diff --git a/protos/google/cloud/securitycenter/v1/access.proto b/protos/google/cloud/securitycenter/v1/access.proto index 85c8d729..e1b57247 100644 --- a/protos/google/cloud/securitycenter/v1/access.proto +++ b/protos/google/cloud/securitycenter/v1/access.proto @@ -16,11 +16,11 @@ syntax = "proto3"; package google.cloud.securitycenter.v1; +option csharp_namespace = "Google.Cloud.SecurityCenter.V1"; option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter"; option java_multiple_files = true; option java_outer_classname = "AccessProto"; option java_package = "com.google.cloud.securitycenter.v1"; -option csharp_namespace = "Google.Cloud.SecurityCenter.V1"; option php_namespace = "Google\\Cloud\\SecurityCenter\\V1"; option ruby_package = "Google::Cloud::SecurityCenter::V1"; diff --git a/protos/google/cloud/securitycenter/v1/bigquery_export.proto b/protos/google/cloud/securitycenter/v1/bigquery_export.proto index 51bf353b..850c66e5 100644 --- a/protos/google/cloud/securitycenter/v1/bigquery_export.proto +++ b/protos/google/cloud/securitycenter/v1/bigquery_export.proto @@ -81,21 +81,19 @@ message BigQueryExport { // Output only. The time at which the big query export was created. // This field is set by the server and will be ignored if provided on export // on creation. - google.protobuf.Timestamp create_time = 5 - [(google.api.field_behavior) = OUTPUT_ONLY]; + google.protobuf.Timestamp create_time = 5 [(google.api.field_behavior) = OUTPUT_ONLY]; // Output only. The most recent time at which the big export was updated. // This field is set by the server and will be ignored if provided on export // creation or update. - google.protobuf.Timestamp update_time = 6 - [(google.api.field_behavior) = OUTPUT_ONLY]; + google.protobuf.Timestamp update_time = 6 [(google.api.field_behavior) = OUTPUT_ONLY]; - // Output only. Email address of the user who last edited the big query - // export. This field is set by the server and will be ignored if provided on - // export creation or update. + // Output only. Email address of the user who last edited the big query export. + // This field is set by the server and will be ignored if provided on export + // creation or update. string most_recent_editor = 7 [(google.api.field_behavior) = OUTPUT_ONLY]; - // Output only. The service account that needs permission to create table, - // upload data to the big query dataset. + // Output only. The service account that needs permission to create table, upload data to + // the big query dataset. string principal = 8 [(google.api.field_behavior) = OUTPUT_ONLY]; } diff --git a/protos/google/cloud/securitycenter/v1/external_system.proto b/protos/google/cloud/securitycenter/v1/external_system.proto index 78a7d65f..8ba69813 100644 --- a/protos/google/cloud/securitycenter/v1/external_system.proto +++ b/protos/google/cloud/securitycenter/v1/external_system.proto @@ -37,7 +37,8 @@ message ExternalSystem { }; // External System Name e.g. jira, demisto, etc. - // e.g.: `organizations/1234/sources/5678/findings/123456/externalSystems/jira` + // e.g.: + // `organizations/1234/sources/5678/findings/123456/externalSystems/jira` // `folders/1234/sources/5678/findings/123456/externalSystems/jira` // `projects/1234/sources/5678/findings/123456/externalSystems/jira` string name = 1; diff --git a/protos/google/cloud/securitycenter/v1/finding.proto b/protos/google/cloud/securitycenter/v1/finding.proto index 105b4d04..c3154ae1 100644 --- a/protos/google/cloud/securitycenter/v1/finding.proto +++ b/protos/google/cloud/securitycenter/v1/finding.proto @@ -20,6 +20,7 @@ import "google/api/field_behavior.proto"; import "google/api/resource.proto"; import "google/cloud/securitycenter/v1/access.proto"; import "google/cloud/securitycenter/v1/external_system.proto"; +import "google/cloud/securitycenter/v1/iam_binding.proto"; import "google/cloud/securitycenter/v1/indicator.proto"; import "google/cloud/securitycenter/v1/mitre_attack.proto"; import "google/cloud/securitycenter/v1/security_marks.proto"; @@ -110,7 +111,7 @@ message Finding { MEDIUM = 3; // Vulnerability: - // A low risk vulnerability hampers a security organization’s ability to + // A low risk vulnerability hampers a security organization's ability to // detect vulnerabilities or active threats in their deployment, or prevents // the root cause investigation of security issues. An example is monitoring // and logs being disabled for resource configurations and access. @@ -228,7 +229,7 @@ message Finding { // finding. string canonical_name = 14; - // Indicates the mute state of a finding (either unspecified, muted, unmuted + // Indicates the mute state of a finding (either muted, unmuted // or undefined). Unlike other attributes of a finding, a finding provider // shouldn't set the value of mute. Mute mute = 15; @@ -249,13 +250,11 @@ message Finding { Vulnerability vulnerability = 20; // Output only. The most recent time this finding was muted or unmuted. - google.protobuf.Timestamp mute_update_time = 21 - [(google.api.field_behavior) = OUTPUT_ONLY]; + google.protobuf.Timestamp mute_update_time = 21 [(google.api.field_behavior) = OUTPUT_ONLY]; - // Output only. Third party SIEM/SOAR fields within SCC, contains external - // system information and external system finding fields. - map external_systems = 22 - [(google.api.field_behavior) = OUTPUT_ONLY]; + // Output only. Third party SIEM/SOAR fields within SCC, contains external system + // information and external system finding fields. + map external_systems = 22 [(google.api.field_behavior) = OUTPUT_ONLY]; // MITRE ATT&CK tactics and techniques related to this finding. // See: https://attack.mitre.org @@ -270,4 +269,7 @@ message Finding { // finding, etc. Unlike other attributes of a finding, a finding provider // shouldn't set the value of mute. string mute_initiator = 28; + + // Represents IAM bindings associated with the Finding. + repeated IamBinding iam_bindings = 39; } diff --git a/protos/google/cloud/securitycenter/v1/iam_binding.proto b/protos/google/cloud/securitycenter/v1/iam_binding.proto new file mode 100644 index 00000000..c1e57a37 --- /dev/null +++ b/protos/google/cloud/securitycenter/v1/iam_binding.proto @@ -0,0 +1,52 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.cloud.securitycenter.v1; + +option csharp_namespace = "Google.Cloud.SecurityCenter.V1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter"; +option java_multiple_files = true; +option java_outer_classname = "IamBindingProto"; +option java_package = "com.google.cloud.securitycenter.v1"; +option php_namespace = "Google\\Cloud\\SecurityCenter\\V1"; +option ruby_package = "Google::Cloud::SecurityCenter::V1"; + +// Represents a particular IAM binding, which captures a member's role addition, +// removal, or state. +message IamBinding { + // The type of action performed on a Binding in a policy. + enum Action { + // Unspecified. + ACTION_UNSPECIFIED = 0; + + // Addition of a Binding. + ADD = 1; + + // Removal of a Binding. + REMOVE = 2; + } + + // The action that was performed on a Binding. + Action action = 1; + + // Role that is assigned to "members". + // For example, "roles/viewer", "roles/editor", or "roles/owner". + string role = 2; + + // A single identity requesting access for a Cloud Platform resource, + // e.g. "foo@google.com". + string member = 3; +} diff --git a/protos/google/cloud/securitycenter/v1/indicator.proto b/protos/google/cloud/securitycenter/v1/indicator.proto index 067ddb16..92234776 100644 --- a/protos/google/cloud/securitycenter/v1/indicator.proto +++ b/protos/google/cloud/securitycenter/v1/indicator.proto @@ -16,15 +16,14 @@ syntax = "proto3"; package google.cloud.securitycenter.v1; +option csharp_namespace = "Google.Cloud.SecurityCenter.V1"; option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter"; option java_multiple_files = true; option java_outer_classname = "IndicatorProto"; option java_package = "com.google.cloud.securitycenter.v1"; -option csharp_namespace = "Google.Cloud.SecurityCenter.V1"; option php_namespace = "Google\\Cloud\\SecurityCenter\\V1"; option ruby_package = "Google::Cloud::SecurityCenter::V1"; - // Represents what's commonly known as an Indicator of compromise (IoC) in // computer forensics. This is an artifact observed on a network or in an // operating system that, with high confidence, indicates a computer intrusion. diff --git a/protos/google/cloud/securitycenter/v1/mitre_attack.proto b/protos/google/cloud/securitycenter/v1/mitre_attack.proto index 03767cac..547f6f69 100644 --- a/protos/google/cloud/securitycenter/v1/mitre_attack.proto +++ b/protos/google/cloud/securitycenter/v1/mitre_attack.proto @@ -78,6 +78,7 @@ message MitreAttack { // MITRE ATT&CK techniques that can be referenced by SCC findings. // See: https://attack.mitre.org/techniques/enterprise/ + // Next ID: 30 enum Technique { // Unspecified value. TECHNIQUE_UNSPECIFIED = 0; @@ -165,6 +166,9 @@ message MitreAttack { // T1556 MODIFY_AUTHENTICATION_PROCESS = 28; + + // T1485 + DATA_DESTRUCTION = 29; } // The MITRE ATT&CK tactic most closely represented by this finding, if any. diff --git a/protos/google/cloud/securitycenter/v1/resource.proto b/protos/google/cloud/securitycenter/v1/resource.proto index 46b8372f..ab241d8b 100644 --- a/protos/google/cloud/securitycenter/v1/resource.proto +++ b/protos/google/cloud/securitycenter/v1/resource.proto @@ -33,10 +33,16 @@ message Resource { // https://cloud.google.com/apis/design/resource_names#full_resource_name string name = 1; + // The human readable name of the resource. + string display_name = 8; + + // The full resource type of the resource. + string type = 6; + // The full resource name of project that the resource belongs to. string project = 2; - // The project id that the resource belongs to. + // The project ID that the resource belongs to. string project_display_name = 3; // The full resource name of resource's parent. @@ -45,14 +51,8 @@ message Resource { // The human readable name of resource's parent. string parent_display_name = 5; - // The full resource type of the resource. - string type = 6; - // Output only. Contains a Folder message for each folder in the assets ancestry. // The first folder is the deepest nested folder, and the last folder is the // folder directly under the Organization. repeated Folder folders = 7 [(google.api.field_behavior) = OUTPUT_ONLY]; - - // The human readable name of the resource. - string display_name = 8; } diff --git a/protos/google/cloud/securitycenter/v1/securitycenter_service.proto b/protos/google/cloud/securitycenter/v1/securitycenter_service.proto index 99aa8ada..a95f5c03 100644 --- a/protos/google/cloud/securitycenter/v1/securitycenter_service.proto +++ b/protos/google/cloud/securitycenter/v1/securitycenter_service.proto @@ -1574,10 +1574,16 @@ message ListFindingsResponse { // https://cloud.google.com/apis/design/resource_names#full_resource_name string name = 1; + // The human readable name of the resource. + string display_name = 8; + + // The full resource type of the resource. + string type = 6; + // The full resource name of project that the resource belongs to. string project_name = 2; - // The project id that the resource belongs to. + // The project ID that the resource belongs to. string project_display_name = 3; // The full resource name of resource's parent. @@ -1586,16 +1592,10 @@ message ListFindingsResponse { // The human readable name of resource's parent. string parent_display_name = 5; - // The full resource type of the resource. - string type = 6; - // Contains a Folder message for each folder in the assets ancestry. // The first folder is the deepest nested folder, and the last folder is // the folder directly under the Organization. repeated Folder folders = 7; - - // The human readable name of the resource. - string display_name = 8; } // Finding matching the search request. @@ -1765,7 +1765,7 @@ message UpdateSecurityMarksRequest { // The time at which the updated SecurityMarks take effect. // If not set uses current server time. Updates will be applied to the // SecurityMarks that are active immediately preceding this time. Must be - // smaller or equal to the server time. + // earlier or equal to the server time. google.protobuf.Timestamp start_time = 3; } diff --git a/protos/protos.d.ts b/protos/protos.d.ts index 3848123a..47725c3e 100644 --- a/protos/protos.d.ts +++ b/protos/protos.d.ts @@ -1108,6 +1108,9 @@ export namespace google { /** Finding muteInitiator */ muteInitiator?: (string|null); + + /** Finding iamBindings */ + iamBindings?: (google.cloud.securitycenter.v1.IIamBinding[]|null); } /** Represents a Finding. */ @@ -1182,6 +1185,9 @@ export namespace google { /** Finding muteInitiator. */ public muteInitiator: string; + /** Finding iamBindings. */ + public iamBindings: google.cloud.securitycenter.v1.IIamBinding[]; + /** * Creates a new Finding instance using the specified properties. * @param [properties] Properties to set @@ -1290,6 +1296,118 @@ export namespace google { } } + /** Properties of an IamBinding. */ + interface IIamBinding { + + /** IamBinding action */ + action?: (google.cloud.securitycenter.v1.IamBinding.Action|keyof typeof google.cloud.securitycenter.v1.IamBinding.Action|null); + + /** IamBinding role */ + role?: (string|null); + + /** IamBinding member */ + member?: (string|null); + } + + /** Represents an IamBinding. */ + class IamBinding implements IIamBinding { + + /** + * Constructs a new IamBinding. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.securitycenter.v1.IIamBinding); + + /** IamBinding action. */ + public action: (google.cloud.securitycenter.v1.IamBinding.Action|keyof typeof google.cloud.securitycenter.v1.IamBinding.Action); + + /** IamBinding role. */ + public role: string; + + /** IamBinding member. */ + public member: string; + + /** + * Creates a new IamBinding instance using the specified properties. + * @param [properties] Properties to set + * @returns IamBinding instance + */ + public static create(properties?: google.cloud.securitycenter.v1.IIamBinding): google.cloud.securitycenter.v1.IamBinding; + + /** + * Encodes the specified IamBinding message. Does not implicitly {@link google.cloud.securitycenter.v1.IamBinding.verify|verify} messages. + * @param message IamBinding message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.securitycenter.v1.IIamBinding, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified IamBinding message, length delimited. Does not implicitly {@link google.cloud.securitycenter.v1.IamBinding.verify|verify} messages. + * @param message IamBinding message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.securitycenter.v1.IIamBinding, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes an IamBinding message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns IamBinding + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.securitycenter.v1.IamBinding; + + /** + * Decodes an IamBinding message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns IamBinding + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.securitycenter.v1.IamBinding; + + /** + * Verifies an IamBinding message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates an IamBinding message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns IamBinding + */ + public static fromObject(object: { [k: string]: any }): google.cloud.securitycenter.v1.IamBinding; + + /** + * Creates a plain object from an IamBinding message. Also converts values to other types if specified. + * @param message IamBinding + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.securitycenter.v1.IamBinding, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this IamBinding to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + } + + namespace IamBinding { + + /** Action enum. */ + enum Action { + ACTION_UNSPECIFIED = 0, + ADD = 1, + REMOVE = 2 + } + } + /** Properties of an Indicator. */ interface IIndicator { @@ -1551,7 +1669,8 @@ export namespace google { STEAL_WEB_SESSION_COOKIE = 25, MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE = 26, EXPLOIT_PUBLIC_FACING_APPLICATION = 27, - MODIFY_AUTHENTICATION_PROCESS = 28 + MODIFY_AUTHENTICATION_PROCESS = 28, + DATA_DESTRUCTION = 29 } } @@ -2483,6 +2602,12 @@ export namespace google { /** Resource name */ name?: (string|null); + /** Resource displayName */ + displayName?: (string|null); + + /** Resource type */ + type?: (string|null); + /** Resource project */ project?: (string|null); @@ -2495,14 +2620,8 @@ export namespace google { /** Resource parentDisplayName */ parentDisplayName?: (string|null); - /** Resource type */ - type?: (string|null); - /** Resource folders */ folders?: (google.cloud.securitycenter.v1.IFolder[]|null); - - /** Resource displayName */ - displayName?: (string|null); } /** Represents a Resource. */ @@ -2517,6 +2636,12 @@ export namespace google { /** Resource name. */ public name: string; + /** Resource displayName. */ + public displayName: string; + + /** Resource type. */ + public type: string; + /** Resource project. */ public project: string; @@ -2529,15 +2654,9 @@ export namespace google { /** Resource parentDisplayName. */ public parentDisplayName: string; - /** Resource type. */ - public type: string; - /** Resource folders. */ public folders: google.cloud.securitycenter.v1.IFolder[]; - /** Resource displayName. */ - public displayName: string; - /** * Creates a new Resource instance using the specified properties. * @param [properties] Properties to set @@ -6800,6 +6919,12 @@ export namespace google { /** Resource name */ name?: (string|null); + /** Resource displayName */ + displayName?: (string|null); + + /** Resource type */ + type?: (string|null); + /** Resource projectName */ projectName?: (string|null); @@ -6812,14 +6937,8 @@ export namespace google { /** Resource parentDisplayName */ parentDisplayName?: (string|null); - /** Resource type */ - type?: (string|null); - /** Resource folders */ folders?: (google.cloud.securitycenter.v1.IFolder[]|null); - - /** Resource displayName */ - displayName?: (string|null); } /** Represents a Resource. */ @@ -6834,6 +6953,12 @@ export namespace google { /** Resource name. */ public name: string; + /** Resource displayName. */ + public displayName: string; + + /** Resource type. */ + public type: string; + /** Resource projectName. */ public projectName: string; @@ -6846,15 +6971,9 @@ export namespace google { /** Resource parentDisplayName. */ public parentDisplayName: string; - /** Resource type. */ - public type: string; - /** Resource folders. */ public folders: google.cloud.securitycenter.v1.IFolder[]; - /** Resource displayName. */ - public displayName: string; - /** * Creates a new Resource instance using the specified properties. * @param [properties] Properties to set diff --git a/protos/protos.js b/protos/protos.js index bd202f7f..93a50762 100644 --- a/protos/protos.js +++ b/protos/protos.js @@ -2711,6 +2711,7 @@ * @property {google.cloud.securitycenter.v1.IMitreAttack|null} [mitreAttack] Finding mitreAttack * @property {google.cloud.securitycenter.v1.IAccess|null} [access] Finding access * @property {string|null} [muteInitiator] Finding muteInitiator + * @property {Array.|null} [iamBindings] Finding iamBindings */ /** @@ -2724,6 +2725,7 @@ function Finding(properties) { this.sourceProperties = {}; this.externalSystems = {}; + this.iamBindings = []; if (properties) for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) if (properties[keys[i]] != null) @@ -2898,6 +2900,14 @@ */ Finding.prototype.muteInitiator = ""; + /** + * Finding iamBindings. + * @member {Array.} iamBindings + * @memberof google.cloud.securitycenter.v1.Finding + * @instance + */ + Finding.prototype.iamBindings = $util.emptyArray; + /** * Creates a new Finding instance using the specified properties. * @function create @@ -2970,6 +2980,9 @@ $root.google.cloud.securitycenter.v1.Access.encode(message.access, writer.uint32(/* id 26, wireType 2 =*/210).fork()).ldelim(); if (message.muteInitiator != null && Object.hasOwnProperty.call(message, "muteInitiator")) writer.uint32(/* id 28, wireType 2 =*/226).string(message.muteInitiator); + if (message.iamBindings != null && message.iamBindings.length) + for (var i = 0; i < message.iamBindings.length; ++i) + $root.google.cloud.securitycenter.v1.IamBinding.encode(message.iamBindings[i], writer.uint32(/* id 39, wireType 2 =*/314).fork()).ldelim(); return writer; }; @@ -3105,6 +3118,11 @@ case 28: message.muteInitiator = reader.string(); break; + case 39: + if (!(message.iamBindings && message.iamBindings.length)) + message.iamBindings = []; + message.iamBindings.push($root.google.cloud.securitycenter.v1.IamBinding.decode(reader, reader.uint32())); + break; default: reader.skipType(tag & 7); break; @@ -3263,6 +3281,15 @@ if (message.muteInitiator != null && message.hasOwnProperty("muteInitiator")) if (!$util.isString(message.muteInitiator)) return "muteInitiator: string expected"; + if (message.iamBindings != null && message.hasOwnProperty("iamBindings")) { + if (!Array.isArray(message.iamBindings)) + return "iamBindings: array expected"; + for (var i = 0; i < message.iamBindings.length; ++i) { + var error = $root.google.cloud.securitycenter.v1.IamBinding.verify(message.iamBindings[i]); + if (error) + return "iamBindings." + error; + } + } return null; }; @@ -3432,6 +3459,16 @@ } if (object.muteInitiator != null) message.muteInitiator = String(object.muteInitiator); + if (object.iamBindings) { + if (!Array.isArray(object.iamBindings)) + throw TypeError(".google.cloud.securitycenter.v1.Finding.iamBindings: array expected"); + message.iamBindings = []; + for (var i = 0; i < object.iamBindings.length; ++i) { + if (typeof object.iamBindings[i] !== "object") + throw TypeError(".google.cloud.securitycenter.v1.Finding.iamBindings: object expected"); + message.iamBindings[i] = $root.google.cloud.securitycenter.v1.IamBinding.fromObject(object.iamBindings[i]); + } + } return message; }; @@ -3448,6 +3485,8 @@ if (!options) options = {}; var object = {}; + if (options.arrays || options.defaults) + object.iamBindings = []; if (options.objects || options.defaults) { object.sourceProperties = {}; object.externalSystems = {}; @@ -3522,6 +3561,11 @@ object.access = $root.google.cloud.securitycenter.v1.Access.toObject(message.access, options); if (message.muteInitiator != null && message.hasOwnProperty("muteInitiator")) object.muteInitiator = message.muteInitiator; + if (message.iamBindings && message.iamBindings.length) { + object.iamBindings = []; + for (var j = 0; j < message.iamBindings.length; ++j) + object.iamBindings[j] = $root.google.cloud.securitycenter.v1.IamBinding.toObject(message.iamBindings[j], options); + } return object; }; @@ -3615,6 +3659,272 @@ return Finding; })(); + v1.IamBinding = (function() { + + /** + * Properties of an IamBinding. + * @memberof google.cloud.securitycenter.v1 + * @interface IIamBinding + * @property {google.cloud.securitycenter.v1.IamBinding.Action|null} [action] IamBinding action + * @property {string|null} [role] IamBinding role + * @property {string|null} [member] IamBinding member + */ + + /** + * Constructs a new IamBinding. + * @memberof google.cloud.securitycenter.v1 + * @classdesc Represents an IamBinding. + * @implements IIamBinding + * @constructor + * @param {google.cloud.securitycenter.v1.IIamBinding=} [properties] Properties to set + */ + function IamBinding(properties) { + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * IamBinding action. + * @member {google.cloud.securitycenter.v1.IamBinding.Action} action + * @memberof google.cloud.securitycenter.v1.IamBinding + * @instance + */ + IamBinding.prototype.action = 0; + + /** + * IamBinding role. + * @member {string} role + * @memberof google.cloud.securitycenter.v1.IamBinding + * @instance + */ + IamBinding.prototype.role = ""; + + /** + * IamBinding member. + * @member {string} member + * @memberof google.cloud.securitycenter.v1.IamBinding + * @instance + */ + IamBinding.prototype.member = ""; + + /** + * Creates a new IamBinding instance using the specified properties. + * @function create + * @memberof google.cloud.securitycenter.v1.IamBinding + * @static + * @param {google.cloud.securitycenter.v1.IIamBinding=} [properties] Properties to set + * @returns {google.cloud.securitycenter.v1.IamBinding} IamBinding instance + */ + IamBinding.create = function create(properties) { + return new IamBinding(properties); + }; + + /** + * Encodes the specified IamBinding message. Does not implicitly {@link google.cloud.securitycenter.v1.IamBinding.verify|verify} messages. + * @function encode + * @memberof google.cloud.securitycenter.v1.IamBinding + * @static + * @param {google.cloud.securitycenter.v1.IIamBinding} message IamBinding message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + IamBinding.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.action != null && Object.hasOwnProperty.call(message, "action")) + writer.uint32(/* id 1, wireType 0 =*/8).int32(message.action); + if (message.role != null && Object.hasOwnProperty.call(message, "role")) + writer.uint32(/* id 2, wireType 2 =*/18).string(message.role); + if (message.member != null && Object.hasOwnProperty.call(message, "member")) + writer.uint32(/* id 3, wireType 2 =*/26).string(message.member); + return writer; + }; + + /** + * Encodes the specified IamBinding message, length delimited. Does not implicitly {@link google.cloud.securitycenter.v1.IamBinding.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.securitycenter.v1.IamBinding + * @static + * @param {google.cloud.securitycenter.v1.IIamBinding} message IamBinding message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + IamBinding.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes an IamBinding message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.securitycenter.v1.IamBinding + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.securitycenter.v1.IamBinding} IamBinding + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + IamBinding.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.securitycenter.v1.IamBinding(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: + message.action = reader.int32(); + break; + case 2: + message.role = reader.string(); + break; + case 3: + message.member = reader.string(); + break; + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes an IamBinding message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.securitycenter.v1.IamBinding + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.securitycenter.v1.IamBinding} IamBinding + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + IamBinding.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies an IamBinding message. + * @function verify + * @memberof google.cloud.securitycenter.v1.IamBinding + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + IamBinding.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.action != null && message.hasOwnProperty("action")) + switch (message.action) { + default: + return "action: enum value expected"; + case 0: + case 1: + case 2: + break; + } + if (message.role != null && message.hasOwnProperty("role")) + if (!$util.isString(message.role)) + return "role: string expected"; + if (message.member != null && message.hasOwnProperty("member")) + if (!$util.isString(message.member)) + return "member: string expected"; + return null; + }; + + /** + * Creates an IamBinding message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.securitycenter.v1.IamBinding + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.securitycenter.v1.IamBinding} IamBinding + */ + IamBinding.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.securitycenter.v1.IamBinding) + return object; + var message = new $root.google.cloud.securitycenter.v1.IamBinding(); + switch (object.action) { + case "ACTION_UNSPECIFIED": + case 0: + message.action = 0; + break; + case "ADD": + case 1: + message.action = 1; + break; + case "REMOVE": + case 2: + message.action = 2; + break; + } + if (object.role != null) + message.role = String(object.role); + if (object.member != null) + message.member = String(object.member); + return message; + }; + + /** + * Creates a plain object from an IamBinding message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.securitycenter.v1.IamBinding + * @static + * @param {google.cloud.securitycenter.v1.IamBinding} message IamBinding + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + IamBinding.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.defaults) { + object.action = options.enums === String ? "ACTION_UNSPECIFIED" : 0; + object.role = ""; + object.member = ""; + } + if (message.action != null && message.hasOwnProperty("action")) + object.action = options.enums === String ? $root.google.cloud.securitycenter.v1.IamBinding.Action[message.action] : message.action; + if (message.role != null && message.hasOwnProperty("role")) + object.role = message.role; + if (message.member != null && message.hasOwnProperty("member")) + object.member = message.member; + return object; + }; + + /** + * Converts this IamBinding to JSON. + * @function toJSON + * @memberof google.cloud.securitycenter.v1.IamBinding + * @instance + * @returns {Object.} JSON object + */ + IamBinding.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + /** + * Action enum. + * @name google.cloud.securitycenter.v1.IamBinding.Action + * @enum {number} + * @property {number} ACTION_UNSPECIFIED=0 ACTION_UNSPECIFIED value + * @property {number} ADD=1 ADD value + * @property {number} REMOVE=2 REMOVE value + */ + IamBinding.Action = (function() { + var valuesById = {}, values = Object.create(valuesById); + values[valuesById[0] = "ACTION_UNSPECIFIED"] = 0; + values[valuesById[1] = "ADD"] = 1; + values[valuesById[2] = "REMOVE"] = 2; + return values; + })(); + + return IamBinding; + })(); + v1.Indicator = (function() { /** @@ -4136,6 +4446,7 @@ case 26: case 27: case 28: + case 29: break; } } @@ -4200,6 +4511,7 @@ case 26: case 27: case 28: + case 29: break; } } @@ -4406,6 +4718,10 @@ case 28: message.primaryTechniques[i] = 28; break; + case "DATA_DESTRUCTION": + case 29: + message.primaryTechniques[i] = 29; + break; } } if (object.additionalTactics) { @@ -4600,6 +4916,10 @@ case 28: message.additionalTechniques[i] = 28; break; + case "DATA_DESTRUCTION": + case 29: + message.additionalTechniques[i] = 29; + break; } } if (object.version != null) @@ -4735,6 +5055,7 @@ * @property {number} MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE=26 MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE value * @property {number} EXPLOIT_PUBLIC_FACING_APPLICATION=27 EXPLOIT_PUBLIC_FACING_APPLICATION value * @property {number} MODIFY_AUTHENTICATION_PROCESS=28 MODIFY_AUTHENTICATION_PROCESS value + * @property {number} DATA_DESTRUCTION=29 DATA_DESTRUCTION value */ MitreAttack.Technique = (function() { var valuesById = {}, values = Object.create(valuesById); @@ -4767,6 +5088,7 @@ values[valuesById[26] = "MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE"] = 26; values[valuesById[27] = "EXPLOIT_PUBLIC_FACING_APPLICATION"] = 27; values[valuesById[28] = "MODIFY_AUTHENTICATION_PROCESS"] = 28; + values[valuesById[29] = "DATA_DESTRUCTION"] = 29; return values; })(); @@ -7185,13 +7507,13 @@ * @memberof google.cloud.securitycenter.v1 * @interface IResource * @property {string|null} [name] Resource name + * @property {string|null} [displayName] Resource displayName + * @property {string|null} [type] Resource type * @property {string|null} [project] Resource project * @property {string|null} [projectDisplayName] Resource projectDisplayName * @property {string|null} [parent] Resource parent * @property {string|null} [parentDisplayName] Resource parentDisplayName - * @property {string|null} [type] Resource type * @property {Array.|null} [folders] Resource folders - * @property {string|null} [displayName] Resource displayName */ /** @@ -7218,6 +7540,22 @@ */ Resource.prototype.name = ""; + /** + * Resource displayName. + * @member {string} displayName + * @memberof google.cloud.securitycenter.v1.Resource + * @instance + */ + Resource.prototype.displayName = ""; + + /** + * Resource type. + * @member {string} type + * @memberof google.cloud.securitycenter.v1.Resource + * @instance + */ + Resource.prototype.type = ""; + /** * Resource project. * @member {string} project @@ -7250,14 +7588,6 @@ */ Resource.prototype.parentDisplayName = ""; - /** - * Resource type. - * @member {string} type - * @memberof google.cloud.securitycenter.v1.Resource - * @instance - */ - Resource.prototype.type = ""; - /** * Resource folders. * @member {Array.} folders @@ -7266,14 +7596,6 @@ */ Resource.prototype.folders = $util.emptyArray; - /** - * Resource displayName. - * @member {string} displayName - * @memberof google.cloud.securitycenter.v1.Resource - * @instance - */ - Resource.prototype.displayName = ""; - /** * Creates a new Resource instance using the specified properties. * @function create @@ -7352,6 +7674,12 @@ case 1: message.name = reader.string(); break; + case 8: + message.displayName = reader.string(); + break; + case 6: + message.type = reader.string(); + break; case 2: message.project = reader.string(); break; @@ -7364,17 +7692,11 @@ case 5: message.parentDisplayName = reader.string(); break; - case 6: - message.type = reader.string(); - break; case 7: if (!(message.folders && message.folders.length)) message.folders = []; message.folders.push($root.google.cloud.securitycenter.v1.Folder.decode(reader, reader.uint32())); break; - case 8: - message.displayName = reader.string(); - break; default: reader.skipType(tag & 7); break; @@ -7413,6 +7735,12 @@ if (message.name != null && message.hasOwnProperty("name")) if (!$util.isString(message.name)) return "name: string expected"; + if (message.displayName != null && message.hasOwnProperty("displayName")) + if (!$util.isString(message.displayName)) + return "displayName: string expected"; + if (message.type != null && message.hasOwnProperty("type")) + if (!$util.isString(message.type)) + return "type: string expected"; if (message.project != null && message.hasOwnProperty("project")) if (!$util.isString(message.project)) return "project: string expected"; @@ -7425,9 +7753,6 @@ if (message.parentDisplayName != null && message.hasOwnProperty("parentDisplayName")) if (!$util.isString(message.parentDisplayName)) return "parentDisplayName: string expected"; - if (message.type != null && message.hasOwnProperty("type")) - if (!$util.isString(message.type)) - return "type: string expected"; if (message.folders != null && message.hasOwnProperty("folders")) { if (!Array.isArray(message.folders)) return "folders: array expected"; @@ -7437,9 +7762,6 @@ return "folders." + error; } } - if (message.displayName != null && message.hasOwnProperty("displayName")) - if (!$util.isString(message.displayName)) - return "displayName: string expected"; return null; }; @@ -7457,6 +7779,10 @@ var message = new $root.google.cloud.securitycenter.v1.Resource(); if (object.name != null) message.name = String(object.name); + if (object.displayName != null) + message.displayName = String(object.displayName); + if (object.type != null) + message.type = String(object.type); if (object.project != null) message.project = String(object.project); if (object.projectDisplayName != null) @@ -7465,8 +7791,6 @@ message.parent = String(object.parent); if (object.parentDisplayName != null) message.parentDisplayName = String(object.parentDisplayName); - if (object.type != null) - message.type = String(object.type); if (object.folders) { if (!Array.isArray(object.folders)) throw TypeError(".google.cloud.securitycenter.v1.Resource.folders: array expected"); @@ -7477,8 +7801,6 @@ message.folders[i] = $root.google.cloud.securitycenter.v1.Folder.fromObject(object.folders[i]); } } - if (object.displayName != null) - message.displayName = String(object.displayName); return message; }; @@ -16884,13 +17206,13 @@ * @memberof google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult * @interface IResource * @property {string|null} [name] Resource name + * @property {string|null} [displayName] Resource displayName + * @property {string|null} [type] Resource type * @property {string|null} [projectName] Resource projectName * @property {string|null} [projectDisplayName] Resource projectDisplayName * @property {string|null} [parentName] Resource parentName * @property {string|null} [parentDisplayName] Resource parentDisplayName - * @property {string|null} [type] Resource type * @property {Array.|null} [folders] Resource folders - * @property {string|null} [displayName] Resource displayName */ /** @@ -16917,6 +17239,22 @@ */ Resource.prototype.name = ""; + /** + * Resource displayName. + * @member {string} displayName + * @memberof google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult.Resource + * @instance + */ + Resource.prototype.displayName = ""; + + /** + * Resource type. + * @member {string} type + * @memberof google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult.Resource + * @instance + */ + Resource.prototype.type = ""; + /** * Resource projectName. * @member {string} projectName @@ -16949,14 +17287,6 @@ */ Resource.prototype.parentDisplayName = ""; - /** - * Resource type. - * @member {string} type - * @memberof google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult.Resource - * @instance - */ - Resource.prototype.type = ""; - /** * Resource folders. * @member {Array.} folders @@ -16965,14 +17295,6 @@ */ Resource.prototype.folders = $util.emptyArray; - /** - * Resource displayName. - * @member {string} displayName - * @memberof google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult.Resource - * @instance - */ - Resource.prototype.displayName = ""; - /** * Creates a new Resource instance using the specified properties. * @function create @@ -17051,6 +17373,12 @@ case 1: message.name = reader.string(); break; + case 8: + message.displayName = reader.string(); + break; + case 6: + message.type = reader.string(); + break; case 2: message.projectName = reader.string(); break; @@ -17063,17 +17391,11 @@ case 5: message.parentDisplayName = reader.string(); break; - case 6: - message.type = reader.string(); - break; case 7: if (!(message.folders && message.folders.length)) message.folders = []; message.folders.push($root.google.cloud.securitycenter.v1.Folder.decode(reader, reader.uint32())); break; - case 8: - message.displayName = reader.string(); - break; default: reader.skipType(tag & 7); break; @@ -17112,6 +17434,12 @@ if (message.name != null && message.hasOwnProperty("name")) if (!$util.isString(message.name)) return "name: string expected"; + if (message.displayName != null && message.hasOwnProperty("displayName")) + if (!$util.isString(message.displayName)) + return "displayName: string expected"; + if (message.type != null && message.hasOwnProperty("type")) + if (!$util.isString(message.type)) + return "type: string expected"; if (message.projectName != null && message.hasOwnProperty("projectName")) if (!$util.isString(message.projectName)) return "projectName: string expected"; @@ -17124,9 +17452,6 @@ if (message.parentDisplayName != null && message.hasOwnProperty("parentDisplayName")) if (!$util.isString(message.parentDisplayName)) return "parentDisplayName: string expected"; - if (message.type != null && message.hasOwnProperty("type")) - if (!$util.isString(message.type)) - return "type: string expected"; if (message.folders != null && message.hasOwnProperty("folders")) { if (!Array.isArray(message.folders)) return "folders: array expected"; @@ -17136,9 +17461,6 @@ return "folders." + error; } } - if (message.displayName != null && message.hasOwnProperty("displayName")) - if (!$util.isString(message.displayName)) - return "displayName: string expected"; return null; }; @@ -17156,6 +17478,10 @@ var message = new $root.google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult.Resource(); if (object.name != null) message.name = String(object.name); + if (object.displayName != null) + message.displayName = String(object.displayName); + if (object.type != null) + message.type = String(object.type); if (object.projectName != null) message.projectName = String(object.projectName); if (object.projectDisplayName != null) @@ -17164,8 +17490,6 @@ message.parentName = String(object.parentName); if (object.parentDisplayName != null) message.parentDisplayName = String(object.parentDisplayName); - if (object.type != null) - message.type = String(object.type); if (object.folders) { if (!Array.isArray(object.folders)) throw TypeError(".google.cloud.securitycenter.v1.ListFindingsResponse.ListFindingsResult.Resource.folders: array expected"); @@ -17176,8 +17500,6 @@ message.folders[i] = $root.google.cloud.securitycenter.v1.Folder.fromObject(object.folders[i]); } } - if (object.displayName != null) - message.displayName = String(object.displayName); return message; }; diff --git a/protos/protos.json b/protos/protos.json index fa20a22b..0f008793 100644 --- a/protos/protos.json +++ b/protos/protos.json @@ -8,11 +8,11 @@ "nested": { "v1": { "options": { + "csharp_namespace": "Google.Cloud.SecurityCenter.V1", "go_package": "google.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter", "java_multiple_files": true, "java_outer_classname": "ResourceProto", "java_package": "com.google.cloud.securitycenter.v1", - "csharp_namespace": "Google.Cloud.SecurityCenter.V1", "php_namespace": "Google\\Cloud\\SecurityCenter\\V1", "ruby_package": "Google::Cloud::SecurityCenter::V1", "(google.api.resource_definition).type": "pubsub.googleapis.com/Topic", @@ -362,6 +362,11 @@ "muteInitiator": { "type": "string", "id": 28 + }, + "iamBindings": { + "rule": "repeated", + "type": "IamBinding", + "id": 39 } }, "nested": { @@ -401,6 +406,31 @@ } } }, + "IamBinding": { + "fields": { + "action": { + "type": "Action", + "id": 1 + }, + "role": { + "type": "string", + "id": 2 + }, + "member": { + "type": "string", + "id": 3 + } + }, + "nested": { + "Action": { + "values": { + "ACTION_UNSPECIFIED": 0, + "ADD": 1, + "REMOVE": 2 + } + } + } + }, "Indicator": { "fields": { "ipAddresses": { @@ -491,7 +521,8 @@ "STEAL_WEB_SESSION_COOKIE": 25, "MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE": 26, "EXPLOIT_PUBLIC_FACING_APPLICATION": 27, - "MODIFY_AUTHENTICATION_PROCESS": 28 + "MODIFY_AUTHENTICATION_PROCESS": 28, + "DATA_DESTRUCTION": 29 } } } @@ -756,6 +787,14 @@ "type": "string", "id": 1 }, + "displayName": { + "type": "string", + "id": 8 + }, + "type": { + "type": "string", + "id": 6 + }, "project": { "type": "string", "id": 2 @@ -772,10 +811,6 @@ "type": "string", "id": 5 }, - "type": { - "type": "string", - "id": 6 - }, "folders": { "rule": "repeated", "type": "Folder", @@ -783,10 +818,6 @@ "options": { "(google.api.field_behavior)": "OUTPUT_ONLY" } - }, - "displayName": { - "type": "string", - "id": 8 } } }, @@ -2430,6 +2461,14 @@ "type": "string", "id": 1 }, + "displayName": { + "type": "string", + "id": 8 + }, + "type": { + "type": "string", + "id": 6 + }, "projectName": { "type": "string", "id": 2 @@ -2446,18 +2485,10 @@ "type": "string", "id": 5 }, - "type": { - "type": "string", - "id": 6 - }, "folders": { "rule": "repeated", "type": "Folder", "id": 7 - }, - "displayName": { - "type": "string", - "id": 8 } } } diff --git a/samples/generated/v1/security_center.update_security_marks.js b/samples/generated/v1/security_center.update_security_marks.js index 9827fb86..3f19fca7 100644 --- a/samples/generated/v1/security_center.update_security_marks.js +++ b/samples/generated/v1/security_center.update_security_marks.js @@ -40,7 +40,7 @@ function main(securityMarks) { * The time at which the updated SecurityMarks take effect. * If not set uses current server time. Updates will be applied to the * SecurityMarks that are active immediately preceding this time. Must be - * smaller or equal to the server time. + * earlier or equal to the server time. */ // const startTime = {} diff --git a/src/v1/security_center_client.ts b/src/v1/security_center_client.ts index 10ad8b68..85e45f8e 100644 --- a/src/v1/security_center_client.ts +++ b/src/v1/security_center_client.ts @@ -2702,7 +2702,7 @@ export class SecurityCenterClient { * The time at which the updated SecurityMarks take effect. * If not set uses current server time. Updates will be applied to the * SecurityMarks that are active immediately preceding this time. Must be - * smaller or equal to the server time. + * earlier or equal to the server time. * @param {object} [options] * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. * @returns {Promise} - The promise which resolves to an array. diff --git a/src/v1/security_center_proto_list.json b/src/v1/security_center_proto_list.json index 380ca1bb..db5193d0 100644 --- a/src/v1/security_center_proto_list.json +++ b/src/v1/security_center_proto_list.json @@ -5,6 +5,7 @@ "../../protos/google/cloud/securitycenter/v1/external_system.proto", "../../protos/google/cloud/securitycenter/v1/finding.proto", "../../protos/google/cloud/securitycenter/v1/folder.proto", + "../../protos/google/cloud/securitycenter/v1/iam_binding.proto", "../../protos/google/cloud/securitycenter/v1/indicator.proto", "../../protos/google/cloud/securitycenter/v1/mitre_attack.proto", "../../protos/google/cloud/securitycenter/v1/mute_config.proto",