Skip to content

Commit b4717ef

Browse files
gcf-owl-bot[bot]d-googsofisl
authored
feat: [securitycenter] Added security center api V2 client library (#5073)
* feat: Add load balancer, log entry, org policy, database.version, exfiltration.total_exfiltrated_bytes, file.disk_path, indicator.signature_type, and kubernetes.objects to finding's list of attributes PiperOrigin-RevId: 609614842 Source-Link: googleapis/googleapis@d2c86cf Source-Link: googleapis/googleapis-gen@612923b Copy-Tag: eyJwIjoicGFja2FnZXMvZ29vZ2xlLWNsb3VkLXNlY3VyaXR5Y2VudGVyLy5Pd2xCb3QueWFtbCIsImgiOiI2MTI5MjNiYWM0YWJlYTg1ZTFkNzU2MTI0YWNlZjk5MTIzMzNkNzUwIn0= * 🦉 Updates from OwlBot post-processor See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md * fix: Add client library version to headers fix: Allow bundlers to bundle JSON files correctly for ESM deps: Update dependency google-gax to ^4.3.1 fix: Export types from protos in ESM PiperOrigin-RevId: 609821360 Source-Link: googleapis/googleapis@5c5ecf0 Source-Link: googleapis/googleapis-gen@b875fcd Copy-Tag: eyJwIjoicGFja2FnZXMvZ29vZ2xlLWNsb3VkLXNlY3VyaXR5Y2VudGVyLy5Pd2xCb3QueWFtbCIsImgiOiJiODc1ZmNkZDE0YjRkZWY2NTIxODI5MzAwM2Q5YmVjNGI4NDJlY2E3In0= * 🦉 Updates from OwlBot post-processor See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md * Update .OwlBot.lock.yaml * 🦉 Updates from OwlBot post-processor See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md * feat: Add container.create_time, vulnerability.offending_package, vulnerability.fixed_package, vulnerability.security_bulletin, vulnerability.cve.impact, vulnerability.cve.exploitation_activity, vulnerability.cve.observed_in_the_wild, vulnerability.cve.zero_day to finding's list of attributes PiperOrigin-RevId: 611114785 Source-Link: googleapis/googleapis@4bde689 Source-Link: googleapis/googleapis-gen@b1cd799 Copy-Tag: eyJwIjoicGFja2FnZXMvZ29vZ2xlLWNsb3VkLXNlY3VyaXR5Y2VudGVyLy5Pd2xCb3QueWFtbCIsImgiOiJiMWNkNzk5YzRlMTI0N2Y3MDQ3MWZjMzcwOTYzZDE0YWJmYjAyNTdjIn0= * 🦉 Updates from OwlBot post-processor See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md * Update owlbot.py * Update owlbot.py * feat: Added security center api V2 client library PiperOrigin-RevId: 611571259 Source-Link: googleapis/googleapis@e42dca2 Source-Link: googleapis/googleapis-gen@c7150bf Copy-Tag: eyJwIjoicGFja2FnZXMvZ29vZ2xlLWNsb3VkLXNlY3VyaXR5Y2VudGVyLy5Pd2xCb3QueWFtbCIsImgiOiJjNzE1MGJmNTM1NDcyYTM0YjUyZDk4MzZhZjk3MjY2NDAyZTQ5YTA4In0= * 🦉 Updates from OwlBot post-processor See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md * Update owlbot.py * Update owlbot.py * Update owlbot.py * 🦉 Updates from OwlBot post-processor See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md --------- Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com> Co-authored-by: Daniel Bankhead <[email protected]> Co-authored-by: sofisl <[email protected]>
1 parent 45aa7f1 commit b4717ef

111 files changed

Lines changed: 131296 additions & 30953 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

packages/google-cloud-securitycenter/README.md

Lines changed: 40 additions & 0 deletions
Large diffs are not rendered by default.

packages/google-cloud-securitycenter/owlbot.py

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,8 +13,12 @@
1313
# limitations under the License.
1414

1515
import synthtool.languages.node_mono_repo as node
16+
import synthtool as s
1617

1718
node.owlbot_main(relative_dir="packages/google-cloud-securitycenter",
1819
staging_excludes=['package.json', 'README.md'],
1920
templates_excludes=['.kokoro/samples-test.sh', '.kokoro/samples-test.sh']
2021
)
22+
23+
s.replace("packages/google-cloud-securitycenter/protos/protos.d.ts", r"Kubernetes\.object", "Kubernetes.Object")
24+
s.replace("packages/google-cloud-securitycenter/build/protos/protos.d.ts", r"Kubernetes\.object", "Kubernetes.Object")

packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/container.proto

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,7 @@ syntax = "proto3";
1717
package google.cloud.securitycenter.v1;
1818

1919
import "google/cloud/securitycenter/v1/label.proto";
20+
import "google/protobuf/timestamp.proto";
2021

2122
option csharp_namespace = "Google.Cloud.SecurityCenter.V1";
2223
option go_package = "cloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb";
@@ -41,4 +42,7 @@ message Container {
4142

4243
// Container labels, as provided by the container runtime.
4344
repeated Label labels = 4;
45+
46+
// The time that the container was created.
47+
google.protobuf.Timestamp create_time = 5;
4448
}

packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/database.proto

Lines changed: 10 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -31,12 +31,12 @@ option ruby_package = "Google::Cloud::SecurityCenter::V1";
3131
// name](https://google.aip.dev/122#full-resource-names) populated because these
3232
// resource types, such as Cloud SQL databases, are not yet supported by Cloud
3333
// Asset Inventory. In these cases only the display name is provided.
34-
// Some database resources may not have the [full resource
35-
// name](https://google.aip.dev/122#full-resource-names) populated because
36-
// these resource types are not yet supported by Cloud Asset Inventory (e.g.
37-
// Cloud SQL databases). In these cases only the display name will be
38-
// provided.
3934
message Database {
35+
// Some database resources may not have the [full resource
36+
// name](https://google.aip.dev/122#full-resource-names) populated because
37+
// these resource types are not yet supported by Cloud Asset Inventory (e.g.
38+
// Cloud SQL databases). In these cases only the display name will be
39+
// provided.
4040
// The [full resource name](https://google.aip.dev/122#full-resource-names) of
4141
// the database that the user connected to, if it is supported by Cloud Asset
4242
// Inventory.
@@ -55,4 +55,9 @@ message Database {
5555
// The target usernames, roles, or groups of an SQL privilege grant, which is
5656
// not an IAM policy change.
5757
repeated string grantees = 5;
58+
59+
// The version of the database, for example, POSTGRES_14.
60+
// See [the complete
61+
// list](https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1/SqlDatabaseVersion).
62+
string version = 6;
5863
}

packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/exfiltration.proto

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,9 @@ message Exfiltration {
3737
// If there are multiple targets, each target would get a complete copy of the
3838
// "joined" source data.
3939
repeated ExfilResource targets = 2;
40+
41+
// Total exfiltrated bytes processed for the entire job.
42+
int64 total_exfiltrated_bytes = 3;
4043
}
4144

4245
// Resource where data was exfiltrated from or exfiltrated to.

packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/file.proto

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,17 @@ option ruby_package = "Google::Cloud::SecurityCenter::V1";
2727
// File information about the related binary/library used by an executable, or
2828
// the script used by a script interpreter
2929
message File {
30+
// Path of the file in terms of underlying disk/partition identifiers.
31+
message DiskPath {
32+
// UUID of the partition (format
33+
// https://wiki.archlinux.org/title/persistent_block_device_naming#by-uuid)
34+
string partition_uuid = 1;
35+
36+
// Relative path of the file in the partition as a JSON encoded string.
37+
// Example: /home/user1/executable_file.sh
38+
string relative_path = 2;
39+
}
40+
3041
// Absolute path of the file as a JSON encoded string.
3142
string path = 1;
3243

@@ -48,4 +59,7 @@ message File {
4859

4960
// Prefix of the file contents as a JSON-encoded string.
5061
string contents = 6;
62+
63+
// Path of the file in terms of underlying disk/partition identifiers.
64+
DiskPath disk_path = 7;
5165
}

packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/finding.proto

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,10 @@ import "google/cloud/securitycenter/v1/iam_binding.proto";
3535
import "google/cloud/securitycenter/v1/indicator.proto";
3636
import "google/cloud/securitycenter/v1/kernel_rootkit.proto";
3737
import "google/cloud/securitycenter/v1/kubernetes.proto";
38+
import "google/cloud/securitycenter/v1/load_balancer.proto";
39+
import "google/cloud/securitycenter/v1/log_entry.proto";
3840
import "google/cloud/securitycenter/v1/mitre_attack.proto";
41+
import "google/cloud/securitycenter/v1/org_policy.proto";
3942
import "google/cloud/securitycenter/v1/process.proto";
4043
import "google/cloud/securitycenter/v1/security_marks.proto";
4144
import "google/cloud/securitycenter/v1/vulnerability.proto";
@@ -362,9 +365,18 @@ message Finding {
362365
// Signature of the kernel rootkit.
363366
KernelRootkit kernel_rootkit = 50;
364367

368+
// Contains information about the org policies associated with the finding.
369+
repeated OrgPolicy org_policies = 51;
370+
365371
// Represents an application associated with the finding.
366372
Application application = 53;
367373

368374
// Fields related to Backup and DR findings.
369375
BackupDisasterRecovery backup_disaster_recovery = 55;
376+
377+
// Log entries that are relevant to the finding.
378+
repeated LogEntry log_entries = 57;
379+
380+
// The load balancers associated with the finding.
381+
repeated LoadBalancer load_balancers = 58;
370382
}

packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/indicator.proto

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -59,13 +59,28 @@ message Indicator {
5959
string yara_rule = 5;
6060
}
6161

62+
// Possible resource types to be associated with a signature.
63+
enum SignatureType {
64+
// The default signature type.
65+
SIGNATURE_TYPE_UNSPECIFIED = 0;
66+
67+
// Used for signatures concerning processes.
68+
SIGNATURE_TYPE_PROCESS = 1;
69+
70+
// Used for signatures concerning disks.
71+
SIGNATURE_TYPE_FILE = 2;
72+
}
73+
6274
oneof signature {
6375
// Signature indicating that a binary family was matched.
6476
MemoryHashSignature memory_hash_signature = 6;
6577

6678
// Signature indicating that a YARA rule was matched.
6779
YaraRuleSignature yara_rule_signature = 7;
6880
}
81+
82+
// Describes the type of resource associated with the signature.
83+
SignatureType signature_type = 8;
6984
}
7085

7186
// The list of IP addresses that are associated with the finding.

packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/kubernetes.proto

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -158,6 +158,29 @@ message Kubernetes {
158158
string version = 7;
159159
}
160160

161+
// Kubernetes object related to the finding, uniquely identified by GKNN.
162+
// Used if the object Kind is not one of Pod, Node, NodePool, Binding, or
163+
// AccessReview.
164+
message Object {
165+
// Kubernetes object group, such as "policy.k8s.io/v1".
166+
string group = 1;
167+
168+
// Kubernetes object kind, such as "Namespace".
169+
string kind = 2;
170+
171+
// Kubernetes object namespace. Must be a valid DNS label. Named
172+
// "ns" to avoid collision with C++ namespace keyword. For details see
173+
// https://kubernetes.io/docs/tasks/administer-cluster/namespaces/.
174+
string ns = 3;
175+
176+
// Kubernetes object name. For details see
177+
// https://kubernetes.io/docs/concepts/overview/working-with-objects/names/.
178+
string name = 4;
179+
180+
// Pod containers associated with this finding, if any.
181+
repeated Container containers = 5;
182+
}
183+
161184
// Kubernetes
162185
// [Pods](https://cloud.google.com/kubernetes-engine/docs/concepts/pod)
163186
// associated with the finding. This field contains Pod records for each
@@ -187,4 +210,7 @@ message Kubernetes {
187210
// Provides information on any Kubernetes access reviews (privilege checks)
188211
// relevant to the finding.
189212
repeated AccessReview access_reviews = 6;
213+
214+
// Kubernetes objects related to the finding.
215+
repeated Object objects = 7;
190216
}

packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/load_balancer.proto

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,32 @@
1+
// Copyright 2024 Google LLC
2+
//
3+
// Licensed under the Apache License, Version 2.0 (the "License");
4+
// you may not use this file except in compliance with the License.
5+
// You may obtain a copy of the License at
6+
//
7+
// http://www.apache.org/licenses/LICENSE-2.0
8+
//
9+
// Unless required by applicable law or agreed to in writing, software
10+
// distributed under the License is distributed on an "AS IS" BASIS,
11+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12+
// See the License for the specific language governing permissions and
13+
// limitations under the License.
14+
15+
syntax = "proto3";
16+
17+
package google.cloud.securitycenter.v1;
18+
19+
option csharp_namespace = "Google.Cloud.SecurityCenter.V1";
20+
option go_package = "cloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb";
21+
option java_multiple_files = true;
22+
option java_outer_classname = "LoadBalancerProto";
23+
option java_package = "com.google.cloud.securitycenter.v1";
24+
option php_namespace = "Google\\Cloud\\SecurityCenter\\V1";
25+
option ruby_package = "Google::Cloud::SecurityCenter::V1";
26+
27+
// Contains information related to the load balancer associated with the
28+
// finding.
29+
message LoadBalancer {
30+
// The name of the load balancer associated with the finding.
31+
string name = 1;
32+
}

0 commit comments

Comments
 (0)