blob: 55ba5641a09a1018c317e39a99ea903893c2ed83 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
|
// Copyright 2022 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto3";
package google.cloud.securitycenter.v1;
import "google/api/resource.proto";
import "google/cloud/securitycenter/v1/folder.proto";
import "google/cloud/securitycenter/v1/security_marks.proto";
import "google/protobuf/struct.proto";
import "google/protobuf/timestamp.proto";
option csharp_namespace = "Google.Cloud.SecurityCenter.V1";
option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter";
option java_multiple_files = true;
option java_package = "com.google.cloud.securitycenter.v1";
option php_namespace = "Google\\Cloud\\SecurityCenter\\V1";
option ruby_package = "Google::Cloud::SecurityCenter::V1";
// Security Command Center representation of a Google Cloud
// resource.
//
// The Asset is a Security Command Center resource that captures information
// about a single Google Cloud resource. All modifications to an Asset are only
// within the context of Security Command Center and don't affect the referenced
// Google Cloud resource.
message Asset {
option (google.api.resource) = {
type: "securitycenter.googleapis.com/Asset"
pattern: "organizations/{organization}/assets/{asset}"
pattern: "folders/{folder}/assets/{asset}"
pattern: "projects/{project}/assets/{asset}"
};
// Security Command Center managed properties. These properties are managed by
// Security Command Center and cannot be modified by the user.
message SecurityCenterProperties {
// The full resource name of the Google Cloud resource this asset
// represents. This field is immutable after create time. See:
// https://cloud.google.com/apis/design/resource_names#full_resource_name
string resource_name = 1;
// The type of the Google Cloud resource. Examples include: APPLICATION,
// PROJECT, and ORGANIZATION. This is a case insensitive field defined by
// Security Command Center and/or the producer of the resource and is
// immutable after create time.
string resource_type = 2;
// The full resource name of the immediate parent of the resource. See:
// https://cloud.google.com/apis/design/resource_names#full_resource_name
string resource_parent = 3;
// The full resource name of the project the resource belongs to. See:
// https://cloud.google.com/apis/design/resource_names#full_resource_name
string resource_project = 4;
// Owners of the Google Cloud resource.
repeated string resource_owners = 5;
// The user defined display name for this resource.
string resource_display_name = 6;
// The user defined display name for the parent of this resource.
string resource_parent_display_name = 7;
// The user defined display name for the project of this resource.
string resource_project_display_name = 8;
// Contains a Folder message for each folder in the assets ancestry.
// The first folder is the deepest nested folder, and the last folder is the
// folder directly under the Organization.
repeated Folder folders = 10;
}
// Cloud IAM Policy information associated with the Google Cloud resource
// described by the Security Command Center asset. This information is managed
// and defined by the Google Cloud resource and cannot be modified by the
// user.
message IamPolicy {
// The JSON representation of the Policy associated with the asset.
// See https://cloud.google.com/iam/reference/rest/v1/Policy for format
// details.
string policy_blob = 1;
}
// The relative resource name of this asset. See:
// https://cloud.google.com/apis/design/resource_names#relative_resource_name
// Example:
// "organizations/{organization_id}/assets/{asset_id}".
string name = 1;
// Security Command Center managed properties. These properties are managed by
// Security Command Center and cannot be modified by the user.
SecurityCenterProperties security_center_properties = 2;
// Resource managed properties. These properties are managed and defined by
// the Google Cloud resource and cannot be modified by the user.
map<string, google.protobuf.Value> resource_properties = 7;
// User specified security marks. These marks are entirely managed by the user
// and come from the SecurityMarks resource that belongs to the asset.
SecurityMarks security_marks = 8;
// The time at which the asset was created in Security Command Center.
google.protobuf.Timestamp create_time = 9;
// The time at which the asset was last updated or added in Cloud SCC.
google.protobuf.Timestamp update_time = 10;
// Cloud IAM Policy information associated with the Google Cloud resource
// described by the Security Command Center asset. This information is managed
// and defined by the Google Cloud resource and cannot be modified by the
// user.
IamPolicy iam_policy = 11;
// The canonical name of the resource. It's either
// "organizations/{organization_id}/assets/{asset_id}",
// "folders/{folder_id}/assets/{asset_id}" or
// "projects/{project_number}/assets/{asset_id}", depending on the closest CRM
// ancestor of the resource.
string canonical_name = 13;
}
|
