feat(v1): add field severity to findings; add common resource helper;…

… expose client tranport (#87) * changes without context autosynth cannot find the source of changes triggered by earlier changes in this repository, or by version upgrades to tools such as linters. * chore(python): use BUILD_SPECIFIC_GCLOUD_PROJECT for samples https://github.com/googleapis/python-talent/blob/ef045e8eb348db36d7a2a611e6f26b11530d273b/samples/snippets/noxfile_config.py#L27-L32 `BUILD_SPECIFIC_GCLOUD_PROJECT` is an alternate project used for sample tests that do poorly with concurrent runs on the same project. Source-Author: Bu Sun Kim <8822365+busunkim96@users.noreply.github.com> Source-Date: Wed Sep 30 13:06:03 2020 -0600 Source-Repo: googleapis/synthtool Source-Sha: 9b0da5204ab90bcc36f8cd4e5689eff1a54cc3e4 Source-Link: googleapis/synthtool@9b0da52 * fix: switch all local LRO Go GAPIC deps to remote PiperOrigin-RevId: 338561467 Source-Author: Google APIs <noreply@google.com> Source-Date: Thu Oct 22 15:29:48 2020 -0700 Source-Repo: googleapis/googleapis Source-Sha: 7391e775fd3620c1306b9677bfbcf6221d42f3c3 Source-Link: googleapis/googleapis@7391e77 * chore: update grpc dependency to v1.33.1 PiperOrigin-RevId: 338646463 Source-Author: Google APIs <noreply@google.com> Source-Date: Fri Oct 23 03:57:15 2020 -0700 Source-Repo: googleapis/googleapis Source-Sha: 20b11dfe4538cd5da7b4c3dd7d2bf5b9922ff3ed Source-Link: googleapis/googleapis@20b11df * chore: upgrade to gapic-generator 0.35.9 PiperOrigin-RevId: 339292950 Source-Author: Google APIs <noreply@google.com> Source-Date: Tue Oct 27 11:32:46 2020 -0700 Source-Repo: googleapis/googleapis Source-Sha: 07d41a7e5cade45aba6f0d277c89722b48f2c956 Source-Link: googleapis/googleapis@07d41a7 * fix: remove client recv msg limit fix: add enums to `types/__init__.py` PiperOrigin-RevId: 347055288 Source-Author: Google APIs <noreply@google.com> Source-Date: Fri Dec 11 12:44:37 2020 -0800 Source-Repo: googleapis/googleapis Source-Sha: dd372aa22ded7a8ba6f0e03a80e06358a3fa0907 Source-Link: googleapis/googleapis@dd372aa * feat: added field severity to findings in v1 API Clients will now see a new field, severity, on findings. They will also be able to filter and group by severity on ListFinding and GroupFinding API calls. PiperOrigin-RevId: 347410691 Source-Author: Google APIs <noreply@google.com> Source-Date: Mon Dec 14 10:08:23 2020 -0800 Source-Repo: googleapis/googleapis Source-Sha: e9135d3cb8a99f77ee2ba3318ebc2c9b807581d0 Source-Link: googleapis/googleapis@e9135d3
googleapis · Dec 15, 2020 · e28b8e2 · e28b8e2
1 parent 553dfbb
commit e28b8e2
Show file tree

Hide file tree

Showing 37 changed files with 2,644 additions and 1,406 deletions.
diff --git a/docs/securitycenter_v1/types.rst b/docs/securitycenter_v1/types.rst
@@ -3,3 +3,4 @@ Types for Google Cloud Securitycenter v1 API
 
 .. automodule:: google.cloud.securitycenter_v1.types
     :members:
+    :show-inheritance:
diff --git a/docs/securitycenter_v1beta1/types.rst b/docs/securitycenter_v1beta1/types.rst
@@ -3,3 +3,4 @@ Types for Google Cloud Securitycenter v1beta1 API
 
 .. automodule:: google.cloud.securitycenter_v1beta1.types
     :members:
+    :show-inheritance:
diff --git a/docs/securitycenter_v1p1beta1/types.rst b/docs/securitycenter_v1p1beta1/types.rst
@@ -3,3 +3,4 @@ Types for Google Cloud Securitycenter v1p1beta1 API
 
 .. automodule:: google.cloud.securitycenter_v1p1beta1.types
     :members:
+    :show-inheritance:
diff --git a/google/cloud/securitycenter_v1/proto/finding.proto b/google/cloud/securitycenter_v1/proto/finding.proto
@@ -56,6 +56,65 @@ message Finding {
     INACTIVE = 2;
   }
 
+  // The severity of the finding.
+  enum Severity {
+    // This value is used for findings when a source doesn't write a severity
+    // value.
+    SEVERITY_UNSPECIFIED = 0;
+
+    // Vulnerability:
+    // A critical vulnerability is easily discoverable by an external actor,
+    // exploitable, and results in the direct ability to execute arbitrary code,
+    // exfiltrate data, and otherwise gain additional access and privileges to
+    // cloud resources and workloads. Examples include publicly accessible
+    // unprotected user data, public SSH access with weak or no passwords, etc.
+    //
+    // Threat:
+    // Indicates a threat that is able to access, modify, or delete data or
+    // execute unauthorized code within existing resources.
+    CRITICAL = 1;
+
+    // Vulnerability:
+    // A high risk vulnerability can be easily discovered and exploited in
+    // combination with other vulnerabilities in order to gain direct access and
+    // the ability to execute arbitrary code, exfiltrate data, and otherwise
+    // gain additional access and privileges to cloud resources and workloads.
+    // An example is a database with weak or no passwords that is only
+    // accessible internally. This database could easily be compromised by an
+    // actor that had access to the internal network.
+    //
+    // Threat:
+    // Indicates a threat that is able to create new computational resources in
+    // an environment but not able to access data or execute code in existing
+    // resources.
+    HIGH = 2;
+
+    // Vulnerability:
+    // A medium risk vulnerability could be used by an actor to gain access to
+    // resources or privileges that enable them to eventually (through multiple
+    // steps or a complex exploit) gain access and the ability to execute
+    // arbitrary code or exfiltrate data. An example is a service account with
+    // access to more projects than it should have. If an actor gains access to
+    // the service account, they could potentially use that access to manipulate
+    // a project the service account was not intended to.
+    //
+    // Threat:
+    // Indicates a threat that is able to cause operational impact but may not
+    // access data or execute unauthorized code.
+    MEDIUM = 3;
+
+    // Vulnerability:
+    // A low risk vulnerability hampers a security organization’s ability to
+    // detect vulnerabilities or active threats in their deployment, or prevents
+    // the root cause investigation of security issues. An example is monitoring
+    // and logs being disabled for resource configurations and access.
+    //
+    // Threat:
+    // Indicates a threat that has obtained minimal access to an environment but
+    // is not able to access data, execute code, or create resources.
+    LOW = 4;
+  }
+
   // The relative resource name of this finding. See:
   // https://cloud.google.com/apis/design/resource_names#relative_resource_name
   // Example:
@@ -110,4 +169,8 @@ message Finding {
 
   // The time at which the finding was created in Security Command Center.
   google.protobuf.Timestamp create_time = 10;
+
+  // The severity of the finding. This field is managed by the source that
+  // writes the finding.
+  Severity severity = 12;
 }
diff --git a/google/cloud/securitycenter_v1/proto/notification_config.proto b/google/cloud/securitycenter_v1/proto/notification_config.proto
@@ -78,14 +78,14 @@ message NotificationConfig {
   // The description of the notification config (max of 1024 characters).
   string description = 2;
 
-  // The PubSub topic to send notifications to. Its format is
+  // The Pub/Sub topic to send notifications to. Its format is
   // "projects/[project_id]/topics/[topic]".
-  string pubsub_topic = 3 [
-    (google.api.resource_reference) = { type: "pubsub.googleapis.com/Topic" }
-  ];
+  string pubsub_topic = 3 [(google.api.resource_reference) = {
+                             type: "pubsub.googleapis.com/Topic"
+                           }];
 
   // Output only. The service account that needs "pubsub.topics.publish"
-  // permission to publish to the PubSub topic.
+  // permission to publish to the Pub/Sub topic.
   string service_account = 4 [(google.api.field_behavior) = OUTPUT_ONLY];
 
   // The config for triggering notifications.