feat: Add toxic_combination and group_memberships fields to finding

Google APIs · copybara-github · commit 2651ef842e32 · 2024-06-24T14:33:08.000-07:00
PiperOrigin-RevId: 646222944
diff --git a/google/cloud/securitycenter/v2/BUILD.bazel b/google/cloud/securitycenter/v2/BUILD.bazel
@@ -41,6 +41,7 @@ proto_library(
         "external_system.proto",
         "file.proto",
         "finding.proto",
+        "group_membership.proto",
         "iam_binding.proto",
         "indicator.proto",
         "kernel_rootkit.proto",
@@ -61,6 +62,7 @@ proto_library(
         "securitycenter_service.proto",
         "simulation.proto",
         "source.proto",
+        "toxic_combination.proto",
         "valued_resource.proto",
         "vulnerability.proto",
     ],
diff --git a/google/cloud/securitycenter/v2/finding.proto b/google/cloud/securitycenter/v2/finding.proto
@@ -32,6 +32,7 @@ import "google/cloud/securitycenter/v2/database.proto";
 import "google/cloud/securitycenter/v2/exfiltration.proto";
 import "google/cloud/securitycenter/v2/external_system.proto";
 import "google/cloud/securitycenter/v2/file.proto";
+import "google/cloud/securitycenter/v2/group_membership.proto";
 import "google/cloud/securitycenter/v2/iam_binding.proto";
 import "google/cloud/securitycenter/v2/indicator.proto";
 import "google/cloud/securitycenter/v2/kernel_rootkit.proto";
@@ -43,6 +44,7 @@ import "google/cloud/securitycenter/v2/org_policy.proto";
 import "google/cloud/securitycenter/v2/process.proto";
 import "google/cloud/securitycenter/v2/security_marks.proto";
 import "google/cloud/securitycenter/v2/security_posture.proto";
+import "google/cloud/securitycenter/v2/toxic_combination.proto";
 import "google/cloud/securitycenter/v2/vulnerability.proto";
 import "google/protobuf/struct.proto";
 import "google/protobuf/timestamp.proto";
@@ -188,6 +190,10 @@ message Finding {
     // Describes a potential security risk due to a change in the security
     // posture.
     POSTURE_VIOLATION = 6;
+
+    // Describes a combination of security issues that represent a more severe
+    // security problem when taken together.
+    TOXIC_COMBINATION = 7;
   }
 
   // The [relative resource
@@ -424,4 +430,16 @@ message Finding {
 
   // The load balancers associated with the finding.
   repeated LoadBalancer load_balancers = 50;
+
+  // Contains details about a group of security issues that, when the issues
+  // occur together, represent a greater risk than when the issues occur
+  // independently. A group of such issues is referred to as a toxic
+  // combination.
+  // This field cannot be updated. Its value is ignored in all update requests.
+  ToxicCombination toxic_combination = 56;
+
+  // Contains details about groups of which this finding is a member. A group is
+  // a collection of findings that are related in some way.
+  // This field cannot be updated. Its value is ignored in all update requests.
+  repeated GroupMembership group_memberships = 57;
 }
diff --git a/google/cloud/securitycenter/v2/group_membership.proto b/google/cloud/securitycenter/v2/group_membership.proto
@@ -0,0 +1,44 @@
+// Copyright 2024 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package google.cloud.securitycenter.v2;
+
+option csharp_namespace = "Google.Cloud.SecurityCenter.V2";
+option go_package = "cloud.google.com/go/securitycenter/apiv2/securitycenterpb;securitycenterpb";
+option java_multiple_files = true;
+option java_outer_classname = "GroupMembershipProto";
+option java_package = "com.google.cloud.securitycenter.v2";
+option php_namespace = "Google\\Cloud\\SecurityCenter\\V2";
+option ruby_package = "Google::Cloud::SecurityCenter::V2";
+
+// Contains details about groups of which this finding is a member. A group is a
+// collection of findings that are related in some way.
+message GroupMembership {
+  // Possible types of groups.
+  enum GroupType {
+    // Default value.
+    GROUP_TYPE_UNSPECIFIED = 0;
+
+    // Group represents a toxic combination.
+    GROUP_TYPE_TOXIC_COMBINATION = 1;
+  }
+
+  // Type of group.
+  GroupType group_type = 1;
+
+  // ID of the group.
+  string group_id = 2;
+}
diff --git a/google/cloud/securitycenter/v2/toxic_combination.proto b/google/cloud/securitycenter/v2/toxic_combination.proto
@@ -0,0 +1,42 @@
+// Copyright 2024 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package google.cloud.securitycenter.v2;
+
+option csharp_namespace = "Google.Cloud.SecurityCenter.V2";
+option go_package = "cloud.google.com/go/securitycenter/apiv2/securitycenterpb;securitycenterpb";
+option java_multiple_files = true;
+option java_outer_classname = "ToxicCombinationProto";
+option java_package = "com.google.cloud.securitycenter.v2";
+option php_namespace = "Google\\Cloud\\SecurityCenter\\V2";
+option ruby_package = "Google::Cloud::SecurityCenter::V2";
+
+// Contains details about a group of security issues that, when the issues
+// occur together, represent a greater risk than when the issues occur
+// independently. A group of such issues is referred to as a toxic
+// combination.
+message ToxicCombination {
+  // The
+  // [Attack exposure
+  // score](https://cloud.google.com/security-command-center/docs/attack-exposure-learn#attack_exposure_scores)
+  // of this toxic combination. The score is a measure of how much this toxic
+  // combination exposes one or more high-value resources to potential attack.
+  double attack_exposure_score = 1;
+
+  // List of resource names of findings associated with this toxic combination.
+  // For example, `organizations/123/sources/456/findings/789`.
+  repeated string related_findings = 2;
+}
