse\x12\x15google.protobuf.Empty\x12\xcf\x01\n\x0fSetFindingState\x12\x36.google.cloud.securitycenter.v1.SetFindingStateRequest\x1a\'.google.cloud.securitycenter.v1.Finding"[\x82\xd3\xe4\x93\x02="8/v1/{name=organizations/*/sources/*/findings/*}:setState:\x01*\xda\x41\x15name,state,start_time\x12\x9d\x01\n\x0cSetIamPolicy\x12".google.iam.v1.SetIamPolicyRequest\x1a\x15.google.iam.v1.Policy"R\x82\xd3\xe4\x93\x02:"5/v1/{resource=organizations/*/sources/*}:setIamPolicy:\x01*\xda\x41\x0fresource,policy\x12\xc8\x01\n\x12TestIamPermissions\x12(.google.iam.v1.TestIamPermissionsRequest\x1a).google.iam.v1.TestIamPermissionsResponse"]\x82\xd3\xe4\x93\x02@";/v1/{resource=organizations/*/sources/*}:testIamPermissions:\x01*\xda\x41\x14resource,permissions\x12\xc2\x01\n\rUpdateFinding\x12\x34.google.cloud.securitycenter.v1.UpdateFindingRequest\x1a\'.google.cloud.securitycenter.v1.Finding"R\x82\xd3\xe4\x93\x02\x42\x32\x37/v1/{finding.name=organizations/*/sources/*/findings/*}:\x07\x66inding\xda\x41\x07\x66inding\x12\x93\x02\n\x1aUpdateOrganizationSettings\x12\x41.google.cloud.securitycenter.v1.UpdateOrganizationSettingsRequest\x1a\x34.google.cloud.securitycenter.v1.OrganizationSettings"|\x82\xd3\xe4\x93\x02^2E/v1/{organization_settings.name=organizations/*/organizationSettings}:\x15organization_settings\xda\x41\x15organization_settings\x12\xb1\x01\n\x0cUpdateSource\x12\x33.google.cloud.securitycenter.v1.UpdateSourceRequest\x1a&.google.cloud.securitycenter.v1.Source"D\x82\xd3\xe4\x93\x02\x35\x32+/v1/{source.name=organizations/*/sources/*}:\x06source\xda\x41\x06source\x12\xcd\x02\n\x13UpdateSecurityMarks\x12:.google.cloud.securitycenter.v1.UpdateSecurityMarksRequest\x1a-.google.cloud.securitycenter.v1.SecurityMarks"\xca\x01\x82\xd3\xe4\x93\x02\xb2\x01\x32@/v1/{security_marks.name=organizations/*/assets/*/securityMarks}:\x0esecurity_marksZ^2L/v1/{security_marks.name=organizations/*/sources/*/findings/*/securityMarks}:\x0esecurity_marks\xda\x41\x0esecurity_marks\x1aQ\xca\x41\x1dsecuritycenter.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platformB\xda\x01\n"com.google.cloud.securitycenter.v1P\x01ZLgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3' ), dependencies=[ + google_dot_cloud_dot_securitycenter__v1_dot_proto_dot_run__asset__discovery__response__pb2.DESCRIPTOR, google_dot_api_dot_annotations__pb2.DESCRIPTOR, + google_dot_api_dot_client__pb2.DESCRIPTOR, + google_dot_api_dot_field__behavior__pb2.DESCRIPTOR, + google_dot_api_dot_resource__pb2.DESCRIPTOR, google_dot_cloud_dot_securitycenter__v1_dot_proto_dot_asset__pb2.DESCRIPTOR, google_dot_cloud_dot_securitycenter__v1_dot_proto_dot_finding__pb2.DESCRIPTOR, google_dot_cloud_dot_securitycenter__v1_dot_proto_dot_organization__settings__pb2.DESCRIPTOR, - google_dot_cloud_dot_securitycenter__v1_dot_proto_dot_run__asset__discovery__response__pb2.DESCRIPTOR, google_dot_cloud_dot_securitycenter__v1_dot_proto_dot_security__marks__pb2.DESCRIPTOR, google_dot_cloud_dot_securitycenter__v1_dot_proto_dot_source__pb2.DESCRIPTOR, google_dot_iam_dot_v1_dot_iam__policy__pb2.DESCRIPTOR, @@ -97,8 +103,8 @@ ], containing_type=None, serialized_options=None, - serialized_start=2871, - serialized_end=2932, + serialized_start=3401, + serialized_end=3462, ) _sym_db.RegisterEnumDescriptor(_LISTASSETSRESPONSE_LISTASSETSRESULT_STATECHANGE) @@ -126,8 +132,8 @@ ], containing_type=None, serialized_options=None, - serialized_start=3610, - serialized_end=3687, + serialized_start=4413, + serialized_end=4490, ) _sym_db.RegisterEnumDescriptor(_LISTFINDINGSRESPONSE_LISTFINDINGSRESULT_STATECHANGE) @@ -154,7 +160,9 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b( + "\340A\002\372A&\n$securitycenter.googleapis.com/Source" + ), file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -172,7 +180,7 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b("\340A\002"), file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -190,7 +198,7 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b("\340A\002"), file=DESCRIPTOR, ), ], @@ -202,8 +210,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=737, - serialized_end=853, + serialized_start=823, + serialized_end=995, ) @@ -229,7 +237,9 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b( + "\340A\002\372A2\n0cloudresourcemanager.googleapis.com/Organization" + ), file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -247,7 +257,7 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b("\340A\002"), file=DESCRIPTOR, ), ], @@ -259,8 +269,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=855, - serialized_end=948, + serialized_start=998, + serialized_end=1154, ) @@ -286,7 +296,9 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b( + "\340A\002\372A4\n2securitycenter.googleapis.com/OrganizationSettings" + ), file=DESCRIPTOR, ), ], @@ -298,8 +310,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=950, - serialized_end=996, + serialized_start=1156, + serialized_end=1262, ) @@ -325,7 +337,9 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b( + "\340A\002\372A&\n$securitycenter.googleapis.com/Source" + ), file=DESCRIPTOR, ), ], @@ -337,8 +351,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=998, - serialized_end=1030, + serialized_start=1264, + serialized_end=1342, ) @@ -364,7 +378,9 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b( + "\340A\002\372A2\n0cloudresourcemanager.googleapis.com/Organization" + ), file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -400,7 +416,7 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b("\340A\002"), file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -484,8 +500,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=1033, - serialized_end=1248, + serialized_start=1345, + serialized_end=1617, ) @@ -577,8 +593,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=1251, - serialized_end=1435, + serialized_start=1620, + serialized_end=1804, ) @@ -604,7 +620,9 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b( + "\340A\002\372A&\n$securitycenter.googleapis.com/Source" + ), file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -640,7 +658,7 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b("\340A\002"), file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -724,8 +742,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=1438, - serialized_end=1655, + serialized_start=1807, + serialized_end=2069, ) @@ -817,8 +835,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=1658, - serialized_end=1844, + serialized_start=2072, + serialized_end=2258, ) @@ -874,8 +892,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=1958, - serialized_end=2031, + serialized_start=2372, + serialized_end=2445, ) _GROUPRESULT = _descriptor.Descriptor( @@ -930,8 +948,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=1847, - serialized_end=2031, + serialized_start=2261, + serialized_end=2445, ) @@ -957,7 +975,9 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b( + "\340A\002\372A2\n0cloudresourcemanager.googleapis.com/Organization" + ), file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -1005,8 +1025,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=2033, - serialized_end=2108, + serialized_start=2448, + serialized_end=2581, ) @@ -1062,8 +1082,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=2110, - serialized_end=2213, + serialized_start=2583, + serialized_end=2686, ) @@ -1089,7 +1109,9 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b( + "\340A\002\372A2\n0cloudresourcemanager.googleapis.com/Organization" + ), file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -1179,7 +1201,7 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b("\340A\001"), file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -1227,8 +1249,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=2216, - serialized_end=2478, + serialized_start=2689, + serialized_end=3008, ) @@ -1284,8 +1306,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=2694, - serialized_end=2932, + serialized_start=3224, + serialized_end=3462, ) _LISTASSETSRESPONSE = _descriptor.Descriptor( @@ -1376,8 +1398,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=2481, - serialized_end=2932, + serialized_start=3011, + serialized_end=3462, ) @@ -1403,7 +1425,9 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b( + "\340A\002\372A&\n$securitycenter.googleapis.com/Source" + ), file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -1493,7 +1517,7 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b("\340A\001"), file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -1541,11 +1565,121 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=2935, - serialized_end=3199, + serialized_start=3465, + serialized_end=3774, ) +_LISTFINDINGSRESPONSE_LISTFINDINGSRESULT_RESOURCE = _descriptor.Descriptor( + name="Resource", + full_name="google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult.Resource", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="name", + full_name="google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult.Resource.name", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="project_name", + full_name="google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult.Resource.project_name", + index=1, + number=2, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="project_display_name", + full_name="google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult.Resource.project_display_name", + index=2, + number=3, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="parent_name", + full_name="google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult.Resource.parent_name", + index=3, + number=4, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="parent_display_name", + full_name="google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult.Resource.parent_display_name", + index=4, + number=5, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=4285, + serialized_end=4411, +) + _LISTFINDINGSRESPONSE_LISTFINDINGSRESULT = _descriptor.Descriptor( name="ListFindingsResult", full_name="google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult", @@ -1589,17 +1723,35 @@ serialized_options=None, file=DESCRIPTOR, ), + _descriptor.FieldDescriptor( + name="resource", + full_name="google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult.resource", + index=2, + number=3, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), ], extensions=[], - nested_types=[], + nested_types=[_LISTFINDINGSRESPONSE_LISTFINDINGSRESULT_RESOURCE,], enum_types=[_LISTFINDINGSRESPONSE_LISTFINDINGSRESULT_STATECHANGE,], serialized_options=None, is_extendable=False, syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=3423, - serialized_end=3687, + serialized_start=3998, + serialized_end=4490, ) _LISTFINDINGSRESPONSE = _descriptor.Descriptor( @@ -1690,8 +1842,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=3202, - serialized_end=3687, + serialized_start=3777, + serialized_end=4490, ) @@ -1717,7 +1869,9 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b( + "\340A\002\372A'\n%securitycenter.googleapis.com/Finding" + ), file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -1735,7 +1889,7 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b("\340A\002"), file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -1753,7 +1907,7 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b("\340A\002"), file=DESCRIPTOR, ), ], @@ -1765,8 +1919,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=3690, - serialized_end=3838, + serialized_start=4493, + serialized_end=4698, ) @@ -1792,7 +1946,9 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b( + "\340A\002\372A2\n0cloudresourcemanager.googleapis.com/Organization" + ), file=DESCRIPTOR, ), ], @@ -1804,8 +1960,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=3840, - serialized_end=3882, + serialized_start=4700, + serialized_end=4800, ) @@ -1831,7 +1987,7 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b("\340A\002"), file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -1861,8 +2017,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=3885, - serialized_end=4014, + serialized_start=4803, + serialized_end=4937, ) @@ -1888,7 +2044,7 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b("\340A\002"), file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -1918,8 +2074,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=4017, - serialized_end=4186, + serialized_start=4940, + serialized_end=5114, ) @@ -1945,7 +2101,7 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b("\340A\002"), file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -1975,8 +2131,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=4188, - serialized_end=4314, + serialized_start=5117, + serialized_end=5248, ) @@ -2002,7 +2158,7 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b("\340A\002"), file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -2050,8 +2206,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=4317, - serialized_end=4513, + serialized_start=5251, + serialized_end=5452, ) _CREATEFINDINGREQUEST.fields_by_name[ @@ -2128,6 +2284,9 @@ _LISTFINDINGSREQUEST.fields_by_name[ "field_mask" ].message_type = google_dot_protobuf_dot_field__mask__pb2._FIELDMASK +_LISTFINDINGSRESPONSE_LISTFINDINGSRESULT_RESOURCE.containing_type = ( + _LISTFINDINGSRESPONSE_LISTFINDINGSRESULT +) _LISTFINDINGSRESPONSE_LISTFINDINGSRESULT.fields_by_name[ "finding" ].message_type = ( @@ -2136,6 +2295,9 @@ _LISTFINDINGSRESPONSE_LISTFINDINGSRESULT.fields_by_name[ "state_change" ].enum_type = _LISTFINDINGSRESPONSE_LISTFINDINGSRESULT_STATECHANGE +_LISTFINDINGSRESPONSE_LISTFINDINGSRESULT.fields_by_name[ + "resource" +].message_type = _LISTFINDINGSRESPONSE_LISTFINDINGSRESULT_RESOURCE _LISTFINDINGSRESPONSE_LISTFINDINGSRESULT.containing_type = _LISTFINDINGSRESPONSE _LISTFINDINGSRESPONSE_LISTFINDINGSRESULT_STATECHANGE.containing_type = ( _LISTFINDINGSRESPONSE_LISTFINDINGSRESULT @@ -2229,16 +2391,17 @@ Attributes: parent: - Resource name of the new finding's parent. Its format should - be "organizations/[organization\_id]/sources/[source\_id]". + Required. Resource name of the new finding's parent. Its + format should be + "organizations/[organization\_id]/sources/[source\_id]". finding_id: - Unique identifier provided by the client within the parent - scope. It must be alphanumeric and less than or equal to 32 - characters and greater than 0 characters in length. + Required. Unique identifier provided by the client within the + parent scope. It must be alphanumeric and less than or equal + to 32 characters and greater than 0 characters in length. finding: - The Finding being created. The name and security\_marks will - be ignored as they are both output only fields on this - resource. + Required. The Finding being created. The name and + security\_marks will be ignored as they are both output only + fields on this resource. """, # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1.CreateFindingRequest) ), @@ -2256,10 +2419,10 @@ Attributes: parent: - Resource name of the new source's parent. Its format should be - "organizations/[organization\_id]". + Required. Resource name of the new source's parent. Its format + should be "organizations/[organization\_id]". source: - The Source being created, only the display\_name and + Required. The Source being created, only the display\_name and description will be used. All other fields will be ignored. """, # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1.CreateSourceRequest) @@ -2278,8 +2441,8 @@ Attributes: name: - Name of the organization to get organization settings for. Its - format is + Required. Name of the organization to get organization + settings for. Its format is "organizations/[organization\_id]/organizationSettings". """, # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1.GetOrganizationSettingsRequest) @@ -2298,7 +2461,7 @@ Attributes: name: - Relative resource name of the source. Its format is + Required. Relative resource name of the source. Its format is "organizations/[organization\_id]/source/[source\_id]". """, # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1.GetSourceRequest) @@ -2317,7 +2480,7 @@ Attributes: parent: - Name of the organization to groupBy. Its format is + Required. Name of the organization to groupBy. Its format is "organizations/[organization\_id]". filter: Expression that defines the filter to apply across assets. The @@ -2336,34 +2499,47 @@ strings. The supported value types are: - string literals in quotes. - integer literals without quotes. - boolean literals ``true`` and ``false`` without quotes. The following - field and operator combinations are supported: name \| '=' - update\_time \| '=', '>', '<', '>=', '<=' Usage: This should - be milliseconds since epoch or an RFC3339 string. Examples: - "update\_time = "2019-06-10T16:07:18-07:00"" "update\_time = - 1560208038000" create\_time \| '=', '>', '<', '>=', '<=' - Usage: This should be milliseconds since epoch or an RFC3339 - string. Examples: "create\_time = "2019-06-10T16:07:18-07:00"" - "create\_time = 1560208038000" iam\_policy.policy\_blob \| - '=', ':' resource\_properties \| '=', ':', '>', '<', '>=', - '<=' security\_marks \| '=', ':' - security\_center\_properties.resource\_name \| '=', ':' - security\_center\_properties.resource\_type \| '=', ':' - security\_center\_properties.resource\_parent \| '=', ':' - security\_center\_properties.resource\_project \| '=', ':' - security\_center\_properties.resource\_owners \| '=', ':' For - example, ``resource_properties.size = 100`` is a valid filter - string. + field and operator combinations are supported: - name: ``=`` + - update\_time: ``=``, ``>``, ``<``, ``>=``, ``<=`` Usage: + This should be milliseconds since epoch or an RFC3339 string. + Examples: "update\_time = "2019-06-10T16:07:18-07:00"" + "update\_time = 1560208038000" - create\_time: ``=``, ``>``, + ``<``, ``>=``, ``<=`` Usage: This should be milliseconds + since epoch or an RFC3339 string. Examples: "create\_time = + "2019-06-10T16:07:18-07:00"" "create\_time = 1560208038000" - + iam\_policy.policy\_blob: ``=``, ``:`` - + resource\_properties: ``=``, ``:``, ``>``, ``<``, ``>=``, + ``<=`` - security\_marks.marks: ``=``, ``:`` - + security\_center\_properties.resource\_name: ``=``, ``:`` - + security\_center\_properties.resource\_display\_name: ``=``, + ``:`` - security\_center\_properties.resource\_type: ``=``, + ``:`` - security\_center\_properties.resource\_parent: ``=``, + ``:`` - + security\_center\_properties.resource\_parent\_display\_name: + ``=``, ``:`` - + security\_center\_properties.resource\_project: ``=``, ``:`` - + security\_center\_properties.resource\_project\_display\_name: + ``=``, ``:`` - + security\_center\_properties.resource\_owners: ``=``, ``:`` + For example, ``resource_properties.size = 100`` is a valid + filter string. group_by: - Expression that defines what assets fields to use for - grouping. The string value should follow SQL syntax: comma + Required. Expression that defines what assets fields to use + for grouping. The string value should follow SQL syntax: comma separated list of fields. For example: "security\_center\_prop erties.resource\_project,security\_center\_properties.project" . The following fields are supported when compare\_duration is not set: - security\_center\_properties.resource\_project + - + security\_center\_properties.resource\_project\_display\_name - security\_center\_properties.resource\_type - - security\_center\_properties.resource\_parent The following - fields are supported when compare\_duration is set: - - security\_center\_properties.resource\_type + security\_center\_properties.resource\_parent - + security\_center\_properties.resource\_parent\_display\_name + The following fields are supported when compare\_duration is + set: - security\_center\_properties.resource\_type - + security\_center\_properties.resource\_project\_display\_name + - + security\_center\_properties.resource\_parent\_display\_name compare_duration: When compare\_duration is set, the GroupResult's "state\_change" property is updated to indicate whether the @@ -2446,10 +2622,10 @@ Attributes: parent: - Name of the source to groupBy. Its format is + Required. Name of the source to groupBy. Its format is "organizations/[organization\_id]/sources/[source\_id]". To groupBy across all sources provide a source\_id of ``-``. For - example: organizations/123/sources/- + example: organizations/{organization\_id}/sources/- filter: Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined @@ -2465,23 +2641,24 @@ types are: - string literals in quotes. - integer literals without quotes. - boolean literals ``true`` and ``false`` without quotes. The following field and operator combinations - are supported: name \| ``=`` parent \| '=', ':' resource\_name - \| '=', ':' state \| '=', ':' category \| '=', ':' - external\_uri \| '=', ':' event\_time \| ``=``, ``>``, ``<``, - ``>=``, ``<=`` Usage: This should be milliseconds since epoch - or an RFC3339 string. Examples: "event\_time = - "2019-06-10T16:07:18-07:00"" "event\_time = 1560208038000" - security\_marks \| '=', ':' source\_properties \| '=', ':', - ``>``, ``<``, ``>=``, ``<=`` For example, - ``source_properties.size = 100`` is a valid filter string. + are supported: - name: ``=`` - parent: ``=``, ``:`` - + resource\_name: ``=``, ``:`` - state: ``=``, ``:`` - + category: ``=``, ``:`` - external\_uri: ``=``, ``:`` - + event\_time: ``=``, ``>``, ``<``, ``>=``, ``<=`` Usage: This + should be milliseconds since epoch or an RFC3339 string. + Examples: "event\_time = "2019-06-10T16:07:18-07:00"" + "event\_time = 1560208038000" - security\_marks.marks: + ``=``, ``:`` - source\_properties: ``=``, ``:``, ``>``, + ``<``, ``>=``, ``<=`` For example, ``source_properties.size = + 100`` is a valid filter string. group_by: - Expression that defines what assets fields to use for grouping - (including ``state_change``). The string value should follow - SQL syntax: comma separated list of fields. For example: - "parent,resource\_name". The following fields are supported: - - resource\_name - category - state - parent The - following fields are supported when compare\_duration is set: - - state\_change + Required. Expression that defines what assets fields to use + for grouping (including ``state_change``). The string value + should follow SQL syntax: comma separated list of fields. For + example: "parent,resource\_name". The following fields are + supported: - resource\_name - category - state - parent + The following fields are supported when compare\_duration is + set: - state\_change read_time: Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time @@ -2568,7 +2745,8 @@ ), DESCRIPTOR=_GROUPRESULT, __module__="google.cloud.securitycenter_v1.proto.securitycenter_service_pb2", - __doc__="""Result containing the properties and count of a groupBy request. + __doc__="""Result containing the properties and count of a groupBy + request. Attributes: @@ -2594,8 +2772,8 @@ Attributes: parent: - Resource name of the parent of sources to list. Its format - should be "organizations/[organization\_id]". + Required. Resource name of the parent of sources to list. Its + format should be "organizations/[organization\_id]". page_token: The value returned by the last ``ListSourcesResponse``; indicates that this is a continuation of a prior @@ -2642,8 +2820,8 @@ Attributes: parent: - Name of the organization assets should belong to. Its format - is "organizations/[organization\_id]". + Required. Name of the organization assets should belong to. + Its format is "organizations/[organization\_id]". filter: Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via @@ -2661,23 +2839,30 @@ strings. The supported value types are: - string literals in quotes. - integer literals without quotes. - boolean literals ``true`` and ``false`` without quotes. The following - are the allowed field and operator combinations: name \| ``=`` - update\_time \| ``=``, ``>``, ``<``, ``>=``, ``<=`` Usage: - This should be milliseconds since epoch or an RFC3339 string. - Examples: "update\_time = "2019-06-10T16:07:18-07:00"" - "update\_time = 1560208038000" create\_time \| ``=``, ``>``, + are the allowed field and operator combinations: - name: + ``=`` - update\_time: ``=``, ``>``, ``<``, ``>=``, ``<=`` + Usage: This should be milliseconds since epoch or an RFC3339 + string. Examples: "update\_time = "2019-06-10T16:07:18-07:00"" + "update\_time = 1560208038000" - create\_time: ``=``, ``>``, ``<``, ``>=``, ``<=`` Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: "create\_time = - "2019-06-10T16:07:18-07:00"" "create\_time = 1560208038000" - iam\_policy.policy\_blob \| '=', ':' resource\_properties \| - '=', ':', ``>``, ``<``, ``>=``, ``<=`` security\_marks \| '=', - ':' security\_center\_properties.resource\_name \| '=', ':' - security\_center\_properties.resource\_type \| '=', ':' - security\_center\_properties.resource\_parent \| '=', ':' - security\_center\_properties.resource\_project \| '=', ':' - security\_center\_properties.resource\_owners \| '=', ':' For - example, ``resource_properties.size = 100`` is a valid filter - string. + "2019-06-10T16:07:18-07:00"" "create\_time = 1560208038000" - + iam\_policy.policy\_blob: ``=``, ``:`` - + resource\_properties: ``=``, ``:``, ``>``, ``<``, ``>=``, + ``<=`` - security\_marks.marks: ``=``, ``:`` - + security\_center\_properties.resource\_name: ``=``, ``:`` - + security\_center\_properties.resource\_display\_name: ``=``, + ``:`` - security\_center\_properties.resource\_type: ``=``, + ``:`` - security\_center\_properties.resource\_parent: ``=``, + ``:`` - + security\_center\_properties.resource\_parent\_display\_name: + ``=``, ``:`` - + security\_center\_properties.resource\_project: ``=``, ``:`` - + security\_center\_properties.resource\_project\_display\_name: + ``=``, ``:`` - + security\_center\_properties.resource\_owners: ``=``, ``:`` + For example, ``resource_properties.size = 100`` is a valid + filter string. order_by: Expression that defines what fields and order to use for sorting. The string value should follow SQL syntax: comma @@ -2690,10 +2875,13 @@ "name desc,resource\_properties.a\_property" and " name desc , resource\_properties.a\_property " are equivalent. The following fields are supported: name update\_time - resource\_properties security\_marks + resource\_properties security\_marks.marks security\_center\_properties.resource\_name + security\_center\_properties.resource\_display\_name security\_center\_properties.resource\_parent + security\_center\_properties.resource\_parent\_display\_name security\_center\_properties.resource\_project + security\_center\_properties.resource\_project\_display\_name security\_center\_properties.resource\_type read_time: Time used as a reference point when filtering assets. The @@ -2722,7 +2910,7 @@ only possible state\_change is "UNUSED", which will be the state\_change set for all assets present at read\_time. field_mask: - Optional. A field mask to specify the ListAssetsResult fields + Optional. A field mask to specify the ListAssetsResult fields to be listed in the response. An empty field mask will list all fields. page_token: @@ -2794,10 +2982,11 @@ Attributes: parent: - Name of the source the findings belong to. Its format is + Required. Name of the source the findings belong to. Its + format is "organizations/[organization\_id]/sources/[source\_id]". To list across all sources provide a source\_id of ``-``. For - example: organizations/123/sources/- + example: organizations/{organization\_id}/sources/- filter: Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined @@ -2813,15 +3002,16 @@ types are: - string literals in quotes. - integer literals without quotes. - boolean literals ``true`` and ``false`` without quotes. The following field and operator combinations - are supported: name \| ``=`` parent \| '=', ':' resource\_name - \| '=', ':' state \| '=', ':' category \| '=', ':' - external\_uri \| '=', ':' event\_time \| ``=``, ``>``, ``<``, - ``>=``, ``<=`` Usage: This should be milliseconds since epoch - or an RFC3339 string. Examples: "event\_time = - "2019-06-10T16:07:18-07:00"" "event\_time = 1560208038000" - security\_marks \| '=', ':' source\_properties \| '=', ':', - ``>``, ``<``, ``>=``, ``<=`` For example, - ``source_properties.size = 100`` is a valid filter string. + are supported: name: ``=`` parent: ``=``, ``:`` + resource\_name: ``=``, ``:`` state: ``=``, ``:`` category: + ``=``, ``:`` external\_uri: ``=``, ``:`` event\_time: ``=``, + ``>``, ``<``, ``>=``, ``<=`` Usage: This should be + milliseconds since epoch or an RFC3339 string. Examples: + "event\_time = "2019-06-10T16:07:18-07:00"" "event\_time = + 1560208038000" security\_marks.marks: ``=``, ``:`` + source\_properties: ``=``, ``:``, ``>``, ``<``, ``>=``, ``<=`` + For example, ``source_properties.size = 100`` is a valid + filter string. order_by: Expression that defines what fields and order to use for sorting. The string value should follow SQL syntax: comma @@ -2834,7 +3024,8 @@ desc,source\_properties.a\_property" and " name desc , source\_properties.a\_property " are equivalent. The following fields are supported: name parent state category - resource\_name event\_time source\_properties security\_marks + resource\_name event\_time source\_properties + security\_marks.marks read_time: Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time @@ -2863,7 +3054,7 @@ the only possible state\_change is "UNUSED", which will be the state\_change set for all findings present at read\_time. field_mask: - Optional. A field mask to specify the Finding fields to be + Optional. A field mask to specify the Finding fields to be listed in the response. An empty field mask will list all fields. page_token: @@ -2888,6 +3079,34 @@ "ListFindingsResult", (_message.Message,), dict( + Resource=_reflection.GeneratedProtocolMessageType( + "Resource", + (_message.Message,), + dict( + DESCRIPTOR=_LISTFINDINGSRESPONSE_LISTFINDINGSRESULT_RESOURCE, + __module__="google.cloud.securitycenter_v1.proto.securitycenter_service_pb2", + __doc__="""Information related to the Google Cloud Platform (GCP) + resource that is associated with this finding. + + + Attributes: + name: + The full resource name of the resource. See: https://cloud.goo + gle.com/apis/design/resource\_names#full\_resource\_name + project_name: + The full resource name of project that the resource belongs + to. + project_display_name: + The human readable name of project that the resource belongs + to. + parent_name: + The full resource name of resource's parent. + parent_display_name: + The human readable name of resource's parent. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult.Resource) + ), + ), DESCRIPTOR=_LISTFINDINGSRESPONSE_LISTFINDINGSRESULT, __module__="google.cloud.securitycenter_v1.proto.securitycenter_service_pb2", __doc__="""Result containing the Finding and its StateChange. @@ -2898,6 +3117,8 @@ Finding matching the search request. state_change: State change of the finding between the points in time. + resource: + Output only. Resource that is associated with this finding. """, # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult) ), @@ -2923,6 +3144,7 @@ ) _sym_db.RegisterMessage(ListFindingsResponse) _sym_db.RegisterMessage(ListFindingsResponse.ListFindingsResult) +_sym_db.RegisterMessage(ListFindingsResponse.ListFindingsResult.Resource) SetFindingStateRequest = _reflection.GeneratedProtocolMessageType( "SetFindingStateRequest", @@ -2935,13 +3157,14 @@ Attributes: name: - The relative resource name of the finding. See: https://cloud. - google.com/apis/design/resource\_names#relative\_resource\_nam - e Example: "organizations/123/sources/456/finding/789". + Required. The relative resource name of the finding. See: http + s://cloud.google.com/apis/design/resource\_names#relative\_res + ource\_name Example: "organizations/{organization\_id}/sources + /{source\_id}/finding/{finding\_id}". state: - The desired State of the finding. + Required. The desired State of the finding. start_time: - The time at which the updated state takes effect. + Required. The time at which the updated state takes effect. """, # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1.SetFindingStateRequest) ), @@ -2954,13 +3177,14 @@ dict( DESCRIPTOR=_RUNASSETDISCOVERYREQUEST, __module__="google.cloud.securitycenter_v1.proto.securitycenter_service_pb2", - __doc__="""Request message for running asset discovery for an organization. + __doc__="""Request message for running asset discovery for an + organization. Attributes: parent: - Name of the organization to run asset discovery for. Its - format is "organizations/[organization\_id]". + Required. Name of the organization to run asset discovery for. + Its format is "organizations/[organization\_id]". """, # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1.RunAssetDiscoveryRequest) ), @@ -2978,11 +3202,12 @@ Attributes: finding: - The finding resource to update or create if it does not - already exist. parent, security\_marks, and update\_time will - be ignored. In the case of creation, the finding id portion - of the name must be alphanumeric and less than or equal to 32 - characters and greater than 0 characters in length. + Required. The finding resource to update or create if it does + not already exist. parent, security\_marks, and update\_time + will be ignored. In the case of creation, the finding id + portion of the name must be alphanumeric and less than or + equal to 32 characters and greater than 0 characters in + length. update_mask: The FieldMask to use when updating the finding resource. This field should not be specified when creating a finding. When @@ -3007,7 +3232,7 @@ Attributes: organization_settings: - The organization settings resource to update. + Required. The organization settings resource to update. update_mask: The FieldMask to use when updating the settings resource. If empty all mutable fields will be updated. @@ -3028,7 +3253,7 @@ Attributes: source: - The source resource to update. + Required. The source resource to update. update_mask: The FieldMask to use when updating the source resource. If empty all mutable fields will be updated. @@ -3049,7 +3274,7 @@ Attributes: security_marks: - The security marks resource to update. + Required. The security marks resource to update. update_mask: The FieldMask to use when updating the security marks resource. The field mask must not contain duplicate fields. @@ -3068,16 +3293,44 @@ DESCRIPTOR._options = None +_CREATEFINDINGREQUEST.fields_by_name["parent"]._options = None +_CREATEFINDINGREQUEST.fields_by_name["finding_id"]._options = None +_CREATEFINDINGREQUEST.fields_by_name["finding"]._options = None +_CREATESOURCEREQUEST.fields_by_name["parent"]._options = None +_CREATESOURCEREQUEST.fields_by_name["source"]._options = None +_GETORGANIZATIONSETTINGSREQUEST.fields_by_name["name"]._options = None +_GETSOURCEREQUEST.fields_by_name["name"]._options = None +_GROUPASSETSREQUEST.fields_by_name["parent"]._options = None +_GROUPASSETSREQUEST.fields_by_name["group_by"]._options = None +_GROUPFINDINGSREQUEST.fields_by_name["parent"]._options = None +_GROUPFINDINGSREQUEST.fields_by_name["group_by"]._options = None _GROUPRESULT_PROPERTIESENTRY._options = None +_LISTSOURCESREQUEST.fields_by_name["parent"]._options = None +_LISTASSETSREQUEST.fields_by_name["parent"]._options = None +_LISTASSETSREQUEST.fields_by_name["field_mask"]._options = None +_LISTFINDINGSREQUEST.fields_by_name["parent"]._options = None +_LISTFINDINGSREQUEST.fields_by_name["field_mask"]._options = None +_SETFINDINGSTATEREQUEST.fields_by_name["name"]._options = None +_SETFINDINGSTATEREQUEST.fields_by_name["state"]._options = None +_SETFINDINGSTATEREQUEST.fields_by_name["start_time"]._options = None +_RUNASSETDISCOVERYREQUEST.fields_by_name["parent"]._options = None +_UPDATEFINDINGREQUEST.fields_by_name["finding"]._options = None +_UPDATEORGANIZATIONSETTINGSREQUEST.fields_by_name[ + "organization_settings" +]._options = None +_UPDATESOURCEREQUEST.fields_by_name["source"]._options = None +_UPDATESECURITYMARKSREQUEST.fields_by_name["security_marks"]._options = None _SECURITYCENTER = _descriptor.ServiceDescriptor( name="SecurityCenter", full_name="google.cloud.securitycenter.v1.SecurityCenter", file=DESCRIPTOR, index=0, - serialized_options=None, - serialized_start=4516, - serialized_end=7860, + serialized_options=_b( + "\312A\035securitycenter.googleapis.com\322A.https://www.googleapis.com/auth/cloud-platform" + ), + serialized_start=5455, + serialized_end=9197, methods=[ _descriptor.MethodDescriptor( name="CreateSource", @@ -3087,7 +3340,7 @@ input_type=_CREATESOURCEREQUEST, output_type=google_dot_cloud_dot_securitycenter__v1_dot_proto_dot_source__pb2._SOURCE, serialized_options=_b( - '\202\323\344\223\002."$/v1/{parent=organizations/*}/sources:\006source' + '\202\323\344\223\002."$/v1/{parent=organizations/*}/sources:\006source\332A\rparent,source' ), ), _descriptor.MethodDescriptor( @@ -3098,7 +3351,7 @@ input_type=_CREATEFINDINGREQUEST, output_type=google_dot_cloud_dot_securitycenter__v1_dot_proto_dot_finding__pb2._FINDING, serialized_options=_b( - '\202\323\344\223\002:"//v1/{parent=organizations/*/sources/*}/findings:\007finding' + '\202\323\344\223\002:"//v1/{parent=organizations/*/sources/*}/findings:\007finding\332A\031parent,finding_id,finding' ), ), _descriptor.MethodDescriptor( @@ -3109,7 +3362,7 @@ input_type=google_dot_iam_dot_v1_dot_iam__policy__pb2._GETIAMPOLICYREQUEST, output_type=google_dot_iam_dot_v1_dot_policy__pb2._POLICY, serialized_options=_b( - '\202\323\344\223\002:"5/v1/{resource=organizations/*/sources/*}:getIamPolicy:\001*' + '\202\323\344\223\002:"5/v1/{resource=organizations/*/sources/*}:getIamPolicy:\001*\332A\010resource' ), ), _descriptor.MethodDescriptor( @@ -3120,7 +3373,7 @@ input_type=_GETORGANIZATIONSETTINGSREQUEST, output_type=google_dot_cloud_dot_securitycenter__v1_dot_proto_dot_organization__settings__pb2._ORGANIZATIONSETTINGS, serialized_options=_b( - "\202\323\344\223\0021\022//v1/{name=organizations/*/organizationSettings}" + "\202\323\344\223\0021\022//v1/{name=organizations/*/organizationSettings}\332A\004name" ), ), _descriptor.MethodDescriptor( @@ -3131,7 +3384,7 @@ input_type=_GETSOURCEREQUEST, output_type=google_dot_cloud_dot_securitycenter__v1_dot_proto_dot_source__pb2._SOURCE, serialized_options=_b( - "\202\323\344\223\002&\022$/v1/{name=organizations/*/sources/*}" + "\202\323\344\223\002&\022$/v1/{name=organizations/*/sources/*}\332A\004name" ), ), _descriptor.MethodDescriptor( @@ -3153,7 +3406,7 @@ input_type=_GROUPFINDINGSREQUEST, output_type=_GROUPFINDINGSRESPONSE, serialized_options=_b( - '\202\323\344\223\002:"5/v1/{parent=organizations/*/sources/*}/findings:group:\001*' + '\202\323\344\223\002:"5/v1/{parent=organizations/*/sources/*}/findings:group:\001*\332A\017parent,group_by' ), ), _descriptor.MethodDescriptor( @@ -3186,7 +3439,7 @@ input_type=_LISTSOURCESREQUEST, output_type=_LISTSOURCESRESPONSE, serialized_options=_b( - "\202\323\344\223\002&\022$/v1/{parent=organizations/*}/sources" + "\202\323\344\223\002&\022$/v1/{parent=organizations/*}/sources\332A\006parent" ), ), _descriptor.MethodDescriptor( @@ -3197,7 +3450,7 @@ input_type=_RUNASSETDISCOVERYREQUEST, output_type=google_dot_longrunning_dot_operations__pb2._OPERATION, serialized_options=_b( - '\202\323\344\223\0025"0/v1/{parent=organizations/*}/assets:runDiscovery:\001*' + '\202\323\344\223\0025"0/v1/{parent=organizations/*}/assets:runDiscovery:\001*\332A\006parent\312AQ\n8google.cloud.securitycenter.v1.RunAssetDiscoveryResponse\022\025google.protobuf.Empty' ), ), _descriptor.MethodDescriptor( @@ -3208,7 +3461,7 @@ input_type=_SETFINDINGSTATEREQUEST, output_type=google_dot_cloud_dot_securitycenter__v1_dot_proto_dot_finding__pb2._FINDING, serialized_options=_b( - '\202\323\344\223\002="8/v1/{name=organizations/*/sources/*/findings/*}:setState:\001*' + '\202\323\344\223\002="8/v1/{name=organizations/*/sources/*/findings/*}:setState:\001*\332A\025name,state,start_time' ), ), _descriptor.MethodDescriptor( @@ -3219,7 +3472,7 @@ input_type=google_dot_iam_dot_v1_dot_iam__policy__pb2._SETIAMPOLICYREQUEST, output_type=google_dot_iam_dot_v1_dot_policy__pb2._POLICY, serialized_options=_b( - '\202\323\344\223\002:"5/v1/{resource=organizations/*/sources/*}:setIamPolicy:\001*' + '\202\323\344\223\002:"5/v1/{resource=organizations/*/sources/*}:setIamPolicy:\001*\332A\017resource,policy' ), ), _descriptor.MethodDescriptor( @@ -3230,7 +3483,7 @@ input_type=google_dot_iam_dot_v1_dot_iam__policy__pb2._TESTIAMPERMISSIONSREQUEST, output_type=google_dot_iam_dot_v1_dot_iam__policy__pb2._TESTIAMPERMISSIONSRESPONSE, serialized_options=_b( - '\202\323\344\223\002@";/v1/{resource=organizations/*/sources/*}:testIamPermissions:\001*' + '\202\323\344\223\002@";/v1/{resource=organizations/*/sources/*}:testIamPermissions:\001*\332A\024resource,permissions' ), ), _descriptor.MethodDescriptor( @@ -3241,7 +3494,7 @@ input_type=_UPDATEFINDINGREQUEST, output_type=google_dot_cloud_dot_securitycenter__v1_dot_proto_dot_finding__pb2._FINDING, serialized_options=_b( - "\202\323\344\223\002B27/v1/{finding.name=organizations/*/sources/*/findings/*}:\007finding" + "\202\323\344\223\002B27/v1/{finding.name=organizations/*/sources/*/findings/*}:\007finding\332A\007finding" ), ), _descriptor.MethodDescriptor( @@ -3252,7 +3505,7 @@ input_type=_UPDATEORGANIZATIONSETTINGSREQUEST, output_type=google_dot_cloud_dot_securitycenter__v1_dot_proto_dot_organization__settings__pb2._ORGANIZATIONSETTINGS, serialized_options=_b( - "\202\323\344\223\002^2E/v1/{organization_settings.name=organizations/*/organizationSettings}:\025organization_settings" + "\202\323\344\223\002^2E/v1/{organization_settings.name=organizations/*/organizationSettings}:\025organization_settings\332A\025organization_settings" ), ), _descriptor.MethodDescriptor( @@ -3263,7 +3516,7 @@ input_type=_UPDATESOURCEREQUEST, output_type=google_dot_cloud_dot_securitycenter__v1_dot_proto_dot_source__pb2._SOURCE, serialized_options=_b( - "\202\323\344\223\00252+/v1/{source.name=organizations/*/sources/*}:\006source" + "\202\323\344\223\00252+/v1/{source.name=organizations/*/sources/*}:\006source\332A\006source" ), ), _descriptor.MethodDescriptor( @@ -3274,7 +3527,7 @@ input_type=_UPDATESECURITYMARKSREQUEST, output_type=google_dot_cloud_dot_securitycenter__v1_dot_proto_dot_security__marks__pb2._SECURITYMARKS, serialized_options=_b( - "\202\323\344\223\002\262\0012@/v1/{security_marks.name=organizations/*/assets/*/securityMarks}:\016security_marksZ^2L/v1/{security_marks.name=organizations/*/sources/*/findings/*/securityMarks}:\016security_marks" + "\202\323\344\223\002\262\0012@/v1/{security_marks.name=organizations/*/assets/*/securityMarks}:\016security_marksZ^2L/v1/{security_marks.name=organizations/*/sources/*/findings/*/securityMarks}:\016security_marks\332A\016security_marks" ), ), ], diff --git a/google/cloud/securitycenter_v1/proto/securitycenter_service_pb2_grpc.py b/google/cloud/securitycenter_v1/proto/securitycenter_service_pb2_grpc.py index 5a710c7a..af875d94 100644 --- a/google/cloud/securitycenter_v1/proto/securitycenter_service_pb2_grpc.py +++ b/google/cloud/securitycenter_v1/proto/securitycenter_service_pb2_grpc.py @@ -178,7 +178,7 @@ def GroupFindings(self, request, context): specified properties. To group across all sources provide a `-` as the source id. - Example: /v1/organizations/123/sources/-/findings + Example: /v1/organizations/{organization_id}/sources/-/findings """ context.set_code(grpc.StatusCode.UNIMPLEMENTED) context.set_details("Method not implemented!") @@ -195,7 +195,7 @@ def ListFindings(self, request, context): """Lists an organization or source's findings. To list across all sources provide a `-` as the source id. - Example: /v1/organizations/123/sources/-/findings + Example: /v1/organizations/{organization_id}/sources/-/findings """ context.set_code(grpc.StatusCode.UNIMPLEMENTED) context.set_details("Method not implemented!") diff --git a/google/cloud/securitycenter_v1/proto/source.proto b/google/cloud/securitycenter_v1/proto/source.proto index 26b0d5a6..d26e042f 100644 --- a/google/cloud/securitycenter_v1/proto/source.proto +++ b/google/cloud/securitycenter_v1/proto/source.proto @@ -17,6 +17,7 @@ syntax = "proto3"; package google.cloud.securitycenter.v1; +import "google/api/resource.proto"; import "google/api/annotations.proto"; option csharp_namespace = "Google.Cloud.SecurityCenter.V1"; @@ -28,31 +29,33 @@ option ruby_package = "Google::Cloud::SecurityCenter::V1"; // Cloud Security Command Center's (Cloud SCC) finding source. A finding source // is an entity or a mechanism that can produce a finding. A source is like a -// container of findings that come from the same scanner, logger, monitor, etc. +// container of findings that come from the same scanner, logger, monitor, and +// other tools. message Source { + option (google.api.resource) = { + type: "securitycenter.googleapis.com/Source" + pattern: "organizations/{organization}/sources/{source}" + }; + // The relative resource name of this source. See: // https://cloud.google.com/apis/design/resource_names#relative_resource_name // Example: - // "organizations/123/sources/456" + // "organizations/{organization_id}/sources/{source_id}" string name = 1; - // The source’s display name. - // A source’s display name must be unique amongst its siblings, for example, + // The source's display name. + // A source's display name must be unique amongst its siblings, for example, // two sources with the same parent can't share the same display name. - // The display name must start and end with a letter or digit, may contain - // letters, digits, spaces, hyphens, and underscores, and can be no longer - // than 32 characters. This is captured by the regular expression: - // [\p{L}\p{N}]({\p{L}\p{N}_- ]{0,30}[\p{L}\p{N}])?. + // The display name must have a length between 1 and 64 characters + // (inclusive). string display_name = 2; // The description of the source (max of 1024 characters). // Example: - // "Cloud Security Scanner is a web security scanner for common + // "Web Security Scanner is a web security scanner for common // vulnerabilities in App Engine applications. It can automatically // scan and detect four common vulnerabilities, including cross-site-scripting // (XSS), Flash injection, mixed content (HTTP in HTTPS), and - // outdated/insecure libraries." + // outdated or insecure libraries." string description = 3; - - reserved 4; } diff --git a/google/cloud/securitycenter_v1/proto/source_pb2.py b/google/cloud/securitycenter_v1/proto/source_pb2.py index 0e0363af..c8d99874 100644 --- a/google/cloud/securitycenter_v1/proto/source_pb2.py +++ b/google/cloud/securitycenter_v1/proto/source_pb2.py @@ -15,6 +15,7 @@ _sym_db = _symbol_database.Default() +from google.api import resource_pb2 as google_dot_api_dot_resource__pb2 from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 @@ -26,9 +27,12 @@ '\n"com.google.cloud.securitycenter.v1P\001ZLgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter\252\002\036Google.Cloud.SecurityCenter.V1\312\002\036Google\\Cloud\\SecurityCenter\\V1\352\002!Google::Cloud::SecurityCenter::V1' ), serialized_pb=_b( - '\n1google/cloud/securitycenter_v1/proto/source.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a\x1cgoogle/api/annotations.proto"G\n\x06Source\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x14\n\x0c\x64isplay_name\x18\x02 \x01(\t\x12\x13\n\x0b\x64\x65scription\x18\x03 \x01(\tJ\x04\x08\x04\x10\x05\x42\xda\x01\n"com.google.cloud.securitycenter.v1P\x01ZLgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3' + '\n1google/cloud/securitycenter_v1/proto/source.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a\x19google/api/resource.proto\x1a\x1cgoogle/api/annotations.proto"\x9b\x01\n\x06Source\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x14\n\x0c\x64isplay_name\x18\x02 \x01(\t\x12\x13\n\x0b\x64\x65scription\x18\x03 \x01(\t:X\xea\x41U\n$securitycenter.googleapis.com/Source\x12-organizations/{organization}/sources/{source}B\xda\x01\n"com.google.cloud.securitycenter.v1P\x01ZLgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3' ), - dependencies=[google_dot_api_dot_annotations__pb2.DESCRIPTOR,], + dependencies=[ + google_dot_api_dot_resource__pb2.DESCRIPTOR, + google_dot_api_dot_annotations__pb2.DESCRIPTOR, + ], ) @@ -97,13 +101,15 @@ extensions=[], nested_types=[], enum_types=[], - serialized_options=None, + serialized_options=_b( + "\352AU\n$securitycenter.googleapis.com/Source\022-organizations/{organization}/sources/{source}" + ), is_extendable=False, syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=115, - serialized_end=186, + serialized_start=143, + serialized_end=298, ) DESCRIPTOR.message_types_by_name["Source"] = _SOURCE @@ -115,33 +121,31 @@ dict( DESCRIPTOR=_SOURCE, __module__="google.cloud.securitycenter_v1.proto.source_pb2", - __doc__="""Cloud Security Command Center's (Cloud SCC) finding source. A finding - source is an entity or a mechanism that can produce a finding. A source - is like a container of findings that come from the same scanner, logger, - monitor, etc. + __doc__="""Cloud Security Command Center's (Cloud SCC) finding + source. A finding source is an entity or a mechanism that can produce a + finding. A source is like a container of findings that come from the + same scanner, logger, monitor, and other tools. Attributes: name: The relative resource name of this source. See: https://cloud. google.com/apis/design/resource\_names#relative\_resource\_nam - e Example: "organizations/123/sources/456" + e Example: + "organizations/{organization\_id}/sources/{source\_id}" display_name: - The source’s display name. A source’s display name must be + The source's display name. A source's display name must be unique amongst its siblings, for example, two sources with the same parent can't share the same display name. The display - name must start and end with a letter or digit, may contain - letters, digits, spaces, hyphens, and underscores, and can be - no longer than 32 characters. This is captured by the regular - expression: `:raw-latex:`\p{L}`:raw-latex:`\p{N}` <%7B\p%7BL%7 - D\p%7BN%7D_-%20%5D%7B0,30%7D%5B\p%7BL%7D\p%7BN%7D%5D>`__?. + name must have a length between 1 and 64 characters + (inclusive). description: The description of the source (max of 1024 characters). - Example: "Cloud Security Scanner is a web security scanner for + Example: "Web Security Scanner is a web security scanner for common vulnerabilities in App Engine applications. It can automatically scan and detect four common vulnerabilities, including cross-site-scripting (XSS), Flash injection, mixed - content (HTTP in HTTPS), and outdated/insecure libraries." + content (HTTP in HTTPS), and outdated or insecure libraries." """, # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1.Source) ), @@ -150,4 +154,5 @@ DESCRIPTOR._options = None +_SOURCE._options = None # @@protoc_insertion_point(module_scope) diff --git a/google/cloud/securitycenter_v1/types.py b/google/cloud/securitycenter_v1/types.py index 10c2f93d..6c434f27 100644 --- a/google/cloud/securitycenter_v1/types.py +++ b/google/cloud/securitycenter_v1/types.py @@ -1,6 +1,6 @@ # -*- coding: utf-8 -*- # -# Copyright 2019 Google LLC +# Copyright 2020 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/google/cloud/securitycenter_v1beta1/__init__.py b/google/cloud/securitycenter_v1beta1/__init__.py index 15ad4154..9d4fb848 100644 --- a/google/cloud/securitycenter_v1beta1/__init__.py +++ b/google/cloud/securitycenter_v1beta1/__init__.py @@ -1,6 +1,6 @@ # -*- coding: utf-8 -*- # -# Copyright 2019 Google LLC +# Copyright 2020 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,12 +16,23 @@ from __future__ import absolute_import +import sys +import warnings from google.cloud.securitycenter_v1beta1 import types from google.cloud.securitycenter_v1beta1.gapic import enums from google.cloud.securitycenter_v1beta1.gapic import security_center_client +if sys.version_info[:2] == (2, 7): + message = ( + "A future version of this library will drop support for Python 2.7." + "More details about Python 2 support for Google Cloud Client Libraries" + "can be found at https://cloud.google.com/python/docs/python2-sunset/" + ) + warnings.warn(message, DeprecationWarning) + + class SecurityCenterClient(security_center_client.SecurityCenterClient): __doc__ = security_center_client.SecurityCenterClient.__doc__ enums = enums diff --git a/google/cloud/securitycenter_v1beta1/gapic/enums.py b/google/cloud/securitycenter_v1beta1/gapic/enums.py index 20e5d1c7..26ae8e32 100644 --- a/google/cloud/securitycenter_v1beta1/gapic/enums.py +++ b/google/cloud/securitycenter_v1beta1/gapic/enums.py @@ -1,6 +1,6 @@ # -*- coding: utf-8 -*- # -# Copyright 2019 Google LLC +# Copyright 2020 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/google/cloud/securitycenter_v1beta1/gapic/security_center_client.py b/google/cloud/securitycenter_v1beta1/gapic/security_center_client.py index 1e0535b0..badf0e39 100644 --- a/google/cloud/securitycenter_v1beta1/gapic/security_center_client.py +++ b/google/cloud/securitycenter_v1beta1/gapic/security_center_client.py @@ -1,6 +1,6 @@ # -*- coding: utf-8 -*- # -# Copyright 2019 Google LLC +# Copyright 2020 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -279,10 +279,10 @@ def create_source( >>> response = client.create_source(parent, source) Args: - parent (str): Resource name of the new source's parent. Its format should be + parent (str): Required. Resource name of the new source's parent. Its format should be "organizations/[organization\_id]". - source (Union[dict, ~google.cloud.securitycenter_v1beta1.types.Source]): The Source being created, only the display\_name and description will be - used. All other fields will be ignored. + source (Union[dict, ~google.cloud.securitycenter_v1beta1.types.Source]): Required. The Source being created, only the display\_name and + description will be used. All other fields will be ignored. If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.securitycenter_v1beta1.types.Source` @@ -365,13 +365,13 @@ def create_finding( >>> response = client.create_finding(parent, finding_id, finding) Args: - parent (str): Resource name of the new finding's parent. Its format should be - "organizations/[organization\_id]/sources/[source\_id]". - finding_id (str): Unique identifier provided by the client within the parent scope. + parent (str): Required. Resource name of the new finding's parent. Its format should + be "organizations/[organization\_id]/sources/[source\_id]". + finding_id (str): Required. Unique identifier provided by the client within the parent scope. It must be alphanumeric and less than or equal to 32 characters and greater than 0 characters in length. - finding (Union[dict, ~google.cloud.securitycenter_v1beta1.types.Finding]): The Finding being created. The name and security\_marks will be ignored - as they are both output only fields on this resource. + finding (Union[dict, ~google.cloud.securitycenter_v1beta1.types.Finding]): Required. The Finding being created. The name and security\_marks will + be ignored as they are both output only fields on this resource. If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.securitycenter_v1beta1.types.Finding` @@ -523,8 +523,8 @@ def get_organization_settings( >>> response = client.get_organization_settings(name) Args: - name (str): Name of the organization to get organization settings for. Its format is - "organizations/[organization\_id]/organizationSettings". + name (str): Required. Name of the organization to get organization settings for. Its + format is "organizations/[organization\_id]/organizationSettings". retry (Optional[google.api_core.retry.Retry]): A retry object used to retry requests. If ``None`` is specified, requests will be retried using a default configuration. @@ -593,7 +593,7 @@ def get_source( >>> response = client.get_source(name) Args: - name (str): Relative resource name of the source. Its format is + name (str): Required. Relative resource name of the source. Its format is "organizations/[organization\_id]/source/[source\_id]". retry (Optional[google.api_core.retry.Retry]): A retry object used to retry requests. If ``None`` is specified, requests will @@ -684,11 +684,11 @@ def group_assets( ... pass Args: - parent (str): Name of the organization to groupBy. Its format is + parent (str): Required. Name of the organization to groupBy. Its format is "organizations/[organization\_id]". - group_by (str): Expression that defines what assets fields to use for grouping. The - string value should follow SQL syntax: comma separated list of fields. - For example: + group_by (str): Required. Expression that defines what assets fields to use for + grouping. The string value should follow SQL syntax: comma separated + list of fields. For example: "security\_center\_properties.resource\_project,security\_center\_properties.project". The following fields are supported when compare\_duration is not set: @@ -850,7 +850,7 @@ def group_findings( specified properties. To group across all sources provide a ``-`` as the source id. Example: - /v1beta1/organizations/123/sources/-/findings + /v1beta1/organizations/{organization\_id}/sources/-/findings Example: >>> from google.cloud import securitycenter_v1beta1 @@ -877,11 +877,11 @@ def group_findings( ... pass Args: - parent (str): Name of the source to groupBy. Its format is + parent (str): Required. Name of the source to groupBy. Its format is "organizations/[organization\_id]/sources/[source\_id]". To groupBy across all sources provide a source\_id of ``-``. For example: - organizations/123/sources/- - group_by (str): Expression that defines what assets fields to use for grouping + organizations/{organization\_id}/sources/- + group_by (str): Required. Expression that defines what assets fields to use for grouping (including ``state``). The string value should follow SQL syntax: comma separated list of fields. For example: "parent,resource\_name". @@ -1034,8 +1034,8 @@ def list_assets( ... pass Args: - parent (str): Name of the organization assets should belong to. Its format is - "organizations/[organization\_id]". + parent (str): Required. Name of the organization assets should belong to. Its format + is "organizations/[organization\_id]". filter_ (str): Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators ``AND`` and ``OR``. Parentheses are not supported, and ``OR`` @@ -1106,9 +1106,7 @@ def list_assets( If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.securitycenter_v1beta1.types.Duration` - field_mask (Union[dict, ~google.cloud.securitycenter_v1beta1.types.FieldMask]): Optional. - - A field mask to specify the ListAssetsResult fields to be listed in the + field_mask (Union[dict, ~google.cloud.securitycenter_v1beta1.types.FieldMask]): Optional. A field mask to specify the ListAssetsResult fields to be listed in the response. An empty field mask will list all fields. @@ -1205,7 +1203,7 @@ def list_findings( Lists an organization or source's findings. To list across all sources provide a ``-`` as the source id. Example: - /v1beta1/organizations/123/sources/-/findings + /v1beta1/organizations/{organization\_id}/sources/-/findings Example: >>> from google.cloud import securitycenter_v1beta1 @@ -1229,10 +1227,10 @@ def list_findings( ... pass Args: - parent (str): Name of the source the findings belong to. Its format is + parent (str): Required. Name of the source the findings belong to. Its format is "organizations/[organization\_id]/sources/[source\_id]". To list across all sources provide a source\_id of ``-``. For example: - organizations/123/sources/- + organizations/{organization\_id}/sources/- filter_ (str): Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators ``AND`` and ``OR``. Parentheses are not supported, and ``OR`` @@ -1273,9 +1271,7 @@ def list_findings( If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.securitycenter_v1beta1.types.Timestamp` - field_mask (Union[dict, ~google.cloud.securitycenter_v1beta1.types.FieldMask]): Optional. - - A field mask to specify the Finding fields to be listed in the response. + field_mask (Union[dict, ~google.cloud.securitycenter_v1beta1.types.FieldMask]): Optional. A field mask to specify the Finding fields to be listed in the response. An empty field mask will list all fields. If a dict is provided, it must be of the same form as the protobuf @@ -1387,8 +1383,8 @@ def list_sources( ... pass Args: - parent (str): Resource name of the parent of sources to list. Its format should be - "organizations/[organization\_id]". + parent (str): Required. Resource name of the parent of sources to list. Its format + should be "organizations/[organization\_id]". page_size (int): The maximum number of resources contained in the underlying API response. If page streaming is performed per- resource, this parameter does not affect the return value. If page @@ -1492,8 +1488,8 @@ def run_asset_discovery( >>> metadata = response.metadata() Args: - parent (str): Name of the organization to run asset discovery for. Its format is - "organizations/[organization\_id]". + parent (str): Required. Name of the organization to run asset discovery for. Its + format is "organizations/[organization\_id]". retry (Optional[google.api_core.retry.Retry]): A retry object used to retry requests. If ``None`` is specified, requests will be retried using a default configuration. @@ -1577,11 +1573,12 @@ def set_finding_state( >>> response = client.set_finding_state(name, state, start_time) Args: - name (str): The relative resource name of the finding. See: + name (str): Required. The relative resource name of the finding. See: https://cloud.google.com/apis/design/resource\_names#relative\_resource\_name - Example: "organizations/123/sources/456/finding/789". - state (~google.cloud.securitycenter_v1beta1.types.State): The desired State of the finding. - start_time (Union[dict, ~google.cloud.securitycenter_v1beta1.types.Timestamp]): The time at which the updated state takes effect. + Example: + "organizations/{organization\_id}/sources/{source\_id}/finding/{finding\_id}". + state (~google.cloud.securitycenter_v1beta1.types.State): Required. The desired State of the finding. + start_time (Union[dict, ~google.cloud.securitycenter_v1beta1.types.Timestamp]): Required. The time at which the updated state takes effect. If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.securitycenter_v1beta1.types.Timestamp` @@ -1819,8 +1816,9 @@ def update_finding( >>> response = client.update_finding(finding) Args: - finding (Union[dict, ~google.cloud.securitycenter_v1beta1.types.Finding]): The finding resource to update or create if it does not already exist. - parent, security\_marks, and update\_time will be ignored. + finding (Union[dict, ~google.cloud.securitycenter_v1beta1.types.Finding]): Required. The finding resource to update or create if it does not + already exist. parent, security\_marks, and update\_time will be + ignored. In the case of creation, the finding id portion of the name must alphanumeric and less than or equal to 32 characters and greater than 0 @@ -1905,7 +1903,7 @@ def update_organization_settings( >>> response = client.update_organization_settings(organization_settings) Args: - organization_settings (Union[dict, ~google.cloud.securitycenter_v1beta1.types.OrganizationSettings]): The organization settings resource to update. + organization_settings (Union[dict, ~google.cloud.securitycenter_v1beta1.types.OrganizationSettings]): Required. The organization settings resource to update. If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.securitycenter_v1beta1.types.OrganizationSettings` @@ -1989,7 +1987,7 @@ def update_source( >>> response = client.update_source(source) Args: - source (Union[dict, ~google.cloud.securitycenter_v1beta1.types.Source]): The source resource to update. + source (Union[dict, ~google.cloud.securitycenter_v1beta1.types.Source]): Required. The source resource to update. If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.securitycenter_v1beta1.types.Source` @@ -2070,7 +2068,7 @@ def update_security_marks( >>> response = client.update_security_marks(security_marks) Args: - security_marks (Union[dict, ~google.cloud.securitycenter_v1beta1.types.SecurityMarks]): The security marks resource to update. + security_marks (Union[dict, ~google.cloud.securitycenter_v1beta1.types.SecurityMarks]): Required. The security marks resource to update. If a dict is provided, it must be of the same form as the protobuf message :class:`~google.cloud.securitycenter_v1beta1.types.SecurityMarks` diff --git a/google/cloud/securitycenter_v1beta1/gapic/transports/security_center_grpc_transport.py b/google/cloud/securitycenter_v1beta1/gapic/transports/security_center_grpc_transport.py index a7ea7505..7132ba25 100644 --- a/google/cloud/securitycenter_v1beta1/gapic/transports/security_center_grpc_transport.py +++ b/google/cloud/securitycenter_v1beta1/gapic/transports/security_center_grpc_transport.py @@ -1,6 +1,6 @@ # -*- coding: utf-8 -*- # -# Copyright 2019 Google LLC +# Copyright 2020 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -208,7 +208,7 @@ def group_findings(self): specified properties. To group across all sources provide a ``-`` as the source id. Example: - /v1beta1/organizations/123/sources/-/findings + /v1beta1/organizations/{organization\_id}/sources/-/findings Returns: Callable: A callable which accepts the appropriate @@ -237,7 +237,7 @@ def list_findings(self): Lists an organization or source's findings. To list across all sources provide a ``-`` as the source id. Example: - /v1beta1/organizations/123/sources/-/findings + /v1beta1/organizations/{organization\_id}/sources/-/findings Returns: Callable: A callable which accepts the appropriate diff --git a/google/cloud/securitycenter_v1beta1/proto/asset.proto b/google/cloud/securitycenter_v1beta1/proto/asset.proto index 3dd5b358..85d0e090 100644 --- a/google/cloud/securitycenter_v1beta1/proto/asset.proto +++ b/google/cloud/securitycenter_v1beta1/proto/asset.proto @@ -1,4 +1,4 @@ -// Copyright 2018 Google LLC. +// Copyright 2019 Google LLC. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,10 +17,11 @@ syntax = "proto3"; package google.cloud.securitycenter.v1beta1; -import "google/api/annotations.proto"; +import "google/api/field_behavior.proto"; import "google/cloud/securitycenter/v1beta1/security_marks.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/timestamp.proto"; +import "google/api/annotations.proto"; option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1beta1;securitycenter"; option java_multiple_files = true; @@ -36,10 +37,10 @@ message Asset { // Cloud SCC managed properties. These properties are managed by Cloud SCC and // cannot be modified by the user. message SecurityCenterProperties { - // The full resource name of the GCP resource this asset + // Immutable. The full resource name of the GCP resource this asset // represents. This field is immutable after create time. See: // https://cloud.google.com/apis/design/resource_names#full_resource_name - string resource_name = 1; + string resource_name = 1 [(google.api.field_behavior) = IMMUTABLE]; // The type of the GCP resource. Examples include: APPLICATION, // PROJECT, and ORGANIZATION. This is a case insensitive field defined by @@ -62,7 +63,7 @@ message Asset { // The relative resource name of this asset. See: // https://cloud.google.com/apis/design/resource_names#relative_resource_name // Example: - // "organizations/123/assets/456". + // "organizations/{organization_id}/assets/{asset_id}". string name = 1; // Cloud SCC managed properties. These properties are managed by diff --git a/google/cloud/securitycenter_v1beta1/proto/asset_pb2.py b/google/cloud/securitycenter_v1beta1/proto/asset_pb2.py index 82106ac4..ee512309 100644 --- a/google/cloud/securitycenter_v1beta1/proto/asset_pb2.py +++ b/google/cloud/securitycenter_v1beta1/proto/asset_pb2.py @@ -15,12 +15,13 @@ _sym_db = _symbol_database.Default() -from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 +from google.api import field_behavior_pb2 as google_dot_api_dot_field__behavior__pb2 from google.cloud.securitycenter_v1beta1.proto import ( security_marks_pb2 as google_dot_cloud_dot_securitycenter__v1beta1_dot_proto_dot_security__marks__pb2, ) from google.protobuf import struct_pb2 as google_dot_protobuf_dot_struct__pb2 from google.protobuf import timestamp_pb2 as google_dot_protobuf_dot_timestamp__pb2 +from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 DESCRIPTOR = _descriptor.FileDescriptor( @@ -31,13 +32,14 @@ "\n'com.google.cloud.securitycenter.v1beta1P\001ZQgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1beta1;securitycenter" ), serialized_pb=_b( - "\n5google/cloud/securitycenter_v1beta1/proto/asset.proto\x12#google.cloud.securitycenter.v1beta1\x1a\x1cgoogle/api/annotations.proto\x1a>google/cloud/securitycenter_v1beta1/proto/security_marks.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a\x1fgoogle/protobuf/timestamp.proto\"\xf7\x04\n\x05\x41sset\x12\x0c\n\x04name\x18\x01 \x01(\t\x12g\n\x1asecurity_center_properties\x18\x02 \x01(\x0b\x32\x43.google.cloud.securitycenter.v1beta1.Asset.SecurityCenterProperties\x12_\n\x13resource_properties\x18\x07 \x03(\x0b\x32\x42.google.cloud.securitycenter.v1beta1.Asset.ResourcePropertiesEntry\x12J\n\x0esecurity_marks\x18\x08 \x01(\x0b\x32\x32.google.cloud.securitycenter.v1beta1.SecurityMarks\x12/\n\x0b\x63reate_time\x18\t \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12/\n\x0bupdate_time\x18\n \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x1a\x94\x01\n\x18SecurityCenterProperties\x12\x15\n\rresource_name\x18\x01 \x01(\t\x12\x15\n\rresource_type\x18\x02 \x01(\t\x12\x17\n\x0fresource_parent\x18\x03 \x01(\t\x12\x18\n\x10resource_project\x18\x04 \x01(\t\x12\x17\n\x0fresource_owners\x18\x05 \x03(\t\x1aQ\n\x17ResourcePropertiesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12%\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.Value:\x02\x38\x01\x42~\n'com.google.cloud.securitycenter.v1beta1P\x01ZQgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1beta1;securitycenterb\x06proto3" + "\n5google/cloud/securitycenter_v1beta1/proto/asset.proto\x12#google.cloud.securitycenter.v1beta1\x1a\x1fgoogle/api/field_behavior.proto\x1a>google/cloud/securitycenter_v1beta1/proto/security_marks.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a\x1fgoogle/protobuf/timestamp.proto\x1a\x1cgoogle/api/annotations.proto\"\xfc\x04\n\x05\x41sset\x12\x0c\n\x04name\x18\x01 \x01(\t\x12g\n\x1asecurity_center_properties\x18\x02 \x01(\x0b\x32\x43.google.cloud.securitycenter.v1beta1.Asset.SecurityCenterProperties\x12_\n\x13resource_properties\x18\x07 \x03(\x0b\x32\x42.google.cloud.securitycenter.v1beta1.Asset.ResourcePropertiesEntry\x12J\n\x0esecurity_marks\x18\x08 \x01(\x0b\x32\x32.google.cloud.securitycenter.v1beta1.SecurityMarks\x12/\n\x0b\x63reate_time\x18\t \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12/\n\x0bupdate_time\x18\n \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x1a\x99\x01\n\x18SecurityCenterProperties\x12\x1a\n\rresource_name\x18\x01 \x01(\tB\x03\xe0\x41\x05\x12\x15\n\rresource_type\x18\x02 \x01(\t\x12\x17\n\x0fresource_parent\x18\x03 \x01(\t\x12\x18\n\x10resource_project\x18\x04 \x01(\t\x12\x17\n\x0fresource_owners\x18\x05 \x03(\t\x1aQ\n\x17ResourcePropertiesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12%\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.Value:\x02\x38\x01\x42~\n'com.google.cloud.securitycenter.v1beta1P\x01ZQgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1beta1;securitycenterb\x06proto3" ), dependencies=[ - google_dot_api_dot_annotations__pb2.DESCRIPTOR, + google_dot_api_dot_field__behavior__pb2.DESCRIPTOR, google_dot_cloud_dot_securitycenter__v1beta1_dot_proto_dot_security__marks__pb2.DESCRIPTOR, google_dot_protobuf_dot_struct__pb2.DESCRIPTOR, google_dot_protobuf_dot_timestamp__pb2.DESCRIPTOR, + google_dot_api_dot_annotations__pb2.DESCRIPTOR, ], ) @@ -64,7 +66,7 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b("\340A\005"), file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -148,8 +150,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=652, - serialized_end=800, + serialized_start=685, + serialized_end=838, ) _ASSET_RESOURCEPROPERTIESENTRY = _descriptor.Descriptor( @@ -204,8 +206,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=802, - serialized_end=883, + serialized_start=840, + serialized_end=921, ) _ASSET = _descriptor.Descriptor( @@ -332,8 +334,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=252, - serialized_end=883, + serialized_start=285, + serialized_end=921, ) _ASSET_SECURITYCENTERPROPERTIES.containing_type = _ASSET @@ -371,16 +373,16 @@ dict( DESCRIPTOR=_ASSET_SECURITYCENTERPROPERTIES, __module__="google.cloud.securitycenter_v1beta1.proto.asset_pb2", - __doc__="""Cloud SCC managed properties. These properties are managed by Cloud SCC - and cannot be modified by the user. + __doc__="""Cloud SCC managed properties. These properties are managed + by Cloud SCC and cannot be modified by the user. Attributes: resource_name: - The full resource name of the GCP resource this asset - represents. This field is immutable after create time. See: ht - tps://cloud.google.com/apis/design/resource\_names#full\_resou - rce\_name + Immutable. The full resource name of the GCP resource this + asset represents. This field is immutable after create time. + See: https://cloud.google.com/apis/design/resource\_names#full + \_resource\_name resource_type: The type of the GCP resource. Examples include: APPLICATION, PROJECT, and ORGANIZATION. This is a case insensitive field @@ -423,7 +425,8 @@ name: The relative resource name of this asset. See: https://cloud.g oogle.com/apis/design/resource\_names#relative\_resource\_name - Example: "organizations/123/assets/456". + Example: + "organizations/{organization\_id}/assets/{asset\_id}". security_center_properties: Cloud SCC managed properties. These properties are managed by Cloud SCC and cannot be modified by the user. @@ -450,5 +453,6 @@ DESCRIPTOR._options = None +_ASSET_SECURITYCENTERPROPERTIES.fields_by_name["resource_name"]._options = None _ASSET_RESOURCEPROPERTIESENTRY._options = None # @@protoc_insertion_point(module_scope) diff --git a/google/cloud/securitycenter_v1beta1/proto/finding.proto b/google/cloud/securitycenter_v1beta1/proto/finding.proto index 21dfdd56..e582e6de 100644 --- a/google/cloud/securitycenter_v1beta1/proto/finding.proto +++ b/google/cloud/securitycenter_v1beta1/proto/finding.proto @@ -1,4 +1,4 @@ -// Copyright 2018 Google LLC. +// Copyright 2019 Google LLC. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,10 +17,12 @@ syntax = "proto3"; package google.cloud.securitycenter.v1beta1; -import "google/api/annotations.proto"; +import "google/api/field_behavior.proto"; +import "google/api/resource.proto"; import "google/cloud/securitycenter/v1beta1/security_marks.proto"; import "google/protobuf/struct.proto"; import "google/protobuf/timestamp.proto"; +import "google/api/annotations.proto"; option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1beta1;securitycenter"; option java_multiple_files = true; @@ -33,6 +35,11 @@ option java_package = "com.google.cloud.securitycenter.v1beta1"; // policy testing, and enforcement. For example, an XSS vulnerability in an // App Engine application is a finding. message Finding { + option (google.api.resource) = { + type: "securitycenter.googleapis.com/Finding" + pattern: "organizations/{organization}/sources/{source}/findings/{finding}" + }; + // The state of the finding. enum State { // Unspecified state. @@ -49,19 +56,21 @@ message Finding { // The relative resource name of this finding. See: // https://cloud.google.com/apis/design/resource_names#relative_resource_name // Example: - // "organizations/123/sources/456/findings/789" + // "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}" string name = 1; - // The relative resource name of the source the finding belongs to. See: + // Immutable. The relative resource name of the source the finding belongs to. See: // https://cloud.google.com/apis/design/resource_names#relative_resource_name // This field is immutable after creation time. // For example: - // "organizations/123/sources/456" - string parent = 2; + // "organizations/{organization_id}/sources/{source_id}" + string parent = 2 [(google.api.field_behavior) = IMMUTABLE]; - // The full resource name of the Google Cloud Platform (GCP) resource this - // finding is for. See: + // For findings on Google Cloud Platform (GCP) resources, the full resource + // name of the GCP resource this finding is for. See: // https://cloud.google.com/apis/design/resource_names#full_resource_name + // When the finding is for a non-GCP resource, the resourceName can be a + // customer or partner defined string. // This field is immutable after creation time. string resource_name = 3; @@ -87,11 +96,11 @@ message Finding { // Output only. User specified security marks. These marks are entirely // managed by the user and come from the SecurityMarks resource that belongs // to the finding. - SecurityMarks security_marks = 8; + SecurityMarks security_marks = 8 [(google.api.field_behavior) = OUTPUT_ONLY]; // The time at which the event took place. For example, if the finding - // represents an open firewall it would capture the time the open firewall was - // detected. + // represents an open firewall it would capture the time the detector believes + // the firewall became open. The accuracy is determined by the detector. google.protobuf.Timestamp event_time = 9; // The time at which the finding was created in Cloud SCC. diff --git a/google/cloud/securitycenter_v1beta1/proto/finding_pb2.py b/google/cloud/securitycenter_v1beta1/proto/finding_pb2.py index 0415351d..34e0e700 100644 --- a/google/cloud/securitycenter_v1beta1/proto/finding_pb2.py +++ b/google/cloud/securitycenter_v1beta1/proto/finding_pb2.py @@ -15,12 +15,14 @@ _sym_db = _symbol_database.Default() -from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 +from google.api import field_behavior_pb2 as google_dot_api_dot_field__behavior__pb2 +from google.api import resource_pb2 as google_dot_api_dot_resource__pb2 from google.cloud.securitycenter_v1beta1.proto import ( security_marks_pb2 as google_dot_cloud_dot_securitycenter__v1beta1_dot_proto_dot_security__marks__pb2, ) from google.protobuf import struct_pb2 as google_dot_protobuf_dot_struct__pb2 from google.protobuf import timestamp_pb2 as google_dot_protobuf_dot_timestamp__pb2 +from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 DESCRIPTOR = _descriptor.FileDescriptor( @@ -31,13 +33,15 @@ "\n'com.google.cloud.securitycenter.v1beta1P\001ZQgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1beta1;securitycenter" ), serialized_pb=_b( - '\n7google/cloud/securitycenter_v1beta1/proto/finding.proto\x12#google.cloud.securitycenter.v1beta1\x1a\x1cgoogle/api/annotations.proto\x1a>google/cloud/securitycenter_v1beta1/proto/security_marks.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a\x1fgoogle/protobuf/timestamp.proto"\xc0\x04\n\x07\x46inding\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x0e\n\x06parent\x18\x02 \x01(\t\x12\x15\n\rresource_name\x18\x03 \x01(\t\x12\x41\n\x05state\x18\x04 \x01(\x0e\x32\x32.google.cloud.securitycenter.v1beta1.Finding.State\x12\x10\n\x08\x63\x61tegory\x18\x05 \x01(\t\x12\x14\n\x0c\x65xternal_uri\x18\x06 \x01(\t\x12]\n\x11source_properties\x18\x07 \x03(\x0b\x32\x42.google.cloud.securitycenter.v1beta1.Finding.SourcePropertiesEntry\x12J\n\x0esecurity_marks\x18\x08 \x01(\x0b\x32\x32.google.cloud.securitycenter.v1beta1.SecurityMarks\x12.\n\nevent_time\x18\t \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12/\n\x0b\x63reate_time\x18\n \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x1aO\n\x15SourcePropertiesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12%\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.Value:\x02\x38\x01"8\n\x05State\x12\x15\n\x11STATE_UNSPECIFIED\x10\x00\x12\n\n\x06\x41\x43TIVE\x10\x01\x12\x0c\n\x08INACTIVE\x10\x02\x42~\n\'com.google.cloud.securitycenter.v1beta1P\x01ZQgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1beta1;securitycenterb\x06proto3' + '\n7google/cloud/securitycenter_v1beta1/proto/finding.proto\x12#google.cloud.securitycenter.v1beta1\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a>google/cloud/securitycenter_v1beta1/proto/security_marks.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a\x1fgoogle/protobuf/timestamp.proto\x1a\x1cgoogle/api/annotations.proto"\xb8\x05\n\x07\x46inding\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x13\n\x06parent\x18\x02 \x01(\tB\x03\xe0\x41\x05\x12\x15\n\rresource_name\x18\x03 \x01(\t\x12\x41\n\x05state\x18\x04 \x01(\x0e\x32\x32.google.cloud.securitycenter.v1beta1.Finding.State\x12\x10\n\x08\x63\x61tegory\x18\x05 \x01(\t\x12\x14\n\x0c\x65xternal_uri\x18\x06 \x01(\t\x12]\n\x11source_properties\x18\x07 \x03(\x0b\x32\x42.google.cloud.securitycenter.v1beta1.Finding.SourcePropertiesEntry\x12O\n\x0esecurity_marks\x18\x08 \x01(\x0b\x32\x32.google.cloud.securitycenter.v1beta1.SecurityMarksB\x03\xe0\x41\x03\x12.\n\nevent_time\x18\t \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12/\n\x0b\x63reate_time\x18\n \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x1aO\n\x15SourcePropertiesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12%\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.Value:\x02\x38\x01"8\n\x05State\x12\x15\n\x11STATE_UNSPECIFIED\x10\x00\x12\n\n\x06\x41\x43TIVE\x10\x01\x12\x0c\n\x08INACTIVE\x10\x02:l\xea\x41i\n%securitycenter.googleapis.com/Finding\x12@organizations/{organization}/sources/{source}/findings/{finding}B~\n\'com.google.cloud.securitycenter.v1beta1P\x01ZQgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1beta1;securitycenterb\x06proto3' ), dependencies=[ - google_dot_api_dot_annotations__pb2.DESCRIPTOR, + google_dot_api_dot_field__behavior__pb2.DESCRIPTOR, + google_dot_api_dot_resource__pb2.DESCRIPTOR, google_dot_cloud_dot_securitycenter__v1beta1_dot_proto_dot_security__marks__pb2.DESCRIPTOR, google_dot_protobuf_dot_struct__pb2.DESCRIPTOR, google_dot_protobuf_dot_timestamp__pb2.DESCRIPTOR, + google_dot_api_dot_annotations__pb2.DESCRIPTOR, ], ) @@ -64,8 +68,8 @@ ], containing_type=None, serialized_options=None, - serialized_start=774, - serialized_end=830, + serialized_start=844, + serialized_end=900, ) _sym_db.RegisterEnumDescriptor(_FINDING_STATE) @@ -122,8 +126,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=693, - serialized_end=772, + serialized_start=763, + serialized_end=842, ) _FINDING = _descriptor.Descriptor( @@ -166,7 +170,7 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b("\340A\005"), file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -274,7 +278,7 @@ containing_type=None, is_extension=False, extension_scope=None, - serialized_options=None, + serialized_options=_b("\340A\003"), file=DESCRIPTOR, ), _descriptor.FieldDescriptor( @@ -317,13 +321,15 @@ extensions=[], nested_types=[_FINDING_SOURCEPROPERTIESENTRY,], enum_types=[_FINDING_STATE,], - serialized_options=None, + serialized_options=_b( + "\352Ai\n%securitycenter.googleapis.com/Finding\022@organizations/{organization}/sources/{source}/findings/{finding}" + ), is_extendable=False, syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=254, - serialized_end=830, + serialized_start=314, + serialized_end=1010, ) _FINDING_SOURCEPROPERTIESENTRY.fields_by_name[ @@ -376,17 +382,21 @@ name: The relative resource name of this finding. See: https://cloud .google.com/apis/design/resource\_names#relative\_resource\_na - me Example: "organizations/123/sources/456/findings/789" + me Example: "organizations/{organization\_id}/sources/{source\ + _id}/findings/{finding\_id}" parent: - The relative resource name of the source the finding belongs - to. See: https://cloud.google.com/apis/design/resource\_names# - relative\_resource\_name This field is immutable after - creation time. For example: "organizations/123/sources/456" + Immutable. The relative resource name of the source the + finding belongs to. See: https://cloud.google.com/apis/design/ + resource\_names#relative\_resource\_name This field is + immutable after creation time. For example: + "organizations/{organization\_id}/sources/{source\_id}" resource_name: - The full resource name of the Google Cloud Platform (GCP) - resource this finding is for. See: https://cloud.google.com/ap - is/design/resource\_names#full\_resource\_name This field is - immutable after creation time. + For findings on Google Cloud Platform (GCP) resources, the + full resource name of the GCP resource this finding is for. + See: https://cloud.google.com/apis/design/resource\_names#full + \_resource\_name When the finding is for a non-GCP resource, + the resourceName can be a customer or partner defined string. + This field is immutable after creation time. state: The state of the finding. category: @@ -411,7 +421,8 @@ event_time: The time at which the event took place. For example, if the finding represents an open firewall it would capture the time - the open firewall was detected. + the detector believes the firewall became open. The accuracy + is determined by the detector. create_time: The time at which the finding was created in Cloud SCC. """, @@ -424,4 +435,7 @@ DESCRIPTOR._options = None _FINDING_SOURCEPROPERTIESENTRY._options = None +_FINDING.fields_by_name["parent"]._options = None +_FINDING.fields_by_name["security_marks"]._options = None +_FINDING._options = None # @@protoc_insertion_point(module_scope) diff --git a/google/cloud/securitycenter_v1beta1/proto/organization_settings.proto b/google/cloud/securitycenter_v1beta1/proto/organization_settings.proto index ca9be114..9f7f2b0e 100644 --- a/google/cloud/securitycenter_v1beta1/proto/organization_settings.proto +++ b/google/cloud/securitycenter_v1beta1/proto/organization_settings.proto @@ -1,4 +1,4 @@ -// Copyright 2018 Google LLC. +// Copyright 2019 Google LLC. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,6 +17,7 @@ syntax = "proto3"; package google.cloud.securitycenter.v1beta1; +import "google/api/resource.proto"; import "google/api/annotations.proto"; option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1beta1;securitycenter"; @@ -26,6 +27,11 @@ option java_package = "com.google.cloud.securitycenter.v1beta1"; // User specified settings that are attached to the Cloud Security Command // Center (Cloud SCC) organization. message OrganizationSettings { + option (google.api.resource) = { + type: "securitycenter.googleapis.com/OrganizationSettings" + pattern: "organizations/{organization}/organizationSettings" + }; + // The configuration used for Asset Discovery runs. message AssetDiscoveryConfig { // The mode of inclusion when running Asset Discovery. @@ -60,7 +66,7 @@ message OrganizationSettings { // The relative resource name of the settings. See: // https://cloud.google.com/apis/design/resource_names#relative_resource_name // Example: - // "organizations/123/organizationSettings". + // "organizations/{organization_id}/organizationSettings". string name = 1; // A flag that indicates if Asset Discovery should be enabled. If the flag is diff --git a/google/cloud/securitycenter_v1beta1/proto/organization_settings_pb2.py b/google/cloud/securitycenter_v1beta1/proto/organization_settings_pb2.py index d8d1b370..7ee67a3f 100644 --- a/google/cloud/securitycenter_v1beta1/proto/organization_settings_pb2.py +++ b/google/cloud/securitycenter_v1beta1/proto/organization_settings_pb2.py @@ -15,6 +15,7 @@ _sym_db = _symbol_database.Default() +from google.api import resource_pb2 as google_dot_api_dot_resource__pb2 from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 @@ -26,9 +27,12 @@ "\n'com.google.cloud.securitycenter.v1beta1P\001ZQgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1beta1;securitycenter" ), serialized_pb=_b( - '\nEgoogle/cloud/securitycenter_v1beta1/proto/organization_settings.proto\x12#google.cloud.securitycenter.v1beta1\x1a\x1cgoogle/api/annotations.proto"\xa8\x03\n\x14OrganizationSettings\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x1e\n\x16\x65nable_asset_discovery\x18\x02 \x01(\x08\x12n\n\x16\x61sset_discovery_config\x18\x03 \x01(\x0b\x32N.google.cloud.securitycenter.v1beta1.OrganizationSettings.AssetDiscoveryConfig\x1a\xf1\x01\n\x14\x41ssetDiscoveryConfig\x12\x13\n\x0bproject_ids\x18\x01 \x03(\t\x12t\n\x0einclusion_mode\x18\x02 \x01(\x0e\x32\\.google.cloud.securitycenter.v1beta1.OrganizationSettings.AssetDiscoveryConfig.InclusionMode"N\n\rInclusionMode\x12\x1e\n\x1aINCLUSION_MODE_UNSPECIFIED\x10\x00\x12\x10\n\x0cINCLUDE_ONLY\x10\x01\x12\x0b\n\x07\x45XCLUDE\x10\x02\x42~\n\'com.google.cloud.securitycenter.v1beta1P\x01ZQgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1beta1;securitycenterb\x06proto3' + '\nEgoogle/cloud/securitycenter_v1beta1/proto/organization_settings.proto\x12#google.cloud.securitycenter.v1beta1\x1a\x19google/api/resource.proto\x1a\x1cgoogle/api/annotations.proto"\x94\x04\n\x14OrganizationSettings\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x1e\n\x16\x65nable_asset_discovery\x18\x02 \x01(\x08\x12n\n\x16\x61sset_discovery_config\x18\x03 \x01(\x0b\x32N.google.cloud.securitycenter.v1beta1.OrganizationSettings.AssetDiscoveryConfig\x1a\xf1\x01\n\x14\x41ssetDiscoveryConfig\x12\x13\n\x0bproject_ids\x18\x01 \x03(\t\x12t\n\x0einclusion_mode\x18\x02 \x01(\x0e\x32\\.google.cloud.securitycenter.v1beta1.OrganizationSettings.AssetDiscoveryConfig.InclusionMode"N\n\rInclusionMode\x12\x1e\n\x1aINCLUSION_MODE_UNSPECIFIED\x10\x00\x12\x10\n\x0cINCLUDE_ONLY\x10\x01\x12\x0b\n\x07\x45XCLUDE\x10\x02:j\xea\x41g\n2securitycenter.googleapis.com/OrganizationSettings\x12\x31organizations/{organization}/organizationSettingsB~\n\'com.google.cloud.securitycenter.v1beta1P\x01ZQgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1beta1;securitycenterb\x06proto3' ), - dependencies=[google_dot_api_dot_annotations__pb2.DESCRIPTOR,], + dependencies=[ + google_dot_api_dot_resource__pb2.DESCRIPTOR, + google_dot_api_dot_annotations__pb2.DESCRIPTOR, + ], ) @@ -54,8 +58,8 @@ ], containing_type=None, serialized_options=None, - serialized_start=487, - serialized_end=565, + serialized_start=514, + serialized_end=592, ) _sym_db.RegisterEnumDescriptor(_ORGANIZATIONSETTINGS_ASSETDISCOVERYCONFIG_INCLUSIONMODE) @@ -112,8 +116,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=324, - serialized_end=565, + serialized_start=351, + serialized_end=592, ) _ORGANIZATIONSETTINGS = _descriptor.Descriptor( @@ -181,13 +185,15 @@ extensions=[], nested_types=[_ORGANIZATIONSETTINGS_ASSETDISCOVERYCONFIG,], enum_types=[], - serialized_options=None, + serialized_options=_b( + "\352Ag\n2securitycenter.googleapis.com/OrganizationSettings\0221organizations/{organization}/organizationSettings" + ), is_extendable=False, syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=141, - serialized_end=565, + serialized_start=168, + serialized_end=700, ) _ORGANIZATIONSETTINGS_ASSETDISCOVERYCONFIG.fields_by_name[ @@ -227,15 +233,16 @@ ), DESCRIPTOR=_ORGANIZATIONSETTINGS, __module__="google.cloud.securitycenter_v1beta1.proto.organization_settings_pb2", - __doc__="""User specified settings that are attached to the Cloud Security Command - Center (Cloud SCC) organization. + __doc__="""User specified settings that are attached to the Cloud + Security Command Center (Cloud SCC) organization. Attributes: name: The relative resource name of the settings. See: https://cloud .google.com/apis/design/resource\_names#relative\_resource\_na - me Example: "organizations/123/organizationSettings". + me Example: + "organizations/{organization\_id}/organizationSettings". enable_asset_discovery: A flag that indicates if Asset Discovery should be enabled. If the flag is set to ``true``, then discovery of assets will @@ -252,4 +259,5 @@ DESCRIPTOR._options = None +_ORGANIZATIONSETTINGS._options = None # @@protoc_insertion_point(module_scope) diff --git a/google/cloud/securitycenter_v1beta1/proto/run_asset_discovery_response.proto b/google/cloud/securitycenter_v1beta1/proto/run_asset_discovery_response.proto new file mode 100644 index 00000000..53ba02ef --- /dev/null +++ b/google/cloud/securitycenter_v1beta1/proto/run_asset_discovery_response.proto @@ -0,0 +1,50 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.cloud.securitycenter.v1beta1; + +import "google/protobuf/duration.proto"; +import "google/api/annotations.proto"; + +option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1beta1;securitycenter"; +option java_multiple_files = true; +option java_package = "com.google.cloud.securitycenter.v1beta1"; + +// Response of asset discovery run +message RunAssetDiscoveryResponse { + // The state of an asset discovery run. + enum State { + // Asset discovery run state was unspecified. + STATE_UNSPECIFIED = 0; + + // Asset discovery run completed successfully. + COMPLETED = 1; + + // Asset discovery run was cancelled with tasks still pending, as another + // run for the same organization was started with a higher priority. + SUPERSEDED = 2; + + // Asset discovery run was killed and terminated. + TERMINATED = 3; + } + + // The state of an asset discovery run. + State state = 1; + + // The duration between asset discovery run start and end + google.protobuf.Duration duration = 2; +} diff --git a/google/cloud/securitycenter_v1beta1/proto/run_asset_discovery_response_pb2.py b/google/cloud/securitycenter_v1beta1/proto/run_asset_discovery_response_pb2.py new file mode 100644 index 00000000..c2199a0f --- /dev/null +++ b/google/cloud/securitycenter_v1beta1/proto/run_asset_discovery_response_pb2.py @@ -0,0 +1,160 @@ +# -*- coding: utf-8 -*- +# Generated by the protocol buffer compiler. DO NOT EDIT! +# source: google/cloud/securitycenter_v1beta1/proto/run_asset_discovery_response.proto + +import sys + +_b = sys.version_info[0] < 3 and (lambda x: x) or (lambda x: x.encode("latin1")) +from google.protobuf import descriptor as _descriptor +from google.protobuf import message as _message +from google.protobuf import reflection as _reflection +from google.protobuf import symbol_database as _symbol_database + +# @@protoc_insertion_point(imports) + +_sym_db = _symbol_database.Default() + + +from google.protobuf import duration_pb2 as google_dot_protobuf_dot_duration__pb2 +from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 + + +DESCRIPTOR = _descriptor.FileDescriptor( + name="google/cloud/securitycenter_v1beta1/proto/run_asset_discovery_response.proto", + package="google.cloud.securitycenter.v1beta1", + syntax="proto3", + serialized_options=_b( + "\n'com.google.cloud.securitycenter.v1beta1P\001ZQgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1beta1;securitycenter" + ), + serialized_pb=_b( + '\nLgoogle/cloud/securitycenter_v1beta1/proto/run_asset_discovery_response.proto\x12#google.cloud.securitycenter.v1beta1\x1a\x1egoogle/protobuf/duration.proto\x1a\x1cgoogle/api/annotations.proto"\xec\x01\n\x19RunAssetDiscoveryResponse\x12S\n\x05state\x18\x01 \x01(\x0e\x32\x44.google.cloud.securitycenter.v1beta1.RunAssetDiscoveryResponse.State\x12+\n\x08\x64uration\x18\x02 \x01(\x0b\x32\x19.google.protobuf.Duration"M\n\x05State\x12\x15\n\x11STATE_UNSPECIFIED\x10\x00\x12\r\n\tCOMPLETED\x10\x01\x12\x0e\n\nSUPERSEDED\x10\x02\x12\x0e\n\nTERMINATED\x10\x03\x42~\n\'com.google.cloud.securitycenter.v1beta1P\x01ZQgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1beta1;securitycenterb\x06proto3' + ), + dependencies=[ + google_dot_protobuf_dot_duration__pb2.DESCRIPTOR, + google_dot_api_dot_annotations__pb2.DESCRIPTOR, + ], +) + + +_RUNASSETDISCOVERYRESPONSE_STATE = _descriptor.EnumDescriptor( + name="State", + full_name="google.cloud.securitycenter.v1beta1.RunAssetDiscoveryResponse.State", + filename=None, + file=DESCRIPTOR, + values=[ + _descriptor.EnumValueDescriptor( + name="STATE_UNSPECIFIED", + index=0, + number=0, + serialized_options=None, + type=None, + ), + _descriptor.EnumValueDescriptor( + name="COMPLETED", index=1, number=1, serialized_options=None, type=None + ), + _descriptor.EnumValueDescriptor( + name="SUPERSEDED", index=2, number=2, serialized_options=None, type=None + ), + _descriptor.EnumValueDescriptor( + name="TERMINATED", index=3, number=3, serialized_options=None, type=None + ), + ], + containing_type=None, + serialized_options=None, + serialized_start=339, + serialized_end=416, +) +_sym_db.RegisterEnumDescriptor(_RUNASSETDISCOVERYRESPONSE_STATE) + + +_RUNASSETDISCOVERYRESPONSE = _descriptor.Descriptor( + name="RunAssetDiscoveryResponse", + full_name="google.cloud.securitycenter.v1beta1.RunAssetDiscoveryResponse", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="state", + full_name="google.cloud.securitycenter.v1beta1.RunAssetDiscoveryResponse.state", + index=0, + number=1, + type=14, + cpp_type=8, + label=1, + has_default_value=False, + default_value=0, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="duration", + full_name="google.cloud.securitycenter.v1beta1.RunAssetDiscoveryResponse.duration", + index=1, + number=2, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[_RUNASSETDISCOVERYRESPONSE_STATE,], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=180, + serialized_end=416, +) + +_RUNASSETDISCOVERYRESPONSE.fields_by_name[ + "state" +].enum_type = _RUNASSETDISCOVERYRESPONSE_STATE +_RUNASSETDISCOVERYRESPONSE.fields_by_name[ + "duration" +].message_type = google_dot_protobuf_dot_duration__pb2._DURATION +_RUNASSETDISCOVERYRESPONSE_STATE.containing_type = _RUNASSETDISCOVERYRESPONSE +DESCRIPTOR.message_types_by_name[ + "RunAssetDiscoveryResponse" +] = _RUNASSETDISCOVERYRESPONSE +_sym_db.RegisterFileDescriptor(DESCRIPTOR) + +RunAssetDiscoveryResponse = _reflection.GeneratedProtocolMessageType( + "RunAssetDiscoveryResponse", + (_message.Message,), + dict( + DESCRIPTOR=_RUNASSETDISCOVERYRESPONSE, + __module__="google.cloud.securitycenter_v1beta1.proto.run_asset_discovery_response_pb2", + __doc__="""Response of asset discovery run + + + Attributes: + state: + The state of an asset discovery run. + duration: + The duration between asset discovery run start and end + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1beta1.RunAssetDiscoveryResponse) + ), +) +_sym_db.RegisterMessage(RunAssetDiscoveryResponse) + + +DESCRIPTOR._options = None +# @@protoc_insertion_point(module_scope) diff --git a/google/cloud/securitycenter_v1beta1/proto/run_asset_discovery_response_pb2_grpc.py b/google/cloud/securitycenter_v1beta1/proto/run_asset_discovery_response_pb2_grpc.py new file mode 100644 index 00000000..07cb78fe --- /dev/null +++ b/google/cloud/securitycenter_v1beta1/proto/run_asset_discovery_response_pb2_grpc.py @@ -0,0 +1,2 @@ +# Generated by the gRPC Python protocol compiler plugin. DO NOT EDIT! +import grpc diff --git a/google/cloud/securitycenter_v1beta1/proto/security_marks.proto b/google/cloud/securitycenter_v1beta1/proto/security_marks.proto index cfcb5f7d..97baf247 100644 --- a/google/cloud/securitycenter_v1beta1/proto/security_marks.proto +++ b/google/cloud/securitycenter_v1beta1/proto/security_marks.proto @@ -1,4 +1,4 @@ -// Copyright 2018 Google LLC. +// Copyright 2019 Google LLC. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,6 +17,7 @@ syntax = "proto3"; package google.cloud.securitycenter.v1beta1; +import "google/api/resource.proto"; import "google/api/annotations.proto"; option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1beta1;securitycenter"; @@ -28,18 +29,26 @@ option java_package = "com.google.cloud.securitycenter.v1beta1"; // SCC organization -- they can be modified and viewed by all users who have // proper permissions on the organization. message SecurityMarks { + option (google.api.resource) = { + type: "securitycenter.googleapis.com/SecurityMarks" + pattern: "organizations/{organization}/assets/{asset}/securityMarks" + pattern: "organizations/{organization}/sources/{source}/findings/{finding}/securityMarks" + }; + // The relative resource name of the SecurityMarks. See: // https://cloud.google.com/apis/design/resource_names#relative_resource_name // Examples: - // "organizations/123/assets/456/securityMarks" - // "organizations/123/sources/456/findings/789/securityMarks". + // "organizations/{organization_id}/assets/{asset_id}/securityMarks" + // "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks". string name = 1; // Mutable user specified security marks belonging to the parent resource. // Constraints are as follows: - // - Keys and values are treated as case insensitive - // - Keys must be alphanumeric and between 1 - 256 characters (inclusive) - // - Values have leading and trailing whitespace trimmed, remaining + // + // * Keys and values are treated as case insensitive + // * Keys must be between 1 - 256 characters (inclusive) + // * Keys must be letters, numbers, underscores, or dashes + // * Values have leading and trailing whitespace trimmed, remaining // characters must be between 1 - 4096 characters (inclusive) map marks = 2; } diff --git a/google/cloud/securitycenter_v1beta1/proto/security_marks_pb2.py b/google/cloud/securitycenter_v1beta1/proto/security_marks_pb2.py index 8487bd9a..ae674ca2 100644 --- a/google/cloud/securitycenter_v1beta1/proto/security_marks_pb2.py +++ b/google/cloud/securitycenter_v1beta1/proto/security_marks_pb2.py @@ -15,6 +15,7 @@ _sym_db = _symbol_database.Default() +from google.api import resource_pb2 as google_dot_api_dot_resource__pb2 from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 @@ -26,9 +27,12 @@ "\n'com.google.cloud.securitycenter.v1beta1P\001ZQgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1beta1;securitycenter" ), serialized_pb=_b( - "\n>google/cloud/securitycenter_v1beta1/proto/security_marks.proto\x12#google.cloud.securitycenter.v1beta1\x1a\x1cgoogle/api/annotations.proto\"\x99\x01\n\rSecurityMarks\x12\x0c\n\x04name\x18\x01 \x01(\t\x12L\n\x05marks\x18\x02 \x03(\x0b\x32=.google.cloud.securitycenter.v1beta1.SecurityMarks.MarksEntry\x1a,\n\nMarksEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\x42~\n'com.google.cloud.securitycenter.v1beta1P\x01ZQgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1beta1;securitycenterb\x06proto3" + "\n>google/cloud/securitycenter_v1beta1/proto/security_marks.proto\x12#google.cloud.securitycenter.v1beta1\x1a\x19google/api/resource.proto\x1a\x1cgoogle/api/annotations.proto\"\xd8\x02\n\rSecurityMarks\x12\x0c\n\x04name\x18\x01 \x01(\t\x12L\n\x05marks\x18\x02 \x03(\x0b\x32=.google.cloud.securitycenter.v1beta1.SecurityMarks.MarksEntry\x1a,\n\nMarksEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01:\xbc\x01\xea\x41\xb8\x01\n+securitycenter.googleapis.com/SecurityMarks\x12\x39organizations/{organization}/assets/{asset}/securityMarks\x12Norganizations/{organization}/sources/{source}/findings/{finding}/securityMarksB~\n'com.google.cloud.securitycenter.v1beta1P\x01ZQgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1beta1;securitycenterb\x06proto3" ), - dependencies=[google_dot_api_dot_annotations__pb2.DESCRIPTOR,], + dependencies=[ + google_dot_api_dot_resource__pb2.DESCRIPTOR, + google_dot_api_dot_annotations__pb2.DESCRIPTOR, + ], ) @@ -84,8 +88,8 @@ syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=243, - serialized_end=287, + serialized_start=270, + serialized_end=314, ) _SECURITYMARKS = _descriptor.Descriptor( @@ -135,13 +139,15 @@ extensions=[], nested_types=[_SECURITYMARKS_MARKSENTRY,], enum_types=[], - serialized_options=None, + serialized_options=_b( + "\352A\270\001\n+securitycenter.googleapis.com/SecurityMarks\0229organizations/{organization}/assets/{asset}/securityMarks\022Norganizations/{organization}/sources/{source}/findings/{finding}/securityMarks" + ), is_extendable=False, syntax="proto3", extension_ranges=[], oneofs=[], - serialized_start=134, - serialized_end=287, + serialized_start=161, + serialized_end=505, ) _SECURITYMARKS_MARKSENTRY.containing_type = _SECURITYMARKS @@ -164,25 +170,27 @@ ), DESCRIPTOR=_SECURITYMARKS, __module__="google.cloud.securitycenter_v1beta1.proto.security_marks_pb2", - __doc__="""User specified security marks that are attached to the parent Cloud - Security Command Center (Cloud SCC) resource. Security marks are scoped - within a Cloud SCC organization -- they can be modified and viewed by - all users who have proper permissions on the organization. + __doc__="""User specified security marks that are attached to the + parent Cloud Security Command Center (Cloud SCC) resource. Security + marks are scoped within a Cloud SCC organization -- they can be modified + and viewed by all users who have proper permissions on the organization. Attributes: name: The relative resource name of the SecurityMarks. See: https:// cloud.google.com/apis/design/resource\_names#relative\_resourc - e\_name Examples: "organizations/123/assets/456/securityMarks" - "organizations/123/sources/456/findings/789/securityMarks". + e\_name Examples: "organizations/{organization\_id}/assets/{as + set\_id}/securityMarks" "organizations/{organization\_id}/sour + ces/{source\_id}/findings/{finding\_id}/securityMarks". marks: Mutable user specified security marks belonging to the parent - resource. Constraints are as follows: - Keys and values are - treated as case insensitive - Keys must be alphanumeric and - between 1 - 256 characters (inclusive) - Values have leading - and trailing whitespace trimmed, remaining characters must be - between 1 - 4096 characters (inclusive) + resource. Constraints are as follows: - Keys and values are + treated as case insensitive - Keys must be between 1 - 256 + characters (inclusive) - Keys must be letters, numbers, + underscores, or dashes - Values have leading and trailing + whitespace trimmed, remaining characters must be between 1 + - 4096 characters (inclusive) """, # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1beta1.SecurityMarks) ), @@ -193,4 +201,5 @@ DESCRIPTOR._options = None _SECURITYMARKS_MARKSENTRY._options = None +_SECURITYMARKS._options = None # @@protoc_insertion_point(module_scope) diff --git a/google/cloud/securitycenter_v1beta1/proto/securitycenter_service.proto b/google/cloud/securitycenter_v1beta1/proto/securitycenter_service.proto index dafce562..ba2edf4e 100644 --- a/google/cloud/securitycenter_v1beta1/proto/securitycenter_service.proto +++ b/google/cloud/securitycenter_v1beta1/proto/securitycenter_service.proto @@ -1,4 +1,4 @@ -// Copyright 2018 Google LLC. +// Copyright 2019 Google LLC. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -18,6 +18,9 @@ syntax = "proto3"; package google.cloud.securitycenter.v1beta1; import "google/api/annotations.proto"; +import "google/api/client.proto"; +import "google/api/field_behavior.proto"; +import "google/api/resource.proto"; import "google/cloud/securitycenter/v1beta1/asset.proto"; import "google/cloud/securitycenter/v1beta1/finding.proto"; import "google/cloud/securitycenter/v1beta1/organization_settings.proto"; @@ -38,12 +41,16 @@ option java_package = "com.google.cloud.securitycenter.v1beta1"; // V1 Beta APIs for Security Center service. service SecurityCenter { + option (google.api.default_host) = "securitycenter.googleapis.com"; + option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform"; + // Creates a source. rpc CreateSource(CreateSourceRequest) returns (Source) { option (google.api.http) = { post: "/v1beta1/{parent=organizations/*}/sources" body: "source" }; + option (google.api.method_signature) = "parent,source"; } // Creates a finding. The corresponding source must exist for finding creation @@ -53,23 +60,24 @@ service SecurityCenter { post: "/v1beta1/{parent=organizations/*/sources/*}/findings" body: "finding" }; + option (google.api.method_signature) = "parent,finding_id,finding"; } // Gets the access control policy on the specified Source. - rpc GetIamPolicy(google.iam.v1.GetIamPolicyRequest) - returns (google.iam.v1.Policy) { + rpc GetIamPolicy(google.iam.v1.GetIamPolicyRequest) returns (google.iam.v1.Policy) { option (google.api.http) = { post: "/v1beta1/{resource=organizations/*/sources/*}:getIamPolicy" body: "*" }; + option (google.api.method_signature) = "resource"; } // Gets the settings for an organization. - rpc GetOrganizationSettings(GetOrganizationSettingsRequest) - returns (OrganizationSettings) { + rpc GetOrganizationSettings(GetOrganizationSettingsRequest) returns (OrganizationSettings) { option (google.api.http) = { get: "/v1beta1/{name=organizations/*/organizationSettings}" }; + option (google.api.method_signature) = "name"; } // Gets a source. @@ -77,6 +85,7 @@ service SecurityCenter { option (google.api.http) = { get: "/v1beta1/{name=organizations/*/sources/*}" }; + option (google.api.method_signature) = "name"; } // Filters an organization's assets and groups them by their specified @@ -92,12 +101,13 @@ service SecurityCenter { // specified properties. // // To group across all sources provide a `-` as the source id. - // Example: /v1beta1/organizations/123/sources/-/findings + // Example: /v1beta1/organizations/{organization_id}/sources/-/findings rpc GroupFindings(GroupFindingsRequest) returns (GroupFindingsResponse) { option (google.api.http) = { post: "/v1beta1/{parent=organizations/*/sources/*}/findings:group" body: "*" }; + option (google.api.method_signature) = "parent,group_by"; } // Lists an organization's assets. @@ -110,7 +120,7 @@ service SecurityCenter { // Lists an organization or source's findings. // // To list across all sources provide a `-` as the source id. - // Example: /v1beta1/organizations/123/sources/-/findings + // Example: /v1beta1/organizations/{organization_id}/sources/-/findings rpc ListFindings(ListFindingsRequest) returns (ListFindingsResponse) { option (google.api.http) = { get: "/v1beta1/{parent=organizations/*/sources/*}/findings" @@ -122,6 +132,7 @@ service SecurityCenter { option (google.api.http) = { get: "/v1beta1/{parent=organizations/*}/sources" }; + option (google.api.method_signature) = "parent"; } // Runs asset discovery. The discovery is tracked with a long-running @@ -130,12 +141,16 @@ service SecurityCenter { // This API can only be called with limited frequency for an organization. If // it is called too frequently the caller will receive a TOO_MANY_REQUESTS // error. - rpc RunAssetDiscovery(RunAssetDiscoveryRequest) - returns (google.longrunning.Operation) { + rpc RunAssetDiscovery(RunAssetDiscoveryRequest) returns (google.longrunning.Operation) { option (google.api.http) = { post: "/v1beta1/{parent=organizations/*}/assets:runDiscovery" body: "*" }; + option (google.api.method_signature) = "parent"; + option (google.longrunning.operation_info) = { + response_type: "google.protobuf.Empty" + metadata_type: "google.protobuf.Empty" + }; } // Updates the state of a finding. @@ -144,24 +159,25 @@ service SecurityCenter { post: "/v1beta1/{name=organizations/*/sources/*/findings/*}:setState" body: "*" }; + option (google.api.method_signature) = "name,state,start_time"; } // Sets the access control policy on the specified Source. - rpc SetIamPolicy(google.iam.v1.SetIamPolicyRequest) - returns (google.iam.v1.Policy) { + rpc SetIamPolicy(google.iam.v1.SetIamPolicyRequest) returns (google.iam.v1.Policy) { option (google.api.http) = { post: "/v1beta1/{resource=organizations/*/sources/*}:setIamPolicy" body: "*" }; + option (google.api.method_signature) = "resource,policy"; } // Returns the permissions that a caller has on the specified source. - rpc TestIamPermissions(google.iam.v1.TestIamPermissionsRequest) - returns (google.iam.v1.TestIamPermissionsResponse) { + rpc TestIamPermissions(google.iam.v1.TestIamPermissionsRequest) returns (google.iam.v1.TestIamPermissionsResponse) { option (google.api.http) = { post: "/v1beta1/{resource=organizations/*/sources/*}:testIamPermissions" body: "*" }; + option (google.api.method_signature) = "resource,permissions"; } // Creates or updates a finding. The corresponding source must exist for a @@ -171,15 +187,16 @@ service SecurityCenter { patch: "/v1beta1/{finding.name=organizations/*/sources/*/findings/*}" body: "finding" }; + option (google.api.method_signature) = "finding"; } // Updates an organization's settings. - rpc UpdateOrganizationSettings(UpdateOrganizationSettingsRequest) - returns (OrganizationSettings) { + rpc UpdateOrganizationSettings(UpdateOrganizationSettingsRequest) returns (OrganizationSettings) { option (google.api.http) = { patch: "/v1beta1/{organization_settings.name=organizations/*/organizationSettings}" body: "organization_settings" }; + option (google.api.method_signature) = "organization_settings"; } // Updates a source. @@ -188,6 +205,7 @@ service SecurityCenter { patch: "/v1beta1/{source.name=organizations/*/sources/*}" body: "source" }; + option (google.api.method_signature) = "source"; } // Updates security marks. @@ -200,55 +218,81 @@ service SecurityCenter { body: "security_marks" } }; + option (google.api.method_signature) = "security_marks"; } } // Request message for creating a finding. message CreateFindingRequest { - // Resource name of the new finding's parent. Its format should be + // Required. Resource name of the new finding's parent. Its format should be // "organizations/[organization_id]/sources/[source_id]". - string parent = 1; + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "securitycenter.googleapis.com/Source" + } + ]; - // Unique identifier provided by the client within the parent scope. + // Required. Unique identifier provided by the client within the parent scope. // It must be alphanumeric and less than or equal to 32 characters and // greater than 0 characters in length. - string finding_id = 2; + string finding_id = 2 [(google.api.field_behavior) = REQUIRED]; - // The Finding being created. The name and security_marks will be ignored as + // Required. The Finding being created. The name and security_marks will be ignored as // they are both output only fields on this resource. - Finding finding = 3; + Finding finding = 3 [(google.api.field_behavior) = REQUIRED]; } // Request message for creating a source. message CreateSourceRequest { - // Resource name of the new source's parent. Its format should be + // Required. Resource name of the new source's parent. Its format should be // "organizations/[organization_id]". - string parent = 1; + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudresourcemanager.googleapis.com/Organization" + } + ]; - // The Source being created, only the display_name and description will be + // Required. The Source being created, only the display_name and description will be // used. All other fields will be ignored. - Source source = 2; + Source source = 2 [(google.api.field_behavior) = REQUIRED]; } // Request message for getting organization settings. message GetOrganizationSettingsRequest { - // Name of the organization to get organization settings for. Its format is + // Required. Name of the organization to get organization settings for. Its format is // "organizations/[organization_id]/organizationSettings". - string name = 1; + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "securitycenter.googleapis.com/OrganizationSettings" + } + ]; } // Request message for getting a source. message GetSourceRequest { - // Relative resource name of the source. Its format is + // Required. Relative resource name of the source. Its format is // "organizations/[organization_id]/source/[source_id]". - string name = 1; + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "securitycenter.googleapis.com/Source" + } + ]; } // Request message for grouping by assets. message GroupAssetsRequest { - // Name of the organization to groupBy. Its format is + // Required. Name of the organization to groupBy. Its format is // "organizations/[organization_id]". - string parent = 1; + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudresourcemanager.googleapis.com/Organization" + } + ]; // Expression that defines the filter to apply across assets. // The expression is a list of zero or more restrictions combined via logical @@ -279,7 +323,7 @@ message GroupAssetsRequest { // For example, `resource_properties.size = 100` is a valid filter string. string filter = 2; - // Expression that defines what assets fields to use for grouping. The string + // Required. Expression that defines what assets fields to use for grouping. The string // value should follow SQL syntax: comma separated list of fields. For // example: // "security_center_properties.resource_project,security_center_properties.project". @@ -293,7 +337,7 @@ message GroupAssetsRequest { // The following fields are supported when compare_duration is set: // // * security_center_properties.resource_type - string group_by = 3; + string group_by = 3 [(google.api.field_behavior) = REQUIRED]; // When compare_duration is set, the Asset's "state" property is updated to // indicate whether the asset was added, removed, or remained present during @@ -351,11 +395,16 @@ message GroupAssetsResponse { // Request message for grouping by findings. message GroupFindingsRequest { - // Name of the source to groupBy. Its format is + // Required. Name of the source to groupBy. Its format is // "organizations/[organization_id]/sources/[source_id]". To groupBy across // all sources provide a source_id of `-`. For example: - // organizations/123/sources/- - string parent = 1; + // organizations/{organization_id}/sources/- + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "securitycenter.googleapis.com/Source" + } + ]; // Expression that defines the filter to apply across findings. // The expression is a list of one or more restrictions combined via logical @@ -384,7 +433,7 @@ message GroupFindingsRequest { // For example, `source_properties.size = 100` is a valid filter string. string filter = 2; - // Expression that defines what assets fields to use for grouping (including + // Required. Expression that defines what assets fields to use for grouping (including // `state`). The string value should follow SQL syntax: comma separated list // of fields. For example: // "parent,resource_name". @@ -395,7 +444,7 @@ message GroupFindingsRequest { // * category // * state // * parent - string group_by = 3; + string group_by = 3 [(google.api.field_behavior) = REQUIRED]; // Time used as a reference point when filtering findings. The filter is // limited to findings existing at the supplied time and their values are @@ -439,9 +488,14 @@ message GroupResult { // Request message for listing sources. message ListSourcesRequest { - // Resource name of the parent of sources to list. Its format should be + // Required. Resource name of the parent of sources to list. Its format should be // "organizations/[organization_id]". - string parent = 1; + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudresourcemanager.googleapis.com/Organization" + } + ]; // The value returned by the last `ListSourcesResponse`; indicates // that this is a continuation of a prior `ListSources` call, and @@ -465,9 +519,14 @@ message ListSourcesResponse { // Request message for listing assets. message ListAssetsRequest { - // Name of the organization assets should belong to. Its format is + // Required. Name of the organization assets should belong to. Its format is // "organizations/[organization_id]". - string parent = 1; + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudresourcemanager.googleapis.com/Organization" + } + ]; // Expression that defines the filter to apply across assets. // The expression is a list of zero or more restrictions combined via logical @@ -539,12 +598,10 @@ message ListAssetsRequest { // "UNUSED", which indicates that the asset is present at read_time. google.protobuf.Duration compare_duration = 5; - // Optional. - // - // A field mask to specify the ListAssetsResult fields to be listed in the + // Optional. A field mask to specify the ListAssetsResult fields to be listed in the // response. // An empty field mask will list all fields. - google.protobuf.FieldMask field_mask = 7; + google.protobuf.FieldMask field_mask = 7 [(google.api.field_behavior) = OPTIONAL]; // The value returned by the last `ListAssetsResponse`; indicates // that this is a continuation of a prior `ListAssets` call, and @@ -606,11 +663,16 @@ message ListAssetsResponse { // Request message for listing findings. message ListFindingsRequest { - // Name of the source the findings belong to. Its format is + // Required. Name of the source the findings belong to. Its format is // "organizations/[organization_id]/sources/[source_id]". To list across all // sources provide a source_id of `-`. For example: - // organizations/123/sources/- - string parent = 1; + // organizations/{organization_id}/sources/- + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "securitycenter.googleapis.com/Source" + } + ]; // Expression that defines the filter to apply across findings. // The expression is a list of one or more restrictions combined via logical @@ -655,11 +717,9 @@ message ListFindingsRequest { // API's version of NOW. google.protobuf.Timestamp read_time = 4; - // Optional. - // - // A field mask to specify the Finding fields to be listed in the response. + // Optional. A field mask to specify the Finding fields to be listed in the response. // An empty field mask will list all fields. - google.protobuf.FieldMask field_mask = 5; + google.protobuf.FieldMask field_mask = 5 [(google.api.field_behavior) = OPTIONAL]; // The value returned by the last `ListFindingsResponse`; indicates // that this is a continuation of a prior `ListFindings` call, and @@ -689,35 +749,45 @@ message ListFindingsResponse { // Request message for updating a finding's state. message SetFindingStateRequest { - // The relative resource name of the finding. See: + // Required. The relative resource name of the finding. See: // https://cloud.google.com/apis/design/resource_names#relative_resource_name // Example: - // "organizations/123/sources/456/finding/789". - string name = 1; + // "organizations/{organization_id}/sources/{source_id}/finding/{finding_id}". + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "securitycenter.googleapis.com/Finding" + } + ]; - // The desired State of the finding. - Finding.State state = 2; + // Required. The desired State of the finding. + Finding.State state = 2 [(google.api.field_behavior) = REQUIRED]; - // The time at which the updated state takes effect. - google.protobuf.Timestamp start_time = 3; + // Required. The time at which the updated state takes effect. + google.protobuf.Timestamp start_time = 3 [(google.api.field_behavior) = REQUIRED]; } // Request message for running asset discovery for an organization. message RunAssetDiscoveryRequest { - // Name of the organization to run asset discovery for. Its format is + // Required. Name of the organization to run asset discovery for. Its format is // "organizations/[organization_id]". - string parent = 1; + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudresourcemanager.googleapis.com/Organization" + } + ]; } // Request message for updating or creating a finding. message UpdateFindingRequest { - // The finding resource to update or create if it does not already exist. + // Required. The finding resource to update or create if it does not already exist. // parent, security_marks, and update_time will be ignored. // // In the case of creation, the finding id portion of the name must // alphanumeric and less than or equal to 32 characters and greater than 0 // characters in length. - Finding finding = 1; + Finding finding = 1 [(google.api.field_behavior) = REQUIRED]; // The FieldMask to use when updating the finding resource. This field should // not be specified when creating a finding. @@ -726,8 +796,8 @@ message UpdateFindingRequest { // Request message for updating an organization's settings. message UpdateOrganizationSettingsRequest { - // The organization settings resource to update. - OrganizationSettings organization_settings = 1; + // Required. The organization settings resource to update. + OrganizationSettings organization_settings = 1 [(google.api.field_behavior) = REQUIRED]; // The FieldMask to use when updating the settings resource. google.protobuf.FieldMask update_mask = 2; @@ -735,8 +805,8 @@ message UpdateOrganizationSettingsRequest { // Request message for updating a source. message UpdateSourceRequest { - // The source resource to update. - Source source = 1; + // Required. The source resource to update. + Source source = 1 [(google.api.field_behavior) = REQUIRED]; // The FieldMask to use when updating the source resource. google.protobuf.FieldMask update_mask = 2; @@ -744,8 +814,8 @@ message UpdateSourceRequest { // Request message for updating a SecurityMarks resource. message UpdateSecurityMarksRequest { - // The security marks resource to update. - SecurityMarks security_marks = 1; + // Required. The security marks resource to update. + SecurityMarks security_marks = 1 [(google.api.field_behavior) = REQUIRED]; // The FieldMask to use when updating the security marks resource. google.protobuf.FieldMask update_mask = 2; diff --git a/google/cloud/securitycenter_v1beta1/proto/securitycenter_service_pb2.py b/google/cloud/securitycenter_v1beta1/proto/securitycenter_service_pb2.py index 804cae1e..c7e659b5 100644 --- a/google/cloud/securitycenter_v1beta1/proto/securitycenter_service_pb2.py +++ b/google/cloud/securitycenter_v1beta1/proto/securitycenter_service_pb2.py @@ -16,6 +16,9 @@ from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 +from google.api import client_pb2 as google_dot_api_dot_client__pb2 +from google.api import field_behavior_pb2 as google_dot_api_dot_field__behavior__pb2 +from google.api import resource_pb2 as google_dot_api_dot_resource__pb2 from google.cloud.securitycenter_v1beta1.proto import ( asset_pb2 as google_dot_cloud_dot_securitycenter__v1beta1_dot_proto_dot_asset__pb2, ) @@ -51,10 +54,13 @@ "\n'com.google.cloud.securitycenter.v1beta1P\001ZQgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1beta1;securitycenter" ), serialized_pb=_b( - '\nFgoogle/cloud/securitycenter_v1beta1/proto/securitycenter_service.proto\x12#google.cloud.securitycenter.v1beta1\x1a\x1cgoogle/api/annotations.proto\x1a\x35google/cloud/securitycenter_v1beta1/proto/asset.proto\x1a\x37google/cloud/securitycenter_v1beta1/proto/finding.proto\x1a\x45google/cloud/securitycenter_v1beta1/proto/organization_settings.proto\x1a>google/cloud/securitycenter_v1beta1/proto/security_marks.proto\x1a\x36google/cloud/securitycenter_v1beta1/proto/source.proto\x1a\x1egoogle/iam/v1/iam_policy.proto\x1a\x1agoogle/iam/v1/policy.proto\x1a#google/longrunning/operations.proto\x1a\x1egoogle/protobuf/duration.proto\x1a\x1bgoogle/protobuf/empty.proto\x1a google/protobuf/field_mask.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a\x1fgoogle/protobuf/timestamp.proto"y\n\x14\x43reateFindingRequest\x12\x0e\n\x06parent\x18\x01 \x01(\t\x12\x12\n\nfinding_id\x18\x02 \x01(\t\x12=\n\x07\x66inding\x18\x03 \x01(\x0b\x32,.google.cloud.securitycenter.v1beta1.Finding"b\n\x13\x43reateSourceRequest\x12\x0e\n\x06parent\x18\x01 \x01(\t\x12;\n\x06source\x18\x02 \x01(\x0b\x32+.google.cloud.securitycenter.v1beta1.Source".\n\x1eGetOrganizationSettingsRequest\x12\x0c\n\x04name\x18\x01 \x01(\t" \n\x10GetSourceRequest\x12\x0c\n\x04name\x18\x01 \x01(\t"\xd1\x01\n\x12GroupAssetsRequest\x12\x0e\n\x06parent\x18\x01 \x01(\t\x12\x0e\n\x06\x66ilter\x18\x02 \x01(\t\x12\x10\n\x08group_by\x18\x03 \x01(\t\x12\x33\n\x10\x63ompare_duration\x18\x04 \x01(\x0b\x32\x19.google.protobuf.Duration\x12-\n\tread_time\x18\x05 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x12\n\npage_token\x18\x07 \x01(\t\x12\x11\n\tpage_size\x18\x08 \x01(\x05"\xa9\x01\n\x13GroupAssetsResponse\x12J\n\x10group_by_results\x18\x01 \x03(\x0b\x32\x30.google.cloud.securitycenter.v1beta1.GroupResult\x12-\n\tread_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x17\n\x0fnext_page_token\x18\x03 \x01(\t"\x9e\x01\n\x14GroupFindingsRequest\x12\x0e\n\x06parent\x18\x01 \x01(\t\x12\x0e\n\x06\x66ilter\x18\x02 \x01(\t\x12\x10\n\x08group_by\x18\x03 \x01(\t\x12-\n\tread_time\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x12\n\npage_token\x18\x05 \x01(\t\x12\x11\n\tpage_size\x18\x06 \x01(\x05"\xab\x01\n\x15GroupFindingsResponse\x12J\n\x10group_by_results\x18\x01 \x03(\x0b\x32\x30.google.cloud.securitycenter.v1beta1.GroupResult\x12-\n\tread_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x17\n\x0fnext_page_token\x18\x03 \x01(\t"\xbd\x01\n\x0bGroupResult\x12T\n\nproperties\x18\x01 \x03(\x0b\x32@.google.cloud.securitycenter.v1beta1.GroupResult.PropertiesEntry\x12\r\n\x05\x63ount\x18\x02 \x01(\x03\x1aI\n\x0fPropertiesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12%\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.Value:\x02\x38\x01"K\n\x12ListSourcesRequest\x12\x0e\n\x06parent\x18\x01 \x01(\t\x12\x12\n\npage_token\x18\x02 \x01(\t\x12\x11\n\tpage_size\x18\x07 \x01(\x05"l\n\x13ListSourcesResponse\x12<\n\x07sources\x18\x01 \x03(\x0b\x32+.google.cloud.securitycenter.v1beta1.Source\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t"\x80\x02\n\x11ListAssetsRequest\x12\x0e\n\x06parent\x18\x01 \x01(\t\x12\x0e\n\x06\x66ilter\x18\x02 \x01(\t\x12\x10\n\x08order_by\x18\x03 \x01(\t\x12-\n\tread_time\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x33\n\x10\x63ompare_duration\x18\x05 \x01(\x0b\x32\x19.google.protobuf.Duration\x12.\n\nfield_mask\x18\x07 \x01(\x0b\x32\x1a.google.protobuf.FieldMask\x12\x12\n\npage_token\x18\x08 \x01(\t\x12\x11\n\tpage_size\x18\t \x01(\x05"\xd6\x03\n\x12ListAssetsResponse\x12\x65\n\x13list_assets_results\x18\x01 \x03(\x0b\x32H.google.cloud.securitycenter.v1beta1.ListAssetsResponse.ListAssetsResult\x12-\n\tread_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x17\n\x0fnext_page_token\x18\x03 \x01(\t\x12\x12\n\ntotal_size\x18\x04 \x01(\x05\x1a\xfc\x01\n\x10ListAssetsResult\x12\x39\n\x05\x61sset\x18\x01 \x01(\x0b\x32*.google.cloud.securitycenter.v1beta1.Asset\x12]\n\x05state\x18\x02 \x01(\x0e\x32N.google.cloud.securitycenter.v1beta1.ListAssetsResponse.ListAssetsResult.State"N\n\x05State\x12\x15\n\x11STATE_UNSPECIFIED\x10\x00\x12\n\n\x06UNUSED\x10\x01\x12\t\n\x05\x41\x44\x44\x45\x44\x10\x02\x12\x0b\n\x07REMOVED\x10\x03\x12\n\n\x06\x41\x43TIVE\x10\x04"\xcd\x01\n\x13ListFindingsRequest\x12\x0e\n\x06parent\x18\x01 \x01(\t\x12\x0e\n\x06\x66ilter\x18\x02 \x01(\t\x12\x10\n\x08order_by\x18\x03 \x01(\t\x12-\n\tread_time\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12.\n\nfield_mask\x18\x05 \x01(\x0b\x32\x1a.google.protobuf.FieldMask\x12\x12\n\npage_token\x18\x06 \x01(\t\x12\x11\n\tpage_size\x18\x07 \x01(\x05"\xb2\x01\n\x14ListFindingsResponse\x12>\n\x08\x66indings\x18\x01 \x03(\x0b\x32,.google.cloud.securitycenter.v1beta1.Finding\x12-\n\tread_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x17\n\x0fnext_page_token\x18\x03 \x01(\t\x12\x12\n\ntotal_size\x18\x04 \x01(\x05"\x99\x01\n\x16SetFindingStateRequest\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x41\n\x05state\x18\x02 \x01(\x0e\x32\x32.google.cloud.securitycenter.v1beta1.Finding.State\x12.\n\nstart_time\x18\x03 \x01(\x0b\x32\x1a.google.protobuf.Timestamp"*\n\x18RunAssetDiscoveryRequest\x12\x0e\n\x06parent\x18\x01 \x01(\t"\x86\x01\n\x14UpdateFindingRequest\x12=\n\x07\x66inding\x18\x01 \x01(\x0b\x32,.google.cloud.securitycenter.v1beta1.Finding\x12/\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMask"\xae\x01\n!UpdateOrganizationSettingsRequest\x12X\n\x15organization_settings\x18\x01 \x01(\x0b\x32\x39.google.cloud.securitycenter.v1beta1.OrganizationSettings\x12/\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMask"\x83\x01\n\x13UpdateSourceRequest\x12;\n\x06source\x18\x01 \x01(\x0b\x32+.google.cloud.securitycenter.v1beta1.Source\x12/\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMask"\xc9\x01\n\x1aUpdateSecurityMarksRequest\x12J\n\x0esecurity_marks\x18\x01 \x01(\x0b\x32\x32.google.cloud.securitycenter.v1beta1.SecurityMarks\x12/\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMask\x12.\n\nstart_time\x18\x03 \x01(\x0b\x32\x1a.google.protobuf.Timestamp2\x80\x1c\n\x0eSecurityCenter\x12\xb0\x01\n\x0c\x43reateSource\x12\x38.google.cloud.securitycenter.v1beta1.CreateSourceRequest\x1a+.google.cloud.securitycenter.v1beta1.Source"9\x82\xd3\xe4\x93\x02\x33")/v1beta1/{parent=organizations/*}/sources:\x06source\x12\xbf\x01\n\rCreateFinding\x12\x39.google.cloud.securitycenter.v1beta1.CreateFindingRequest\x1a,.google.cloud.securitycenter.v1beta1.Finding"E\x82\xd3\xe4\x93\x02?"4/v1beta1/{parent=organizations/*/sources/*}/findings:\x07\x66inding\x12\x90\x01\n\x0cGetIamPolicy\x12".google.iam.v1.GetIamPolicyRequest\x1a\x15.google.iam.v1.Policy"E\x82\xd3\xe4\x93\x02?":/v1beta1/{resource=organizations/*/sources/*}:getIamPolicy:\x01*\x12\xd7\x01\n\x17GetOrganizationSettings\x12\x43.google.cloud.securitycenter.v1beta1.GetOrganizationSettingsRequest\x1a\x39.google.cloud.securitycenter.v1beta1.OrganizationSettings"<\x82\xd3\xe4\x93\x02\x36\x12\x34/v1beta1/{name=organizations/*/organizationSettings}\x12\xa2\x01\n\tGetSource\x12\x35.google.cloud.securitycenter.v1beta1.GetSourceRequest\x1a+.google.cloud.securitycenter.v1beta1.Source"1\x82\xd3\xe4\x93\x02+\x12)/v1beta1/{name=organizations/*/sources/*}\x12\xbb\x01\n\x0bGroupAssets\x12\x37.google.cloud.securitycenter.v1beta1.GroupAssetsRequest\x1a\x38.google.cloud.securitycenter.v1beta1.GroupAssetsResponse"9\x82\xd3\xe4\x93\x02\x33"./v1beta1/{parent=organizations/*}/assets:group:\x01*\x12\xcd\x01\n\rGroupFindings\x12\x39.google.cloud.securitycenter.v1beta1.GroupFindingsRequest\x1a:.google.cloud.securitycenter.v1beta1.GroupFindingsResponse"E\x82\xd3\xe4\x93\x02?":/v1beta1/{parent=organizations/*/sources/*}/findings:group:\x01*\x12\xaf\x01\n\nListAssets\x12\x36.google.cloud.securitycenter.v1beta1.ListAssetsRequest\x1a\x37.google.cloud.securitycenter.v1beta1.ListAssetsResponse"0\x82\xd3\xe4\x93\x02*\x12(/v1beta1/{parent=organizations/*}/assets\x12\xc1\x01\n\x0cListFindings\x12\x38.google.cloud.securitycenter.v1beta1.ListFindingsRequest\x1a\x39.google.cloud.securitycenter.v1beta1.ListFindingsResponse"<\x82\xd3\xe4\x93\x02\x36\x12\x34/v1beta1/{parent=organizations/*/sources/*}/findings\x12\xb3\x01\n\x0bListSources\x12\x37.google.cloud.securitycenter.v1beta1.ListSourcesRequest\x1a\x38.google.cloud.securitycenter.v1beta1.ListSourcesResponse"1\x82\xd3\xe4\x93\x02+\x12)/v1beta1/{parent=organizations/*}/sources\x12\xb3\x01\n\x11RunAssetDiscovery\x12=.google.cloud.securitycenter.v1beta1.RunAssetDiscoveryRequest\x1a\x1d.google.longrunning.Operation"@\x82\xd3\xe4\x93\x02:"5/v1beta1/{parent=organizations/*}/assets:runDiscovery:\x01*\x12\xc6\x01\n\x0fSetFindingState\x12;.google.cloud.securitycenter.v1beta1.SetFindingStateRequest\x1a,.google.cloud.securitycenter.v1beta1.Finding"H\x82\xd3\xe4\x93\x02\x42"=/v1beta1/{name=organizations/*/sources/*/findings/*}:setState:\x01*\x12\x90\x01\n\x0cSetIamPolicy\x12".google.iam.v1.SetIamPolicyRequest\x1a\x15.google.iam.v1.Policy"E\x82\xd3\xe4\x93\x02?":/v1beta1/{resource=organizations/*/sources/*}:setIamPolicy:\x01*\x12\xb6\x01\n\x12TestIamPermissions\x12(.google.iam.v1.TestIamPermissionsRequest\x1a).google.iam.v1.TestIamPermissionsResponse"K\x82\xd3\xe4\x93\x02\x45"@/v1beta1/{resource=organizations/*/sources/*}:testIamPermissions:\x01*\x12\xc7\x01\n\rUpdateFinding\x12\x39.google.cloud.securitycenter.v1beta1.UpdateFindingRequest\x1a,.google.cloud.securitycenter.v1beta1.Finding"M\x82\xd3\xe4\x93\x02G2google/cloud/securitycenter_v1beta1/proto/security_marks.proto\x1a\x36google/cloud/securitycenter_v1beta1/proto/source.proto\x1a\x1egoogle/iam/v1/iam_policy.proto\x1a\x1agoogle/iam/v1/policy.proto\x1a#google/longrunning/operations.proto\x1a\x1egoogle/protobuf/duration.proto\x1a\x1bgoogle/protobuf/empty.proto\x1a google/protobuf/field_mask.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a\x1fgoogle/protobuf/timestamp.proto"\xb1\x01\n\x14\x43reateFindingRequest\x12<\n\x06parent\x18\x01 \x01(\tB,\xe0\x41\x02\xfa\x41&\n$securitycenter.googleapis.com/Source\x12\x17\n\nfinding_id\x18\x02 \x01(\tB\x03\xe0\x41\x02\x12\x42\n\x07\x66inding\x18\x03 \x01(\x0b\x32,.google.cloud.securitycenter.v1beta1.FindingB\x03\xe0\x41\x02"\xa1\x01\n\x13\x43reateSourceRequest\x12H\n\x06parent\x18\x01 \x01(\tB8\xe0\x41\x02\xfa\x41\x32\n0cloudresourcemanager.googleapis.com/Organization\x12@\n\x06source\x18\x02 \x01(\x0b\x32+.google.cloud.securitycenter.v1beta1.SourceB\x03\xe0\x41\x02"j\n\x1eGetOrganizationSettingsRequest\x12H\n\x04name\x18\x01 \x01(\tB:\xe0\x41\x02\xfa\x41\x34\n2securitycenter.googleapis.com/OrganizationSettings"N\n\x10GetSourceRequest\x12:\n\x04name\x18\x01 \x01(\tB,\xe0\x41\x02\xfa\x41&\n$securitycenter.googleapis.com/Source"\x90\x02\n\x12GroupAssetsRequest\x12H\n\x06parent\x18\x01 \x01(\tB8\xe0\x41\x02\xfa\x41\x32\n0cloudresourcemanager.googleapis.com/Organization\x12\x0e\n\x06\x66ilter\x18\x02 \x01(\t\x12\x15\n\x08group_by\x18\x03 \x01(\tB\x03\xe0\x41\x02\x12\x33\n\x10\x63ompare_duration\x18\x04 \x01(\x0b\x32\x19.google.protobuf.Duration\x12-\n\tread_time\x18\x05 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x12\n\npage_token\x18\x07 \x01(\t\x12\x11\n\tpage_size\x18\x08 \x01(\x05"\xa9\x01\n\x13GroupAssetsResponse\x12J\n\x10group_by_results\x18\x01 \x03(\x0b\x32\x30.google.cloud.securitycenter.v1beta1.GroupResult\x12-\n\tread_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x17\n\x0fnext_page_token\x18\x03 \x01(\t"\xd1\x01\n\x14GroupFindingsRequest\x12<\n\x06parent\x18\x01 \x01(\tB,\xe0\x41\x02\xfa\x41&\n$securitycenter.googleapis.com/Source\x12\x0e\n\x06\x66ilter\x18\x02 \x01(\t\x12\x15\n\x08group_by\x18\x03 \x01(\tB\x03\xe0\x41\x02\x12-\n\tread_time\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x12\n\npage_token\x18\x05 \x01(\t\x12\x11\n\tpage_size\x18\x06 \x01(\x05"\xab\x01\n\x15GroupFindingsResponse\x12J\n\x10group_by_results\x18\x01 \x03(\x0b\x32\x30.google.cloud.securitycenter.v1beta1.GroupResult\x12-\n\tread_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x17\n\x0fnext_page_token\x18\x03 \x01(\t"\xbd\x01\n\x0bGroupResult\x12T\n\nproperties\x18\x01 \x03(\x0b\x32@.google.cloud.securitycenter.v1beta1.GroupResult.PropertiesEntry\x12\r\n\x05\x63ount\x18\x02 \x01(\x03\x1aI\n\x0fPropertiesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12%\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.Value:\x02\x38\x01"\x85\x01\n\x12ListSourcesRequest\x12H\n\x06parent\x18\x01 \x01(\tB8\xe0\x41\x02\xfa\x41\x32\n0cloudresourcemanager.googleapis.com/Organization\x12\x12\n\npage_token\x18\x02 \x01(\t\x12\x11\n\tpage_size\x18\x07 \x01(\x05"l\n\x13ListSourcesResponse\x12<\n\x07sources\x18\x01 \x03(\x0b\x32+.google.cloud.securitycenter.v1beta1.Source\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t"\xbf\x02\n\x11ListAssetsRequest\x12H\n\x06parent\x18\x01 \x01(\tB8\xe0\x41\x02\xfa\x41\x32\n0cloudresourcemanager.googleapis.com/Organization\x12\x0e\n\x06\x66ilter\x18\x02 \x01(\t\x12\x10\n\x08order_by\x18\x03 \x01(\t\x12-\n\tread_time\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x33\n\x10\x63ompare_duration\x18\x05 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x33\n\nfield_mask\x18\x07 \x01(\x0b\x32\x1a.google.protobuf.FieldMaskB\x03\xe0\x41\x01\x12\x12\n\npage_token\x18\x08 \x01(\t\x12\x11\n\tpage_size\x18\t \x01(\x05"\xd6\x03\n\x12ListAssetsResponse\x12\x65\n\x13list_assets_results\x18\x01 \x03(\x0b\x32H.google.cloud.securitycenter.v1beta1.ListAssetsResponse.ListAssetsResult\x12-\n\tread_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x17\n\x0fnext_page_token\x18\x03 \x01(\t\x12\x12\n\ntotal_size\x18\x04 \x01(\x05\x1a\xfc\x01\n\x10ListAssetsResult\x12\x39\n\x05\x61sset\x18\x01 \x01(\x0b\x32*.google.cloud.securitycenter.v1beta1.Asset\x12]\n\x05state\x18\x02 \x01(\x0e\x32N.google.cloud.securitycenter.v1beta1.ListAssetsResponse.ListAssetsResult.State"N\n\x05State\x12\x15\n\x11STATE_UNSPECIFIED\x10\x00\x12\n\n\x06UNUSED\x10\x01\x12\t\n\x05\x41\x44\x44\x45\x44\x10\x02\x12\x0b\n\x07REMOVED\x10\x03\x12\n\n\x06\x41\x43TIVE\x10\x04"\x80\x02\n\x13ListFindingsRequest\x12<\n\x06parent\x18\x01 \x01(\tB,\xe0\x41\x02\xfa\x41&\n$securitycenter.googleapis.com/Source\x12\x0e\n\x06\x66ilter\x18\x02 \x01(\t\x12\x10\n\x08order_by\x18\x03 \x01(\t\x12-\n\tread_time\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x33\n\nfield_mask\x18\x05 \x01(\x0b\x32\x1a.google.protobuf.FieldMaskB\x03\xe0\x41\x01\x12\x12\n\npage_token\x18\x06 \x01(\t\x12\x11\n\tpage_size\x18\x07 \x01(\x05"\xb2\x01\n\x14ListFindingsResponse\x12>\n\x08\x66indings\x18\x01 \x03(\x0b\x32,.google.cloud.securitycenter.v1beta1.Finding\x12-\n\tread_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x17\n\x0fnext_page_token\x18\x03 \x01(\t\x12\x12\n\ntotal_size\x18\x04 \x01(\x05"\xd2\x01\n\x16SetFindingStateRequest\x12;\n\x04name\x18\x01 \x01(\tB-\xe0\x41\x02\xfa\x41\'\n%securitycenter.googleapis.com/Finding\x12\x46\n\x05state\x18\x02 \x01(\x0e\x32\x32.google.cloud.securitycenter.v1beta1.Finding.StateB\x03\xe0\x41\x02\x12\x33\n\nstart_time\x18\x03 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x02"d\n\x18RunAssetDiscoveryRequest\x12H\n\x06parent\x18\x01 \x01(\tB8\xe0\x41\x02\xfa\x41\x32\n0cloudresourcemanager.googleapis.com/Organization"\x8b\x01\n\x14UpdateFindingRequest\x12\x42\n\x07\x66inding\x18\x01 \x01(\x0b\x32,.google.cloud.securitycenter.v1beta1.FindingB\x03\xe0\x41\x02\x12/\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMask"\xb3\x01\n!UpdateOrganizationSettingsRequest\x12]\n\x15organization_settings\x18\x01 \x01(\x0b\x32\x39.google.cloud.securitycenter.v1beta1.OrganizationSettingsB\x03\xe0\x41\x02\x12/\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMask"\x88\x01\n\x13UpdateSourceRequest\x12@\n\x06source\x18\x01 \x01(\x0b\x32+.google.cloud.securitycenter.v1beta1.SourceB\x03\xe0\x41\x02\x12/\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMask"\xce\x01\n\x1aUpdateSecurityMarksRequest\x12O\n\x0esecurity_marks\x18\x01 \x01(\x0b\x32\x32.google.cloud.securitycenter.v1beta1.SecurityMarksB\x03\xe0\x41\x02\x12/\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMask\x12.\n\nstart_time\x18\x03 \x01(\x0b\x32\x1a.google.protobuf.Timestamp2\xeb\x1e\n\x0eSecurityCenter\x12\xc0\x01\n\x0c\x43reateSource\x12\x38.google.cloud.securitycenter.v1beta1.CreateSourceRequest\x1a+.google.cloud.securitycenter.v1beta1.Source"I\x82\xd3\xe4\x93\x02\x33")/v1beta1/{parent=organizations/*}/sources:\x06source\xda\x41\rparent,source\x12\xdb\x01\n\rCreateFinding\x12\x39.google.cloud.securitycenter.v1beta1.CreateFindingRequest\x1a,.google.cloud.securitycenter.v1beta1.Finding"a\x82\xd3\xe4\x93\x02?"4/v1beta1/{parent=organizations/*/sources/*}/findings:\x07\x66inding\xda\x41\x19parent,finding_id,finding\x12\x9b\x01\n\x0cGetIamPolicy\x12".google.iam.v1.GetIamPolicyRequest\x1a\x15.google.iam.v1.Policy"P\x82\xd3\xe4\x93\x02?":/v1beta1/{resource=organizations/*/sources/*}:getIamPolicy:\x01*\xda\x41\x08resource\x12\xde\x01\n\x17GetOrganizationSettings\x12\x43.google.cloud.securitycenter.v1beta1.GetOrganizationSettingsRequest\x1a\x39.google.cloud.securitycenter.v1beta1.OrganizationSettings"C\x82\xd3\xe4\x93\x02\x36\x12\x34/v1beta1/{name=organizations/*/organizationSettings}\xda\x41\x04name\x12\xa9\x01\n\tGetSource\x12\x35.google.cloud.securitycenter.v1beta1.GetSourceRequest\x1a+.google.cloud.securitycenter.v1beta1.Source"8\x82\xd3\xe4\x93\x02+\x12)/v1beta1/{name=organizations/*/sources/*}\xda\x41\x04name\x12\xbb\x01\n\x0bGroupAssets\x12\x37.google.cloud.securitycenter.v1beta1.GroupAssetsRequest\x1a\x38.google.cloud.securitycenter.v1beta1.GroupAssetsResponse"9\x82\xd3\xe4\x93\x02\x33"./v1beta1/{parent=organizations/*}/assets:group:\x01*\x12\xdf\x01\n\rGroupFindings\x12\x39.google.cloud.securitycenter.v1beta1.GroupFindingsRequest\x1a:.google.cloud.securitycenter.v1beta1.GroupFindingsResponse"W\x82\xd3\xe4\x93\x02?":/v1beta1/{parent=organizations/*/sources/*}/findings:group:\x01*\xda\x41\x0fparent,group_by\x12\xaf\x01\n\nListAssets\x12\x36.google.cloud.securitycenter.v1beta1.ListAssetsRequest\x1a\x37.google.cloud.securitycenter.v1beta1.ListAssetsResponse"0\x82\xd3\xe4\x93\x02*\x12(/v1beta1/{parent=organizations/*}/assets\x12\xc1\x01\n\x0cListFindings\x12\x38.google.cloud.securitycenter.v1beta1.ListFindingsRequest\x1a\x39.google.cloud.securitycenter.v1beta1.ListFindingsResponse"<\x82\xd3\xe4\x93\x02\x36\x12\x34/v1beta1/{parent=organizations/*/sources/*}/findings\x12\xbc\x01\n\x0bListSources\x12\x37.google.cloud.securitycenter.v1beta1.ListSourcesRequest\x1a\x38.google.cloud.securitycenter.v1beta1.ListSourcesResponse":\x82\xd3\xe4\x93\x02+\x12)/v1beta1/{parent=organizations/*}/sources\xda\x41\x06parent\x12\xed\x01\n\x11RunAssetDiscovery\x12=.google.cloud.securitycenter.v1beta1.RunAssetDiscoveryRequest\x1a\x1d.google.longrunning.Operation"z\x82\xd3\xe4\x93\x02:"5/v1beta1/{parent=organizations/*}/assets:runDiscovery:\x01*\xda\x41\x06parent\xca\x41.\n\x15google.protobuf.Empty\x12\x15google.protobuf.Empty\x12\xde\x01\n\x0fSetFindingState\x12;.google.cloud.securitycenter.v1beta1.SetFindingStateRequest\x1a,.google.cloud.securitycenter.v1beta1.Finding"`\x82\xd3\xe4\x93\x02\x42"=/v1beta1/{name=organizations/*/sources/*/findings/*}:setState:\x01*\xda\x41\x15name,state,start_time\x12\xa2\x01\n\x0cSetIamPolicy\x12".google.iam.v1.SetIamPolicyRequest\x1a\x15.google.iam.v1.Policy"W\x82\xd3\xe4\x93\x02?":/v1beta1/{resource=organizations/*/sources/*}:setIamPolicy:\x01*\xda\x41\x0fresource,policy\x12\xcd\x01\n\x12TestIamPermissions\x12(.google.iam.v1.TestIamPermissionsRequest\x1a).google.iam.v1.TestIamPermissionsResponse"b\x82\xd3\xe4\x93\x02\x45"@/v1beta1/{resource=organizations/*/sources/*}:testIamPermissions:\x01*\xda\x41\x14resource,permissions\x12\xd1\x01\n\rUpdateFinding\x12\x39.google.cloud.securitycenter.v1beta1.UpdateFindingRequest\x1a,.google.cloud.securitycenter.v1beta1.Finding"W\x82\xd3\xe4\x93\x02G2`__?. + name must have a length between 1 and 64 characters + (inclusive). description: The description of the source (max of 1024 characters). Example: "Cloud Security Scanner is a web security scanner for @@ -150,4 +154,5 @@ DESCRIPTOR._options = None +_SOURCE._options = None # @@protoc_insertion_point(module_scope) diff --git a/google/cloud/securitycenter_v1beta1/types.py b/google/cloud/securitycenter_v1beta1/types.py index 2c8342a6..da8649ee 100644 --- a/google/cloud/securitycenter_v1beta1/types.py +++ b/google/cloud/securitycenter_v1beta1/types.py @@ -1,6 +1,6 @@ # -*- coding: utf-8 -*- # -# Copyright 2019 Google LLC +# Copyright 2020 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/google/cloud/securitycenter_v1p1beta1/__init__.py b/google/cloud/securitycenter_v1p1beta1/__init__.py new file mode 100644 index 00000000..de3c8b35 --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/__init__.py @@ -0,0 +1,45 @@ +# -*- coding: utf-8 -*- +# +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +from __future__ import absolute_import +import sys +import warnings + +from google.cloud.securitycenter_v1p1beta1 import types +from google.cloud.securitycenter_v1p1beta1.gapic import enums +from google.cloud.securitycenter_v1p1beta1.gapic import security_center_client + + +if sys.version_info[:2] == (2, 7): + message = ( + "A future version of this library will drop support for Python 2.7." + "More details about Python 2 support for Google Cloud Client Libraries" + "can be found at https://cloud.google.com/python/docs/python2-sunset/" + ) + warnings.warn(message, DeprecationWarning) + + +class SecurityCenterClient(security_center_client.SecurityCenterClient): + __doc__ = security_center_client.SecurityCenterClient.__doc__ + enums = enums + + +__all__ = ( + "enums", + "types", + "SecurityCenterClient", +) diff --git a/google/cloud/securitycenter_v1p1beta1/gapic/__init__.py b/google/cloud/securitycenter_v1p1beta1/gapic/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/google/cloud/securitycenter_v1p1beta1/gapic/enums.py b/google/cloud/securitycenter_v1p1beta1/gapic/enums.py new file mode 100644 index 00000000..a86804cf --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/gapic/enums.py @@ -0,0 +1,164 @@ +# -*- coding: utf-8 -*- +# +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +"""Wrappers for protocol buffer enum types.""" + +import enum + + +class NullValue(enum.IntEnum): + """ + ``NullValue`` is a singleton enumeration to represent the null value for + the ``Value`` type union. + + The JSON representation for ``NullValue`` is JSON ``null``. + + Attributes: + NULL_VALUE (int): Null value. + """ + + NULL_VALUE = 0 + + +class Finding(object): + class State(enum.IntEnum): + """ + The state of the finding. + + Attributes: + STATE_UNSPECIFIED (int): Unspecified state. + ACTIVE (int): The finding requires attention and has not been addressed yet. + INACTIVE (int): The finding has been fixed, triaged as a non-issue or otherwise addressed + and is no longer active. + """ + + STATE_UNSPECIFIED = 0 + ACTIVE = 1 + INACTIVE = 2 + + +class ListAssetsResponse(object): + class ListAssetsResult(object): + class StateChange(enum.IntEnum): + """ + The change in state of the asset. + + When querying across two points in time this describes the change + between the two points: ADDED, REMOVED, or ACTIVE. If there was no + compare\_duration supplied in the request the state change will be: + UNUSED + + Attributes: + UNUSED (int): State change is unused, this is the canonical default for this enum. + ADDED (int): Asset was added between the points in time. + REMOVED (int): Asset was removed between the points in time. + ACTIVE (int): Asset was present at both point(s) in time. + """ + + UNUSED = 0 + ADDED = 1 + REMOVED = 2 + ACTIVE = 3 + + +class ListFindingsResponse(object): + class ListFindingsResult(object): + class StateChange(enum.IntEnum): + """ + The change in state of the finding. + + When querying across two points in time this describes the change in the + finding between the two points: CHANGED, UNCHANGED, ADDED, or REMOVED. + Findings can not be deleted, so REMOVED implies that the finding at + timestamp does not match the filter specified, but it did at timestamp - + compare\_duration. If there was no compare\_duration supplied in the + request the state change will be: UNUSED + + Attributes: + UNUSED (int): State change is unused, this is the canonical default for this enum. + CHANGED (int): The finding has changed state in some way between the points in time + and existed at both points. + UNCHANGED (int): The finding has not changed state between the points in time and + existed at both points. + ADDED (int): The finding was created between the points in time. + REMOVED (int): The finding at timestamp does not match the filter specified, but it did + at timestamp - compare\_duration. + """ + + UNUSED = 0 + CHANGED = 1 + UNCHANGED = 2 + ADDED = 3 + REMOVED = 4 + + +class NotificationConfig(object): + class EventType(enum.IntEnum): + """ + The type of events. + + Attributes: + EVENT_TYPE_UNSPECIFIED (int): Unspecified event type. + FINDING (int): Events for findings. + """ + + EVENT_TYPE_UNSPECIFIED = 0 + FINDING = 1 + + +class OrganizationSettings(object): + class AssetDiscoveryConfig(object): + class InclusionMode(enum.IntEnum): + """ + The mode of inclusion when running Asset Discovery. Asset discovery can + be limited by explicitly identifying projects to be included or + excluded. If INCLUDE\_ONLY is set, then only those projects within the + organization and their children are discovered during asset discovery. + If EXCLUDE is set, then projects that don't match those projects are + discovered during asset discovery. If neither are set, then all projects + within the organization are discovered during asset discovery. + + Attributes: + INCLUSION_MODE_UNSPECIFIED (int): Unspecified. Setting the mode with this value will disable + inclusion/exclusion filtering for Asset Discovery. + INCLUDE_ONLY (int): Asset Discovery will capture only the resources within the projects + specified. All other resources will be ignored. + EXCLUDE (int): Asset Discovery will ignore all resources under the projects specified. + All other resources will be retrieved. + """ + + INCLUSION_MODE_UNSPECIFIED = 0 + INCLUDE_ONLY = 1 + EXCLUDE = 2 + + +class RunAssetDiscoveryResponse(object): + class State(enum.IntEnum): + """ + The state of an asset discovery run. + + Attributes: + STATE_UNSPECIFIED (int): Asset discovery run state was unspecified. + COMPLETED (int): Asset discovery run completed successfully. + SUPERSEDED (int): Asset discovery run was cancelled with tasks still pending, as another + run for the same organization was started with a higher priority. + TERMINATED (int): Asset discovery run was killed and terminated. + """ + + STATE_UNSPECIFIED = 0 + COMPLETED = 1 + SUPERSEDED = 2 + TERMINATED = 3 diff --git a/google/cloud/securitycenter_v1p1beta1/gapic/security_center_client.py b/google/cloud/securitycenter_v1p1beta1/gapic/security_center_client.py new file mode 100644 index 00000000..f8bedd27 --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/gapic/security_center_client.py @@ -0,0 +1,2799 @@ +# -*- coding: utf-8 -*- +# +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +"""Accesses the google.cloud.securitycenter.v1p1beta1 SecurityCenter API.""" + +import functools +import pkg_resources +import warnings + +from google.oauth2 import service_account +import google.api_core.client_options +import google.api_core.gapic_v1.client_info +import google.api_core.gapic_v1.config +import google.api_core.gapic_v1.method +import google.api_core.gapic_v1.routing_header +import google.api_core.grpc_helpers +import google.api_core.operation +import google.api_core.operations_v1 +import google.api_core.page_iterator +import google.api_core.path_template +import grpc + +from google.cloud.securitycenter_v1p1beta1.gapic import enums +from google.cloud.securitycenter_v1p1beta1.gapic import security_center_client_config +from google.cloud.securitycenter_v1p1beta1.gapic.transports import ( + security_center_grpc_transport, +) +from google.cloud.securitycenter_v1p1beta1.proto import finding_pb2 +from google.cloud.securitycenter_v1p1beta1.proto import notification_config_pb2 +from google.cloud.securitycenter_v1p1beta1.proto import organization_settings_pb2 +from google.cloud.securitycenter_v1p1beta1.proto import run_asset_discovery_response_pb2 +from google.cloud.securitycenter_v1p1beta1.proto import security_marks_pb2 +from google.cloud.securitycenter_v1p1beta1.proto import securitycenter_service_pb2 +from google.cloud.securitycenter_v1p1beta1.proto import securitycenter_service_pb2_grpc +from google.cloud.securitycenter_v1p1beta1.proto import source_pb2 +from google.iam.v1 import iam_policy_pb2 +from google.iam.v1 import options_pb2 +from google.iam.v1 import policy_pb2 +from google.longrunning import operations_pb2 +from google.protobuf import duration_pb2 +from google.protobuf import empty_pb2 +from google.protobuf import field_mask_pb2 +from google.protobuf import timestamp_pb2 + + +_GAPIC_LIBRARY_VERSION = pkg_resources.get_distribution( + "google-cloud-securitycenter", +).version + + +class SecurityCenterClient(object): + """V1p1Beta1 APIs for Security Center service.""" + + SERVICE_ADDRESS = "securitycenter.googleapis.com:443" + """The default address of the service.""" + + # The name of the interface for this client. This is the key used to + # find the method configuration in the client_config dictionary. + _INTERFACE_NAME = "google.cloud.securitycenter.v1p1beta1.SecurityCenter" + + @classmethod + def from_service_account_file(cls, filename, *args, **kwargs): + """Creates an instance of this client using the provided credentials + file. + + Args: + filename (str): The path to the service account private key json + file. + args: Additional arguments to pass to the constructor. + kwargs: Additional arguments to pass to the constructor. + + Returns: + SecurityCenterClient: The constructed client. + """ + credentials = service_account.Credentials.from_service_account_file(filename) + kwargs["credentials"] = credentials + return cls(*args, **kwargs) + + from_service_account_json = from_service_account_file + + @classmethod + def finding_path(cls, organization, source, finding): + """Return a fully-qualified finding string.""" + return google.api_core.path_template.expand( + "organizations/{organization}/sources/{source}/findings/{finding}", + organization=organization, + source=source, + finding=finding, + ) + + @classmethod + def notification_config_path(cls, organization, notification_config): + """Return a fully-qualified notification_config string.""" + return google.api_core.path_template.expand( + "organizations/{organization}/notificationConfigs/{notification_config}", + organization=organization, + notification_config=notification_config, + ) + + @classmethod + def organization_path(cls, organization): + """Return a fully-qualified organization string.""" + return google.api_core.path_template.expand( + "organizations/{organization}", organization=organization, + ) + + @classmethod + def organization_settings_path(cls, organization): + """Return a fully-qualified organization_settings string.""" + return google.api_core.path_template.expand( + "organizations/{organization}/organizationSettings", + organization=organization, + ) + + @classmethod + def source_path(cls, organization, source): + """Return a fully-qualified source string.""" + return google.api_core.path_template.expand( + "organizations/{organization}/sources/{source}", + organization=organization, + source=source, + ) + + @classmethod + def topic_path(cls, project, topic): + """Return a fully-qualified topic string.""" + return google.api_core.path_template.expand( + "projects/{project}/topics/{topic}", project=project, topic=topic, + ) + + def __init__( + self, + transport=None, + channel=None, + credentials=None, + client_config=None, + client_info=None, + client_options=None, + ): + """Constructor. + + Args: + transport (Union[~.SecurityCenterGrpcTransport, + Callable[[~.Credentials, type], ~.SecurityCenterGrpcTransport]): A transport + instance, responsible for actually making the API calls. + The default transport uses the gRPC protocol. + This argument may also be a callable which returns a + transport instance. Callables will be sent the credentials + as the first argument and the default transport class as + the second argument. + channel (grpc.Channel): DEPRECATED. A ``Channel`` instance + through which to make calls. This argument is mutually exclusive + with ``credentials``; providing both will raise an exception. + credentials (google.auth.credentials.Credentials): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If none + are specified, the client will attempt to ascertain the + credentials from the environment. + This argument is mutually exclusive with providing a + transport instance to ``transport``; doing so will raise + an exception. + client_config (dict): DEPRECATED. A dictionary of call options for + each method. If not specified, the default configuration is used. + client_info (google.api_core.gapic_v1.client_info.ClientInfo): + The client info used to send a user-agent string along with + API requests. If ``None``, then default info will be used. + Generally, you only need to set this if you're developing + your own client library. + client_options (Union[dict, google.api_core.client_options.ClientOptions]): + Client options used to set user options on the client. API Endpoint + should be set through client_options. + """ + # Raise deprecation warnings for things we want to go away. + if client_config is not None: + warnings.warn( + "The `client_config` argument is deprecated.", + PendingDeprecationWarning, + stacklevel=2, + ) + else: + client_config = security_center_client_config.config + + if channel: + warnings.warn( + "The `channel` argument is deprecated; use " "`transport` instead.", + PendingDeprecationWarning, + stacklevel=2, + ) + + api_endpoint = self.SERVICE_ADDRESS + if client_options: + if type(client_options) == dict: + client_options = google.api_core.client_options.from_dict( + client_options + ) + if client_options.api_endpoint: + api_endpoint = client_options.api_endpoint + + # Instantiate the transport. + # The transport is responsible for handling serialization and + # deserialization and actually sending data to the service. + if transport: + if callable(transport): + self.transport = transport( + credentials=credentials, + default_class=security_center_grpc_transport.SecurityCenterGrpcTransport, + address=api_endpoint, + ) + else: + if credentials: + raise ValueError( + "Received both a transport instance and " + "credentials; these are mutually exclusive." + ) + self.transport = transport + else: + self.transport = security_center_grpc_transport.SecurityCenterGrpcTransport( + address=api_endpoint, channel=channel, credentials=credentials, + ) + + if client_info is None: + client_info = google.api_core.gapic_v1.client_info.ClientInfo( + gapic_version=_GAPIC_LIBRARY_VERSION, + ) + else: + client_info.gapic_version = _GAPIC_LIBRARY_VERSION + self._client_info = client_info + + # Parse out the default settings for retry and timeout for each RPC + # from the client configuration. + # (Ordinarily, these are the defaults specified in the `*_config.py` + # file next to this one.) + self._method_configs = google.api_core.gapic_v1.config.parse_method_configs( + client_config["interfaces"][self._INTERFACE_NAME], + ) + + # Save a dictionary of cached API call functions. + # These are the actual callables which invoke the proper + # transport methods, wrapped with `wrap_method` to add retry, + # timeout, and the like. + self._inner_api_calls = {} + + # Service calls + def create_source( + self, + parent, + source, + retry=google.api_core.gapic_v1.method.DEFAULT, + timeout=google.api_core.gapic_v1.method.DEFAULT, + metadata=None, + ): + """ + Creates a source. + + Example: + >>> from google.cloud import securitycenter_v1p1beta1 + >>> + >>> client = securitycenter_v1p1beta1.SecurityCenterClient() + >>> + >>> parent = client.organization_path('[ORGANIZATION]') + >>> + >>> # TODO: Initialize `source`: + >>> source = {} + >>> + >>> response = client.create_source(parent, source) + + Args: + parent (str): Required. Resource name of the new source's parent. Its format should be + "organizations/[organization\_id]". + source (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.Source]): Required. The Source being created, only the display\_name and + description will be used. All other fields will be ignored. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.Source` + retry (Optional[google.api_core.retry.Retry]): A retry object used + to retry requests. If ``None`` is specified, requests will + be retried using a default configuration. + timeout (Optional[float]): The amount of time, in seconds, to wait + for the request to complete. Note that if ``retry`` is + specified, the timeout applies to each individual attempt. + metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata + that is provided to the method. + + Returns: + A :class:`~google.cloud.securitycenter_v1p1beta1.types.Source` instance. + + Raises: + google.api_core.exceptions.GoogleAPICallError: If the request + failed for any reason. + google.api_core.exceptions.RetryError: If the request failed due + to a retryable error and retry attempts failed. + ValueError: If the parameters are invalid. + """ + # Wrap the transport method to add retry and timeout logic. + if "create_source" not in self._inner_api_calls: + self._inner_api_calls[ + "create_source" + ] = google.api_core.gapic_v1.method.wrap_method( + self.transport.create_source, + default_retry=self._method_configs["CreateSource"].retry, + default_timeout=self._method_configs["CreateSource"].timeout, + client_info=self._client_info, + ) + + request = securitycenter_service_pb2.CreateSourceRequest( + parent=parent, source=source, + ) + if metadata is None: + metadata = [] + metadata = list(metadata) + try: + routing_header = [("parent", parent)] + except AttributeError: + pass + else: + routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( + routing_header + ) + metadata.append(routing_metadata) + + return self._inner_api_calls["create_source"]( + request, retry=retry, timeout=timeout, metadata=metadata + ) + + def create_finding( + self, + parent, + finding_id, + finding, + retry=google.api_core.gapic_v1.method.DEFAULT, + timeout=google.api_core.gapic_v1.method.DEFAULT, + metadata=None, + ): + """ + Creates a finding. The corresponding source must exist for finding + creation to succeed. + + Example: + >>> from google.cloud import securitycenter_v1p1beta1 + >>> + >>> client = securitycenter_v1p1beta1.SecurityCenterClient() + >>> + >>> parent = client.source_path('[ORGANIZATION]', '[SOURCE]') + >>> + >>> # TODO: Initialize `finding_id`: + >>> finding_id = '' + >>> + >>> # TODO: Initialize `finding`: + >>> finding = {} + >>> + >>> response = client.create_finding(parent, finding_id, finding) + + Args: + parent (str): Required. Resource name of the new finding's parent. Its format should + be "organizations/[organization\_id]/sources/[source\_id]". + finding_id (str): Required. Unique identifier provided by the client within the parent scope. + It must be alphanumeric and less than or equal to 32 characters and + greater than 0 characters in length. + finding (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.Finding]): Required. The Finding being created. The name and security\_marks will + be ignored as they are both output only fields on this resource. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.Finding` + retry (Optional[google.api_core.retry.Retry]): A retry object used + to retry requests. If ``None`` is specified, requests will + be retried using a default configuration. + timeout (Optional[float]): The amount of time, in seconds, to wait + for the request to complete. Note that if ``retry`` is + specified, the timeout applies to each individual attempt. + metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata + that is provided to the method. + + Returns: + A :class:`~google.cloud.securitycenter_v1p1beta1.types.Finding` instance. + + Raises: + google.api_core.exceptions.GoogleAPICallError: If the request + failed for any reason. + google.api_core.exceptions.RetryError: If the request failed due + to a retryable error and retry attempts failed. + ValueError: If the parameters are invalid. + """ + # Wrap the transport method to add retry and timeout logic. + if "create_finding" not in self._inner_api_calls: + self._inner_api_calls[ + "create_finding" + ] = google.api_core.gapic_v1.method.wrap_method( + self.transport.create_finding, + default_retry=self._method_configs["CreateFinding"].retry, + default_timeout=self._method_configs["CreateFinding"].timeout, + client_info=self._client_info, + ) + + request = securitycenter_service_pb2.CreateFindingRequest( + parent=parent, finding_id=finding_id, finding=finding, + ) + if metadata is None: + metadata = [] + metadata = list(metadata) + try: + routing_header = [("parent", parent)] + except AttributeError: + pass + else: + routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( + routing_header + ) + metadata.append(routing_metadata) + + return self._inner_api_calls["create_finding"]( + request, retry=retry, timeout=timeout, metadata=metadata + ) + + def create_notification_config( + self, + parent, + config_id, + notification_config, + retry=google.api_core.gapic_v1.method.DEFAULT, + timeout=google.api_core.gapic_v1.method.DEFAULT, + metadata=None, + ): + """ + Creates a notification config. + + Example: + >>> from google.cloud import securitycenter_v1p1beta1 + >>> + >>> client = securitycenter_v1p1beta1.SecurityCenterClient() + >>> + >>> parent = client.organization_path('[ORGANIZATION]') + >>> + >>> # TODO: Initialize `config_id`: + >>> config_id = '' + >>> + >>> # TODO: Initialize `notification_config`: + >>> notification_config = {} + >>> + >>> response = client.create_notification_config(parent, config_id, notification_config) + + Args: + parent (str): Required. Resource name of the new notification config's parent. Its + format is "organizations/[organization\_id]". + config_id (str): Required. + Unique identifier provided by the client within the parent scope. + It must be between 1 and 128 characters, and contains alphanumeric + characters, underscores or hyphens only. + notification_config (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.NotificationConfig]): Required. The notification config being created. The name and the service + account will be ignored as they are both output only fields on this + resource. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.NotificationConfig` + retry (Optional[google.api_core.retry.Retry]): A retry object used + to retry requests. If ``None`` is specified, requests will + be retried using a default configuration. + timeout (Optional[float]): The amount of time, in seconds, to wait + for the request to complete. Note that if ``retry`` is + specified, the timeout applies to each individual attempt. + metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata + that is provided to the method. + + Returns: + A :class:`~google.cloud.securitycenter_v1p1beta1.types.NotificationConfig` instance. + + Raises: + google.api_core.exceptions.GoogleAPICallError: If the request + failed for any reason. + google.api_core.exceptions.RetryError: If the request failed due + to a retryable error and retry attempts failed. + ValueError: If the parameters are invalid. + """ + # Wrap the transport method to add retry and timeout logic. + if "create_notification_config" not in self._inner_api_calls: + self._inner_api_calls[ + "create_notification_config" + ] = google.api_core.gapic_v1.method.wrap_method( + self.transport.create_notification_config, + default_retry=self._method_configs["CreateNotificationConfig"].retry, + default_timeout=self._method_configs[ + "CreateNotificationConfig" + ].timeout, + client_info=self._client_info, + ) + + request = securitycenter_service_pb2.CreateNotificationConfigRequest( + parent=parent, config_id=config_id, notification_config=notification_config, + ) + if metadata is None: + metadata = [] + metadata = list(metadata) + try: + routing_header = [("parent", parent)] + except AttributeError: + pass + else: + routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( + routing_header + ) + metadata.append(routing_metadata) + + return self._inner_api_calls["create_notification_config"]( + request, retry=retry, timeout=timeout, metadata=metadata + ) + + def delete_notification_config( + self, + name, + retry=google.api_core.gapic_v1.method.DEFAULT, + timeout=google.api_core.gapic_v1.method.DEFAULT, + metadata=None, + ): + """ + Deletes a notification config. + + Example: + >>> from google.cloud import securitycenter_v1p1beta1 + >>> + >>> client = securitycenter_v1p1beta1.SecurityCenterClient() + >>> + >>> name = client.notification_config_path('[ORGANIZATION]', '[NOTIFICATION_CONFIG]') + >>> + >>> client.delete_notification_config(name) + + Args: + name (str): Required. Name of the notification config to delete. Its format is + "organizations/[organization\_id]/notificationConfigs/[config\_id]". + retry (Optional[google.api_core.retry.Retry]): A retry object used + to retry requests. If ``None`` is specified, requests will + be retried using a default configuration. + timeout (Optional[float]): The amount of time, in seconds, to wait + for the request to complete. Note that if ``retry`` is + specified, the timeout applies to each individual attempt. + metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata + that is provided to the method. + + Raises: + google.api_core.exceptions.GoogleAPICallError: If the request + failed for any reason. + google.api_core.exceptions.RetryError: If the request failed due + to a retryable error and retry attempts failed. + ValueError: If the parameters are invalid. + """ + # Wrap the transport method to add retry and timeout logic. + if "delete_notification_config" not in self._inner_api_calls: + self._inner_api_calls[ + "delete_notification_config" + ] = google.api_core.gapic_v1.method.wrap_method( + self.transport.delete_notification_config, + default_retry=self._method_configs["DeleteNotificationConfig"].retry, + default_timeout=self._method_configs[ + "DeleteNotificationConfig" + ].timeout, + client_info=self._client_info, + ) + + request = securitycenter_service_pb2.DeleteNotificationConfigRequest(name=name,) + if metadata is None: + metadata = [] + metadata = list(metadata) + try: + routing_header = [("name", name)] + except AttributeError: + pass + else: + routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( + routing_header + ) + metadata.append(routing_metadata) + + self._inner_api_calls["delete_notification_config"]( + request, retry=retry, timeout=timeout, metadata=metadata + ) + + def get_iam_policy( + self, + resource, + options_=None, + retry=google.api_core.gapic_v1.method.DEFAULT, + timeout=google.api_core.gapic_v1.method.DEFAULT, + metadata=None, + ): + """ + Gets the access control policy on the specified Source. + + Example: + >>> from google.cloud import securitycenter_v1p1beta1 + >>> + >>> client = securitycenter_v1p1beta1.SecurityCenterClient() + >>> + >>> # TODO: Initialize `resource`: + >>> resource = '' + >>> + >>> response = client.get_iam_policy(resource) + + Args: + resource (str): REQUIRED: The resource for which the policy is being requested. + See the operation documentation for the appropriate value for this field. + options_ (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.GetPolicyOptions]): OPTIONAL: A ``GetPolicyOptions`` object for specifying options to + ``GetIamPolicy``. This field is only used by Cloud IAM. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.GetPolicyOptions` + retry (Optional[google.api_core.retry.Retry]): A retry object used + to retry requests. If ``None`` is specified, requests will + be retried using a default configuration. + timeout (Optional[float]): The amount of time, in seconds, to wait + for the request to complete. Note that if ``retry`` is + specified, the timeout applies to each individual attempt. + metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata + that is provided to the method. + + Returns: + A :class:`~google.cloud.securitycenter_v1p1beta1.types.Policy` instance. + + Raises: + google.api_core.exceptions.GoogleAPICallError: If the request + failed for any reason. + google.api_core.exceptions.RetryError: If the request failed due + to a retryable error and retry attempts failed. + ValueError: If the parameters are invalid. + """ + # Wrap the transport method to add retry and timeout logic. + if "get_iam_policy" not in self._inner_api_calls: + self._inner_api_calls[ + "get_iam_policy" + ] = google.api_core.gapic_v1.method.wrap_method( + self.transport.get_iam_policy, + default_retry=self._method_configs["GetIamPolicy"].retry, + default_timeout=self._method_configs["GetIamPolicy"].timeout, + client_info=self._client_info, + ) + + request = iam_policy_pb2.GetIamPolicyRequest( + resource=resource, options=options_, + ) + if metadata is None: + metadata = [] + metadata = list(metadata) + try: + routing_header = [("resource", resource)] + except AttributeError: + pass + else: + routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( + routing_header + ) + metadata.append(routing_metadata) + + return self._inner_api_calls["get_iam_policy"]( + request, retry=retry, timeout=timeout, metadata=metadata + ) + + def get_notification_config( + self, + name, + retry=google.api_core.gapic_v1.method.DEFAULT, + timeout=google.api_core.gapic_v1.method.DEFAULT, + metadata=None, + ): + """ + Gets a notification config. + + Example: + >>> from google.cloud import securitycenter_v1p1beta1 + >>> + >>> client = securitycenter_v1p1beta1.SecurityCenterClient() + >>> + >>> name = client.notification_config_path('[ORGANIZATION]', '[NOTIFICATION_CONFIG]') + >>> + >>> response = client.get_notification_config(name) + + Args: + name (str): Required. Name of the notification config to get. Its format is + "organizations/[organization\_id]/notificationConfigs/[config\_id]". + retry (Optional[google.api_core.retry.Retry]): A retry object used + to retry requests. If ``None`` is specified, requests will + be retried using a default configuration. + timeout (Optional[float]): The amount of time, in seconds, to wait + for the request to complete. Note that if ``retry`` is + specified, the timeout applies to each individual attempt. + metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata + that is provided to the method. + + Returns: + A :class:`~google.cloud.securitycenter_v1p1beta1.types.NotificationConfig` instance. + + Raises: + google.api_core.exceptions.GoogleAPICallError: If the request + failed for any reason. + google.api_core.exceptions.RetryError: If the request failed due + to a retryable error and retry attempts failed. + ValueError: If the parameters are invalid. + """ + # Wrap the transport method to add retry and timeout logic. + if "get_notification_config" not in self._inner_api_calls: + self._inner_api_calls[ + "get_notification_config" + ] = google.api_core.gapic_v1.method.wrap_method( + self.transport.get_notification_config, + default_retry=self._method_configs["GetNotificationConfig"].retry, + default_timeout=self._method_configs["GetNotificationConfig"].timeout, + client_info=self._client_info, + ) + + request = securitycenter_service_pb2.GetNotificationConfigRequest(name=name,) + if metadata is None: + metadata = [] + metadata = list(metadata) + try: + routing_header = [("name", name)] + except AttributeError: + pass + else: + routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( + routing_header + ) + metadata.append(routing_metadata) + + return self._inner_api_calls["get_notification_config"]( + request, retry=retry, timeout=timeout, metadata=metadata + ) + + def get_organization_settings( + self, + name, + retry=google.api_core.gapic_v1.method.DEFAULT, + timeout=google.api_core.gapic_v1.method.DEFAULT, + metadata=None, + ): + """ + Gets the settings for an organization. + + Example: + >>> from google.cloud import securitycenter_v1p1beta1 + >>> + >>> client = securitycenter_v1p1beta1.SecurityCenterClient() + >>> + >>> name = client.organization_settings_path('[ORGANIZATION]') + >>> + >>> response = client.get_organization_settings(name) + + Args: + name (str): Required. Name of the organization to get organization settings for. Its + format is "organizations/[organization\_id]/organizationSettings". + retry (Optional[google.api_core.retry.Retry]): A retry object used + to retry requests. If ``None`` is specified, requests will + be retried using a default configuration. + timeout (Optional[float]): The amount of time, in seconds, to wait + for the request to complete. Note that if ``retry`` is + specified, the timeout applies to each individual attempt. + metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata + that is provided to the method. + + Returns: + A :class:`~google.cloud.securitycenter_v1p1beta1.types.OrganizationSettings` instance. + + Raises: + google.api_core.exceptions.GoogleAPICallError: If the request + failed for any reason. + google.api_core.exceptions.RetryError: If the request failed due + to a retryable error and retry attempts failed. + ValueError: If the parameters are invalid. + """ + # Wrap the transport method to add retry and timeout logic. + if "get_organization_settings" not in self._inner_api_calls: + self._inner_api_calls[ + "get_organization_settings" + ] = google.api_core.gapic_v1.method.wrap_method( + self.transport.get_organization_settings, + default_retry=self._method_configs["GetOrganizationSettings"].retry, + default_timeout=self._method_configs["GetOrganizationSettings"].timeout, + client_info=self._client_info, + ) + + request = securitycenter_service_pb2.GetOrganizationSettingsRequest(name=name,) + if metadata is None: + metadata = [] + metadata = list(metadata) + try: + routing_header = [("name", name)] + except AttributeError: + pass + else: + routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( + routing_header + ) + metadata.append(routing_metadata) + + return self._inner_api_calls["get_organization_settings"]( + request, retry=retry, timeout=timeout, metadata=metadata + ) + + def get_source( + self, + name, + retry=google.api_core.gapic_v1.method.DEFAULT, + timeout=google.api_core.gapic_v1.method.DEFAULT, + metadata=None, + ): + """ + Gets a source. + + Example: + >>> from google.cloud import securitycenter_v1p1beta1 + >>> + >>> client = securitycenter_v1p1beta1.SecurityCenterClient() + >>> + >>> name = client.source_path('[ORGANIZATION]', '[SOURCE]') + >>> + >>> response = client.get_source(name) + + Args: + name (str): Required. Relative resource name of the source. Its format is + "organizations/[organization\_id]/source/[source\_id]". + retry (Optional[google.api_core.retry.Retry]): A retry object used + to retry requests. If ``None`` is specified, requests will + be retried using a default configuration. + timeout (Optional[float]): The amount of time, in seconds, to wait + for the request to complete. Note that if ``retry`` is + specified, the timeout applies to each individual attempt. + metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata + that is provided to the method. + + Returns: + A :class:`~google.cloud.securitycenter_v1p1beta1.types.Source` instance. + + Raises: + google.api_core.exceptions.GoogleAPICallError: If the request + failed for any reason. + google.api_core.exceptions.RetryError: If the request failed due + to a retryable error and retry attempts failed. + ValueError: If the parameters are invalid. + """ + # Wrap the transport method to add retry and timeout logic. + if "get_source" not in self._inner_api_calls: + self._inner_api_calls[ + "get_source" + ] = google.api_core.gapic_v1.method.wrap_method( + self.transport.get_source, + default_retry=self._method_configs["GetSource"].retry, + default_timeout=self._method_configs["GetSource"].timeout, + client_info=self._client_info, + ) + + request = securitycenter_service_pb2.GetSourceRequest(name=name,) + if metadata is None: + metadata = [] + metadata = list(metadata) + try: + routing_header = [("name", name)] + except AttributeError: + pass + else: + routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( + routing_header + ) + metadata.append(routing_metadata) + + return self._inner_api_calls["get_source"]( + request, retry=retry, timeout=timeout, metadata=metadata + ) + + def group_assets( + self, + parent, + group_by, + filter_=None, + compare_duration=None, + read_time=None, + having=None, + page_size=None, + retry=google.api_core.gapic_v1.method.DEFAULT, + timeout=google.api_core.gapic_v1.method.DEFAULT, + metadata=None, + ): + """ + Filters an organization's assets and groups them by their specified + properties. + + Example: + >>> from google.cloud import securitycenter_v1p1beta1 + >>> + >>> client = securitycenter_v1p1beta1.SecurityCenterClient() + >>> + >>> parent = client.organization_path('[ORGANIZATION]') + >>> + >>> # TODO: Initialize `group_by`: + >>> group_by = '' + >>> + >>> # Iterate over all results + >>> for element in client.group_assets(parent, group_by): + ... # process element + ... pass + >>> + >>> + >>> # Alternatively: + >>> + >>> # Iterate over results one page at a time + >>> for page in client.group_assets(parent, group_by).pages: + ... for element in page: + ... # process element + ... pass + + Args: + parent (str): Required. Name of the organization to groupBy. Its format is + "organizations/[organization\_id]". + group_by (str): Required. Expression that defines what assets fields to use for + grouping. The string value should follow SQL syntax: comma separated + list of fields. For example: + "security\_center\_properties.resource\_project,security\_center\_properties.project". + + The following fields are supported when compare\_duration is not set: + + - security\_center\_properties.resource\_project + - security\_center\_properties.resource\_project\_display\_name + - security\_center\_properties.resource\_type + - security\_center\_properties.resource\_parent + - security\_center\_properties.resource\_parent\_display\_name + + The following fields are supported when compare\_duration is set: + + - security\_center\_properties.resource\_type + - security\_center\_properties.resource\_project\_display\_name + - security\_center\_properties.resource\_parent\_display\_name + filter_ (str): Expression that defines the filter to apply across assets. The + expression is a list of zero or more restrictions combined via logical + operators ``AND`` and ``OR``. Parentheses are supported, and ``OR`` has + higher precedence than ``AND``. + + Restrictions have the form `` `` and may have a + ``-`` character in front of them to indicate negation. The fields map to + those defined in the Asset resource. Examples include: + + - name + - security\_center\_properties.resource\_name + - resource\_properties.a\_property + - security\_marks.marks.marka + + The supported operators are: + + - ``=`` for all value types. + - ``>``, ``<``, ``>=``, ``<=`` for integer values. + - ``:``, meaning substring matching, for strings. + + The supported value types are: + + - string literals in quotes. + - integer literals without quotes. + - boolean literals ``true`` and ``false`` without quotes. + + The following field and operator combinations are supported: + + - name: ``=`` + + - update\_time: ``=``, ``>``, ``<``, ``>=``, ``<=`` + + Usage: This should be milliseconds since epoch or an RFC3339 string. + Examples: "update\_time = "2019-06-10T16:07:18-07:00"" "update\_time + = 1560208038000" + + - create\_time: ``=``, ``>``, ``<``, ``>=``, ``<=`` + + Usage: This should be milliseconds since epoch or an RFC3339 string. + Examples: "create\_time = "2019-06-10T16:07:18-07:00"" "create\_time + = 1560208038000" + + - iam\_policy.policy\_blob: ``=``, ``:`` + + - resource\_properties: ``=``, ``:``, ``>``, ``<``, ``>=``, ``<=`` + + - security\_marks.marks: ``=``, ``:`` + + - security\_center\_properties.resource\_name: ``=``, ``:`` + + - security\_center\_properties.resource\_name\_display\_name: ``=``, + ``:`` + + - security\_center\_properties.resource\_type: ``=``, ``:`` + + - security\_center\_properties.resource\_parent: ``=``, ``:`` + + - security\_center\_properties.resource\_parent\_display\_name: ``=``, + ``:`` + + - security\_center\_properties.resource\_project: ``=``, ``:`` + + - security\_center\_properties.resource\_project\_display\_name: ``=``, + ``:`` + + - security\_center\_properties.resource\_owners: ``=``, ``:`` + + For example, ``resource_properties.size = 100`` is a valid filter + string. + compare_duration (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.Duration]): When compare\_duration is set, the GroupResult's "state\_change" + property is updated to indicate whether the asset was added, removed, or + remained present during the compare\_duration period of time that + precedes the read\_time. This is the time between (read\_time - + compare\_duration) and read\_time. + + The state change value is derived based on the presence of the asset at + the two points in time. Intermediate state changes between the two times + don't affect the result. For example, the results aren't affected if the + asset is removed and re-created again. + + Possible "state\_change" values when compare\_duration is specified: + + - "ADDED": indicates that the asset was not present at the start of + compare\_duration, but present at reference\_time. + - "REMOVED": indicates that the asset was present at the start of + compare\_duration, but not present at reference\_time. + - "ACTIVE": indicates that the asset was present at both the start and + the end of the time period defined by compare\_duration and + reference\_time. + + If compare\_duration is not specified, then the only possible + state\_change is "UNUSED", which will be the state\_change set for all + assets present at read\_time. + + If this field is set then ``state_change`` must be a specified field in + ``group_by``. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.Duration` + read_time (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.Timestamp]): Time used as a reference point when filtering assets. The filter is limited + to assets existing at the supplied time and their values are those at that + specific time. Absence of this field will default to the API's version of + NOW. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.Timestamp` + having (str): Filter that specifies what fields to further filter on *after* the query + filter has been executed. Currently only ``state_change`` is supported + and requires compare\_duration to be specified. + page_size (int): The maximum number of resources contained in the + underlying API response. If page streaming is performed per- + resource, this parameter does not affect the return value. If page + streaming is performed per-page, this determines the maximum number + of resources in a page. + retry (Optional[google.api_core.retry.Retry]): A retry object used + to retry requests. If ``None`` is specified, requests will + be retried using a default configuration. + timeout (Optional[float]): The amount of time, in seconds, to wait + for the request to complete. Note that if ``retry`` is + specified, the timeout applies to each individual attempt. + metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata + that is provided to the method. + + Returns: + A :class:`~google.api_core.page_iterator.PageIterator` instance. + An iterable of :class:`~google.cloud.securitycenter_v1p1beta1.types.GroupResult` instances. + You can also iterate over the pages of the response + using its `pages` property. + + Raises: + google.api_core.exceptions.GoogleAPICallError: If the request + failed for any reason. + google.api_core.exceptions.RetryError: If the request failed due + to a retryable error and retry attempts failed. + ValueError: If the parameters are invalid. + """ + # Wrap the transport method to add retry and timeout logic. + if "group_assets" not in self._inner_api_calls: + self._inner_api_calls[ + "group_assets" + ] = google.api_core.gapic_v1.method.wrap_method( + self.transport.group_assets, + default_retry=self._method_configs["GroupAssets"].retry, + default_timeout=self._method_configs["GroupAssets"].timeout, + client_info=self._client_info, + ) + + request = securitycenter_service_pb2.GroupAssetsRequest( + parent=parent, + group_by=group_by, + filter=filter_, + compare_duration=compare_duration, + read_time=read_time, + having=having, + page_size=page_size, + ) + if metadata is None: + metadata = [] + metadata = list(metadata) + try: + routing_header = [("parent", parent)] + except AttributeError: + pass + else: + routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( + routing_header + ) + metadata.append(routing_metadata) + + iterator = google.api_core.page_iterator.GRPCIterator( + client=None, + method=functools.partial( + self._inner_api_calls["group_assets"], + retry=retry, + timeout=timeout, + metadata=metadata, + ), + request=request, + items_field="group_by_results", + request_token_field="page_token", + response_token_field="next_page_token", + ) + return iterator + + def group_findings( + self, + parent, + group_by, + filter_=None, + read_time=None, + compare_duration=None, + having=None, + page_size=None, + retry=google.api_core.gapic_v1.method.DEFAULT, + timeout=google.api_core.gapic_v1.method.DEFAULT, + metadata=None, + ): + """ + Filters an organization or source's findings and groups them by their + specified properties. + + To group across all sources provide a ``-`` as the source id. Example: + /v1p1beta1/organizations/{organization\_id}/sources/-/findings + + Example: + >>> from google.cloud import securitycenter_v1p1beta1 + >>> + >>> client = securitycenter_v1p1beta1.SecurityCenterClient() + >>> + >>> parent = client.source_path('[ORGANIZATION]', '[SOURCE]') + >>> + >>> # TODO: Initialize `group_by`: + >>> group_by = '' + >>> + >>> # Iterate over all results + >>> for element in client.group_findings(parent, group_by): + ... # process element + ... pass + >>> + >>> + >>> # Alternatively: + >>> + >>> # Iterate over results one page at a time + >>> for page in client.group_findings(parent, group_by).pages: + ... for element in page: + ... # process element + ... pass + + Args: + parent (str): Required. Name of the source to groupBy. Its format is + "organizations/[organization\_id]/sources/[source\_id]". To groupBy + across all sources provide a source\_id of ``-``. For example: + organizations/{organization\_id}/sources/- + group_by (str): Required. Expression that defines what assets fields to use for grouping + (including ``state_change``). The string value should follow SQL syntax: + comma separated list of fields. For example: "parent,resource\_name". + + The following fields are supported: + + - resource\_name + - category + - state + - parent + + The following fields are supported when compare\_duration is set: + + - state\_change + filter_ (str): Expression that defines the filter to apply across findings. The + expression is a list of one or more restrictions combined via logical + operators ``AND`` and ``OR``. Parentheses are supported, and ``OR`` has + higher precedence than ``AND``. + + Restrictions have the form `` `` and may have a + ``-`` character in front of them to indicate negation. Examples include: + + - name + - source\_properties.a\_property + - security\_marks.marks.marka + + The supported operators are: + + - ``=`` for all value types. + - ``>``, ``<``, ``>=``, ``<=`` for integer values. + - ``:``, meaning substring matching, for strings. + + The supported value types are: + + - string literals in quotes. + - integer literals without quotes. + - boolean literals ``true`` and ``false`` without quotes. + + The following field and operator combinations are supported: + + - name: ``=`` + + - parent: ``=``, ``:`` + + - resource\_name: ``=``, ``:`` + + - state: ``=``, ``:`` + + - category: ``=``, ``:`` + + - external\_uri: ``=``, ``:`` + + - event\_time: ``=``, ``>``, ``<``, ``>=``, ``<=`` + + Usage: This should be milliseconds since epoch or an RFC3339 string. + Examples: "event\_time = "2019-06-10T16:07:18-07:00"" "event\_time = + 1560208038000" + + - security\_marks.marks: ``=``, ``:`` + + - source\_properties: ``=``, ``:``, ``>``, ``<``, ``>=``, ``<=`` + + For example, ``source_properties.size = 100`` is a valid filter string. + read_time (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.Timestamp]): Time used as a reference point when filtering findings. The filter is + limited to findings existing at the supplied time and their values are + those at that specific time. Absence of this field will default to the + API's version of NOW. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.Timestamp` + compare_duration (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.Duration]): When compare\_duration is set, the GroupResult's "state\_change" + attribute is updated to indicate whether the finding had its state + changed, the finding's state remained unchanged, or if the finding was + added during the compare\_duration period of time that precedes the + read\_time. This is the time between (read\_time - compare\_duration) + and read\_time. + + The state\_change value is derived based on the presence and state of + the finding at the two points in time. Intermediate state changes + between the two times don't affect the result. For example, the results + aren't affected if the finding is made inactive and then active again. + + Possible "state\_change" values when compare\_duration is specified: + + - "CHANGED": indicates that the finding was present at the start of + compare\_duration, but changed its state at read\_time. + - "UNCHANGED": indicates that the finding was present at the start of + compare\_duration and did not change state at read\_time. + - "ADDED": indicates that the finding was not present at the start of + compare\_duration, but was present at read\_time. + + If compare\_duration is not specified, then the only possible + state\_change is "UNUSED", which will be the state\_change set for all + findings present at read\_time. + + If this field is set then ``state_change`` must be a specified field in + ``group_by``. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.Duration` + having (str): Filter that specifies what fields to further filter on *after* the query + filter has been executed. Currently only ``finding.state`` and + ``state_change`` are supported and requires compare\_duration to be + specified. + page_size (int): The maximum number of resources contained in the + underlying API response. If page streaming is performed per- + resource, this parameter does not affect the return value. If page + streaming is performed per-page, this determines the maximum number + of resources in a page. + retry (Optional[google.api_core.retry.Retry]): A retry object used + to retry requests. If ``None`` is specified, requests will + be retried using a default configuration. + timeout (Optional[float]): The amount of time, in seconds, to wait + for the request to complete. Note that if ``retry`` is + specified, the timeout applies to each individual attempt. + metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata + that is provided to the method. + + Returns: + A :class:`~google.api_core.page_iterator.PageIterator` instance. + An iterable of :class:`~google.cloud.securitycenter_v1p1beta1.types.GroupResult` instances. + You can also iterate over the pages of the response + using its `pages` property. + + Raises: + google.api_core.exceptions.GoogleAPICallError: If the request + failed for any reason. + google.api_core.exceptions.RetryError: If the request failed due + to a retryable error and retry attempts failed. + ValueError: If the parameters are invalid. + """ + # Wrap the transport method to add retry and timeout logic. + if "group_findings" not in self._inner_api_calls: + self._inner_api_calls[ + "group_findings" + ] = google.api_core.gapic_v1.method.wrap_method( + self.transport.group_findings, + default_retry=self._method_configs["GroupFindings"].retry, + default_timeout=self._method_configs["GroupFindings"].timeout, + client_info=self._client_info, + ) + + request = securitycenter_service_pb2.GroupFindingsRequest( + parent=parent, + group_by=group_by, + filter=filter_, + read_time=read_time, + compare_duration=compare_duration, + having=having, + page_size=page_size, + ) + if metadata is None: + metadata = [] + metadata = list(metadata) + try: + routing_header = [("parent", parent)] + except AttributeError: + pass + else: + routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( + routing_header + ) + metadata.append(routing_metadata) + + iterator = google.api_core.page_iterator.GRPCIterator( + client=None, + method=functools.partial( + self._inner_api_calls["group_findings"], + retry=retry, + timeout=timeout, + metadata=metadata, + ), + request=request, + items_field="group_by_results", + request_token_field="page_token", + response_token_field="next_page_token", + ) + return iterator + + def list_assets( + self, + parent, + filter_=None, + order_by=None, + read_time=None, + compare_duration=None, + having=None, + field_mask=None, + page_size=None, + retry=google.api_core.gapic_v1.method.DEFAULT, + timeout=google.api_core.gapic_v1.method.DEFAULT, + metadata=None, + ): + """ + Lists an organization's assets. + + Example: + >>> from google.cloud import securitycenter_v1p1beta1 + >>> + >>> client = securitycenter_v1p1beta1.SecurityCenterClient() + >>> + >>> parent = client.organization_path('[ORGANIZATION]') + >>> + >>> # Iterate over all results + >>> for element in client.list_assets(parent): + ... # process element + ... pass + >>> + >>> + >>> # Alternatively: + >>> + >>> # Iterate over results one page at a time + >>> for page in client.list_assets(parent).pages: + ... for element in page: + ... # process element + ... pass + + Args: + parent (str): Required. Name of the organization assets should belong to. Its format + is "organizations/[organization\_id]". + filter_ (str): Expression that defines the filter to apply across assets. The + expression is a list of zero or more restrictions combined via logical + operators ``AND`` and ``OR``. Parentheses are supported, and ``OR`` has + higher precedence than ``AND``. + + Restrictions have the form `` `` and may have a + ``-`` character in front of them to indicate negation. The fields map to + those defined in the Asset resource. Examples include: + + - name + - security\_center\_properties.resource\_name + - resource\_properties.a\_property + - security\_marks.marks.marka + + The supported operators are: + + - ``=`` for all value types. + - ``>``, ``<``, ``>=``, ``<=`` for integer values. + - ``:``, meaning substring matching, for strings. + + The supported value types are: + + - string literals in quotes. + - integer literals without quotes. + - boolean literals ``true`` and ``false`` without quotes. + + The following are the allowed field and operator combinations: + + - name: ``=`` + + - update\_time: ``=``, ``>``, ``<``, ``>=``, ``<=`` + + Usage: This should be milliseconds since epoch or an RFC3339 string. + Examples: "update\_time = "2019-06-10T16:07:18-07:00"" "update\_time + = 1560208038000" + + - create\_time: ``=``, ``>``, ``<``, ``>=``, ``<=`` + + Usage: This should be milliseconds since epoch or an RFC3339 string. + Examples: "create\_time = "2019-06-10T16:07:18-07:00"" "create\_time + = 1560208038000" + + - iam\_policy.policy\_blob: ``=``, ``:`` + + - resource\_properties: ``=``, ``:``, ``>``, ``<``, ``>=``, ``<=`` + + - security\_marks.marks: ``=``, ``:`` + + - security\_center\_properties.resource\_name: ``=``, ``:`` + + - security\_center\_properties.resource\_display\_name: ``=``, ``:`` + + - security\_center\_properties.resource\_type: ``=``, ``:`` + + - security\_center\_properties.resource\_parent: ``=``, ``:`` + + - security\_center\_properties.resource\_parent\_display\_name: ``=``, + ``:`` + + - security\_center\_properties.resource\_project: ``=``, ``:`` + + - security\_center\_properties.resource\_project\_display\_name: ``=``, + ``:`` + + - security\_center\_properties.resource\_owners: ``=``, ``:`` + + For example, ``resource_properties.size = 100`` is a valid filter + string. + order_by (str): Expression that defines what fields and order to use for sorting. The + string value should follow SQL syntax: comma separated list of fields. + For example: "name,resource\_properties.a\_property". The default + sorting order is ascending. To specify descending order for a field, a + suffix " desc" should be appended to the field name. For example: "name + desc,resource\_properties.a\_property". Redundant space characters in + the syntax are insignificant. "name + desc,resource\_properties.a\_property" and " name desc , + resource\_properties.a\_property " are equivalent. + + The following fields are supported: name update\_time + resource\_properties security\_marks.marks + security\_center\_properties.resource\_name + security\_center\_properties.resource\_display\_name + security\_center\_properties.resource\_parent + security\_center\_properties.resource\_parent\_display\_name + security\_center\_properties.resource\_project + security\_center\_properties.resource\_project\_display\_name + security\_center\_properties.resource\_type + read_time (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.Timestamp]): Time used as a reference point when filtering assets. The filter is limited + to assets existing at the supplied time and their values are those at that + specific time. Absence of this field will default to the API's version of + NOW. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.Timestamp` + compare_duration (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.Duration]): When compare\_duration is set, the ListAssetsResult's "state\_change" + attribute is updated to indicate whether the asset was added, removed, + or remained present during the compare\_duration period of time that + precedes the read\_time. This is the time between (read\_time - + compare\_duration) and read\_time. + + The state\_change value is derived based on the presence of the asset at + the two points in time. Intermediate state changes between the two times + don't affect the result. For example, the results aren't affected if the + asset is removed and re-created again. + + Possible "state\_change" values when compare\_duration is specified: + + - "ADDED": indicates that the asset was not present at the start of + compare\_duration, but present at read\_time. + - "REMOVED": indicates that the asset was present at the start of + compare\_duration, but not present at read\_time. + - "ACTIVE": indicates that the asset was present at both the start and + the end of the time period defined by compare\_duration and + read\_time. + + If compare\_duration is not specified, then the only possible + state\_change is "UNUSED", which will be the state\_change set for all + assets present at read\_time. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.Duration` + having (str): Filter that specifies what fields to further filter on *after* the query + filter has been executed. Currently only ``state_change`` is supported + and requires compare\_duration to be specified. + field_mask (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.FieldMask]): Optional. + A field mask to specify the ListAssetsResult fields to be listed in the + response. + An empty field mask will list all fields. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.FieldMask` + page_size (int): The maximum number of resources contained in the + underlying API response. If page streaming is performed per- + resource, this parameter does not affect the return value. If page + streaming is performed per-page, this determines the maximum number + of resources in a page. + retry (Optional[google.api_core.retry.Retry]): A retry object used + to retry requests. If ``None`` is specified, requests will + be retried using a default configuration. + timeout (Optional[float]): The amount of time, in seconds, to wait + for the request to complete. Note that if ``retry`` is + specified, the timeout applies to each individual attempt. + metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata + that is provided to the method. + + Returns: + A :class:`~google.api_core.page_iterator.PageIterator` instance. + An iterable of :class:`~google.cloud.securitycenter_v1p1beta1.types.ListAssetsResult` instances. + You can also iterate over the pages of the response + using its `pages` property. + + Raises: + google.api_core.exceptions.GoogleAPICallError: If the request + failed for any reason. + google.api_core.exceptions.RetryError: If the request failed due + to a retryable error and retry attempts failed. + ValueError: If the parameters are invalid. + """ + # Wrap the transport method to add retry and timeout logic. + if "list_assets" not in self._inner_api_calls: + self._inner_api_calls[ + "list_assets" + ] = google.api_core.gapic_v1.method.wrap_method( + self.transport.list_assets, + default_retry=self._method_configs["ListAssets"].retry, + default_timeout=self._method_configs["ListAssets"].timeout, + client_info=self._client_info, + ) + + request = securitycenter_service_pb2.ListAssetsRequest( + parent=parent, + filter=filter_, + order_by=order_by, + read_time=read_time, + compare_duration=compare_duration, + having=having, + field_mask=field_mask, + page_size=page_size, + ) + if metadata is None: + metadata = [] + metadata = list(metadata) + try: + routing_header = [("parent", parent)] + except AttributeError: + pass + else: + routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( + routing_header + ) + metadata.append(routing_metadata) + + iterator = google.api_core.page_iterator.GRPCIterator( + client=None, + method=functools.partial( + self._inner_api_calls["list_assets"], + retry=retry, + timeout=timeout, + metadata=metadata, + ), + request=request, + items_field="list_assets_results", + request_token_field="page_token", + response_token_field="next_page_token", + ) + return iterator + + def list_findings( + self, + parent, + filter_=None, + order_by=None, + read_time=None, + compare_duration=None, + having=None, + field_mask=None, + page_size=None, + retry=google.api_core.gapic_v1.method.DEFAULT, + timeout=google.api_core.gapic_v1.method.DEFAULT, + metadata=None, + ): + """ + Lists an organization or source's findings. + + To list across all sources provide a ``-`` as the source id. Example: + /v1p1beta1/organizations/{organization\_id}/sources/-/findings + + Example: + >>> from google.cloud import securitycenter_v1p1beta1 + >>> + >>> client = securitycenter_v1p1beta1.SecurityCenterClient() + >>> + >>> parent = client.source_path('[ORGANIZATION]', '[SOURCE]') + >>> + >>> # Iterate over all results + >>> for element in client.list_findings(parent): + ... # process element + ... pass + >>> + >>> + >>> # Alternatively: + >>> + >>> # Iterate over results one page at a time + >>> for page in client.list_findings(parent).pages: + ... for element in page: + ... # process element + ... pass + + Args: + parent (str): Required. Name of the source the findings belong to. Its format is + "organizations/[organization\_id]/sources/[source\_id]". To list across + all sources provide a source\_id of ``-``. For example: + organizations/{organization\_id}/sources/- + filter_ (str): Expression that defines the filter to apply across findings. The + expression is a list of one or more restrictions combined via logical + operators ``AND`` and ``OR``. Parentheses are supported, and ``OR`` has + higher precedence than ``AND``. + + Restrictions have the form `` `` and may have a + ``-`` character in front of them to indicate negation. Examples include: + + - name + - source\_properties.a\_property + - security\_marks.marks.marka + + The supported operators are: + + - ``=`` for all value types. + - ``>``, ``<``, ``>=``, ``<=`` for integer values. + - ``:``, meaning substring matching, for strings. + + The supported value types are: + + - string literals in quotes. + - integer literals without quotes. + - boolean literals ``true`` and ``false`` without quotes. + + The following field and operator combinations are supported: + + name: ``=`` parent: ``=``, ``:`` resource\_name: ``=``, ``:`` state: + ``=``, ``:`` category: ``=``, ``:`` external\_uri: ``=``, ``:`` + event\_time: ``=``, ``>``, ``<``, ``>=``, ``<=`` + + Usage: This should be milliseconds since epoch or an RFC3339 string. + Examples: "event\_time = "2019-06-10T16:07:18-07:00"" "event\_time = + 1560208038000" + + security\_marks.marks: ``=``, ``:`` source\_properties: ``=``, ``:``, + ``>``, ``<``, ``>=``, ``<=`` + + For example, ``source_properties.size = 100`` is a valid filter string. + order_by (str): Expression that defines what fields and order to use for sorting. The + string value should follow SQL syntax: comma separated list of fields. + For example: "name,resource\_properties.a\_property". The default + sorting order is ascending. To specify descending order for a field, a + suffix " desc" should be appended to the field name. For example: "name + desc,source\_properties.a\_property". Redundant space characters in the + syntax are insignificant. "name desc,source\_properties.a\_property" and + " name desc , source\_properties.a\_property " are equivalent. + + The following fields are supported: name parent state category + resource\_name event\_time source\_properties security\_marks.marks + read_time (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.Timestamp]): Time used as a reference point when filtering findings. The filter is + limited to findings existing at the supplied time and their values are + those at that specific time. Absence of this field will default to the + API's version of NOW. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.Timestamp` + compare_duration (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.Duration]): When compare\_duration is set, the ListFindingsResult's "state\_change" + attribute is updated to indicate whether the finding had its state + changed, the finding's state remained unchanged, or if the finding was + added in any state during the compare\_duration period of time that + precedes the read\_time. This is the time between (read\_time - + compare\_duration) and read\_time. + + The state\_change value is derived based on the presence and state of + the finding at the two points in time. Intermediate state changes + between the two times don't affect the result. For example, the results + aren't affected if the finding is made inactive and then active again. + + Possible "state\_change" values when compare\_duration is specified: + + - "CHANGED": indicates that the finding was present at the start of + compare\_duration, but changed its state at read\_time. + - "UNCHANGED": indicates that the finding was present at the start of + compare\_duration and did not change state at read\_time. + - "ADDED": indicates that the finding was not present at the start of + compare\_duration, but was present at read\_time. + + If compare\_duration is not specified, then the only possible + state\_change is "UNUSED", which will be the state\_change set for all + findings present at read\_time. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.Duration` + having (str): Filter that specifies what fields to further filter on *after* the query + filter has been executed. Currently only ``finding.state`` and + ``state_change`` are supported and requires compare\_duration to be + specified. + field_mask (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.FieldMask]): Optional. + A field mask to specify the Finding fields to be listed in the response. + An empty field mask will list all fields. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.FieldMask` + page_size (int): The maximum number of resources contained in the + underlying API response. If page streaming is performed per- + resource, this parameter does not affect the return value. If page + streaming is performed per-page, this determines the maximum number + of resources in a page. + retry (Optional[google.api_core.retry.Retry]): A retry object used + to retry requests. If ``None`` is specified, requests will + be retried using a default configuration. + timeout (Optional[float]): The amount of time, in seconds, to wait + for the request to complete. Note that if ``retry`` is + specified, the timeout applies to each individual attempt. + metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata + that is provided to the method. + + Returns: + A :class:`~google.api_core.page_iterator.PageIterator` instance. + An iterable of :class:`~google.cloud.securitycenter_v1p1beta1.types.ListFindingsResult` instances. + You can also iterate over the pages of the response + using its `pages` property. + + Raises: + google.api_core.exceptions.GoogleAPICallError: If the request + failed for any reason. + google.api_core.exceptions.RetryError: If the request failed due + to a retryable error and retry attempts failed. + ValueError: If the parameters are invalid. + """ + # Wrap the transport method to add retry and timeout logic. + if "list_findings" not in self._inner_api_calls: + self._inner_api_calls[ + "list_findings" + ] = google.api_core.gapic_v1.method.wrap_method( + self.transport.list_findings, + default_retry=self._method_configs["ListFindings"].retry, + default_timeout=self._method_configs["ListFindings"].timeout, + client_info=self._client_info, + ) + + request = securitycenter_service_pb2.ListFindingsRequest( + parent=parent, + filter=filter_, + order_by=order_by, + read_time=read_time, + compare_duration=compare_duration, + having=having, + field_mask=field_mask, + page_size=page_size, + ) + if metadata is None: + metadata = [] + metadata = list(metadata) + try: + routing_header = [("parent", parent)] + except AttributeError: + pass + else: + routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( + routing_header + ) + metadata.append(routing_metadata) + + iterator = google.api_core.page_iterator.GRPCIterator( + client=None, + method=functools.partial( + self._inner_api_calls["list_findings"], + retry=retry, + timeout=timeout, + metadata=metadata, + ), + request=request, + items_field="list_findings_results", + request_token_field="page_token", + response_token_field="next_page_token", + ) + return iterator + + def list_notification_configs( + self, + parent, + page_size=None, + retry=google.api_core.gapic_v1.method.DEFAULT, + timeout=google.api_core.gapic_v1.method.DEFAULT, + metadata=None, + ): + """ + Lists notification configs. + + Example: + >>> from google.cloud import securitycenter_v1p1beta1 + >>> + >>> client = securitycenter_v1p1beta1.SecurityCenterClient() + >>> + >>> parent = client.organization_path('[ORGANIZATION]') + >>> + >>> # Iterate over all results + >>> for element in client.list_notification_configs(parent): + ... # process element + ... pass + >>> + >>> + >>> # Alternatively: + >>> + >>> # Iterate over results one page at a time + >>> for page in client.list_notification_configs(parent).pages: + ... for element in page: + ... # process element + ... pass + + Args: + parent (str): Required. Name of the organization to list notification configs. Its + format is "organizations/[organization\_id]". + page_size (int): The maximum number of resources contained in the + underlying API response. If page streaming is performed per- + resource, this parameter does not affect the return value. If page + streaming is performed per-page, this determines the maximum number + of resources in a page. + retry (Optional[google.api_core.retry.Retry]): A retry object used + to retry requests. If ``None`` is specified, requests will + be retried using a default configuration. + timeout (Optional[float]): The amount of time, in seconds, to wait + for the request to complete. Note that if ``retry`` is + specified, the timeout applies to each individual attempt. + metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata + that is provided to the method. + + Returns: + A :class:`~google.api_core.page_iterator.PageIterator` instance. + An iterable of :class:`~google.cloud.securitycenter_v1p1beta1.types.NotificationConfig` instances. + You can also iterate over the pages of the response + using its `pages` property. + + Raises: + google.api_core.exceptions.GoogleAPICallError: If the request + failed for any reason. + google.api_core.exceptions.RetryError: If the request failed due + to a retryable error and retry attempts failed. + ValueError: If the parameters are invalid. + """ + # Wrap the transport method to add retry and timeout logic. + if "list_notification_configs" not in self._inner_api_calls: + self._inner_api_calls[ + "list_notification_configs" + ] = google.api_core.gapic_v1.method.wrap_method( + self.transport.list_notification_configs, + default_retry=self._method_configs["ListNotificationConfigs"].retry, + default_timeout=self._method_configs["ListNotificationConfigs"].timeout, + client_info=self._client_info, + ) + + request = securitycenter_service_pb2.ListNotificationConfigsRequest( + parent=parent, page_size=page_size, + ) + if metadata is None: + metadata = [] + metadata = list(metadata) + try: + routing_header = [("parent", parent)] + except AttributeError: + pass + else: + routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( + routing_header + ) + metadata.append(routing_metadata) + + iterator = google.api_core.page_iterator.GRPCIterator( + client=None, + method=functools.partial( + self._inner_api_calls["list_notification_configs"], + retry=retry, + timeout=timeout, + metadata=metadata, + ), + request=request, + items_field="notification_configs", + request_token_field="page_token", + response_token_field="next_page_token", + ) + return iterator + + def list_sources( + self, + parent, + page_size=None, + retry=google.api_core.gapic_v1.method.DEFAULT, + timeout=google.api_core.gapic_v1.method.DEFAULT, + metadata=None, + ): + """ + Lists all sources belonging to an organization. + + Example: + >>> from google.cloud import securitycenter_v1p1beta1 + >>> + >>> client = securitycenter_v1p1beta1.SecurityCenterClient() + >>> + >>> parent = client.organization_path('[ORGANIZATION]') + >>> + >>> # Iterate over all results + >>> for element in client.list_sources(parent): + ... # process element + ... pass + >>> + >>> + >>> # Alternatively: + >>> + >>> # Iterate over results one page at a time + >>> for page in client.list_sources(parent).pages: + ... for element in page: + ... # process element + ... pass + + Args: + parent (str): Required. Resource name of the parent of sources to list. Its format + should be "organizations/[organization\_id]". + page_size (int): The maximum number of resources contained in the + underlying API response. If page streaming is performed per- + resource, this parameter does not affect the return value. If page + streaming is performed per-page, this determines the maximum number + of resources in a page. + retry (Optional[google.api_core.retry.Retry]): A retry object used + to retry requests. If ``None`` is specified, requests will + be retried using a default configuration. + timeout (Optional[float]): The amount of time, in seconds, to wait + for the request to complete. Note that if ``retry`` is + specified, the timeout applies to each individual attempt. + metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata + that is provided to the method. + + Returns: + A :class:`~google.api_core.page_iterator.PageIterator` instance. + An iterable of :class:`~google.cloud.securitycenter_v1p1beta1.types.Source` instances. + You can also iterate over the pages of the response + using its `pages` property. + + Raises: + google.api_core.exceptions.GoogleAPICallError: If the request + failed for any reason. + google.api_core.exceptions.RetryError: If the request failed due + to a retryable error and retry attempts failed. + ValueError: If the parameters are invalid. + """ + # Wrap the transport method to add retry and timeout logic. + if "list_sources" not in self._inner_api_calls: + self._inner_api_calls[ + "list_sources" + ] = google.api_core.gapic_v1.method.wrap_method( + self.transport.list_sources, + default_retry=self._method_configs["ListSources"].retry, + default_timeout=self._method_configs["ListSources"].timeout, + client_info=self._client_info, + ) + + request = securitycenter_service_pb2.ListSourcesRequest( + parent=parent, page_size=page_size, + ) + if metadata is None: + metadata = [] + metadata = list(metadata) + try: + routing_header = [("parent", parent)] + except AttributeError: + pass + else: + routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( + routing_header + ) + metadata.append(routing_metadata) + + iterator = google.api_core.page_iterator.GRPCIterator( + client=None, + method=functools.partial( + self._inner_api_calls["list_sources"], + retry=retry, + timeout=timeout, + metadata=metadata, + ), + request=request, + items_field="sources", + request_token_field="page_token", + response_token_field="next_page_token", + ) + return iterator + + def run_asset_discovery( + self, + parent, + retry=google.api_core.gapic_v1.method.DEFAULT, + timeout=google.api_core.gapic_v1.method.DEFAULT, + metadata=None, + ): + """ + Runs asset discovery. The discovery is tracked with a long-running + operation. + + This API can only be called with limited frequency for an organization. + If it is called too frequently the caller will receive a + TOO\_MANY\_REQUESTS error. + + Example: + >>> from google.cloud import securitycenter_v1p1beta1 + >>> + >>> client = securitycenter_v1p1beta1.SecurityCenterClient() + >>> + >>> parent = client.organization_path('[ORGANIZATION]') + >>> + >>> response = client.run_asset_discovery(parent) + >>> + >>> def callback(operation_future): + ... # Handle result. + ... result = operation_future.result() + >>> + >>> response.add_done_callback(callback) + >>> + >>> # Handle metadata. + >>> metadata = response.metadata() + + Args: + parent (str): Required. Name of the organization to run asset discovery for. Its + format is "organizations/[organization\_id]". + retry (Optional[google.api_core.retry.Retry]): A retry object used + to retry requests. If ``None`` is specified, requests will + be retried using a default configuration. + timeout (Optional[float]): The amount of time, in seconds, to wait + for the request to complete. Note that if ``retry`` is + specified, the timeout applies to each individual attempt. + metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata + that is provided to the method. + + Returns: + A :class:`~google.cloud.securitycenter_v1p1beta1.types._OperationFuture` instance. + + Raises: + google.api_core.exceptions.GoogleAPICallError: If the request + failed for any reason. + google.api_core.exceptions.RetryError: If the request failed due + to a retryable error and retry attempts failed. + ValueError: If the parameters are invalid. + """ + # Wrap the transport method to add retry and timeout logic. + if "run_asset_discovery" not in self._inner_api_calls: + self._inner_api_calls[ + "run_asset_discovery" + ] = google.api_core.gapic_v1.method.wrap_method( + self.transport.run_asset_discovery, + default_retry=self._method_configs["RunAssetDiscovery"].retry, + default_timeout=self._method_configs["RunAssetDiscovery"].timeout, + client_info=self._client_info, + ) + + request = securitycenter_service_pb2.RunAssetDiscoveryRequest(parent=parent,) + if metadata is None: + metadata = [] + metadata = list(metadata) + try: + routing_header = [("parent", parent)] + except AttributeError: + pass + else: + routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( + routing_header + ) + metadata.append(routing_metadata) + + operation = self._inner_api_calls["run_asset_discovery"]( + request, retry=retry, timeout=timeout, metadata=metadata + ) + return google.api_core.operation.from_gapic( + operation, + self.transport._operations_client, + run_asset_discovery_response_pb2.RunAssetDiscoveryResponse, + metadata_type=empty_pb2.Empty, + ) + + def set_finding_state( + self, + name, + state, + start_time, + retry=google.api_core.gapic_v1.method.DEFAULT, + timeout=google.api_core.gapic_v1.method.DEFAULT, + metadata=None, + ): + """ + Updates the state of a finding. + + Example: + >>> from google.cloud import securitycenter_v1p1beta1 + >>> from google.cloud.securitycenter_v1p1beta1 import enums + >>> + >>> client = securitycenter_v1p1beta1.SecurityCenterClient() + >>> + >>> name = client.finding_path('[ORGANIZATION]', '[SOURCE]', '[FINDING]') + >>> + >>> # TODO: Initialize `state`: + >>> state = enums.Finding.State.STATE_UNSPECIFIED + >>> + >>> # TODO: Initialize `start_time`: + >>> start_time = {} + >>> + >>> response = client.set_finding_state(name, state, start_time) + + Args: + name (str): Required. The relative resource name of the finding. See: + https://cloud.google.com/apis/design/resource\_names#relative\_resource\_name + Example: + "organizations/{organization\_id}/sources/{source\_id}/finding/{finding\_id}". + state (~google.cloud.securitycenter_v1p1beta1.types.State): Required. The desired State of the finding. + start_time (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.Timestamp]): Required. The time at which the updated state takes effect. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.Timestamp` + retry (Optional[google.api_core.retry.Retry]): A retry object used + to retry requests. If ``None`` is specified, requests will + be retried using a default configuration. + timeout (Optional[float]): The amount of time, in seconds, to wait + for the request to complete. Note that if ``retry`` is + specified, the timeout applies to each individual attempt. + metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata + that is provided to the method. + + Returns: + A :class:`~google.cloud.securitycenter_v1p1beta1.types.Finding` instance. + + Raises: + google.api_core.exceptions.GoogleAPICallError: If the request + failed for any reason. + google.api_core.exceptions.RetryError: If the request failed due + to a retryable error and retry attempts failed. + ValueError: If the parameters are invalid. + """ + # Wrap the transport method to add retry and timeout logic. + if "set_finding_state" not in self._inner_api_calls: + self._inner_api_calls[ + "set_finding_state" + ] = google.api_core.gapic_v1.method.wrap_method( + self.transport.set_finding_state, + default_retry=self._method_configs["SetFindingState"].retry, + default_timeout=self._method_configs["SetFindingState"].timeout, + client_info=self._client_info, + ) + + request = securitycenter_service_pb2.SetFindingStateRequest( + name=name, state=state, start_time=start_time, + ) + if metadata is None: + metadata = [] + metadata = list(metadata) + try: + routing_header = [("name", name)] + except AttributeError: + pass + else: + routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( + routing_header + ) + metadata.append(routing_metadata) + + return self._inner_api_calls["set_finding_state"]( + request, retry=retry, timeout=timeout, metadata=metadata + ) + + def set_iam_policy( + self, + resource, + policy, + retry=google.api_core.gapic_v1.method.DEFAULT, + timeout=google.api_core.gapic_v1.method.DEFAULT, + metadata=None, + ): + """ + Sets the access control policy on the specified Source. + + Example: + >>> from google.cloud import securitycenter_v1p1beta1 + >>> + >>> client = securitycenter_v1p1beta1.SecurityCenterClient() + >>> + >>> # TODO: Initialize `resource`: + >>> resource = '' + >>> + >>> # TODO: Initialize `policy`: + >>> policy = {} + >>> + >>> response = client.set_iam_policy(resource, policy) + + Args: + resource (str): REQUIRED: The resource for which the policy is being specified. + See the operation documentation for the appropriate value for this field. + policy (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.Policy]): REQUIRED: The complete policy to be applied to the ``resource``. The + size of the policy is limited to a few 10s of KB. An empty policy is a + valid policy but certain Cloud Platform services (such as Projects) + might reject them. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.Policy` + retry (Optional[google.api_core.retry.Retry]): A retry object used + to retry requests. If ``None`` is specified, requests will + be retried using a default configuration. + timeout (Optional[float]): The amount of time, in seconds, to wait + for the request to complete. Note that if ``retry`` is + specified, the timeout applies to each individual attempt. + metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata + that is provided to the method. + + Returns: + A :class:`~google.cloud.securitycenter_v1p1beta1.types.Policy` instance. + + Raises: + google.api_core.exceptions.GoogleAPICallError: If the request + failed for any reason. + google.api_core.exceptions.RetryError: If the request failed due + to a retryable error and retry attempts failed. + ValueError: If the parameters are invalid. + """ + # Wrap the transport method to add retry and timeout logic. + if "set_iam_policy" not in self._inner_api_calls: + self._inner_api_calls[ + "set_iam_policy" + ] = google.api_core.gapic_v1.method.wrap_method( + self.transport.set_iam_policy, + default_retry=self._method_configs["SetIamPolicy"].retry, + default_timeout=self._method_configs["SetIamPolicy"].timeout, + client_info=self._client_info, + ) + + request = iam_policy_pb2.SetIamPolicyRequest(resource=resource, policy=policy,) + if metadata is None: + metadata = [] + metadata = list(metadata) + try: + routing_header = [("resource", resource)] + except AttributeError: + pass + else: + routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( + routing_header + ) + metadata.append(routing_metadata) + + return self._inner_api_calls["set_iam_policy"]( + request, retry=retry, timeout=timeout, metadata=metadata + ) + + def test_iam_permissions( + self, + resource, + permissions, + retry=google.api_core.gapic_v1.method.DEFAULT, + timeout=google.api_core.gapic_v1.method.DEFAULT, + metadata=None, + ): + """ + Returns the permissions that a caller has on the specified source. + + Example: + >>> from google.cloud import securitycenter_v1p1beta1 + >>> + >>> client = securitycenter_v1p1beta1.SecurityCenterClient() + >>> + >>> # TODO: Initialize `resource`: + >>> resource = '' + >>> + >>> # TODO: Initialize `permissions`: + >>> permissions = [] + >>> + >>> response = client.test_iam_permissions(resource, permissions) + + Args: + resource (str): REQUIRED: The resource for which the policy detail is being requested. + See the operation documentation for the appropriate value for this field. + permissions (list[str]): The set of permissions to check for the ``resource``. Permissions with + wildcards (such as '*' or 'storage.*') are not allowed. For more + information see `IAM + Overview `__. + retry (Optional[google.api_core.retry.Retry]): A retry object used + to retry requests. If ``None`` is specified, requests will + be retried using a default configuration. + timeout (Optional[float]): The amount of time, in seconds, to wait + for the request to complete. Note that if ``retry`` is + specified, the timeout applies to each individual attempt. + metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata + that is provided to the method. + + Returns: + A :class:`~google.cloud.securitycenter_v1p1beta1.types.TestIamPermissionsResponse` instance. + + Raises: + google.api_core.exceptions.GoogleAPICallError: If the request + failed for any reason. + google.api_core.exceptions.RetryError: If the request failed due + to a retryable error and retry attempts failed. + ValueError: If the parameters are invalid. + """ + # Wrap the transport method to add retry and timeout logic. + if "test_iam_permissions" not in self._inner_api_calls: + self._inner_api_calls[ + "test_iam_permissions" + ] = google.api_core.gapic_v1.method.wrap_method( + self.transport.test_iam_permissions, + default_retry=self._method_configs["TestIamPermissions"].retry, + default_timeout=self._method_configs["TestIamPermissions"].timeout, + client_info=self._client_info, + ) + + request = iam_policy_pb2.TestIamPermissionsRequest( + resource=resource, permissions=permissions, + ) + if metadata is None: + metadata = [] + metadata = list(metadata) + try: + routing_header = [("resource", resource)] + except AttributeError: + pass + else: + routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( + routing_header + ) + metadata.append(routing_metadata) + + return self._inner_api_calls["test_iam_permissions"]( + request, retry=retry, timeout=timeout, metadata=metadata + ) + + def update_finding( + self, + finding, + update_mask=None, + retry=google.api_core.gapic_v1.method.DEFAULT, + timeout=google.api_core.gapic_v1.method.DEFAULT, + metadata=None, + ): + """ + Creates or updates a finding. The corresponding source must exist for a + finding creation to succeed. + + Example: + >>> from google.cloud import securitycenter_v1p1beta1 + >>> + >>> client = securitycenter_v1p1beta1.SecurityCenterClient() + >>> + >>> # TODO: Initialize `finding`: + >>> finding = {} + >>> + >>> response = client.update_finding(finding) + + Args: + finding (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.Finding]): Required. The finding resource to update or create if it does not + already exist. parent, security\_marks, and update\_time will be + ignored. + + In the case of creation, the finding id portion of the name must be + alphanumeric and less than or equal to 32 characters and greater than 0 + characters in length. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.Finding` + update_mask (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.FieldMask]): The FieldMask to use when updating the finding resource. This field + should not be specified when creating a finding. + + When updating a finding, an empty mask is treated as updating all + mutable fields and replacing source\_properties. Individual + source\_properties can be added/updated by using "source\_properties." + in the field mask. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.FieldMask` + retry (Optional[google.api_core.retry.Retry]): A retry object used + to retry requests. If ``None`` is specified, requests will + be retried using a default configuration. + timeout (Optional[float]): The amount of time, in seconds, to wait + for the request to complete. Note that if ``retry`` is + specified, the timeout applies to each individual attempt. + metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata + that is provided to the method. + + Returns: + A :class:`~google.cloud.securitycenter_v1p1beta1.types.Finding` instance. + + Raises: + google.api_core.exceptions.GoogleAPICallError: If the request + failed for any reason. + google.api_core.exceptions.RetryError: If the request failed due + to a retryable error and retry attempts failed. + ValueError: If the parameters are invalid. + """ + # Wrap the transport method to add retry and timeout logic. + if "update_finding" not in self._inner_api_calls: + self._inner_api_calls[ + "update_finding" + ] = google.api_core.gapic_v1.method.wrap_method( + self.transport.update_finding, + default_retry=self._method_configs["UpdateFinding"].retry, + default_timeout=self._method_configs["UpdateFinding"].timeout, + client_info=self._client_info, + ) + + request = securitycenter_service_pb2.UpdateFindingRequest( + finding=finding, update_mask=update_mask, + ) + if metadata is None: + metadata = [] + metadata = list(metadata) + try: + routing_header = [("finding.name", finding.name)] + except AttributeError: + pass + else: + routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( + routing_header + ) + metadata.append(routing_metadata) + + return self._inner_api_calls["update_finding"]( + request, retry=retry, timeout=timeout, metadata=metadata + ) + + def update_notification_config( + self, + notification_config, + update_mask=None, + retry=google.api_core.gapic_v1.method.DEFAULT, + timeout=google.api_core.gapic_v1.method.DEFAULT, + metadata=None, + ): + """ + Updates a notification config. + + Example: + >>> from google.cloud import securitycenter_v1p1beta1 + >>> + >>> client = securitycenter_v1p1beta1.SecurityCenterClient() + >>> + >>> # TODO: Initialize `notification_config`: + >>> notification_config = {} + >>> + >>> response = client.update_notification_config(notification_config) + + Args: + notification_config (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.NotificationConfig]): Required. The notification config to update. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.NotificationConfig` + update_mask (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.FieldMask]): The FieldMask to use when updating the notification config. + + If empty all mutable fields will be updated. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.FieldMask` + retry (Optional[google.api_core.retry.Retry]): A retry object used + to retry requests. If ``None`` is specified, requests will + be retried using a default configuration. + timeout (Optional[float]): The amount of time, in seconds, to wait + for the request to complete. Note that if ``retry`` is + specified, the timeout applies to each individual attempt. + metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata + that is provided to the method. + + Returns: + A :class:`~google.cloud.securitycenter_v1p1beta1.types.NotificationConfig` instance. + + Raises: + google.api_core.exceptions.GoogleAPICallError: If the request + failed for any reason. + google.api_core.exceptions.RetryError: If the request failed due + to a retryable error and retry attempts failed. + ValueError: If the parameters are invalid. + """ + # Wrap the transport method to add retry and timeout logic. + if "update_notification_config" not in self._inner_api_calls: + self._inner_api_calls[ + "update_notification_config" + ] = google.api_core.gapic_v1.method.wrap_method( + self.transport.update_notification_config, + default_retry=self._method_configs["UpdateNotificationConfig"].retry, + default_timeout=self._method_configs[ + "UpdateNotificationConfig" + ].timeout, + client_info=self._client_info, + ) + + request = securitycenter_service_pb2.UpdateNotificationConfigRequest( + notification_config=notification_config, update_mask=update_mask, + ) + if metadata is None: + metadata = [] + metadata = list(metadata) + try: + routing_header = [("notification_config.name", notification_config.name)] + except AttributeError: + pass + else: + routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( + routing_header + ) + metadata.append(routing_metadata) + + return self._inner_api_calls["update_notification_config"]( + request, retry=retry, timeout=timeout, metadata=metadata + ) + + def update_organization_settings( + self, + organization_settings, + update_mask=None, + retry=google.api_core.gapic_v1.method.DEFAULT, + timeout=google.api_core.gapic_v1.method.DEFAULT, + metadata=None, + ): + """ + Updates an organization's settings. + + Example: + >>> from google.cloud import securitycenter_v1p1beta1 + >>> + >>> client = securitycenter_v1p1beta1.SecurityCenterClient() + >>> + >>> # TODO: Initialize `organization_settings`: + >>> organization_settings = {} + >>> + >>> response = client.update_organization_settings(organization_settings) + + Args: + organization_settings (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.OrganizationSettings]): Required. The organization settings resource to update. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.OrganizationSettings` + update_mask (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.FieldMask]): The FieldMask to use when updating the settings resource. + + If empty all mutable fields will be updated. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.FieldMask` + retry (Optional[google.api_core.retry.Retry]): A retry object used + to retry requests. If ``None`` is specified, requests will + be retried using a default configuration. + timeout (Optional[float]): The amount of time, in seconds, to wait + for the request to complete. Note that if ``retry`` is + specified, the timeout applies to each individual attempt. + metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata + that is provided to the method. + + Returns: + A :class:`~google.cloud.securitycenter_v1p1beta1.types.OrganizationSettings` instance. + + Raises: + google.api_core.exceptions.GoogleAPICallError: If the request + failed for any reason. + google.api_core.exceptions.RetryError: If the request failed due + to a retryable error and retry attempts failed. + ValueError: If the parameters are invalid. + """ + # Wrap the transport method to add retry and timeout logic. + if "update_organization_settings" not in self._inner_api_calls: + self._inner_api_calls[ + "update_organization_settings" + ] = google.api_core.gapic_v1.method.wrap_method( + self.transport.update_organization_settings, + default_retry=self._method_configs["UpdateOrganizationSettings"].retry, + default_timeout=self._method_configs[ + "UpdateOrganizationSettings" + ].timeout, + client_info=self._client_info, + ) + + request = securitycenter_service_pb2.UpdateOrganizationSettingsRequest( + organization_settings=organization_settings, update_mask=update_mask, + ) + if metadata is None: + metadata = [] + metadata = list(metadata) + try: + routing_header = [ + ("organization_settings.name", organization_settings.name) + ] + except AttributeError: + pass + else: + routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( + routing_header + ) + metadata.append(routing_metadata) + + return self._inner_api_calls["update_organization_settings"]( + request, retry=retry, timeout=timeout, metadata=metadata + ) + + def update_source( + self, + source, + update_mask=None, + retry=google.api_core.gapic_v1.method.DEFAULT, + timeout=google.api_core.gapic_v1.method.DEFAULT, + metadata=None, + ): + """ + Updates a source. + + Example: + >>> from google.cloud import securitycenter_v1p1beta1 + >>> + >>> client = securitycenter_v1p1beta1.SecurityCenterClient() + >>> + >>> # TODO: Initialize `source`: + >>> source = {} + >>> + >>> response = client.update_source(source) + + Args: + source (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.Source]): Required. The source resource to update. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.Source` + update_mask (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.FieldMask]): The FieldMask to use when updating the source resource. + + If empty all mutable fields will be updated. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.FieldMask` + retry (Optional[google.api_core.retry.Retry]): A retry object used + to retry requests. If ``None`` is specified, requests will + be retried using a default configuration. + timeout (Optional[float]): The amount of time, in seconds, to wait + for the request to complete. Note that if ``retry`` is + specified, the timeout applies to each individual attempt. + metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata + that is provided to the method. + + Returns: + A :class:`~google.cloud.securitycenter_v1p1beta1.types.Source` instance. + + Raises: + google.api_core.exceptions.GoogleAPICallError: If the request + failed for any reason. + google.api_core.exceptions.RetryError: If the request failed due + to a retryable error and retry attempts failed. + ValueError: If the parameters are invalid. + """ + # Wrap the transport method to add retry and timeout logic. + if "update_source" not in self._inner_api_calls: + self._inner_api_calls[ + "update_source" + ] = google.api_core.gapic_v1.method.wrap_method( + self.transport.update_source, + default_retry=self._method_configs["UpdateSource"].retry, + default_timeout=self._method_configs["UpdateSource"].timeout, + client_info=self._client_info, + ) + + request = securitycenter_service_pb2.UpdateSourceRequest( + source=source, update_mask=update_mask, + ) + if metadata is None: + metadata = [] + metadata = list(metadata) + try: + routing_header = [("source.name", source.name)] + except AttributeError: + pass + else: + routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( + routing_header + ) + metadata.append(routing_metadata) + + return self._inner_api_calls["update_source"]( + request, retry=retry, timeout=timeout, metadata=metadata + ) + + def update_security_marks( + self, + security_marks, + update_mask=None, + start_time=None, + retry=google.api_core.gapic_v1.method.DEFAULT, + timeout=google.api_core.gapic_v1.method.DEFAULT, + metadata=None, + ): + """ + Updates security marks. + + Example: + >>> from google.cloud import securitycenter_v1p1beta1 + >>> + >>> client = securitycenter_v1p1beta1.SecurityCenterClient() + >>> + >>> # TODO: Initialize `security_marks`: + >>> security_marks = {} + >>> + >>> response = client.update_security_marks(security_marks) + + Args: + security_marks (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.SecurityMarks]): Required. The security marks resource to update. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.SecurityMarks` + update_mask (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.FieldMask]): The FieldMask to use when updating the security marks resource. + + The field mask must not contain duplicate fields. If empty or set to + "marks", all marks will be replaced. Individual marks can be updated + using "marks.". + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.FieldMask` + start_time (Union[dict, ~google.cloud.securitycenter_v1p1beta1.types.Timestamp]): The time at which the updated SecurityMarks take effect. + If not set uses current server time. Updates will be applied to the + SecurityMarks that are active immediately preceding this time. + + If a dict is provided, it must be of the same form as the protobuf + message :class:`~google.cloud.securitycenter_v1p1beta1.types.Timestamp` + retry (Optional[google.api_core.retry.Retry]): A retry object used + to retry requests. If ``None`` is specified, requests will + be retried using a default configuration. + timeout (Optional[float]): The amount of time, in seconds, to wait + for the request to complete. Note that if ``retry`` is + specified, the timeout applies to each individual attempt. + metadata (Optional[Sequence[Tuple[str, str]]]): Additional metadata + that is provided to the method. + + Returns: + A :class:`~google.cloud.securitycenter_v1p1beta1.types.SecurityMarks` instance. + + Raises: + google.api_core.exceptions.GoogleAPICallError: If the request + failed for any reason. + google.api_core.exceptions.RetryError: If the request failed due + to a retryable error and retry attempts failed. + ValueError: If the parameters are invalid. + """ + # Wrap the transport method to add retry and timeout logic. + if "update_security_marks" not in self._inner_api_calls: + self._inner_api_calls[ + "update_security_marks" + ] = google.api_core.gapic_v1.method.wrap_method( + self.transport.update_security_marks, + default_retry=self._method_configs["UpdateSecurityMarks"].retry, + default_timeout=self._method_configs["UpdateSecurityMarks"].timeout, + client_info=self._client_info, + ) + + request = securitycenter_service_pb2.UpdateSecurityMarksRequest( + security_marks=security_marks, + update_mask=update_mask, + start_time=start_time, + ) + if metadata is None: + metadata = [] + metadata = list(metadata) + try: + routing_header = [("security_marks.name", security_marks.name)] + except AttributeError: + pass + else: + routing_metadata = google.api_core.gapic_v1.routing_header.to_grpc_metadata( + routing_header + ) + metadata.append(routing_metadata) + + return self._inner_api_calls["update_security_marks"]( + request, retry=retry, timeout=timeout, metadata=metadata + ) diff --git a/google/cloud/securitycenter_v1p1beta1/gapic/security_center_client_config.py b/google/cloud/securitycenter_v1p1beta1/gapic/security_center_client_config.py new file mode 100644 index 00000000..975998d8 --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/gapic/security_center_client_config.py @@ -0,0 +1,138 @@ +config = { + "interfaces": { + "google.cloud.securitycenter.v1p1beta1.SecurityCenter": { + "retry_codes": { + "idempotent": ["DEADLINE_EXCEEDED", "UNAVAILABLE"], + "non_idempotent": [], + }, + "retry_params": { + "default": { + "initial_retry_delay_millis": 100, + "retry_delay_multiplier": 1.3, + "max_retry_delay_millis": 60000, + "initial_rpc_timeout_millis": 20000, + "rpc_timeout_multiplier": 1.0, + "max_rpc_timeout_millis": 20000, + "total_timeout_millis": 600000, + } + }, + "methods": { + "CreateSource": { + "timeout_millis": 60000, + "retry_codes_name": "non_idempotent", + "retry_params_name": "default", + }, + "CreateFinding": { + "timeout_millis": 60000, + "retry_codes_name": "non_idempotent", + "retry_params_name": "default", + }, + "CreateNotificationConfig": { + "timeout_millis": 60000, + "retry_codes_name": "non_idempotent", + "retry_params_name": "default", + }, + "DeleteNotificationConfig": { + "timeout_millis": 60000, + "retry_codes_name": "non_idempotent", + "retry_params_name": "default", + }, + "GetIamPolicy": { + "timeout_millis": 60000, + "retry_codes_name": "non_idempotent", + "retry_params_name": "default", + }, + "GetNotificationConfig": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default", + }, + "GetOrganizationSettings": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default", + }, + "GetSource": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default", + }, + "GroupAssets": { + "timeout_millis": 60000, + "retry_codes_name": "non_idempotent", + "retry_params_name": "default", + }, + "GroupFindings": { + "timeout_millis": 60000, + "retry_codes_name": "non_idempotent", + "retry_params_name": "default", + }, + "ListAssets": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default", + }, + "ListFindings": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default", + }, + "ListNotificationConfigs": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default", + }, + "ListSources": { + "timeout_millis": 60000, + "retry_codes_name": "idempotent", + "retry_params_name": "default", + }, + "RunAssetDiscovery": { + "timeout_millis": 60000, + "retry_codes_name": "non_idempotent", + "retry_params_name": "default", + }, + "SetFindingState": { + "timeout_millis": 60000, + "retry_codes_name": "non_idempotent", + "retry_params_name": "default", + }, + "SetIamPolicy": { + "timeout_millis": 60000, + "retry_codes_name": "non_idempotent", + "retry_params_name": "default", + }, + "TestIamPermissions": { + "timeout_millis": 60000, + "retry_codes_name": "non_idempotent", + "retry_params_name": "default", + }, + "UpdateFinding": { + "timeout_millis": 60000, + "retry_codes_name": "non_idempotent", + "retry_params_name": "default", + }, + "UpdateNotificationConfig": { + "timeout_millis": 60000, + "retry_codes_name": "non_idempotent", + "retry_params_name": "default", + }, + "UpdateOrganizationSettings": { + "timeout_millis": 60000, + "retry_codes_name": "non_idempotent", + "retry_params_name": "default", + }, + "UpdateSource": { + "timeout_millis": 60000, + "retry_codes_name": "non_idempotent", + "retry_params_name": "default", + }, + "UpdateSecurityMarks": { + "timeout_millis": 60000, + "retry_codes_name": "non_idempotent", + "retry_params_name": "default", + }, + }, + } + } +} diff --git a/google/cloud/securitycenter_v1p1beta1/gapic/transports/__init__.py b/google/cloud/securitycenter_v1p1beta1/gapic/transports/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/google/cloud/securitycenter_v1p1beta1/gapic/transports/security_center_grpc_transport.py b/google/cloud/securitycenter_v1p1beta1/gapic/transports/security_center_grpc_transport.py new file mode 100644 index 00000000..cf44a3ee --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/gapic/transports/security_center_grpc_transport.py @@ -0,0 +1,435 @@ +# -*- coding: utf-8 -*- +# +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +import google.api_core.grpc_helpers +import google.api_core.operations_v1 + +from google.cloud.securitycenter_v1p1beta1.proto import securitycenter_service_pb2_grpc + + +class SecurityCenterGrpcTransport(object): + """gRPC transport class providing stubs for + google.cloud.securitycenter.v1p1beta1 SecurityCenter API. + + The transport provides access to the raw gRPC stubs, + which can be used to take advantage of advanced + features of gRPC. + """ + + # The scopes needed to make gRPC calls to all of the methods defined + # in this service. + _OAUTH_SCOPES = ("https://www.googleapis.com/auth/cloud-platform",) + + def __init__( + self, + channel=None, + credentials=None, + address="securitycenter.googleapis.com:443", + ): + """Instantiate the transport class. + + Args: + channel (grpc.Channel): A ``Channel`` instance through + which to make calls. This argument is mutually exclusive + with ``credentials``; providing both will raise an exception. + credentials (google.auth.credentials.Credentials): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If none + are specified, the client will attempt to ascertain the + credentials from the environment. + address (str): The address where the service is hosted. + """ + # If both `channel` and `credentials` are specified, raise an + # exception (channels come with credentials baked in already). + if channel is not None and credentials is not None: + raise ValueError( + "The `channel` and `credentials` arguments are mutually " "exclusive.", + ) + + # Create the channel. + if channel is None: + channel = self.create_channel( + address=address, + credentials=credentials, + options={ + "grpc.max_send_message_length": -1, + "grpc.max_receive_message_length": -1, + }.items(), + ) + + self._channel = channel + + # gRPC uses objects called "stubs" that are bound to the + # channel and provide a basic method for each RPC. + self._stubs = { + "security_center_stub": securitycenter_service_pb2_grpc.SecurityCenterStub( + channel + ), + } + + # Because this API includes a method that returns a + # long-running operation (proto: google.longrunning.Operation), + # instantiate an LRO client. + self._operations_client = google.api_core.operations_v1.OperationsClient( + channel + ) + + @classmethod + def create_channel( + cls, address="securitycenter.googleapis.com:443", credentials=None, **kwargs + ): + """Create and return a gRPC channel object. + + Args: + address (str): The host for the channel to use. + credentials (~.Credentials): The + authorization credentials to attach to requests. These + credentials identify this application to the service. If + none are specified, the client will attempt to ascertain + the credentials from the environment. + kwargs (dict): Keyword arguments, which are passed to the + channel creation. + + Returns: + grpc.Channel: A gRPC channel object. + """ + return google.api_core.grpc_helpers.create_channel( + address, credentials=credentials, scopes=cls._OAUTH_SCOPES, **kwargs + ) + + @property + def channel(self): + """The gRPC channel used by the transport. + + Returns: + grpc.Channel: A gRPC channel object. + """ + return self._channel + + @property + def create_source(self): + """Return the gRPC stub for :meth:`SecurityCenterClient.create_source`. + + Creates a source. + + Returns: + Callable: A callable which accepts the appropriate + deserialized request object and returns a + deserialized response object. + """ + return self._stubs["security_center_stub"].CreateSource + + @property + def create_finding(self): + """Return the gRPC stub for :meth:`SecurityCenterClient.create_finding`. + + Creates a finding. The corresponding source must exist for finding + creation to succeed. + + Returns: + Callable: A callable which accepts the appropriate + deserialized request object and returns a + deserialized response object. + """ + return self._stubs["security_center_stub"].CreateFinding + + @property + def create_notification_config(self): + """Return the gRPC stub for :meth:`SecurityCenterClient.create_notification_config`. + + Creates a notification config. + + Returns: + Callable: A callable which accepts the appropriate + deserialized request object and returns a + deserialized response object. + """ + return self._stubs["security_center_stub"].CreateNotificationConfig + + @property + def delete_notification_config(self): + """Return the gRPC stub for :meth:`SecurityCenterClient.delete_notification_config`. + + Deletes a notification config. + + Returns: + Callable: A callable which accepts the appropriate + deserialized request object and returns a + deserialized response object. + """ + return self._stubs["security_center_stub"].DeleteNotificationConfig + + @property + def get_iam_policy(self): + """Return the gRPC stub for :meth:`SecurityCenterClient.get_iam_policy`. + + Gets the access control policy on the specified Source. + + Returns: + Callable: A callable which accepts the appropriate + deserialized request object and returns a + deserialized response object. + """ + return self._stubs["security_center_stub"].GetIamPolicy + + @property + def get_notification_config(self): + """Return the gRPC stub for :meth:`SecurityCenterClient.get_notification_config`. + + Gets a notification config. + + Returns: + Callable: A callable which accepts the appropriate + deserialized request object and returns a + deserialized response object. + """ + return self._stubs["security_center_stub"].GetNotificationConfig + + @property + def get_organization_settings(self): + """Return the gRPC stub for :meth:`SecurityCenterClient.get_organization_settings`. + + Gets the settings for an organization. + + Returns: + Callable: A callable which accepts the appropriate + deserialized request object and returns a + deserialized response object. + """ + return self._stubs["security_center_stub"].GetOrganizationSettings + + @property + def get_source(self): + """Return the gRPC stub for :meth:`SecurityCenterClient.get_source`. + + Gets a source. + + Returns: + Callable: A callable which accepts the appropriate + deserialized request object and returns a + deserialized response object. + """ + return self._stubs["security_center_stub"].GetSource + + @property + def group_assets(self): + """Return the gRPC stub for :meth:`SecurityCenterClient.group_assets`. + + Filters an organization's assets and groups them by their specified + properties. + + Returns: + Callable: A callable which accepts the appropriate + deserialized request object and returns a + deserialized response object. + """ + return self._stubs["security_center_stub"].GroupAssets + + @property + def group_findings(self): + """Return the gRPC stub for :meth:`SecurityCenterClient.group_findings`. + + Filters an organization or source's findings and groups them by their + specified properties. + + To group across all sources provide a ``-`` as the source id. Example: + /v1p1beta1/organizations/{organization\_id}/sources/-/findings + + Returns: + Callable: A callable which accepts the appropriate + deserialized request object and returns a + deserialized response object. + """ + return self._stubs["security_center_stub"].GroupFindings + + @property + def list_assets(self): + """Return the gRPC stub for :meth:`SecurityCenterClient.list_assets`. + + Lists an organization's assets. + + Returns: + Callable: A callable which accepts the appropriate + deserialized request object and returns a + deserialized response object. + """ + return self._stubs["security_center_stub"].ListAssets + + @property + def list_findings(self): + """Return the gRPC stub for :meth:`SecurityCenterClient.list_findings`. + + Lists an organization or source's findings. + + To list across all sources provide a ``-`` as the source id. Example: + /v1p1beta1/organizations/{organization\_id}/sources/-/findings + + Returns: + Callable: A callable which accepts the appropriate + deserialized request object and returns a + deserialized response object. + """ + return self._stubs["security_center_stub"].ListFindings + + @property + def list_notification_configs(self): + """Return the gRPC stub for :meth:`SecurityCenterClient.list_notification_configs`. + + Lists notification configs. + + Returns: + Callable: A callable which accepts the appropriate + deserialized request object and returns a + deserialized response object. + """ + return self._stubs["security_center_stub"].ListNotificationConfigs + + @property + def list_sources(self): + """Return the gRPC stub for :meth:`SecurityCenterClient.list_sources`. + + Lists all sources belonging to an organization. + + Returns: + Callable: A callable which accepts the appropriate + deserialized request object and returns a + deserialized response object. + """ + return self._stubs["security_center_stub"].ListSources + + @property + def run_asset_discovery(self): + """Return the gRPC stub for :meth:`SecurityCenterClient.run_asset_discovery`. + + Runs asset discovery. The discovery is tracked with a long-running + operation. + + This API can only be called with limited frequency for an organization. + If it is called too frequently the caller will receive a + TOO\_MANY\_REQUESTS error. + + Returns: + Callable: A callable which accepts the appropriate + deserialized request object and returns a + deserialized response object. + """ + return self._stubs["security_center_stub"].RunAssetDiscovery + + @property + def set_finding_state(self): + """Return the gRPC stub for :meth:`SecurityCenterClient.set_finding_state`. + + Updates the state of a finding. + + Returns: + Callable: A callable which accepts the appropriate + deserialized request object and returns a + deserialized response object. + """ + return self._stubs["security_center_stub"].SetFindingState + + @property + def set_iam_policy(self): + """Return the gRPC stub for :meth:`SecurityCenterClient.set_iam_policy`. + + Sets the access control policy on the specified Source. + + Returns: + Callable: A callable which accepts the appropriate + deserialized request object and returns a + deserialized response object. + """ + return self._stubs["security_center_stub"].SetIamPolicy + + @property + def test_iam_permissions(self): + """Return the gRPC stub for :meth:`SecurityCenterClient.test_iam_permissions`. + + Returns the permissions that a caller has on the specified source. + + Returns: + Callable: A callable which accepts the appropriate + deserialized request object and returns a + deserialized response object. + """ + return self._stubs["security_center_stub"].TestIamPermissions + + @property + def update_finding(self): + """Return the gRPC stub for :meth:`SecurityCenterClient.update_finding`. + + Creates or updates a finding. The corresponding source must exist for a + finding creation to succeed. + + Returns: + Callable: A callable which accepts the appropriate + deserialized request object and returns a + deserialized response object. + """ + return self._stubs["security_center_stub"].UpdateFinding + + @property + def update_notification_config(self): + """Return the gRPC stub for :meth:`SecurityCenterClient.update_notification_config`. + + Updates a notification config. + + Returns: + Callable: A callable which accepts the appropriate + deserialized request object and returns a + deserialized response object. + """ + return self._stubs["security_center_stub"].UpdateNotificationConfig + + @property + def update_organization_settings(self): + """Return the gRPC stub for :meth:`SecurityCenterClient.update_organization_settings`. + + Updates an organization's settings. + + Returns: + Callable: A callable which accepts the appropriate + deserialized request object and returns a + deserialized response object. + """ + return self._stubs["security_center_stub"].UpdateOrganizationSettings + + @property + def update_source(self): + """Return the gRPC stub for :meth:`SecurityCenterClient.update_source`. + + Updates a source. + + Returns: + Callable: A callable which accepts the appropriate + deserialized request object and returns a + deserialized response object. + """ + return self._stubs["security_center_stub"].UpdateSource + + @property + def update_security_marks(self): + """Return the gRPC stub for :meth:`SecurityCenterClient.update_security_marks`. + + Updates security marks. + + Returns: + Callable: A callable which accepts the appropriate + deserialized request object and returns a + deserialized response object. + """ + return self._stubs["security_center_stub"].UpdateSecurityMarks diff --git a/google/cloud/securitycenter_v1p1beta1/proto/__init__.py b/google/cloud/securitycenter_v1p1beta1/proto/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/google/cloud/securitycenter_v1p1beta1/proto/asset.proto b/google/cloud/securitycenter_v1p1beta1/proto/asset.proto new file mode 100644 index 00000000..3e4b26a8 --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/asset.proto @@ -0,0 +1,119 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.cloud.securitycenter.v1p1beta1; + +import "google/api/annotations.proto"; +import "google/api/resource.proto"; +import "google/cloud/securitycenter/v1p1beta1/security_marks.proto"; +import "google/protobuf/struct.proto"; +import "google/protobuf/timestamp.proto"; + +option csharp_namespace = "Google.Cloud.SecurityCenter.V1P1Beta1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter"; +option java_multiple_files = true; +option java_package = "com.google.cloud.securitycenter.v1p1beta1"; +option php_namespace = "Google\\Cloud\\SecurityCenter\\V1p1beta1"; +option ruby_package = "Google::Cloud::SecurityCenter::V1p1beta1"; + +// Cloud Security Command Center's (Cloud SCC) representation of a Google Cloud +// Platform (GCP) resource. +// +// The Asset is a Cloud SCC resource that captures information about a single +// GCP resource. All modifications to an Asset are only within the context of +// Cloud SCC and don't affect the referenced GCP resource. +message Asset { + option (google.api.resource) = { + type: "securitycenter.googleapis.com/Asset" + pattern: "organizations/{organization}/assets/{asset}" + }; + + // Cloud SCC managed properties. These properties are managed by Cloud SCC and + // cannot be modified by the user. + message SecurityCenterProperties { + // The full resource name of the GCP resource this asset + // represents. This field is immutable after create time. See: + // https://cloud.google.com/apis/design/resource_names#full_resource_name + string resource_name = 1; + + // The type of the GCP resource. Examples include: APPLICATION, + // PROJECT, and ORGANIZATION. This is a case insensitive field defined by + // Cloud SCC and/or the producer of the resource and is immutable + // after create time. + string resource_type = 2; + + // The full resource name of the immediate parent of the resource. See: + // https://cloud.google.com/apis/design/resource_names#full_resource_name + string resource_parent = 3; + + // The full resource name of the project the resource belongs to. See: + // https://cloud.google.com/apis/design/resource_names#full_resource_name + string resource_project = 4; + + // Owners of the Google Cloud resource. + repeated string resource_owners = 5; + + // The user defined display name for this resource. + string resource_display_name = 6; + + // The user defined display name for the parent of this resource. + string resource_parent_display_name = 7; + + // The user defined display name for the project of this resource. + string resource_project_display_name = 8; + } + + // IAM Policy information associated with the GCP resource described by the + // Cloud SCC asset. This information is managed and defined by the GCP + // resource and cannot be modified by the user. + message IamPolicy { + // The JSON representation of the Policy associated with the asset. + // See https://cloud.google.com/iam/reference/rest/v1p1beta1/Policy for + // format details. + string policy_blob = 1; + } + + // The relative resource name of this asset. See: + // https://cloud.google.com/apis/design/resource_names#relative_resource_name + // Example: + // "organizations/{organization_id}/assets/{asset_id}". + string name = 1; + + // Cloud SCC managed properties. These properties are managed by + // Cloud SCC and cannot be modified by the user. + SecurityCenterProperties security_center_properties = 2; + + // Resource managed properties. These properties are managed and defined by + // the GCP resource and cannot be modified by the user. + map resource_properties = 7; + + // User specified security marks. These marks are entirely managed by the user + // and come from the SecurityMarks resource that belongs to the asset. + SecurityMarks security_marks = 8; + + // The time at which the asset was created in Cloud SCC. + google.protobuf.Timestamp create_time = 9; + + // The time at which the asset was last updated, added, or deleted in Cloud + // SCC. + google.protobuf.Timestamp update_time = 10; + + // IAM Policy information associated with the GCP resource described by the + // Cloud SCC asset. This information is managed and defined by the GCP + // resource and cannot be modified by the user. + IamPolicy iam_policy = 11; +} diff --git a/google/cloud/securitycenter_v1p1beta1/proto/asset_pb2.py b/google/cloud/securitycenter_v1p1beta1/proto/asset_pb2.py new file mode 100644 index 00000000..32de1aca --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/asset_pb2.py @@ -0,0 +1,610 @@ +# -*- coding: utf-8 -*- +# Generated by the protocol buffer compiler. DO NOT EDIT! +# source: google/cloud/securitycenter_v1p1beta1/proto/asset.proto + +import sys + +_b = sys.version_info[0] < 3 and (lambda x: x) or (lambda x: x.encode("latin1")) +from google.protobuf import descriptor as _descriptor +from google.protobuf import message as _message +from google.protobuf import reflection as _reflection +from google.protobuf import symbol_database as _symbol_database + +# @@protoc_insertion_point(imports) + +_sym_db = _symbol_database.Default() + + +from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 +from google.api import resource_pb2 as google_dot_api_dot_resource__pb2 +from google.cloud.securitycenter_v1p1beta1.proto import ( + security_marks_pb2 as google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_security__marks__pb2, +) +from google.protobuf import struct_pb2 as google_dot_protobuf_dot_struct__pb2 +from google.protobuf import timestamp_pb2 as google_dot_protobuf_dot_timestamp__pb2 + + +DESCRIPTOR = _descriptor.FileDescriptor( + name="google/cloud/securitycenter_v1p1beta1/proto/asset.proto", + package="google.cloud.securitycenter.v1p1beta1", + syntax="proto3", + serialized_options=_b( + "\n)com.google.cloud.securitycenter.v1p1beta1P\001ZSgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter\252\002%Google.Cloud.SecurityCenter.V1P1Beta1\312\002%Google\\Cloud\\SecurityCenter\\V1p1beta1\352\002(Google::Cloud::SecurityCenter::V1p1beta1" + ), + serialized_pb=_b( + '\n7google/cloud/securitycenter_v1p1beta1/proto/asset.proto\x12%google.cloud.securitycenter.v1p1beta1\x1a\x1cgoogle/api/annotations.proto\x1a\x19google/api/resource.proto\x1a@google/cloud/securitycenter_v1p1beta1/proto/security_marks.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a\x1fgoogle/protobuf/timestamp.proto"\xae\x07\n\x05\x41sset\x12\x0c\n\x04name\x18\x01 \x01(\t\x12i\n\x1asecurity_center_properties\x18\x02 \x01(\x0b\x32\x45.google.cloud.securitycenter.v1p1beta1.Asset.SecurityCenterProperties\x12\x61\n\x13resource_properties\x18\x07 \x03(\x0b\x32\x44.google.cloud.securitycenter.v1p1beta1.Asset.ResourcePropertiesEntry\x12L\n\x0esecurity_marks\x18\x08 \x01(\x0b\x32\x34.google.cloud.securitycenter.v1p1beta1.SecurityMarks\x12/\n\x0b\x63reate_time\x18\t \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12/\n\x0bupdate_time\x18\n \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12J\n\niam_policy\x18\x0b \x01(\x0b\x32\x36.google.cloud.securitycenter.v1p1beta1.Asset.IamPolicy\x1a\x80\x02\n\x18SecurityCenterProperties\x12\x15\n\rresource_name\x18\x01 \x01(\t\x12\x15\n\rresource_type\x18\x02 \x01(\t\x12\x17\n\x0fresource_parent\x18\x03 \x01(\t\x12\x18\n\x10resource_project\x18\x04 \x01(\t\x12\x17\n\x0fresource_owners\x18\x05 \x03(\t\x12\x1d\n\x15resource_display_name\x18\x06 \x01(\t\x12$\n\x1cresource_parent_display_name\x18\x07 \x01(\t\x12%\n\x1dresource_project_display_name\x18\x08 \x01(\t\x1a \n\tIamPolicy\x12\x13\n\x0bpolicy_blob\x18\x01 \x01(\t\x1aQ\n\x17ResourcePropertiesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12%\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.Value:\x02\x38\x01:U\xea\x41R\n#securitycenter.googleapis.com/Asset\x12+organizations/{organization}/assets/{asset}B\xfd\x01\n)com.google.cloud.securitycenter.v1p1beta1P\x01ZSgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter\xaa\x02%Google.Cloud.SecurityCenter.V1P1Beta1\xca\x02%Google\\Cloud\\SecurityCenter\\V1p1beta1\xea\x02(Google::Cloud::SecurityCenter::V1p1beta1b\x06proto3' + ), + dependencies=[ + google_dot_api_dot_annotations__pb2.DESCRIPTOR, + google_dot_api_dot_resource__pb2.DESCRIPTOR, + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_security__marks__pb2.DESCRIPTOR, + google_dot_protobuf_dot_struct__pb2.DESCRIPTOR, + google_dot_protobuf_dot_timestamp__pb2.DESCRIPTOR, + ], +) + + +_ASSET_SECURITYCENTERPROPERTIES = _descriptor.Descriptor( + name="SecurityCenterProperties", + full_name="google.cloud.securitycenter.v1p1beta1.Asset.SecurityCenterProperties", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="resource_name", + full_name="google.cloud.securitycenter.v1p1beta1.Asset.SecurityCenterProperties.resource_name", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="resource_type", + full_name="google.cloud.securitycenter.v1p1beta1.Asset.SecurityCenterProperties.resource_type", + index=1, + number=2, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="resource_parent", + full_name="google.cloud.securitycenter.v1p1beta1.Asset.SecurityCenterProperties.resource_parent", + index=2, + number=3, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="resource_project", + full_name="google.cloud.securitycenter.v1p1beta1.Asset.SecurityCenterProperties.resource_project", + index=3, + number=4, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="resource_owners", + full_name="google.cloud.securitycenter.v1p1beta1.Asset.SecurityCenterProperties.resource_owners", + index=4, + number=5, + type=9, + cpp_type=9, + label=3, + has_default_value=False, + default_value=[], + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="resource_display_name", + full_name="google.cloud.securitycenter.v1p1beta1.Asset.SecurityCenterProperties.resource_display_name", + index=5, + number=6, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="resource_parent_display_name", + full_name="google.cloud.securitycenter.v1p1beta1.Asset.SecurityCenterProperties.resource_parent_display_name", + index=6, + number=7, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="resource_project_display_name", + full_name="google.cloud.securitycenter.v1p1beta1.Asset.SecurityCenterProperties.resource_project_display_name", + index=7, + number=8, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=767, + serialized_end=1023, +) + +_ASSET_IAMPOLICY = _descriptor.Descriptor( + name="IamPolicy", + full_name="google.cloud.securitycenter.v1p1beta1.Asset.IamPolicy", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="policy_blob", + full_name="google.cloud.securitycenter.v1p1beta1.Asset.IamPolicy.policy_blob", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=1025, + serialized_end=1057, +) + +_ASSET_RESOURCEPROPERTIESENTRY = _descriptor.Descriptor( + name="ResourcePropertiesEntry", + full_name="google.cloud.securitycenter.v1p1beta1.Asset.ResourcePropertiesEntry", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="key", + full_name="google.cloud.securitycenter.v1p1beta1.Asset.ResourcePropertiesEntry.key", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="value", + full_name="google.cloud.securitycenter.v1p1beta1.Asset.ResourcePropertiesEntry.value", + index=1, + number=2, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=_b("8\001"), + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=1059, + serialized_end=1140, +) + +_ASSET = _descriptor.Descriptor( + name="Asset", + full_name="google.cloud.securitycenter.v1p1beta1.Asset", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="name", + full_name="google.cloud.securitycenter.v1p1beta1.Asset.name", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="security_center_properties", + full_name="google.cloud.securitycenter.v1p1beta1.Asset.security_center_properties", + index=1, + number=2, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="resource_properties", + full_name="google.cloud.securitycenter.v1p1beta1.Asset.resource_properties", + index=2, + number=7, + type=11, + cpp_type=10, + label=3, + has_default_value=False, + default_value=[], + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="security_marks", + full_name="google.cloud.securitycenter.v1p1beta1.Asset.security_marks", + index=3, + number=8, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="create_time", + full_name="google.cloud.securitycenter.v1p1beta1.Asset.create_time", + index=4, + number=9, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="update_time", + full_name="google.cloud.securitycenter.v1p1beta1.Asset.update_time", + index=5, + number=10, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="iam_policy", + full_name="google.cloud.securitycenter.v1p1beta1.Asset.iam_policy", + index=6, + number=11, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[ + _ASSET_SECURITYCENTERPROPERTIES, + _ASSET_IAMPOLICY, + _ASSET_RESOURCEPROPERTIESENTRY, + ], + enum_types=[], + serialized_options=_b( + "\352AR\n#securitycenter.googleapis.com/Asset\022+organizations/{organization}/assets/{asset}" + ), + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=285, + serialized_end=1227, +) + +_ASSET_SECURITYCENTERPROPERTIES.containing_type = _ASSET +_ASSET_IAMPOLICY.containing_type = _ASSET +_ASSET_RESOURCEPROPERTIESENTRY.fields_by_name[ + "value" +].message_type = google_dot_protobuf_dot_struct__pb2._VALUE +_ASSET_RESOURCEPROPERTIESENTRY.containing_type = _ASSET +_ASSET.fields_by_name[ + "security_center_properties" +].message_type = _ASSET_SECURITYCENTERPROPERTIES +_ASSET.fields_by_name[ + "resource_properties" +].message_type = _ASSET_RESOURCEPROPERTIESENTRY +_ASSET.fields_by_name[ + "security_marks" +].message_type = ( + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_security__marks__pb2._SECURITYMARKS +) +_ASSET.fields_by_name[ + "create_time" +].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP +_ASSET.fields_by_name[ + "update_time" +].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP +_ASSET.fields_by_name["iam_policy"].message_type = _ASSET_IAMPOLICY +DESCRIPTOR.message_types_by_name["Asset"] = _ASSET +_sym_db.RegisterFileDescriptor(DESCRIPTOR) + +Asset = _reflection.GeneratedProtocolMessageType( + "Asset", + (_message.Message,), + dict( + SecurityCenterProperties=_reflection.GeneratedProtocolMessageType( + "SecurityCenterProperties", + (_message.Message,), + dict( + DESCRIPTOR=_ASSET_SECURITYCENTERPROPERTIES, + __module__="google.cloud.securitycenter_v1p1beta1.proto.asset_pb2", + __doc__="""Cloud SCC managed properties. These properties are managed + by Cloud SCC and cannot be modified by the user. + + + Attributes: + resource_name: + The full resource name of the GCP resource this asset + represents. This field is immutable after create time. See: ht + tps://cloud.google.com/apis/design/resource\_names#full\_resou + rce\_name + resource_type: + The type of the GCP resource. Examples include: APPLICATION, + PROJECT, and ORGANIZATION. This is a case insensitive field + defined by Cloud SCC and/or the producer of the resource and + is immutable after create time. + resource_parent: + The full resource name of the immediate parent of the + resource. See: https://cloud.google.com/apis/design/resource\_ + names#full\_resource\_name + resource_project: + The full resource name of the project the resource belongs to. + See: https://cloud.google.com/apis/design/resource\_names#full + \_resource\_name + resource_owners: + Owners of the Google Cloud resource. + resource_display_name: + The user defined display name for this resource. + resource_parent_display_name: + The user defined display name for the parent of this resource. + resource_project_display_name: + The user defined display name for the project of this + resource. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.Asset.SecurityCenterProperties) + ), + ), + IamPolicy=_reflection.GeneratedProtocolMessageType( + "IamPolicy", + (_message.Message,), + dict( + DESCRIPTOR=_ASSET_IAMPOLICY, + __module__="google.cloud.securitycenter_v1p1beta1.proto.asset_pb2", + __doc__="""IAM Policy information associated with the GCP resource + described by the Cloud SCC asset. This information is managed and + defined by the GCP resource and cannot be modified by the user. + + + Attributes: + policy_blob: + The JSON representation of the Policy associated with the + asset. See + https://cloud.google.com/iam/reference/rest/v1p1beta1/Policy + for format details. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.Asset.IamPolicy) + ), + ), + ResourcePropertiesEntry=_reflection.GeneratedProtocolMessageType( + "ResourcePropertiesEntry", + (_message.Message,), + dict( + DESCRIPTOR=_ASSET_RESOURCEPROPERTIESENTRY, + __module__="google.cloud.securitycenter_v1p1beta1.proto.asset_pb2" + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.Asset.ResourcePropertiesEntry) + ), + ), + DESCRIPTOR=_ASSET, + __module__="google.cloud.securitycenter_v1p1beta1.proto.asset_pb2", + __doc__="""Cloud Security Command Center's (Cloud SCC) representation + of a Google Cloud Platform (GCP) resource. + + The Asset is a Cloud SCC resource that captures information about a + single GCP resource. All modifications to an Asset are only within the + context of Cloud SCC and don't affect the referenced GCP resource. + + + Attributes: + name: + The relative resource name of this asset. See: https://cloud.g + oogle.com/apis/design/resource\_names#relative\_resource\_name + Example: + "organizations/{organization\_id}/assets/{asset\_id}". + security_center_properties: + Cloud SCC managed properties. These properties are managed by + Cloud SCC and cannot be modified by the user. + resource_properties: + Resource managed properties. These properties are managed and + defined by the GCP resource and cannot be modified by the + user. + security_marks: + User specified security marks. These marks are entirely + managed by the user and come from the SecurityMarks resource + that belongs to the asset. + create_time: + The time at which the asset was created in Cloud SCC. + update_time: + The time at which the asset was last updated, added, or + deleted in Cloud SCC. + iam_policy: + IAM Policy information associated with the GCP resource + described by the Cloud SCC asset. This information is managed + and defined by the GCP resource and cannot be modified by the + user. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.Asset) + ), +) +_sym_db.RegisterMessage(Asset) +_sym_db.RegisterMessage(Asset.SecurityCenterProperties) +_sym_db.RegisterMessage(Asset.IamPolicy) +_sym_db.RegisterMessage(Asset.ResourcePropertiesEntry) + + +DESCRIPTOR._options = None +_ASSET_RESOURCEPROPERTIESENTRY._options = None +_ASSET._options = None +# @@protoc_insertion_point(module_scope) diff --git a/google/cloud/securitycenter_v1p1beta1/proto/asset_pb2_grpc.py b/google/cloud/securitycenter_v1p1beta1/proto/asset_pb2_grpc.py new file mode 100644 index 00000000..07cb78fe --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/asset_pb2_grpc.py @@ -0,0 +1,2 @@ +# Generated by the gRPC Python protocol compiler plugin. DO NOT EDIT! +import grpc diff --git a/google/cloud/securitycenter_v1p1beta1/proto/finding.proto b/google/cloud/securitycenter_v1p1beta1/proto/finding.proto new file mode 100644 index 00000000..6428027d --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/finding.proto @@ -0,0 +1,111 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.cloud.securitycenter.v1p1beta1; + +import "google/api/annotations.proto"; +import "google/api/field_behavior.proto"; +import "google/api/resource.proto"; +import "google/cloud/securitycenter/v1p1beta1/security_marks.proto"; +import "google/protobuf/struct.proto"; +import "google/protobuf/timestamp.proto"; + +option csharp_namespace = "Google.Cloud.SecurityCenter.V1P1Beta1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter"; +option java_multiple_files = true; +option java_package = "com.google.cloud.securitycenter.v1p1beta1"; +option php_namespace = "Google\\Cloud\\SecurityCenter\\V1p1beta1"; +option ruby_package = "Google::Cloud::SecurityCenter::V1p1beta1"; + +// Cloud Security Command Center (Cloud SCC) finding. +// +// A finding is a record of assessment data (security, risk, health or privacy) +// ingested into Cloud SCC for presentation, notification, analysis, +// policy testing, and enforcement. For example, an XSS vulnerability in an +// App Engine application is a finding. +message Finding { + option (google.api.resource) = { + type: "securitycenter.googleapis.com/Finding" + pattern: "organizations/{organization}/sources/{source}/findings/{finding}" + }; + + // The state of the finding. + enum State { + // Unspecified state. + STATE_UNSPECIFIED = 0; + + // The finding requires attention and has not been addressed yet. + ACTIVE = 1; + + // The finding has been fixed, triaged as a non-issue or otherwise addressed + // and is no longer active. + INACTIVE = 2; + } + + // The relative resource name of this finding. See: + // https://cloud.google.com/apis/design/resource_names#relative_resource_name + // Example: + // "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}" + string name = 1; + + // The relative resource name of the source the finding belongs to. See: + // https://cloud.google.com/apis/design/resource_names#relative_resource_name + // This field is immutable after creation time. + // For example: + // "organizations/{organization_id}/sources/{source_id}" + string parent = 2; + + // For findings on Google Cloud Platform (GCP) resources, the full resource + // name of the GCP resource this finding is for. See: + // https://cloud.google.com/apis/design/resource_names#full_resource_name + // When the finding is for a non-GCP resource, the resourceName can be a + // customer or partner defined string. + // This field is immutable after creation time. + string resource_name = 3; + + // The state of the finding. + State state = 4; + + // The additional taxonomy group within findings from a given source. + // This field is immutable after creation time. + // Example: "XSS_FLASH_INJECTION" + string category = 5; + + // The URI that, if available, points to a web page outside of Cloud SCC + // where additional information about the finding can be found. This field is + // guaranteed to be either empty or a well formed URL. + string external_uri = 6; + + // Source specific properties. These properties are managed by the source + // that writes the finding. The key names in the source_properties map must be + // between 1 and 255 characters, and must start with a letter and contain + // alphanumeric characters or underscores only. + map source_properties = 7; + + // Output only. User specified security marks. These marks are entirely + // managed by the user and come from the SecurityMarks resource that belongs + // to the finding. + SecurityMarks security_marks = 8 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // The time at which the event took place. For example, if the finding + // represents an open firewall it would capture the time the detector believes + // the firewall became open. The accuracy is determined by the detector. + google.protobuf.Timestamp event_time = 9; + + // The time at which the finding was created in Cloud SCC. + google.protobuf.Timestamp create_time = 10; +} diff --git a/google/cloud/securitycenter_v1p1beta1/proto/finding_pb2.py b/google/cloud/securitycenter_v1p1beta1/proto/finding_pb2.py new file mode 100644 index 00000000..b2e35bb4 --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/finding_pb2.py @@ -0,0 +1,440 @@ +# -*- coding: utf-8 -*- +# Generated by the protocol buffer compiler. DO NOT EDIT! +# source: google/cloud/securitycenter_v1p1beta1/proto/finding.proto + +import sys + +_b = sys.version_info[0] < 3 and (lambda x: x) or (lambda x: x.encode("latin1")) +from google.protobuf import descriptor as _descriptor +from google.protobuf import message as _message +from google.protobuf import reflection as _reflection +from google.protobuf import symbol_database as _symbol_database + +# @@protoc_insertion_point(imports) + +_sym_db = _symbol_database.Default() + + +from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 +from google.api import field_behavior_pb2 as google_dot_api_dot_field__behavior__pb2 +from google.api import resource_pb2 as google_dot_api_dot_resource__pb2 +from google.cloud.securitycenter_v1p1beta1.proto import ( + security_marks_pb2 as google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_security__marks__pb2, +) +from google.protobuf import struct_pb2 as google_dot_protobuf_dot_struct__pb2 +from google.protobuf import timestamp_pb2 as google_dot_protobuf_dot_timestamp__pb2 + + +DESCRIPTOR = _descriptor.FileDescriptor( + name="google/cloud/securitycenter_v1p1beta1/proto/finding.proto", + package="google.cloud.securitycenter.v1p1beta1", + syntax="proto3", + serialized_options=_b( + "\n)com.google.cloud.securitycenter.v1p1beta1P\001ZSgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter\252\002%Google.Cloud.SecurityCenter.V1P1Beta1\312\002%Google\\Cloud\\SecurityCenter\\V1p1beta1\352\002(Google::Cloud::SecurityCenter::V1p1beta1" + ), + serialized_pb=_b( + '\n9google/cloud/securitycenter_v1p1beta1/proto/finding.proto\x12%google.cloud.securitycenter.v1p1beta1\x1a\x1cgoogle/api/annotations.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a@google/cloud/securitycenter_v1p1beta1/proto/security_marks.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a\x1fgoogle/protobuf/timestamp.proto"\xb9\x05\n\x07\x46inding\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x0e\n\x06parent\x18\x02 \x01(\t\x12\x15\n\rresource_name\x18\x03 \x01(\t\x12\x43\n\x05state\x18\x04 \x01(\x0e\x32\x34.google.cloud.securitycenter.v1p1beta1.Finding.State\x12\x10\n\x08\x63\x61tegory\x18\x05 \x01(\t\x12\x14\n\x0c\x65xternal_uri\x18\x06 \x01(\t\x12_\n\x11source_properties\x18\x07 \x03(\x0b\x32\x44.google.cloud.securitycenter.v1p1beta1.Finding.SourcePropertiesEntry\x12Q\n\x0esecurity_marks\x18\x08 \x01(\x0b\x32\x34.google.cloud.securitycenter.v1p1beta1.SecurityMarksB\x03\xe0\x41\x03\x12.\n\nevent_time\x18\t \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12/\n\x0b\x63reate_time\x18\n \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x1aO\n\x15SourcePropertiesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12%\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.Value:\x02\x38\x01"8\n\x05State\x12\x15\n\x11STATE_UNSPECIFIED\x10\x00\x12\n\n\x06\x41\x43TIVE\x10\x01\x12\x0c\n\x08INACTIVE\x10\x02:l\xea\x41i\n%securitycenter.googleapis.com/Finding\x12@organizations/{organization}/sources/{source}/findings/{finding}B\xfd\x01\n)com.google.cloud.securitycenter.v1p1beta1P\x01ZSgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter\xaa\x02%Google.Cloud.SecurityCenter.V1P1Beta1\xca\x02%Google\\Cloud\\SecurityCenter\\V1p1beta1\xea\x02(Google::Cloud::SecurityCenter::V1p1beta1b\x06proto3' + ), + dependencies=[ + google_dot_api_dot_annotations__pb2.DESCRIPTOR, + google_dot_api_dot_field__behavior__pb2.DESCRIPTOR, + google_dot_api_dot_resource__pb2.DESCRIPTOR, + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_security__marks__pb2.DESCRIPTOR, + google_dot_protobuf_dot_struct__pb2.DESCRIPTOR, + google_dot_protobuf_dot_timestamp__pb2.DESCRIPTOR, + ], +) + + +_FINDING_STATE = _descriptor.EnumDescriptor( + name="State", + full_name="google.cloud.securitycenter.v1p1beta1.Finding.State", + filename=None, + file=DESCRIPTOR, + values=[ + _descriptor.EnumValueDescriptor( + name="STATE_UNSPECIFIED", + index=0, + number=0, + serialized_options=None, + type=None, + ), + _descriptor.EnumValueDescriptor( + name="ACTIVE", index=1, number=1, serialized_options=None, type=None + ), + _descriptor.EnumValueDescriptor( + name="INACTIVE", index=2, number=2, serialized_options=None, type=None + ), + ], + containing_type=None, + serialized_options=None, + serialized_start=851, + serialized_end=907, +) +_sym_db.RegisterEnumDescriptor(_FINDING_STATE) + + +_FINDING_SOURCEPROPERTIESENTRY = _descriptor.Descriptor( + name="SourcePropertiesEntry", + full_name="google.cloud.securitycenter.v1p1beta1.Finding.SourcePropertiesEntry", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="key", + full_name="google.cloud.securitycenter.v1p1beta1.Finding.SourcePropertiesEntry.key", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="value", + full_name="google.cloud.securitycenter.v1p1beta1.Finding.SourcePropertiesEntry.value", + index=1, + number=2, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=_b("8\001"), + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=770, + serialized_end=849, +) + +_FINDING = _descriptor.Descriptor( + name="Finding", + full_name="google.cloud.securitycenter.v1p1beta1.Finding", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="name", + full_name="google.cloud.securitycenter.v1p1beta1.Finding.name", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="parent", + full_name="google.cloud.securitycenter.v1p1beta1.Finding.parent", + index=1, + number=2, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="resource_name", + full_name="google.cloud.securitycenter.v1p1beta1.Finding.resource_name", + index=2, + number=3, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="state", + full_name="google.cloud.securitycenter.v1p1beta1.Finding.state", + index=3, + number=4, + type=14, + cpp_type=8, + label=1, + has_default_value=False, + default_value=0, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="category", + full_name="google.cloud.securitycenter.v1p1beta1.Finding.category", + index=4, + number=5, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="external_uri", + full_name="google.cloud.securitycenter.v1p1beta1.Finding.external_uri", + index=5, + number=6, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="source_properties", + full_name="google.cloud.securitycenter.v1p1beta1.Finding.source_properties", + index=6, + number=7, + type=11, + cpp_type=10, + label=3, + has_default_value=False, + default_value=[], + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="security_marks", + full_name="google.cloud.securitycenter.v1p1beta1.Finding.security_marks", + index=7, + number=8, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b("\340A\003"), + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="event_time", + full_name="google.cloud.securitycenter.v1p1beta1.Finding.event_time", + index=8, + number=9, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="create_time", + full_name="google.cloud.securitycenter.v1p1beta1.Finding.create_time", + index=9, + number=10, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[_FINDING_SOURCEPROPERTIESENTRY,], + enum_types=[_FINDING_STATE,], + serialized_options=_b( + "\352Ai\n%securitycenter.googleapis.com/Finding\022@organizations/{organization}/sources/{source}/findings/{finding}" + ), + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=320, + serialized_end=1017, +) + +_FINDING_SOURCEPROPERTIESENTRY.fields_by_name[ + "value" +].message_type = google_dot_protobuf_dot_struct__pb2._VALUE +_FINDING_SOURCEPROPERTIESENTRY.containing_type = _FINDING +_FINDING.fields_by_name["state"].enum_type = _FINDING_STATE +_FINDING.fields_by_name[ + "source_properties" +].message_type = _FINDING_SOURCEPROPERTIESENTRY +_FINDING.fields_by_name[ + "security_marks" +].message_type = ( + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_security__marks__pb2._SECURITYMARKS +) +_FINDING.fields_by_name[ + "event_time" +].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP +_FINDING.fields_by_name[ + "create_time" +].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP +_FINDING_STATE.containing_type = _FINDING +DESCRIPTOR.message_types_by_name["Finding"] = _FINDING +_sym_db.RegisterFileDescriptor(DESCRIPTOR) + +Finding = _reflection.GeneratedProtocolMessageType( + "Finding", + (_message.Message,), + dict( + SourcePropertiesEntry=_reflection.GeneratedProtocolMessageType( + "SourcePropertiesEntry", + (_message.Message,), + dict( + DESCRIPTOR=_FINDING_SOURCEPROPERTIESENTRY, + __module__="google.cloud.securitycenter_v1p1beta1.proto.finding_pb2" + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.Finding.SourcePropertiesEntry) + ), + ), + DESCRIPTOR=_FINDING, + __module__="google.cloud.securitycenter_v1p1beta1.proto.finding_pb2", + __doc__="""Cloud Security Command Center (Cloud SCC) finding. + + A finding is a record of assessment data (security, risk, health or + privacy) ingested into Cloud SCC for presentation, notification, + analysis, policy testing, and enforcement. For example, an XSS + vulnerability in an App Engine application is a finding. + + + Attributes: + name: + The relative resource name of this finding. See: https://cloud + .google.com/apis/design/resource\_names#relative\_resource\_na + me Example: "organizations/{organization\_id}/sources/{source\ + _id}/findings/{finding\_id}" + parent: + The relative resource name of the source the finding belongs + to. See: https://cloud.google.com/apis/design/resource\_names# + relative\_resource\_name This field is immutable after + creation time. For example: + "organizations/{organization\_id}/sources/{source\_id}" + resource_name: + For findings on Google Cloud Platform (GCP) resources, the + full resource name of the GCP resource this finding is for. + See: https://cloud.google.com/apis/design/resource\_names#full + \_resource\_name When the finding is for a non-GCP resource, + the resourceName can be a customer or partner defined string. + This field is immutable after creation time. + state: + The state of the finding. + category: + The additional taxonomy group within findings from a given + source. This field is immutable after creation time. Example: + "XSS\_FLASH\_INJECTION" + external_uri: + The URI that, if available, points to a web page outside of + Cloud SCC where additional information about the finding can + be found. This field is guaranteed to be either empty or a + well formed URL. + source_properties: + Source specific properties. These properties are managed by + the source that writes the finding. The key names in the + source\_properties map must be between 1 and 255 characters, + and must start with a letter and contain alphanumeric + characters or underscores only. + security_marks: + Output only. User specified security marks. These marks are + entirely managed by the user and come from the SecurityMarks + resource that belongs to the finding. + event_time: + The time at which the event took place. For example, if the + finding represents an open firewall it would capture the time + the detector believes the firewall became open. The accuracy + is determined by the detector. + create_time: + The time at which the finding was created in Cloud SCC. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.Finding) + ), +) +_sym_db.RegisterMessage(Finding) +_sym_db.RegisterMessage(Finding.SourcePropertiesEntry) + + +DESCRIPTOR._options = None +_FINDING_SOURCEPROPERTIESENTRY._options = None +_FINDING.fields_by_name["security_marks"]._options = None +_FINDING._options = None +# @@protoc_insertion_point(module_scope) diff --git a/google/cloud/securitycenter_v1p1beta1/proto/finding_pb2_grpc.py b/google/cloud/securitycenter_v1p1beta1/proto/finding_pb2_grpc.py new file mode 100644 index 00000000..07cb78fe --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/finding_pb2_grpc.py @@ -0,0 +1,2 @@ +# Generated by the gRPC Python protocol compiler plugin. DO NOT EDIT! +import grpc diff --git a/google/cloud/securitycenter_v1p1beta1/proto/notification_config.proto b/google/cloud/securitycenter_v1p1beta1/proto/notification_config.proto new file mode 100644 index 00000000..7cbb87b2 --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/notification_config.proto @@ -0,0 +1,112 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.cloud.securitycenter.v1p1beta1; + +import "google/api/annotations.proto"; +import "google/api/field_behavior.proto"; +import "google/api/resource.proto"; + +option csharp_namespace = "Google.Cloud.SecurityCenter.V1P1Beta1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter"; +option java_multiple_files = true; +option java_package = "com.google.cloud.securitycenter.v1p1beta1"; +option php_namespace = "Google\\Cloud\\SecurityCenter\\V1p1beta1"; +option ruby_package = "Google::Cloud::SecurityCenter::V1p1beta1"; + +// The Pub/Sub Topic resource definition is in google/cloud/pubsub/v1/, +// but we do not import that proto directly; therefore, we redefine the +// pattern here. +option (google.api.resource_definition) = { + type: "pubsub.googleapis.com/Topic" + pattern: "projects/{project}/topics/{topic}" +}; + +// Cloud Security Command Center (Cloud SCC) notification configs. +// +// A notification config is a Cloud SCC resource that contains the configuration +// to send notifications for create/update events of findings, assets and etc. +message NotificationConfig { + option (google.api.resource) = { + type: "securitycenter.googleapis.com/NotificationConfig" + pattern: "organizations/{organization}/notificationConfigs/{notification_config}" + }; + + // The config for streaming-based notifications, which send each event as soon + // as it is detected. + message StreamingConfig { + // Expression that defines the filter to apply across create/update events + // of assets or findings as specified by the event type. The expression is a + // list of zero or more restrictions combined via logical operators `AND` + // and `OR`. Parentheses are supported, and `OR` has higher precedence than + // `AND`. + // + // Restrictions have the form ` ` and may have a + // `-` character in front of them to indicate negation. The fields map to + // those defined in the corresponding resource. + // + // The supported operators are: + // + // * `=` for all value types. + // * `>`, `<`, `>=`, `<=` for integer values. + // * `:`, meaning substring matching, for strings. + // + // The supported value types are: + // + // * string literals in quotes. + // * integer literals without quotes. + // * boolean literals `true` and `false` without quotes. + string filter = 1; + } + + // The type of events. + enum EventType { + // Unspecified event type. + EVENT_TYPE_UNSPECIFIED = 0; + + // Events for findings. + FINDING = 1; + } + + // The relative resource name of this notification config. See: + // https://cloud.google.com/apis/design/resource_names#relative_resource_name + // Example: + // "organizations/{organization_id}/notificationConfigs/notify_public_bucket". + string name = 1; + + // The description of the notification config (max of 1024 characters). + string description = 2; + + // The type of events the config is for, e.g. FINDING. + EventType event_type = 3; + + // The PubSub topic to send notifications to. Its format is + // "projects/[project_id]/topics/[topic]". + string pubsub_topic = 4 [ + (google.api.resource_reference) = { type: "pubsub.googleapis.com/Topic" } + ]; + + // Output only. The service account that needs "pubsub.topics.publish" + // permission to publish to the PubSub topic. + string service_account = 5 [(google.api.field_behavior) = OUTPUT_ONLY]; + + // The config for triggering notifications. + oneof notify_config { + // The config for triggering streaming-based notifications. + StreamingConfig streaming_config = 6; + } +} diff --git a/google/cloud/securitycenter_v1p1beta1/proto/notification_config_pb2.py b/google/cloud/securitycenter_v1p1beta1/proto/notification_config_pb2.py new file mode 100644 index 00000000..c04b9474 --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/notification_config_pb2.py @@ -0,0 +1,337 @@ +# -*- coding: utf-8 -*- +# Generated by the protocol buffer compiler. DO NOT EDIT! +# source: google/cloud/securitycenter_v1p1beta1/proto/notification_config.proto + +import sys + +_b = sys.version_info[0] < 3 and (lambda x: x) or (lambda x: x.encode("latin1")) +from google.protobuf import descriptor as _descriptor +from google.protobuf import message as _message +from google.protobuf import reflection as _reflection +from google.protobuf import symbol_database as _symbol_database + +# @@protoc_insertion_point(imports) + +_sym_db = _symbol_database.Default() + + +from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 +from google.api import field_behavior_pb2 as google_dot_api_dot_field__behavior__pb2 +from google.api import resource_pb2 as google_dot_api_dot_resource__pb2 + + +DESCRIPTOR = _descriptor.FileDescriptor( + name="google/cloud/securitycenter_v1p1beta1/proto/notification_config.proto", + package="google.cloud.securitycenter.v1p1beta1", + syntax="proto3", + serialized_options=_b( + "\n)com.google.cloud.securitycenter.v1p1beta1P\001ZSgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter\252\002%Google.Cloud.SecurityCenter.V1P1Beta1\312\002%Google\\Cloud\\SecurityCenter\\V1p1beta1\352\002(Google::Cloud::SecurityCenter::V1p1beta1\352A@\n\033pubsub.googleapis.com/Topic\022!projects/{project}/topics/{topic}" + ), + serialized_pb=_b( + '\nEgoogle/cloud/securitycenter_v1p1beta1/proto/notification_config.proto\x12%google.cloud.securitycenter.v1p1beta1\x1a\x1cgoogle/api/annotations.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto"\xb6\x04\n\x12NotificationConfig\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x13\n\x0b\x64\x65scription\x18\x02 \x01(\t\x12W\n\nevent_type\x18\x03 \x01(\x0e\x32\x43.google.cloud.securitycenter.v1p1beta1.NotificationConfig.EventType\x12\x36\n\x0cpubsub_topic\x18\x04 \x01(\tB \xfa\x41\x1d\n\x1bpubsub.googleapis.com/Topic\x12\x1c\n\x0fservice_account\x18\x05 \x01(\tB\x03\xe0\x41\x03\x12\x65\n\x10streaming_config\x18\x06 \x01(\x0b\x32I.google.cloud.securitycenter.v1p1beta1.NotificationConfig.StreamingConfigH\x00\x1a!\n\x0fStreamingConfig\x12\x0e\n\x06\x66ilter\x18\x01 \x01(\t"4\n\tEventType\x12\x1a\n\x16\x45VENT_TYPE_UNSPECIFIED\x10\x00\x12\x0b\n\x07\x46INDING\x10\x01:}\xea\x41z\n0securitycenter.googleapis.com/NotificationConfig\x12\x46organizations/{organization}/notificationConfigs/{notification_config}B\x0f\n\rnotify_configB\xc0\x02\n)com.google.cloud.securitycenter.v1p1beta1P\x01ZSgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter\xaa\x02%Google.Cloud.SecurityCenter.V1P1Beta1\xca\x02%Google\\Cloud\\SecurityCenter\\V1p1beta1\xea\x02(Google::Cloud::SecurityCenter::V1p1beta1\xea\x41@\n\x1bpubsub.googleapis.com/Topic\x12!projects/{project}/topics/{topic}b\x06proto3' + ), + dependencies=[ + google_dot_api_dot_annotations__pb2.DESCRIPTOR, + google_dot_api_dot_field__behavior__pb2.DESCRIPTOR, + google_dot_api_dot_resource__pb2.DESCRIPTOR, + ], +) + + +_NOTIFICATIONCONFIG_EVENTTYPE = _descriptor.EnumDescriptor( + name="EventType", + full_name="google.cloud.securitycenter.v1p1beta1.NotificationConfig.EventType", + filename=None, + file=DESCRIPTOR, + values=[ + _descriptor.EnumValueDescriptor( + name="EVENT_TYPE_UNSPECIFIED", + index=0, + number=0, + serialized_options=None, + type=None, + ), + _descriptor.EnumValueDescriptor( + name="FINDING", index=1, number=1, serialized_options=None, type=None + ), + ], + containing_type=None, + serialized_options=None, + serialized_start=573, + serialized_end=625, +) +_sym_db.RegisterEnumDescriptor(_NOTIFICATIONCONFIG_EVENTTYPE) + + +_NOTIFICATIONCONFIG_STREAMINGCONFIG = _descriptor.Descriptor( + name="StreamingConfig", + full_name="google.cloud.securitycenter.v1p1beta1.NotificationConfig.StreamingConfig", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="filter", + full_name="google.cloud.securitycenter.v1p1beta1.NotificationConfig.StreamingConfig.filter", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=538, + serialized_end=571, +) + +_NOTIFICATIONCONFIG = _descriptor.Descriptor( + name="NotificationConfig", + full_name="google.cloud.securitycenter.v1p1beta1.NotificationConfig", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="name", + full_name="google.cloud.securitycenter.v1p1beta1.NotificationConfig.name", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="description", + full_name="google.cloud.securitycenter.v1p1beta1.NotificationConfig.description", + index=1, + number=2, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="event_type", + full_name="google.cloud.securitycenter.v1p1beta1.NotificationConfig.event_type", + index=2, + number=3, + type=14, + cpp_type=8, + label=1, + has_default_value=False, + default_value=0, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="pubsub_topic", + full_name="google.cloud.securitycenter.v1p1beta1.NotificationConfig.pubsub_topic", + index=3, + number=4, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b("\372A\035\n\033pubsub.googleapis.com/Topic"), + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="service_account", + full_name="google.cloud.securitycenter.v1p1beta1.NotificationConfig.service_account", + index=4, + number=5, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b("\340A\003"), + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="streaming_config", + full_name="google.cloud.securitycenter.v1p1beta1.NotificationConfig.streaming_config", + index=5, + number=6, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[_NOTIFICATIONCONFIG_STREAMINGCONFIG,], + enum_types=[_NOTIFICATIONCONFIG_EVENTTYPE,], + serialized_options=_b( + "\352Az\n0securitycenter.googleapis.com/NotificationConfig\022Forganizations/{organization}/notificationConfigs/{notification_config}" + ), + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[ + _descriptor.OneofDescriptor( + name="notify_config", + full_name="google.cloud.securitycenter.v1p1beta1.NotificationConfig.notify_config", + index=0, + containing_type=None, + fields=[], + ), + ], + serialized_start=203, + serialized_end=769, +) + +_NOTIFICATIONCONFIG_STREAMINGCONFIG.containing_type = _NOTIFICATIONCONFIG +_NOTIFICATIONCONFIG.fields_by_name[ + "event_type" +].enum_type = _NOTIFICATIONCONFIG_EVENTTYPE +_NOTIFICATIONCONFIG.fields_by_name[ + "streaming_config" +].message_type = _NOTIFICATIONCONFIG_STREAMINGCONFIG +_NOTIFICATIONCONFIG_EVENTTYPE.containing_type = _NOTIFICATIONCONFIG +_NOTIFICATIONCONFIG.oneofs_by_name["notify_config"].fields.append( + _NOTIFICATIONCONFIG.fields_by_name["streaming_config"] +) +_NOTIFICATIONCONFIG.fields_by_name[ + "streaming_config" +].containing_oneof = _NOTIFICATIONCONFIG.oneofs_by_name["notify_config"] +DESCRIPTOR.message_types_by_name["NotificationConfig"] = _NOTIFICATIONCONFIG +_sym_db.RegisterFileDescriptor(DESCRIPTOR) + +NotificationConfig = _reflection.GeneratedProtocolMessageType( + "NotificationConfig", + (_message.Message,), + dict( + StreamingConfig=_reflection.GeneratedProtocolMessageType( + "StreamingConfig", + (_message.Message,), + dict( + DESCRIPTOR=_NOTIFICATIONCONFIG_STREAMINGCONFIG, + __module__="google.cloud.securitycenter_v1p1beta1.proto.notification_config_pb2", + __doc__="""The config for streaming-based notifications, which send + each event as soon as it is detected. + + + Attributes: + filter: + Expression that defines the filter to apply across + create/update events of assets or findings as specified by the + event type. The expression is a list of zero or more + restrictions combined via logical operators ``AND`` and + ``OR``. Parentheses are supported, and ``OR`` has higher + precedence than ``AND``. Restrictions have the form `` + `` and may have a ``-`` character in front + of them to indicate negation. The fields map to those defined + in the corresponding resource. The supported operators are: + - ``=`` for all value types. - ``>``, ``<``, ``>=``, ``<=`` + for integer values. - ``:``, meaning substring matching, for + strings. The supported value types are: - string literals + in quotes. - integer literals without quotes. - boolean + literals ``true`` and ``false`` without quotes. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.NotificationConfig.StreamingConfig) + ), + ), + DESCRIPTOR=_NOTIFICATIONCONFIG, + __module__="google.cloud.securitycenter_v1p1beta1.proto.notification_config_pb2", + __doc__="""Cloud Security Command Center (Cloud SCC) notification + configs. + + A notification config is a Cloud SCC resource that contains the + configuration to send notifications for create/update events of + findings, assets and etc. + + + Attributes: + name: + The relative resource name of this notification config. See: h + ttps://cloud.google.com/apis/design/resource\_names#relative\_ + resource\_name Example: "organizations/{organization\_id}/noti + ficationConfigs/notify\_public\_bucket". + description: + The description of the notification config (max of 1024 + characters). + event_type: + The type of events the config is for, e.g. FINDING. + pubsub_topic: + The PubSub topic to send notifications to. Its format is + "projects/[project\_id]/topics/[topic]". + service_account: + Output only. The service account that needs + "pubsub.topics.publish" permission to publish to the PubSub + topic. + notify_config: + The config for triggering notifications. + streaming_config: + The config for triggering streaming-based notifications. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.NotificationConfig) + ), +) +_sym_db.RegisterMessage(NotificationConfig) +_sym_db.RegisterMessage(NotificationConfig.StreamingConfig) + + +DESCRIPTOR._options = None +_NOTIFICATIONCONFIG.fields_by_name["pubsub_topic"]._options = None +_NOTIFICATIONCONFIG.fields_by_name["service_account"]._options = None +_NOTIFICATIONCONFIG._options = None +# @@protoc_insertion_point(module_scope) diff --git a/google/cloud/securitycenter_v1p1beta1/proto/notification_config_pb2_grpc.py b/google/cloud/securitycenter_v1p1beta1/proto/notification_config_pb2_grpc.py new file mode 100644 index 00000000..07cb78fe --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/notification_config_pb2_grpc.py @@ -0,0 +1,2 @@ +# Generated by the gRPC Python protocol compiler plugin. DO NOT EDIT! +import grpc diff --git a/google/cloud/securitycenter_v1p1beta1/proto/notification_message.proto b/google/cloud/securitycenter_v1p1beta1/proto/notification_message.proto new file mode 100644 index 00000000..3abbcef3 --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/notification_message.proto @@ -0,0 +1,42 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.cloud.securitycenter.v1p1beta1; + +import "google/api/annotations.proto"; +import "google/cloud/securitycenter/v1p1beta1/asset.proto"; +import "google/cloud/securitycenter/v1p1beta1/finding.proto"; + +option csharp_namespace = "Google.Cloud.SecurityCenter.V1P1Beta1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter"; +option java_multiple_files = true; +option java_package = "com.google.cloud.securitycenter.v1p1beta1"; +option php_namespace = "Google\\Cloud\\SecurityCenter\\V1p1beta1"; +option ruby_package = "Google::Cloud::SecurityCenter::V1p1beta1"; + +// Cloud SCC's Notification +message NotificationMessage { + // Name of the notification config that generated current notification. + string notification_config_name = 1; + + // Notification Event. + oneof event { + // If it's a Finding based notification config, this field will be + // populated. + Finding finding = 2; + } +} diff --git a/google/cloud/securitycenter_v1p1beta1/proto/notification_message_pb2.py b/google/cloud/securitycenter_v1p1beta1/proto/notification_message_pb2.py new file mode 100644 index 00000000..7a3f9848 --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/notification_message_pb2.py @@ -0,0 +1,149 @@ +# -*- coding: utf-8 -*- +# Generated by the protocol buffer compiler. DO NOT EDIT! +# source: google/cloud/securitycenter_v1p1beta1/proto/notification_message.proto + +import sys + +_b = sys.version_info[0] < 3 and (lambda x: x) or (lambda x: x.encode("latin1")) +from google.protobuf import descriptor as _descriptor +from google.protobuf import message as _message +from google.protobuf import reflection as _reflection +from google.protobuf import symbol_database as _symbol_database + +# @@protoc_insertion_point(imports) + +_sym_db = _symbol_database.Default() + + +from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 +from google.cloud.securitycenter_v1p1beta1.proto import ( + asset_pb2 as google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_asset__pb2, +) +from google.cloud.securitycenter_v1p1beta1.proto import ( + finding_pb2 as google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_finding__pb2, +) + + +DESCRIPTOR = _descriptor.FileDescriptor( + name="google/cloud/securitycenter_v1p1beta1/proto/notification_message.proto", + package="google.cloud.securitycenter.v1p1beta1", + syntax="proto3", + serialized_options=_b( + "\n)com.google.cloud.securitycenter.v1p1beta1P\001ZSgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter\252\002%Google.Cloud.SecurityCenter.V1P1Beta1\312\002%Google\\Cloud\\SecurityCenter\\V1p1beta1\352\002(Google::Cloud::SecurityCenter::V1p1beta1" + ), + serialized_pb=_b( + '\nFgoogle/cloud/securitycenter_v1p1beta1/proto/notification_message.proto\x12%google.cloud.securitycenter.v1p1beta1\x1a\x1cgoogle/api/annotations.proto\x1a\x37google/cloud/securitycenter_v1p1beta1/proto/asset.proto\x1a\x39google/cloud/securitycenter_v1p1beta1/proto/finding.proto"\x83\x01\n\x13NotificationMessage\x12 \n\x18notification_config_name\x18\x01 \x01(\t\x12\x41\n\x07\x66inding\x18\x02 \x01(\x0b\x32..google.cloud.securitycenter.v1p1beta1.FindingH\x00\x42\x07\n\x05\x65ventB\xfd\x01\n)com.google.cloud.securitycenter.v1p1beta1P\x01ZSgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter\xaa\x02%Google.Cloud.SecurityCenter.V1P1Beta1\xca\x02%Google\\Cloud\\SecurityCenter\\V1p1beta1\xea\x02(Google::Cloud::SecurityCenter::V1p1beta1b\x06proto3' + ), + dependencies=[ + google_dot_api_dot_annotations__pb2.DESCRIPTOR, + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_asset__pb2.DESCRIPTOR, + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_finding__pb2.DESCRIPTOR, + ], +) + + +_NOTIFICATIONMESSAGE = _descriptor.Descriptor( + name="NotificationMessage", + full_name="google.cloud.securitycenter.v1p1beta1.NotificationMessage", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="notification_config_name", + full_name="google.cloud.securitycenter.v1p1beta1.NotificationMessage.notification_config_name", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="finding", + full_name="google.cloud.securitycenter.v1p1beta1.NotificationMessage.finding", + index=1, + number=2, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[ + _descriptor.OneofDescriptor( + name="event", + full_name="google.cloud.securitycenter.v1p1beta1.NotificationMessage.event", + index=0, + containing_type=None, + fields=[], + ), + ], + serialized_start=260, + serialized_end=391, +) + +_NOTIFICATIONMESSAGE.fields_by_name[ + "finding" +].message_type = ( + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_finding__pb2._FINDING +) +_NOTIFICATIONMESSAGE.oneofs_by_name["event"].fields.append( + _NOTIFICATIONMESSAGE.fields_by_name["finding"] +) +_NOTIFICATIONMESSAGE.fields_by_name[ + "finding" +].containing_oneof = _NOTIFICATIONMESSAGE.oneofs_by_name["event"] +DESCRIPTOR.message_types_by_name["NotificationMessage"] = _NOTIFICATIONMESSAGE +_sym_db.RegisterFileDescriptor(DESCRIPTOR) + +NotificationMessage = _reflection.GeneratedProtocolMessageType( + "NotificationMessage", + (_message.Message,), + dict( + DESCRIPTOR=_NOTIFICATIONMESSAGE, + __module__="google.cloud.securitycenter_v1p1beta1.proto.notification_message_pb2", + __doc__="""Cloud SCC's Notification + + + Attributes: + notification_config_name: + Name of the notification config that generated current + notification. + event: + Notification Event. + finding: + If it's a Finding based notification config, this field will + be populated. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.NotificationMessage) + ), +) +_sym_db.RegisterMessage(NotificationMessage) + + +DESCRIPTOR._options = None +# @@protoc_insertion_point(module_scope) diff --git a/google/cloud/securitycenter_v1p1beta1/proto/notification_message_pb2_grpc.py b/google/cloud/securitycenter_v1p1beta1/proto/notification_message_pb2_grpc.py new file mode 100644 index 00000000..07cb78fe --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/notification_message_pb2_grpc.py @@ -0,0 +1,2 @@ +# Generated by the gRPC Python protocol compiler plugin. DO NOT EDIT! +import grpc diff --git a/google/cloud/securitycenter_v1p1beta1/proto/organization_settings.proto b/google/cloud/securitycenter_v1p1beta1/proto/organization_settings.proto new file mode 100644 index 00000000..9c38b87b --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/organization_settings.proto @@ -0,0 +1,83 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.cloud.securitycenter.v1p1beta1; + +import "google/api/annotations.proto"; +import "google/api/resource.proto"; + +option csharp_namespace = "Google.Cloud.SecurityCenter.V1P1Beta1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter"; +option java_multiple_files = true; +option java_package = "com.google.cloud.securitycenter.v1p1beta1"; +option php_namespace = "Google\\Cloud\\SecurityCenter\\V1p1beta1"; +option ruby_package = "Google::Cloud::SecurityCenter::V1p1beta1"; + +// User specified settings that are attached to the Cloud Security Command +// Center (Cloud SCC) organization. +message OrganizationSettings { + option (google.api.resource) = { + type: "securitycenter.googleapis.com/OrganizationSettings" + pattern: "organizations/{organization}/organizationSettings" + }; + + // The configuration used for Asset Discovery runs. + message AssetDiscoveryConfig { + // The mode of inclusion when running Asset Discovery. + // Asset discovery can be limited by explicitly identifying projects to be + // included or excluded. If INCLUDE_ONLY is set, then only those projects + // within the organization and their children are discovered during asset + // discovery. If EXCLUDE is set, then projects that don't match those + // projects are discovered during asset discovery. If neither are set, then + // all projects within the organization are discovered during asset + // discovery. + enum InclusionMode { + // Unspecified. Setting the mode with this value will disable + // inclusion/exclusion filtering for Asset Discovery. + INCLUSION_MODE_UNSPECIFIED = 0; + + // Asset Discovery will capture only the resources within the projects + // specified. All other resources will be ignored. + INCLUDE_ONLY = 1; + + // Asset Discovery will ignore all resources under the projects specified. + // All other resources will be retrieved. + EXCLUDE = 2; + } + + // The project ids to use for filtering asset discovery. + repeated string project_ids = 1; + + // The mode to use for filtering asset discovery. + InclusionMode inclusion_mode = 2; + } + + // The relative resource name of the settings. See: + // https://cloud.google.com/apis/design/resource_names#relative_resource_name + // Example: + // "organizations/{organization_id}/organizationSettings". + string name = 1; + + // A flag that indicates if Asset Discovery should be enabled. If the flag is + // set to `true`, then discovery of assets will occur. If it is set to `false, + // all historical assets will remain, but discovery of future assets will not + // occur. + bool enable_asset_discovery = 2; + + // The configuration used for Asset Discovery runs. + AssetDiscoveryConfig asset_discovery_config = 3; +} diff --git a/google/cloud/securitycenter_v1p1beta1/proto/organization_settings_pb2.py b/google/cloud/securitycenter_v1p1beta1/proto/organization_settings_pb2.py new file mode 100644 index 00000000..7bb63331 --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/organization_settings_pb2.py @@ -0,0 +1,263 @@ +# -*- coding: utf-8 -*- +# Generated by the protocol buffer compiler. DO NOT EDIT! +# source: google/cloud/securitycenter_v1p1beta1/proto/organization_settings.proto + +import sys + +_b = sys.version_info[0] < 3 and (lambda x: x) or (lambda x: x.encode("latin1")) +from google.protobuf import descriptor as _descriptor +from google.protobuf import message as _message +from google.protobuf import reflection as _reflection +from google.protobuf import symbol_database as _symbol_database + +# @@protoc_insertion_point(imports) + +_sym_db = _symbol_database.Default() + + +from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 +from google.api import resource_pb2 as google_dot_api_dot_resource__pb2 + + +DESCRIPTOR = _descriptor.FileDescriptor( + name="google/cloud/securitycenter_v1p1beta1/proto/organization_settings.proto", + package="google.cloud.securitycenter.v1p1beta1", + syntax="proto3", + serialized_options=_b( + "\n)com.google.cloud.securitycenter.v1p1beta1P\001ZSgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter\252\002%Google.Cloud.SecurityCenter.V1P1Beta1\312\002%Google\\Cloud\\SecurityCenter\\V1p1beta1\352\002(Google::Cloud::SecurityCenter::V1p1beta1" + ), + serialized_pb=_b( + '\nGgoogle/cloud/securitycenter_v1p1beta1/proto/organization_settings.proto\x12%google.cloud.securitycenter.v1p1beta1\x1a\x1cgoogle/api/annotations.proto\x1a\x19google/api/resource.proto"\x98\x04\n\x14OrganizationSettings\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x1e\n\x16\x65nable_asset_discovery\x18\x02 \x01(\x08\x12p\n\x16\x61sset_discovery_config\x18\x03 \x01(\x0b\x32P.google.cloud.securitycenter.v1p1beta1.OrganizationSettings.AssetDiscoveryConfig\x1a\xf3\x01\n\x14\x41ssetDiscoveryConfig\x12\x13\n\x0bproject_ids\x18\x01 \x03(\t\x12v\n\x0einclusion_mode\x18\x02 \x01(\x0e\x32^.google.cloud.securitycenter.v1p1beta1.OrganizationSettings.AssetDiscoveryConfig.InclusionMode"N\n\rInclusionMode\x12\x1e\n\x1aINCLUSION_MODE_UNSPECIFIED\x10\x00\x12\x10\n\x0cINCLUDE_ONLY\x10\x01\x12\x0b\n\x07\x45XCLUDE\x10\x02:j\xea\x41g\n2securitycenter.googleapis.com/OrganizationSettings\x12\x31organizations/{organization}/organizationSettingsB\xfd\x01\n)com.google.cloud.securitycenter.v1p1beta1P\x01ZSgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter\xaa\x02%Google.Cloud.SecurityCenter.V1P1Beta1\xca\x02%Google\\Cloud\\SecurityCenter\\V1p1beta1\xea\x02(Google::Cloud::SecurityCenter::V1p1beta1b\x06proto3' + ), + dependencies=[ + google_dot_api_dot_annotations__pb2.DESCRIPTOR, + google_dot_api_dot_resource__pb2.DESCRIPTOR, + ], +) + + +_ORGANIZATIONSETTINGS_ASSETDISCOVERYCONFIG_INCLUSIONMODE = _descriptor.EnumDescriptor( + name="InclusionMode", + full_name="google.cloud.securitycenter.v1p1beta1.OrganizationSettings.AssetDiscoveryConfig.InclusionMode", + filename=None, + file=DESCRIPTOR, + values=[ + _descriptor.EnumValueDescriptor( + name="INCLUSION_MODE_UNSPECIFIED", + index=0, + number=0, + serialized_options=None, + type=None, + ), + _descriptor.EnumValueDescriptor( + name="INCLUDE_ONLY", index=1, number=1, serialized_options=None, type=None + ), + _descriptor.EnumValueDescriptor( + name="EXCLUDE", index=2, number=2, serialized_options=None, type=None + ), + ], + containing_type=None, + serialized_options=None, + serialized_start=522, + serialized_end=600, +) +_sym_db.RegisterEnumDescriptor(_ORGANIZATIONSETTINGS_ASSETDISCOVERYCONFIG_INCLUSIONMODE) + + +_ORGANIZATIONSETTINGS_ASSETDISCOVERYCONFIG = _descriptor.Descriptor( + name="AssetDiscoveryConfig", + full_name="google.cloud.securitycenter.v1p1beta1.OrganizationSettings.AssetDiscoveryConfig", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="project_ids", + full_name="google.cloud.securitycenter.v1p1beta1.OrganizationSettings.AssetDiscoveryConfig.project_ids", + index=0, + number=1, + type=9, + cpp_type=9, + label=3, + has_default_value=False, + default_value=[], + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="inclusion_mode", + full_name="google.cloud.securitycenter.v1p1beta1.OrganizationSettings.AssetDiscoveryConfig.inclusion_mode", + index=1, + number=2, + type=14, + cpp_type=8, + label=1, + has_default_value=False, + default_value=0, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[_ORGANIZATIONSETTINGS_ASSETDISCOVERYCONFIG_INCLUSIONMODE,], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=357, + serialized_end=600, +) + +_ORGANIZATIONSETTINGS = _descriptor.Descriptor( + name="OrganizationSettings", + full_name="google.cloud.securitycenter.v1p1beta1.OrganizationSettings", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="name", + full_name="google.cloud.securitycenter.v1p1beta1.OrganizationSettings.name", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="enable_asset_discovery", + full_name="google.cloud.securitycenter.v1p1beta1.OrganizationSettings.enable_asset_discovery", + index=1, + number=2, + type=8, + cpp_type=7, + label=1, + has_default_value=False, + default_value=False, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="asset_discovery_config", + full_name="google.cloud.securitycenter.v1p1beta1.OrganizationSettings.asset_discovery_config", + index=2, + number=3, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[_ORGANIZATIONSETTINGS_ASSETDISCOVERYCONFIG,], + enum_types=[], + serialized_options=_b( + "\352Ag\n2securitycenter.googleapis.com/OrganizationSettings\0221organizations/{organization}/organizationSettings" + ), + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=172, + serialized_end=708, +) + +_ORGANIZATIONSETTINGS_ASSETDISCOVERYCONFIG.fields_by_name[ + "inclusion_mode" +].enum_type = _ORGANIZATIONSETTINGS_ASSETDISCOVERYCONFIG_INCLUSIONMODE +_ORGANIZATIONSETTINGS_ASSETDISCOVERYCONFIG.containing_type = _ORGANIZATIONSETTINGS +_ORGANIZATIONSETTINGS_ASSETDISCOVERYCONFIG_INCLUSIONMODE.containing_type = ( + _ORGANIZATIONSETTINGS_ASSETDISCOVERYCONFIG +) +_ORGANIZATIONSETTINGS.fields_by_name[ + "asset_discovery_config" +].message_type = _ORGANIZATIONSETTINGS_ASSETDISCOVERYCONFIG +DESCRIPTOR.message_types_by_name["OrganizationSettings"] = _ORGANIZATIONSETTINGS +_sym_db.RegisterFileDescriptor(DESCRIPTOR) + +OrganizationSettings = _reflection.GeneratedProtocolMessageType( + "OrganizationSettings", + (_message.Message,), + dict( + AssetDiscoveryConfig=_reflection.GeneratedProtocolMessageType( + "AssetDiscoveryConfig", + (_message.Message,), + dict( + DESCRIPTOR=_ORGANIZATIONSETTINGS_ASSETDISCOVERYCONFIG, + __module__="google.cloud.securitycenter_v1p1beta1.proto.organization_settings_pb2", + __doc__="""The configuration used for Asset Discovery runs. + + + Attributes: + project_ids: + The project ids to use for filtering asset discovery. + inclusion_mode: + The mode to use for filtering asset discovery. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.OrganizationSettings.AssetDiscoveryConfig) + ), + ), + DESCRIPTOR=_ORGANIZATIONSETTINGS, + __module__="google.cloud.securitycenter_v1p1beta1.proto.organization_settings_pb2", + __doc__="""User specified settings that are attached to the Cloud + Security Command Center (Cloud SCC) organization. + + + Attributes: + name: + The relative resource name of the settings. See: https://cloud + .google.com/apis/design/resource\_names#relative\_resource\_na + me Example: + "organizations/{organization\_id}/organizationSettings". + enable_asset_discovery: + A flag that indicates if Asset Discovery should be enabled. If + the flag is set to ``true``, then discovery of assets will + occur. If it is set to \`false, all historical assets will + remain, but discovery of future assets will not occur. + asset_discovery_config: + The configuration used for Asset Discovery runs. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.OrganizationSettings) + ), +) +_sym_db.RegisterMessage(OrganizationSettings) +_sym_db.RegisterMessage(OrganizationSettings.AssetDiscoveryConfig) + + +DESCRIPTOR._options = None +_ORGANIZATIONSETTINGS._options = None +# @@protoc_insertion_point(module_scope) diff --git a/google/cloud/securitycenter_v1p1beta1/proto/organization_settings_pb2_grpc.py b/google/cloud/securitycenter_v1p1beta1/proto/organization_settings_pb2_grpc.py new file mode 100644 index 00000000..07cb78fe --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/organization_settings_pb2_grpc.py @@ -0,0 +1,2 @@ +# Generated by the gRPC Python protocol compiler plugin. DO NOT EDIT! +import grpc diff --git a/google/cloud/securitycenter_v1p1beta1/proto/run_asset_discovery_response.proto b/google/cloud/securitycenter_v1p1beta1/proto/run_asset_discovery_response.proto new file mode 100644 index 00000000..b8b9ea48 --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/run_asset_discovery_response.proto @@ -0,0 +1,53 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.cloud.securitycenter.v1p1beta1; + +import "google/api/annotations.proto"; +import "google/protobuf/duration.proto"; + +option csharp_namespace = "Google.Cloud.SecurityCenter.V1P1Beta1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter"; +option java_multiple_files = true; +option java_package = "com.google.cloud.securitycenter.v1p1beta1"; +option php_namespace = "Google\\Cloud\\SecurityCenter\\V1p1beta1"; +option ruby_package = "Google::Cloud::SecurityCenter::V1p1beta1"; + +// Response of asset discovery run +message RunAssetDiscoveryResponse { + // The state of an asset discovery run. + enum State { + // Asset discovery run state was unspecified. + STATE_UNSPECIFIED = 0; + + // Asset discovery run completed successfully. + COMPLETED = 1; + + // Asset discovery run was cancelled with tasks still pending, as another + // run for the same organization was started with a higher priority. + SUPERSEDED = 2; + + // Asset discovery run was killed and terminated. + TERMINATED = 3; + } + + // The state of an asset discovery run. + State state = 1; + + // The duration between asset discovery run start and end + google.protobuf.Duration duration = 2; +} diff --git a/google/cloud/securitycenter_v1p1beta1/proto/run_asset_discovery_response_pb2.py b/google/cloud/securitycenter_v1p1beta1/proto/run_asset_discovery_response_pb2.py new file mode 100644 index 00000000..0f32a5ab --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/run_asset_discovery_response_pb2.py @@ -0,0 +1,160 @@ +# -*- coding: utf-8 -*- +# Generated by the protocol buffer compiler. DO NOT EDIT! +# source: google/cloud/securitycenter_v1p1beta1/proto/run_asset_discovery_response.proto + +import sys + +_b = sys.version_info[0] < 3 and (lambda x: x) or (lambda x: x.encode("latin1")) +from google.protobuf import descriptor as _descriptor +from google.protobuf import message as _message +from google.protobuf import reflection as _reflection +from google.protobuf import symbol_database as _symbol_database + +# @@protoc_insertion_point(imports) + +_sym_db = _symbol_database.Default() + + +from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 +from google.protobuf import duration_pb2 as google_dot_protobuf_dot_duration__pb2 + + +DESCRIPTOR = _descriptor.FileDescriptor( + name="google/cloud/securitycenter_v1p1beta1/proto/run_asset_discovery_response.proto", + package="google.cloud.securitycenter.v1p1beta1", + syntax="proto3", + serialized_options=_b( + "\n)com.google.cloud.securitycenter.v1p1beta1P\001ZSgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter\252\002%Google.Cloud.SecurityCenter.V1P1Beta1\312\002%Google\\Cloud\\SecurityCenter\\V1p1beta1\352\002(Google::Cloud::SecurityCenter::V1p1beta1" + ), + serialized_pb=_b( + '\nNgoogle/cloud/securitycenter_v1p1beta1/proto/run_asset_discovery_response.proto\x12%google.cloud.securitycenter.v1p1beta1\x1a\x1cgoogle/api/annotations.proto\x1a\x1egoogle/protobuf/duration.proto"\xee\x01\n\x19RunAssetDiscoveryResponse\x12U\n\x05state\x18\x01 \x01(\x0e\x32\x46.google.cloud.securitycenter.v1p1beta1.RunAssetDiscoveryResponse.State\x12+\n\x08\x64uration\x18\x02 \x01(\x0b\x32\x19.google.protobuf.Duration"M\n\x05State\x12\x15\n\x11STATE_UNSPECIFIED\x10\x00\x12\r\n\tCOMPLETED\x10\x01\x12\x0e\n\nSUPERSEDED\x10\x02\x12\x0e\n\nTERMINATED\x10\x03\x42\xfd\x01\n)com.google.cloud.securitycenter.v1p1beta1P\x01ZSgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter\xaa\x02%Google.Cloud.SecurityCenter.V1P1Beta1\xca\x02%Google\\Cloud\\SecurityCenter\\V1p1beta1\xea\x02(Google::Cloud::SecurityCenter::V1p1beta1b\x06proto3' + ), + dependencies=[ + google_dot_api_dot_annotations__pb2.DESCRIPTOR, + google_dot_protobuf_dot_duration__pb2.DESCRIPTOR, + ], +) + + +_RUNASSETDISCOVERYRESPONSE_STATE = _descriptor.EnumDescriptor( + name="State", + full_name="google.cloud.securitycenter.v1p1beta1.RunAssetDiscoveryResponse.State", + filename=None, + file=DESCRIPTOR, + values=[ + _descriptor.EnumValueDescriptor( + name="STATE_UNSPECIFIED", + index=0, + number=0, + serialized_options=None, + type=None, + ), + _descriptor.EnumValueDescriptor( + name="COMPLETED", index=1, number=1, serialized_options=None, type=None + ), + _descriptor.EnumValueDescriptor( + name="SUPERSEDED", index=2, number=2, serialized_options=None, type=None + ), + _descriptor.EnumValueDescriptor( + name="TERMINATED", index=3, number=3, serialized_options=None, type=None + ), + ], + containing_type=None, + serialized_options=None, + serialized_start=345, + serialized_end=422, +) +_sym_db.RegisterEnumDescriptor(_RUNASSETDISCOVERYRESPONSE_STATE) + + +_RUNASSETDISCOVERYRESPONSE = _descriptor.Descriptor( + name="RunAssetDiscoveryResponse", + full_name="google.cloud.securitycenter.v1p1beta1.RunAssetDiscoveryResponse", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="state", + full_name="google.cloud.securitycenter.v1p1beta1.RunAssetDiscoveryResponse.state", + index=0, + number=1, + type=14, + cpp_type=8, + label=1, + has_default_value=False, + default_value=0, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="duration", + full_name="google.cloud.securitycenter.v1p1beta1.RunAssetDiscoveryResponse.duration", + index=1, + number=2, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[_RUNASSETDISCOVERYRESPONSE_STATE,], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=184, + serialized_end=422, +) + +_RUNASSETDISCOVERYRESPONSE.fields_by_name[ + "state" +].enum_type = _RUNASSETDISCOVERYRESPONSE_STATE +_RUNASSETDISCOVERYRESPONSE.fields_by_name[ + "duration" +].message_type = google_dot_protobuf_dot_duration__pb2._DURATION +_RUNASSETDISCOVERYRESPONSE_STATE.containing_type = _RUNASSETDISCOVERYRESPONSE +DESCRIPTOR.message_types_by_name[ + "RunAssetDiscoveryResponse" +] = _RUNASSETDISCOVERYRESPONSE +_sym_db.RegisterFileDescriptor(DESCRIPTOR) + +RunAssetDiscoveryResponse = _reflection.GeneratedProtocolMessageType( + "RunAssetDiscoveryResponse", + (_message.Message,), + dict( + DESCRIPTOR=_RUNASSETDISCOVERYRESPONSE, + __module__="google.cloud.securitycenter_v1p1beta1.proto.run_asset_discovery_response_pb2", + __doc__="""Response of asset discovery run + + + Attributes: + state: + The state of an asset discovery run. + duration: + The duration between asset discovery run start and end + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.RunAssetDiscoveryResponse) + ), +) +_sym_db.RegisterMessage(RunAssetDiscoveryResponse) + + +DESCRIPTOR._options = None +# @@protoc_insertion_point(module_scope) diff --git a/google/cloud/securitycenter_v1p1beta1/proto/run_asset_discovery_response_pb2_grpc.py b/google/cloud/securitycenter_v1p1beta1/proto/run_asset_discovery_response_pb2_grpc.py new file mode 100644 index 00000000..07cb78fe --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/run_asset_discovery_response_pb2_grpc.py @@ -0,0 +1,2 @@ +# Generated by the gRPC Python protocol compiler plugin. DO NOT EDIT! +import grpc diff --git a/google/cloud/securitycenter_v1p1beta1/proto/security_marks.proto b/google/cloud/securitycenter_v1p1beta1/proto/security_marks.proto new file mode 100644 index 00000000..ac54bc19 --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/security_marks.proto @@ -0,0 +1,57 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.cloud.securitycenter.v1p1beta1; + +import "google/api/annotations.proto"; +import "google/api/resource.proto"; + +option csharp_namespace = "Google.Cloud.SecurityCenter.V1P1Beta1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter"; +option java_multiple_files = true; +option java_package = "com.google.cloud.securitycenter.v1p1beta1"; +option php_namespace = "Google\\Cloud\\SecurityCenter\\V1p1beta1"; +option ruby_package = "Google::Cloud::SecurityCenter::V1p1beta1"; + +// User specified security marks that are attached to the parent Cloud Security +// Command Center (Cloud SCC) resource. Security marks are scoped within a Cloud +// SCC organization -- they can be modified and viewed by all users who have +// proper permissions on the organization. +message SecurityMarks { + option (google.api.resource) = { + type: "securitycenter.googleapis.com/SecurityMarks" + pattern: "organizations/{organization}/assets/{asset}/securityMarks" + pattern: "organizations/{organization}/sources/{source}/findings/{finding}/securityMarks" + }; + + // The relative resource name of the SecurityMarks. See: + // https://cloud.google.com/apis/design/resource_names#relative_resource_name + // Examples: + // "organizations/{organization_id}/assets/{asset_id}/securityMarks" + // "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks". + string name = 1; + + // Mutable user specified security marks belonging to the parent resource. + // Constraints are as follows: + // + // * Keys and values are treated as case insensitive + // * Keys must be between 1 - 256 characters (inclusive) + // * Keys must be letters, numbers, underscores, or dashes + // * Values have leading and trailing whitespace trimmed, remaining + // characters must be between 1 - 4096 characters (inclusive) + map marks = 2; +} diff --git a/google/cloud/securitycenter_v1p1beta1/proto/security_marks_pb2.py b/google/cloud/securitycenter_v1p1beta1/proto/security_marks_pb2.py new file mode 100644 index 00000000..dd974766 --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/security_marks_pb2.py @@ -0,0 +1,205 @@ +# -*- coding: utf-8 -*- +# Generated by the protocol buffer compiler. DO NOT EDIT! +# source: google/cloud/securitycenter_v1p1beta1/proto/security_marks.proto + +import sys + +_b = sys.version_info[0] < 3 and (lambda x: x) or (lambda x: x.encode("latin1")) +from google.protobuf import descriptor as _descriptor +from google.protobuf import message as _message +from google.protobuf import reflection as _reflection +from google.protobuf import symbol_database as _symbol_database + +# @@protoc_insertion_point(imports) + +_sym_db = _symbol_database.Default() + + +from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 +from google.api import resource_pb2 as google_dot_api_dot_resource__pb2 + + +DESCRIPTOR = _descriptor.FileDescriptor( + name="google/cloud/securitycenter_v1p1beta1/proto/security_marks.proto", + package="google.cloud.securitycenter.v1p1beta1", + syntax="proto3", + serialized_options=_b( + "\n)com.google.cloud.securitycenter.v1p1beta1P\001ZSgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter\252\002%Google.Cloud.SecurityCenter.V1P1Beta1\312\002%Google\\Cloud\\SecurityCenter\\V1p1beta1\352\002(Google::Cloud::SecurityCenter::V1p1beta1" + ), + serialized_pb=_b( + '\n@google/cloud/securitycenter_v1p1beta1/proto/security_marks.proto\x12%google.cloud.securitycenter.v1p1beta1\x1a\x1cgoogle/api/annotations.proto\x1a\x19google/api/resource.proto"\xda\x02\n\rSecurityMarks\x12\x0c\n\x04name\x18\x01 \x01(\t\x12N\n\x05marks\x18\x02 \x03(\x0b\x32?.google.cloud.securitycenter.v1p1beta1.SecurityMarks.MarksEntry\x1a,\n\nMarksEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01:\xbc\x01\xea\x41\xb8\x01\n+securitycenter.googleapis.com/SecurityMarks\x12\x39organizations/{organization}/assets/{asset}/securityMarks\x12Norganizations/{organization}/sources/{source}/findings/{finding}/securityMarksB\xfd\x01\n)com.google.cloud.securitycenter.v1p1beta1P\x01ZSgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter\xaa\x02%Google.Cloud.SecurityCenter.V1P1Beta1\xca\x02%Google\\Cloud\\SecurityCenter\\V1p1beta1\xea\x02(Google::Cloud::SecurityCenter::V1p1beta1b\x06proto3' + ), + dependencies=[ + google_dot_api_dot_annotations__pb2.DESCRIPTOR, + google_dot_api_dot_resource__pb2.DESCRIPTOR, + ], +) + + +_SECURITYMARKS_MARKSENTRY = _descriptor.Descriptor( + name="MarksEntry", + full_name="google.cloud.securitycenter.v1p1beta1.SecurityMarks.MarksEntry", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="key", + full_name="google.cloud.securitycenter.v1p1beta1.SecurityMarks.MarksEntry.key", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="value", + full_name="google.cloud.securitycenter.v1p1beta1.SecurityMarks.MarksEntry.value", + index=1, + number=2, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=_b("8\001"), + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=276, + serialized_end=320, +) + +_SECURITYMARKS = _descriptor.Descriptor( + name="SecurityMarks", + full_name="google.cloud.securitycenter.v1p1beta1.SecurityMarks", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="name", + full_name="google.cloud.securitycenter.v1p1beta1.SecurityMarks.name", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="marks", + full_name="google.cloud.securitycenter.v1p1beta1.SecurityMarks.marks", + index=1, + number=2, + type=11, + cpp_type=10, + label=3, + has_default_value=False, + default_value=[], + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[_SECURITYMARKS_MARKSENTRY,], + enum_types=[], + serialized_options=_b( + "\352A\270\001\n+securitycenter.googleapis.com/SecurityMarks\0229organizations/{organization}/assets/{asset}/securityMarks\022Norganizations/{organization}/sources/{source}/findings/{finding}/securityMarks" + ), + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=165, + serialized_end=511, +) + +_SECURITYMARKS_MARKSENTRY.containing_type = _SECURITYMARKS +_SECURITYMARKS.fields_by_name["marks"].message_type = _SECURITYMARKS_MARKSENTRY +DESCRIPTOR.message_types_by_name["SecurityMarks"] = _SECURITYMARKS +_sym_db.RegisterFileDescriptor(DESCRIPTOR) + +SecurityMarks = _reflection.GeneratedProtocolMessageType( + "SecurityMarks", + (_message.Message,), + dict( + MarksEntry=_reflection.GeneratedProtocolMessageType( + "MarksEntry", + (_message.Message,), + dict( + DESCRIPTOR=_SECURITYMARKS_MARKSENTRY, + __module__="google.cloud.securitycenter_v1p1beta1.proto.security_marks_pb2" + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.SecurityMarks.MarksEntry) + ), + ), + DESCRIPTOR=_SECURITYMARKS, + __module__="google.cloud.securitycenter_v1p1beta1.proto.security_marks_pb2", + __doc__="""User specified security marks that are attached to the parent Cloud + Security Command Center (Cloud SCC) resource. Security marks are scoped + within a Cloud SCC organization -- they can be modified and viewed by + all users who have proper permissions on the organization. + + + Attributes: + name: + The relative resource name of the SecurityMarks. See: https:// + cloud.google.com/apis/design/resource\_names#relative\_resourc + e\_name Examples: "organizations/{organization\_id}/assets/{as + set\_id}/securityMarks" "organizations/{organization\_id}/sour + ces/{source\_id}/findings/{finding\_id}/securityMarks". + marks: + Mutable user specified security marks belonging to the parent + resource. Constraints are as follows: - Keys and values are + treated as case insensitive - Keys must be between 1 - 256 + characters (inclusive) - Keys must be letters, numbers, + underscores, or dashes - Values have leading and trailing + whitespace trimmed, remaining characters must be between 1 + - 4096 characters (inclusive) + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.SecurityMarks) + ), +) +_sym_db.RegisterMessage(SecurityMarks) +_sym_db.RegisterMessage(SecurityMarks.MarksEntry) + + +DESCRIPTOR._options = None +_SECURITYMARKS_MARKSENTRY._options = None +_SECURITYMARKS._options = None +# @@protoc_insertion_point(module_scope) diff --git a/google/cloud/securitycenter_v1p1beta1/proto/security_marks_pb2_grpc.py b/google/cloud/securitycenter_v1p1beta1/proto/security_marks_pb2_grpc.py new file mode 100644 index 00000000..07cb78fe --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/security_marks_pb2_grpc.py @@ -0,0 +1,2 @@ +# Generated by the gRPC Python protocol compiler plugin. DO NOT EDIT! +import grpc diff --git a/google/cloud/securitycenter_v1p1beta1/proto/securitycenter_service.proto b/google/cloud/securitycenter_v1p1beta1/proto/securitycenter_service.proto new file mode 100644 index 00000000..dcd9af68 --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/securitycenter_service.proto @@ -0,0 +1,1277 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.cloud.securitycenter.v1p1beta1; + +import public "google/cloud/securitycenter/v1p1beta1/run_asset_discovery_response.proto"; + +import "google/api/annotations.proto"; +import "google/api/client.proto"; +import "google/api/field_behavior.proto"; +import "google/api/resource.proto"; +import "google/cloud/securitycenter/v1p1beta1/asset.proto"; +import "google/cloud/securitycenter/v1p1beta1/finding.proto"; +import "google/cloud/securitycenter/v1p1beta1/notification_config.proto"; +import "google/cloud/securitycenter/v1p1beta1/organization_settings.proto"; +import "google/cloud/securitycenter/v1p1beta1/security_marks.proto"; +import "google/cloud/securitycenter/v1p1beta1/source.proto"; +import "google/iam/v1/iam_policy.proto"; +import "google/iam/v1/policy.proto"; +import "google/longrunning/operations.proto"; +import "google/protobuf/duration.proto"; +import "google/protobuf/empty.proto"; +import "google/protobuf/field_mask.proto"; +import "google/protobuf/struct.proto"; +import "google/protobuf/timestamp.proto"; + +option csharp_namespace = "Google.Cloud.SecurityCenter.V1P1Beta1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter"; +option java_multiple_files = true; +option java_package = "com.google.cloud.securitycenter.v1p1beta1"; +option php_namespace = "Google\\Cloud\\SecurityCenter\\V1p1beta1"; +option ruby_package = "Google::Cloud::SecurityCenter::V1p1beta1"; + +// V1p1Beta1 APIs for Security Center service. +service SecurityCenter { + option (google.api.default_host) = "securitycenter.googleapis.com"; + option (google.api.oauth_scopes) = + "https://www.googleapis.com/auth/cloud-platform"; + + // Creates a source. + rpc CreateSource(CreateSourceRequest) returns (Source) { + option (google.api.http) = { + post: "/v1p1beta1/{parent=organizations/*}/sources" + body: "source" + }; + option (google.api.method_signature) = "parent,source"; + } + + // + // Creates a finding. The corresponding source must exist for finding + // creation to succeed. + rpc CreateFinding(CreateFindingRequest) returns (Finding) { + option (google.api.http) = { + post: "/v1p1beta1/{parent=organizations/*/sources/*}/findings" + body: "finding" + }; + option (google.api.method_signature) = "parent,finding_id,finding"; + option (google.api.method_signature) = "parent,finding,finding_id"; + } + + // Creates a notification config. + rpc CreateNotificationConfig(CreateNotificationConfigRequest) + returns (NotificationConfig) { + option (google.api.http) = { + post: "/v1p1beta1/{parent=organizations/*}/notificationConfigs" + body: "notification_config" + }; + option (google.api.method_signature) = + "parent,config_id,notification_config"; + option (google.api.method_signature) = "parent,notification_config"; + } + + // Deletes a notification config. + rpc DeleteNotificationConfig(DeleteNotificationConfigRequest) + returns (google.protobuf.Empty) { + option (google.api.http) = { + delete: "/v1p1beta1/{name=organizations/*/notificationConfigs/*}" + }; + option (google.api.method_signature) = "name"; + } + + // Gets the access control policy on the specified Source. + rpc GetIamPolicy(google.iam.v1.GetIamPolicyRequest) + returns (google.iam.v1.Policy) { + option (google.api.http) = { + post: "/v1p1beta1/{resource=organizations/*/sources/*}:getIamPolicy" + body: "*" + }; + option (google.api.method_signature) = "resource"; + } + + // Gets a notification config. + rpc GetNotificationConfig(GetNotificationConfigRequest) + returns (NotificationConfig) { + option (google.api.http) = { + get: "/v1p1beta1/{name=organizations/*/notificationConfigs/*}" + }; + option (google.api.method_signature) = "name"; + } + + // Gets the settings for an organization. + rpc GetOrganizationSettings(GetOrganizationSettingsRequest) + returns (OrganizationSettings) { + option (google.api.http) = { + get: "/v1p1beta1/{name=organizations/*/organizationSettings}" + }; + option (google.api.method_signature) = "name"; + } + + // Gets a source. + rpc GetSource(GetSourceRequest) returns (Source) { + option (google.api.http) = { + get: "/v1p1beta1/{name=organizations/*/sources/*}" + }; + option (google.api.method_signature) = "name"; + } + + // Filters an organization's assets and groups them by their specified + // properties. + rpc GroupAssets(GroupAssetsRequest) returns (GroupAssetsResponse) { + option (google.api.http) = { + post: "/v1p1beta1/{parent=organizations/*}/assets:group" + body: "*" + }; + } + + // Filters an organization or source's findings and groups them by their + // specified properties. + // + // To group across all sources provide a `-` as the source id. + // Example: /v1p1beta1/organizations/{organization_id}/sources/-/findings + rpc GroupFindings(GroupFindingsRequest) returns (GroupFindingsResponse) { + option (google.api.http) = { + post: "/v1p1beta1/{parent=organizations/*/sources/*}/findings:group" + body: "*" + }; + option (google.api.method_signature) = "parent,group_by"; + } + + // Lists an organization's assets. + rpc ListAssets(ListAssetsRequest) returns (ListAssetsResponse) { + option (google.api.http) = { + get: "/v1p1beta1/{parent=organizations/*}/assets" + }; + option (google.api.method_signature) = "parent"; + } + + // Lists an organization or source's findings. + // + // To list across all sources provide a `-` as the source id. + // Example: /v1p1beta1/organizations/{organization_id}/sources/-/findings + rpc ListFindings(ListFindingsRequest) returns (ListFindingsResponse) { + option (google.api.http) = { + get: "/v1p1beta1/{parent=organizations/*/sources/*}/findings" + }; + option (google.api.method_signature) = "parent"; + } + + // Lists notification configs. + rpc ListNotificationConfigs(ListNotificationConfigsRequest) + returns (ListNotificationConfigsResponse) { + option (google.api.http) = { + get: "/v1p1beta1/{parent=organizations/*}/notificationConfigs" + }; + option (google.api.method_signature) = "parent"; + } + + // Lists all sources belonging to an organization. + rpc ListSources(ListSourcesRequest) returns (ListSourcesResponse) { + option (google.api.http) = { + get: "/v1p1beta1/{parent=organizations/*}/sources" + }; + option (google.api.method_signature) = "parent"; + } + + // Runs asset discovery. The discovery is tracked with a long-running + // operation. + // + // This API can only be called with limited frequency for an organization. If + // it is called too frequently the caller will receive a TOO_MANY_REQUESTS + // error. + rpc RunAssetDiscovery(RunAssetDiscoveryRequest) + returns (google.longrunning.Operation) { + option (google.api.http) = { + post: "/v1p1beta1/{parent=organizations/*}/assets:runDiscovery" + body: "*" + }; + option (google.api.method_signature) = "parent"; + option (google.longrunning.operation_info) = { + response_type: "google.cloud.securitycenter.v1p1beta1.RunAssetDiscoveryResponse" + metadata_type: "google.protobuf.Empty" + }; + } + + // + // Updates the state of a finding. + rpc SetFindingState(SetFindingStateRequest) returns (Finding) { + option (google.api.http) = { + post: "/v1p1beta1/{name=organizations/*/sources/*/findings/*}:setState" + body: "*" + }; + option (google.api.method_signature) = "name,state,start_time"; + } + + // Sets the access control policy on the specified Source. + rpc SetIamPolicy(google.iam.v1.SetIamPolicyRequest) + returns (google.iam.v1.Policy) { + option (google.api.http) = { + post: "/v1p1beta1/{resource=organizations/*/sources/*}:setIamPolicy" + body: "*" + }; + option (google.api.method_signature) = "resource,policy"; + } + + // Returns the permissions that a caller has on the specified source. + rpc TestIamPermissions(google.iam.v1.TestIamPermissionsRequest) + returns (google.iam.v1.TestIamPermissionsResponse) { + option (google.api.http) = { + post: "/v1p1beta1/{resource=organizations/*/sources/*}:testIamPermissions" + body: "*" + }; + option (google.api.method_signature) = "resource,permissions"; + } + + // + // Creates or updates a finding. The corresponding source must exist for a + // finding creation to succeed. + rpc UpdateFinding(UpdateFindingRequest) returns (Finding) { + option (google.api.http) = { + patch: "/v1p1beta1/{finding.name=organizations/*/sources/*/findings/*}" + body: "finding" + }; + option (google.api.method_signature) = "finding"; + option (google.api.method_signature) = "finding,update_mask"; + } + + // Updates a notification config. + rpc UpdateNotificationConfig(UpdateNotificationConfigRequest) + returns (NotificationConfig) { + option (google.api.http) = { + patch: "/v1p1beta1/{notification_config.name=organizations/*/notificationConfigs/*}" + body: "notification_config" + }; + option (google.api.method_signature) = "notification_config"; + option (google.api.method_signature) = "notification_config,update_mask"; + } + + // Updates an organization's settings. + rpc UpdateOrganizationSettings(UpdateOrganizationSettingsRequest) + returns (OrganizationSettings) { + option (google.api.http) = { + patch: "/v1p1beta1/{organization_settings.name=organizations/*/organizationSettings}" + body: "organization_settings" + }; + option (google.api.method_signature) = "organization_settings"; + } + + // Updates a source. + rpc UpdateSource(UpdateSourceRequest) returns (Source) { + option (google.api.http) = { + patch: "/v1p1beta1/{source.name=organizations/*/sources/*}" + body: "source" + }; + option (google.api.method_signature) = "source"; + option (google.api.method_signature) = "source,update_mask"; + } + + // Updates security marks. + rpc UpdateSecurityMarks(UpdateSecurityMarksRequest) returns (SecurityMarks) { + option (google.api.http) = { + patch: "/v1p1beta1/{security_marks.name=organizations/*/assets/*/securityMarks}" + body: "security_marks" + additional_bindings { + patch: "/v1p1beta1/{security_marks.name=organizations/*/sources/*/findings/*/securityMarks}" + body: "security_marks" + } + }; + option (google.api.method_signature) = "security_marks"; + option (google.api.method_signature) = "security_marks,update_mask"; + } +} + +// Request message for creating a finding. +message CreateFindingRequest { + // Required. Resource name of the new finding's parent. Its format should be + // "organizations/[organization_id]/sources/[source_id]". + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "securitycenter.googleapis.com/Source" + } + ]; + + // Required. Unique identifier provided by the client within the parent scope. + // It must be alphanumeric and less than or equal to 32 characters and + // greater than 0 characters in length. + string finding_id = 2 [(google.api.field_behavior) = REQUIRED]; + + // Required. The Finding being created. The name and security_marks will be + // ignored as they are both output only fields on this resource. + Finding finding = 3 [(google.api.field_behavior) = REQUIRED]; +} + +// Request message for creating a notification config. +message CreateNotificationConfigRequest { + // Required. Resource name of the new notification config's parent. Its format + // is "organizations/[organization_id]". + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudresourcemanager.googleapis.com/Organization" + } + ]; + + // Required. + // Unique identifier provided by the client within the parent scope. + // It must be between 1 and 128 characters, and contains alphanumeric + // characters, underscores or hyphens only. + string config_id = 2 [(google.api.field_behavior) = REQUIRED]; + + // Required. The notification config being created. The name and the service + // account will be ignored as they are both output only fields on this + // resource. + NotificationConfig notification_config = 3 + [(google.api.field_behavior) = REQUIRED]; +} + +// Request message for creating a source. +message CreateSourceRequest { + // Required. Resource name of the new source's parent. Its format should be + // "organizations/[organization_id]". + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudresourcemanager.googleapis.com/Organization" + } + ]; + + // Required. The Source being created, only the display_name and description + // will be used. All other fields will be ignored. + Source source = 2 [(google.api.field_behavior) = REQUIRED]; +} + +// Request message for deleting a notification config. +message DeleteNotificationConfigRequest { + // Required. Name of the notification config to delete. Its format is + // "organizations/[organization_id]/notificationConfigs/[config_id]". + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "securitycenter.googleapis.com/NotificationConfig" + } + ]; +} + +// Request message for getting a notification config. +message GetNotificationConfigRequest { + // Required. Name of the notification config to get. Its format is + // "organizations/[organization_id]/notificationConfigs/[config_id]". + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "securitycenter.googleapis.com/NotificationConfig" + } + ]; +} + +// Request message for getting organization settings. +message GetOrganizationSettingsRequest { + // Required. Name of the organization to get organization settings for. Its + // format is "organizations/[organization_id]/organizationSettings". + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "securitycenter.googleapis.com/OrganizationSettings" + } + ]; +} + +// Request message for getting a source. +message GetSourceRequest { + // Required. Relative resource name of the source. Its format is + // "organizations/[organization_id]/source/[source_id]". + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "securitycenter.googleapis.com/Source" + } + ]; +} + +// Request message for grouping by assets. +message GroupAssetsRequest { + // Required. Name of the organization to groupBy. Its format is + // "organizations/[organization_id]". + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudresourcemanager.googleapis.com/Organization" + } + ]; + + // Expression that defines the filter to apply across assets. + // The expression is a list of zero or more restrictions combined via logical + // operators `AND` and `OR`. + // Parentheses are supported, and `OR` has higher precedence than `AND`. + // + // Restrictions have the form ` ` and may have a `-` + // character in front of them to indicate negation. The fields map to those + // defined in the Asset resource. Examples include: + // + // * name + // * security_center_properties.resource_name + // * resource_properties.a_property + // * security_marks.marks.marka + // + // The supported operators are: + // + // * `=` for all value types. + // * `>`, `<`, `>=`, `<=` for integer values. + // * `:`, meaning substring matching, for strings. + // + // The supported value types are: + // + // * string literals in quotes. + // * integer literals without quotes. + // * boolean literals `true` and `false` without quotes. + // + // The following field and operator combinations are supported: + // + // * name: `=` + // * update_time: `=`, `>`, `<`, `>=`, `<=` + // + // Usage: This should be milliseconds since epoch or an RFC3339 string. + // Examples: + // "update_time = \"2019-06-10T16:07:18-07:00\"" + // "update_time = 1560208038000" + // + // * create_time: `=`, `>`, `<`, `>=`, `<=` + // + // Usage: This should be milliseconds since epoch or an RFC3339 string. + // Examples: + // "create_time = \"2019-06-10T16:07:18-07:00\"" + // "create_time = 1560208038000" + // + // * iam_policy.policy_blob: `=`, `:` + // * resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=` + // * security_marks.marks: `=`, `:` + // * security_center_properties.resource_name: `=`, `:` + // * security_center_properties.resource_name_display_name: `=`, `:` + // * security_center_properties.resource_type: `=`, `:` + // * security_center_properties.resource_parent: `=`, `:` + // * security_center_properties.resource_parent_display_name: `=`, `:` + // * security_center_properties.resource_project: `=`, `:` + // * security_center_properties.resource_project_display_name: `=`, `:` + // * security_center_properties.resource_owners: `=`, `:` + // + // For example, `resource_properties.size = 100` is a valid filter string. + string filter = 2; + + // Required. Expression that defines what assets fields to use for grouping. + // The string value should follow SQL syntax: comma separated list of fields. + // For example: + // "security_center_properties.resource_project,security_center_properties.project". + // + // The following fields are supported when compare_duration is not set: + // + // * security_center_properties.resource_project + // * security_center_properties.resource_project_display_name + // * security_center_properties.resource_type + // * security_center_properties.resource_parent + // * security_center_properties.resource_parent_display_name + // + // The following fields are supported when compare_duration is set: + // + // * security_center_properties.resource_type + // * security_center_properties.resource_project_display_name + // * security_center_properties.resource_parent_display_name + string group_by = 3 [(google.api.field_behavior) = REQUIRED]; + + // When compare_duration is set, the GroupResult's "state_change" property is + // updated to indicate whether the asset was added, removed, or remained + // present during the compare_duration period of time that precedes the + // read_time. This is the time between (read_time - compare_duration) and + // read_time. + // + // The state change value is derived based on the presence of the asset at the + // two points in time. Intermediate state changes between the two times don't + // affect the result. For example, the results aren't affected if the asset is + // removed and re-created again. + // + // Possible "state_change" values when compare_duration is specified: + // + // * "ADDED": indicates that the asset was not present at the start of + // compare_duration, but present at reference_time. + // * "REMOVED": indicates that the asset was present at the start of + // compare_duration, but not present at reference_time. + // * "ACTIVE": indicates that the asset was present at both the + // start and the end of the time period defined by + // compare_duration and reference_time. + // + // If compare_duration is not specified, then the only possible state_change + // is "UNUSED", which will be the state_change set for all assets present at + // read_time. + // + // If this field is set then `state_change` must be a specified field in + // `group_by`. + google.protobuf.Duration compare_duration = 4; + + // Time used as a reference point when filtering assets. The filter is limited + // to assets existing at the supplied time and their values are those at that + // specific time. Absence of this field will default to the API's version of + // NOW. + google.protobuf.Timestamp read_time = 5; + + // Filter that specifies what fields to further filter on *after* the query + // filter has been executed. Currently only `state_change` is supported and + // requires compare_duration to be specified. + string having = 6; + + // The value returned by the last `GroupAssetsResponse`; indicates + // that this is a continuation of a prior `GroupAssets` call, and that the + // system should return the next page of data. + string page_token = 7; + + // The maximum number of results to return in a single response. Default is + // 10, minimum is 1, maximum is 1000. + int32 page_size = 8; +} + +// Response message for grouping by assets. +message GroupAssetsResponse { + // Group results. There exists an element for each existing unique + // combination of property/values. The element contains a count for the number + // of times those specific property/values appear. + repeated GroupResult group_by_results = 1; + + // Time used for executing the groupBy request. + google.protobuf.Timestamp read_time = 2; + + // Token to retrieve the next page of results, or empty if there are no more + // results. + string next_page_token = 3; + + // The total number of results matching the query. + int32 total_size = 4; +} + +// Request message for grouping by findings. +message GroupFindingsRequest { + // Required. Name of the source to groupBy. Its format is + // "organizations/[organization_id]/sources/[source_id]". To groupBy across + // all sources provide a source_id of `-`. For example: + // organizations/{organization_id}/sources/- + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "securitycenter.googleapis.com/Source" + } + ]; + + // Expression that defines the filter to apply across findings. + // The expression is a list of one or more restrictions combined via logical + // operators `AND` and `OR`. + // Parentheses are supported, and `OR` has higher precedence than `AND`. + // + // Restrictions have the form ` ` and may have a `-` + // character in front of them to indicate negation. Examples include: + // + // * name + // * source_properties.a_property + // * security_marks.marks.marka + // + // The supported operators are: + // + // * `=` for all value types. + // * `>`, `<`, `>=`, `<=` for integer values. + // * `:`, meaning substring matching, for strings. + // + // The supported value types are: + // + // * string literals in quotes. + // * integer literals without quotes. + // * boolean literals `true` and `false` without quotes. + // + // The following field and operator combinations are supported: + // + // * name: `=` + // * parent: `=`, `:` + // * resource_name: `=`, `:` + // * state: `=`, `:` + // * category: `=`, `:` + // * external_uri: `=`, `:` + // * event_time: `=`, `>`, `<`, `>=`, `<=` + // + // Usage: This should be milliseconds since epoch or an RFC3339 string. + // Examples: + // "event_time = \"2019-06-10T16:07:18-07:00\"" + // "event_time = 1560208038000" + // + // * security_marks.marks: `=`, `:` + // * source_properties: `=`, `:`, `>`, `<`, `>=`, `<=` + // + // For example, `source_properties.size = 100` is a valid filter string. + string filter = 2; + + // Required. Expression that defines what assets fields to use for grouping + // (including `state_change`). The string value should follow SQL syntax: + // comma separated list of fields. For example: "parent,resource_name". + // + // The following fields are supported: + // + // * resource_name + // * category + // * state + // * parent + // + // The following fields are supported when compare_duration is set: + // + // * state_change + string group_by = 3 [(google.api.field_behavior) = REQUIRED]; + + // Time used as a reference point when filtering findings. The filter is + // limited to findings existing at the supplied time and their values are + // those at that specific time. Absence of this field will default to the + // API's version of NOW. + google.protobuf.Timestamp read_time = 4; + + // When compare_duration is set, the GroupResult's "state_change" attribute is + // updated to indicate whether the finding had its state changed, the + // finding's state remained unchanged, or if the finding was added during the + // compare_duration period of time that precedes the read_time. This is the + // time between (read_time - compare_duration) and read_time. + // + // The state_change value is derived based on the presence and state of the + // finding at the two points in time. Intermediate state changes between the + // two times don't affect the result. For example, the results aren't affected + // if the finding is made inactive and then active again. + // + // Possible "state_change" values when compare_duration is specified: + // + // * "CHANGED": indicates that the finding was present at the start of + // compare_duration, but changed its state at read_time. + // * "UNCHANGED": indicates that the finding was present at the start of + // compare_duration and did not change state at read_time. + // * "ADDED": indicates that the finding was not present at the start + // of compare_duration, but was present at read_time. + // + // If compare_duration is not specified, then the only possible state_change + // is "UNUSED", which will be the state_change set for all findings present + // at read_time. + // + // If this field is set then `state_change` must be a specified field in + // `group_by`. + google.protobuf.Duration compare_duration = 5; + + // Filter that specifies what fields to further filter on *after* the query + // filter has been executed. Currently only `finding.state` and `state_change` + // are supported and requires compare_duration to be specified. + string having = 6; + + // The value returned by the last `GroupFindingsResponse`; indicates + // that this is a continuation of a prior `GroupFindings` call, and + // that the system should return the next page of data. + string page_token = 7; + + // The maximum number of results to return in a single response. Default is + // 10, minimum is 1, maximum is 1000. + int32 page_size = 8; +} + +// Response message for group by findings. +message GroupFindingsResponse { + // Group results. There exists an element for each existing unique + // combination of property/values. The element contains a count for the number + // of times those specific property/values appear. + repeated GroupResult group_by_results = 1; + + // Time used for executing the groupBy request. + google.protobuf.Timestamp read_time = 2; + + // Token to retrieve the next page of results, or empty if there are no more + // results. + string next_page_token = 3; + + // The total number of results matching the query. + int32 total_size = 4; +} + +// Result containing the properties and count of a groupBy request. +message GroupResult { + // Properties matching the groupBy fields in the request. + map properties = 1; + + // Total count of resources for the given properties. + int64 count = 2; +} + +// Request message for listing notification configs. +message ListNotificationConfigsRequest { + // Required. Name of the organization to list notification configs. + // Its format is "organizations/[organization_id]". + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudresourcemanager.googleapis.com/Organization" + } + ]; + + // The value returned by the last `ListNotificationConfigsResponse`; indicates + // that this is a continuation of a prior `ListNotificationConfigs` call, and + // that the system should return the next page of data. + string page_token = 2; + + // The maximum number of results to return in a single response. Default is + // 10, minimum is 1, maximum is 1000. + int32 page_size = 3; +} + +// Response message for listing notification configs. +message ListNotificationConfigsResponse { + // Notification configs belonging to the requested parent. + repeated NotificationConfig notification_configs = 1; + + // Token to retrieve the next page of results, or empty if there are no more + // results. + string next_page_token = 2; +} + +// Request message for listing sources. +message ListSourcesRequest { + // Required. Resource name of the parent of sources to list. Its format should + // be "organizations/[organization_id]". + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudresourcemanager.googleapis.com/Organization" + } + ]; + + // The value returned by the last `ListSourcesResponse`; indicates + // that this is a continuation of a prior `ListSources` call, and + // that the system should return the next page of data. + string page_token = 2; + + // The maximum number of results to return in a single response. Default is + // 10, minimum is 1, maximum is 1000. + int32 page_size = 7; +} + +// Response message for listing sources. +message ListSourcesResponse { + // Sources belonging to the requested parent. + repeated Source sources = 1; + + // Token to retrieve the next page of results, or empty if there are no more + // results. + string next_page_token = 2; +} + +// Request message for listing assets. +message ListAssetsRequest { + // Required. Name of the organization assets should belong to. Its format is + // "organizations/[organization_id]". + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudresourcemanager.googleapis.com/Organization" + } + ]; + + // Expression that defines the filter to apply across assets. + // The expression is a list of zero or more restrictions combined via logical + // operators `AND` and `OR`. + // Parentheses are supported, and `OR` has higher precedence than `AND`. + // + // Restrictions have the form ` ` and may have a `-` + // character in front of them to indicate negation. The fields map to those + // defined in the Asset resource. Examples include: + // + // * name + // * security_center_properties.resource_name + // * resource_properties.a_property + // * security_marks.marks.marka + // + // The supported operators are: + // + // * `=` for all value types. + // * `>`, `<`, `>=`, `<=` for integer values. + // * `:`, meaning substring matching, for strings. + // + // The supported value types are: + // + // * string literals in quotes. + // * integer literals without quotes. + // * boolean literals `true` and `false` without quotes. + // + // The following are the allowed field and operator combinations: + // + // * name: `=` + // * update_time: `=`, `>`, `<`, `>=`, `<=` + // + // Usage: This should be milliseconds since epoch or an RFC3339 string. + // Examples: + // "update_time = \"2019-06-10T16:07:18-07:00\"" + // "update_time = 1560208038000" + // + // * create_time: `=`, `>`, `<`, `>=`, `<=` + // + // Usage: This should be milliseconds since epoch or an RFC3339 string. + // Examples: + // "create_time = \"2019-06-10T16:07:18-07:00\"" + // "create_time = 1560208038000" + // + // * iam_policy.policy_blob: `=`, `:` + // * resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=` + // * security_marks.marks: `=`, `:` + // * security_center_properties.resource_name: `=`, `:` + // * security_center_properties.resource_display_name: `=`, `:` + // * security_center_properties.resource_type: `=`, `:` + // * security_center_properties.resource_parent: `=`, `:` + // * security_center_properties.resource_parent_display_name: `=`, `:` + // * security_center_properties.resource_project: `=`, `:` + // * security_center_properties.resource_project_display_name: `=`, `:` + // * security_center_properties.resource_owners: `=`, `:` + // + // For example, `resource_properties.size = 100` is a valid filter string. + string filter = 2; + + // Expression that defines what fields and order to use for sorting. The + // string value should follow SQL syntax: comma separated list of fields. For + // example: "name,resource_properties.a_property". The default sorting order + // is ascending. To specify descending order for a field, a suffix " desc" + // should be appended to the field name. For example: "name + // desc,resource_properties.a_property". Redundant space characters in the + // syntax are insignificant. "name desc,resource_properties.a_property" and " + // name desc , resource_properties.a_property " are equivalent. + // + // The following fields are supported: + // name + // update_time + // resource_properties + // security_marks.marks + // security_center_properties.resource_name + // security_center_properties.resource_display_name + // security_center_properties.resource_parent + // security_center_properties.resource_parent_display_name + // security_center_properties.resource_project + // security_center_properties.resource_project_display_name + // security_center_properties.resource_type + string order_by = 3; + + // Time used as a reference point when filtering assets. The filter is limited + // to assets existing at the supplied time and their values are those at that + // specific time. Absence of this field will default to the API's version of + // NOW. + google.protobuf.Timestamp read_time = 4; + + // When compare_duration is set, the ListAssetsResult's "state_change" + // attribute is updated to indicate whether the asset was added, removed, or + // remained present during the compare_duration period of time that precedes + // the read_time. This is the time between (read_time - compare_duration) and + // read_time. + // + // The state_change value is derived based on the presence of the asset at the + // two points in time. Intermediate state changes between the two times don't + // affect the result. For example, the results aren't affected if the asset is + // removed and re-created again. + // + // Possible "state_change" values when compare_duration is specified: + // + // * "ADDED": indicates that the asset was not present at the start of + // compare_duration, but present at read_time. + // * "REMOVED": indicates that the asset was present at the start of + // compare_duration, but not present at read_time. + // * "ACTIVE": indicates that the asset was present at both the + // start and the end of the time period defined by + // compare_duration and read_time. + // + // If compare_duration is not specified, then the only possible state_change + // is "UNUSED", which will be the state_change set for all assets present at + // read_time. + google.protobuf.Duration compare_duration = 5; + + // Filter that specifies what fields to further filter on *after* the query + // filter has been executed. Currently only `state_change` is supported and + // requires compare_duration to be specified. + string having = 6; + + // Optional. + // A field mask to specify the ListAssetsResult fields to be listed in the + // response. + // An empty field mask will list all fields. + google.protobuf.FieldMask field_mask = 7 + [(google.api.field_behavior) = OPTIONAL]; + + // The value returned by the last `ListAssetsResponse`; indicates + // that this is a continuation of a prior `ListAssets` call, and + // that the system should return the next page of data. + string page_token = 8; + + // The maximum number of results to return in a single response. Default is + // 10, minimum is 1, maximum is 1000. + int32 page_size = 9; +} + +// Response message for listing assets. +message ListAssetsResponse { + // Result containing the Asset and its State. + message ListAssetsResult { + // The change in state of the asset. + // + // When querying across two points in time this describes + // the change between the two points: ADDED, REMOVED, or ACTIVE. + // If there was no compare_duration supplied in the request the state change + // will be: UNUSED + enum StateChange { + // State change is unused, this is the canonical default for this enum. + UNUSED = 0; + + // Asset was added between the points in time. + ADDED = 1; + + // Asset was removed between the points in time. + REMOVED = 2; + + // Asset was present at both point(s) in time. + ACTIVE = 3; + } + + // Asset matching the search request. + Asset asset = 1; + + // State change of the asset between the points in time. + StateChange state_change = 2; + } + + // Assets matching the list request. + repeated ListAssetsResult list_assets_results = 1; + + // Time used for executing the list request. + google.protobuf.Timestamp read_time = 2; + + // Token to retrieve the next page of results, or empty if there are no more + // results. + string next_page_token = 3; + + // The total number of assets matching the query. + int32 total_size = 4; +} + +// Request message for listing findings. +message ListFindingsRequest { + // Required. Name of the source the findings belong to. Its format is + // "organizations/[organization_id]/sources/[source_id]". To list across all + // sources provide a source_id of `-`. For example: + // organizations/{organization_id}/sources/- + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "securitycenter.googleapis.com/Source" + } + ]; + + // Expression that defines the filter to apply across findings. + // The expression is a list of one or more restrictions combined via logical + // operators `AND` and `OR`. + // Parentheses are supported, and `OR` has higher precedence than `AND`. + // + // Restrictions have the form ` ` and may have a `-` + // character in front of them to indicate negation. Examples include: + // + // * name + // * source_properties.a_property + // * security_marks.marks.marka + // + // The supported operators are: + // + // * `=` for all value types. + // * `>`, `<`, `>=`, `<=` for integer values. + // * `:`, meaning substring matching, for strings. + // + // The supported value types are: + // + // * string literals in quotes. + // * integer literals without quotes. + // * boolean literals `true` and `false` without quotes. + // + // The following field and operator combinations are supported: + // + // name: `=` + // parent: `=`, `:` + // resource_name: `=`, `:` + // state: `=`, `:` + // category: `=`, `:` + // external_uri: `=`, `:` + // event_time: `=`, `>`, `<`, `>=`, `<=` + // + // Usage: This should be milliseconds since epoch or an RFC3339 string. + // Examples: + // "event_time = \"2019-06-10T16:07:18-07:00\"" + // "event_time = 1560208038000" + // + // security_marks.marks: `=`, `:` + // source_properties: `=`, `:`, `>`, `<`, `>=`, `<=` + // + // For example, `source_properties.size = 100` is a valid filter string. + string filter = 2; + + // Expression that defines what fields and order to use for sorting. The + // string value should follow SQL syntax: comma separated list of fields. For + // example: "name,resource_properties.a_property". The default sorting order + // is ascending. To specify descending order for a field, a suffix " desc" + // should be appended to the field name. For example: "name + // desc,source_properties.a_property". Redundant space characters in the + // syntax are insignificant. "name desc,source_properties.a_property" and " + // name desc , source_properties.a_property " are equivalent. + // + // The following fields are supported: + // name + // parent + // state + // category + // resource_name + // event_time + // source_properties + // security_marks.marks + string order_by = 3; + + // Time used as a reference point when filtering findings. The filter is + // limited to findings existing at the supplied time and their values are + // those at that specific time. Absence of this field will default to the + // API's version of NOW. + google.protobuf.Timestamp read_time = 4; + + // When compare_duration is set, the ListFindingsResult's "state_change" + // attribute is updated to indicate whether the finding had its state changed, + // the finding's state remained unchanged, or if the finding was added in any + // state during the compare_duration period of time that precedes the + // read_time. This is the time between (read_time - compare_duration) and + // read_time. + // + // The state_change value is derived based on the presence and state of the + // finding at the two points in time. Intermediate state changes between the + // two times don't affect the result. For example, the results aren't affected + // if the finding is made inactive and then active again. + // + // Possible "state_change" values when compare_duration is specified: + // + // * "CHANGED": indicates that the finding was present at the start of + // compare_duration, but changed its state at read_time. + // * "UNCHANGED": indicates that the finding was present at the start of + // compare_duration and did not change state at read_time. + // * "ADDED": indicates that the finding was not present at the start + // of compare_duration, but was present at read_time. + // + // If compare_duration is not specified, then the only possible state_change + // is "UNUSED", which will be the state_change set for all findings present at + // read_time. + google.protobuf.Duration compare_duration = 5; + + // Filter that specifies what fields to further filter on *after* the query + // filter has been executed. Currently only `finding.state` and `state_change` + // are supported and requires compare_duration to be specified. + string having = 6; + + // Optional. + // A field mask to specify the Finding fields to be listed in the response. + // An empty field mask will list all fields. + google.protobuf.FieldMask field_mask = 7 + [(google.api.field_behavior) = OPTIONAL]; + + // The value returned by the last `ListFindingsResponse`; indicates + // that this is a continuation of a prior `ListFindings` call, and + // that the system should return the next page of data. + string page_token = 8; + + // The maximum number of results to return in a single response. Default is + // 10, minimum is 1, maximum is 1000. + int32 page_size = 9; +} + +// Response message for listing findings. +message ListFindingsResponse { + // Result containing the Finding and its StateChange. + message ListFindingsResult { + // Information related to the Google Cloud Platform (GCP) resource that is + // associated with this finding. + message Resource { + // The full resource name of the resource. See: + // https://cloud.google.com/apis/design/resource_names#full_resource_name + string name = 1; + + // The full resource name of project that the resource belongs to. + string project_name = 2; + + // The human readable name of project that the resource belongs to. + string project_display_name = 3; + + // The full resource name of resource's parent. + string parent_name = 4; + + // The human readable name of resource's parent. + string parent_display_name = 5; + } + + // The change in state of the finding. + // + // When querying across two points in time this describes + // the change in the finding between the two points: CHANGED, UNCHANGED, + // ADDED, or REMOVED. Findings can not be deleted, so REMOVED implies that + // the finding at timestamp does not match the filter specified, but it did + // at timestamp - compare_duration. If there was no compare_duration + // supplied in the request the state change will be: UNUSED + enum StateChange { + // State change is unused, this is the canonical default for this enum. + UNUSED = 0; + + // The finding has changed state in some way between the points in time + // and existed at both points. + CHANGED = 1; + + // The finding has not changed state between the points in time and + // existed at both points. + UNCHANGED = 2; + + // The finding was created between the points in time. + ADDED = 3; + + // The finding at timestamp does not match the filter specified, but it + // did at timestamp - compare_duration. + REMOVED = 4; + } + + // Finding matching the search request. + Finding finding = 1; + + // State change of the finding between the points in time. + StateChange state_change = 2; + + // Output only. Resource that is associated with this finding. + Resource resource = 3; + } + + // Findings matching the list request. + repeated ListFindingsResult list_findings_results = 1; + + // Time used for executing the list request. + google.protobuf.Timestamp read_time = 2; + + // Token to retrieve the next page of results, or empty if there are no more + // results. + string next_page_token = 3; + + // The total number of findings matching the query. + int32 total_size = 4; +} + +// Request message for updating a finding's state. +message SetFindingStateRequest { + // Required. The relative resource name of the finding. See: + // https://cloud.google.com/apis/design/resource_names#relative_resource_name + // Example: + // "organizations/{organization_id}/sources/{source_id}/finding/{finding_id}". + string name = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "securitycenter.googleapis.com/Finding" + } + ]; + + // Required. The desired State of the finding. + Finding.State state = 2 [(google.api.field_behavior) = REQUIRED]; + + // Required. The time at which the updated state takes effect. + google.protobuf.Timestamp start_time = 3 + [(google.api.field_behavior) = REQUIRED]; +} + +// Request message for running asset discovery for an organization. +message RunAssetDiscoveryRequest { + // Required. Name of the organization to run asset discovery for. Its format + // is "organizations/[organization_id]". + string parent = 1 [ + (google.api.field_behavior) = REQUIRED, + (google.api.resource_reference) = { + type: "cloudresourcemanager.googleapis.com/Organization" + } + ]; +} + +// Request message for updating or creating a finding. +message UpdateFindingRequest { + // Required. The finding resource to update or create if it does not already + // exist. parent, security_marks, and update_time will be ignored. + // + // In the case of creation, the finding id portion of the name must be + // alphanumeric and less than or equal to 32 characters and greater than 0 + // characters in length. + Finding finding = 1 [(google.api.field_behavior) = REQUIRED]; + + // The FieldMask to use when updating the finding resource. This field should + // not be specified when creating a finding. + // + // When updating a finding, an empty mask is treated as updating all mutable + // fields and replacing source_properties. Individual source_properties can + // be added/updated by using "source_properties." in the field + // mask. + google.protobuf.FieldMask update_mask = 2; +} + +// Request message for updating a notification config. +message UpdateNotificationConfigRequest { + // Required. The notification config to update. + NotificationConfig notification_config = 1 + [(google.api.field_behavior) = REQUIRED]; + + // The FieldMask to use when updating the notification config. + // + // If empty all mutable fields will be updated. + google.protobuf.FieldMask update_mask = 2; +} + +// Request message for updating an organization's settings. +message UpdateOrganizationSettingsRequest { + // Required. The organization settings resource to update. + OrganizationSettings organization_settings = 1 + [(google.api.field_behavior) = REQUIRED]; + + // The FieldMask to use when updating the settings resource. + // + // If empty all mutable fields will be updated. + google.protobuf.FieldMask update_mask = 2; +} + +// Request message for updating a source. +message UpdateSourceRequest { + // Required. The source resource to update. + Source source = 1 [(google.api.field_behavior) = REQUIRED]; + + // The FieldMask to use when updating the source resource. + // + // If empty all mutable fields will be updated. + google.protobuf.FieldMask update_mask = 2; +} + +// Request message for updating a SecurityMarks resource. +message UpdateSecurityMarksRequest { + // Required. The security marks resource to update. + SecurityMarks security_marks = 1 [(google.api.field_behavior) = REQUIRED]; + + // The FieldMask to use when updating the security marks resource. + // + // The field mask must not contain duplicate fields. + // If empty or set to "marks", all marks will be replaced. Individual + // marks can be updated using "marks.". + google.protobuf.FieldMask update_mask = 2; + + // The time at which the updated SecurityMarks take effect. + // If not set uses current server time. Updates will be applied to the + // SecurityMarks that are active immediately preceding this time. + google.protobuf.Timestamp start_time = 3; +} diff --git a/google/cloud/securitycenter_v1p1beta1/proto/securitycenter_service_pb2.py b/google/cloud/securitycenter_v1p1beta1/proto/securitycenter_service_pb2.py new file mode 100644 index 00000000..1e9df4e5 --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/securitycenter_service_pb2.py @@ -0,0 +1,4221 @@ +# -*- coding: utf-8 -*- +# Generated by the protocol buffer compiler. DO NOT EDIT! +# source: google/cloud/securitycenter_v1p1beta1/proto/securitycenter_service.proto + +import sys + +_b = sys.version_info[0] < 3 and (lambda x: x) or (lambda x: x.encode("latin1")) +from google.protobuf import descriptor as _descriptor +from google.protobuf import message as _message +from google.protobuf import reflection as _reflection +from google.protobuf import symbol_database as _symbol_database + +# @@protoc_insertion_point(imports) + +_sym_db = _symbol_database.Default() + + +from google.cloud.securitycenter_v1p1beta1.proto import ( + run_asset_discovery_response_pb2 as google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_run__asset__discovery__response__pb2, +) +from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 +from google.api import client_pb2 as google_dot_api_dot_client__pb2 +from google.api import field_behavior_pb2 as google_dot_api_dot_field__behavior__pb2 +from google.api import resource_pb2 as google_dot_api_dot_resource__pb2 +from google.cloud.securitycenter_v1p1beta1.proto import ( + asset_pb2 as google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_asset__pb2, +) +from google.cloud.securitycenter_v1p1beta1.proto import ( + finding_pb2 as google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_finding__pb2, +) +from google.cloud.securitycenter_v1p1beta1.proto import ( + notification_config_pb2 as google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_notification__config__pb2, +) +from google.cloud.securitycenter_v1p1beta1.proto import ( + organization_settings_pb2 as google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_organization__settings__pb2, +) +from google.cloud.securitycenter_v1p1beta1.proto import ( + security_marks_pb2 as google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_security__marks__pb2, +) +from google.cloud.securitycenter_v1p1beta1.proto import ( + source_pb2 as google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_source__pb2, +) +from google.iam.v1 import iam_policy_pb2 as google_dot_iam_dot_v1_dot_iam__policy__pb2 +from google.iam.v1 import policy_pb2 as google_dot_iam_dot_v1_dot_policy__pb2 +from google.longrunning import ( + operations_pb2 as google_dot_longrunning_dot_operations__pb2, +) +from google.protobuf import duration_pb2 as google_dot_protobuf_dot_duration__pb2 +from google.protobuf import empty_pb2 as google_dot_protobuf_dot_empty__pb2 +from google.protobuf import field_mask_pb2 as google_dot_protobuf_dot_field__mask__pb2 +from google.protobuf import struct_pb2 as google_dot_protobuf_dot_struct__pb2 +from google.protobuf import timestamp_pb2 as google_dot_protobuf_dot_timestamp__pb2 + + +DESCRIPTOR = _descriptor.FileDescriptor( + name="google/cloud/securitycenter_v1p1beta1/proto/securitycenter_service.proto", + package="google.cloud.securitycenter.v1p1beta1", + syntax="proto3", + serialized_options=_b( + "\n)com.google.cloud.securitycenter.v1p1beta1P\001ZSgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter\252\002%Google.Cloud.SecurityCenter.V1P1Beta1\312\002%Google\\Cloud\\SecurityCenter\\V1p1beta1\352\002(Google::Cloud::SecurityCenter::V1p1beta1" + ), + serialized_pb=_b( + '\nHgoogle/cloud/securitycenter_v1p1beta1/proto/securitycenter_service.proto\x12%google.cloud.securitycenter.v1p1beta1\x1aNgoogle/cloud/securitycenter_v1p1beta1/proto/run_asset_discovery_response.proto\x1a\x1cgoogle/api/annotations.proto\x1a\x17google/api/client.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a\x37google/cloud/securitycenter_v1p1beta1/proto/asset.proto\x1a\x39google/cloud/securitycenter_v1p1beta1/proto/finding.proto\x1a\x45google/cloud/securitycenter_v1p1beta1/proto/notification_config.proto\x1aGgoogle/cloud/securitycenter_v1p1beta1/proto/organization_settings.proto\x1a@google/cloud/securitycenter_v1p1beta1/proto/security_marks.proto\x1a\x38google/cloud/securitycenter_v1p1beta1/proto/source.proto\x1a\x1egoogle/iam/v1/iam_policy.proto\x1a\x1agoogle/iam/v1/policy.proto\x1a#google/longrunning/operations.proto\x1a\x1egoogle/protobuf/duration.proto\x1a\x1bgoogle/protobuf/empty.proto\x1a google/protobuf/field_mask.proto\x1a\x1cgoogle/protobuf/struct.proto\x1a\x1fgoogle/protobuf/timestamp.proto"\xb3\x01\n\x14\x43reateFindingRequest\x12<\n\x06parent\x18\x01 \x01(\tB,\xe0\x41\x02\xfa\x41&\n$securitycenter.googleapis.com/Source\x12\x17\n\nfinding_id\x18\x02 \x01(\tB\x03\xe0\x41\x02\x12\x44\n\x07\x66inding\x18\x03 \x01(\x0b\x32..google.cloud.securitycenter.v1p1beta1.FindingB\x03\xe0\x41\x02"\xe0\x01\n\x1f\x43reateNotificationConfigRequest\x12H\n\x06parent\x18\x01 \x01(\tB8\xe0\x41\x02\xfa\x41\x32\n0cloudresourcemanager.googleapis.com/Organization\x12\x16\n\tconfig_id\x18\x02 \x01(\tB\x03\xe0\x41\x02\x12[\n\x13notification_config\x18\x03 \x01(\x0b\x32\x39.google.cloud.securitycenter.v1p1beta1.NotificationConfigB\x03\xe0\x41\x02"\xa3\x01\n\x13\x43reateSourceRequest\x12H\n\x06parent\x18\x01 \x01(\tB8\xe0\x41\x02\xfa\x41\x32\n0cloudresourcemanager.googleapis.com/Organization\x12\x42\n\x06source\x18\x02 \x01(\x0b\x32-.google.cloud.securitycenter.v1p1beta1.SourceB\x03\xe0\x41\x02"i\n\x1f\x44\x65leteNotificationConfigRequest\x12\x46\n\x04name\x18\x01 \x01(\tB8\xe0\x41\x02\xfa\x41\x32\n0securitycenter.googleapis.com/NotificationConfig"f\n\x1cGetNotificationConfigRequest\x12\x46\n\x04name\x18\x01 \x01(\tB8\xe0\x41\x02\xfa\x41\x32\n0securitycenter.googleapis.com/NotificationConfig"j\n\x1eGetOrganizationSettingsRequest\x12H\n\x04name\x18\x01 \x01(\tB:\xe0\x41\x02\xfa\x41\x34\n2securitycenter.googleapis.com/OrganizationSettings"N\n\x10GetSourceRequest\x12:\n\x04name\x18\x01 \x01(\tB,\xe0\x41\x02\xfa\x41&\n$securitycenter.googleapis.com/Source"\xa0\x02\n\x12GroupAssetsRequest\x12H\n\x06parent\x18\x01 \x01(\tB8\xe0\x41\x02\xfa\x41\x32\n0cloudresourcemanager.googleapis.com/Organization\x12\x0e\n\x06\x66ilter\x18\x02 \x01(\t\x12\x15\n\x08group_by\x18\x03 \x01(\tB\x03\xe0\x41\x02\x12\x33\n\x10\x63ompare_duration\x18\x04 \x01(\x0b\x32\x19.google.protobuf.Duration\x12-\n\tread_time\x18\x05 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x0e\n\x06having\x18\x06 \x01(\t\x12\x12\n\npage_token\x18\x07 \x01(\t\x12\x11\n\tpage_size\x18\x08 \x01(\x05"\xbf\x01\n\x13GroupAssetsResponse\x12L\n\x10group_by_results\x18\x01 \x03(\x0b\x32\x32.google.cloud.securitycenter.v1p1beta1.GroupResult\x12-\n\tread_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x17\n\x0fnext_page_token\x18\x03 \x01(\t\x12\x12\n\ntotal_size\x18\x04 \x01(\x05"\x96\x02\n\x14GroupFindingsRequest\x12<\n\x06parent\x18\x01 \x01(\tB,\xe0\x41\x02\xfa\x41&\n$securitycenter.googleapis.com/Source\x12\x0e\n\x06\x66ilter\x18\x02 \x01(\t\x12\x15\n\x08group_by\x18\x03 \x01(\tB\x03\xe0\x41\x02\x12-\n\tread_time\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x33\n\x10\x63ompare_duration\x18\x05 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x0e\n\x06having\x18\x06 \x01(\t\x12\x12\n\npage_token\x18\x07 \x01(\t\x12\x11\n\tpage_size\x18\x08 \x01(\x05"\xc1\x01\n\x15GroupFindingsResponse\x12L\n\x10group_by_results\x18\x01 \x03(\x0b\x32\x32.google.cloud.securitycenter.v1p1beta1.GroupResult\x12-\n\tread_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x17\n\x0fnext_page_token\x18\x03 \x01(\t\x12\x12\n\ntotal_size\x18\x04 \x01(\x05"\xbf\x01\n\x0bGroupResult\x12V\n\nproperties\x18\x01 \x03(\x0b\x32\x42.google.cloud.securitycenter.v1p1beta1.GroupResult.PropertiesEntry\x12\r\n\x05\x63ount\x18\x02 \x01(\x03\x1aI\n\x0fPropertiesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12%\n\x05value\x18\x02 \x01(\x0b\x32\x16.google.protobuf.Value:\x02\x38\x01"\x91\x01\n\x1eListNotificationConfigsRequest\x12H\n\x06parent\x18\x01 \x01(\tB8\xe0\x41\x02\xfa\x41\x32\n0cloudresourcemanager.googleapis.com/Organization\x12\x12\n\npage_token\x18\x02 \x01(\t\x12\x11\n\tpage_size\x18\x03 \x01(\x05"\x93\x01\n\x1fListNotificationConfigsResponse\x12W\n\x14notification_configs\x18\x01 \x03(\x0b\x32\x39.google.cloud.securitycenter.v1p1beta1.NotificationConfig\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t"\x85\x01\n\x12ListSourcesRequest\x12H\n\x06parent\x18\x01 \x01(\tB8\xe0\x41\x02\xfa\x41\x32\n0cloudresourcemanager.googleapis.com/Organization\x12\x12\n\npage_token\x18\x02 \x01(\t\x12\x11\n\tpage_size\x18\x07 \x01(\x05"n\n\x13ListSourcesResponse\x12>\n\x07sources\x18\x01 \x03(\x0b\x32-.google.cloud.securitycenter.v1p1beta1.Source\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t"\xcf\x02\n\x11ListAssetsRequest\x12H\n\x06parent\x18\x01 \x01(\tB8\xe0\x41\x02\xfa\x41\x32\n0cloudresourcemanager.googleapis.com/Organization\x12\x0e\n\x06\x66ilter\x18\x02 \x01(\t\x12\x10\n\x08order_by\x18\x03 \x01(\t\x12-\n\tread_time\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x33\n\x10\x63ompare_duration\x18\x05 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x0e\n\x06having\x18\x06 \x01(\t\x12\x33\n\nfield_mask\x18\x07 \x01(\x0b\x32\x1a.google.protobuf.FieldMaskB\x03\xe0\x41\x01\x12\x12\n\npage_token\x18\x08 \x01(\t\x12\x11\n\tpage_size\x18\t \x01(\x05"\xd8\x03\n\x12ListAssetsResponse\x12g\n\x13list_assets_results\x18\x01 \x03(\x0b\x32J.google.cloud.securitycenter.v1p1beta1.ListAssetsResponse.ListAssetsResult\x12-\n\tread_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x17\n\x0fnext_page_token\x18\x03 \x01(\t\x12\x12\n\ntotal_size\x18\x04 \x01(\x05\x1a\xfc\x01\n\x10ListAssetsResult\x12;\n\x05\x61sset\x18\x01 \x01(\x0b\x32,.google.cloud.securitycenter.v1p1beta1.Asset\x12l\n\x0cstate_change\x18\x02 \x01(\x0e\x32V.google.cloud.securitycenter.v1p1beta1.ListAssetsResponse.ListAssetsResult.StateChange"=\n\x0bStateChange\x12\n\n\x06UNUSED\x10\x00\x12\t\n\x05\x41\x44\x44\x45\x44\x10\x01\x12\x0b\n\x07REMOVED\x10\x02\x12\n\n\x06\x41\x43TIVE\x10\x03"\xc5\x02\n\x13ListFindingsRequest\x12<\n\x06parent\x18\x01 \x01(\tB,\xe0\x41\x02\xfa\x41&\n$securitycenter.googleapis.com/Source\x12\x0e\n\x06\x66ilter\x18\x02 \x01(\t\x12\x10\n\x08order_by\x18\x03 \x01(\t\x12-\n\tread_time\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x33\n\x10\x63ompare_duration\x18\x05 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x0e\n\x06having\x18\x06 \x01(\t\x12\x33\n\nfield_mask\x18\x07 \x01(\x0b\x32\x1a.google.protobuf.FieldMaskB\x03\xe0\x41\x01\x12\x12\n\npage_token\x18\x08 \x01(\t\x12\x11\n\tpage_size\x18\t \x01(\x05"\xe5\x05\n\x14ListFindingsResponse\x12m\n\x15list_findings_results\x18\x01 \x03(\x0b\x32N.google.cloud.securitycenter.v1p1beta1.ListFindingsResponse.ListFindingsResult\x12-\n\tread_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x17\n\x0fnext_page_token\x18\x03 \x01(\t\x12\x12\n\ntotal_size\x18\x04 \x01(\x05\x1a\x81\x04\n\x12ListFindingsResult\x12?\n\x07\x66inding\x18\x01 \x01(\x0b\x32..google.cloud.securitycenter.v1p1beta1.Finding\x12p\n\x0cstate_change\x18\x02 \x01(\x0e\x32Z.google.cloud.securitycenter.v1p1beta1.ListFindingsResponse.ListFindingsResult.StateChange\x12i\n\x08resource\x18\x03 \x01(\x0b\x32W.google.cloud.securitycenter.v1p1beta1.ListFindingsResponse.ListFindingsResult.Resource\x1a~\n\x08Resource\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x14\n\x0cproject_name\x18\x02 \x01(\t\x12\x1c\n\x14project_display_name\x18\x03 \x01(\t\x12\x13\n\x0bparent_name\x18\x04 \x01(\t\x12\x1b\n\x13parent_display_name\x18\x05 \x01(\t"M\n\x0bStateChange\x12\n\n\x06UNUSED\x10\x00\x12\x0b\n\x07\x43HANGED\x10\x01\x12\r\n\tUNCHANGED\x10\x02\x12\t\n\x05\x41\x44\x44\x45\x44\x10\x03\x12\x0b\n\x07REMOVED\x10\x04"\xd4\x01\n\x16SetFindingStateRequest\x12;\n\x04name\x18\x01 \x01(\tB-\xe0\x41\x02\xfa\x41\'\n%securitycenter.googleapis.com/Finding\x12H\n\x05state\x18\x02 \x01(\x0e\x32\x34.google.cloud.securitycenter.v1p1beta1.Finding.StateB\x03\xe0\x41\x02\x12\x33\n\nstart_time\x18\x03 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x02"d\n\x18RunAssetDiscoveryRequest\x12H\n\x06parent\x18\x01 \x01(\tB8\xe0\x41\x02\xfa\x41\x32\n0cloudresourcemanager.googleapis.com/Organization"\x8d\x01\n\x14UpdateFindingRequest\x12\x44\n\x07\x66inding\x18\x01 \x01(\x0b\x32..google.cloud.securitycenter.v1p1beta1.FindingB\x03\xe0\x41\x02\x12/\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMask"\xaf\x01\n\x1fUpdateNotificationConfigRequest\x12[\n\x13notification_config\x18\x01 \x01(\x0b\x32\x39.google.cloud.securitycenter.v1p1beta1.NotificationConfigB\x03\xe0\x41\x02\x12/\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMask"\xb5\x01\n!UpdateOrganizationSettingsRequest\x12_\n\x15organization_settings\x18\x01 \x01(\x0b\x32;.google.cloud.securitycenter.v1p1beta1.OrganizationSettingsB\x03\xe0\x41\x02\x12/\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMask"\x8a\x01\n\x13UpdateSourceRequest\x12\x42\n\x06source\x18\x01 \x01(\x0b\x32-.google.cloud.securitycenter.v1p1beta1.SourceB\x03\xe0\x41\x02\x12/\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMask"\xd0\x01\n\x1aUpdateSecurityMarksRequest\x12Q\n\x0esecurity_marks\x18\x01 \x01(\x0b\x32\x34.google.cloud.securitycenter.v1p1beta1.SecurityMarksB\x03\xe0\x41\x02\x12/\n\x0bupdate_mask\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.FieldMask\x12.\n\nstart_time\x18\x03 \x01(\x0b\x32\x1a.google.protobuf.Timestamp2\x86+\n\x0eSecurityCenter\x12\xc6\x01\n\x0c\x43reateSource\x12:.google.cloud.securitycenter.v1p1beta1.CreateSourceRequest\x1a-.google.cloud.securitycenter.v1p1beta1.Source"K\x82\xd3\xe4\x93\x02\x35"+/v1p1beta1/{parent=organizations/*}/sources:\x06source\xda\x41\rparent,source\x12\xfd\x01\n\rCreateFinding\x12;.google.cloud.securitycenter.v1p1beta1.CreateFindingRequest\x1a..google.cloud.securitycenter.v1p1beta1.Finding"\x7f\x82\xd3\xe4\x93\x02\x41"6/v1p1beta1/{parent=organizations/*/sources/*}/findings:\x07\x66inding\xda\x41\x19parent,finding_id,finding\xda\x41\x19parent,finding,finding_id\x12\xb8\x02\n\x18\x43reateNotificationConfig\x12\x46.google.cloud.securitycenter.v1p1beta1.CreateNotificationConfigRequest\x1a\x39.google.cloud.securitycenter.v1p1beta1.NotificationConfig"\x98\x01\x82\xd3\xe4\x93\x02N"7/v1p1beta1/{parent=organizations/*}/notificationConfigs:\x13notification_config\xda\x41$parent,config_id,notification_config\xda\x41\x1aparent,notification_config\x12\xc2\x01\n\x18\x44\x65leteNotificationConfig\x12\x46.google.cloud.securitycenter.v1p1beta1.DeleteNotificationConfigRequest\x1a\x16.google.protobuf.Empty"F\x82\xd3\xe4\x93\x02\x39*7/v1p1beta1/{name=organizations/*/notificationConfigs/*}\xda\x41\x04name\x12\x9d\x01\n\x0cGetIamPolicy\x12".google.iam.v1.GetIamPolicyRequest\x1a\x15.google.iam.v1.Policy"R\x82\xd3\xe4\x93\x02\x41"/v1p1beta1/{finding.name=organizations/*/sources/*/findings/*}:\x07\x66inding\xda\x41\x07\x66inding\xda\x41\x13\x66inding,update_mask\x12\xc0\x02\n\x18UpdateNotificationConfig\x12\x46.google.cloud.securitycenter.v1p1beta1.UpdateNotificationConfigRequest\x1a\x39.google.cloud.securitycenter.v1p1beta1.NotificationConfig"\xa0\x01\x82\xd3\xe4\x93\x02\x62\x32K/v1p1beta1/{notification_config.name=organizations/*/notificationConfigs/*}:\x13notification_config\xda\x41\x13notification_config\xda\x41\x1fnotification_config,update_mask\x12\xa9\x02\n\x1aUpdateOrganizationSettings\x12H.google.cloud.securitycenter.v1p1beta1.UpdateOrganizationSettingsRequest\x1a;.google.cloud.securitycenter.v1p1beta1.OrganizationSettings"\x83\x01\x82\xd3\xe4\x93\x02\x65\x32L/v1p1beta1/{organization_settings.name=organizations/*/organizationSettings}:\x15organization_settings\xda\x41\x15organization_settings\x12\xdb\x01\n\x0cUpdateSource\x12:.google.cloud.securitycenter.v1p1beta1.UpdateSourceRequest\x1a-.google.cloud.securitycenter.v1p1beta1.Source"`\x82\xd3\xe4\x93\x02<22/v1p1beta1/{source.name=organizations/*/sources/*}:\x06source\xda\x41\x06source\xda\x41\x12source,update_mask\x12\x86\x03\n\x13UpdateSecurityMarks\x12\x41.google.cloud.securitycenter.v1p1beta1.UpdateSecurityMarksRequest\x1a\x34.google.cloud.securitycenter.v1p1beta1.SecurityMarks"\xf5\x01\x82\xd3\xe4\x93\x02\xc0\x01\x32G/v1p1beta1/{security_marks.name=organizations/*/assets/*/securityMarks}:\x0esecurity_marksZe2S/v1p1beta1/{security_marks.name=organizations/*/sources/*/findings/*/securityMarks}:\x0esecurity_marks\xda\x41\x0esecurity_marks\xda\x41\x1asecurity_marks,update_mask\x1aQ\xca\x41\x1dsecuritycenter.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platformB\xfd\x01\n)com.google.cloud.securitycenter.v1p1beta1P\x01ZSgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter\xaa\x02%Google.Cloud.SecurityCenter.V1P1Beta1\xca\x02%Google\\Cloud\\SecurityCenter\\V1p1beta1\xea\x02(Google::Cloud::SecurityCenter::V1p1beta1b\x06proto3' + ), + dependencies=[ + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_run__asset__discovery__response__pb2.DESCRIPTOR, + google_dot_api_dot_annotations__pb2.DESCRIPTOR, + google_dot_api_dot_client__pb2.DESCRIPTOR, + google_dot_api_dot_field__behavior__pb2.DESCRIPTOR, + google_dot_api_dot_resource__pb2.DESCRIPTOR, + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_asset__pb2.DESCRIPTOR, + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_finding__pb2.DESCRIPTOR, + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_notification__config__pb2.DESCRIPTOR, + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_organization__settings__pb2.DESCRIPTOR, + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_security__marks__pb2.DESCRIPTOR, + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_source__pb2.DESCRIPTOR, + google_dot_iam_dot_v1_dot_iam__policy__pb2.DESCRIPTOR, + google_dot_iam_dot_v1_dot_policy__pb2.DESCRIPTOR, + google_dot_longrunning_dot_operations__pb2.DESCRIPTOR, + google_dot_protobuf_dot_duration__pb2.DESCRIPTOR, + google_dot_protobuf_dot_empty__pb2.DESCRIPTOR, + google_dot_protobuf_dot_field__mask__pb2.DESCRIPTOR, + google_dot_protobuf_dot_struct__pb2.DESCRIPTOR, + google_dot_protobuf_dot_timestamp__pb2.DESCRIPTOR, + ], +) + + +_LISTASSETSRESPONSE_LISTASSETSRESULT_STATECHANGE = _descriptor.EnumDescriptor( + name="StateChange", + full_name="google.cloud.securitycenter.v1p1beta1.ListAssetsResponse.ListAssetsResult.StateChange", + filename=None, + file=DESCRIPTOR, + values=[ + _descriptor.EnumValueDescriptor( + name="UNUSED", index=0, number=0, serialized_options=None, type=None + ), + _descriptor.EnumValueDescriptor( + name="ADDED", index=1, number=1, serialized_options=None, type=None + ), + _descriptor.EnumValueDescriptor( + name="REMOVED", index=2, number=2, serialized_options=None, type=None + ), + _descriptor.EnumValueDescriptor( + name="ACTIVE", index=3, number=3, serialized_options=None, type=None + ), + ], + containing_type=None, + serialized_options=None, + serialized_start=4375, + serialized_end=4436, +) +_sym_db.RegisterEnumDescriptor(_LISTASSETSRESPONSE_LISTASSETSRESULT_STATECHANGE) + +_LISTFINDINGSRESPONSE_LISTFINDINGSRESULT_STATECHANGE = _descriptor.EnumDescriptor( + name="StateChange", + full_name="google.cloud.securitycenter.v1p1beta1.ListFindingsResponse.ListFindingsResult.StateChange", + filename=None, + file=DESCRIPTOR, + values=[ + _descriptor.EnumValueDescriptor( + name="UNUSED", index=0, number=0, serialized_options=None, type=None + ), + _descriptor.EnumValueDescriptor( + name="CHANGED", index=1, number=1, serialized_options=None, type=None + ), + _descriptor.EnumValueDescriptor( + name="UNCHANGED", index=2, number=2, serialized_options=None, type=None + ), + _descriptor.EnumValueDescriptor( + name="ADDED", index=3, number=3, serialized_options=None, type=None + ), + _descriptor.EnumValueDescriptor( + name="REMOVED", index=4, number=4, serialized_options=None, type=None + ), + ], + containing_type=None, + serialized_options=None, + serialized_start=5431, + serialized_end=5508, +) +_sym_db.RegisterEnumDescriptor(_LISTFINDINGSRESPONSE_LISTFINDINGSRESULT_STATECHANGE) + + +_CREATEFINDINGREQUEST = _descriptor.Descriptor( + name="CreateFindingRequest", + full_name="google.cloud.securitycenter.v1p1beta1.CreateFindingRequest", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="parent", + full_name="google.cloud.securitycenter.v1p1beta1.CreateFindingRequest.parent", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b( + "\340A\002\372A&\n$securitycenter.googleapis.com/Source" + ), + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="finding_id", + full_name="google.cloud.securitycenter.v1p1beta1.CreateFindingRequest.finding_id", + index=1, + number=2, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b("\340A\002"), + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="finding", + full_name="google.cloud.securitycenter.v1p1beta1.CreateFindingRequest.finding", + index=2, + number=3, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b("\340A\002"), + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=950, + serialized_end=1129, +) + + +_CREATENOTIFICATIONCONFIGREQUEST = _descriptor.Descriptor( + name="CreateNotificationConfigRequest", + full_name="google.cloud.securitycenter.v1p1beta1.CreateNotificationConfigRequest", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="parent", + full_name="google.cloud.securitycenter.v1p1beta1.CreateNotificationConfigRequest.parent", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b( + "\340A\002\372A2\n0cloudresourcemanager.googleapis.com/Organization" + ), + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="config_id", + full_name="google.cloud.securitycenter.v1p1beta1.CreateNotificationConfigRequest.config_id", + index=1, + number=2, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b("\340A\002"), + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="notification_config", + full_name="google.cloud.securitycenter.v1p1beta1.CreateNotificationConfigRequest.notification_config", + index=2, + number=3, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b("\340A\002"), + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=1132, + serialized_end=1356, +) + + +_CREATESOURCEREQUEST = _descriptor.Descriptor( + name="CreateSourceRequest", + full_name="google.cloud.securitycenter.v1p1beta1.CreateSourceRequest", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="parent", + full_name="google.cloud.securitycenter.v1p1beta1.CreateSourceRequest.parent", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b( + "\340A\002\372A2\n0cloudresourcemanager.googleapis.com/Organization" + ), + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="source", + full_name="google.cloud.securitycenter.v1p1beta1.CreateSourceRequest.source", + index=1, + number=2, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b("\340A\002"), + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=1359, + serialized_end=1522, +) + + +_DELETENOTIFICATIONCONFIGREQUEST = _descriptor.Descriptor( + name="DeleteNotificationConfigRequest", + full_name="google.cloud.securitycenter.v1p1beta1.DeleteNotificationConfigRequest", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="name", + full_name="google.cloud.securitycenter.v1p1beta1.DeleteNotificationConfigRequest.name", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b( + "\340A\002\372A2\n0securitycenter.googleapis.com/NotificationConfig" + ), + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=1524, + serialized_end=1629, +) + + +_GETNOTIFICATIONCONFIGREQUEST = _descriptor.Descriptor( + name="GetNotificationConfigRequest", + full_name="google.cloud.securitycenter.v1p1beta1.GetNotificationConfigRequest", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="name", + full_name="google.cloud.securitycenter.v1p1beta1.GetNotificationConfigRequest.name", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b( + "\340A\002\372A2\n0securitycenter.googleapis.com/NotificationConfig" + ), + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=1631, + serialized_end=1733, +) + + +_GETORGANIZATIONSETTINGSREQUEST = _descriptor.Descriptor( + name="GetOrganizationSettingsRequest", + full_name="google.cloud.securitycenter.v1p1beta1.GetOrganizationSettingsRequest", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="name", + full_name="google.cloud.securitycenter.v1p1beta1.GetOrganizationSettingsRequest.name", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b( + "\340A\002\372A4\n2securitycenter.googleapis.com/OrganizationSettings" + ), + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=1735, + serialized_end=1841, +) + + +_GETSOURCEREQUEST = _descriptor.Descriptor( + name="GetSourceRequest", + full_name="google.cloud.securitycenter.v1p1beta1.GetSourceRequest", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="name", + full_name="google.cloud.securitycenter.v1p1beta1.GetSourceRequest.name", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b( + "\340A\002\372A&\n$securitycenter.googleapis.com/Source" + ), + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=1843, + serialized_end=1921, +) + + +_GROUPASSETSREQUEST = _descriptor.Descriptor( + name="GroupAssetsRequest", + full_name="google.cloud.securitycenter.v1p1beta1.GroupAssetsRequest", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="parent", + full_name="google.cloud.securitycenter.v1p1beta1.GroupAssetsRequest.parent", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b( + "\340A\002\372A2\n0cloudresourcemanager.googleapis.com/Organization" + ), + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="filter", + full_name="google.cloud.securitycenter.v1p1beta1.GroupAssetsRequest.filter", + index=1, + number=2, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="group_by", + full_name="google.cloud.securitycenter.v1p1beta1.GroupAssetsRequest.group_by", + index=2, + number=3, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b("\340A\002"), + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="compare_duration", + full_name="google.cloud.securitycenter.v1p1beta1.GroupAssetsRequest.compare_duration", + index=3, + number=4, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="read_time", + full_name="google.cloud.securitycenter.v1p1beta1.GroupAssetsRequest.read_time", + index=4, + number=5, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="having", + full_name="google.cloud.securitycenter.v1p1beta1.GroupAssetsRequest.having", + index=5, + number=6, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="page_token", + full_name="google.cloud.securitycenter.v1p1beta1.GroupAssetsRequest.page_token", + index=6, + number=7, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="page_size", + full_name="google.cloud.securitycenter.v1p1beta1.GroupAssetsRequest.page_size", + index=7, + number=8, + type=5, + cpp_type=1, + label=1, + has_default_value=False, + default_value=0, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=1924, + serialized_end=2212, +) + + +_GROUPASSETSRESPONSE = _descriptor.Descriptor( + name="GroupAssetsResponse", + full_name="google.cloud.securitycenter.v1p1beta1.GroupAssetsResponse", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="group_by_results", + full_name="google.cloud.securitycenter.v1p1beta1.GroupAssetsResponse.group_by_results", + index=0, + number=1, + type=11, + cpp_type=10, + label=3, + has_default_value=False, + default_value=[], + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="read_time", + full_name="google.cloud.securitycenter.v1p1beta1.GroupAssetsResponse.read_time", + index=1, + number=2, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="next_page_token", + full_name="google.cloud.securitycenter.v1p1beta1.GroupAssetsResponse.next_page_token", + index=2, + number=3, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="total_size", + full_name="google.cloud.securitycenter.v1p1beta1.GroupAssetsResponse.total_size", + index=3, + number=4, + type=5, + cpp_type=1, + label=1, + has_default_value=False, + default_value=0, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=2215, + serialized_end=2406, +) + + +_GROUPFINDINGSREQUEST = _descriptor.Descriptor( + name="GroupFindingsRequest", + full_name="google.cloud.securitycenter.v1p1beta1.GroupFindingsRequest", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="parent", + full_name="google.cloud.securitycenter.v1p1beta1.GroupFindingsRequest.parent", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b( + "\340A\002\372A&\n$securitycenter.googleapis.com/Source" + ), + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="filter", + full_name="google.cloud.securitycenter.v1p1beta1.GroupFindingsRequest.filter", + index=1, + number=2, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="group_by", + full_name="google.cloud.securitycenter.v1p1beta1.GroupFindingsRequest.group_by", + index=2, + number=3, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b("\340A\002"), + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="read_time", + full_name="google.cloud.securitycenter.v1p1beta1.GroupFindingsRequest.read_time", + index=3, + number=4, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="compare_duration", + full_name="google.cloud.securitycenter.v1p1beta1.GroupFindingsRequest.compare_duration", + index=4, + number=5, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="having", + full_name="google.cloud.securitycenter.v1p1beta1.GroupFindingsRequest.having", + index=5, + number=6, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="page_token", + full_name="google.cloud.securitycenter.v1p1beta1.GroupFindingsRequest.page_token", + index=6, + number=7, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="page_size", + full_name="google.cloud.securitycenter.v1p1beta1.GroupFindingsRequest.page_size", + index=7, + number=8, + type=5, + cpp_type=1, + label=1, + has_default_value=False, + default_value=0, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=2409, + serialized_end=2687, +) + + +_GROUPFINDINGSRESPONSE = _descriptor.Descriptor( + name="GroupFindingsResponse", + full_name="google.cloud.securitycenter.v1p1beta1.GroupFindingsResponse", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="group_by_results", + full_name="google.cloud.securitycenter.v1p1beta1.GroupFindingsResponse.group_by_results", + index=0, + number=1, + type=11, + cpp_type=10, + label=3, + has_default_value=False, + default_value=[], + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="read_time", + full_name="google.cloud.securitycenter.v1p1beta1.GroupFindingsResponse.read_time", + index=1, + number=2, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="next_page_token", + full_name="google.cloud.securitycenter.v1p1beta1.GroupFindingsResponse.next_page_token", + index=2, + number=3, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="total_size", + full_name="google.cloud.securitycenter.v1p1beta1.GroupFindingsResponse.total_size", + index=3, + number=4, + type=5, + cpp_type=1, + label=1, + has_default_value=False, + default_value=0, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=2690, + serialized_end=2883, +) + + +_GROUPRESULT_PROPERTIESENTRY = _descriptor.Descriptor( + name="PropertiesEntry", + full_name="google.cloud.securitycenter.v1p1beta1.GroupResult.PropertiesEntry", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="key", + full_name="google.cloud.securitycenter.v1p1beta1.GroupResult.PropertiesEntry.key", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="value", + full_name="google.cloud.securitycenter.v1p1beta1.GroupResult.PropertiesEntry.value", + index=1, + number=2, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=_b("8\001"), + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=3004, + serialized_end=3077, +) + +_GROUPRESULT = _descriptor.Descriptor( + name="GroupResult", + full_name="google.cloud.securitycenter.v1p1beta1.GroupResult", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="properties", + full_name="google.cloud.securitycenter.v1p1beta1.GroupResult.properties", + index=0, + number=1, + type=11, + cpp_type=10, + label=3, + has_default_value=False, + default_value=[], + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="count", + full_name="google.cloud.securitycenter.v1p1beta1.GroupResult.count", + index=1, + number=2, + type=3, + cpp_type=2, + label=1, + has_default_value=False, + default_value=0, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[_GROUPRESULT_PROPERTIESENTRY,], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=2886, + serialized_end=3077, +) + + +_LISTNOTIFICATIONCONFIGSREQUEST = _descriptor.Descriptor( + name="ListNotificationConfigsRequest", + full_name="google.cloud.securitycenter.v1p1beta1.ListNotificationConfigsRequest", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="parent", + full_name="google.cloud.securitycenter.v1p1beta1.ListNotificationConfigsRequest.parent", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b( + "\340A\002\372A2\n0cloudresourcemanager.googleapis.com/Organization" + ), + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="page_token", + full_name="google.cloud.securitycenter.v1p1beta1.ListNotificationConfigsRequest.page_token", + index=1, + number=2, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="page_size", + full_name="google.cloud.securitycenter.v1p1beta1.ListNotificationConfigsRequest.page_size", + index=2, + number=3, + type=5, + cpp_type=1, + label=1, + has_default_value=False, + default_value=0, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=3080, + serialized_end=3225, +) + + +_LISTNOTIFICATIONCONFIGSRESPONSE = _descriptor.Descriptor( + name="ListNotificationConfigsResponse", + full_name="google.cloud.securitycenter.v1p1beta1.ListNotificationConfigsResponse", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="notification_configs", + full_name="google.cloud.securitycenter.v1p1beta1.ListNotificationConfigsResponse.notification_configs", + index=0, + number=1, + type=11, + cpp_type=10, + label=3, + has_default_value=False, + default_value=[], + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="next_page_token", + full_name="google.cloud.securitycenter.v1p1beta1.ListNotificationConfigsResponse.next_page_token", + index=1, + number=2, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=3228, + serialized_end=3375, +) + + +_LISTSOURCESREQUEST = _descriptor.Descriptor( + name="ListSourcesRequest", + full_name="google.cloud.securitycenter.v1p1beta1.ListSourcesRequest", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="parent", + full_name="google.cloud.securitycenter.v1p1beta1.ListSourcesRequest.parent", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b( + "\340A\002\372A2\n0cloudresourcemanager.googleapis.com/Organization" + ), + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="page_token", + full_name="google.cloud.securitycenter.v1p1beta1.ListSourcesRequest.page_token", + index=1, + number=2, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="page_size", + full_name="google.cloud.securitycenter.v1p1beta1.ListSourcesRequest.page_size", + index=2, + number=7, + type=5, + cpp_type=1, + label=1, + has_default_value=False, + default_value=0, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=3378, + serialized_end=3511, +) + + +_LISTSOURCESRESPONSE = _descriptor.Descriptor( + name="ListSourcesResponse", + full_name="google.cloud.securitycenter.v1p1beta1.ListSourcesResponse", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="sources", + full_name="google.cloud.securitycenter.v1p1beta1.ListSourcesResponse.sources", + index=0, + number=1, + type=11, + cpp_type=10, + label=3, + has_default_value=False, + default_value=[], + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="next_page_token", + full_name="google.cloud.securitycenter.v1p1beta1.ListSourcesResponse.next_page_token", + index=1, + number=2, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=3513, + serialized_end=3623, +) + + +_LISTASSETSREQUEST = _descriptor.Descriptor( + name="ListAssetsRequest", + full_name="google.cloud.securitycenter.v1p1beta1.ListAssetsRequest", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="parent", + full_name="google.cloud.securitycenter.v1p1beta1.ListAssetsRequest.parent", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b( + "\340A\002\372A2\n0cloudresourcemanager.googleapis.com/Organization" + ), + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="filter", + full_name="google.cloud.securitycenter.v1p1beta1.ListAssetsRequest.filter", + index=1, + number=2, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="order_by", + full_name="google.cloud.securitycenter.v1p1beta1.ListAssetsRequest.order_by", + index=2, + number=3, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="read_time", + full_name="google.cloud.securitycenter.v1p1beta1.ListAssetsRequest.read_time", + index=3, + number=4, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="compare_duration", + full_name="google.cloud.securitycenter.v1p1beta1.ListAssetsRequest.compare_duration", + index=4, + number=5, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="having", + full_name="google.cloud.securitycenter.v1p1beta1.ListAssetsRequest.having", + index=5, + number=6, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="field_mask", + full_name="google.cloud.securitycenter.v1p1beta1.ListAssetsRequest.field_mask", + index=6, + number=7, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b("\340A\001"), + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="page_token", + full_name="google.cloud.securitycenter.v1p1beta1.ListAssetsRequest.page_token", + index=7, + number=8, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="page_size", + full_name="google.cloud.securitycenter.v1p1beta1.ListAssetsRequest.page_size", + index=8, + number=9, + type=5, + cpp_type=1, + label=1, + has_default_value=False, + default_value=0, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=3626, + serialized_end=3961, +) + + +_LISTASSETSRESPONSE_LISTASSETSRESULT = _descriptor.Descriptor( + name="ListAssetsResult", + full_name="google.cloud.securitycenter.v1p1beta1.ListAssetsResponse.ListAssetsResult", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="asset", + full_name="google.cloud.securitycenter.v1p1beta1.ListAssetsResponse.ListAssetsResult.asset", + index=0, + number=1, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="state_change", + full_name="google.cloud.securitycenter.v1p1beta1.ListAssetsResponse.ListAssetsResult.state_change", + index=1, + number=2, + type=14, + cpp_type=8, + label=1, + has_default_value=False, + default_value=0, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[_LISTASSETSRESPONSE_LISTASSETSRESULT_STATECHANGE,], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=4184, + serialized_end=4436, +) + +_LISTASSETSRESPONSE = _descriptor.Descriptor( + name="ListAssetsResponse", + full_name="google.cloud.securitycenter.v1p1beta1.ListAssetsResponse", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="list_assets_results", + full_name="google.cloud.securitycenter.v1p1beta1.ListAssetsResponse.list_assets_results", + index=0, + number=1, + type=11, + cpp_type=10, + label=3, + has_default_value=False, + default_value=[], + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="read_time", + full_name="google.cloud.securitycenter.v1p1beta1.ListAssetsResponse.read_time", + index=1, + number=2, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="next_page_token", + full_name="google.cloud.securitycenter.v1p1beta1.ListAssetsResponse.next_page_token", + index=2, + number=3, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="total_size", + full_name="google.cloud.securitycenter.v1p1beta1.ListAssetsResponse.total_size", + index=3, + number=4, + type=5, + cpp_type=1, + label=1, + has_default_value=False, + default_value=0, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[_LISTASSETSRESPONSE_LISTASSETSRESULT,], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=3964, + serialized_end=4436, +) + + +_LISTFINDINGSREQUEST = _descriptor.Descriptor( + name="ListFindingsRequest", + full_name="google.cloud.securitycenter.v1p1beta1.ListFindingsRequest", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="parent", + full_name="google.cloud.securitycenter.v1p1beta1.ListFindingsRequest.parent", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b( + "\340A\002\372A&\n$securitycenter.googleapis.com/Source" + ), + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="filter", + full_name="google.cloud.securitycenter.v1p1beta1.ListFindingsRequest.filter", + index=1, + number=2, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="order_by", + full_name="google.cloud.securitycenter.v1p1beta1.ListFindingsRequest.order_by", + index=2, + number=3, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="read_time", + full_name="google.cloud.securitycenter.v1p1beta1.ListFindingsRequest.read_time", + index=3, + number=4, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="compare_duration", + full_name="google.cloud.securitycenter.v1p1beta1.ListFindingsRequest.compare_duration", + index=4, + number=5, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="having", + full_name="google.cloud.securitycenter.v1p1beta1.ListFindingsRequest.having", + index=5, + number=6, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="field_mask", + full_name="google.cloud.securitycenter.v1p1beta1.ListFindingsRequest.field_mask", + index=6, + number=7, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b("\340A\001"), + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="page_token", + full_name="google.cloud.securitycenter.v1p1beta1.ListFindingsRequest.page_token", + index=7, + number=8, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="page_size", + full_name="google.cloud.securitycenter.v1p1beta1.ListFindingsRequest.page_size", + index=8, + number=9, + type=5, + cpp_type=1, + label=1, + has_default_value=False, + default_value=0, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=4439, + serialized_end=4764, +) + + +_LISTFINDINGSRESPONSE_LISTFINDINGSRESULT_RESOURCE = _descriptor.Descriptor( + name="Resource", + full_name="google.cloud.securitycenter.v1p1beta1.ListFindingsResponse.ListFindingsResult.Resource", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="name", + full_name="google.cloud.securitycenter.v1p1beta1.ListFindingsResponse.ListFindingsResult.Resource.name", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="project_name", + full_name="google.cloud.securitycenter.v1p1beta1.ListFindingsResponse.ListFindingsResult.Resource.project_name", + index=1, + number=2, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="project_display_name", + full_name="google.cloud.securitycenter.v1p1beta1.ListFindingsResponse.ListFindingsResult.Resource.project_display_name", + index=2, + number=3, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="parent_name", + full_name="google.cloud.securitycenter.v1p1beta1.ListFindingsResponse.ListFindingsResult.Resource.parent_name", + index=3, + number=4, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="parent_display_name", + full_name="google.cloud.securitycenter.v1p1beta1.ListFindingsResponse.ListFindingsResult.Resource.parent_display_name", + index=4, + number=5, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=5303, + serialized_end=5429, +) + +_LISTFINDINGSRESPONSE_LISTFINDINGSRESULT = _descriptor.Descriptor( + name="ListFindingsResult", + full_name="google.cloud.securitycenter.v1p1beta1.ListFindingsResponse.ListFindingsResult", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="finding", + full_name="google.cloud.securitycenter.v1p1beta1.ListFindingsResponse.ListFindingsResult.finding", + index=0, + number=1, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="state_change", + full_name="google.cloud.securitycenter.v1p1beta1.ListFindingsResponse.ListFindingsResult.state_change", + index=1, + number=2, + type=14, + cpp_type=8, + label=1, + has_default_value=False, + default_value=0, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="resource", + full_name="google.cloud.securitycenter.v1p1beta1.ListFindingsResponse.ListFindingsResult.resource", + index=2, + number=3, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[_LISTFINDINGSRESPONSE_LISTFINDINGSRESULT_RESOURCE,], + enum_types=[_LISTFINDINGSRESPONSE_LISTFINDINGSRESULT_STATECHANGE,], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=4995, + serialized_end=5508, +) + +_LISTFINDINGSRESPONSE = _descriptor.Descriptor( + name="ListFindingsResponse", + full_name="google.cloud.securitycenter.v1p1beta1.ListFindingsResponse", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="list_findings_results", + full_name="google.cloud.securitycenter.v1p1beta1.ListFindingsResponse.list_findings_results", + index=0, + number=1, + type=11, + cpp_type=10, + label=3, + has_default_value=False, + default_value=[], + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="read_time", + full_name="google.cloud.securitycenter.v1p1beta1.ListFindingsResponse.read_time", + index=1, + number=2, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="next_page_token", + full_name="google.cloud.securitycenter.v1p1beta1.ListFindingsResponse.next_page_token", + index=2, + number=3, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="total_size", + full_name="google.cloud.securitycenter.v1p1beta1.ListFindingsResponse.total_size", + index=3, + number=4, + type=5, + cpp_type=1, + label=1, + has_default_value=False, + default_value=0, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[_LISTFINDINGSRESPONSE_LISTFINDINGSRESULT,], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=4767, + serialized_end=5508, +) + + +_SETFINDINGSTATEREQUEST = _descriptor.Descriptor( + name="SetFindingStateRequest", + full_name="google.cloud.securitycenter.v1p1beta1.SetFindingStateRequest", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="name", + full_name="google.cloud.securitycenter.v1p1beta1.SetFindingStateRequest.name", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b( + "\340A\002\372A'\n%securitycenter.googleapis.com/Finding" + ), + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="state", + full_name="google.cloud.securitycenter.v1p1beta1.SetFindingStateRequest.state", + index=1, + number=2, + type=14, + cpp_type=8, + label=1, + has_default_value=False, + default_value=0, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b("\340A\002"), + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="start_time", + full_name="google.cloud.securitycenter.v1p1beta1.SetFindingStateRequest.start_time", + index=2, + number=3, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b("\340A\002"), + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=5511, + serialized_end=5723, +) + + +_RUNASSETDISCOVERYREQUEST = _descriptor.Descriptor( + name="RunAssetDiscoveryRequest", + full_name="google.cloud.securitycenter.v1p1beta1.RunAssetDiscoveryRequest", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="parent", + full_name="google.cloud.securitycenter.v1p1beta1.RunAssetDiscoveryRequest.parent", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b( + "\340A\002\372A2\n0cloudresourcemanager.googleapis.com/Organization" + ), + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=5725, + serialized_end=5825, +) + + +_UPDATEFINDINGREQUEST = _descriptor.Descriptor( + name="UpdateFindingRequest", + full_name="google.cloud.securitycenter.v1p1beta1.UpdateFindingRequest", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="finding", + full_name="google.cloud.securitycenter.v1p1beta1.UpdateFindingRequest.finding", + index=0, + number=1, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b("\340A\002"), + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="update_mask", + full_name="google.cloud.securitycenter.v1p1beta1.UpdateFindingRequest.update_mask", + index=1, + number=2, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=5828, + serialized_end=5969, +) + + +_UPDATENOTIFICATIONCONFIGREQUEST = _descriptor.Descriptor( + name="UpdateNotificationConfigRequest", + full_name="google.cloud.securitycenter.v1p1beta1.UpdateNotificationConfigRequest", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="notification_config", + full_name="google.cloud.securitycenter.v1p1beta1.UpdateNotificationConfigRequest.notification_config", + index=0, + number=1, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b("\340A\002"), + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="update_mask", + full_name="google.cloud.securitycenter.v1p1beta1.UpdateNotificationConfigRequest.update_mask", + index=1, + number=2, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=5972, + serialized_end=6147, +) + + +_UPDATEORGANIZATIONSETTINGSREQUEST = _descriptor.Descriptor( + name="UpdateOrganizationSettingsRequest", + full_name="google.cloud.securitycenter.v1p1beta1.UpdateOrganizationSettingsRequest", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="organization_settings", + full_name="google.cloud.securitycenter.v1p1beta1.UpdateOrganizationSettingsRequest.organization_settings", + index=0, + number=1, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b("\340A\002"), + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="update_mask", + full_name="google.cloud.securitycenter.v1p1beta1.UpdateOrganizationSettingsRequest.update_mask", + index=1, + number=2, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=6150, + serialized_end=6331, +) + + +_UPDATESOURCEREQUEST = _descriptor.Descriptor( + name="UpdateSourceRequest", + full_name="google.cloud.securitycenter.v1p1beta1.UpdateSourceRequest", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="source", + full_name="google.cloud.securitycenter.v1p1beta1.UpdateSourceRequest.source", + index=0, + number=1, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b("\340A\002"), + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="update_mask", + full_name="google.cloud.securitycenter.v1p1beta1.UpdateSourceRequest.update_mask", + index=1, + number=2, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=6334, + serialized_end=6472, +) + + +_UPDATESECURITYMARKSREQUEST = _descriptor.Descriptor( + name="UpdateSecurityMarksRequest", + full_name="google.cloud.securitycenter.v1p1beta1.UpdateSecurityMarksRequest", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="security_marks", + full_name="google.cloud.securitycenter.v1p1beta1.UpdateSecurityMarksRequest.security_marks", + index=0, + number=1, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=_b("\340A\002"), + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="update_mask", + full_name="google.cloud.securitycenter.v1p1beta1.UpdateSecurityMarksRequest.update_mask", + index=1, + number=2, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="start_time", + full_name="google.cloud.securitycenter.v1p1beta1.UpdateSecurityMarksRequest.start_time", + index=2, + number=3, + type=11, + cpp_type=10, + label=1, + has_default_value=False, + default_value=None, + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=None, + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=6475, + serialized_end=6683, +) + +_CREATEFINDINGREQUEST.fields_by_name[ + "finding" +].message_type = ( + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_finding__pb2._FINDING +) +_CREATENOTIFICATIONCONFIGREQUEST.fields_by_name[ + "notification_config" +].message_type = ( + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_notification__config__pb2._NOTIFICATIONCONFIG +) +_CREATESOURCEREQUEST.fields_by_name[ + "source" +].message_type = ( + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_source__pb2._SOURCE +) +_GROUPASSETSREQUEST.fields_by_name[ + "compare_duration" +].message_type = google_dot_protobuf_dot_duration__pb2._DURATION +_GROUPASSETSREQUEST.fields_by_name[ + "read_time" +].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP +_GROUPASSETSRESPONSE.fields_by_name["group_by_results"].message_type = _GROUPRESULT +_GROUPASSETSRESPONSE.fields_by_name[ + "read_time" +].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP +_GROUPFINDINGSREQUEST.fields_by_name[ + "read_time" +].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP +_GROUPFINDINGSREQUEST.fields_by_name[ + "compare_duration" +].message_type = google_dot_protobuf_dot_duration__pb2._DURATION +_GROUPFINDINGSRESPONSE.fields_by_name["group_by_results"].message_type = _GROUPRESULT +_GROUPFINDINGSRESPONSE.fields_by_name[ + "read_time" +].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP +_GROUPRESULT_PROPERTIESENTRY.fields_by_name[ + "value" +].message_type = google_dot_protobuf_dot_struct__pb2._VALUE +_GROUPRESULT_PROPERTIESENTRY.containing_type = _GROUPRESULT +_GROUPRESULT.fields_by_name["properties"].message_type = _GROUPRESULT_PROPERTIESENTRY +_LISTNOTIFICATIONCONFIGSRESPONSE.fields_by_name[ + "notification_configs" +].message_type = ( + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_notification__config__pb2._NOTIFICATIONCONFIG +) +_LISTSOURCESRESPONSE.fields_by_name[ + "sources" +].message_type = ( + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_source__pb2._SOURCE +) +_LISTASSETSREQUEST.fields_by_name[ + "read_time" +].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP +_LISTASSETSREQUEST.fields_by_name[ + "compare_duration" +].message_type = google_dot_protobuf_dot_duration__pb2._DURATION +_LISTASSETSREQUEST.fields_by_name[ + "field_mask" +].message_type = google_dot_protobuf_dot_field__mask__pb2._FIELDMASK +_LISTASSETSRESPONSE_LISTASSETSRESULT.fields_by_name[ + "asset" +].message_type = ( + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_asset__pb2._ASSET +) +_LISTASSETSRESPONSE_LISTASSETSRESULT.fields_by_name[ + "state_change" +].enum_type = _LISTASSETSRESPONSE_LISTASSETSRESULT_STATECHANGE +_LISTASSETSRESPONSE_LISTASSETSRESULT.containing_type = _LISTASSETSRESPONSE +_LISTASSETSRESPONSE_LISTASSETSRESULT_STATECHANGE.containing_type = ( + _LISTASSETSRESPONSE_LISTASSETSRESULT +) +_LISTASSETSRESPONSE.fields_by_name[ + "list_assets_results" +].message_type = _LISTASSETSRESPONSE_LISTASSETSRESULT +_LISTASSETSRESPONSE.fields_by_name[ + "read_time" +].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP +_LISTFINDINGSREQUEST.fields_by_name[ + "read_time" +].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP +_LISTFINDINGSREQUEST.fields_by_name[ + "compare_duration" +].message_type = google_dot_protobuf_dot_duration__pb2._DURATION +_LISTFINDINGSREQUEST.fields_by_name[ + "field_mask" +].message_type = google_dot_protobuf_dot_field__mask__pb2._FIELDMASK +_LISTFINDINGSRESPONSE_LISTFINDINGSRESULT_RESOURCE.containing_type = ( + _LISTFINDINGSRESPONSE_LISTFINDINGSRESULT +) +_LISTFINDINGSRESPONSE_LISTFINDINGSRESULT.fields_by_name[ + "finding" +].message_type = ( + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_finding__pb2._FINDING +) +_LISTFINDINGSRESPONSE_LISTFINDINGSRESULT.fields_by_name[ + "state_change" +].enum_type = _LISTFINDINGSRESPONSE_LISTFINDINGSRESULT_STATECHANGE +_LISTFINDINGSRESPONSE_LISTFINDINGSRESULT.fields_by_name[ + "resource" +].message_type = _LISTFINDINGSRESPONSE_LISTFINDINGSRESULT_RESOURCE +_LISTFINDINGSRESPONSE_LISTFINDINGSRESULT.containing_type = _LISTFINDINGSRESPONSE +_LISTFINDINGSRESPONSE_LISTFINDINGSRESULT_STATECHANGE.containing_type = ( + _LISTFINDINGSRESPONSE_LISTFINDINGSRESULT +) +_LISTFINDINGSRESPONSE.fields_by_name[ + "list_findings_results" +].message_type = _LISTFINDINGSRESPONSE_LISTFINDINGSRESULT +_LISTFINDINGSRESPONSE.fields_by_name[ + "read_time" +].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP +_SETFINDINGSTATEREQUEST.fields_by_name[ + "state" +].enum_type = ( + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_finding__pb2._FINDING_STATE +) +_SETFINDINGSTATEREQUEST.fields_by_name[ + "start_time" +].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP +_UPDATEFINDINGREQUEST.fields_by_name[ + "finding" +].message_type = ( + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_finding__pb2._FINDING +) +_UPDATEFINDINGREQUEST.fields_by_name[ + "update_mask" +].message_type = google_dot_protobuf_dot_field__mask__pb2._FIELDMASK +_UPDATENOTIFICATIONCONFIGREQUEST.fields_by_name[ + "notification_config" +].message_type = ( + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_notification__config__pb2._NOTIFICATIONCONFIG +) +_UPDATENOTIFICATIONCONFIGREQUEST.fields_by_name[ + "update_mask" +].message_type = google_dot_protobuf_dot_field__mask__pb2._FIELDMASK +_UPDATEORGANIZATIONSETTINGSREQUEST.fields_by_name[ + "organization_settings" +].message_type = ( + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_organization__settings__pb2._ORGANIZATIONSETTINGS +) +_UPDATEORGANIZATIONSETTINGSREQUEST.fields_by_name[ + "update_mask" +].message_type = google_dot_protobuf_dot_field__mask__pb2._FIELDMASK +_UPDATESOURCEREQUEST.fields_by_name[ + "source" +].message_type = ( + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_source__pb2._SOURCE +) +_UPDATESOURCEREQUEST.fields_by_name[ + "update_mask" +].message_type = google_dot_protobuf_dot_field__mask__pb2._FIELDMASK +_UPDATESECURITYMARKSREQUEST.fields_by_name[ + "security_marks" +].message_type = ( + google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_security__marks__pb2._SECURITYMARKS +) +_UPDATESECURITYMARKSREQUEST.fields_by_name[ + "update_mask" +].message_type = google_dot_protobuf_dot_field__mask__pb2._FIELDMASK +_UPDATESECURITYMARKSREQUEST.fields_by_name[ + "start_time" +].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP +DESCRIPTOR.message_types_by_name["CreateFindingRequest"] = _CREATEFINDINGREQUEST +DESCRIPTOR.message_types_by_name[ + "CreateNotificationConfigRequest" +] = _CREATENOTIFICATIONCONFIGREQUEST +DESCRIPTOR.message_types_by_name["CreateSourceRequest"] = _CREATESOURCEREQUEST +DESCRIPTOR.message_types_by_name[ + "DeleteNotificationConfigRequest" +] = _DELETENOTIFICATIONCONFIGREQUEST +DESCRIPTOR.message_types_by_name[ + "GetNotificationConfigRequest" +] = _GETNOTIFICATIONCONFIGREQUEST +DESCRIPTOR.message_types_by_name[ + "GetOrganizationSettingsRequest" +] = _GETORGANIZATIONSETTINGSREQUEST +DESCRIPTOR.message_types_by_name["GetSourceRequest"] = _GETSOURCEREQUEST +DESCRIPTOR.message_types_by_name["GroupAssetsRequest"] = _GROUPASSETSREQUEST +DESCRIPTOR.message_types_by_name["GroupAssetsResponse"] = _GROUPASSETSRESPONSE +DESCRIPTOR.message_types_by_name["GroupFindingsRequest"] = _GROUPFINDINGSREQUEST +DESCRIPTOR.message_types_by_name["GroupFindingsResponse"] = _GROUPFINDINGSRESPONSE +DESCRIPTOR.message_types_by_name["GroupResult"] = _GROUPRESULT +DESCRIPTOR.message_types_by_name[ + "ListNotificationConfigsRequest" +] = _LISTNOTIFICATIONCONFIGSREQUEST +DESCRIPTOR.message_types_by_name[ + "ListNotificationConfigsResponse" +] = _LISTNOTIFICATIONCONFIGSRESPONSE +DESCRIPTOR.message_types_by_name["ListSourcesRequest"] = _LISTSOURCESREQUEST +DESCRIPTOR.message_types_by_name["ListSourcesResponse"] = _LISTSOURCESRESPONSE +DESCRIPTOR.message_types_by_name["ListAssetsRequest"] = _LISTASSETSREQUEST +DESCRIPTOR.message_types_by_name["ListAssetsResponse"] = _LISTASSETSRESPONSE +DESCRIPTOR.message_types_by_name["ListFindingsRequest"] = _LISTFINDINGSREQUEST +DESCRIPTOR.message_types_by_name["ListFindingsResponse"] = _LISTFINDINGSRESPONSE +DESCRIPTOR.message_types_by_name["SetFindingStateRequest"] = _SETFINDINGSTATEREQUEST +DESCRIPTOR.message_types_by_name["RunAssetDiscoveryRequest"] = _RUNASSETDISCOVERYREQUEST +DESCRIPTOR.message_types_by_name["UpdateFindingRequest"] = _UPDATEFINDINGREQUEST +DESCRIPTOR.message_types_by_name[ + "UpdateNotificationConfigRequest" +] = _UPDATENOTIFICATIONCONFIGREQUEST +DESCRIPTOR.message_types_by_name[ + "UpdateOrganizationSettingsRequest" +] = _UPDATEORGANIZATIONSETTINGSREQUEST +DESCRIPTOR.message_types_by_name["UpdateSourceRequest"] = _UPDATESOURCEREQUEST +DESCRIPTOR.message_types_by_name[ + "UpdateSecurityMarksRequest" +] = _UPDATESECURITYMARKSREQUEST +_sym_db.RegisterFileDescriptor(DESCRIPTOR) + +CreateFindingRequest = _reflection.GeneratedProtocolMessageType( + "CreateFindingRequest", + (_message.Message,), + dict( + DESCRIPTOR=_CREATEFINDINGREQUEST, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Request message for creating a finding. + + + Attributes: + parent: + Required. Resource name of the new finding's parent. Its + format should be + "organizations/[organization\_id]/sources/[source\_id]". + finding_id: + Required. Unique identifier provided by the client within the + parent scope. It must be alphanumeric and less than or equal + to 32 characters and greater than 0 characters in length. + finding: + Required. The Finding being created. The name and + security\_marks will be ignored as they are both output only + fields on this resource. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.CreateFindingRequest) + ), +) +_sym_db.RegisterMessage(CreateFindingRequest) + +CreateNotificationConfigRequest = _reflection.GeneratedProtocolMessageType( + "CreateNotificationConfigRequest", + (_message.Message,), + dict( + DESCRIPTOR=_CREATENOTIFICATIONCONFIGREQUEST, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Request message for creating a notification config. + + + Attributes: + parent: + Required. Resource name of the new notification config's + parent. Its format is "organizations/[organization\_id]". + config_id: + Required. Unique identifier provided by the client within the + parent scope. It must be between 1 and 128 characters, and + contains alphanumeric characters, underscores or hyphens only. + notification_config: + Required. The notification config being created. The name and + the service account will be ignored as they are both output + only fields on this resource. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.CreateNotificationConfigRequest) + ), +) +_sym_db.RegisterMessage(CreateNotificationConfigRequest) + +CreateSourceRequest = _reflection.GeneratedProtocolMessageType( + "CreateSourceRequest", + (_message.Message,), + dict( + DESCRIPTOR=_CREATESOURCEREQUEST, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Request message for creating a source. + + + Attributes: + parent: + Required. Resource name of the new source's parent. Its format + should be "organizations/[organization\_id]". + source: + Required. The Source being created, only the display\_name and + description will be used. All other fields will be ignored. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.CreateSourceRequest) + ), +) +_sym_db.RegisterMessage(CreateSourceRequest) + +DeleteNotificationConfigRequest = _reflection.GeneratedProtocolMessageType( + "DeleteNotificationConfigRequest", + (_message.Message,), + dict( + DESCRIPTOR=_DELETENOTIFICATIONCONFIGREQUEST, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Request message for deleting a notification config. + + + Attributes: + name: + Required. Name of the notification config to delete. Its + format is "organizations/[organization\_id]/notificationConfig + s/[config\_id]". + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.DeleteNotificationConfigRequest) + ), +) +_sym_db.RegisterMessage(DeleteNotificationConfigRequest) + +GetNotificationConfigRequest = _reflection.GeneratedProtocolMessageType( + "GetNotificationConfigRequest", + (_message.Message,), + dict( + DESCRIPTOR=_GETNOTIFICATIONCONFIGREQUEST, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Request message for getting a notification config. + + + Attributes: + name: + Required. Name of the notification config to get. Its format + is "organizations/[organization\_id]/notificationConfigs/[conf + ig\_id]". + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.GetNotificationConfigRequest) + ), +) +_sym_db.RegisterMessage(GetNotificationConfigRequest) + +GetOrganizationSettingsRequest = _reflection.GeneratedProtocolMessageType( + "GetOrganizationSettingsRequest", + (_message.Message,), + dict( + DESCRIPTOR=_GETORGANIZATIONSETTINGSREQUEST, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Request message for getting organization settings. + + + Attributes: + name: + Required. Name of the organization to get organization + settings for. Its format is + "organizations/[organization\_id]/organizationSettings". + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.GetOrganizationSettingsRequest) + ), +) +_sym_db.RegisterMessage(GetOrganizationSettingsRequest) + +GetSourceRequest = _reflection.GeneratedProtocolMessageType( + "GetSourceRequest", + (_message.Message,), + dict( + DESCRIPTOR=_GETSOURCEREQUEST, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Request message for getting a source. + + + Attributes: + name: + Required. Relative resource name of the source. Its format is + "organizations/[organization\_id]/source/[source\_id]". + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.GetSourceRequest) + ), +) +_sym_db.RegisterMessage(GetSourceRequest) + +GroupAssetsRequest = _reflection.GeneratedProtocolMessageType( + "GroupAssetsRequest", + (_message.Message,), + dict( + DESCRIPTOR=_GROUPASSETSREQUEST, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Request message for grouping by assets. + + + Attributes: + parent: + Required. Name of the organization to groupBy. Its format is + "organizations/[organization\_id]". + filter: + Expression that defines the filter to apply across assets. The + expression is a list of zero or more restrictions combined via + logical operators ``AND`` and ``OR``. Parentheses are + supported, and ``OR`` has higher precedence than ``AND``. + Restrictions have the form `` `` and + may have a ``-`` character in front of them to indicate + negation. The fields map to those defined in the Asset + resource. Examples include: - name - + security\_center\_properties.resource\_name - + resource\_properties.a\_property - + security\_marks.marks.marka The supported operators are: - + ``=`` for all value types. - ``>``, ``<``, ``>=``, ``<=`` for + integer values. - ``:``, meaning substring matching, for + strings. The supported value types are: - string literals + in quotes. - integer literals without quotes. - boolean + literals ``true`` and ``false`` without quotes. The following + field and operator combinations are supported: - name: ``=`` + - update\_time: ``=``, ``>``, ``<``, ``>=``, ``<=`` Usage: + This should be milliseconds since epoch or an RFC3339 string. + Examples: "update\_time = "2019-06-10T16:07:18-07:00"" + "update\_time = 1560208038000" - create\_time: ``=``, ``>``, + ``<``, ``>=``, ``<=`` Usage: This should be milliseconds + since epoch or an RFC3339 string. Examples: "create\_time = + "2019-06-10T16:07:18-07:00"" "create\_time = 1560208038000" - + iam\_policy.policy\_blob: ``=``, ``:`` - + resource\_properties: ``=``, ``:``, ``>``, ``<``, ``>=``, + ``<=`` - security\_marks.marks: ``=``, ``:`` - + security\_center\_properties.resource\_name: ``=``, ``:`` - + security\_center\_properties.resource\_name\_display\_name: + ``=``, ``:`` - + security\_center\_properties.resource\_type: ``=``, ``:`` - + security\_center\_properties.resource\_parent: ``=``, ``:`` - + security\_center\_properties.resource\_parent\_display\_name: + ``=``, ``:`` - + security\_center\_properties.resource\_project: ``=``, ``:`` - + security\_center\_properties.resource\_project\_display\_name: + ``=``, ``:`` - + security\_center\_properties.resource\_owners: ``=``, ``:`` + For example, ``resource_properties.size = 100`` is a valid + filter string. + group_by: + Required. Expression that defines what assets fields to use + for grouping. The string value should follow SQL syntax: comma + separated list of fields. For example: "security\_center\_prop + erties.resource\_project,security\_center\_properties.project" + . The following fields are supported when compare\_duration + is not set: - security\_center\_properties.resource\_project + - + security\_center\_properties.resource\_project\_display\_name + - security\_center\_properties.resource\_type - + security\_center\_properties.resource\_parent - + security\_center\_properties.resource\_parent\_display\_name + The following fields are supported when compare\_duration is + set: - security\_center\_properties.resource\_type - + security\_center\_properties.resource\_project\_display\_name + - + security\_center\_properties.resource\_parent\_display\_name + compare_duration: + When compare\_duration is set, the GroupResult's + "state\_change" property is updated to indicate whether the + asset was added, removed, or remained present during the + compare\_duration period of time that precedes the read\_time. + This is the time between (read\_time - compare\_duration) and + read\_time. The state change value is derived based on the + presence of the asset at the two points in time. Intermediate + state changes between the two times don't affect the result. + For example, the results aren't affected if the asset is + removed and re-created again. Possible "state\_change" values + when compare\_duration is specified: - "ADDED": indicates + that the asset was not present at the start of + compare\_duration, but present at reference\_time. - + "REMOVED": indicates that the asset was present at the start + of compare\_duration, but not present at reference\_time. - + "ACTIVE": indicates that the asset was present at both the + start and the end of the time period defined by + compare\_duration and reference\_time. If + compare\_duration is not specified, then the only possible + state\_change is "UNUSED", which will be the state\_change set + for all assets present at read\_time. If this field is set + then ``state_change`` must be a specified field in + ``group_by``. + read_time: + Time used as a reference point when filtering assets. The + filter is limited to assets existing at the supplied time and + their values are those at that specific time. Absence of this + field will default to the API's version of NOW. + having: + Filter that specifies what fields to further filter on *after* + the query filter has been executed. Currently only + ``state_change`` is supported and requires compare\_duration + to be specified. + page_token: + The value returned by the last ``GroupAssetsResponse``; + indicates that this is a continuation of a prior + ``GroupAssets`` call, and that the system should return the + next page of data. + page_size: + The maximum number of results to return in a single response. + Default is 10, minimum is 1, maximum is 1000. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.GroupAssetsRequest) + ), +) +_sym_db.RegisterMessage(GroupAssetsRequest) + +GroupAssetsResponse = _reflection.GeneratedProtocolMessageType( + "GroupAssetsResponse", + (_message.Message,), + dict( + DESCRIPTOR=_GROUPASSETSRESPONSE, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Response message for grouping by assets. + + + Attributes: + group_by_results: + Group results. There exists an element for each existing + unique combination of property/values. The element contains a + count for the number of times those specific property/values + appear. + read_time: + Time used for executing the groupBy request. + next_page_token: + Token to retrieve the next page of results, or empty if there + are no more results. + total_size: + The total number of results matching the query. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.GroupAssetsResponse) + ), +) +_sym_db.RegisterMessage(GroupAssetsResponse) + +GroupFindingsRequest = _reflection.GeneratedProtocolMessageType( + "GroupFindingsRequest", + (_message.Message,), + dict( + DESCRIPTOR=_GROUPFINDINGSREQUEST, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Request message for grouping by findings. + + + Attributes: + parent: + Required. Name of the source to groupBy. Its format is + "organizations/[organization\_id]/sources/[source\_id]". To + groupBy across all sources provide a source\_id of ``-``. For + example: organizations/{organization\_id}/sources/- + filter: + Expression that defines the filter to apply across findings. + The expression is a list of one or more restrictions combined + via logical operators ``AND`` and ``OR``. Parentheses are + supported, and ``OR`` has higher precedence than ``AND``. + Restrictions have the form `` `` and + may have a ``-`` character in front of them to indicate + negation. Examples include: - name - + source\_properties.a\_property - security\_marks.marks.marka + The supported operators are: - ``=`` for all value types. - + ``>``, ``<``, ``>=``, ``<=`` for integer values. - ``:``, + meaning substring matching, for strings. The supported value + types are: - string literals in quotes. - integer literals + without quotes. - boolean literals ``true`` and ``false`` + without quotes. The following field and operator combinations + are supported: - name: ``=`` - parent: ``=``, ``:`` - + resource\_name: ``=``, ``:`` - state: ``=``, ``:`` - + category: ``=``, ``:`` - external\_uri: ``=``, ``:`` - + event\_time: ``=``, ``>``, ``<``, ``>=``, ``<=`` Usage: This + should be milliseconds since epoch or an RFC3339 string. + Examples: "event\_time = "2019-06-10T16:07:18-07:00"" + "event\_time = 1560208038000" - security\_marks.marks: + ``=``, ``:`` - source\_properties: ``=``, ``:``, ``>``, + ``<``, ``>=``, ``<=`` For example, ``source_properties.size = + 100`` is a valid filter string. + group_by: + Required. Expression that defines what assets fields to use + for grouping (including ``state_change``). The string value + should follow SQL syntax: comma separated list of fields. For + example: "parent,resource\_name". The following fields are + supported: - resource\_name - category - state - parent + The following fields are supported when compare\_duration is + set: - state\_change + read_time: + Time used as a reference point when filtering findings. The + filter is limited to findings existing at the supplied time + and their values are those at that specific time. Absence of + this field will default to the API's version of NOW. + compare_duration: + When compare\_duration is set, the GroupResult's + "state\_change" attribute is updated to indicate whether the + finding had its state changed, the finding's state remained + unchanged, or if the finding was added during the + compare\_duration period of time that precedes the read\_time. + This is the time between (read\_time - compare\_duration) and + read\_time. The state\_change value is derived based on the + presence and state of the finding at the two points in time. + Intermediate state changes between the two times don't affect + the result. For example, the results aren't affected if the + finding is made inactive and then active again. Possible + "state\_change" values when compare\_duration is specified: - + "CHANGED": indicates that the finding was present at the start + of compare\_duration, but changed its state at read\_time. + - "UNCHANGED": indicates that the finding was present at the + start of compare\_duration and did not change state at + read\_time. - "ADDED": indicates that the finding was not + present at the start of compare\_duration, but was present + at read\_time. If compare\_duration is not specified, then + the only possible state\_change is "UNUSED", which will be the + state\_change set for all findings present at read\_time. If + this field is set then ``state_change`` must be a specified + field in ``group_by``. + having: + Filter that specifies what fields to further filter on *after* + the query filter has been executed. Currently only + ``finding.state`` and ``state_change`` are supported and + requires compare\_duration to be specified. + page_token: + The value returned by the last ``GroupFindingsResponse``; + indicates that this is a continuation of a prior + ``GroupFindings`` call, and that the system should return the + next page of data. + page_size: + The maximum number of results to return in a single response. + Default is 10, minimum is 1, maximum is 1000. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.GroupFindingsRequest) + ), +) +_sym_db.RegisterMessage(GroupFindingsRequest) + +GroupFindingsResponse = _reflection.GeneratedProtocolMessageType( + "GroupFindingsResponse", + (_message.Message,), + dict( + DESCRIPTOR=_GROUPFINDINGSRESPONSE, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Response message for group by findings. + + + Attributes: + group_by_results: + Group results. There exists an element for each existing + unique combination of property/values. The element contains a + count for the number of times those specific property/values + appear. + read_time: + Time used for executing the groupBy request. + next_page_token: + Token to retrieve the next page of results, or empty if there + are no more results. + total_size: + The total number of results matching the query. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.GroupFindingsResponse) + ), +) +_sym_db.RegisterMessage(GroupFindingsResponse) + +GroupResult = _reflection.GeneratedProtocolMessageType( + "GroupResult", + (_message.Message,), + dict( + PropertiesEntry=_reflection.GeneratedProtocolMessageType( + "PropertiesEntry", + (_message.Message,), + dict( + DESCRIPTOR=_GROUPRESULT_PROPERTIESENTRY, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2" + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.GroupResult.PropertiesEntry) + ), + ), + DESCRIPTOR=_GROUPRESULT, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Result containing the properties and count of a groupBy + request. + + + Attributes: + properties: + Properties matching the groupBy fields in the request. + count: + Total count of resources for the given properties. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.GroupResult) + ), +) +_sym_db.RegisterMessage(GroupResult) +_sym_db.RegisterMessage(GroupResult.PropertiesEntry) + +ListNotificationConfigsRequest = _reflection.GeneratedProtocolMessageType( + "ListNotificationConfigsRequest", + (_message.Message,), + dict( + DESCRIPTOR=_LISTNOTIFICATIONCONFIGSREQUEST, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Request message for listing notification configs. + + + Attributes: + parent: + Required. Name of the organization to list notification + configs. Its format is "organizations/[organization\_id]". + page_token: + The value returned by the last + ``ListNotificationConfigsResponse``; indicates that this is a + continuation of a prior ``ListNotificationConfigs`` call, and + that the system should return the next page of data. + page_size: + The maximum number of results to return in a single response. + Default is 10, minimum is 1, maximum is 1000. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.ListNotificationConfigsRequest) + ), +) +_sym_db.RegisterMessage(ListNotificationConfigsRequest) + +ListNotificationConfigsResponse = _reflection.GeneratedProtocolMessageType( + "ListNotificationConfigsResponse", + (_message.Message,), + dict( + DESCRIPTOR=_LISTNOTIFICATIONCONFIGSRESPONSE, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Response message for listing notification configs. + + + Attributes: + notification_configs: + Notification configs belonging to the requested parent. + next_page_token: + Token to retrieve the next page of results, or empty if there + are no more results. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.ListNotificationConfigsResponse) + ), +) +_sym_db.RegisterMessage(ListNotificationConfigsResponse) + +ListSourcesRequest = _reflection.GeneratedProtocolMessageType( + "ListSourcesRequest", + (_message.Message,), + dict( + DESCRIPTOR=_LISTSOURCESREQUEST, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Request message for listing sources. + + + Attributes: + parent: + Required. Resource name of the parent of sources to list. Its + format should be "organizations/[organization\_id]". + page_token: + The value returned by the last ``ListSourcesResponse``; + indicates that this is a continuation of a prior + ``ListSources`` call, and that the system should return the + next page of data. + page_size: + The maximum number of results to return in a single response. + Default is 10, minimum is 1, maximum is 1000. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.ListSourcesRequest) + ), +) +_sym_db.RegisterMessage(ListSourcesRequest) + +ListSourcesResponse = _reflection.GeneratedProtocolMessageType( + "ListSourcesResponse", + (_message.Message,), + dict( + DESCRIPTOR=_LISTSOURCESRESPONSE, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Response message for listing sources. + + + Attributes: + sources: + Sources belonging to the requested parent. + next_page_token: + Token to retrieve the next page of results, or empty if there + are no more results. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.ListSourcesResponse) + ), +) +_sym_db.RegisterMessage(ListSourcesResponse) + +ListAssetsRequest = _reflection.GeneratedProtocolMessageType( + "ListAssetsRequest", + (_message.Message,), + dict( + DESCRIPTOR=_LISTASSETSREQUEST, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Request message for listing assets. + + + Attributes: + parent: + Required. Name of the organization assets should belong to. + Its format is "organizations/[organization\_id]". + filter: + Expression that defines the filter to apply across assets. The + expression is a list of zero or more restrictions combined via + logical operators ``AND`` and ``OR``. Parentheses are + supported, and ``OR`` has higher precedence than ``AND``. + Restrictions have the form `` `` and + may have a ``-`` character in front of them to indicate + negation. The fields map to those defined in the Asset + resource. Examples include: - name - + security\_center\_properties.resource\_name - + resource\_properties.a\_property - + security\_marks.marks.marka The supported operators are: - + ``=`` for all value types. - ``>``, ``<``, ``>=``, ``<=`` for + integer values. - ``:``, meaning substring matching, for + strings. The supported value types are: - string literals + in quotes. - integer literals without quotes. - boolean + literals ``true`` and ``false`` without quotes. The following + are the allowed field and operator combinations: - name: + ``=`` - update\_time: ``=``, ``>``, ``<``, ``>=``, ``<=`` + Usage: This should be milliseconds since epoch or an RFC3339 + string. Examples: "update\_time = "2019-06-10T16:07:18-07:00"" + "update\_time = 1560208038000" - create\_time: ``=``, ``>``, + ``<``, ``>=``, ``<=`` Usage: This should be milliseconds + since epoch or an RFC3339 string. Examples: "create\_time = + "2019-06-10T16:07:18-07:00"" "create\_time = 1560208038000" - + iam\_policy.policy\_blob: ``=``, ``:`` - + resource\_properties: ``=``, ``:``, ``>``, ``<``, ``>=``, + ``<=`` - security\_marks.marks: ``=``, ``:`` - + security\_center\_properties.resource\_name: ``=``, ``:`` - + security\_center\_properties.resource\_display\_name: ``=``, + ``:`` - security\_center\_properties.resource\_type: ``=``, + ``:`` - security\_center\_properties.resource\_parent: ``=``, + ``:`` - + security\_center\_properties.resource\_parent\_display\_name: + ``=``, ``:`` - + security\_center\_properties.resource\_project: ``=``, ``:`` - + security\_center\_properties.resource\_project\_display\_name: + ``=``, ``:`` - + security\_center\_properties.resource\_owners: ``=``, ``:`` + For example, ``resource_properties.size = 100`` is a valid + filter string. + order_by: + Expression that defines what fields and order to use for + sorting. The string value should follow SQL syntax: comma + separated list of fields. For example: + "name,resource\_properties.a\_property". The default sorting + order is ascending. To specify descending order for a field, a + suffix " desc" should be appended to the field name. For + example: "name desc,resource\_properties.a\_property". + Redundant space characters in the syntax are insignificant. + "name desc,resource\_properties.a\_property" and " name desc , + resource\_properties.a\_property " are equivalent. The + following fields are supported: name update\_time + resource\_properties security\_marks.marks + security\_center\_properties.resource\_name + security\_center\_properties.resource\_display\_name + security\_center\_properties.resource\_parent + security\_center\_properties.resource\_parent\_display\_name + security\_center\_properties.resource\_project + security\_center\_properties.resource\_project\_display\_name + security\_center\_properties.resource\_type + read_time: + Time used as a reference point when filtering assets. The + filter is limited to assets existing at the supplied time and + their values are those at that specific time. Absence of this + field will default to the API's version of NOW. + compare_duration: + When compare\_duration is set, the ListAssetsResult's + "state\_change" attribute is updated to indicate whether the + asset was added, removed, or remained present during the + compare\_duration period of time that precedes the read\_time. + This is the time between (read\_time - compare\_duration) and + read\_time. The state\_change value is derived based on the + presence of the asset at the two points in time. Intermediate + state changes between the two times don't affect the result. + For example, the results aren't affected if the asset is + removed and re-created again. Possible "state\_change" values + when compare\_duration is specified: - "ADDED": indicates + that the asset was not present at the start of + compare\_duration, but present at read\_time. - "REMOVED": + indicates that the asset was present at the start of + compare\_duration, but not present at read\_time. - "ACTIVE": + indicates that the asset was present at both the start and + the end of the time period defined by compare\_duration and + read\_time. If compare\_duration is not specified, then the + only possible state\_change is "UNUSED", which will be the + state\_change set for all assets present at read\_time. + having: + Filter that specifies what fields to further filter on *after* + the query filter has been executed. Currently only + ``state_change`` is supported and requires compare\_duration + to be specified. + field_mask: + Optional. A field mask to specify the ListAssetsResult fields + to be listed in the response. An empty field mask will list + all fields. + page_token: + The value returned by the last ``ListAssetsResponse``; + indicates that this is a continuation of a prior + ``ListAssets`` call, and that the system should return the + next page of data. + page_size: + The maximum number of results to return in a single response. + Default is 10, minimum is 1, maximum is 1000. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.ListAssetsRequest) + ), +) +_sym_db.RegisterMessage(ListAssetsRequest) + +ListAssetsResponse = _reflection.GeneratedProtocolMessageType( + "ListAssetsResponse", + (_message.Message,), + dict( + ListAssetsResult=_reflection.GeneratedProtocolMessageType( + "ListAssetsResult", + (_message.Message,), + dict( + DESCRIPTOR=_LISTASSETSRESPONSE_LISTASSETSRESULT, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Result containing the Asset and its State. + + + Attributes: + asset: + Asset matching the search request. + state_change: + State change of the asset between the points in time. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.ListAssetsResponse.ListAssetsResult) + ), + ), + DESCRIPTOR=_LISTASSETSRESPONSE, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Response message for listing assets. + + + Attributes: + list_assets_results: + Assets matching the list request. + read_time: + Time used for executing the list request. + next_page_token: + Token to retrieve the next page of results, or empty if there + are no more results. + total_size: + The total number of assets matching the query. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.ListAssetsResponse) + ), +) +_sym_db.RegisterMessage(ListAssetsResponse) +_sym_db.RegisterMessage(ListAssetsResponse.ListAssetsResult) + +ListFindingsRequest = _reflection.GeneratedProtocolMessageType( + "ListFindingsRequest", + (_message.Message,), + dict( + DESCRIPTOR=_LISTFINDINGSREQUEST, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Request message for listing findings. + + + Attributes: + parent: + Required. Name of the source the findings belong to. Its + format is + "organizations/[organization\_id]/sources/[source\_id]". To + list across all sources provide a source\_id of ``-``. For + example: organizations/{organization\_id}/sources/- + filter: + Expression that defines the filter to apply across findings. + The expression is a list of one or more restrictions combined + via logical operators ``AND`` and ``OR``. Parentheses are + supported, and ``OR`` has higher precedence than ``AND``. + Restrictions have the form `` `` and + may have a ``-`` character in front of them to indicate + negation. Examples include: - name - + source\_properties.a\_property - security\_marks.marks.marka + The supported operators are: - ``=`` for all value types. - + ``>``, ``<``, ``>=``, ``<=`` for integer values. - ``:``, + meaning substring matching, for strings. The supported value + types are: - string literals in quotes. - integer literals + without quotes. - boolean literals ``true`` and ``false`` + without quotes. The following field and operator combinations + are supported: name: ``=`` parent: ``=``, ``:`` + resource\_name: ``=``, ``:`` state: ``=``, ``:`` category: + ``=``, ``:`` external\_uri: ``=``, ``:`` event\_time: ``=``, + ``>``, ``<``, ``>=``, ``<=`` Usage: This should be + milliseconds since epoch or an RFC3339 string. Examples: + "event\_time = "2019-06-10T16:07:18-07:00"" "event\_time = + 1560208038000" security\_marks.marks: ``=``, ``:`` + source\_properties: ``=``, ``:``, ``>``, ``<``, ``>=``, ``<=`` + For example, ``source_properties.size = 100`` is a valid + filter string. + order_by: + Expression that defines what fields and order to use for + sorting. The string value should follow SQL syntax: comma + separated list of fields. For example: + "name,resource\_properties.a\_property". The default sorting + order is ascending. To specify descending order for a field, a + suffix " desc" should be appended to the field name. For + example: "name desc,source\_properties.a\_property". Redundant + space characters in the syntax are insignificant. "name + desc,source\_properties.a\_property" and " name desc , + source\_properties.a\_property " are equivalent. The + following fields are supported: name parent state category + resource\_name event\_time source\_properties + security\_marks.marks + read_time: + Time used as a reference point when filtering findings. The + filter is limited to findings existing at the supplied time + and their values are those at that specific time. Absence of + this field will default to the API's version of NOW. + compare_duration: + When compare\_duration is set, the ListFindingsResult's + "state\_change" attribute is updated to indicate whether the + finding had its state changed, the finding's state remained + unchanged, or if the finding was added in any state during the + compare\_duration period of time that precedes the read\_time. + This is the time between (read\_time - compare\_duration) and + read\_time. The state\_change value is derived based on the + presence and state of the finding at the two points in time. + Intermediate state changes between the two times don't affect + the result. For example, the results aren't affected if the + finding is made inactive and then active again. Possible + "state\_change" values when compare\_duration is specified: - + "CHANGED": indicates that the finding was present at the start + of compare\_duration, but changed its state at read\_time. + - "UNCHANGED": indicates that the finding was present at the + start of compare\_duration and did not change state at + read\_time. - "ADDED": indicates that the finding was not + present at the start of compare\_duration, but was present + at read\_time. If compare\_duration is not specified, then + the only possible state\_change is "UNUSED", which will be the + state\_change set for all findings present at read\_time. + having: + Filter that specifies what fields to further filter on *after* + the query filter has been executed. Currently only + ``finding.state`` and ``state_change`` are supported and + requires compare\_duration to be specified. + field_mask: + Optional. A field mask to specify the Finding fields to be + listed in the response. An empty field mask will list all + fields. + page_token: + The value returned by the last ``ListFindingsResponse``; + indicates that this is a continuation of a prior + ``ListFindings`` call, and that the system should return the + next page of data. + page_size: + The maximum number of results to return in a single response. + Default is 10, minimum is 1, maximum is 1000. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.ListFindingsRequest) + ), +) +_sym_db.RegisterMessage(ListFindingsRequest) + +ListFindingsResponse = _reflection.GeneratedProtocolMessageType( + "ListFindingsResponse", + (_message.Message,), + dict( + ListFindingsResult=_reflection.GeneratedProtocolMessageType( + "ListFindingsResult", + (_message.Message,), + dict( + Resource=_reflection.GeneratedProtocolMessageType( + "Resource", + (_message.Message,), + dict( + DESCRIPTOR=_LISTFINDINGSRESPONSE_LISTFINDINGSRESULT_RESOURCE, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Information related to the Google Cloud Platform (GCP) + resource that is associated with this finding. + + + Attributes: + name: + The full resource name of the resource. See: https://cloud.goo + gle.com/apis/design/resource\_names#full\_resource\_name + project_name: + The full resource name of project that the resource belongs + to. + project_display_name: + The human readable name of project that the resource belongs + to. + parent_name: + The full resource name of resource's parent. + parent_display_name: + The human readable name of resource's parent. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.ListFindingsResponse.ListFindingsResult.Resource) + ), + ), + DESCRIPTOR=_LISTFINDINGSRESPONSE_LISTFINDINGSRESULT, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Result containing the Finding and its StateChange. + + + Attributes: + finding: + Finding matching the search request. + state_change: + State change of the finding between the points in time. + resource: + Output only. Resource that is associated with this finding. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.ListFindingsResponse.ListFindingsResult) + ), + ), + DESCRIPTOR=_LISTFINDINGSRESPONSE, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Response message for listing findings. + + + Attributes: + list_findings_results: + Findings matching the list request. + read_time: + Time used for executing the list request. + next_page_token: + Token to retrieve the next page of results, or empty if there + are no more results. + total_size: + The total number of findings matching the query. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.ListFindingsResponse) + ), +) +_sym_db.RegisterMessage(ListFindingsResponse) +_sym_db.RegisterMessage(ListFindingsResponse.ListFindingsResult) +_sym_db.RegisterMessage(ListFindingsResponse.ListFindingsResult.Resource) + +SetFindingStateRequest = _reflection.GeneratedProtocolMessageType( + "SetFindingStateRequest", + (_message.Message,), + dict( + DESCRIPTOR=_SETFINDINGSTATEREQUEST, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Request message for updating a finding's state. + + + Attributes: + name: + Required. The relative resource name of the finding. See: http + s://cloud.google.com/apis/design/resource\_names#relative\_res + ource\_name Example: "organizations/{organization\_id}/sources + /{source\_id}/finding/{finding\_id}". + state: + Required. The desired State of the finding. + start_time: + Required. The time at which the updated state takes effect. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.SetFindingStateRequest) + ), +) +_sym_db.RegisterMessage(SetFindingStateRequest) + +RunAssetDiscoveryRequest = _reflection.GeneratedProtocolMessageType( + "RunAssetDiscoveryRequest", + (_message.Message,), + dict( + DESCRIPTOR=_RUNASSETDISCOVERYREQUEST, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Request message for running asset discovery for an + organization. + + + Attributes: + parent: + Required. Name of the organization to run asset discovery for. + Its format is "organizations/[organization\_id]". + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.RunAssetDiscoveryRequest) + ), +) +_sym_db.RegisterMessage(RunAssetDiscoveryRequest) + +UpdateFindingRequest = _reflection.GeneratedProtocolMessageType( + "UpdateFindingRequest", + (_message.Message,), + dict( + DESCRIPTOR=_UPDATEFINDINGREQUEST, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Request message for updating or creating a finding. + + + Attributes: + finding: + Required. The finding resource to update or create if it does + not already exist. parent, security\_marks, and update\_time + will be ignored. In the case of creation, the finding id + portion of the name must be alphanumeric and less than or + equal to 32 characters and greater than 0 characters in + length. + update_mask: + The FieldMask to use when updating the finding resource. This + field should not be specified when creating a finding. When + updating a finding, an empty mask is treated as updating all + mutable fields and replacing source\_properties. Individual + source\_properties can be added/updated by using + "source\_properties." in the field mask. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.UpdateFindingRequest) + ), +) +_sym_db.RegisterMessage(UpdateFindingRequest) + +UpdateNotificationConfigRequest = _reflection.GeneratedProtocolMessageType( + "UpdateNotificationConfigRequest", + (_message.Message,), + dict( + DESCRIPTOR=_UPDATENOTIFICATIONCONFIGREQUEST, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Request message for updating a notification config. + + + Attributes: + notification_config: + Required. The notification config to update. + update_mask: + The FieldMask to use when updating the notification config. + If empty all mutable fields will be updated. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.UpdateNotificationConfigRequest) + ), +) +_sym_db.RegisterMessage(UpdateNotificationConfigRequest) + +UpdateOrganizationSettingsRequest = _reflection.GeneratedProtocolMessageType( + "UpdateOrganizationSettingsRequest", + (_message.Message,), + dict( + DESCRIPTOR=_UPDATEORGANIZATIONSETTINGSREQUEST, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Request message for updating an organization's settings. + + + Attributes: + organization_settings: + Required. The organization settings resource to update. + update_mask: + The FieldMask to use when updating the settings resource. If + empty all mutable fields will be updated. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.UpdateOrganizationSettingsRequest) + ), +) +_sym_db.RegisterMessage(UpdateOrganizationSettingsRequest) + +UpdateSourceRequest = _reflection.GeneratedProtocolMessageType( + "UpdateSourceRequest", + (_message.Message,), + dict( + DESCRIPTOR=_UPDATESOURCEREQUEST, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Request message for updating a source. + + + Attributes: + source: + Required. The source resource to update. + update_mask: + The FieldMask to use when updating the source resource. If + empty all mutable fields will be updated. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.UpdateSourceRequest) + ), +) +_sym_db.RegisterMessage(UpdateSourceRequest) + +UpdateSecurityMarksRequest = _reflection.GeneratedProtocolMessageType( + "UpdateSecurityMarksRequest", + (_message.Message,), + dict( + DESCRIPTOR=_UPDATESECURITYMARKSREQUEST, + __module__="google.cloud.securitycenter_v1p1beta1.proto.securitycenter_service_pb2", + __doc__="""Request message for updating a SecurityMarks resource. + + + Attributes: + security_marks: + Required. The security marks resource to update. + update_mask: + The FieldMask to use when updating the security marks + resource. The field mask must not contain duplicate fields. + If empty or set to "marks", all marks will be replaced. + Individual marks can be updated using "marks.". + start_time: + The time at which the updated SecurityMarks take effect. If + not set uses current server time. Updates will be applied to + the SecurityMarks that are active immediately preceding this + time. + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.UpdateSecurityMarksRequest) + ), +) +_sym_db.RegisterMessage(UpdateSecurityMarksRequest) + + +DESCRIPTOR._options = None +_CREATEFINDINGREQUEST.fields_by_name["parent"]._options = None +_CREATEFINDINGREQUEST.fields_by_name["finding_id"]._options = None +_CREATEFINDINGREQUEST.fields_by_name["finding"]._options = None +_CREATENOTIFICATIONCONFIGREQUEST.fields_by_name["parent"]._options = None +_CREATENOTIFICATIONCONFIGREQUEST.fields_by_name["config_id"]._options = None +_CREATENOTIFICATIONCONFIGREQUEST.fields_by_name["notification_config"]._options = None +_CREATESOURCEREQUEST.fields_by_name["parent"]._options = None +_CREATESOURCEREQUEST.fields_by_name["source"]._options = None +_DELETENOTIFICATIONCONFIGREQUEST.fields_by_name["name"]._options = None +_GETNOTIFICATIONCONFIGREQUEST.fields_by_name["name"]._options = None +_GETORGANIZATIONSETTINGSREQUEST.fields_by_name["name"]._options = None +_GETSOURCEREQUEST.fields_by_name["name"]._options = None +_GROUPASSETSREQUEST.fields_by_name["parent"]._options = None +_GROUPASSETSREQUEST.fields_by_name["group_by"]._options = None +_GROUPFINDINGSREQUEST.fields_by_name["parent"]._options = None +_GROUPFINDINGSREQUEST.fields_by_name["group_by"]._options = None +_GROUPRESULT_PROPERTIESENTRY._options = None +_LISTNOTIFICATIONCONFIGSREQUEST.fields_by_name["parent"]._options = None +_LISTSOURCESREQUEST.fields_by_name["parent"]._options = None +_LISTASSETSREQUEST.fields_by_name["parent"]._options = None +_LISTASSETSREQUEST.fields_by_name["field_mask"]._options = None +_LISTFINDINGSREQUEST.fields_by_name["parent"]._options = None +_LISTFINDINGSREQUEST.fields_by_name["field_mask"]._options = None +_SETFINDINGSTATEREQUEST.fields_by_name["name"]._options = None +_SETFINDINGSTATEREQUEST.fields_by_name["state"]._options = None +_SETFINDINGSTATEREQUEST.fields_by_name["start_time"]._options = None +_RUNASSETDISCOVERYREQUEST.fields_by_name["parent"]._options = None +_UPDATEFINDINGREQUEST.fields_by_name["finding"]._options = None +_UPDATENOTIFICATIONCONFIGREQUEST.fields_by_name["notification_config"]._options = None +_UPDATEORGANIZATIONSETTINGSREQUEST.fields_by_name[ + "organization_settings" +]._options = None +_UPDATESOURCEREQUEST.fields_by_name["source"]._options = None +_UPDATESECURITYMARKSREQUEST.fields_by_name["security_marks"]._options = None + +_SECURITYCENTER = _descriptor.ServiceDescriptor( + name="SecurityCenter", + full_name="google.cloud.securitycenter.v1p1beta1.SecurityCenter", + file=DESCRIPTOR, + index=0, + serialized_options=_b( + "\312A\035securitycenter.googleapis.com\322A.https://www.googleapis.com/auth/cloud-platform" + ), + serialized_start=6686, + serialized_end=12196, + methods=[ + _descriptor.MethodDescriptor( + name="CreateSource", + full_name="google.cloud.securitycenter.v1p1beta1.SecurityCenter.CreateSource", + index=0, + containing_service=None, + input_type=_CREATESOURCEREQUEST, + output_type=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_source__pb2._SOURCE, + serialized_options=_b( + '\202\323\344\223\0025"+/v1p1beta1/{parent=organizations/*}/sources:\006source\332A\rparent,source' + ), + ), + _descriptor.MethodDescriptor( + name="CreateFinding", + full_name="google.cloud.securitycenter.v1p1beta1.SecurityCenter.CreateFinding", + index=1, + containing_service=None, + input_type=_CREATEFINDINGREQUEST, + output_type=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_finding__pb2._FINDING, + serialized_options=_b( + '\202\323\344\223\002A"6/v1p1beta1/{parent=organizations/*/sources/*}/findings:\007finding\332A\031parent,finding_id,finding\332A\031parent,finding,finding_id' + ), + ), + _descriptor.MethodDescriptor( + name="CreateNotificationConfig", + full_name="google.cloud.securitycenter.v1p1beta1.SecurityCenter.CreateNotificationConfig", + index=2, + containing_service=None, + input_type=_CREATENOTIFICATIONCONFIGREQUEST, + output_type=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_notification__config__pb2._NOTIFICATIONCONFIG, + serialized_options=_b( + '\202\323\344\223\002N"7/v1p1beta1/{parent=organizations/*}/notificationConfigs:\023notification_config\332A$parent,config_id,notification_config\332A\032parent,notification_config' + ), + ), + _descriptor.MethodDescriptor( + name="DeleteNotificationConfig", + full_name="google.cloud.securitycenter.v1p1beta1.SecurityCenter.DeleteNotificationConfig", + index=3, + containing_service=None, + input_type=_DELETENOTIFICATIONCONFIGREQUEST, + output_type=google_dot_protobuf_dot_empty__pb2._EMPTY, + serialized_options=_b( + "\202\323\344\223\0029*7/v1p1beta1/{name=organizations/*/notificationConfigs/*}\332A\004name" + ), + ), + _descriptor.MethodDescriptor( + name="GetIamPolicy", + full_name="google.cloud.securitycenter.v1p1beta1.SecurityCenter.GetIamPolicy", + index=4, + containing_service=None, + input_type=google_dot_iam_dot_v1_dot_iam__policy__pb2._GETIAMPOLICYREQUEST, + output_type=google_dot_iam_dot_v1_dot_policy__pb2._POLICY, + serialized_options=_b( + '\202\323\344\223\002A"/v1p1beta1/{finding.name=organizations/*/sources/*/findings/*}:\007finding\332A\007finding\332A\023finding,update_mask" + ), + ), + _descriptor.MethodDescriptor( + name="UpdateNotificationConfig", + full_name="google.cloud.securitycenter.v1p1beta1.SecurityCenter.UpdateNotificationConfig", + index=19, + containing_service=None, + input_type=_UPDATENOTIFICATIONCONFIGREQUEST, + output_type=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_notification__config__pb2._NOTIFICATIONCONFIG, + serialized_options=_b( + "\202\323\344\223\002b2K/v1p1beta1/{notification_config.name=organizations/*/notificationConfigs/*}:\023notification_config\332A\023notification_config\332A\037notification_config,update_mask" + ), + ), + _descriptor.MethodDescriptor( + name="UpdateOrganizationSettings", + full_name="google.cloud.securitycenter.v1p1beta1.SecurityCenter.UpdateOrganizationSettings", + index=20, + containing_service=None, + input_type=_UPDATEORGANIZATIONSETTINGSREQUEST, + output_type=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_organization__settings__pb2._ORGANIZATIONSETTINGS, + serialized_options=_b( + "\202\323\344\223\002e2L/v1p1beta1/{organization_settings.name=organizations/*/organizationSettings}:\025organization_settings\332A\025organization_settings" + ), + ), + _descriptor.MethodDescriptor( + name="UpdateSource", + full_name="google.cloud.securitycenter.v1p1beta1.SecurityCenter.UpdateSource", + index=21, + containing_service=None, + input_type=_UPDATESOURCEREQUEST, + output_type=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_source__pb2._SOURCE, + serialized_options=_b( + "\202\323\344\223\002<22/v1p1beta1/{source.name=organizations/*/sources/*}:\006source\332A\006source\332A\022source,update_mask" + ), + ), + _descriptor.MethodDescriptor( + name="UpdateSecurityMarks", + full_name="google.cloud.securitycenter.v1p1beta1.SecurityCenter.UpdateSecurityMarks", + index=22, + containing_service=None, + input_type=_UPDATESECURITYMARKSREQUEST, + output_type=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_security__marks__pb2._SECURITYMARKS, + serialized_options=_b( + "\202\323\344\223\002\300\0012G/v1p1beta1/{security_marks.name=organizations/*/assets/*/securityMarks}:\016security_marksZe2S/v1p1beta1/{security_marks.name=organizations/*/sources/*/findings/*/securityMarks}:\016security_marks\332A\016security_marks\332A\032security_marks,update_mask" + ), + ), + ], +) +_sym_db.RegisterServiceDescriptor(_SECURITYCENTER) + +DESCRIPTOR.services_by_name["SecurityCenter"] = _SECURITYCENTER + +# @@protoc_insertion_point(module_scope) diff --git a/google/cloud/securitycenter_v1p1beta1/proto/securitycenter_service_pb2_grpc.py b/google/cloud/securitycenter_v1p1beta1/proto/securitycenter_service_pb2_grpc.py new file mode 100644 index 00000000..e804ae6a --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/securitycenter_service_pb2_grpc.py @@ -0,0 +1,462 @@ +# Generated by the gRPC Python protocol compiler plugin. DO NOT EDIT! +import grpc + +from google.cloud.securitycenter_v1p1beta1.proto import ( + finding_pb2 as google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_finding__pb2, +) +from google.cloud.securitycenter_v1p1beta1.proto import ( + notification_config_pb2 as google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_notification__config__pb2, +) +from google.cloud.securitycenter_v1p1beta1.proto import ( + organization_settings_pb2 as google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_organization__settings__pb2, +) +from google.cloud.securitycenter_v1p1beta1.proto import ( + security_marks_pb2 as google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_security__marks__pb2, +) +from google.cloud.securitycenter_v1p1beta1.proto import ( + securitycenter_service_pb2 as google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2, +) +from google.cloud.securitycenter_v1p1beta1.proto import ( + source_pb2 as google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_source__pb2, +) +from google.iam.v1 import iam_policy_pb2 as google_dot_iam_dot_v1_dot_iam__policy__pb2 +from google.iam.v1 import policy_pb2 as google_dot_iam_dot_v1_dot_policy__pb2 +from google.longrunning import ( + operations_pb2 as google_dot_longrunning_dot_operations__pb2, +) +from google.protobuf import empty_pb2 as google_dot_protobuf_dot_empty__pb2 + + +class SecurityCenterStub(object): + """V1p1Beta1 APIs for Security Center service. + """ + + def __init__(self, channel): + """Constructor. + + Args: + channel: A grpc.Channel. + """ + self.CreateSource = channel.unary_unary( + "/google.cloud.securitycenter.v1p1beta1.SecurityCenter/CreateSource", + request_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.CreateSourceRequest.SerializeToString, + response_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_source__pb2.Source.FromString, + ) + self.CreateFinding = channel.unary_unary( + "/google.cloud.securitycenter.v1p1beta1.SecurityCenter/CreateFinding", + request_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.CreateFindingRequest.SerializeToString, + response_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_finding__pb2.Finding.FromString, + ) + self.CreateNotificationConfig = channel.unary_unary( + "/google.cloud.securitycenter.v1p1beta1.SecurityCenter/CreateNotificationConfig", + request_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.CreateNotificationConfigRequest.SerializeToString, + response_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_notification__config__pb2.NotificationConfig.FromString, + ) + self.DeleteNotificationConfig = channel.unary_unary( + "/google.cloud.securitycenter.v1p1beta1.SecurityCenter/DeleteNotificationConfig", + request_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.DeleteNotificationConfigRequest.SerializeToString, + response_deserializer=google_dot_protobuf_dot_empty__pb2.Empty.FromString, + ) + self.GetIamPolicy = channel.unary_unary( + "/google.cloud.securitycenter.v1p1beta1.SecurityCenter/GetIamPolicy", + request_serializer=google_dot_iam_dot_v1_dot_iam__policy__pb2.GetIamPolicyRequest.SerializeToString, + response_deserializer=google_dot_iam_dot_v1_dot_policy__pb2.Policy.FromString, + ) + self.GetNotificationConfig = channel.unary_unary( + "/google.cloud.securitycenter.v1p1beta1.SecurityCenter/GetNotificationConfig", + request_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.GetNotificationConfigRequest.SerializeToString, + response_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_notification__config__pb2.NotificationConfig.FromString, + ) + self.GetOrganizationSettings = channel.unary_unary( + "/google.cloud.securitycenter.v1p1beta1.SecurityCenter/GetOrganizationSettings", + request_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.GetOrganizationSettingsRequest.SerializeToString, + response_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_organization__settings__pb2.OrganizationSettings.FromString, + ) + self.GetSource = channel.unary_unary( + "/google.cloud.securitycenter.v1p1beta1.SecurityCenter/GetSource", + request_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.GetSourceRequest.SerializeToString, + response_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_source__pb2.Source.FromString, + ) + self.GroupAssets = channel.unary_unary( + "/google.cloud.securitycenter.v1p1beta1.SecurityCenter/GroupAssets", + request_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.GroupAssetsRequest.SerializeToString, + response_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.GroupAssetsResponse.FromString, + ) + self.GroupFindings = channel.unary_unary( + "/google.cloud.securitycenter.v1p1beta1.SecurityCenter/GroupFindings", + request_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.GroupFindingsRequest.SerializeToString, + response_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.GroupFindingsResponse.FromString, + ) + self.ListAssets = channel.unary_unary( + "/google.cloud.securitycenter.v1p1beta1.SecurityCenter/ListAssets", + request_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.ListAssetsRequest.SerializeToString, + response_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.ListAssetsResponse.FromString, + ) + self.ListFindings = channel.unary_unary( + "/google.cloud.securitycenter.v1p1beta1.SecurityCenter/ListFindings", + request_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.ListFindingsRequest.SerializeToString, + response_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.ListFindingsResponse.FromString, + ) + self.ListNotificationConfigs = channel.unary_unary( + "/google.cloud.securitycenter.v1p1beta1.SecurityCenter/ListNotificationConfigs", + request_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.ListNotificationConfigsRequest.SerializeToString, + response_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.ListNotificationConfigsResponse.FromString, + ) + self.ListSources = channel.unary_unary( + "/google.cloud.securitycenter.v1p1beta1.SecurityCenter/ListSources", + request_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.ListSourcesRequest.SerializeToString, + response_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.ListSourcesResponse.FromString, + ) + self.RunAssetDiscovery = channel.unary_unary( + "/google.cloud.securitycenter.v1p1beta1.SecurityCenter/RunAssetDiscovery", + request_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.RunAssetDiscoveryRequest.SerializeToString, + response_deserializer=google_dot_longrunning_dot_operations__pb2.Operation.FromString, + ) + self.SetFindingState = channel.unary_unary( + "/google.cloud.securitycenter.v1p1beta1.SecurityCenter/SetFindingState", + request_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.SetFindingStateRequest.SerializeToString, + response_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_finding__pb2.Finding.FromString, + ) + self.SetIamPolicy = channel.unary_unary( + "/google.cloud.securitycenter.v1p1beta1.SecurityCenter/SetIamPolicy", + request_serializer=google_dot_iam_dot_v1_dot_iam__policy__pb2.SetIamPolicyRequest.SerializeToString, + response_deserializer=google_dot_iam_dot_v1_dot_policy__pb2.Policy.FromString, + ) + self.TestIamPermissions = channel.unary_unary( + "/google.cloud.securitycenter.v1p1beta1.SecurityCenter/TestIamPermissions", + request_serializer=google_dot_iam_dot_v1_dot_iam__policy__pb2.TestIamPermissionsRequest.SerializeToString, + response_deserializer=google_dot_iam_dot_v1_dot_iam__policy__pb2.TestIamPermissionsResponse.FromString, + ) + self.UpdateFinding = channel.unary_unary( + "/google.cloud.securitycenter.v1p1beta1.SecurityCenter/UpdateFinding", + request_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.UpdateFindingRequest.SerializeToString, + response_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_finding__pb2.Finding.FromString, + ) + self.UpdateNotificationConfig = channel.unary_unary( + "/google.cloud.securitycenter.v1p1beta1.SecurityCenter/UpdateNotificationConfig", + request_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.UpdateNotificationConfigRequest.SerializeToString, + response_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_notification__config__pb2.NotificationConfig.FromString, + ) + self.UpdateOrganizationSettings = channel.unary_unary( + "/google.cloud.securitycenter.v1p1beta1.SecurityCenter/UpdateOrganizationSettings", + request_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.UpdateOrganizationSettingsRequest.SerializeToString, + response_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_organization__settings__pb2.OrganizationSettings.FromString, + ) + self.UpdateSource = channel.unary_unary( + "/google.cloud.securitycenter.v1p1beta1.SecurityCenter/UpdateSource", + request_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.UpdateSourceRequest.SerializeToString, + response_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_source__pb2.Source.FromString, + ) + self.UpdateSecurityMarks = channel.unary_unary( + "/google.cloud.securitycenter.v1p1beta1.SecurityCenter/UpdateSecurityMarks", + request_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.UpdateSecurityMarksRequest.SerializeToString, + response_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_security__marks__pb2.SecurityMarks.FromString, + ) + + +class SecurityCenterServicer(object): + """V1p1Beta1 APIs for Security Center service. + """ + + def CreateSource(self, request, context): + """Creates a source. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details("Method not implemented!") + raise NotImplementedError("Method not implemented!") + + def CreateFinding(self, request, context): + """ + Creates a finding. The corresponding source must exist for finding + creation to succeed. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details("Method not implemented!") + raise NotImplementedError("Method not implemented!") + + def CreateNotificationConfig(self, request, context): + """Creates a notification config. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details("Method not implemented!") + raise NotImplementedError("Method not implemented!") + + def DeleteNotificationConfig(self, request, context): + """Deletes a notification config. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details("Method not implemented!") + raise NotImplementedError("Method not implemented!") + + def GetIamPolicy(self, request, context): + """Gets the access control policy on the specified Source. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details("Method not implemented!") + raise NotImplementedError("Method not implemented!") + + def GetNotificationConfig(self, request, context): + """Gets a notification config. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details("Method not implemented!") + raise NotImplementedError("Method not implemented!") + + def GetOrganizationSettings(self, request, context): + """Gets the settings for an organization. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details("Method not implemented!") + raise NotImplementedError("Method not implemented!") + + def GetSource(self, request, context): + """Gets a source. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details("Method not implemented!") + raise NotImplementedError("Method not implemented!") + + def GroupAssets(self, request, context): + """Filters an organization's assets and groups them by their specified + properties. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details("Method not implemented!") + raise NotImplementedError("Method not implemented!") + + def GroupFindings(self, request, context): + """Filters an organization or source's findings and groups them by their + specified properties. + + To group across all sources provide a `-` as the source id. + Example: /v1p1beta1/organizations/{organization_id}/sources/-/findings + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details("Method not implemented!") + raise NotImplementedError("Method not implemented!") + + def ListAssets(self, request, context): + """Lists an organization's assets. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details("Method not implemented!") + raise NotImplementedError("Method not implemented!") + + def ListFindings(self, request, context): + """Lists an organization or source's findings. + + To list across all sources provide a `-` as the source id. + Example: /v1p1beta1/organizations/{organization_id}/sources/-/findings + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details("Method not implemented!") + raise NotImplementedError("Method not implemented!") + + def ListNotificationConfigs(self, request, context): + """Lists notification configs. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details("Method not implemented!") + raise NotImplementedError("Method not implemented!") + + def ListSources(self, request, context): + """Lists all sources belonging to an organization. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details("Method not implemented!") + raise NotImplementedError("Method not implemented!") + + def RunAssetDiscovery(self, request, context): + """Runs asset discovery. The discovery is tracked with a long-running + operation. + + This API can only be called with limited frequency for an organization. If + it is called too frequently the caller will receive a TOO_MANY_REQUESTS + error. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details("Method not implemented!") + raise NotImplementedError("Method not implemented!") + + def SetFindingState(self, request, context): + """ + Updates the state of a finding. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details("Method not implemented!") + raise NotImplementedError("Method not implemented!") + + def SetIamPolicy(self, request, context): + """Sets the access control policy on the specified Source. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details("Method not implemented!") + raise NotImplementedError("Method not implemented!") + + def TestIamPermissions(self, request, context): + """Returns the permissions that a caller has on the specified source. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details("Method not implemented!") + raise NotImplementedError("Method not implemented!") + + def UpdateFinding(self, request, context): + """ + Creates or updates a finding. The corresponding source must exist for a + finding creation to succeed. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details("Method not implemented!") + raise NotImplementedError("Method not implemented!") + + def UpdateNotificationConfig(self, request, context): + """Updates a notification config. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details("Method not implemented!") + raise NotImplementedError("Method not implemented!") + + def UpdateOrganizationSettings(self, request, context): + """Updates an organization's settings. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details("Method not implemented!") + raise NotImplementedError("Method not implemented!") + + def UpdateSource(self, request, context): + """Updates a source. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details("Method not implemented!") + raise NotImplementedError("Method not implemented!") + + def UpdateSecurityMarks(self, request, context): + """Updates security marks. + """ + context.set_code(grpc.StatusCode.UNIMPLEMENTED) + context.set_details("Method not implemented!") + raise NotImplementedError("Method not implemented!") + + +def add_SecurityCenterServicer_to_server(servicer, server): + rpc_method_handlers = { + "CreateSource": grpc.unary_unary_rpc_method_handler( + servicer.CreateSource, + request_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.CreateSourceRequest.FromString, + response_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_source__pb2.Source.SerializeToString, + ), + "CreateFinding": grpc.unary_unary_rpc_method_handler( + servicer.CreateFinding, + request_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.CreateFindingRequest.FromString, + response_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_finding__pb2.Finding.SerializeToString, + ), + "CreateNotificationConfig": grpc.unary_unary_rpc_method_handler( + servicer.CreateNotificationConfig, + request_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.CreateNotificationConfigRequest.FromString, + response_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_notification__config__pb2.NotificationConfig.SerializeToString, + ), + "DeleteNotificationConfig": grpc.unary_unary_rpc_method_handler( + servicer.DeleteNotificationConfig, + request_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.DeleteNotificationConfigRequest.FromString, + response_serializer=google_dot_protobuf_dot_empty__pb2.Empty.SerializeToString, + ), + "GetIamPolicy": grpc.unary_unary_rpc_method_handler( + servicer.GetIamPolicy, + request_deserializer=google_dot_iam_dot_v1_dot_iam__policy__pb2.GetIamPolicyRequest.FromString, + response_serializer=google_dot_iam_dot_v1_dot_policy__pb2.Policy.SerializeToString, + ), + "GetNotificationConfig": grpc.unary_unary_rpc_method_handler( + servicer.GetNotificationConfig, + request_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.GetNotificationConfigRequest.FromString, + response_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_notification__config__pb2.NotificationConfig.SerializeToString, + ), + "GetOrganizationSettings": grpc.unary_unary_rpc_method_handler( + servicer.GetOrganizationSettings, + request_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.GetOrganizationSettingsRequest.FromString, + response_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_organization__settings__pb2.OrganizationSettings.SerializeToString, + ), + "GetSource": grpc.unary_unary_rpc_method_handler( + servicer.GetSource, + request_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.GetSourceRequest.FromString, + response_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_source__pb2.Source.SerializeToString, + ), + "GroupAssets": grpc.unary_unary_rpc_method_handler( + servicer.GroupAssets, + request_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.GroupAssetsRequest.FromString, + response_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.GroupAssetsResponse.SerializeToString, + ), + "GroupFindings": grpc.unary_unary_rpc_method_handler( + servicer.GroupFindings, + request_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.GroupFindingsRequest.FromString, + response_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.GroupFindingsResponse.SerializeToString, + ), + "ListAssets": grpc.unary_unary_rpc_method_handler( + servicer.ListAssets, + request_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.ListAssetsRequest.FromString, + response_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.ListAssetsResponse.SerializeToString, + ), + "ListFindings": grpc.unary_unary_rpc_method_handler( + servicer.ListFindings, + request_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.ListFindingsRequest.FromString, + response_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.ListFindingsResponse.SerializeToString, + ), + "ListNotificationConfigs": grpc.unary_unary_rpc_method_handler( + servicer.ListNotificationConfigs, + request_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.ListNotificationConfigsRequest.FromString, + response_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.ListNotificationConfigsResponse.SerializeToString, + ), + "ListSources": grpc.unary_unary_rpc_method_handler( + servicer.ListSources, + request_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.ListSourcesRequest.FromString, + response_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.ListSourcesResponse.SerializeToString, + ), + "RunAssetDiscovery": grpc.unary_unary_rpc_method_handler( + servicer.RunAssetDiscovery, + request_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.RunAssetDiscoveryRequest.FromString, + response_serializer=google_dot_longrunning_dot_operations__pb2.Operation.SerializeToString, + ), + "SetFindingState": grpc.unary_unary_rpc_method_handler( + servicer.SetFindingState, + request_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.SetFindingStateRequest.FromString, + response_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_finding__pb2.Finding.SerializeToString, + ), + "SetIamPolicy": grpc.unary_unary_rpc_method_handler( + servicer.SetIamPolicy, + request_deserializer=google_dot_iam_dot_v1_dot_iam__policy__pb2.SetIamPolicyRequest.FromString, + response_serializer=google_dot_iam_dot_v1_dot_policy__pb2.Policy.SerializeToString, + ), + "TestIamPermissions": grpc.unary_unary_rpc_method_handler( + servicer.TestIamPermissions, + request_deserializer=google_dot_iam_dot_v1_dot_iam__policy__pb2.TestIamPermissionsRequest.FromString, + response_serializer=google_dot_iam_dot_v1_dot_iam__policy__pb2.TestIamPermissionsResponse.SerializeToString, + ), + "UpdateFinding": grpc.unary_unary_rpc_method_handler( + servicer.UpdateFinding, + request_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.UpdateFindingRequest.FromString, + response_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_finding__pb2.Finding.SerializeToString, + ), + "UpdateNotificationConfig": grpc.unary_unary_rpc_method_handler( + servicer.UpdateNotificationConfig, + request_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.UpdateNotificationConfigRequest.FromString, + response_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_notification__config__pb2.NotificationConfig.SerializeToString, + ), + "UpdateOrganizationSettings": grpc.unary_unary_rpc_method_handler( + servicer.UpdateOrganizationSettings, + request_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.UpdateOrganizationSettingsRequest.FromString, + response_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_organization__settings__pb2.OrganizationSettings.SerializeToString, + ), + "UpdateSource": grpc.unary_unary_rpc_method_handler( + servicer.UpdateSource, + request_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.UpdateSourceRequest.FromString, + response_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_source__pb2.Source.SerializeToString, + ), + "UpdateSecurityMarks": grpc.unary_unary_rpc_method_handler( + servicer.UpdateSecurityMarks, + request_deserializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_securitycenter__service__pb2.UpdateSecurityMarksRequest.FromString, + response_serializer=google_dot_cloud_dot_securitycenter__v1p1beta1_dot_proto_dot_security__marks__pb2.SecurityMarks.SerializeToString, + ), + } + generic_handler = grpc.method_handlers_generic_handler( + "google.cloud.securitycenter.v1p1beta1.SecurityCenter", rpc_method_handlers + ) + server.add_generic_rpc_handlers((generic_handler,)) diff --git a/google/cloud/securitycenter_v1p1beta1/proto/source.proto b/google/cloud/securitycenter_v1p1beta1/proto/source.proto new file mode 100644 index 00000000..d591a05c --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/source.proto @@ -0,0 +1,60 @@ +// Copyright 2019 Google LLC. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +syntax = "proto3"; + +package google.cloud.securitycenter.v1p1beta1; + +import "google/api/annotations.proto"; +import "google/api/resource.proto"; + +option csharp_namespace = "Google.Cloud.SecurityCenter.V1P1Beta1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter"; +option java_multiple_files = true; +option java_package = "com.google.cloud.securitycenter.v1p1beta1"; +option php_namespace = "Google\\Cloud\\SecurityCenter\\V1p1beta1"; +option ruby_package = "Google::Cloud::SecurityCenter::V1p1beta1"; + +// Cloud Security Command Center's (Cloud SCC) finding source. A finding source +// is an entity or a mechanism that can produce a finding. A source is like a +// container of findings that come from the same scanner, logger, monitor, etc. +message Source { + option (google.api.resource) = { + type: "securitycenter.googleapis.com/Source" + pattern: "organizations/{organization}/sources/{source}" + }; + + // The relative resource name of this source. See: + // https://cloud.google.com/apis/design/resource_names#relative_resource_name + // Example: + // "organizations/{organization_id}/sources/{source_id}" + string name = 1; + + // The source's display name. + // A source's display name must be unique amongst its siblings, for example, + // two sources with the same parent can't share the same display name. + // The display name must have a length between 1 and 64 characters + // (inclusive). + string display_name = 2; + + // The description of the source (max of 1024 characters). + // Example: + // "Cloud Security Scanner is a web security scanner for common + // vulnerabilities in App Engine applications. It can automatically + // scan and detect four common vulnerabilities, including cross-site-scripting + // (XSS), Flash injection, mixed content (HTTP in HTTPS), and + // outdated/insecure libraries." + string description = 3; +} diff --git a/google/cloud/securitycenter_v1p1beta1/proto/source_pb2.py b/google/cloud/securitycenter_v1p1beta1/proto/source_pb2.py new file mode 100644 index 00000000..944aa67b --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/source_pb2.py @@ -0,0 +1,158 @@ +# -*- coding: utf-8 -*- +# Generated by the protocol buffer compiler. DO NOT EDIT! +# source: google/cloud/securitycenter_v1p1beta1/proto/source.proto + +import sys + +_b = sys.version_info[0] < 3 and (lambda x: x) or (lambda x: x.encode("latin1")) +from google.protobuf import descriptor as _descriptor +from google.protobuf import message as _message +from google.protobuf import reflection as _reflection +from google.protobuf import symbol_database as _symbol_database + +# @@protoc_insertion_point(imports) + +_sym_db = _symbol_database.Default() + + +from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2 +from google.api import resource_pb2 as google_dot_api_dot_resource__pb2 + + +DESCRIPTOR = _descriptor.FileDescriptor( + name="google/cloud/securitycenter_v1p1beta1/proto/source.proto", + package="google.cloud.securitycenter.v1p1beta1", + syntax="proto3", + serialized_options=_b( + "\n)com.google.cloud.securitycenter.v1p1beta1P\001ZSgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter\252\002%Google.Cloud.SecurityCenter.V1P1Beta1\312\002%Google\\Cloud\\SecurityCenter\\V1p1beta1\352\002(Google::Cloud::SecurityCenter::V1p1beta1" + ), + serialized_pb=_b( + '\n8google/cloud/securitycenter_v1p1beta1/proto/source.proto\x12%google.cloud.securitycenter.v1p1beta1\x1a\x1cgoogle/api/annotations.proto\x1a\x19google/api/resource.proto"\x9b\x01\n\x06Source\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x14\n\x0c\x64isplay_name\x18\x02 \x01(\t\x12\x13\n\x0b\x64\x65scription\x18\x03 \x01(\t:X\xea\x41U\n$securitycenter.googleapis.com/Source\x12-organizations/{organization}/sources/{source}B\xfd\x01\n)com.google.cloud.securitycenter.v1p1beta1P\x01ZSgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter\xaa\x02%Google.Cloud.SecurityCenter.V1P1Beta1\xca\x02%Google\\Cloud\\SecurityCenter\\V1p1beta1\xea\x02(Google::Cloud::SecurityCenter::V1p1beta1b\x06proto3' + ), + dependencies=[ + google_dot_api_dot_annotations__pb2.DESCRIPTOR, + google_dot_api_dot_resource__pb2.DESCRIPTOR, + ], +) + + +_SOURCE = _descriptor.Descriptor( + name="Source", + full_name="google.cloud.securitycenter.v1p1beta1.Source", + filename=None, + file=DESCRIPTOR, + containing_type=None, + fields=[ + _descriptor.FieldDescriptor( + name="name", + full_name="google.cloud.securitycenter.v1p1beta1.Source.name", + index=0, + number=1, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="display_name", + full_name="google.cloud.securitycenter.v1p1beta1.Source.display_name", + index=1, + number=2, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + _descriptor.FieldDescriptor( + name="description", + full_name="google.cloud.securitycenter.v1p1beta1.Source.description", + index=2, + number=3, + type=9, + cpp_type=9, + label=1, + has_default_value=False, + default_value=_b("").decode("utf-8"), + message_type=None, + enum_type=None, + containing_type=None, + is_extension=False, + extension_scope=None, + serialized_options=None, + file=DESCRIPTOR, + ), + ], + extensions=[], + nested_types=[], + enum_types=[], + serialized_options=_b( + "\352AU\n$securitycenter.googleapis.com/Source\022-organizations/{organization}/sources/{source}" + ), + is_extendable=False, + syntax="proto3", + extension_ranges=[], + oneofs=[], + serialized_start=157, + serialized_end=312, +) + +DESCRIPTOR.message_types_by_name["Source"] = _SOURCE +_sym_db.RegisterFileDescriptor(DESCRIPTOR) + +Source = _reflection.GeneratedProtocolMessageType( + "Source", + (_message.Message,), + dict( + DESCRIPTOR=_SOURCE, + __module__="google.cloud.securitycenter_v1p1beta1.proto.source_pb2", + __doc__="""Cloud Security Command Center's (Cloud SCC) finding + source. A finding source is an entity or a mechanism that can produce a + finding. A source is like a container of findings that come from the + same scanner, logger, monitor, etc. + + + Attributes: + name: + The relative resource name of this source. See: https://cloud. + google.com/apis/design/resource\_names#relative\_resource\_nam + e Example: + "organizations/{organization\_id}/sources/{source\_id}" + display_name: + The source's display name. A source's display name must be + unique amongst its siblings, for example, two sources with the + same parent can't share the same display name. The display + name must have a length between 1 and 64 characters + (inclusive). + description: + The description of the source (max of 1024 characters). + Example: "Cloud Security Scanner is a web security scanner for + common vulnerabilities in App Engine applications. It can + automatically scan and detect four common vulnerabilities, + including cross-site-scripting (XSS), Flash injection, mixed + content (HTTP in HTTPS), and outdated/insecure libraries." + """, + # @@protoc_insertion_point(class_scope:google.cloud.securitycenter.v1p1beta1.Source) + ), +) +_sym_db.RegisterMessage(Source) + + +DESCRIPTOR._options = None +_SOURCE._options = None +# @@protoc_insertion_point(module_scope) diff --git a/google/cloud/securitycenter_v1p1beta1/proto/source_pb2_grpc.py b/google/cloud/securitycenter_v1p1beta1/proto/source_pb2_grpc.py new file mode 100644 index 00000000..07cb78fe --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/proto/source_pb2_grpc.py @@ -0,0 +1,2 @@ +# Generated by the gRPC Python protocol compiler plugin. DO NOT EDIT! +import grpc diff --git a/google/cloud/securitycenter_v1p1beta1/types.py b/google/cloud/securitycenter_v1p1beta1/types.py new file mode 100644 index 00000000..dc4f3ff7 --- /dev/null +++ b/google/cloud/securitycenter_v1p1beta1/types.py @@ -0,0 +1,86 @@ +# -*- coding: utf-8 -*- +# +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +from __future__ import absolute_import +import sys + +from google.api_core.protobuf_helpers import get_messages + +from google.cloud.securitycenter_v1p1beta1.proto import asset_pb2 +from google.cloud.securitycenter_v1p1beta1.proto import finding_pb2 +from google.cloud.securitycenter_v1p1beta1.proto import notification_config_pb2 +from google.cloud.securitycenter_v1p1beta1.proto import notification_message_pb2 +from google.cloud.securitycenter_v1p1beta1.proto import organization_settings_pb2 +from google.cloud.securitycenter_v1p1beta1.proto import run_asset_discovery_response_pb2 +from google.cloud.securitycenter_v1p1beta1.proto import security_marks_pb2 +from google.cloud.securitycenter_v1p1beta1.proto import securitycenter_service_pb2 +from google.cloud.securitycenter_v1p1beta1.proto import source_pb2 +from google.iam.v1 import iam_policy_pb2 +from google.iam.v1 import options_pb2 +from google.iam.v1 import policy_pb2 +from google.longrunning import operations_pb2 +from google.protobuf import any_pb2 +from google.protobuf import duration_pb2 +from google.protobuf import empty_pb2 +from google.protobuf import field_mask_pb2 +from google.protobuf import struct_pb2 +from google.protobuf import timestamp_pb2 +from google.rpc import status_pb2 +from google.type import expr_pb2 + + +_shared_modules = [ + iam_policy_pb2, + options_pb2, + policy_pb2, + operations_pb2, + any_pb2, + duration_pb2, + empty_pb2, + field_mask_pb2, + struct_pb2, + timestamp_pb2, + status_pb2, + expr_pb2, +] + +_local_modules = [ + asset_pb2, + finding_pb2, + notification_config_pb2, + notification_message_pb2, + organization_settings_pb2, + run_asset_discovery_response_pb2, + security_marks_pb2, + securitycenter_service_pb2, + source_pb2, +] + +names = [] + +for module in _shared_modules: # pragma: NO COVER + for name, message in get_messages(module).items(): + setattr(sys.modules[__name__], name, message) + names.append(name) +for module in _local_modules: + for name, message in get_messages(module).items(): + message.__module__ = "google.cloud.securitycenter_v1p1beta1.types" + setattr(sys.modules[__name__], name, message) + names.append(name) + + +__all__ = tuple(sorted(names)) diff --git a/synth.metadata b/synth.metadata index 7d321beb..aa2e17e4 100644 --- a/synth.metadata +++ b/synth.metadata @@ -1,31 +1,41 @@ { - "updateTime": "2020-02-04T17:27:06.033838Z", + "updateTime": "2020-02-12T02:07:26.567267Z", "sources": [ { "generator": { "name": "artman", - "version": "0.44.4", - "dockerImage": "googleapis/artman@sha256:19e945954fc960a4bdfee6cb34695898ab21a8cf0bac063ee39b91f00a1faec8" + "version": "0.45.0", + "dockerImage": "googleapis/artman@sha256:6aec9c34db0e4be221cdaf6faba27bdc07cfea846808b3d3b964dfce3a9a0f9b" } }, { "git": { "name": "googleapis", - "remote": "https://github.com/googleapis/googleapis.git", - "sha": "69d9945330a5721cd679f17331a78850e2618226", - "internalRef": "293080182", - "log": "69d9945330a5721cd679f17331a78850e2618226\nAdd file-level `Session` resource definition\n\nPiperOrigin-RevId: 293080182\n\nf6a1a6b417f39694275ca286110bc3c1ca4db0dc\nAdd file-level `Session` resource definition\n\nPiperOrigin-RevId: 293080178\n\n29d40b78e3dc1579b0b209463fbcb76e5767f72a\nExpose managedidentities/v1beta1/ API for client library usage.\n\nPiperOrigin-RevId: 292979741\n\na22129a1fb6e18056d576dfb7717aef74b63734a\nExpose managedidentities/v1/ API for client library usage.\n\nPiperOrigin-RevId: 292968186\n\nb5cbe4a4ba64ab19e6627573ff52057a1657773d\nSecurityCenter v1p1beta1: move file-level option on top to workaround protobuf.js bug.\n\nPiperOrigin-RevId: 292647187\n\nb224b317bf20c6a4fbc5030b4a969c3147f27ad3\nAdds API definitions for bigqueryreservation v1beta1.\n\nPiperOrigin-RevId: 292634722\n\nc1468702f9b17e20dd59007c0804a089b83197d2\nSynchronize new proto/yaml changes.\n\nPiperOrigin-RevId: 292626173\n\nffdfa4f55ab2f0afc11d0eb68f125ccbd5e404bd\nvision: v1p3beta1 publish annotations and retry config\n\nPiperOrigin-RevId: 292605599\n\n78f61482cd028fc1d9892aa5d89d768666a954cd\nvision: v1p1beta1 publish annotations and retry config\n\nPiperOrigin-RevId: 292605125\n\n60bb5a294a604fd1778c7ec87b265d13a7106171\nvision: v1p2beta1 publish annotations and retry config\n\nPiperOrigin-RevId: 292604980\n\n3bcf7aa79d45eb9ec29ab9036e9359ea325a7fc3\nvision: v1p4beta1 publish annotations and retry config\n\nPiperOrigin-RevId: 292604656\n\n2717b8a1c762b26911b45ecc2e4ee01d98401b28\nFix dataproc artman client library generation.\n\nPiperOrigin-RevId: 292555664\n\n7ac66d9be8a7d7de4f13566d8663978c9ee9dcd7\nAdd Dataproc Autoscaling API to V1.\n\nPiperOrigin-RevId: 292450564\n\n5d932b2c1be3a6ef487d094e3cf5c0673d0241dd\n- Improve documentation\n- Add a client_id field to StreamingPullRequest\n\nPiperOrigin-RevId: 292434036\n\neaff9fa8edec3e914995ce832b087039c5417ea7\nmonitoring: v3 publish annotations and client retry config\n\nPiperOrigin-RevId: 292425288\n\n70958bab8c5353870d31a23fb2c40305b050d3fe\nBigQuery Storage Read API v1 clients.\n\nPiperOrigin-RevId: 292407644\n\n7a15e7fe78ff4b6d5c9606a3264559e5bde341d1\nUpdate backend proto for Google Cloud Endpoints\n\nPiperOrigin-RevId: 292391607\n\n3ca2c014e24eb5111c8e7248b1e1eb833977c83d\nbazel: Add --flaky_test_attempts=3 argument to prevent CI failures caused by flaky tests\n\nPiperOrigin-RevId: 292382559\n\n9933347c1f677e81e19a844c2ef95bfceaf694fe\nbazel:Integrate latest protoc-java-resource-names-plugin changes (fix for PyYAML dependency in bazel rules)\n\nPiperOrigin-RevId: 292376626\n\nb835ab9d2f62c88561392aa26074c0b849fb0bd3\nasset: v1p2beta1 add client config annotations\n\n* remove unintentionally exposed RPCs\n* remove messages relevant to removed RPCs\n\nPiperOrigin-RevId: 292369593\n\nc1246a29e22b0f98e800a536b5b0da2d933a55f2\nUpdating v1 protos with the latest inline documentation (in comments) and config options. Also adding a per-service .yaml file.\n\nPiperOrigin-RevId: 292310790\n\nb491d07cadaae7cde5608321f913e5ca1459b32d\nRevert accidental local_repository change\n\nPiperOrigin-RevId: 292245373\n\naf3400a8cb6110025198b59a0f7d018ae3cda700\nUpdate gapic-generator dependency (prebuilt PHP binary support).\n\nPiperOrigin-RevId: 292243997\n\n341fd5690fae36f36cf626ef048fbcf4bbe7cee6\ngrafeas: v1 add resource_definition for the grafeas.io/Project and change references for Project.\n\nPiperOrigin-RevId: 292221998\n\n42e915ec2ece1cd37a590fbcd10aa2c0fb0e5b06\nUpdate the gapic-generator, protoc-java-resource-name-plugin and protoc-docs-plugin to the latest commit.\n\nPiperOrigin-RevId: 292182368\n\nf035f47250675d31492a09f4a7586cfa395520a7\nFix grafeas build and update build.sh script to include gerafeas.\n\nPiperOrigin-RevId: 292168753\n\n26ccb214b7bc4a716032a6266bcb0a9ca55d6dbb\nasset: v1p1beta1 add client config annotations and retry config\n\nPiperOrigin-RevId: 292154210\n\n974ee5c0b5d03e81a50dafcedf41e0efebb5b749\nasset: v1beta1 add client config annotations\n\nPiperOrigin-RevId: 292152573\n\ncf3b61102ed5f36b827bc82ec39be09525f018c8\n Fix to protos for v1p1beta1 release of Cloud Security Command Center\n\nPiperOrigin-RevId: 292034635\n\n4e1cfaa7c0fede9e65d64213ca3da1b1255816c0\nUpdate the public proto to support UTF-8 encoded id for CatalogService API, increase the ListCatalogItems deadline to 300s and some minor documentation change\n\nPiperOrigin-RevId: 292030970\n\n9c483584f8fd5a1b862ae07973f4cc7bb3e46648\nasset: add annotations to v1p1beta1\n\nPiperOrigin-RevId: 292009868\n\ne19209fac29731d0baf6d9ac23da1164f7bdca24\nAdd the google.rpc.context.AttributeContext message to the open source\ndirectories.\n\nPiperOrigin-RevId: 291999930\n\nae5662960573f279502bf98a108a35ba1175e782\noslogin API: move file level option on top of the file to avoid protobuf.js bug.\n\nPiperOrigin-RevId: 291990506\n\neba3897fff7c49ed85d3c47fc96fe96e47f6f684\nAdd cc_proto_library and cc_grpc_library targets for Spanner and IAM protos.\n\nPiperOrigin-RevId: 291988651\n\n8e981acfd9b97ea2f312f11bbaa7b6c16e412dea\nBeta launch for PersonDetection and FaceDetection features.\n\nPiperOrigin-RevId: 291821782\n\n994e067fae3b21e195f7da932b08fff806d70b5d\nasset: add annotations to v1p2beta1\n\nPiperOrigin-RevId: 291815259\n\n244e1d2c89346ca2e0701b39e65552330d68545a\nAdd Playable Locations service\n\nPiperOrigin-RevId: 291806349\n\n909f8f67963daf45dd88d020877fb9029b76788d\nasset: add annotations to v1beta2\n\nPiperOrigin-RevId: 291805301\n\n3c39a1d6e23c1ef63c7fba4019c25e76c40dfe19\nKMS: add file-level message for CryptoKeyPath, it is defined in gapic yaml but not\nin proto files.\n\nPiperOrigin-RevId: 291420695\n\nc6f3f350b8387f8d1b85ed4506f30187ebaaddc3\ncontaineranalysis: update v1beta1 and bazel build with annotations\n\nPiperOrigin-RevId: 291401900\n\n92887d74b44e4e636252b7b8477d0d2570cd82db\nfix: fix the location of grpc config file.\n\nPiperOrigin-RevId: 291396015\n\ne26cab8afd19d396b929039dac5d874cf0b5336c\nexpr: add default_host and method_signature annotations to CelService\n\nPiperOrigin-RevId: 291240093\n\n06093ae3952441c34ec176d1f7431b8765cec0be\nirm: fix v1alpha2 bazel build by adding missing proto imports\n\nPiperOrigin-RevId: 291227940\n\na8a2514af326e4673063f9a3c9d0ef1091c87e6c\nAdd proto annotation for cloud/irm API\n\nPiperOrigin-RevId: 291217859\n\n8d16f76de065f530d395a4c7eabbf766d6a120fd\nGenerate Memcache v1beta2 API protos and gRPC ServiceConfig files\n\nPiperOrigin-RevId: 291008516\n\n3af1dabd93df9a9f17bf3624d3b875c11235360b\ngrafeas: Add containeranalysis default_host to Grafeas service\n\nPiperOrigin-RevId: 290965849\n\nbe2663fa95e31cba67d0cd62611a6674db9f74b7\nfix(google/maps/roads): add missing opening bracket\n\nPiperOrigin-RevId: 290964086\n\nfacc26550a0af0696e0534bc9cae9df14275aa7c\nUpdating v2 protos with the latest inline documentation (in comments) and adding a per-service .yaml file.\n\nPiperOrigin-RevId: 290952261\n\ncda99c1f7dc5e4ca9b1caeae1dc330838cbc1461\nChange api_name to 'asset' for v1p1beta1\n\nPiperOrigin-RevId: 290800639\n\n94e9e90c303a820ce40643d9129e7f0d2054e8a1\nAdds Google Maps Road service\n\nPiperOrigin-RevId: 290795667\n\na3b23dcb2eaecce98c600c7d009451bdec52dbda\nrpc: new message ErrorInfo, other comment updates\n\nPiperOrigin-RevId: 290781668\n\n26420ef4e46c37f193c0fbe53d6ebac481de460e\nAdd proto definition for Org Policy v1.\n\nPiperOrigin-RevId: 290771923\n\n7f0dab8177cf371ae019a082e2512de7ac102888\nPublish Routes Preferred API v1 service definitions.\n\nPiperOrigin-RevId: 290326986\n\nad6e508d0728e1d1bca6e3f328cd562718cb772d\nFix: Qualify resource type references with \"jobs.googleapis.com/\"\n\nPiperOrigin-RevId: 290285762\n\n58e770d568a2b78168ddc19a874178fee8265a9d\ncts client library\n\nPiperOrigin-RevId: 290146169\n\naf9daa4c3b4c4a8b7133b81588dd9ffd37270af2\nAdd more programming language options to public proto\n\nPiperOrigin-RevId: 290144091\n\nd9f2bbf2df301ef84641d4cec7c828736a0bd907\ntalent: add missing resource.proto dep to Bazel build target\n\nPiperOrigin-RevId: 290143164\n\n3b3968237451d027b42471cd28884a5a1faed6c7\nAnnotate Talent API.\nAdd gRPC service config for retry.\nUpdate bazel file with google.api.resource dependency.\n\nPiperOrigin-RevId: 290125172\n\n0735b4b096872960568d1f366bfa75b7b0e1f1a3\nWeekly library update.\n\nPiperOrigin-RevId: 289939042\n\n8760d3d9a4543d7f9c0d1c7870aca08b116e4095\nWeekly library update.\n\nPiperOrigin-RevId: 289939020\n\n8607df842f782a901805187e02fff598145b0b0e\nChange Talent API timeout to 30s.\n\nPiperOrigin-RevId: 289912621\n\n908155991fe32570653bcb72ecfdcfc896642f41\nAdd Recommendations AI V1Beta1\n\nPiperOrigin-RevId: 289901914\n\n5c9a8c2bebd8b71aa66d1cc473edfaac837a2c78\nAdding no-arg method signatures for ListBillingAccounts and ListServices\n\nPiperOrigin-RevId: 289891136\n\n50b0e8286ac988b0593bd890eb31fef6ea2f5767\nlongrunning: add grpc service config and default_host annotation to operations.proto\n\nPiperOrigin-RevId: 289876944\n\n6cac27dabe51c54807b0401698c32d34998948a9\n Updating default deadline for Cloud Security Command Center's v1 APIs.\n\nPiperOrigin-RevId: 289875412\n\nd99df0d67057a233c711187e0689baa4f8e6333d\nFix: Correct spelling in C# namespace option\n\nPiperOrigin-RevId: 289709813\n\n2fa8d48165cc48e35b0c62e6f7bdade12229326c\nfeat: Publish Recommender v1 to GitHub.\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 289619243\n\n9118db63d1ab493a2e44a3b4973fde810a835c49\nfirestore: don't retry reads that fail with Aborted\n\nFor transaction reads that fail with ABORTED, we need to rollback and start a new transaction. Our current configuration makes it so that GAPIC retries ABORTED reads multiple times without making any progress. Instead, we should retry at the transaction level.\n\nPiperOrigin-RevId: 289532382\n\n1dbfd3fe4330790b1e99c0bb20beb692f1e20b8a\nFix bazel build\nAdd other langauges (Java was already there) for bigquery/storage/v1alpha2 api.\n\nPiperOrigin-RevId: 289519766\n\nc06599cdd7d11f8d3fd25f8d3249e5bb1a3d5d73\nInitial commit of google.cloud.policytroubleshooter API, The API helps in troubleshooting GCP policies. Refer https://cloud.google.com/iam/docs/troubleshooting-access for more information\n\nPiperOrigin-RevId: 289491444\n\nfce7d80fa16ea241e87f7bc33d68595422e94ecd\nDo not pass samples option for Artman config of recommender v1 API.\n\nPiperOrigin-RevId: 289477403\n\nef179e8c61436297e6bb124352e47e45c8c80cb1\nfix: Address missing Bazel dependency.\n\nBazel builds stopped working in 06ec6d5 because\nthe google/longrunning/operations.proto file took\nan import from google/api/client.proto, but that\nimport was not added to BUILD.bazel.\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 289446074\n\n8841655b242c84fd691d77d7bcf21b61044f01ff\nMigrate Data Labeling v1beta1 to GAPIC v2.\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 289446026\n\n06ec6d5d053fff299eaa6eaa38afdd36c5e2fc68\nAdd annotations to google.longrunning.v1\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 289413169\n\n0480cf40be1d3cc231f4268a2fdb36a8dd60e641\nMigrate IAM Admin v1 to GAPIC v2.\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 289411084\n\n1017173e9adeb858587639af61889ad970c728b1\nSpecify a C# namespace for BigQuery Connection v1beta1\n\nPiperOrigin-RevId: 289396763\n\nb08714b378e8e5b0c4ecdde73f92c36d6303b4b6\nfix: Integrate latest proto-docs-plugin fix.\nFixes dialogflow v2\n\nPiperOrigin-RevId: 289189004\n\n51217a67e79255ee1f2e70a6a3919df082513327\nCreate BUILD file for recommender v1\n\nPiperOrigin-RevId: 289183234\n\nacacd87263c0a60e458561b8b8ce9f67c760552a\nGenerate recommender v1 API protos and gRPC ServiceConfig files\n\nPiperOrigin-RevId: 289177510\n\n9d2f7133b97720b1fa3601f6dcd30760ba6d8a1e\nFix kokoro build script\n\nPiperOrigin-RevId: 289166315\n\nc43a67530d2a47a0220cad20ca8de39b3fbaf2c5\ncloudtasks: replace missing RPC timeout config for v2beta2 and v2beta3\n\nPiperOrigin-RevId: 289162391\n\n4cefc229a9197236fc0adf02d69b71c0c5cf59de\nSynchronize new proto/yaml changes.\n\nPiperOrigin-RevId: 289158456\n\n56f263fe959c50786dab42e3c61402d32d1417bd\nCatalog API: Adding config necessary to build client libraries\n\nPiperOrigin-RevId: 289149879\n\n4543762b23a57fc3c53d409efc3a9affd47b6ab3\nFix Bazel build\nbilling/v1 and dialogflow/v2 remain broken (not bazel-related issues).\nBilling has wrong configuration, dialogflow failure is caused by a bug in documentation plugin.\n\nPiperOrigin-RevId: 289140194\n\nc9dce519127b97e866ca133a01157f4ce27dcceb\nUpdate Bigtable docs\n\nPiperOrigin-RevId: 289114419\n\n802c5c5f2bf94c3facb011267d04e71942e0d09f\nMigrate DLP to proto annotations (but not GAPIC v2).\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 289102579\n\n6357f30f2ec3cff1d8239d18b707ff9d438ea5da\nRemove gRPC configuration file that was in the wrong place.\n\nPiperOrigin-RevId: 289096111\n\n360a8792ed62f944109d7e22d613a04a010665b4\n Protos for v1p1beta1 release of Cloud Security Command Center\n\nPiperOrigin-RevId: 289011995\n\na79211c20c4f2807eec524d00123bf7c06ad3d6e\nRoll back containeranalysis v1 to GAPIC v1.\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 288999068\n\n9e60345ba603e03484a8aaa33ce5ffa19c1c652b\nPublish Routes Preferred API v1 proto definitions.\n\nPiperOrigin-RevId: 288941399\n\nd52885b642ad2aa1f42b132ee62dbf49a73e1e24\nMigrate the service management API to GAPIC v2.\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 288909426\n\n6ace586805c08896fef43e28a261337fcf3f022b\ncloudtasks: replace missing RPC timeout config\n\nPiperOrigin-RevId: 288783603\n\n51d906cabee4876b12497054b15b05d4a50ad027\nImport of Grafeas from Github.\n\nUpdate BUILD.bazel accordingly.\n\nPiperOrigin-RevId: 288783426\n\n5ef42bcd363ba0440f0ee65b3c80b499e9067ede\nMigrate Recommender v1beta1 to GAPIC v2.\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 288713066\n\n94f986afd365b7d7e132315ddcd43d7af0e652fb\nMigrate Container Analysis v1 to GAPIC v2.\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 288708382\n\n7a751a279184970d3b6ba90e4dd4d22a382a0747\nRemove Container Analysis v1alpha1 (nobody publishes it).\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 288707473\n\n3c0d9c71242e70474b2b640e15bb0a435fd06ff0\nRemove specious annotation from BigQuery Data Transfer before\nanyone accidentally does anything that uses it.\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 288701604\n\n1af307a4764bd415ef942ac5187fa1def043006f\nMigrate BigQuery Connection to GAPIC v2.\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 288698681\n\n08b488e0660c59842a7dee0e3e2b65d9e3a514a9\nExposing cloud_catalog.proto (This API is already available through REST)\n\nPiperOrigin-RevId: 288625007\n\na613482977e11ac09fa47687a5d1b5a01efcf794\nUpdate the OS Login v1beta API description to render better in the UI.\n\nPiperOrigin-RevId: 288547940\n\n5e182b8d9943f1b17008d69d4c7e865dc83641a7\nUpdate the OS Login API description to render better in the UI.\n\nPiperOrigin-RevId: 288546443\n\ncb79155f596e0396dd900da93872be7066f6340d\nFix: Add a resource annotation for Agent\nFix: Correct the service name in annotations for Intent and SessionEntityType\n\nPiperOrigin-RevId: 288441307\n\nf7f6e9daec3315fd47cb638789bd8415bf4a27cc\nAdded cloud asset api v1p1beta1\n\nPiperOrigin-RevId: 288427239\n\nf2880f5b342c6345f3dcaad24fcb3c6ca9483654\nBilling account API: Adding config necessary to build client libraries\n\nPiperOrigin-RevId: 288351810\n\ndc250ffe071729f8f8bef9d6fd0fbbeb0254c666\nFix: Remove incorrect resource annotations in requests\n\nPiperOrigin-RevId: 288321208\n\n91ef2d9dd69807b0b79555f22566fb2d81e49ff9\nAdd GAPIC annotations to Cloud KMS (but do not migrate the GAPIC config yet).\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 287999179\n\n4d45a6399e9444fbddaeb1c86aabfde210723714\nRefreshing Cloud Billing API protos.\n\nThis exposes the following API methods:\n- UpdateBillingAccount\n- CreateBillingAccount\n- GetIamPolicy\n- SetIamPolicy\n- TestIamPermissions\n\nThere are also some new fields to support the management of sub-accounts.\n\nPiperOrigin-RevId: 287908369\n\nec285d3d230810147ebbf8d5b691ee90320c6d2d\nHide not yet implemented update_transforms message\n\nPiperOrigin-RevId: 287608953\n\na202fb3b91cd0e4231be878b0348afd17067cbe2\nBigQuery Storage Write API v1alpha2 clients. The service is enabled by whitelist only.\n\nPiperOrigin-RevId: 287379998\n\n650d7f1f8adb0cfaf37b3ce2241c3168f24efd4d\nUpdate Readme.md to match latest Bazel updates\n090d98aea20270e3be4b64240775588f7ce50ff8\ndocs(bigtable): Fix library release level listed in generated documentation\n\nPiperOrigin-RevId: 287308849\n\n2c28f646ca77b1d57550368be22aa388adde2e66\nfirestore: retry reads that fail with contention\n\nPiperOrigin-RevId: 287250665\n\nfd3091fbe9b2083cabc53dc50c78035658bfc4eb\nSync timeout in grpc config back to 10s for tasks API with github googelapis gapic config.\n\nPiperOrigin-RevId: 287207067\n\n49dd7d856a6f77c0cf7e5cb3334423e5089a9e8a\nbazel: Integrate bazel-2.0.0 compatibility fixes\n\nPiperOrigin-RevId: 287205644\n\n46e52fd64973e815cae61e78b14608fe7aa7b1df\nbazel: Integrate bazel build file generator\n\nTo generate/update BUILD.bazel files for any particular client or a batch of clients:\n```\nbazel run //:build_gen -- --src=google/example/library\n```\n\nPiperOrigin-RevId: 286958627\n\n1a380ea21dea9b6ac6ad28c60ad96d9d73574e19\nBigQuery Storage Read API v1beta2 clients.\n\nPiperOrigin-RevId: 286616241\n\n5f3f1d0f1c06b6475a17d995e4f7a436ca67ec9e\nAdd Artman config for secretmanager.\n\nPiperOrigin-RevId: 286598440\n\n50af0530730348f1e3697bf3c70261f7daaf2981\nSynchronize new proto/yaml changes.\n\nPiperOrigin-RevId: 286491002\n\n91818800384f4ed26961aea268910b1a2ec58cc8\nFor Data Catalog API,\n1. Add support for marking a tag template field as required when creating a new tag template.\n2. Add support for updating a tag template field from required to optional.\n\nPiperOrigin-RevId: 286490262\n\nff4a2047b3d66f38c9b22197c370ed0d02fc0238\nWeekly library update.\n\nPiperOrigin-RevId: 286484215\n\n192c14029861752a911ed434fd6ee5b850517cd9\nWeekly library update.\n\nPiperOrigin-RevId: 286484165\n\nd9e328eaf790d4e4346fbbf32858160f497a03e0\nFix bazel build (versions 1.x)\n\nBump gapic-generator and resource names plugins to the latest version.\n\nPiperOrigin-RevId: 286469287\n\n0ca305403dcc50e31ad9477c9b6241ddfd2056af\nsecretmanager client package name option updates for java and go\n\nPiperOrigin-RevId: 286439553\n\nade4803e8a1a9e3efd249c8c86895d2f12eb2aaa\niam credentials: publish v1 protos containing annotations\n\nPiperOrigin-RevId: 286418383\n\n03e5708e5f8d1909dcb74b25520309e59ebf24be\nsecuritycenter: add missing proto deps for Bazel build\n\nPiperOrigin-RevId: 286417075\n\n8b991eb3eb82483b0ca1f1361a9c8e5b375c4747\nAdd secretmanager client package name options.\n\nPiperOrigin-RevId: 286415883\n\nd400cb8d45df5b2ae796b909f098a215b2275c1d\ndialogflow: add operation_info annotations to BatchUpdateEntities and BatchDeleteEntities.\n\nPiperOrigin-RevId: 286312673\n\nf2b25232db397ebd4f67eb901a2a4bc99f7cc4c6\nIncreased the default timeout time for all the Cloud Security Command Center client libraries.\n\nPiperOrigin-RevId: 286263771\n\ncb2f1eefd684c7efd56fd375cde8d4084a20439e\nExposing new Resource fields in the SecurityCenterProperties proto, added more comments to the filter logic for these Resource fields, and updated the response proto for the ListFindings API with the new Resource fields.\n\nPiperOrigin-RevId: 286263092\n\n73cebb20432b387c3d8879bb161b517d60cf2552\nUpdate v1beta2 clusters and jobs to include resource ids in GRPC header.\n\nPiperOrigin-RevId: 286261392\n\n1b4e453d51c0bd77e7b73896cdd8357d62768d83\nsecuritycenter: publish v1beta1 protos with annotations\n\nPiperOrigin-RevId: 286228860\n\na985eeda90ae98e8519d2320bee4dec148eb8ccb\nAdd default retry configurations for speech_v1p1beta1.\n\nSettings are copied from speech_gapic.legacy.yaml. The Python client library is being generated with timeouts that are too low. See https://github.com/GoogleCloudPlatform/python-docs-samples/issues/2578\n\nPiperOrigin-RevId: 286191318\n\n3352100a15ede383f5ab3c34599f7a10a3d066fe\nMake importing rule with the same name (but different aliases) from different repositories possible.\n\nThis is needed to allow monolitic gapic-generator and microgenerators coexist during transition period.\n\nTo plug a microgenerator:\n\n1) Add corresponding rules bidnings under `switched_rules_by_language` in repository_rules.bzl:\n rules[\"go_gapic_library2\"] = _switch(\n go and grpc and gapic,\n \"@gapic_generator_go//rules_go_gapic/go_gapic.bzl\",\n \"go_gapic_library\",\n )\n\n2) Import microgenerator in WORKSPACE (the above example assumes that the generator was imported under name \"gapic_generator_go\").\n\n3) To migrate an API from monolith to micro generator (this is done per API and per language) modify the corresponding load statement in the API's BUILD.bazel file. For example, for the example above, to migrate to go microgenerator modify the go-specific load statement in BUILD.bazel file of a specific API (which you want to migrate) to the following:\n\nload(\n \"@com_google_googleapis_imports//:imports.bzl\",\n \"go_gapic_assembly_pkg\",\n go_gapic_library = \"go_gapic_library2\",\n \"go_proto_library\",\n \"go_test\",\n)\n\nPiperOrigin-RevId: 286065440\n\n6ad2bb13bc4b0f3f785517f0563118f6ca52ddfd\nUpdated v1beta1 protos for the client:\n- added support for GenericSignedAttestation which has a generic Signature\n- added support for CVSSv3 and WindowsDetail in Vulnerability\n- documentation updates\n\nPiperOrigin-RevId: 286008145\n\nfe1962e49999a832eed8162c45f23096336a9ced\nAdMob API v1 20191210\n\nBasic account info, mediation and network report available. See https://developers.google.com/admob/api/release-notes for more details.\n\nPiperOrigin-RevId: 285894502\n\n41fc1403738b61427f3a798ca9750ef47eb9c0f2\nAnnotate the required fields for the Monitoring Dashboards API\n\nPiperOrigin-RevId: 285824386\n\n27d0e0f202cbe91bf155fcf36824a87a5764ef1e\nRemove inappropriate resource_reference annotations for UpdateWorkflowTemplateRequest.template.\n\nPiperOrigin-RevId: 285802643\n\ne5c4d3a2b5b5bef0a30df39ebb27711dc98dee64\nAdd Artman BUILD.bazel file for the Monitoring Dashboards API\n\nPiperOrigin-RevId: 285445602\n\n2085a0d3c76180ee843cf2ecef2b94ca5266be31\nFix path in the artman config for Monitoring Dashboard API.\n\nPiperOrigin-RevId: 285233245\n\n2da72dfe71e4cca80902f9e3e125c40f02c2925b\nAdd Artman and GAPIC configs for the Monitoring Dashboards API.\n\nPiperOrigin-RevId: 285211544\n\n9f6eeebf1f30f51ffa02acea5a71680fe592348e\nAdd annotations to Dataproc v1. (Also forwarding comment changes from internal source control.)\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 285197557\n\n19c4589a3cb44b3679f7b3fba88365b3d055d5f8\noslogin: fix v1beta retry configuration\n\nPiperOrigin-RevId: 285013366\n\nee3f02926d0f8a0bc13f8d716581aad20f575751\nAdd Monitoring Dashboards API protocol buffers to Google Cloud Monitoring API.\n\nPiperOrigin-RevId: 284982647\n\ne47fdd266542386e5e7346697f90476e96dc7ee8\nbigquery datatransfer: Remove non-publicly available DataSourceService.\n\nPiperOrigin-RevId: 284822593\n\n6156f433fd1d9d5e4a448d6c6da7f637921d92ea\nAdds OSConfig v1beta protos and initial client library config\n\nPiperOrigin-RevId: 284799663\n\n6cc9499e225a4f6a5e34fe07e390f67055d7991c\nAdd datetime.proto to google/type/BUILD.bazel\n\nPiperOrigin-RevId: 284643689\n\nfe7dd5277e39ffe0075729c61e8d118d7527946d\nCosmetic changes to proto comment as part of testing internal release instructions.\n\nPiperOrigin-RevId: 284608712\n\n68d109adad726b89f74276d2f4b2ba6aac6ec04a\nAdd annotations to securitycenter v1, but leave GAPIC v1 in place.\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 284580511\n\ndf8a1707a910fc17c71407a75547992fd1864c51\nSynchronize new proto/yaml changes.\n\nPiperOrigin-RevId: 284568564\n\na69a974976221ce3bb944901b739418b85d6408c\nclient library update\n\nPiperOrigin-RevId: 284463979\n\na4adac3a12aca6e3a792c9c35ee850435fe7cf7e\nAdded DateTime, TimeZone, and Month proto files to google/type\n\nPiperOrigin-RevId: 284277770\n\ned5dec392906078db4f7745fe4f11d34dd401ae9\nchange common resources from message-level annotations to file-level annotations.\n\nPiperOrigin-RevId: 284236794\n\na00e2c575ef1b637667b4ebe96b8c228b2ddb273\nbigquerydatatransfer: change resource type TransferRun to Run to be consistent with gapic configs\nbigquerydatatransfer: add missing patterns for DataSource, TransferConfig and Run (to allow the location segment)\nbigquerydatatransfer: add file-level Parent resource type (to allow the location segement)\nbigquerydatatransfer: update grpc service config with correct retry delays\n\nPiperOrigin-RevId: 284234378\n\nb10e4547017ca529ac8d183e839f3c272e1c13de\ncloud asset: replace required fields for batchgetassethistory. Correct the time out duration.\n\nPiperOrigin-RevId: 284059574\n\n6690161e3dcc3367639a2ec10db67bf1cf392550\nAdd default retry configurations for speech_v1.\n\nSettings are copied from speech_gapic.legacy.yaml. The Python client library is being generated with timeouts that are too low. See https://github.com/GoogleCloudPlatform/python-docs-samples/issues/2578\n\nPiperOrigin-RevId: 284035915\n\n9b2635ef91e114f0357bdb87652c26a8f59316d5\ncloudtasks: fix gapic v2 config\n\nPiperOrigin-RevId: 284020555\n\ne5676ba8b863951a8ed0bfd6046e1db38062743c\nReinstate resource name handling in GAPIC config for Asset v1.\n\nPiperOrigin-RevId: 283993903\n\nf337f7fb702c85833b7b6ca56afaf9a1bf32c096\nOSConfig AgentEndpoint: add LookupEffectiveGuestPolicy rpc\n\nPiperOrigin-RevId: 283989762\n\nc0ac9b55f2e2efd0ee525b3a6591a1b09330e55a\nInclude real time feed api into v1 version\n\nPiperOrigin-RevId: 283845474\n\n2427a3a0f6f4222315362d973d91a082a3a884a7\nfirestore admin: update v1 protos with annotations & retry config\n\nPiperOrigin-RevId: 283826605\n\n555e844dbe04af50a8f55fe1217fa9d39a0a80b2\nchore: publish retry configs for iam admin, cloud asset, and remoteworkers\n\nPiperOrigin-RevId: 283801979\n\n6311dc536668849142d1fe5cd9fc46da66d1f77f\nfirestore: update v1beta1 protos with annotations and retry config\n\nPiperOrigin-RevId: 283794315\n\nda0edeeef953b05eb1524d514d2e9842ac2df0fd\nfeat: publish several retry config files for client generation\n\nPiperOrigin-RevId: 283614497\n\n59a78053537e06190f02d0a7ffb792c34e185c5a\nRemoving TODO comment\n\nPiperOrigin-RevId: 283592535\n\n8463992271d162e2aff1d5da5b78db11f2fb5632\nFix bazel build\n\nPiperOrigin-RevId: 283589351\n\n3bfcb3d8df10dfdba58f864d3bdb8ccd69364669\nPublic client library for bebop_jobs_api_20191118_1_RC3 release.\n\nPiperOrigin-RevId: 283568877\n\n27ab0db61021d267c452b34d149161a7bf0d9f57\nfirestore: publish annotated protos and new retry config\n\nPiperOrigin-RevId: 283565148\n\n38dc36a2a43cbab4a2a9183a43dd0441670098a9\nfeat: add http annotations for operations calls\n\nPiperOrigin-RevId: 283384331\n\n366caab94906975af0e17822e372f1d34e319d51\ndatastore: add a legacy artman config for PHP generation\n\nPiperOrigin-RevId: 283378578\n\n82944da21578a53b74e547774cf62ed31a05b841\nMigrate container v1beta1 to GAPIC v2.\n\nPiperOrigin-RevId: 283342796\n\n584dcde5826dd11ebe222016b7b208a4e1196f4b\nRemove resource name annotation for UpdateKeyRequest.key, because it's the resource, not a name.\n\nPiperOrigin-RevId: 283167368\n\n6ab0171e3688bfdcf3dbc4056e2df6345e843565\nAdded resource annotation for Key message.\n\nPiperOrigin-RevId: 283066965\n\n86c1a2db1707a25cec7d92f8850cc915163ec3c3\nExpose Admin API methods for Key manipulation.\n\nPiperOrigin-RevId: 282988776\n\n3ddad085965896ffb205d44cb0c0616fe3def10b\nC++ targets: correct deps so they build, rename them from trace* to cloudtrace*\nto match the proto names.\n\nPiperOrigin-RevId: 282857635\n\ne9389365a971ad6457ceb9646c595e79dfdbdea5\nSynchronize new proto/yaml changes.\n\nPiperOrigin-RevId: 282810797\n\ne42eaaa9abed3c4d63d64f790bd3191448dbbca6\nPut back C++ targets for cloud trace v2 api.\n\nPiperOrigin-RevId: 282803841\n\nd8896a3d8a191702a9e39f29cf4c2e16fa05f76d\nAdd initial BUILD.bazel for secretmanager.googleapis.com\n\nPiperOrigin-RevId: 282674885\n\n2cc56cb83ea3e59a6364e0392c29c9e23ad12c3a\nCreate sample for list recommendations\n\nPiperOrigin-RevId: 282665402\n\nf88e2ca65790e3b44bb3455e4779b41de1bf7136\nbump Go to ga\n\nPiperOrigin-RevId: 282651105\n\naac86d932b3cefd7d746f19def6935d16d6235e0\nDocumentation update. Add location_id in preparation for regionalization.\n\nPiperOrigin-RevId: 282586371\n\n5b501cd384f6b842486bd41acce77854876158e7\nMigrate Datastore Admin to GAPIC v2.\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 282570874\n\n6a16d474d5be201b20a27646e2009c4dfde30452\nMigrate Datastore to GAPIC v2.\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 282564329\n\n74bd9b95ac8c70b883814e4765a725cffe43d77c\nmark Go lib ga\n\nPiperOrigin-RevId: 282562558\n\nf7b3d434f44f6a77cf6c37cae5474048a0639298\nAdd secretmanager.googleapis.com protos\n\nPiperOrigin-RevId: 282546399\n\nc34a911aaa0660a45f5a556578f764f135e6e060\niot: bump Go GAPIC to GA release level\n\nPiperOrigin-RevId: 282494787\n\n79b7f1c5ba86859dbf70aa6cd546057c1002cdc0\nPut back C++ targets.\nPrevious change overrode custom C++ targets made by external teams. This PR puts those targets back.\n\nPiperOrigin-RevId: 282458292\n\n06a840781d2dc1b0a28e03e30fb4b1bfb0b29d1e\nPopulate BAZEL.build files for around 100 APIs (all APIs we publish) in all 7 langauges.\n\nPiperOrigin-RevId: 282449910\n\n777b580a046c4fa84a35e1d00658b71964120bb0\nCreate BUILD file for recommender v1beta1\n\nPiperOrigin-RevId: 282068850\n\n48b385b6ef71dfe2596490ea34c9a9a434e74243\nGenerate recommender v1beta1 gRPC ServiceConfig file\n\nPiperOrigin-RevId: 282067795\n\n8395b0f1435a4d7ce8737b3b55392627758bd20c\nfix: Set timeout to 25s, because Tasks fails for any deadline above 30s.\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 282017295\n\n3ba7ddc4b2acf532bdfb0004ca26311053c11c30\nfix: Shift Ruby and PHP to legacy GAPIC YAMLs for back-compat.\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 281852671\n\nad6f0c002194c3ec6c13d592d911d122d2293931\nRemove unneeded yaml files\n\nPiperOrigin-RevId: 281835839\n\n1f42588e4373750588152cdf6f747de1cadbcbef\nrefactor: Migrate Tasks beta 2 to GAPIC v2.\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 281769558\n\n902b51f2073e9958a2aba441f7f7ac54ea00966d\nrefactor: Migrate Tasks to GAPIC v2 (for real this time).\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 281769522\n\n17561f59970eede87f61ef6e9c322fa1198a2f4d\nMigrate Tasks Beta 3 to GAPIC v2.\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 281769519\n\nf95883b15a1ddd58eb7e3583fdefe7b00505faa3\nRegenerate recommender v1beta1 protos and sanitized yaml\n\nPiperOrigin-RevId: 281765245\n\n9a52df54c626b36699a058013d1735a166933167\nadd gRPC ServiceConfig for grafeas v1\n\nPiperOrigin-RevId: 281762754\n\n7a79d682ef40c5ca39c3fca1c0901a8e90021f8a\nfix: Roll back Tasks GAPIC v2 while we investigate C# issue.\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 281758548\n\n3fc31491640a90f029f284289e7e97f78f442233\nMigrate Tasks to GAPIC v2.\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 281751187\n\n5bc0fecee454f857cec042fb99fe2d22e1bff5bc\nfix: adds operation HTTP rules back to v1p1beta1 config\n\nPiperOrigin-RevId: 281635572\n\n5364a19284a1333b3ffe84e4e78a1919363d9f9c\nbazel: Fix build\n\n1) Update to latest gapic-generator (has iam resource names fix for java).\n2) Fix non-trivial issues with oslogin (resources defined in sibling package to the one they are used from) and monitoring.\n3) Fix trivial missing dependencies in proto_library targets for other apis.\n\nThis is to prepare the repository to being populated with BUILD.bazel files for all supported apis (101 API) in all 7 languages.\n\nPiperOrigin-RevId: 281618750\n\n0aa77cbe45538d5e5739eb637db3f2940b912789\nUpdating common proto files in google/type/ with their latest versions.\n\nPiperOrigin-RevId: 281603926\n\nd47e1b4485b3effbb2298eb10dd13a544c0f66dc\nfix: replace Speech Recognize RPC retry_codes_name for non-standard assignment\n\nPiperOrigin-RevId: 281594037\n\n16543773103e2619d2b5f52456264de5bb9be104\nRegenerating public protos for datacatalog, also adding gRPC service config.\n\nPiperOrigin-RevId: 281423227\n\n328ebe76adb06128d12547ed70107fb841aebf4e\nChange custom data type from String to google.protobuf.Struct to be consistent with other docs such as\nhttps://developers.google.com/actions/smarthome/develop/process-intents#response_format\n\nPiperOrigin-RevId: 281402467\n\n5af83f47b9656261cafcf88b0b3334521ab266b3\n(internal change without visible public changes)\n\nPiperOrigin-RevId: 281334391\n\nc53ed56649583a149382bd88d3c427be475b91b6\nFix typo in protobuf docs.\n\nPiperOrigin-RevId: 281293109\n\nd8dd7fe8d5304f7bd1c52207703d7f27d5328c5a\nFix build by adding missing deps.\n\nPiperOrigin-RevId: 281088257\n\n3ef5ffd7351809d75c1332d2eaad1f24d9c318e4\nMigrate Error Reporting v1beta1 to proto annotations / GAPIC v2.\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 281075722\n\n418ee8e24a56b5959e1c1defa4b6c97f883be379\nTrace v2: Add remaining proto annotations, migrate to GAPIC v2.\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 281068859\n\nc89394342a9ef70acaf73a6959e04b943fbc817b\nThis change updates an outdated comment for the feature importance proto field since they are no longer in [0, 1] for online predictions.\n\nPiperOrigin-RevId: 280761373\n\n1ec8b8e2c3c8f41d7d2b22c594c025276d6a4ae6\nCode refactoring\n\nPiperOrigin-RevId: 280760149\n\n427a22b04039f93b769d89accd6f487413f667c1\nImport automl operation protos.\n\nPiperOrigin-RevId: 280703572\n\n45749a04dac104e986f6cc47da3baf7c8bb6f9b0\nfix: bigqueryconnection_gapic.yaml to reflect proto annotations\n\n* remove connection_credential resource\n* make CreateCredentialRequest.connection_id optional\n* shuffle field ordering in CreateCredential flattening\n\nPiperOrigin-RevId: 280685438\n\n8385366aa1e5d7796793db02a9c5e167d1fd8f17\nRevert the Trace v2 GAPIC for now.\nCommitter: @lukesneeringer\n\nPiperOrigin-RevId: 280669295\n\n5c8ab2c072d557c2f4c4e54b544394e2d62202d5\nMigrate Trace v1 and Trace v2 to GAPIC v2.\n\nCommitter: @lukesneeringer\nPiperOrigin-RevId: 280667429\n\nf6808ff4e8b966cd571e99279d4a2780ed97dff2\nRename the `endpoint_urls` field to `endpoint_uris` to be consistent with\nGoogle API nomenclature.\n\nPiperOrigin-RevId: 280581337\n\n1935fb8889686f5c9d107f11b3c6870fc3aa7cdc\nComment updates\n\nPiperOrigin-RevId: 280451656\n\n0797fd5b9029d630e68a0899734715d62ad38e33\nComment updates\n\nPiperOrigin-RevId: 280451600\n\n9bc8d07b8b749e791d16c8d559526928ceaf1994\nRollback of \"Migrate Cloud Error Reporting to proto annotations & GAPIC v2.\"\n\nPiperOrigin-RevId: 280445975\n\nf8720321aecf4aab42e03602ac2c67f9777d9170\nfix: bigtable retry config in GAPIC v2\n\nPiperOrigin-RevId: 280434856\n\nb11664ba64f92d96d748e0dd9724d006dcafd120\nMigrate Cloud Error Reporting to proto annotations & GAPIC v2.\n\nPiperOrigin-RevId: 280432937\n\n4f747bda9b099b4426f495985680d16d0227fa5f\n1. Change DataCatalog package name in java from com.google.cloud.datacatalog to com.google.cloud.datacatalog.v1beta1 (API version is included in the package). *This is a breaking change.*\n\n2. Add API for Taxonomies (PolicyTagManager and PolicyTagManagerSerialization services).\n\n3. Minor changes to documentation.\n\nPiperOrigin-RevId: 280394936\n\nbc76ffd87360ce1cd34e3a6eac28afd5e1efda76\nUse rules_proto bzl files to load proto_library\n\nThis makes googleapis forward compatible with Bazel incompatible change https://github.com/bazelbuild/bazel/issues/8922.\n\nThis CL was created by adding @rules_proto to the WORKSPACE file and then running:\n\nfind . -name BUILD.bazel | \\\n while read build; do \\\n buildifier --lint=fix --warnings=load $build; \\\n done\n\nSince buildifier cannot be told not to reformat the BUILD file, some files are reformatted.\n\nPiperOrigin-RevId: 280356106\n\n218164b3deba1075979c9dca5f71461379e42dd1\nMake the `permissions` argument in TestIamPermissions required.\n\nPiperOrigin-RevId: 280279014\n\ndec8fd8ea5dc464496606189ba4b8949188639c8\nUpdating Cloud Billing Budget API documentation for clarity.\n\nPiperOrigin-RevId: 280225437\n\na667ffab90deb5e2669eb40ec7b61ec96a3d0454\nIntroduced detailed status message for CreateTimeSeries: CreateTimeSeriesSummary replaces CreateTimeSeriesError, which is now deprecated and unused.\n\nPiperOrigin-RevId: 280221707\n\nbe0a25eceec8916633447a37af0ecea801b85186\nMigrate Bigtable API to GAPIC v2 config.\n\nPiperOrigin-RevId: 280199643\n\n88bbf96b90089994ed16208a0f38cdd07f743742\nFix location of monitoring.yaml in Artman config for monitoring v3.\n\nPiperOrigin-RevId: 280134477\n\ndbaa01a20303758eed0c5a95ad2239ea306ad9a5\nUpdate namespace for PHP.\n\nPiperOrigin-RevId: 280085199\n\nf73b3796a635b2026a590d5133af7fa1f0eb807b\nStandardize pub/sub client default settings across clients:\n- Add retry codes for streaming pull\n- Decrease publish's max_rpc_timeout (mini-timeout) from 10 mins to 1 min\n- Decrease publish's total timeout from 10 mins to 1 min\n- Increase publish batching threshold from 10 to 100 elements\n- Increase publish batching size threshold from 1 KiB to 1 MiB\n\nPiperOrigin-RevId: 280044012\n\n822172613e1d93bede3beaf78b123c42a5876e2b\nReplace local_repository with http_archive in WORKSPACE\n\nPiperOrigin-RevId: 280039052\n\n6a8c7914d1b79bd832b5157a09a9332e8cbd16d4\nAdded notification_supported_by_agent to indicate whether the agent is sending notifications to Google or not.\n\nPiperOrigin-RevId: 279991530\n\n675de3dc9ab98cc1cf54216ad58c933ede54e915\nAdd an endpoint_urls field to the instance admin proto and adds a field_mask field to the GetInstanceRequest.\n\nPiperOrigin-RevId: 279982263\n\n" + "remote": "git@github.com:googleapis/googleapis.git", + "sha": "8a36b928873ff9c05b43859b9d4ea14cd205df57", + "internalRef": "294459768", + "log": "8a36b928873ff9c05b43859b9d4ea14cd205df57\nFix: Define the \"bigquery.googleapis.com/Table\" resource in the BigQuery Storage API (v1beta2).\n\nPiperOrigin-RevId: 294459768\n\nc7a3caa2c40c49f034a3c11079dd90eb24987047\nFix: Define the \"bigquery.googleapis.com/Table\" resource in the BigQuery Storage API (v1).\n\nPiperOrigin-RevId: 294456889\n\n5006247aa157e59118833658084345ee59af7c09\nFix: Make deprecated fields optional\nFix: Deprecate SetLoggingServiceRequest.zone in line with the comments\nFeature: Add resource name method signatures where appropriate\n\nPiperOrigin-RevId: 294383128\n\neabba40dac05c5cbe0fca3a35761b17e372036c4\nFix: C# and PHP package/namespace capitalization for BigQuery Storage v1.\n\nPiperOrigin-RevId: 294382444\n\nf8d9a858a7a55eba8009a23aa3f5cc5fe5e88dde\nfix: artman configuration file for bigtable-admin\n\nPiperOrigin-RevId: 294322616\n\n0f29555d1cfcf96add5c0b16b089235afbe9b1a9\nAPI definition for (not-yet-launched) GCS gRPC.\n\nPiperOrigin-RevId: 294321472\n\nfcc86bee0e84dc11e9abbff8d7c3529c0626f390\nfix: Bigtable Admin v2\n\nChange LRO metadata from PartialUpdateInstanceMetadata\nto UpdateInstanceMetadata. (Otherwise, it will not build.)\n\nPiperOrigin-RevId: 294264582\n\n6d9361eae2ebb3f42d8c7ce5baf4bab966fee7c0\nrefactor: Add annotations to Bigtable Admin v2.\n\nPiperOrigin-RevId: 294243406\n\nad7616f3fc8e123451c8b3a7987bc91cea9e6913\nFix: Resource type in CreateLogMetricRequest should use logging.googleapis.com.\nFix: ListLogEntries should have a method signature for convenience of calling it.\n\nPiperOrigin-RevId: 294222165\n\n63796fcbb08712676069e20a3e455c9f7aa21026\nFix: Remove extraneous resource definition for cloudkms.googleapis.com/CryptoKey.\n\nPiperOrigin-RevId: 294176658\n\ne7d8a694f4559201e6913f6610069cb08b39274e\nDepend on the latest gapic-generator and resource names plugin.\n\nThis fixes the very old an very annoying bug: https://github.com/googleapis/gapic-generator/pull/3087\n\nPiperOrigin-RevId: 293903652\n\n806b2854a966d55374ee26bb0cef4e30eda17b58\nfix: correct capitalization of Ruby namespaces in SecurityCenter V1p1beta1\n\nPiperOrigin-RevId: 293903613\n\n1b83c92462b14d67a7644e2980f723112472e03a\nPublish annotations and grpc service config for Logging API.\n\nPiperOrigin-RevId: 293893514\n\ne46f761cd6ec15a9e3d5ed4ff321a4bcba8e8585\nGenerate the Bazel build file for recommendengine public api\n\nPiperOrigin-RevId: 293710856\n\n68477017c4173c98addac0373950c6aa9d7b375f\nMake `language_code` optional for UpdateIntentRequest and BatchUpdateIntentsRequest.\n\nThe comments and proto annotations describe this parameter as optional.\n\nPiperOrigin-RevId: 293703548\n\n16f823f578bca4e845a19b88bb9bc5870ea71ab2\nAdd BUILD.bazel files for managedidentities API\n\nPiperOrigin-RevId: 293698246\n\n2f53fd8178c9a9de4ad10fae8dd17a7ba36133f2\nAdd v1p1beta1 config file\n\nPiperOrigin-RevId: 293696729\n\n052b274138fce2be80f97b6dcb83ab343c7c8812\nAdd source field for user event and add field behavior annotations\n\nPiperOrigin-RevId: 293693115\n\n1e89732b2d69151b1b3418fff3d4cc0434f0dded\ndatacatalog: v1beta1 add three new RPCs to gapic v1beta1 config\n\nPiperOrigin-RevId: 293692823\n\n9c8bd09bbdc7c4160a44f1fbab279b73cd7a2337\nchange the name of AccessApproval service to AccessApprovalAdmin\n\nPiperOrigin-RevId: 293690934\n\n2e23b8fbc45f5d9e200572ca662fe1271bcd6760\nAdd ListEntryGroups method, add http bindings to support entry group tagging, and update some comments.\n\nPiperOrigin-RevId: 293666452\n\n0275e38a4ca03a13d3f47a9613aac8c8b0d3f1f2\nAdd proto_package field to managedidentities API. It is needed for APIs that still depend on artman generation.\n\nPiperOrigin-RevId: 293643323\n\n4cdfe8278cb6f308106580d70648001c9146e759\nRegenerating public protos for Data Catalog to add new Custom Type Entry feature.\n\nPiperOrigin-RevId: 293614782\n\n45d2a569ab526a1fad3720f95eefb1c7330eaada\nEnable client generation for v1 ManagedIdentities API.\n\nPiperOrigin-RevId: 293515675\n\n2c17086b77e6f3bcf04a1f65758dfb0c3da1568f\nAdd the Actions on Google common types (//google/actions/type/*).\n\nPiperOrigin-RevId: 293478245\n\n781aadb932e64a12fb6ead7cd842698d99588433\nDialogflow weekly v2/v2beta1 library update:\n- Documentation updates\nImportant updates are also posted at\nhttps://cloud.google.com/dialogflow/docs/release-notes\n\nPiperOrigin-RevId: 293443396\n\ne2602608c9138c2fca24162720e67f9307c30b95\nDialogflow weekly v2/v2beta1 library update:\n- Documentation updates\nImportant updates are also posted at\nhttps://cloud.google.com/dialogflow/docs/release-notes\n\nPiperOrigin-RevId: 293442964\n\nc8aef82028d06b7992278fa9294c18570dc86c3d\nAdd cc_proto_library and cc_grpc_library targets for Bigtable protos.\n\nAlso fix indentation of cc_grpc_library targets in Spanner and IAM protos.\n\nPiperOrigin-RevId: 293440538\n\ne2faab04f4cb7f9755072330866689b1943a16e9\ncloudtasks: v2 replace non-standard retry params in gapic config v2\n\nPiperOrigin-RevId: 293424055\n\ndfb4097ea628a8470292c6590a4313aee0c675bd\nerrorreporting: v1beta1 add legacy artman config for php\n\nPiperOrigin-RevId: 293423790\n\nb18aed55b45bfe5b62476292c72759e6c3e573c6\nasset: v1p1beta1 updated comment for `page_size` limit.\n\nPiperOrigin-RevId: 293421386\n\nc9ef36b7956d9859a2fc86ad35fcaa16958ab44f\nbazel: Refactor CI build scripts\n\nPiperOrigin-RevId: 293387911\n\na8ed9d921fdddc61d8467bfd7c1668f0ad90435c\nfix: set Ruby module name for OrgPolicy\n\nPiperOrigin-RevId: 293257997\n\n6c7d28509bd8315de8af0889688ee20099594269\nredis: v1beta1 add UpgradeInstance and connect_mode field to Instance\n\nPiperOrigin-RevId: 293242878\n\nae0abed4fcb4c21f5cb67a82349a049524c4ef68\nredis: v1 add connect_mode field to Instance\n\nPiperOrigin-RevId: 293241914\n\n3f7a0d29b28ee9365771da2b66edf7fa2b4e9c56\nAdds service config definition for bigqueryreservation v1beta1\n\nPiperOrigin-RevId: 293234418\n\n0c88168d5ed6fe353a8cf8cbdc6bf084f6bb66a5\naddition of BUILD & configuration for accessapproval v1\n\nPiperOrigin-RevId: 293219198\n\n39bedc2e30f4778ce81193f6ba1fec56107bcfc4\naccessapproval: v1 publish protos\n\nPiperOrigin-RevId: 293167048\n\n" } }, { "template": { "name": "python_split_library", "origin": "synthtool.gcp", - "version": "2019.10.17" + "version": "2020.2.4" } } ], "destinations": [ + { + "client": { + "source": "googleapis", + "apiName": "securitycenter", + "apiVersion": "v1p1beta1", + "language": "python", + "generator": "gapic", + "config": "google/cloud/securitycenter/artman_securitycenter_v1p1beta1.yaml" + } + }, { "client": { "source": "googleapis", diff --git a/synth.py b/synth.py index 1c5959a4..d89a71d9 100644 --- a/synth.py +++ b/synth.py @@ -18,7 +18,7 @@ gapic = gcp.GAPICGenerator() common = gcp.CommonTemplates() -versions = ["v1beta1", "v1"] +versions = ["v1p1beta1", "v1beta1", "v1"] # ---------------------------------------------------------------------------- # Generate securitycenter GAPIC layer diff --git a/tests/unit/gapic/v1/test_security_center_client_v1.py b/tests/unit/gapic/v1/test_security_center_client_v1.py index 7f60e4fa..83cccc6d 100644 --- a/tests/unit/gapic/v1/test_security_center_client_v1.py +++ b/tests/unit/gapic/v1/test_security_center_client_v1.py @@ -1,6 +1,6 @@ # -*- coding: utf-8 -*- # -# Copyright 2019 Google LLC +# Copyright 2020 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/tests/unit/gapic/v1beta1/test_security_center_client_v1beta1.py b/tests/unit/gapic/v1beta1/test_security_center_client_v1beta1.py index 4f9022fe..bab98fc9 100644 --- a/tests/unit/gapic/v1beta1/test_security_center_client_v1beta1.py +++ b/tests/unit/gapic/v1beta1/test_security_center_client_v1beta1.py @@ -1,6 +1,6 @@ # -*- coding: utf-8 -*- # -# Copyright 2019 Google LLC +# Copyright 2020 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/tests/unit/gapic/v1p1beta1/test_security_center_client_v1p1beta1.py b/tests/unit/gapic/v1p1beta1/test_security_center_client_v1p1beta1.py new file mode 100644 index 00000000..616284bb --- /dev/null +++ b/tests/unit/gapic/v1p1beta1/test_security_center_client_v1p1beta1.py @@ -0,0 +1,1180 @@ +# -*- coding: utf-8 -*- +# +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# https://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +"""Unit tests.""" + +import mock +import pytest + +from google.rpc import status_pb2 + +from google.cloud import securitycenter_v1p1beta1 +from google.cloud.securitycenter_v1p1beta1 import enums +from google.cloud.securitycenter_v1p1beta1.proto import finding_pb2 +from google.cloud.securitycenter_v1p1beta1.proto import notification_config_pb2 +from google.cloud.securitycenter_v1p1beta1.proto import organization_settings_pb2 +from google.cloud.securitycenter_v1p1beta1.proto import run_asset_discovery_response_pb2 +from google.cloud.securitycenter_v1p1beta1.proto import security_marks_pb2 +from google.cloud.securitycenter_v1p1beta1.proto import securitycenter_service_pb2 +from google.cloud.securitycenter_v1p1beta1.proto import source_pb2 +from google.iam.v1 import iam_policy_pb2 +from google.iam.v1 import policy_pb2 +from google.longrunning import operations_pb2 +from google.protobuf import empty_pb2 +from google.protobuf import timestamp_pb2 + + +class MultiCallableStub(object): + """Stub for the grpc.UnaryUnaryMultiCallable interface.""" + + def __init__(self, method, channel_stub): + self.method = method + self.channel_stub = channel_stub + + def __call__(self, request, timeout=None, metadata=None, credentials=None): + self.channel_stub.requests.append((self.method, request)) + + response = None + if self.channel_stub.responses: + response = self.channel_stub.responses.pop() + + if isinstance(response, Exception): + raise response + + if response: + return response + + +class ChannelStub(object): + """Stub for the grpc.Channel interface.""" + + def __init__(self, responses=[]): + self.responses = responses + self.requests = [] + + def unary_unary(self, method, request_serializer=None, response_deserializer=None): + return MultiCallableStub(method, self) + + +class CustomException(Exception): + pass + + +class TestSecurityCenterClient(object): + def test_create_source(self): + # Setup Expected Response + name = "name3373707" + display_name = "displayName1615086568" + description = "description-1724546052" + expected_response = { + "name": name, + "display_name": display_name, + "description": description, + } + expected_response = source_pb2.Source(**expected_response) + + # Mock the API response + channel = ChannelStub(responses=[expected_response]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup Request + parent = client.organization_path("[ORGANIZATION]") + source = {} + + response = client.create_source(parent, source) + assert expected_response == response + + assert len(channel.requests) == 1 + expected_request = securitycenter_service_pb2.CreateSourceRequest( + parent=parent, source=source + ) + actual_request = channel.requests[0][1] + assert expected_request == actual_request + + def test_create_source_exception(self): + # Mock the API response + channel = ChannelStub(responses=[CustomException()]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup request + parent = client.organization_path("[ORGANIZATION]") + source = {} + + with pytest.raises(CustomException): + client.create_source(parent, source) + + def test_create_finding(self): + # Setup Expected Response + name = "name3373707" + parent_2 = "parent21175163357" + resource_name = "resourceName979421212" + category = "category50511102" + external_uri = "externalUri-1385596168" + expected_response = { + "name": name, + "parent": parent_2, + "resource_name": resource_name, + "category": category, + "external_uri": external_uri, + } + expected_response = finding_pb2.Finding(**expected_response) + + # Mock the API response + channel = ChannelStub(responses=[expected_response]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup Request + parent = client.source_path("[ORGANIZATION]", "[SOURCE]") + finding_id = "findingId728776081" + finding = {} + + response = client.create_finding(parent, finding_id, finding) + assert expected_response == response + + assert len(channel.requests) == 1 + expected_request = securitycenter_service_pb2.CreateFindingRequest( + parent=parent, finding_id=finding_id, finding=finding + ) + actual_request = channel.requests[0][1] + assert expected_request == actual_request + + def test_create_finding_exception(self): + # Mock the API response + channel = ChannelStub(responses=[CustomException()]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup request + parent = client.source_path("[ORGANIZATION]", "[SOURCE]") + finding_id = "findingId728776081" + finding = {} + + with pytest.raises(CustomException): + client.create_finding(parent, finding_id, finding) + + def test_create_notification_config(self): + # Setup Expected Response + name = "name3373707" + description = "description-1724546052" + pubsub_topic = "pubsubTopic-338126829" + service_account = "serviceAccount-1948028253" + expected_response = { + "name": name, + "description": description, + "pubsub_topic": pubsub_topic, + "service_account": service_account, + } + expected_response = notification_config_pb2.NotificationConfig( + **expected_response + ) + + # Mock the API response + channel = ChannelStub(responses=[expected_response]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup Request + parent = client.organization_path("[ORGANIZATION]") + config_id = "configId-804450504" + notification_config = {} + + response = client.create_notification_config( + parent, config_id, notification_config + ) + assert expected_response == response + + assert len(channel.requests) == 1 + expected_request = securitycenter_service_pb2.CreateNotificationConfigRequest( + parent=parent, config_id=config_id, notification_config=notification_config + ) + actual_request = channel.requests[0][1] + assert expected_request == actual_request + + def test_create_notification_config_exception(self): + # Mock the API response + channel = ChannelStub(responses=[CustomException()]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup request + parent = client.organization_path("[ORGANIZATION]") + config_id = "configId-804450504" + notification_config = {} + + with pytest.raises(CustomException): + client.create_notification_config(parent, config_id, notification_config) + + def test_delete_notification_config(self): + channel = ChannelStub() + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup Request + name = client.notification_config_path( + "[ORGANIZATION]", "[NOTIFICATION_CONFIG]" + ) + + client.delete_notification_config(name) + + assert len(channel.requests) == 1 + expected_request = securitycenter_service_pb2.DeleteNotificationConfigRequest( + name=name + ) + actual_request = channel.requests[0][1] + assert expected_request == actual_request + + def test_delete_notification_config_exception(self): + # Mock the API response + channel = ChannelStub(responses=[CustomException()]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup request + name = client.notification_config_path( + "[ORGANIZATION]", "[NOTIFICATION_CONFIG]" + ) + + with pytest.raises(CustomException): + client.delete_notification_config(name) + + def test_get_iam_policy(self): + # Setup Expected Response + version = 351608024 + etag = b"21" + expected_response = {"version": version, "etag": etag} + expected_response = policy_pb2.Policy(**expected_response) + + # Mock the API response + channel = ChannelStub(responses=[expected_response]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup Request + resource = "resource-341064690" + + response = client.get_iam_policy(resource) + assert expected_response == response + + assert len(channel.requests) == 1 + expected_request = iam_policy_pb2.GetIamPolicyRequest(resource=resource) + actual_request = channel.requests[0][1] + assert expected_request == actual_request + + def test_get_iam_policy_exception(self): + # Mock the API response + channel = ChannelStub(responses=[CustomException()]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup request + resource = "resource-341064690" + + with pytest.raises(CustomException): + client.get_iam_policy(resource) + + def test_get_notification_config(self): + # Setup Expected Response + name_2 = "name2-1052831874" + description = "description-1724546052" + pubsub_topic = "pubsubTopic-338126829" + service_account = "serviceAccount-1948028253" + expected_response = { + "name": name_2, + "description": description, + "pubsub_topic": pubsub_topic, + "service_account": service_account, + } + expected_response = notification_config_pb2.NotificationConfig( + **expected_response + ) + + # Mock the API response + channel = ChannelStub(responses=[expected_response]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup Request + name = client.notification_config_path( + "[ORGANIZATION]", "[NOTIFICATION_CONFIG]" + ) + + response = client.get_notification_config(name) + assert expected_response == response + + assert len(channel.requests) == 1 + expected_request = securitycenter_service_pb2.GetNotificationConfigRequest( + name=name + ) + actual_request = channel.requests[0][1] + assert expected_request == actual_request + + def test_get_notification_config_exception(self): + # Mock the API response + channel = ChannelStub(responses=[CustomException()]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup request + name = client.notification_config_path( + "[ORGANIZATION]", "[NOTIFICATION_CONFIG]" + ) + + with pytest.raises(CustomException): + client.get_notification_config(name) + + def test_get_organization_settings(self): + # Setup Expected Response + name_2 = "name2-1052831874" + enable_asset_discovery = False + expected_response = { + "name": name_2, + "enable_asset_discovery": enable_asset_discovery, + } + expected_response = organization_settings_pb2.OrganizationSettings( + **expected_response + ) + + # Mock the API response + channel = ChannelStub(responses=[expected_response]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup Request + name = client.organization_settings_path("[ORGANIZATION]") + + response = client.get_organization_settings(name) + assert expected_response == response + + assert len(channel.requests) == 1 + expected_request = securitycenter_service_pb2.GetOrganizationSettingsRequest( + name=name + ) + actual_request = channel.requests[0][1] + assert expected_request == actual_request + + def test_get_organization_settings_exception(self): + # Mock the API response + channel = ChannelStub(responses=[CustomException()]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup request + name = client.organization_settings_path("[ORGANIZATION]") + + with pytest.raises(CustomException): + client.get_organization_settings(name) + + def test_get_source(self): + # Setup Expected Response + name_2 = "name2-1052831874" + display_name = "displayName1615086568" + description = "description-1724546052" + expected_response = { + "name": name_2, + "display_name": display_name, + "description": description, + } + expected_response = source_pb2.Source(**expected_response) + + # Mock the API response + channel = ChannelStub(responses=[expected_response]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup Request + name = client.source_path("[ORGANIZATION]", "[SOURCE]") + + response = client.get_source(name) + assert expected_response == response + + assert len(channel.requests) == 1 + expected_request = securitycenter_service_pb2.GetSourceRequest(name=name) + actual_request = channel.requests[0][1] + assert expected_request == actual_request + + def test_get_source_exception(self): + # Mock the API response + channel = ChannelStub(responses=[CustomException()]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup request + name = client.source_path("[ORGANIZATION]", "[SOURCE]") + + with pytest.raises(CustomException): + client.get_source(name) + + def test_group_assets(self): + # Setup Expected Response + next_page_token = "" + total_size = 705419236 + group_by_results_element = {} + group_by_results = [group_by_results_element] + expected_response = { + "next_page_token": next_page_token, + "total_size": total_size, + "group_by_results": group_by_results, + } + expected_response = securitycenter_service_pb2.GroupAssetsResponse( + **expected_response + ) + + # Mock the API response + channel = ChannelStub(responses=[expected_response]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup Request + parent = client.organization_path("[ORGANIZATION]") + group_by = "groupBy506361367" + + paged_list_response = client.group_assets(parent, group_by) + resources = list(paged_list_response) + assert len(resources) == 1 + + assert expected_response.group_by_results[0] == resources[0] + + assert len(channel.requests) == 1 + expected_request = securitycenter_service_pb2.GroupAssetsRequest( + parent=parent, group_by=group_by + ) + actual_request = channel.requests[0][1] + assert expected_request == actual_request + + def test_group_assets_exception(self): + channel = ChannelStub(responses=[CustomException()]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup request + parent = client.organization_path("[ORGANIZATION]") + group_by = "groupBy506361367" + + paged_list_response = client.group_assets(parent, group_by) + with pytest.raises(CustomException): + list(paged_list_response) + + def test_group_findings(self): + # Setup Expected Response + next_page_token = "" + total_size = 705419236 + group_by_results_element = {} + group_by_results = [group_by_results_element] + expected_response = { + "next_page_token": next_page_token, + "total_size": total_size, + "group_by_results": group_by_results, + } + expected_response = securitycenter_service_pb2.GroupFindingsResponse( + **expected_response + ) + + # Mock the API response + channel = ChannelStub(responses=[expected_response]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup Request + parent = client.source_path("[ORGANIZATION]", "[SOURCE]") + group_by = "groupBy506361367" + + paged_list_response = client.group_findings(parent, group_by) + resources = list(paged_list_response) + assert len(resources) == 1 + + assert expected_response.group_by_results[0] == resources[0] + + assert len(channel.requests) == 1 + expected_request = securitycenter_service_pb2.GroupFindingsRequest( + parent=parent, group_by=group_by + ) + actual_request = channel.requests[0][1] + assert expected_request == actual_request + + def test_group_findings_exception(self): + channel = ChannelStub(responses=[CustomException()]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup request + parent = client.source_path("[ORGANIZATION]", "[SOURCE]") + group_by = "groupBy506361367" + + paged_list_response = client.group_findings(parent, group_by) + with pytest.raises(CustomException): + list(paged_list_response) + + def test_list_assets(self): + # Setup Expected Response + next_page_token = "" + total_size = 705419236 + list_assets_results_element = {} + list_assets_results = [list_assets_results_element] + expected_response = { + "next_page_token": next_page_token, + "total_size": total_size, + "list_assets_results": list_assets_results, + } + expected_response = securitycenter_service_pb2.ListAssetsResponse( + **expected_response + ) + + # Mock the API response + channel = ChannelStub(responses=[expected_response]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup Request + parent = client.organization_path("[ORGANIZATION]") + + paged_list_response = client.list_assets(parent) + resources = list(paged_list_response) + assert len(resources) == 1 + + assert expected_response.list_assets_results[0] == resources[0] + + assert len(channel.requests) == 1 + expected_request = securitycenter_service_pb2.ListAssetsRequest(parent=parent) + actual_request = channel.requests[0][1] + assert expected_request == actual_request + + def test_list_assets_exception(self): + channel = ChannelStub(responses=[CustomException()]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup request + parent = client.organization_path("[ORGANIZATION]") + + paged_list_response = client.list_assets(parent) + with pytest.raises(CustomException): + list(paged_list_response) + + def test_list_findings(self): + # Setup Expected Response + next_page_token = "" + total_size = 705419236 + list_findings_results_element = {} + list_findings_results = [list_findings_results_element] + expected_response = { + "next_page_token": next_page_token, + "total_size": total_size, + "list_findings_results": list_findings_results, + } + expected_response = securitycenter_service_pb2.ListFindingsResponse( + **expected_response + ) + + # Mock the API response + channel = ChannelStub(responses=[expected_response]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup Request + parent = client.source_path("[ORGANIZATION]", "[SOURCE]") + + paged_list_response = client.list_findings(parent) + resources = list(paged_list_response) + assert len(resources) == 1 + + assert expected_response.list_findings_results[0] == resources[0] + + assert len(channel.requests) == 1 + expected_request = securitycenter_service_pb2.ListFindingsRequest(parent=parent) + actual_request = channel.requests[0][1] + assert expected_request == actual_request + + def test_list_findings_exception(self): + channel = ChannelStub(responses=[CustomException()]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup request + parent = client.source_path("[ORGANIZATION]", "[SOURCE]") + + paged_list_response = client.list_findings(parent) + with pytest.raises(CustomException): + list(paged_list_response) + + def test_list_notification_configs(self): + # Setup Expected Response + next_page_token = "" + notification_configs_element = {} + notification_configs = [notification_configs_element] + expected_response = { + "next_page_token": next_page_token, + "notification_configs": notification_configs, + } + expected_response = securitycenter_service_pb2.ListNotificationConfigsResponse( + **expected_response + ) + + # Mock the API response + channel = ChannelStub(responses=[expected_response]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup Request + parent = client.organization_path("[ORGANIZATION]") + + paged_list_response = client.list_notification_configs(parent) + resources = list(paged_list_response) + assert len(resources) == 1 + + assert expected_response.notification_configs[0] == resources[0] + + assert len(channel.requests) == 1 + expected_request = securitycenter_service_pb2.ListNotificationConfigsRequest( + parent=parent + ) + actual_request = channel.requests[0][1] + assert expected_request == actual_request + + def test_list_notification_configs_exception(self): + channel = ChannelStub(responses=[CustomException()]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup request + parent = client.organization_path("[ORGANIZATION]") + + paged_list_response = client.list_notification_configs(parent) + with pytest.raises(CustomException): + list(paged_list_response) + + def test_list_sources(self): + # Setup Expected Response + next_page_token = "" + sources_element = {} + sources = [sources_element] + expected_response = {"next_page_token": next_page_token, "sources": sources} + expected_response = securitycenter_service_pb2.ListSourcesResponse( + **expected_response + ) + + # Mock the API response + channel = ChannelStub(responses=[expected_response]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup Request + parent = client.organization_path("[ORGANIZATION]") + + paged_list_response = client.list_sources(parent) + resources = list(paged_list_response) + assert len(resources) == 1 + + assert expected_response.sources[0] == resources[0] + + assert len(channel.requests) == 1 + expected_request = securitycenter_service_pb2.ListSourcesRequest(parent=parent) + actual_request = channel.requests[0][1] + assert expected_request == actual_request + + def test_list_sources_exception(self): + channel = ChannelStub(responses=[CustomException()]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup request + parent = client.organization_path("[ORGANIZATION]") + + paged_list_response = client.list_sources(parent) + with pytest.raises(CustomException): + list(paged_list_response) + + def test_run_asset_discovery(self): + # Setup Expected Response + expected_response = {} + expected_response = run_asset_discovery_response_pb2.RunAssetDiscoveryResponse( + **expected_response + ) + operation = operations_pb2.Operation( + name="operations/test_run_asset_discovery", done=True + ) + operation.response.Pack(expected_response) + + # Mock the API response + channel = ChannelStub(responses=[operation]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup Request + parent = client.organization_path("[ORGANIZATION]") + + response = client.run_asset_discovery(parent) + result = response.result() + assert expected_response == result + + assert len(channel.requests) == 1 + expected_request = securitycenter_service_pb2.RunAssetDiscoveryRequest( + parent=parent + ) + actual_request = channel.requests[0][1] + assert expected_request == actual_request + + def test_run_asset_discovery_exception(self): + # Setup Response + error = status_pb2.Status() + operation = operations_pb2.Operation( + name="operations/test_run_asset_discovery_exception", done=True + ) + operation.error.CopyFrom(error) + + # Mock the API response + channel = ChannelStub(responses=[operation]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup Request + parent = client.organization_path("[ORGANIZATION]") + + response = client.run_asset_discovery(parent) + exception = response.exception() + assert exception.errors[0] == error + + def test_set_finding_state(self): + # Setup Expected Response + name_2 = "name2-1052831874" + parent = "parent-995424086" + resource_name = "resourceName979421212" + category = "category50511102" + external_uri = "externalUri-1385596168" + expected_response = { + "name": name_2, + "parent": parent, + "resource_name": resource_name, + "category": category, + "external_uri": external_uri, + } + expected_response = finding_pb2.Finding(**expected_response) + + # Mock the API response + channel = ChannelStub(responses=[expected_response]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup Request + name = client.finding_path("[ORGANIZATION]", "[SOURCE]", "[FINDING]") + state = enums.Finding.State.STATE_UNSPECIFIED + start_time = {} + + response = client.set_finding_state(name, state, start_time) + assert expected_response == response + + assert len(channel.requests) == 1 + expected_request = securitycenter_service_pb2.SetFindingStateRequest( + name=name, state=state, start_time=start_time + ) + actual_request = channel.requests[0][1] + assert expected_request == actual_request + + def test_set_finding_state_exception(self): + # Mock the API response + channel = ChannelStub(responses=[CustomException()]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup request + name = client.finding_path("[ORGANIZATION]", "[SOURCE]", "[FINDING]") + state = enums.Finding.State.STATE_UNSPECIFIED + start_time = {} + + with pytest.raises(CustomException): + client.set_finding_state(name, state, start_time) + + def test_set_iam_policy(self): + # Setup Expected Response + version = 351608024 + etag = b"21" + expected_response = {"version": version, "etag": etag} + expected_response = policy_pb2.Policy(**expected_response) + + # Mock the API response + channel = ChannelStub(responses=[expected_response]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup Request + resource = "resource-341064690" + policy = {} + + response = client.set_iam_policy(resource, policy) + assert expected_response == response + + assert len(channel.requests) == 1 + expected_request = iam_policy_pb2.SetIamPolicyRequest( + resource=resource, policy=policy + ) + actual_request = channel.requests[0][1] + assert expected_request == actual_request + + def test_set_iam_policy_exception(self): + # Mock the API response + channel = ChannelStub(responses=[CustomException()]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup request + resource = "resource-341064690" + policy = {} + + with pytest.raises(CustomException): + client.set_iam_policy(resource, policy) + + def test_test_iam_permissions(self): + # Setup Expected Response + expected_response = {} + expected_response = iam_policy_pb2.TestIamPermissionsResponse( + **expected_response + ) + + # Mock the API response + channel = ChannelStub(responses=[expected_response]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup Request + resource = "resource-341064690" + permissions = [] + + response = client.test_iam_permissions(resource, permissions) + assert expected_response == response + + assert len(channel.requests) == 1 + expected_request = iam_policy_pb2.TestIamPermissionsRequest( + resource=resource, permissions=permissions + ) + actual_request = channel.requests[0][1] + assert expected_request == actual_request + + def test_test_iam_permissions_exception(self): + # Mock the API response + channel = ChannelStub(responses=[CustomException()]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup request + resource = "resource-341064690" + permissions = [] + + with pytest.raises(CustomException): + client.test_iam_permissions(resource, permissions) + + def test_update_finding(self): + # Setup Expected Response + name = "name3373707" + parent = "parent-995424086" + resource_name = "resourceName979421212" + category = "category50511102" + external_uri = "externalUri-1385596168" + expected_response = { + "name": name, + "parent": parent, + "resource_name": resource_name, + "category": category, + "external_uri": external_uri, + } + expected_response = finding_pb2.Finding(**expected_response) + + # Mock the API response + channel = ChannelStub(responses=[expected_response]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup Request + finding = {} + + response = client.update_finding(finding) + assert expected_response == response + + assert len(channel.requests) == 1 + expected_request = securitycenter_service_pb2.UpdateFindingRequest( + finding=finding + ) + actual_request = channel.requests[0][1] + assert expected_request == actual_request + + def test_update_finding_exception(self): + # Mock the API response + channel = ChannelStub(responses=[CustomException()]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup request + finding = {} + + with pytest.raises(CustomException): + client.update_finding(finding) + + def test_update_notification_config(self): + # Setup Expected Response + name = "name3373707" + description = "description-1724546052" + pubsub_topic = "pubsubTopic-338126829" + service_account = "serviceAccount-1948028253" + expected_response = { + "name": name, + "description": description, + "pubsub_topic": pubsub_topic, + "service_account": service_account, + } + expected_response = notification_config_pb2.NotificationConfig( + **expected_response + ) + + # Mock the API response + channel = ChannelStub(responses=[expected_response]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup Request + notification_config = {} + + response = client.update_notification_config(notification_config) + assert expected_response == response + + assert len(channel.requests) == 1 + expected_request = securitycenter_service_pb2.UpdateNotificationConfigRequest( + notification_config=notification_config + ) + actual_request = channel.requests[0][1] + assert expected_request == actual_request + + def test_update_notification_config_exception(self): + # Mock the API response + channel = ChannelStub(responses=[CustomException()]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup request + notification_config = {} + + with pytest.raises(CustomException): + client.update_notification_config(notification_config) + + def test_update_organization_settings(self): + # Setup Expected Response + name = "name3373707" + enable_asset_discovery = False + expected_response = { + "name": name, + "enable_asset_discovery": enable_asset_discovery, + } + expected_response = organization_settings_pb2.OrganizationSettings( + **expected_response + ) + + # Mock the API response + channel = ChannelStub(responses=[expected_response]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup Request + organization_settings = {} + + response = client.update_organization_settings(organization_settings) + assert expected_response == response + + assert len(channel.requests) == 1 + expected_request = securitycenter_service_pb2.UpdateOrganizationSettingsRequest( + organization_settings=organization_settings + ) + actual_request = channel.requests[0][1] + assert expected_request == actual_request + + def test_update_organization_settings_exception(self): + # Mock the API response + channel = ChannelStub(responses=[CustomException()]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup request + organization_settings = {} + + with pytest.raises(CustomException): + client.update_organization_settings(organization_settings) + + def test_update_source(self): + # Setup Expected Response + name = "name3373707" + display_name = "displayName1615086568" + description = "description-1724546052" + expected_response = { + "name": name, + "display_name": display_name, + "description": description, + } + expected_response = source_pb2.Source(**expected_response) + + # Mock the API response + channel = ChannelStub(responses=[expected_response]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup Request + source = {} + + response = client.update_source(source) + assert expected_response == response + + assert len(channel.requests) == 1 + expected_request = securitycenter_service_pb2.UpdateSourceRequest(source=source) + actual_request = channel.requests[0][1] + assert expected_request == actual_request + + def test_update_source_exception(self): + # Mock the API response + channel = ChannelStub(responses=[CustomException()]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup request + source = {} + + with pytest.raises(CustomException): + client.update_source(source) + + def test_update_security_marks(self): + # Setup Expected Response + name = "name3373707" + expected_response = {"name": name} + expected_response = security_marks_pb2.SecurityMarks(**expected_response) + + # Mock the API response + channel = ChannelStub(responses=[expected_response]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup Request + security_marks = {} + + response = client.update_security_marks(security_marks) + assert expected_response == response + + assert len(channel.requests) == 1 + expected_request = securitycenter_service_pb2.UpdateSecurityMarksRequest( + security_marks=security_marks + ) + actual_request = channel.requests[0][1] + assert expected_request == actual_request + + def test_update_security_marks_exception(self): + # Mock the API response + channel = ChannelStub(responses=[CustomException()]) + patch = mock.patch("google.api_core.grpc_helpers.create_channel") + with patch as create_channel: + create_channel.return_value = channel + client = securitycenter_v1p1beta1.SecurityCenterClient() + + # Setup request + security_marks = {} + + with pytest.raises(CustomException): + client.update_security_marks(security_marks)