From 693d417cc329728350d5d6ce74abf62b8783dacc Mon Sep 17 00:00:00 2001 From: "gcf-owl-bot[bot]" <78513119+gcf-owl-bot[bot]@users.noreply.github.com> Date: Tue, 6 Dec 2022 15:02:05 -0500 Subject: [PATCH] feat: add kernel_rootkit field to finding's list of attributes (#3699) docs: miscellaneous style improvements PiperOrigin-RevId: 493119809 Source-Link: https://github.com/googleapis/googleapis/commit/6aff6786b511f8faaf2fd2288385f4ffc1e33d3c Source-Link: https://github.com/googleapis/googleapis-gen/commit/ee521940a017f393fce7731e4c22a43aff6b000e Copy-Tag: eyJwIjoicGFja2FnZXMvZ29vZ2xlLWNsb3VkLXNlY3VyaXR5Y2VudGVyLy5Pd2xCb3QueWFtbCIsImgiOiJlZTUyMTk0MGEwMTdmMzkzZmNlNzczMWU0YzIyYTQzYWZmNmIwMDBlIn0= See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md Co-authored-by: Owl Bot Co-authored-by: Benjamin E. Coe --- .../securitycenter/v1/external_system.proto | 9 +- .../cloud/securitycenter/v1/finding.proto | 6 +- .../securitycenter/v1/kernel_rootkit.proto | 62 +++ .../v1/notification_config.proto | 4 +- .../v1/securitycenter_service.proto | 62 +-- .../protos/protos.d.ts | 151 +++++++ .../protos/protos.js | 416 ++++++++++++++++++ .../protos/protos.json | 44 ++ ...security_center.create_big_query_export.js | 6 +- ...urity_center.create_notification_config.js | 4 +- ...security_center.delete_big_query_export.js | 2 +- ...urity_center.delete_notification_config.js | 4 +- .../security_center.get_big_query_export.js | 2 +- ...security_center.get_notification_config.js | 4 +- .../v1/security_center.group_assets.js | 2 +- .../v1/security_center.list_assets.js | 4 +- ...curity_center.list_notification_configs.js | 6 +- .../v1/security_center.set_finding_state.js | 10 +- .../generated/v1/security_center.set_mute.js | 6 +- ...tadata.google.cloud.securitycenter.v1.json | 12 +- .../src/v1/security_center_client.ts | 83 ++-- .../src/v1/security_center_proto_list.json | 1 + .../src/v1beta1/security_center_client.ts | 3 + .../src/v1p1beta1/security_center_client.ts | 3 + 24 files changed, 806 insertions(+), 100 deletions(-) create mode 100644 packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/kernel_rootkit.proto diff --git a/packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/external_system.proto b/packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/external_system.proto index 8ba698138da..66034dfc4cf 100644 --- a/packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/external_system.proto +++ b/packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/external_system.proto @@ -36,11 +36,10 @@ message ExternalSystem { pattern: "projects/{project}/sources/{source}/findings/{finding}/externalSystems/{externalsystem}" }; - // External System Name e.g. jira, demisto, etc. - // e.g.: - // `organizations/1234/sources/5678/findings/123456/externalSystems/jira` - // `folders/1234/sources/5678/findings/123456/externalSystems/jira` - // `projects/1234/sources/5678/findings/123456/externalSystems/jira` + // Full resource name of the external system, for example: + // "organizations/1234/sources/5678/findings/123456/externalSystems/jira", + // "folders/1234/sources/5678/findings/123456/externalSystems/jira", + // "projects/1234/sources/5678/findings/123456/externalSystems/jira" string name = 1; // References primary/secondary etc assignees in the external system. diff --git a/packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/finding.proto b/packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/finding.proto index 755b661772d..a16f1d51160 100644 --- a/packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/finding.proto +++ b/packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/finding.proto @@ -29,6 +29,7 @@ import "google/cloud/securitycenter/v1/external_system.proto"; import "google/cloud/securitycenter/v1/file.proto"; import "google/cloud/securitycenter/v1/iam_binding.proto"; import "google/cloud/securitycenter/v1/indicator.proto"; +import "google/cloud/securitycenter/v1/kernel_rootkit.proto"; import "google/cloud/securitycenter/v1/kubernetes.proto"; import "google/cloud/securitycenter/v1/mitre_attack.proto"; import "google/cloud/securitycenter/v1/process.proto"; @@ -253,7 +254,7 @@ message Finding { // Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise Indicator indicator = 18; - // Represents vulnerability specific fields like cve, cvss scores etc. + // Represents vulnerability-specific fields like CVE and CVS scores. // CVE stands for Common Vulnerabilities and Exposures // (https://cve.mitre.org/about/) Vulnerability vulnerability = 20; @@ -336,4 +337,7 @@ message Finding { // File associated with the finding. repeated File files = 46; + + // Kernel Rootkit signature. + KernelRootkit kernel_rootkit = 50; } diff --git a/packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/kernel_rootkit.proto b/packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/kernel_rootkit.proto new file mode 100644 index 00000000000..1010e3effcb --- /dev/null +++ b/packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/kernel_rootkit.proto @@ -0,0 +1,62 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package google.cloud.securitycenter.v1; + +option csharp_namespace = "Google.Cloud.SecurityCenter.V1"; +option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter"; +option java_multiple_files = true; +option java_outer_classname = "KernelRootkitProto"; +option java_package = "com.google.cloud.securitycenter.v1"; +option php_namespace = "Google\\Cloud\\SecurityCenter\\V1"; +option ruby_package = "Google::Cloud::SecurityCenter::V1"; + +// Kernel mode rootkit signatures. +message KernelRootkit { + // Rootkit name when available. + string name = 1; + + // True if unexpected modifications of kernel code memory are present. + bool unexpected_code_modification = 2; + + // True if unexpected modifications of kernel read-only data memory are + // present. + bool unexpected_read_only_data_modification = 3; + + // True if `ftrace` points are present with callbacks pointing to regions + // that are not in the expected kernel or module code range. + bool unexpected_ftrace_handler = 4; + + // True if `kprobe` points are present with callbacks pointing to regions + // that are not in the expected kernel or module code range. + bool unexpected_kprobe_handler = 5; + + // True if kernel code pages that are not in the expected kernel or module + // code regions are present. + bool unexpected_kernel_code_pages = 6; + + // True if system call handlers that are are not in the expected kernel or + // module code regions are present. + bool unexpected_system_call_handler = 7; + + // True if interrupt handlers that are are not in the expected kernel or + // module code regions are present. + bool unexpected_interrupt_handler = 8; + + // True if unexpected processes in the scheduler run queue are present. Such + // processes are in the run queue, but not in the process task list. + bool unexpected_processes_in_runqueue = 9; +} diff --git a/packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/notification_config.proto b/packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/notification_config.proto index ee1e9546078..00e8c1e8a42 100644 --- a/packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/notification_config.proto +++ b/packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/notification_config.proto @@ -73,7 +73,9 @@ message NotificationConfig { // The relative resource name of this notification config. See: // https://cloud.google.com/apis/design/resource_names#relative_resource_name // Example: - // "organizations/{organization_id}/notificationConfigs/notify_public_bucket". + // "organizations/{organization_id}/notificationConfigs/notify_public_bucket", + // "folders/{folder_id}/notificationConfigs/notify_public_bucket", + // or "projects/{project_id}/notificationConfigs/notify_public_bucket". string name = 1; // The description of the notification config (max of 1024 characters). diff --git a/packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/securitycenter_service.proto b/packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/securitycenter_service.proto index 24e5e27e610..ad77642d579 100644 --- a/packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/securitycenter_service.proto +++ b/packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/securitycenter_service.proto @@ -161,7 +161,7 @@ service SecurityCenter { option (google.api.method_signature) = "name"; } - // Gets a big query export. + // Gets a BigQuery export. rpc GetBigQueryExport(GetBigQueryExportRequest) returns (BigQueryExport) { option (google.api.http) = { get: "/v1/{name=organizations/*/bigQueryExports/*}" @@ -507,7 +507,7 @@ service SecurityCenter { option (google.api.method_signature) = "security_marks"; } - // Creates a big query export. + // Creates a BigQuery export. rpc CreateBigQueryExport(CreateBigQueryExportRequest) returns (BigQueryExport) { option (google.api.http) = { @@ -526,7 +526,7 @@ service SecurityCenter { "parent,big_query_export,big_query_export_id"; } - // Deletes an existing big query export. + // Deletes an existing BigQuery export. rpc DeleteBigQueryExport(DeleteBigQueryExportRequest) returns (google.protobuf.Empty) { option (google.api.http) = { @@ -673,8 +673,8 @@ message CreateNotificationConfigRequest { // Required. // Unique identifier provided by the client within the parent scope. - // It must be between 1 and 128 characters, and contains alphanumeric - // characters, underscores or hyphens only. + // It must be between 1 and 128 characters and contain alphanumeric + // characters, underscores, or hyphens only. string config_id = 2 [(google.api.field_behavior) = REQUIRED]; // Required. The notification config being created. The name and the service @@ -717,7 +717,9 @@ message DeleteMuteConfigRequest { // Request message for deleting a notification config. message DeleteNotificationConfigRequest { // Required. Name of the notification config to delete. Its format is - // "organizations/[organization_id]/notificationConfigs/[config_id]". + // "organizations/[organization_id]/notificationConfigs/[config_id]", + // "folders/[folder_id]/notificationConfigs/[config_id]", + // or "projects/[project_id]/notificationConfigs/[config_id]". string name = 1 [ (google.api.field_behavior) = REQUIRED, (google.api.resource_reference) = { @@ -726,9 +728,9 @@ message DeleteNotificationConfigRequest { ]; } -// Request message for retrieving a big query export. +// Request message for retrieving a BigQuery export. message GetBigQueryExportRequest { - // Required. Name of the big query export to retrieve. Its format is + // Required. Name of the BigQuery export to retrieve. Its format is // organizations/{organization}/bigQueryExports/{export_id}, // folders/{folder}/bigQueryExports/{export_id}, or // projects/{project}/bigQueryExports/{export_id} @@ -757,7 +759,9 @@ message GetMuteConfigRequest { // Request message for getting a notification config. message GetNotificationConfigRequest { // Required. Name of the notification config to get. Its format is - // "organizations/[organization_id]/notificationConfigs/[config_id]". + // "organizations/[organization_id]/notificationConfigs/[config_id]", + // "folders/[folder_id]/notificationConfigs/[config_id]", + // or "projects/[project_id]/notificationConfigs/[config_id]". string name = 1 [ (google.api.field_behavior) = REQUIRED, (google.api.resource_reference) = { @@ -792,7 +796,7 @@ message GetSourceRequest { // Request message for grouping by assets. message GroupAssetsRequest { - // Required. Name of the organization to groupBy. Its format is + // Required. The name of the parent to group the assets by. Its format is // "organizations/[organization_id], folders/[folder_id], or // projects/[project_id]". string parent = 1 [ @@ -1159,9 +1163,9 @@ message ListMuteConfigsResponse { // Request message for listing notification configs. message ListNotificationConfigsRequest { - // Required. Name of the organization to list notification configs. Its format - // is "organizations/[organization_id]", "folders/[folder_id]", or - // "projects/[project_id]". + // Required. The name of the parent in which to list the notification + // configurations. Its format is "organizations/[organization_id]", + // "folders/[folder_id]", or "projects/[project_id]". string parent = 1 [ (google.api.field_behavior) = REQUIRED, (google.api.resource_reference) = { @@ -1223,8 +1227,8 @@ message ListSourcesResponse { // Request message for listing assets. message ListAssetsRequest { - // Required. Name of the organization assets should belong to. Its format is - // "organizations/[organization_id], folders/[folder_id], or + // Required. The name of the parent that the listed assets belong to. Its + // format is "organizations/[organization_id], folders/[folder_id], or // projects/[project_id]". string parent = 1 [ (google.api.field_behavior) = REQUIRED, @@ -1652,10 +1656,12 @@ message ListFindingsResponse { // Request message for updating a finding's state. message SetFindingStateRequest { - // Required. The relative resource name of the finding. See: - // https://cloud.google.com/apis/design/resource_names#relative_resource_name - // Example: - // "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}". + // Required. The [relative resource + // name](https://cloud.google.com/apis/design/resource_names#relative_resource_name) + // of the finding. Example: + // "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", + // "folders/{folder_id}/sources/{source_id}/findings/{finding_id}", + // "projects/{project_id}/sources/{source_id}/findings/{finding_id}". string name = 1 [ (google.api.field_behavior) = REQUIRED, (google.api.resource_reference) = { @@ -1673,9 +1679,9 @@ message SetFindingStateRequest { // Request message for updating a finding's mute status. message SetMuteRequest { - // Required. The relative resource name of the finding. See: - // https://cloud.google.com/apis/design/resource_names#relative_resource_name - // Example: + // Required. The [relative resource + // name](https://cloud.google.com/apis/design/resource_names#relative_resource_name) + // of the finding. Example: // "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", // "folders/{folder_id}/sources/{source_id}/findings/{finding_id}", // "projects/{project_id}/sources/{source_id}/findings/{finding_id}". @@ -1797,10 +1803,10 @@ message UpdateSecurityMarksRequest { google.protobuf.Timestamp start_time = 3; } -// Request message for creating a big query export. +// Request message for creating a BigQuery export. message CreateBigQueryExportRequest { - // Required. Resource name of the new big query export's parent. Its format is - // "organizations/[organization_id]", "folders/[folder_id]", or + // Required. The name of the parent resource of the new BigQuery export. Its + // format is "organizations/[organization_id]", "folders/[folder_id]", or // "projects/[project_id]". string parent = 1 [ (google.api.field_behavior) = REQUIRED, @@ -1809,7 +1815,7 @@ message CreateBigQueryExportRequest { } ]; - // Required. The big query export being created. + // Required. The BigQuery export being created. BigQueryExport big_query_export = 2 [(google.api.field_behavior) = REQUIRED]; // Required. Unique identifier provided by the client within the parent scope. @@ -1865,9 +1871,9 @@ message ListBigQueryExportsResponse { string next_page_token = 2; } -// Request message for deleting a big query export. +// Request message for deleting a BigQuery export. message DeleteBigQueryExportRequest { - // Required. Name of the big query export to delete. Its format is + // Required. The name of the BigQuery export to delete. Its format is // organizations/{organization}/bigQueryExports/{export_id}, // folders/{folder}/bigQueryExports/{export_id}, or // projects/{project}/bigQueryExports/{export_id} diff --git a/packages/google-cloud-securitycenter/protos/protos.d.ts b/packages/google-cloud-securitycenter/protos/protos.d.ts index f7220fdf13e..d9e0382ded3 100644 --- a/packages/google-cloud-securitycenter/protos/protos.d.ts +++ b/packages/google-cloud-securitycenter/protos/protos.d.ts @@ -2440,6 +2440,9 @@ export namespace google { /** Finding files */ files?: (google.cloud.securitycenter.v1.IFile[]|null); + + /** Finding kernelRootkit */ + kernelRootkit?: (google.cloud.securitycenter.v1.IKernelRootkit|null); } /** Represents a Finding. */ @@ -2553,6 +2556,9 @@ export namespace google { /** Finding files. */ public files: google.cloud.securitycenter.v1.IFile[]; + /** Finding kernelRootkit. */ + public kernelRootkit?: (google.cloud.securitycenter.v1.IKernelRootkit|null); + /** * Creates a new Finding instance using the specified properties. * @param [properties] Properties to set @@ -3320,6 +3326,151 @@ export namespace google { } } + /** Properties of a KernelRootkit. */ + interface IKernelRootkit { + + /** KernelRootkit name */ + name?: (string|null); + + /** KernelRootkit unexpectedCodeModification */ + unexpectedCodeModification?: (boolean|null); + + /** KernelRootkit unexpectedReadOnlyDataModification */ + unexpectedReadOnlyDataModification?: (boolean|null); + + /** KernelRootkit unexpectedFtraceHandler */ + unexpectedFtraceHandler?: (boolean|null); + + /** KernelRootkit unexpectedKprobeHandler */ + unexpectedKprobeHandler?: (boolean|null); + + /** KernelRootkit unexpectedKernelCodePages */ + unexpectedKernelCodePages?: (boolean|null); + + /** KernelRootkit unexpectedSystemCallHandler */ + unexpectedSystemCallHandler?: (boolean|null); + + /** KernelRootkit unexpectedInterruptHandler */ + unexpectedInterruptHandler?: (boolean|null); + + /** KernelRootkit unexpectedProcessesInRunqueue */ + unexpectedProcessesInRunqueue?: (boolean|null); + } + + /** Represents a KernelRootkit. */ + class KernelRootkit implements IKernelRootkit { + + /** + * Constructs a new KernelRootkit. + * @param [properties] Properties to set + */ + constructor(properties?: google.cloud.securitycenter.v1.IKernelRootkit); + + /** KernelRootkit name. */ + public name: string; + + /** KernelRootkit unexpectedCodeModification. */ + public unexpectedCodeModification: boolean; + + /** KernelRootkit unexpectedReadOnlyDataModification. */ + public unexpectedReadOnlyDataModification: boolean; + + /** KernelRootkit unexpectedFtraceHandler. */ + public unexpectedFtraceHandler: boolean; + + /** KernelRootkit unexpectedKprobeHandler. */ + public unexpectedKprobeHandler: boolean; + + /** KernelRootkit unexpectedKernelCodePages. */ + public unexpectedKernelCodePages: boolean; + + /** KernelRootkit unexpectedSystemCallHandler. */ + public unexpectedSystemCallHandler: boolean; + + /** KernelRootkit unexpectedInterruptHandler. */ + public unexpectedInterruptHandler: boolean; + + /** KernelRootkit unexpectedProcessesInRunqueue. */ + public unexpectedProcessesInRunqueue: boolean; + + /** + * Creates a new KernelRootkit instance using the specified properties. + * @param [properties] Properties to set + * @returns KernelRootkit instance + */ + public static create(properties?: google.cloud.securitycenter.v1.IKernelRootkit): google.cloud.securitycenter.v1.KernelRootkit; + + /** + * Encodes the specified KernelRootkit message. Does not implicitly {@link google.cloud.securitycenter.v1.KernelRootkit.verify|verify} messages. + * @param message KernelRootkit message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: google.cloud.securitycenter.v1.IKernelRootkit, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified KernelRootkit message, length delimited. Does not implicitly {@link google.cloud.securitycenter.v1.KernelRootkit.verify|verify} messages. + * @param message KernelRootkit message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: google.cloud.securitycenter.v1.IKernelRootkit, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes a KernelRootkit message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns KernelRootkit + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): google.cloud.securitycenter.v1.KernelRootkit; + + /** + * Decodes a KernelRootkit message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns KernelRootkit + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): google.cloud.securitycenter.v1.KernelRootkit; + + /** + * Verifies a KernelRootkit message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates a KernelRootkit message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns KernelRootkit + */ + public static fromObject(object: { [k: string]: any }): google.cloud.securitycenter.v1.KernelRootkit; + + /** + * Creates a plain object from a KernelRootkit message. Also converts values to other types if specified. + * @param message KernelRootkit + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: google.cloud.securitycenter.v1.KernelRootkit, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this KernelRootkit to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + + /** + * Gets the default type url for KernelRootkit + * @param [typeUrlPrefix] your custom typeUrlPrefix(default "type.googleapis.com") + * @returns The default type url + */ + public static getTypeUrl(typeUrlPrefix?: string): string; + } + /** Properties of a Kubernetes. */ interface IKubernetes { diff --git a/packages/google-cloud-securitycenter/protos/protos.js b/packages/google-cloud-securitycenter/protos/protos.js index f795d9fc918..8063d428e1d 100644 --- a/packages/google-cloud-securitycenter/protos/protos.js +++ b/packages/google-cloud-securitycenter/protos/protos.js @@ -5965,6 +5965,7 @@ * @property {google.cloud.securitycenter.v1.IKubernetes|null} [kubernetes] Finding kubernetes * @property {google.cloud.securitycenter.v1.IDatabase|null} [database] Finding database * @property {Array.|null} [files] Finding files + * @property {google.cloud.securitycenter.v1.IKernelRootkit|null} [kernelRootkit] Finding kernelRootkit */ /** @@ -6263,6 +6264,14 @@ */ Finding.prototype.files = $util.emptyArray; + /** + * Finding kernelRootkit. + * @member {google.cloud.securitycenter.v1.IKernelRootkit|null|undefined} kernelRootkit + * @memberof google.cloud.securitycenter.v1.Finding + * @instance + */ + Finding.prototype.kernelRootkit = null; + /** * Creates a new Finding instance using the specified properties. * @function create @@ -6370,6 +6379,8 @@ if (message.files != null && message.files.length) for (var i = 0; i < message.files.length; ++i) $root.google.cloud.securitycenter.v1.File.encode(message.files[i], writer.uint32(/* id 46, wireType 2 =*/370).fork()).ldelim(); + if (message.kernelRootkit != null && Object.hasOwnProperty.call(message, "kernelRootkit")) + $root.google.cloud.securitycenter.v1.KernelRootkit.encode(message.kernelRootkit, writer.uint32(/* id 50, wireType 2 =*/402).fork()).ldelim(); return writer; }; @@ -6609,6 +6620,10 @@ message.files.push($root.google.cloud.securitycenter.v1.File.decode(reader, reader.uint32())); break; } + case 50: { + message.kernelRootkit = $root.google.cloud.securitycenter.v1.KernelRootkit.decode(reader, reader.uint32()); + break; + } default: reader.skipType(tag & 7); break; @@ -6855,6 +6870,11 @@ return "files." + error; } } + if (message.kernelRootkit != null && message.hasOwnProperty("kernelRootkit")) { + var error = $root.google.cloud.securitycenter.v1.KernelRootkit.verify(message.kernelRootkit); + if (error) + return "kernelRootkit." + error; + } return null; }; @@ -7139,6 +7159,11 @@ message.files[i] = $root.google.cloud.securitycenter.v1.File.fromObject(object.files[i]); } } + if (object.kernelRootkit != null) { + if (typeof object.kernelRootkit !== "object") + throw TypeError(".google.cloud.securitycenter.v1.Finding.kernelRootkit: object expected"); + message.kernelRootkit = $root.google.cloud.securitycenter.v1.KernelRootkit.fromObject(object.kernelRootkit); + } return message; }; @@ -7194,6 +7219,7 @@ object.nextSteps = ""; object.kubernetes = null; object.database = null; + object.kernelRootkit = null; } if (message.name != null && message.hasOwnProperty("name")) object.name = message.name; @@ -7291,6 +7317,8 @@ for (var j = 0; j < message.files.length; ++j) object.files[j] = $root.google.cloud.securitycenter.v1.File.toObject(message.files[j], options); } + if (message.kernelRootkit != null && message.hasOwnProperty("kernelRootkit")) + object.kernelRootkit = $root.google.cloud.securitycenter.v1.KernelRootkit.toObject(message.kernelRootkit, options); return object; }; @@ -8971,6 +8999,394 @@ return Indicator; })(); + v1.KernelRootkit = (function() { + + /** + * Properties of a KernelRootkit. + * @memberof google.cloud.securitycenter.v1 + * @interface IKernelRootkit + * @property {string|null} [name] KernelRootkit name + * @property {boolean|null} [unexpectedCodeModification] KernelRootkit unexpectedCodeModification + * @property {boolean|null} [unexpectedReadOnlyDataModification] KernelRootkit unexpectedReadOnlyDataModification + * @property {boolean|null} [unexpectedFtraceHandler] KernelRootkit unexpectedFtraceHandler + * @property {boolean|null} [unexpectedKprobeHandler] KernelRootkit unexpectedKprobeHandler + * @property {boolean|null} [unexpectedKernelCodePages] KernelRootkit unexpectedKernelCodePages + * @property {boolean|null} [unexpectedSystemCallHandler] KernelRootkit unexpectedSystemCallHandler + * @property {boolean|null} [unexpectedInterruptHandler] KernelRootkit unexpectedInterruptHandler + * @property {boolean|null} [unexpectedProcessesInRunqueue] KernelRootkit unexpectedProcessesInRunqueue + */ + + /** + * Constructs a new KernelRootkit. + * @memberof google.cloud.securitycenter.v1 + * @classdesc Represents a KernelRootkit. + * @implements IKernelRootkit + * @constructor + * @param {google.cloud.securitycenter.v1.IKernelRootkit=} [properties] Properties to set + */ + function KernelRootkit(properties) { + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * KernelRootkit name. + * @member {string} name + * @memberof google.cloud.securitycenter.v1.KernelRootkit + * @instance + */ + KernelRootkit.prototype.name = ""; + + /** + * KernelRootkit unexpectedCodeModification. + * @member {boolean} unexpectedCodeModification + * @memberof google.cloud.securitycenter.v1.KernelRootkit + * @instance + */ + KernelRootkit.prototype.unexpectedCodeModification = false; + + /** + * KernelRootkit unexpectedReadOnlyDataModification. + * @member {boolean} unexpectedReadOnlyDataModification + * @memberof google.cloud.securitycenter.v1.KernelRootkit + * @instance + */ + KernelRootkit.prototype.unexpectedReadOnlyDataModification = false; + + /** + * KernelRootkit unexpectedFtraceHandler. + * @member {boolean} unexpectedFtraceHandler + * @memberof google.cloud.securitycenter.v1.KernelRootkit + * @instance + */ + KernelRootkit.prototype.unexpectedFtraceHandler = false; + + /** + * KernelRootkit unexpectedKprobeHandler. + * @member {boolean} unexpectedKprobeHandler + * @memberof google.cloud.securitycenter.v1.KernelRootkit + * @instance + */ + KernelRootkit.prototype.unexpectedKprobeHandler = false; + + /** + * KernelRootkit unexpectedKernelCodePages. + * @member {boolean} unexpectedKernelCodePages + * @memberof google.cloud.securitycenter.v1.KernelRootkit + * @instance + */ + KernelRootkit.prototype.unexpectedKernelCodePages = false; + + /** + * KernelRootkit unexpectedSystemCallHandler. + * @member {boolean} unexpectedSystemCallHandler + * @memberof google.cloud.securitycenter.v1.KernelRootkit + * @instance + */ + KernelRootkit.prototype.unexpectedSystemCallHandler = false; + + /** + * KernelRootkit unexpectedInterruptHandler. + * @member {boolean} unexpectedInterruptHandler + * @memberof google.cloud.securitycenter.v1.KernelRootkit + * @instance + */ + KernelRootkit.prototype.unexpectedInterruptHandler = false; + + /** + * KernelRootkit unexpectedProcessesInRunqueue. + * @member {boolean} unexpectedProcessesInRunqueue + * @memberof google.cloud.securitycenter.v1.KernelRootkit + * @instance + */ + KernelRootkit.prototype.unexpectedProcessesInRunqueue = false; + + /** + * Creates a new KernelRootkit instance using the specified properties. + * @function create + * @memberof google.cloud.securitycenter.v1.KernelRootkit + * @static + * @param {google.cloud.securitycenter.v1.IKernelRootkit=} [properties] Properties to set + * @returns {google.cloud.securitycenter.v1.KernelRootkit} KernelRootkit instance + */ + KernelRootkit.create = function create(properties) { + return new KernelRootkit(properties); + }; + + /** + * Encodes the specified KernelRootkit message. Does not implicitly {@link google.cloud.securitycenter.v1.KernelRootkit.verify|verify} messages. + * @function encode + * @memberof google.cloud.securitycenter.v1.KernelRootkit + * @static + * @param {google.cloud.securitycenter.v1.IKernelRootkit} message KernelRootkit message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + KernelRootkit.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.name != null && Object.hasOwnProperty.call(message, "name")) + writer.uint32(/* id 1, wireType 2 =*/10).string(message.name); + if (message.unexpectedCodeModification != null && Object.hasOwnProperty.call(message, "unexpectedCodeModification")) + writer.uint32(/* id 2, wireType 0 =*/16).bool(message.unexpectedCodeModification); + if (message.unexpectedReadOnlyDataModification != null && Object.hasOwnProperty.call(message, "unexpectedReadOnlyDataModification")) + writer.uint32(/* id 3, wireType 0 =*/24).bool(message.unexpectedReadOnlyDataModification); + if (message.unexpectedFtraceHandler != null && Object.hasOwnProperty.call(message, "unexpectedFtraceHandler")) + writer.uint32(/* id 4, wireType 0 =*/32).bool(message.unexpectedFtraceHandler); + if (message.unexpectedKprobeHandler != null && Object.hasOwnProperty.call(message, "unexpectedKprobeHandler")) + writer.uint32(/* id 5, wireType 0 =*/40).bool(message.unexpectedKprobeHandler); + if (message.unexpectedKernelCodePages != null && Object.hasOwnProperty.call(message, "unexpectedKernelCodePages")) + writer.uint32(/* id 6, wireType 0 =*/48).bool(message.unexpectedKernelCodePages); + if (message.unexpectedSystemCallHandler != null && Object.hasOwnProperty.call(message, "unexpectedSystemCallHandler")) + writer.uint32(/* id 7, wireType 0 =*/56).bool(message.unexpectedSystemCallHandler); + if (message.unexpectedInterruptHandler != null && Object.hasOwnProperty.call(message, "unexpectedInterruptHandler")) + writer.uint32(/* id 8, wireType 0 =*/64).bool(message.unexpectedInterruptHandler); + if (message.unexpectedProcessesInRunqueue != null && Object.hasOwnProperty.call(message, "unexpectedProcessesInRunqueue")) + writer.uint32(/* id 9, wireType 0 =*/72).bool(message.unexpectedProcessesInRunqueue); + return writer; + }; + + /** + * Encodes the specified KernelRootkit message, length delimited. Does not implicitly {@link google.cloud.securitycenter.v1.KernelRootkit.verify|verify} messages. + * @function encodeDelimited + * @memberof google.cloud.securitycenter.v1.KernelRootkit + * @static + * @param {google.cloud.securitycenter.v1.IKernelRootkit} message KernelRootkit message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + KernelRootkit.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes a KernelRootkit message from the specified reader or buffer. + * @function decode + * @memberof google.cloud.securitycenter.v1.KernelRootkit + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {google.cloud.securitycenter.v1.KernelRootkit} KernelRootkit + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + KernelRootkit.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.google.cloud.securitycenter.v1.KernelRootkit(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: { + message.name = reader.string(); + break; + } + case 2: { + message.unexpectedCodeModification = reader.bool(); + break; + } + case 3: { + message.unexpectedReadOnlyDataModification = reader.bool(); + break; + } + case 4: { + message.unexpectedFtraceHandler = reader.bool(); + break; + } + case 5: { + message.unexpectedKprobeHandler = reader.bool(); + break; + } + case 6: { + message.unexpectedKernelCodePages = reader.bool(); + break; + } + case 7: { + message.unexpectedSystemCallHandler = reader.bool(); + break; + } + case 8: { + message.unexpectedInterruptHandler = reader.bool(); + break; + } + case 9: { + message.unexpectedProcessesInRunqueue = reader.bool(); + break; + } + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes a KernelRootkit message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof google.cloud.securitycenter.v1.KernelRootkit + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {google.cloud.securitycenter.v1.KernelRootkit} KernelRootkit + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + KernelRootkit.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies a KernelRootkit message. + * @function verify + * @memberof google.cloud.securitycenter.v1.KernelRootkit + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + KernelRootkit.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.name != null && message.hasOwnProperty("name")) + if (!$util.isString(message.name)) + return "name: string expected"; + if (message.unexpectedCodeModification != null && message.hasOwnProperty("unexpectedCodeModification")) + if (typeof message.unexpectedCodeModification !== "boolean") + return "unexpectedCodeModification: boolean expected"; + if (message.unexpectedReadOnlyDataModification != null && message.hasOwnProperty("unexpectedReadOnlyDataModification")) + if (typeof message.unexpectedReadOnlyDataModification !== "boolean") + return "unexpectedReadOnlyDataModification: boolean expected"; + if (message.unexpectedFtraceHandler != null && message.hasOwnProperty("unexpectedFtraceHandler")) + if (typeof message.unexpectedFtraceHandler !== "boolean") + return "unexpectedFtraceHandler: boolean expected"; + if (message.unexpectedKprobeHandler != null && message.hasOwnProperty("unexpectedKprobeHandler")) + if (typeof message.unexpectedKprobeHandler !== "boolean") + return "unexpectedKprobeHandler: boolean expected"; + if (message.unexpectedKernelCodePages != null && message.hasOwnProperty("unexpectedKernelCodePages")) + if (typeof message.unexpectedKernelCodePages !== "boolean") + return "unexpectedKernelCodePages: boolean expected"; + if (message.unexpectedSystemCallHandler != null && message.hasOwnProperty("unexpectedSystemCallHandler")) + if (typeof message.unexpectedSystemCallHandler !== "boolean") + return "unexpectedSystemCallHandler: boolean expected"; + if (message.unexpectedInterruptHandler != null && message.hasOwnProperty("unexpectedInterruptHandler")) + if (typeof message.unexpectedInterruptHandler !== "boolean") + return "unexpectedInterruptHandler: boolean expected"; + if (message.unexpectedProcessesInRunqueue != null && message.hasOwnProperty("unexpectedProcessesInRunqueue")) + if (typeof message.unexpectedProcessesInRunqueue !== "boolean") + return "unexpectedProcessesInRunqueue: boolean expected"; + return null; + }; + + /** + * Creates a KernelRootkit message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof google.cloud.securitycenter.v1.KernelRootkit + * @static + * @param {Object.} object Plain object + * @returns {google.cloud.securitycenter.v1.KernelRootkit} KernelRootkit + */ + KernelRootkit.fromObject = function fromObject(object) { + if (object instanceof $root.google.cloud.securitycenter.v1.KernelRootkit) + return object; + var message = new $root.google.cloud.securitycenter.v1.KernelRootkit(); + if (object.name != null) + message.name = String(object.name); + if (object.unexpectedCodeModification != null) + message.unexpectedCodeModification = Boolean(object.unexpectedCodeModification); + if (object.unexpectedReadOnlyDataModification != null) + message.unexpectedReadOnlyDataModification = Boolean(object.unexpectedReadOnlyDataModification); + if (object.unexpectedFtraceHandler != null) + message.unexpectedFtraceHandler = Boolean(object.unexpectedFtraceHandler); + if (object.unexpectedKprobeHandler != null) + message.unexpectedKprobeHandler = Boolean(object.unexpectedKprobeHandler); + if (object.unexpectedKernelCodePages != null) + message.unexpectedKernelCodePages = Boolean(object.unexpectedKernelCodePages); + if (object.unexpectedSystemCallHandler != null) + message.unexpectedSystemCallHandler = Boolean(object.unexpectedSystemCallHandler); + if (object.unexpectedInterruptHandler != null) + message.unexpectedInterruptHandler = Boolean(object.unexpectedInterruptHandler); + if (object.unexpectedProcessesInRunqueue != null) + message.unexpectedProcessesInRunqueue = Boolean(object.unexpectedProcessesInRunqueue); + return message; + }; + + /** + * Creates a plain object from a KernelRootkit message. Also converts values to other types if specified. + * @function toObject + * @memberof google.cloud.securitycenter.v1.KernelRootkit + * @static + * @param {google.cloud.securitycenter.v1.KernelRootkit} message KernelRootkit + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + KernelRootkit.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.defaults) { + object.name = ""; + object.unexpectedCodeModification = false; + object.unexpectedReadOnlyDataModification = false; + object.unexpectedFtraceHandler = false; + object.unexpectedKprobeHandler = false; + object.unexpectedKernelCodePages = false; + object.unexpectedSystemCallHandler = false; + object.unexpectedInterruptHandler = false; + object.unexpectedProcessesInRunqueue = false; + } + if (message.name != null && message.hasOwnProperty("name")) + object.name = message.name; + if (message.unexpectedCodeModification != null && message.hasOwnProperty("unexpectedCodeModification")) + object.unexpectedCodeModification = message.unexpectedCodeModification; + if (message.unexpectedReadOnlyDataModification != null && message.hasOwnProperty("unexpectedReadOnlyDataModification")) + object.unexpectedReadOnlyDataModification = message.unexpectedReadOnlyDataModification; + if (message.unexpectedFtraceHandler != null && message.hasOwnProperty("unexpectedFtraceHandler")) + object.unexpectedFtraceHandler = message.unexpectedFtraceHandler; + if (message.unexpectedKprobeHandler != null && message.hasOwnProperty("unexpectedKprobeHandler")) + object.unexpectedKprobeHandler = message.unexpectedKprobeHandler; + if (message.unexpectedKernelCodePages != null && message.hasOwnProperty("unexpectedKernelCodePages")) + object.unexpectedKernelCodePages = message.unexpectedKernelCodePages; + if (message.unexpectedSystemCallHandler != null && message.hasOwnProperty("unexpectedSystemCallHandler")) + object.unexpectedSystemCallHandler = message.unexpectedSystemCallHandler; + if (message.unexpectedInterruptHandler != null && message.hasOwnProperty("unexpectedInterruptHandler")) + object.unexpectedInterruptHandler = message.unexpectedInterruptHandler; + if (message.unexpectedProcessesInRunqueue != null && message.hasOwnProperty("unexpectedProcessesInRunqueue")) + object.unexpectedProcessesInRunqueue = message.unexpectedProcessesInRunqueue; + return object; + }; + + /** + * Converts this KernelRootkit to JSON. + * @function toJSON + * @memberof google.cloud.securitycenter.v1.KernelRootkit + * @instance + * @returns {Object.} JSON object + */ + KernelRootkit.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + /** + * Gets the default type url for KernelRootkit + * @function getTypeUrl + * @memberof google.cloud.securitycenter.v1.KernelRootkit + * @static + * @param {string} [typeUrlPrefix] your custom typeUrlPrefix(default "type.googleapis.com") + * @returns {string} The default type url + */ + KernelRootkit.getTypeUrl = function getTypeUrl(typeUrlPrefix) { + if (typeUrlPrefix === undefined) { + typeUrlPrefix = "type.googleapis.com"; + } + return typeUrlPrefix + "/google.cloud.securitycenter.v1.KernelRootkit"; + }; + + return KernelRootkit; + })(); + v1.Kubernetes = (function() { /** diff --git a/packages/google-cloud-securitycenter/protos/protos.json b/packages/google-cloud-securitycenter/protos/protos.json index 57619a9a87e..b417be7a31d 100644 --- a/packages/google-cloud-securitycenter/protos/protos.json +++ b/packages/google-cloud-securitycenter/protos/protos.json @@ -635,6 +635,10 @@ "rule": "repeated", "type": "File", "id": 46 + }, + "kernelRootkit": { + "type": "KernelRootkit", + "id": 50 } }, "nested": { @@ -782,6 +786,46 @@ } } }, + "KernelRootkit": { + "fields": { + "name": { + "type": "string", + "id": 1 + }, + "unexpectedCodeModification": { + "type": "bool", + "id": 2 + }, + "unexpectedReadOnlyDataModification": { + "type": "bool", + "id": 3 + }, + "unexpectedFtraceHandler": { + "type": "bool", + "id": 4 + }, + "unexpectedKprobeHandler": { + "type": "bool", + "id": 5 + }, + "unexpectedKernelCodePages": { + "type": "bool", + "id": 6 + }, + "unexpectedSystemCallHandler": { + "type": "bool", + "id": 7 + }, + "unexpectedInterruptHandler": { + "type": "bool", + "id": 8 + }, + "unexpectedProcessesInRunqueue": { + "type": "bool", + "id": 9 + } + } + }, "Kubernetes": { "fields": { "pods": { diff --git a/packages/google-cloud-securitycenter/samples/generated/v1/security_center.create_big_query_export.js b/packages/google-cloud-securitycenter/samples/generated/v1/security_center.create_big_query_export.js index e87ad301e7e..79672acf33e 100644 --- a/packages/google-cloud-securitycenter/samples/generated/v1/security_center.create_big_query_export.js +++ b/packages/google-cloud-securitycenter/samples/generated/v1/security_center.create_big_query_export.js @@ -29,13 +29,13 @@ function main(parent, bigQueryExport, bigQueryExportId) { * TODO(developer): Uncomment these variables before running the sample. */ /** - * Required. Resource name of the new big query export's parent. Its format is - * "organizations/[organization_id]", "folders/[folder_id]", or + * Required. The name of the parent resource of the new BigQuery export. Its + * format is "organizations/[organization_id]", "folders/[folder_id]", or * "projects/[project_id]". */ // const parent = 'abc123' /** - * Required. The big query export being created. + * Required. The BigQuery export being created. */ // const bigQueryExport = {} /** diff --git a/packages/google-cloud-securitycenter/samples/generated/v1/security_center.create_notification_config.js b/packages/google-cloud-securitycenter/samples/generated/v1/security_center.create_notification_config.js index 18d45fca008..913017677f9 100644 --- a/packages/google-cloud-securitycenter/samples/generated/v1/security_center.create_notification_config.js +++ b/packages/google-cloud-securitycenter/samples/generated/v1/security_center.create_notification_config.js @@ -37,8 +37,8 @@ function main(parent, configId, notificationConfig) { /** * Required. * Unique identifier provided by the client within the parent scope. - * It must be between 1 and 128 characters, and contains alphanumeric - * characters, underscores or hyphens only. + * It must be between 1 and 128 characters and contain alphanumeric + * characters, underscores, or hyphens only. */ // const configId = 'abc123' /** diff --git a/packages/google-cloud-securitycenter/samples/generated/v1/security_center.delete_big_query_export.js b/packages/google-cloud-securitycenter/samples/generated/v1/security_center.delete_big_query_export.js index 1e94fcdd11e..33e360839f4 100644 --- a/packages/google-cloud-securitycenter/samples/generated/v1/security_center.delete_big_query_export.js +++ b/packages/google-cloud-securitycenter/samples/generated/v1/security_center.delete_big_query_export.js @@ -29,7 +29,7 @@ function main(name) { * TODO(developer): Uncomment these variables before running the sample. */ /** - * Required. Name of the big query export to delete. Its format is + * Required. The name of the BigQuery export to delete. Its format is * organizations/{organization}/bigQueryExports/{export_id}, * folders/{folder}/bigQueryExports/{export_id}, or * projects/{project}/bigQueryExports/{export_id} diff --git a/packages/google-cloud-securitycenter/samples/generated/v1/security_center.delete_notification_config.js b/packages/google-cloud-securitycenter/samples/generated/v1/security_center.delete_notification_config.js index bc7dc2422be..a483fc4a34f 100644 --- a/packages/google-cloud-securitycenter/samples/generated/v1/security_center.delete_notification_config.js +++ b/packages/google-cloud-securitycenter/samples/generated/v1/security_center.delete_notification_config.js @@ -30,7 +30,9 @@ function main(name) { */ /** * Required. Name of the notification config to delete. Its format is - * "organizations/[organization_id]/notificationConfigs/[config_id]". + * "organizations/[organization_id]/notificationConfigs/[config_id]", + * "folders/[folder_id]/notificationConfigs/[config_id]", + * or "projects/[project_id]/notificationConfigs/[config_id]". */ // const name = 'abc123' diff --git a/packages/google-cloud-securitycenter/samples/generated/v1/security_center.get_big_query_export.js b/packages/google-cloud-securitycenter/samples/generated/v1/security_center.get_big_query_export.js index 0040054cd65..0d4c606cc7c 100644 --- a/packages/google-cloud-securitycenter/samples/generated/v1/security_center.get_big_query_export.js +++ b/packages/google-cloud-securitycenter/samples/generated/v1/security_center.get_big_query_export.js @@ -29,7 +29,7 @@ function main(name) { * TODO(developer): Uncomment these variables before running the sample. */ /** - * Required. Name of the big query export to retrieve. Its format is + * Required. Name of the BigQuery export to retrieve. Its format is * organizations/{organization}/bigQueryExports/{export_id}, * folders/{folder}/bigQueryExports/{export_id}, or * projects/{project}/bigQueryExports/{export_id} diff --git a/packages/google-cloud-securitycenter/samples/generated/v1/security_center.get_notification_config.js b/packages/google-cloud-securitycenter/samples/generated/v1/security_center.get_notification_config.js index 16b1cb7ca4b..41de1f119e4 100644 --- a/packages/google-cloud-securitycenter/samples/generated/v1/security_center.get_notification_config.js +++ b/packages/google-cloud-securitycenter/samples/generated/v1/security_center.get_notification_config.js @@ -30,7 +30,9 @@ function main(name) { */ /** * Required. Name of the notification config to get. Its format is - * "organizations/[organization_id]/notificationConfigs/[config_id]". + * "organizations/[organization_id]/notificationConfigs/[config_id]", + * "folders/[folder_id]/notificationConfigs/[config_id]", + * or "projects/[project_id]/notificationConfigs/[config_id]". */ // const name = 'abc123' diff --git a/packages/google-cloud-securitycenter/samples/generated/v1/security_center.group_assets.js b/packages/google-cloud-securitycenter/samples/generated/v1/security_center.group_assets.js index 8f7c8de7912..92a8aafc268 100644 --- a/packages/google-cloud-securitycenter/samples/generated/v1/security_center.group_assets.js +++ b/packages/google-cloud-securitycenter/samples/generated/v1/security_center.group_assets.js @@ -29,7 +29,7 @@ function main(parent, groupBy) { * TODO(developer): Uncomment these variables before running the sample. */ /** - * Required. Name of the organization to groupBy. Its format is + * Required. The name of the parent to group the assets by. Its format is * "organizations/[organization_id], folders/[folder_id], or * projects/[project_id]". */ diff --git a/packages/google-cloud-securitycenter/samples/generated/v1/security_center.list_assets.js b/packages/google-cloud-securitycenter/samples/generated/v1/security_center.list_assets.js index 8544695560c..5fa5ac7f6cc 100644 --- a/packages/google-cloud-securitycenter/samples/generated/v1/security_center.list_assets.js +++ b/packages/google-cloud-securitycenter/samples/generated/v1/security_center.list_assets.js @@ -29,8 +29,8 @@ function main(parent) { * TODO(developer): Uncomment these variables before running the sample. */ /** - * Required. Name of the organization assets should belong to. Its format is - * "organizations/[organization_id], folders/[folder_id], or + * Required. The name of the parent that the listed assets belong to. Its + * format is "organizations/[organization_id], folders/[folder_id], or * projects/[project_id]". */ // const parent = 'abc123' diff --git a/packages/google-cloud-securitycenter/samples/generated/v1/security_center.list_notification_configs.js b/packages/google-cloud-securitycenter/samples/generated/v1/security_center.list_notification_configs.js index b30022943ff..a239fd4a3c7 100644 --- a/packages/google-cloud-securitycenter/samples/generated/v1/security_center.list_notification_configs.js +++ b/packages/google-cloud-securitycenter/samples/generated/v1/security_center.list_notification_configs.js @@ -29,9 +29,9 @@ function main(parent) { * TODO(developer): Uncomment these variables before running the sample. */ /** - * Required. Name of the organization to list notification configs. Its format - * is "organizations/[organization_id]", "folders/[folder_id]", or - * "projects/[project_id]". + * Required. The name of the parent in which to list the notification + * configurations. Its format is "organizations/[organization_id]", + * "folders/[folder_id]", or "projects/[project_id]". */ // const parent = 'abc123' /** diff --git a/packages/google-cloud-securitycenter/samples/generated/v1/security_center.set_finding_state.js b/packages/google-cloud-securitycenter/samples/generated/v1/security_center.set_finding_state.js index d2af87fcf92..4ddd5b852a6 100644 --- a/packages/google-cloud-securitycenter/samples/generated/v1/security_center.set_finding_state.js +++ b/packages/google-cloud-securitycenter/samples/generated/v1/security_center.set_finding_state.js @@ -29,10 +29,12 @@ function main(name, state, startTime) { * TODO(developer): Uncomment these variables before running the sample. */ /** - * Required. The relative resource name of the finding. See: - * https://cloud.google.com/apis/design/resource_names#relative_resource_name - * Example: - * "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}". + * Required. The relative resource + * name (https://cloud.google.com/apis/design/resource_names#relative_resource_name) + * of the finding. Example: + * "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", + * "folders/{folder_id}/sources/{source_id}/findings/{finding_id}", + * "projects/{project_id}/sources/{source_id}/findings/{finding_id}". */ // const name = 'abc123' /** diff --git a/packages/google-cloud-securitycenter/samples/generated/v1/security_center.set_mute.js b/packages/google-cloud-securitycenter/samples/generated/v1/security_center.set_mute.js index 617c0622993..e558d0ee3aa 100644 --- a/packages/google-cloud-securitycenter/samples/generated/v1/security_center.set_mute.js +++ b/packages/google-cloud-securitycenter/samples/generated/v1/security_center.set_mute.js @@ -29,9 +29,9 @@ function main(name, mute) { * TODO(developer): Uncomment these variables before running the sample. */ /** - * Required. The relative resource name of the finding. See: - * https://cloud.google.com/apis/design/resource_names#relative_resource_name - * Example: + * Required. The relative resource + * name (https://cloud.google.com/apis/design/resource_names#relative_resource_name) + * of the finding. Example: * "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", * "folders/{folder_id}/sources/{source_id}/findings/{finding_id}", * "projects/{project_id}/sources/{source_id}/findings/{finding_id}". diff --git a/packages/google-cloud-securitycenter/samples/generated/v1/snippet_metadata.google.cloud.securitycenter.v1.json b/packages/google-cloud-securitycenter/samples/generated/v1/snippet_metadata.google.cloud.securitycenter.v1.json index 3a94855f5e2..8b88d9c1fe4 100644 --- a/packages/google-cloud-securitycenter/samples/generated/v1/snippet_metadata.google.cloud.securitycenter.v1.json +++ b/packages/google-cloud-securitycenter/samples/generated/v1/snippet_metadata.google.cloud.securitycenter.v1.json @@ -298,7 +298,7 @@ "segments": [ { "start": 25, - "end": 54, + "end": 56, "type": "FULL" } ], @@ -331,7 +331,7 @@ "regionTag": "securitycenter_v1_generated_SecurityCenter_GetBigQueryExport_async", "title": "SecurityCenter getBigQueryExport Sample", "origin": "API_DEFINITION", - "description": " Gets a big query export.", + "description": " Gets a BigQuery export.", "canonical": true, "file": "security_center.get_big_query_export.js", "language": "JAVASCRIPT", @@ -462,7 +462,7 @@ "segments": [ { "start": 25, - "end": 54, + "end": 56, "type": "FULL" } ], @@ -1030,7 +1030,7 @@ "segments": [ { "start": 25, - "end": 66, + "end": 68, "type": "FULL" } ], @@ -1519,7 +1519,7 @@ "regionTag": "securitycenter_v1_generated_SecurityCenter_CreateBigQueryExport_async", "title": "SecurityCenter createBigQueryExport Sample", "origin": "API_DEFINITION", - "description": " Creates a big query export.", + "description": " Creates a BigQuery export.", "canonical": true, "file": "security_center.create_big_query_export.js", "language": "JAVASCRIPT", @@ -1567,7 +1567,7 @@ "regionTag": "securitycenter_v1_generated_SecurityCenter_DeleteBigQueryExport_async", "title": "SecurityCenter deleteBigQueryExport Sample", "origin": "API_DEFINITION", - "description": " Deletes an existing big query export.", + "description": " Deletes an existing BigQuery export.", "canonical": true, "file": "security_center.delete_big_query_export.js", "language": "JAVASCRIPT", diff --git a/packages/google-cloud-securitycenter/src/v1/security_center_client.ts b/packages/google-cloud-securitycenter/src/v1/security_center_client.ts index 9246d4a8dc4..51e61cd0be3 100644 --- a/packages/google-cloud-securitycenter/src/v1/security_center_client.ts +++ b/packages/google-cloud-securitycenter/src/v1/security_center_client.ts @@ -123,6 +123,9 @@ export class SecurityCenterClient { (typeof window !== 'undefined' && typeof window?.fetch === 'function'); opts = Object.assign({servicePath, port, clientConfig, fallback}, opts); + // Request numeric enum values if REST transport is used. + opts.numericEnums = true; + // If scopes are unset in options and we're connecting to a non-default endpoint, set scopes just in case. if (servicePath !== staticMembers.servicePath && !('scopes' in opts)) { opts['scopes'] = staticMembers.scopes; @@ -864,8 +867,8 @@ export class SecurityCenterClient { * @param {string} request.configId * Required. * Unique identifier provided by the client within the parent scope. - * It must be between 1 and 128 characters, and contains alphanumeric - * characters, underscores or hyphens only. + * It must be between 1 and 128 characters and contain alphanumeric + * characters, underscores, or hyphens only. * @param {google.cloud.securitycenter.v1.NotificationConfig} request.notificationConfig * Required. The notification config being created. The name and the service * account will be ignored as they are both output only fields on this @@ -1071,7 +1074,9 @@ export class SecurityCenterClient { * The request object that will be sent. * @param {string} request.name * Required. Name of the notification config to delete. Its format is - * "organizations/[organization_id]/notificationConfigs/[config_id]". + * "organizations/[organization_id]/notificationConfigs/[config_id]", + * "folders/[folder_id]/notificationConfigs/[config_id]", + * or "projects/[project_id]/notificationConfigs/[config_id]". * @param {object} [options] * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. * @returns {Promise} - The promise which resolves to an array. @@ -1167,12 +1172,12 @@ export class SecurityCenterClient { ); } /** - * Gets a big query export. + * Gets a BigQuery export. * * @param {Object} request * The request object that will be sent. * @param {string} request.name - * Required. Name of the big query export to retrieve. Its format is + * Required. Name of the BigQuery export to retrieve. Its format is * organizations/{organization}/bigQueryExports/{export_id}, * folders/{folder}/bigQueryExports/{export_id}, or * projects/{project}/bigQueryExports/{export_id} @@ -1454,7 +1459,9 @@ export class SecurityCenterClient { * The request object that will be sent. * @param {string} request.name * Required. Name of the notification config to get. Its format is - * "organizations/[organization_id]/notificationConfigs/[config_id]". + * "organizations/[organization_id]/notificationConfigs/[config_id]", + * "folders/[folder_id]/notificationConfigs/[config_id]", + * or "projects/[project_id]/notificationConfigs/[config_id]". * @param {object} [options] * Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details. * @returns {Promise} - The promise which resolves to an array. @@ -1745,10 +1752,12 @@ export class SecurityCenterClient { * @param {Object} request * The request object that will be sent. * @param {string} request.name - * Required. The relative resource name of the finding. See: - * https://cloud.google.com/apis/design/resource_names#relative_resource_name - * Example: - * "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}". + * Required. The [relative resource + * name](https://cloud.google.com/apis/design/resource_names#relative_resource_name) + * of the finding. Example: + * "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", + * "folders/{folder_id}/sources/{source_id}/findings/{finding_id}", + * "projects/{project_id}/sources/{source_id}/findings/{finding_id}". * @param {google.cloud.securitycenter.v1.Finding.State} request.state * Required. The desired State of the finding. * @param {google.protobuf.Timestamp} request.startTime @@ -1843,9 +1852,9 @@ export class SecurityCenterClient { * @param {Object} request * The request object that will be sent. * @param {string} request.name - * Required. The relative resource name of the finding. See: - * https://cloud.google.com/apis/design/resource_names#relative_resource_name - * Example: + * Required. The [relative resource + * name](https://cloud.google.com/apis/design/resource_names#relative_resource_name) + * of the finding. Example: * "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", * "folders/{folder_id}/sources/{source_id}/findings/{finding_id}", * "projects/{project_id}/sources/{source_id}/findings/{finding_id}". @@ -2835,16 +2844,16 @@ export class SecurityCenterClient { return this.innerApiCalls.updateSecurityMarks(request, options, callback); } /** - * Creates a big query export. + * Creates a BigQuery export. * * @param {Object} request * The request object that will be sent. * @param {string} request.parent - * Required. Resource name of the new big query export's parent. Its format is - * "organizations/[organization_id]", "folders/[folder_id]", or + * Required. The name of the parent resource of the new BigQuery export. Its + * format is "organizations/[organization_id]", "folders/[folder_id]", or * "projects/[project_id]". * @param {google.cloud.securitycenter.v1.BigQueryExport} request.bigQueryExport - * Required. The big query export being created. + * Required. The BigQuery export being created. * @param {string} request.bigQueryExportId * Required. Unique identifier provided by the client within the parent scope. * It must consist of lower case letters, numbers, and hyphen, with the first @@ -2941,12 +2950,12 @@ export class SecurityCenterClient { return this.innerApiCalls.createBigQueryExport(request, options, callback); } /** - * Deletes an existing big query export. + * Deletes an existing BigQuery export. * * @param {Object} request * The request object that will be sent. * @param {string} request.name - * Required. Name of the big query export to delete. Its format is + * Required. The name of the BigQuery export to delete. Its format is * organizations/{organization}/bigQueryExports/{export_id}, * folders/{folder}/bigQueryExports/{export_id}, or * projects/{project}/bigQueryExports/{export_id} @@ -3458,7 +3467,7 @@ export class SecurityCenterClient { * @param {Object} request * The request object that will be sent. * @param {string} request.parent - * Required. Name of the organization to groupBy. Its format is + * Required. The name of the parent to group the assets by. Its format is * "organizations/[organization_id], folders/[folder_id], or * projects/[project_id]". * @param {string} request.filter @@ -3676,7 +3685,7 @@ export class SecurityCenterClient { * @param {Object} request * The request object that will be sent. * @param {string} request.parent - * Required. Name of the organization to groupBy. Its format is + * Required. The name of the parent to group the assets by. Its format is * "organizations/[organization_id], folders/[folder_id], or * projects/[project_id]". * @param {string} request.filter @@ -3842,7 +3851,7 @@ export class SecurityCenterClient { * @param {Object} request * The request object that will be sent. * @param {string} request.parent - * Required. Name of the organization to groupBy. Its format is + * Required. The name of the parent to group the assets by. Its format is * "organizations/[organization_id], folders/[folder_id], or * projects/[project_id]". * @param {string} request.filter @@ -4571,8 +4580,8 @@ export class SecurityCenterClient { * @param {Object} request * The request object that will be sent. * @param {string} request.parent - * Required. Name of the organization assets should belong to. Its format is - * "organizations/[organization_id], folders/[folder_id], or + * Required. The name of the parent that the listed assets belong to. Its + * format is "organizations/[organization_id], folders/[folder_id], or * projects/[project_id]". * @param {string} request.filter * Expression that defines the filter to apply across assets. @@ -4793,8 +4802,8 @@ export class SecurityCenterClient { * @param {Object} request * The request object that will be sent. * @param {string} request.parent - * Required. Name of the organization assets should belong to. Its format is - * "organizations/[organization_id], folders/[folder_id], or + * Required. The name of the parent that the listed assets belong to. Its + * format is "organizations/[organization_id], folders/[folder_id], or * projects/[project_id]". * @param {string} request.filter * Expression that defines the filter to apply across assets. @@ -4963,8 +4972,8 @@ export class SecurityCenterClient { * @param {Object} request * The request object that will be sent. * @param {string} request.parent - * Required. Name of the organization assets should belong to. Its format is - * "organizations/[organization_id], folders/[folder_id], or + * Required. The name of the parent that the listed assets belong to. Its + * format is "organizations/[organization_id], folders/[folder_id], or * projects/[project_id]". * @param {string} request.filter * Expression that defines the filter to apply across assets. @@ -5927,9 +5936,9 @@ export class SecurityCenterClient { * @param {Object} request * The request object that will be sent. * @param {string} request.parent - * Required. Name of the organization to list notification configs. Its format - * is "organizations/[organization_id]", "folders/[folder_id]", or - * "projects/[project_id]". + * Required. The name of the parent in which to list the notification + * configurations. Its format is "organizations/[organization_id]", + * "folders/[folder_id]", or "projects/[project_id]". * @param {string} request.pageToken * The value returned by the last `ListNotificationConfigsResponse`; indicates * that this is a continuation of a prior `ListNotificationConfigs` call, and @@ -6034,9 +6043,9 @@ export class SecurityCenterClient { * @param {Object} request * The request object that will be sent. * @param {string} request.parent - * Required. Name of the organization to list notification configs. Its format - * is "organizations/[organization_id]", "folders/[folder_id]", or - * "projects/[project_id]". + * Required. The name of the parent in which to list the notification + * configurations. Its format is "organizations/[organization_id]", + * "folders/[folder_id]", or "projects/[project_id]". * @param {string} request.pageToken * The value returned by the last `ListNotificationConfigsResponse`; indicates * that this is a continuation of a prior `ListNotificationConfigs` call, and @@ -6085,9 +6094,9 @@ export class SecurityCenterClient { * @param {Object} request * The request object that will be sent. * @param {string} request.parent - * Required. Name of the organization to list notification configs. Its format - * is "organizations/[organization_id]", "folders/[folder_id]", or - * "projects/[project_id]". + * Required. The name of the parent in which to list the notification + * configurations. Its format is "organizations/[organization_id]", + * "folders/[folder_id]", or "projects/[project_id]". * @param {string} request.pageToken * The value returned by the last `ListNotificationConfigsResponse`; indicates * that this is a continuation of a prior `ListNotificationConfigs` call, and diff --git a/packages/google-cloud-securitycenter/src/v1/security_center_proto_list.json b/packages/google-cloud-securitycenter/src/v1/security_center_proto_list.json index be5b8aeaa29..b9720dfd4fc 100644 --- a/packages/google-cloud-securitycenter/src/v1/security_center_proto_list.json +++ b/packages/google-cloud-securitycenter/src/v1/security_center_proto_list.json @@ -14,6 +14,7 @@ "../../protos/google/cloud/securitycenter/v1/folder.proto", "../../protos/google/cloud/securitycenter/v1/iam_binding.proto", "../../protos/google/cloud/securitycenter/v1/indicator.proto", + "../../protos/google/cloud/securitycenter/v1/kernel_rootkit.proto", "../../protos/google/cloud/securitycenter/v1/kubernetes.proto", "../../protos/google/cloud/securitycenter/v1/label.proto", "../../protos/google/cloud/securitycenter/v1/mitre_attack.proto", diff --git a/packages/google-cloud-securitycenter/src/v1beta1/security_center_client.ts b/packages/google-cloud-securitycenter/src/v1beta1/security_center_client.ts index 48a71d22b29..af33e97684b 100644 --- a/packages/google-cloud-securitycenter/src/v1beta1/security_center_client.ts +++ b/packages/google-cloud-securitycenter/src/v1beta1/security_center_client.ts @@ -123,6 +123,9 @@ export class SecurityCenterClient { (typeof window !== 'undefined' && typeof window?.fetch === 'function'); opts = Object.assign({servicePath, port, clientConfig, fallback}, opts); + // Request numeric enum values if REST transport is used. + opts.numericEnums = true; + // If scopes are unset in options and we're connecting to a non-default endpoint, set scopes just in case. if (servicePath !== staticMembers.servicePath && !('scopes' in opts)) { opts['scopes'] = staticMembers.scopes; diff --git a/packages/google-cloud-securitycenter/src/v1p1beta1/security_center_client.ts b/packages/google-cloud-securitycenter/src/v1p1beta1/security_center_client.ts index 620cd4cb7ef..a1b99c39141 100644 --- a/packages/google-cloud-securitycenter/src/v1p1beta1/security_center_client.ts +++ b/packages/google-cloud-securitycenter/src/v1p1beta1/security_center_client.ts @@ -123,6 +123,9 @@ export class SecurityCenterClient { (typeof window !== 'undefined' && typeof window?.fetch === 'function'); opts = Object.assign({servicePath, port, clientConfig, fallback}, opts); + // Request numeric enum values if REST transport is used. + opts.numericEnums = true; + // If scopes are unset in options and we're connecting to a non-default endpoint, set scopes just in case. if (servicePath !== staticMembers.servicePath && !('scopes' in opts)) { opts['scopes'] = staticMembers.scopes;