diff --git a/packages/google-cloud-securitycenter/google/cloud/securitycenter/__init__.py b/packages/google-cloud-securitycenter/google/cloud/securitycenter/__init__.py index d213a699de49..06dd2796035d 100644 --- a/packages/google-cloud-securitycenter/google/cloud/securitycenter/__init__.py +++ b/packages/google-cloud-securitycenter/google/cloud/securitycenter/__init__.py @@ -35,6 +35,13 @@ BackupDisasterRecovery, ) from google.cloud.securitycenter_v1.types.bigquery_export import BigQueryExport +from google.cloud.securitycenter_v1.types.cloud_armor import ( + AdaptiveProtection, + Attack, + CloudArmor, + Requests, + SecurityPolicy, +) from google.cloud.securitycenter_v1.types.cloud_dlp_data_profile import ( CloudDlpDataProfile, ) @@ -164,6 +171,11 @@ "Asset", "BackupDisasterRecovery", "BigQueryExport", + "AdaptiveProtection", + "Attack", + "CloudArmor", + "Requests", + "SecurityPolicy", "CloudDlpDataProfile", "CloudDlpInspection", "Compliance", diff --git a/packages/google-cloud-securitycenter/google/cloud/securitycenter/gapic_version.py b/packages/google-cloud-securitycenter/google/cloud/securitycenter/gapic_version.py index 8504aa5af774..558c8aab67c5 100644 --- a/packages/google-cloud-securitycenter/google/cloud/securitycenter/gapic_version.py +++ b/packages/google-cloud-securitycenter/google/cloud/securitycenter/gapic_version.py @@ -13,4 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. # -__version__ = "1.30.1" # {x-release-please-version} +__version__ = "0.0.0" # {x-release-please-version} diff --git a/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/__init__.py b/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/__init__.py index 798d5813aaf2..f28322b2d9b8 100644 --- a/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/__init__.py +++ b/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/__init__.py @@ -24,6 +24,13 @@ from .types.asset import Asset from .types.backup_disaster_recovery import BackupDisasterRecovery from .types.bigquery_export import BigQueryExport +from .types.cloud_armor import ( + AdaptiveProtection, + Attack, + CloudArmor, + Requests, + SecurityPolicy, +) from .types.cloud_dlp_data_profile import CloudDlpDataProfile from .types.cloud_dlp_inspection import CloudDlpInspection from .types.compliance import Compliance @@ -133,12 +140,15 @@ __all__ = ( "SecurityCenterAsyncClient", "Access", + "AdaptiveProtection", "Application", "Asset", + "Attack", "BackupDisasterRecovery", "BigQueryExport", "BulkMuteFindingsRequest", "BulkMuteFindingsResponse", + "CloudArmor", "CloudDlpDataProfile", "CloudDlpInspection", "CloudLoggingEntry", @@ -217,6 +227,7 @@ "Package", "Process", "Reference", + "Requests", "Resource", "RunAssetDiscoveryRequest", "RunAssetDiscoveryResponse", @@ -224,6 +235,7 @@ "SecurityCenterClient", "SecurityHealthAnalyticsCustomModule", "SecurityMarks", + "SecurityPolicy", "SecurityPosture", "ServiceAccountDelegationInfo", "SetFindingStateRequest", diff --git a/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/gapic_version.py b/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/gapic_version.py index 8504aa5af774..558c8aab67c5 100644 --- a/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/gapic_version.py +++ b/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/gapic_version.py @@ -13,4 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. # -__version__ = "1.30.1" # {x-release-please-version} +__version__ = "0.0.0" # {x-release-please-version} diff --git a/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/services/security_center/async_client.py b/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/services/security_center/async_client.py index c5da4d39a338..40f0abe5499f 100644 --- a/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/services/security_center/async_client.py +++ b/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/services/security_center/async_client.py @@ -58,6 +58,7 @@ application, backup_disaster_recovery, bigquery_export, + cloud_armor, cloud_dlp_data_profile, cloud_dlp_inspection, compliance, diff --git a/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/services/security_center/client.py b/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/services/security_center/client.py index 56ffeff6aa29..120d0689e39f 100644 --- a/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/services/security_center/client.py +++ b/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/services/security_center/client.py @@ -62,6 +62,7 @@ application, backup_disaster_recovery, bigquery_export, + cloud_armor, cloud_dlp_data_profile, cloud_dlp_inspection, compliance, diff --git a/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/types/__init__.py b/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/types/__init__.py index f57c35a69c5f..fb359bf9b61a 100644 --- a/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/types/__init__.py +++ b/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/types/__init__.py @@ -18,6 +18,13 @@ from .asset import Asset from .backup_disaster_recovery import BackupDisasterRecovery from .bigquery_export import BigQueryExport +from .cloud_armor import ( + AdaptiveProtection, + Attack, + CloudArmor, + Requests, + SecurityPolicy, +) from .cloud_dlp_data_profile import CloudDlpDataProfile from .cloud_dlp_inspection import CloudDlpInspection from .compliance import Compliance @@ -130,6 +137,11 @@ "Asset", "BackupDisasterRecovery", "BigQueryExport", + "AdaptiveProtection", + "Attack", + "CloudArmor", + "Requests", + "SecurityPolicy", "CloudDlpDataProfile", "CloudDlpInspection", "Compliance", diff --git a/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/types/cloud_armor.py b/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/types/cloud_armor.py new file mode 100644 index 000000000000..80c762678d4d --- /dev/null +++ b/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/types/cloud_armor.py @@ -0,0 +1,215 @@ +# -*- coding: utf-8 -*- +# Copyright 2024 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +from __future__ import annotations + +from typing import MutableMapping, MutableSequence + +from google.protobuf import duration_pb2 # type: ignore +import proto # type: ignore + +__protobuf__ = proto.module( + package="google.cloud.securitycenter.v1", + manifest={ + "CloudArmor", + "SecurityPolicy", + "Requests", + "AdaptiveProtection", + "Attack", + }, +) + + +class CloudArmor(proto.Message): + r"""Fields related to Google Cloud Armor findings. + + Attributes: + security_policy (google.cloud.securitycenter_v1.types.SecurityPolicy): + Information about the `Google Cloud Armor security + policy `__ + relevant to the finding. + requests (google.cloud.securitycenter_v1.types.Requests): + Information about incoming requests evaluated by `Google + Cloud Armor security + policies `__. + adaptive_protection (google.cloud.securitycenter_v1.types.AdaptiveProtection): + Information about potential Layer 7 DDoS attacks identified + by `Google Cloud Armor Adaptive + Protection `__. + attack (google.cloud.securitycenter_v1.types.Attack): + Information about DDoS attack volume and + classification. + threat_vector (str): + Distinguish between volumetric & protocol DDoS attack and + application layer attacks. For example, “L3_4” for Layer 3 + and Layer 4 DDoS attacks, or “L_7” for Layer 7 DDoS attacks. + duration (google.protobuf.duration_pb2.Duration): + Duration of attack from the start until the + current moment (updated every 5 minutes). + """ + + security_policy: "SecurityPolicy" = proto.Field( + proto.MESSAGE, + number=1, + message="SecurityPolicy", + ) + requests: "Requests" = proto.Field( + proto.MESSAGE, + number=2, + message="Requests", + ) + adaptive_protection: "AdaptiveProtection" = proto.Field( + proto.MESSAGE, + number=3, + message="AdaptiveProtection", + ) + attack: "Attack" = proto.Field( + proto.MESSAGE, + number=4, + message="Attack", + ) + threat_vector: str = proto.Field( + proto.STRING, + number=5, + ) + duration: duration_pb2.Duration = proto.Field( + proto.MESSAGE, + number=6, + message=duration_pb2.Duration, + ) + + +class SecurityPolicy(proto.Message): + r"""Information about the `Google Cloud Armor security + policy `__ + relevant to the finding. + + Attributes: + name (str): + The name of the Google Cloud Armor security + policy, for example, "my-security-policy". + type_ (str): + The type of Google Cloud Armor security + policy for example, ‘backend security policy’, + ‘edge security policy’, ‘network edge security + policy’, or ‘always-on DDoS protection’. + preview (bool): + Whether or not the associated rule or policy + is in preview mode. + """ + + name: str = proto.Field( + proto.STRING, + number=1, + ) + type_: str = proto.Field( + proto.STRING, + number=2, + ) + preview: bool = proto.Field( + proto.BOOL, + number=3, + ) + + +class Requests(proto.Message): + r"""Information about the requests relevant to the finding. + + Attributes: + ratio (float): + For 'Increasing deny ratio', the ratio is the + denied traffic divided by the allowed traffic. + For 'Allowed traffic spike', the ratio is the + allowed traffic in the short term divided by + allowed traffic in the long term. + short_term_allowed (int): + Allowed RPS (requests per second) in the + short term. + long_term_allowed (int): + Allowed RPS (requests per second) over the + long term. + long_term_denied (int): + Denied RPS (requests per second) over the + long term. + """ + + ratio: float = proto.Field( + proto.DOUBLE, + number=1, + ) + short_term_allowed: int = proto.Field( + proto.INT32, + number=2, + ) + long_term_allowed: int = proto.Field( + proto.INT32, + number=3, + ) + long_term_denied: int = proto.Field( + proto.INT32, + number=4, + ) + + +class AdaptiveProtection(proto.Message): + r"""Information about `Google Cloud Armor Adaptive + Protection `__. + + Attributes: + confidence (float): + A score of 0 means that there is low confidence that the + detected event is an actual attack. A score of 1 means that + there is high confidence that the detected event is an + attack. See the `Adaptive Protection + documentation `__ + for further explanation. + """ + + confidence: float = proto.Field( + proto.DOUBLE, + number=1, + ) + + +class Attack(proto.Message): + r"""Information about DDoS attack volume and classification. + + Attributes: + volume_pps (int): + Total PPS (packets per second) volume of + attack. + volume_bps (int): + Total BPS (bytes per second) volume of + attack. + classification (str): + Type of attack, for example, ‘SYN-flood’, + ‘NTP-udp’, or ‘CHARGEN-udp’. + """ + + volume_pps: int = proto.Field( + proto.INT32, + number=1, + ) + volume_bps: int = proto.Field( + proto.INT32, + number=2, + ) + classification: str = proto.Field( + proto.STRING, + number=3, + ) + + +__all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/types/finding.py b/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/types/finding.py index 474ddb907abb..a08aa0725a6d 100644 --- a/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/types/finding.py +++ b/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/types/finding.py @@ -47,6 +47,7 @@ from google.cloud.securitycenter_v1.types import vulnerability as gcs_vulnerability from google.cloud.securitycenter_v1.types import access as gcs_access from google.cloud.securitycenter_v1.types import application as gcs_application +from google.cloud.securitycenter_v1.types import cloud_armor as gcs_cloud_armor from google.cloud.securitycenter_v1.types import database as gcs_database from google.cloud.securitycenter_v1.types import indicator as gcs_indicator from google.cloud.securitycenter_v1.types import kubernetes as gcs_kubernetes @@ -263,6 +264,8 @@ class Finding(proto.Message): load_balancers (MutableSequence[google.cloud.securitycenter_v1.types.LoadBalancer]): The load balancers associated with the finding. + cloud_armor (google.cloud.securitycenter_v1.types.CloudArmor): + Fields related to Cloud Armor findings. notebook (google.cloud.securitycenter_v1.types.Notebook): Notebook associated with the finding. """ @@ -643,6 +646,11 @@ class FindingClass(proto.Enum): number=58, message=load_balancer.LoadBalancer, ) + cloud_armor: gcs_cloud_armor.CloudArmor = proto.Field( + proto.MESSAGE, + number=59, + message=gcs_cloud_armor.CloudArmor, + ) notebook: gcs_notebook.Notebook = proto.Field( proto.MESSAGE, number=63, diff --git a/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1beta1/gapic_version.py b/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1beta1/gapic_version.py index 8504aa5af774..558c8aab67c5 100644 --- a/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1beta1/gapic_version.py +++ b/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1beta1/gapic_version.py @@ -13,4 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. # -__version__ = "1.30.1" # {x-release-please-version} +__version__ = "0.0.0" # {x-release-please-version} diff --git a/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1p1beta1/gapic_version.py b/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1p1beta1/gapic_version.py index 8504aa5af774..558c8aab67c5 100644 --- a/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1p1beta1/gapic_version.py +++ b/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1p1beta1/gapic_version.py @@ -13,4 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. # -__version__ = "1.30.1" # {x-release-please-version} +__version__ = "0.0.0" # {x-release-please-version} diff --git a/packages/google-cloud-securitycenter/google/cloud/securitycenter_v2/gapic_version.py b/packages/google-cloud-securitycenter/google/cloud/securitycenter_v2/gapic_version.py index 8504aa5af774..558c8aab67c5 100644 --- a/packages/google-cloud-securitycenter/google/cloud/securitycenter_v2/gapic_version.py +++ b/packages/google-cloud-securitycenter/google/cloud/securitycenter_v2/gapic_version.py @@ -13,4 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. # -__version__ = "1.30.1" # {x-release-please-version} +__version__ = "0.0.0" # {x-release-please-version} diff --git a/packages/google-cloud-securitycenter/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v1.json b/packages/google-cloud-securitycenter/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v1.json index c782d1fe4d1e..278ec40bb216 100644 --- a/packages/google-cloud-securitycenter/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v1.json +++ b/packages/google-cloud-securitycenter/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v1.json @@ -8,7 +8,7 @@ ], "language": "PYTHON", "name": "google-cloud-securitycenter", - "version": "1.30.1" + "version": "0.1.0" }, "snippets": [ { diff --git a/packages/google-cloud-securitycenter/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v1beta1.json b/packages/google-cloud-securitycenter/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v1beta1.json index e17dfee4a312..a4c1295eaf99 100644 --- a/packages/google-cloud-securitycenter/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v1beta1.json +++ b/packages/google-cloud-securitycenter/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v1beta1.json @@ -8,7 +8,7 @@ ], "language": "PYTHON", "name": "google-cloud-securitycenter", - "version": "1.30.1" + "version": "0.1.0" }, "snippets": [ { diff --git a/packages/google-cloud-securitycenter/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v1p1beta1.json b/packages/google-cloud-securitycenter/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v1p1beta1.json index 3a35cd9b5178..774592ce11f7 100644 --- a/packages/google-cloud-securitycenter/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v1p1beta1.json +++ b/packages/google-cloud-securitycenter/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v1p1beta1.json @@ -8,7 +8,7 @@ ], "language": "PYTHON", "name": "google-cloud-securitycenter", - "version": "1.30.1" + "version": "0.1.0" }, "snippets": [ { diff --git a/packages/google-cloud-securitycenter/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v2.json b/packages/google-cloud-securitycenter/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v2.json index 71fc541cd446..6672c033126b 100644 --- a/packages/google-cloud-securitycenter/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v2.json +++ b/packages/google-cloud-securitycenter/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v2.json @@ -8,7 +8,7 @@ ], "language": "PYTHON", "name": "google-cloud-securitycenter", - "version": "1.30.1" + "version": "0.1.0" }, "snippets": [ { diff --git a/packages/google-cloud-securitycenter/tests/unit/gapic/securitycenter_v1/test_security_center.py b/packages/google-cloud-securitycenter/tests/unit/gapic/securitycenter_v1/test_security_center.py index b0042ac72fd6..c521d436693d 100644 --- a/packages/google-cloud-securitycenter/tests/unit/gapic/securitycenter_v1/test_security_center.py +++ b/packages/google-cloud-securitycenter/tests/unit/gapic/securitycenter_v1/test_security_center.py @@ -72,6 +72,7 @@ application, backup_disaster_recovery, bigquery_export, + cloud_armor, cloud_dlp_data_profile, cloud_dlp_inspection, compliance, @@ -19025,6 +19026,27 @@ def test_create_finding_rest(request_type): } ], "load_balancers": [{"name": "name_value"}], + "cloud_armor": { + "security_policy": { + "name": "name_value", + "type_": "type__value", + "preview": True, + }, + "requests": { + "ratio": 0.543, + "short_term_allowed": 1934, + "long_term_allowed": 1806, + "long_term_denied": 1679, + }, + "adaptive_protection": {"confidence": 0.1038}, + "attack": { + "volume_pps": 1098, + "volume_bps": 1084, + "classification": "classification_value", + }, + "threat_vector": "threat_vector_value", + "duration": {"seconds": 751, "nanos": 543}, + }, "notebook": { "name": "name_value", "service": "service_value", @@ -29024,6 +29046,27 @@ def test_update_finding_rest(request_type): } ], "load_balancers": [{"name": "name_value"}], + "cloud_armor": { + "security_policy": { + "name": "name_value", + "type_": "type__value", + "preview": True, + }, + "requests": { + "ratio": 0.543, + "short_term_allowed": 1934, + "long_term_allowed": 1806, + "long_term_denied": 1679, + }, + "adaptive_protection": {"confidence": 0.1038}, + "attack": { + "volume_pps": 1098, + "volume_bps": 1084, + "classification": "classification_value", + }, + "threat_vector": "threat_vector_value", + "duration": {"seconds": 751, "nanos": 543}, + }, "notebook": { "name": "name_value", "service": "service_value",