Skip to content

Commit 0b212ba

Browse files
Google APIscopybara-github
Google APIs
authored and
copybara-github
committed
feat: Add user agent and DLP parent type fields to finding's list of attributes
PiperOrigin-RevId: 539195531
1 parent 40c463d commit 0b212ba

17 files changed

Lines changed: 145 additions & 106 deletions

google/cloud/securitycenter/v1/access.proto

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,9 @@ message Access {
4646
// system shell or an embedded or standalone application.
4747
string user_agent_family = 4;
4848

49+
// The caller's user agent string associated with the finding.
50+
string user_agent = 12;
51+
4952
// This is the API service that the service account made a call to, e.g.
5053
// "iam.googleapis.com"
5154
string service_name = 5;

google/cloud/securitycenter/v1/cloud_dlp_data_profile.proto

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -34,9 +34,24 @@ option (google.api.resource_definition) = {
3434
// The [data profile](https://cloud.google.com/dlp/docs/data-profiles)
3535
// associated with the finding.
3636
message CloudDlpDataProfile {
37+
// Parents for configurations that produce data profile findings.
38+
enum ParentType {
39+
// Unspecified parent type.
40+
PARENT_TYPE_UNSPECIFIED = 0;
41+
42+
// Organization-level configurations.
43+
ORGANIZATION = 1;
44+
45+
// Project-level configurations.
46+
PROJECT = 2;
47+
}
48+
3749
// Name of the data profile, for example,
3850
// `projects/123/locations/europe/tableProfiles/8383929`.
3951
string data_profile = 1 [(google.api.resource_reference) = {
4052
type: "dlp.googleapis.com/TableDataProfile"
4153
}];
54+
55+
// The resource hierarchy level at which the data profile was generated.
56+
ParentType parent_type = 2;
4257
}

google/cloud/securitycenter/v1/cloud_dlp_inspection.proto

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -40,8 +40,8 @@ message CloudDlpInspection {
4040
string inspect_job = 1
4141
[(google.api.resource_reference) = { type: "dlp.googleapis.com/DlpJob" }];
4242

43-
// The [type of
44-
// information](https://cloud.google.com/dlp/docs/infotypes-reference) found,
43+
// The type of information (or
44+
// *[infoType](https://cloud.google.com/dlp/docs/infotypes-reference)*) found,
4545
// for example, `EMAIL_ADDRESS` or `STREET_ADDRESS`.
4646
string info_type = 2;
4747

google/cloud/securitycenter/v1/compliance.proto

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -27,13 +27,13 @@ option ruby_package = "Google::Cloud::SecurityCenter::V1";
2727
// Contains compliance information about a security standard indicating unmet
2828
// recommendations.
2929
message Compliance {
30-
// Refers to industry wide standards or benchmarks e.g. "cis", "pci", "owasp",
31-
// etc.
30+
// Industry-wide compliance standards or benchmarks, such as CIS, PCI, and
31+
// OWASP.
3232
string standard = 1;
3333

34-
// Version of the standard/benchmark e.g. 1.1
34+
// Version of the standard or benchmark, for example, 1.1
3535
string version = 2;
3636

37-
// Policies within the standard/benchmark e.g. A.12.4.1
37+
// Policies within the standard or benchmark, for example, A.12.4.1
3838
repeated string ids = 3;
3939
}

google/cloud/securitycenter/v1/contact_details.proto

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ option java_package = "com.google.cloud.securitycenter.v1";
2424
option php_namespace = "Google\\Cloud\\SecurityCenter\\V1";
2525
option ruby_package = "Google::Cloud::SecurityCenter::V1";
2626

27-
// The details pertaining to specific contacts
27+
// Details about specific contacts
2828
message ContactDetails {
2929
// A list of contacts
3030
repeated Contact contacts = 1;

google/cloud/securitycenter/v1/container.proto

Lines changed: 5 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -28,16 +28,15 @@ option ruby_package = "Google::Cloud::SecurityCenter::V1";
2828

2929
// Container associated with the finding.
3030
message Container {
31-
// Container name.
31+
// Name of the container.
3232
string name = 1;
3333

34-
// Container image URI provided when configuring a pod/container.
35-
// May identify a container image version using mutable tags.
34+
// Container image URI provided when configuring a pod or container. This
35+
// string can identify a container image version using mutable tags.
3636
string uri = 2;
3737

38-
// Optional container image id, when provided by the container runtime.
39-
// Uniquely identifies the container image launched using a container image
40-
// digest.
38+
// Optional container image ID, if provided by the container runtime. Uniquely
39+
// identifies the container image launched using a container image digest.
4140
string image_id = 3;
4241

4342
// Container labels, as provided by the container runtime.

google/cloud/securitycenter/v1/database.proto

Lines changed: 20 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -24,29 +24,35 @@ option java_package = "com.google.cloud.securitycenter.v1";
2424
option php_namespace = "Google\\Cloud\\SecurityCenter\\V1";
2525
option ruby_package = "Google::Cloud::SecurityCenter::V1";
2626

27-
// Represents database access information, such as queries.
28-
// A database may be a sub-resource of an instance (as in the case of CloudSQL
29-
// instances or Cloud Spanner instances), or the database instance itself.
30-
// Some database resources may not have the full resource name populated
31-
// because these resource types are not yet supported by Cloud Asset Inventory
32-
// (e.g. CloudSQL databases). In these cases only the display name will be
27+
// Represents database access information, such as queries. A database may be a
28+
// sub-resource of an instance (as in the case of Cloud SQL instances or Cloud
29+
// Spanner instances), or the database instance itself. Some database resources
30+
// might not have the [full resource
31+
// name](https://google.aip.dev/122#full-resource-names) populated because these
32+
// resource types, such as Cloud SQL databases, are not yet supported by Cloud
33+
// Asset Inventory. In these cases only the display name is provided.
34+
// Some database resources may not have the [full resource
35+
// name](https://google.aip.dev/122#full-resource-names) populated because
36+
// these resource types are not yet supported by Cloud Asset Inventory (e.g.
37+
// Cloud SQL databases). In these cases only the display name will be
3338
// provided.
3439
message Database {
35-
// The full resource name of the database the user connected to, if it is
36-
// supported by CAI. (https://google.aip.dev/122#full-resource-names)
40+
// The [full resource name](https://google.aip.dev/122#full-resource-names) of
41+
// the database that the user connected to, if it is supported by Cloud Asset
42+
// Inventory.
3743
string name = 1;
3844

39-
// The human readable name of the database the user connected to.
45+
// The human-readable name of the database that the user connected to.
4046
string display_name = 2;
4147

42-
// The username used to connect to the DB. This may not necessarily be an IAM
43-
// principal, and has no required format.
48+
// The username used to connect to the database. The username might not be an
49+
// IAM principal and does not have a set format.
4450
string user_name = 3;
4551

46-
// The SQL statement associated with the relevant access.
52+
// The SQL statement that is associated with the database access.
4753
string query = 4;
4854

49-
// The target usernames/roles/groups of a SQL privilege grant (not an IAM
50-
// policy change).
55+
// The target usernames, roles, or groups of an SQL privilege grant, which is
56+
// not an IAM policy change.
5157
repeated string grantees = 5;
5258
}

google/cloud/securitycenter/v1/exfiltration.proto

Lines changed: 12 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -24,10 +24,10 @@ option java_package = "com.google.cloud.securitycenter.v1";
2424
option php_namespace = "Google\\Cloud\\SecurityCenter\\V1";
2525
option ruby_package = "Google::Cloud::SecurityCenter::V1";
2626

27-
// Exfiltration represents a data exfiltration attempt of one or more
28-
// sources to one or more targets. Sources represent the source
29-
// of data that is exfiltrated, and Targets represents the destination the
30-
// data was copied to.
27+
// Exfiltration represents a data exfiltration attempt from one or more sources
28+
// to one or more targets. The `sources` attribute lists the sources of the
29+
// exfiltrated data. The `targets` attribute lists the destinations the data was
30+
// copied to.
3131
message Exfiltration {
3232
// If there are multiple sources, then the data is considered "joined" between
3333
// them. For instance, BigQuery can join multiple tables, and each
@@ -39,14 +39,16 @@ message Exfiltration {
3939
repeated ExfilResource targets = 2;
4040
}
4141

42-
// Resource that has been exfiltrated or exfiltrated_to.
42+
// Resource where data was exfiltrated from or exfiltrated to.
4343
message ExfilResource {
44-
// Resource's URI (https://google.aip.dev/122#full-resource-names)
44+
// The resource's [full resource
45+
// name](https://cloud.google.com/apis/design/resource_names#full_resource_name).
4546
string name = 1;
4647

47-
// Subcomponents of the asset that is exfiltrated - these could be
48-
// URIs used during exfiltration, table names, databases, filenames, etc.
49-
// For example, multiple tables may be exfiltrated from the same CloudSQL
50-
// instance, or multiple files from the same Cloud Storage bucket.
48+
// Subcomponents of the asset that was exfiltrated, like URIs used during
49+
// exfiltration, table names, databases, and filenames. For example, multiple
50+
// tables might have been exfiltrated from the same Cloud SQL instance, or
51+
// multiple files might have been exfiltrated from the same Cloud Storage
52+
// bucket.
5153
repeated string components = 2;
5254
}

google/cloud/securitycenter/v1/file.proto

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,6 @@ message File {
4646
// True when the hash covers only a prefix of the file.
4747
bool partially_hashed = 5;
4848

49-
// Prefix of the file contents as a JSON encoded string.
50-
// (Currently only populated for Malicious Script Executed findings.)
49+
// Prefix of the file contents as a JSON-encoded string.
5150
string contents = 6;
5251
}

google/cloud/securitycenter/v1/iam_binding.proto

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ message IamBinding {
4646
// For example, "roles/viewer", "roles/editor", or "roles/owner".
4747
string role = 2;
4848

49-
// A single identity requesting access for a Cloud Platform resource,
50-
// e.g. "[email protected]".
49+
// A single identity requesting access for a Cloud Platform resource, for
50+
// example, "[email protected]".
5151
string member = 3;
5252
}

0 commit comments

Comments
 (0)