/// Message that contains the resource name and display name of a folder /// resource. #[derive(Clone, PartialEq, ::prost::Message)] pub struct Folder { /// Full resource name of this folder. See: /// #[prost(string, tag = "1")] pub resource_folder: ::prost::alloc::string::String, /// The user defined display name for this folder. #[prost(string, tag = "2")] pub resource_folder_display_name: ::prost::alloc::string::String, } /// User specified security marks that are attached to the parent Security /// Command Center resource. Security marks are scoped within a Security Command /// Center organization -- they can be modified and viewed by all users who have /// proper permissions on the organization. #[derive(Clone, PartialEq, ::prost::Message)] pub struct SecurityMarks { /// The relative resource name of the SecurityMarks. See: /// /// Examples: /// "organizations/{organization_id}/assets/{asset_id}/securityMarks" /// "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks". #[prost(string, tag = "1")] pub name: ::prost::alloc::string::String, /// Mutable user specified security marks belonging to the parent resource. /// Constraints are as follows: /// /// * Keys and values are treated as case insensitive /// * Keys must be between 1 - 256 characters (inclusive) /// * Keys must be letters, numbers, underscores, or dashes /// * Values have leading and trailing whitespace trimmed, remaining /// characters must be between 1 - 4096 characters (inclusive) #[prost(map = "string, string", tag = "2")] pub marks: ::std::collections::HashMap<::prost::alloc::string::String, ::prost::alloc::string::String>, /// The canonical name of the marks. /// Examples: /// "organizations/{organization_id}/assets/{asset_id}/securityMarks" /// "folders/{folder_id}/assets/{asset_id}/securityMarks" /// "projects/{project_number}/assets/{asset_id}/securityMarks" /// "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}/securityMarks" /// "folders/{folder_id}/sources/{source_id}/findings/{finding_id}/securityMarks" /// "projects/{project_number}/sources/{source_id}/findings/{finding_id}/securityMarks" #[prost(string, tag = "3")] pub canonical_name: ::prost::alloc::string::String, } /// Security Command Center representation of a Google Cloud /// resource. /// /// The Asset is a Security Command Center resource that captures information /// about a single Google Cloud resource. All modifications to an Asset are only /// within the context of Security Command Center and don't affect the referenced /// Google Cloud resource. #[derive(Clone, PartialEq, ::prost::Message)] pub struct Asset { /// The relative resource name of this asset. See: /// /// Example: /// "organizations/{organization_id}/assets/{asset_id}". #[prost(string, tag = "1")] pub name: ::prost::alloc::string::String, /// Security Command Center managed properties. These properties are managed by /// Security Command Center and cannot be modified by the user. #[prost(message, optional, tag = "2")] pub security_center_properties: ::core::option::Option, /// Resource managed properties. These properties are managed and defined by /// the Google Cloud resource and cannot be modified by the user. #[prost(map = "string, message", tag = "7")] pub resource_properties: ::std::collections::HashMap<::prost::alloc::string::String, ::prost_types::Value>, /// User specified security marks. These marks are entirely managed by the user /// and come from the SecurityMarks resource that belongs to the asset. #[prost(message, optional, tag = "8")] pub security_marks: ::core::option::Option, /// The time at which the asset was created in Security Command Center. #[prost(message, optional, tag = "9")] pub create_time: ::core::option::Option<::prost_types::Timestamp>, /// The time at which the asset was last updated or added in Cloud SCC. #[prost(message, optional, tag = "10")] pub update_time: ::core::option::Option<::prost_types::Timestamp>, /// Cloud IAM Policy information associated with the Google Cloud resource /// described by the Security Command Center asset. This information is managed /// and defined by the Google Cloud resource and cannot be modified by the /// user. #[prost(message, optional, tag = "11")] pub iam_policy: ::core::option::Option, /// The canonical name of the resource. It's either /// "organizations/{organization_id}/assets/{asset_id}", /// "folders/{folder_id}/assets/{asset_id}" or /// "projects/{project_number}/assets/{asset_id}", depending on the closest CRM /// ancestor of the resource. #[prost(string, tag = "13")] pub canonical_name: ::prost::alloc::string::String, } /// Nested message and enum types in `Asset`. pub mod asset { /// Security Command Center managed properties. These properties are managed by /// Security Command Center and cannot be modified by the user. #[derive(Clone, PartialEq, ::prost::Message)] pub struct SecurityCenterProperties { /// The full resource name of the Google Cloud resource this asset /// represents. This field is immutable after create time. See: /// #[prost(string, tag = "1")] pub resource_name: ::prost::alloc::string::String, /// The type of the Google Cloud resource. Examples include: APPLICATION, /// PROJECT, and ORGANIZATION. This is a case insensitive field defined by /// Security Command Center and/or the producer of the resource and is /// immutable after create time. #[prost(string, tag = "2")] pub resource_type: ::prost::alloc::string::String, /// The full resource name of the immediate parent of the resource. See: /// #[prost(string, tag = "3")] pub resource_parent: ::prost::alloc::string::String, /// The full resource name of the project the resource belongs to. See: /// #[prost(string, tag = "4")] pub resource_project: ::prost::alloc::string::String, /// Owners of the Google Cloud resource. #[prost(string, repeated, tag = "5")] pub resource_owners: ::prost::alloc::vec::Vec<::prost::alloc::string::String>, /// The user defined display name for this resource. #[prost(string, tag = "6")] pub resource_display_name: ::prost::alloc::string::String, /// The user defined display name for the parent of this resource. #[prost(string, tag = "7")] pub resource_parent_display_name: ::prost::alloc::string::String, /// The user defined display name for the project of this resource. #[prost(string, tag = "8")] pub resource_project_display_name: ::prost::alloc::string::String, /// Contains a Folder message for each folder in the assets ancestry. /// The first folder is the deepest nested folder, and the last folder is the /// folder directly under the Organization. #[prost(message, repeated, tag = "10")] pub folders: ::prost::alloc::vec::Vec, } /// Cloud IAM Policy information associated with the Google Cloud resource /// described by the Security Command Center asset. This information is managed /// and defined by the Google Cloud resource and cannot be modified by the /// user. #[derive(Clone, PartialEq, ::prost::Message)] pub struct IamPolicy { /// The JSON representation of the Policy associated with the asset. /// See for format /// details. #[prost(string, tag = "1")] pub policy_blob: ::prost::alloc::string::String, } } /// Representation of third party SIEM/SOAR fields within SCC. #[derive(Clone, PartialEq, ::prost::Message)] pub struct ExternalSystem { /// External System Name e.g. jira, demisto, etc. /// e.g.: `organizations/1234/sources/5678/findings/123456/externalSystems/jira` /// `folders/1234/sources/5678/findings/123456/externalSystems/jira` /// `projects/1234/sources/5678/findings/123456/externalSystems/jira` #[prost(string, tag = "1")] pub name: ::prost::alloc::string::String, /// References primary/secondary etc assignees in the external system. #[prost(string, repeated, tag = "2")] pub assignees: ::prost::alloc::vec::Vec<::prost::alloc::string::String>, /// Identifier that's used to track the given finding in the external system. #[prost(string, tag = "3")] pub external_uid: ::prost::alloc::string::String, /// Most recent status of the corresponding finding's ticket/tracker in the /// external system. #[prost(string, tag = "4")] pub status: ::prost::alloc::string::String, /// The most recent time when the corresponding finding's ticket/tracker was /// updated in the external system. #[prost(message, optional, tag = "5")] pub external_system_update_time: ::core::option::Option<::prost_types::Timestamp>, } /// Represents what's commonly known as an Indicator of compromise (IoC) in /// computer forensics. This is an artifact observed on a network or in an /// operating system that, with high confidence, indicates a computer intrusion. /// Reference: #[derive(Clone, PartialEq, ::prost::Message)] pub struct Indicator { /// List of ip addresses associated to the Finding. #[prost(string, repeated, tag = "1")] pub ip_addresses: ::prost::alloc::vec::Vec<::prost::alloc::string::String>, /// List of domains associated to the Finding. #[prost(string, repeated, tag = "2")] pub domains: ::prost::alloc::vec::Vec<::prost::alloc::string::String>, } /// Refers to common vulnerability fields e.g. cve, cvss, cwe etc. #[derive(Clone, PartialEq, ::prost::Message)] pub struct Vulnerability { /// CVE stands for Common Vulnerabilities and Exposures /// () #[prost(message, optional, tag = "1")] pub cve: ::core::option::Option, } /// CVE stands for Common Vulnerabilities and Exposures. /// More information: #[derive(Clone, PartialEq, ::prost::Message)] pub struct Cve { /// The unique identifier for the vulnerability. e.g. CVE-2021-34527 #[prost(string, tag = "1")] pub id: ::prost::alloc::string::String, /// Additional information about the CVE. /// e.g. #[prost(message, repeated, tag = "2")] pub references: ::prost::alloc::vec::Vec, /// Describe Common Vulnerability Scoring System specified at /// #[prost(message, optional, tag = "3")] pub cvssv3: ::core::option::Option, } /// Additional Links #[derive(Clone, PartialEq, ::prost::Message)] pub struct Reference { /// Source of the reference e.g. NVD #[prost(string, tag = "1")] pub source: ::prost::alloc::string::String, /// Uri for the mentioned source e.g. /// #[prost(string, tag = "2")] pub uri: ::prost::alloc::string::String, } /// Common Vulnerability Scoring System version 3. #[derive(Clone, PartialEq, ::prost::Message)] pub struct Cvssv3 { /// The base score is a function of the base metric scores. #[prost(double, tag = "1")] pub base_score: f64, /// Base Metrics /// Represents the intrinsic characteristics of a vulnerability that are /// constant over time and across user environments. /// This metric reflects the context by which vulnerability exploitation is /// possible. #[prost(enumeration = "cvssv3::AttackVector", tag = "5")] pub attack_vector: i32, /// This metric describes the conditions beyond the attacker's control that /// must exist in order to exploit the vulnerability. #[prost(enumeration = "cvssv3::AttackComplexity", tag = "6")] pub attack_complexity: i32, /// This metric describes the level of privileges an attacker must possess /// before successfully exploiting the vulnerability. #[prost(enumeration = "cvssv3::PrivilegesRequired", tag = "7")] pub privileges_required: i32, /// This metric captures the requirement for a human user, other than the /// attacker, to participate in the successful compromise of the vulnerable /// component. #[prost(enumeration = "cvssv3::UserInteraction", tag = "8")] pub user_interaction: i32, /// The Scope metric captures whether a vulnerability in one vulnerable /// component impacts resources in components beyond its security scope. #[prost(enumeration = "cvssv3::Scope", tag = "9")] pub scope: i32, /// This metric measures the impact to the confidentiality of the information /// resources managed by a software component due to a successfully exploited /// vulnerability. #[prost(enumeration = "cvssv3::Impact", tag = "10")] pub confidentiality_impact: i32, /// This metric measures the impact to integrity of a successfully exploited /// vulnerability. #[prost(enumeration = "cvssv3::Impact", tag = "11")] pub integrity_impact: i32, /// This metric measures the impact to the availability of the impacted /// component resulting from a successfully exploited vulnerability. #[prost(enumeration = "cvssv3::Impact", tag = "12")] pub availability_impact: i32, } /// Nested message and enum types in `Cvssv3`. pub mod cvssv3 { /// This metric reflects the context by which vulnerability exploitation is /// possible. #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)] #[repr(i32)] pub enum AttackVector { /// Invalid value. Unspecified = 0, /// The vulnerable component is bound to the network stack and the set of /// possible attackers extends beyond the other options listed below, up to /// and including the entire Internet. Network = 1, /// The vulnerable component is bound to the network stack, but the attack is /// limited at the protocol level to a logically adjacent topology. Adjacent = 2, /// The vulnerable component is not bound to the network stack and the /// attacker's path is via read/write/execute capabilities. Local = 3, /// The attack requires the attacker to physically touch or manipulate the /// vulnerable component. Physical = 4, } /// This metric describes the conditions beyond the attacker's control that /// must exist in order to exploit the vulnerability. #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)] #[repr(i32)] pub enum AttackComplexity { /// Invalid value. Unspecified = 0, /// Specialized access conditions or extenuating circumstances do not exist. /// An attacker can expect repeatable success when attacking the vulnerable /// component. Low = 1, /// A successful attack depends on conditions beyond the attacker's control. /// That is, a successful attack cannot be accomplished at will, but requires /// the attacker to invest in some measurable amount of effort in preparation /// or execution against the vulnerable component before a successful attack /// can be expected. High = 2, } /// This metric describes the level of privileges an attacker must possess /// before successfully exploiting the vulnerability. #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)] #[repr(i32)] pub enum PrivilegesRequired { /// Invalid value. Unspecified = 0, /// The attacker is unauthorized prior to attack, and therefore does not /// require any access to settings or files of the vulnerable system to /// carry out an attack. None = 1, /// The attacker requires privileges that provide basic user capabilities /// that could normally affect only settings and files owned by a user. /// Alternatively, an attacker with Low privileges has the ability to access /// only non-sensitive resources. Low = 2, /// The attacker requires privileges that provide significant (e.g., /// administrative) control over the vulnerable component allowing access to /// component-wide settings and files. High = 3, } /// This metric captures the requirement for a human user, other than the /// attacker, to participate in the successful compromise of the vulnerable /// component. #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)] #[repr(i32)] pub enum UserInteraction { /// Invalid value. Unspecified = 0, /// The vulnerable system can be exploited without interaction from any user. None = 1, /// Successful exploitation of this vulnerability requires a user to take /// some action before the vulnerability can be exploited. Required = 2, } /// The Scope metric captures whether a vulnerability in one vulnerable /// component impacts resources in components beyond its security scope. #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)] #[repr(i32)] pub enum Scope { /// Invalid value. Unspecified = 0, /// An exploited vulnerability can only affect resources managed by the same /// security authority. Unchanged = 1, /// An exploited vulnerability can affect resources beyond the security scope /// managed by the security authority of the vulnerable component. Changed = 2, } /// The Impact metrics capture the effects of a successfully exploited /// vulnerability on the component that suffers the worst outcome that is most /// directly and predictably associated with the attack. #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)] #[repr(i32)] pub enum Impact { /// Invalid value. Unspecified = 0, /// High impact. High = 1, /// Low impact. Low = 2, /// No impact. None = 3, } } /// Security Command Center finding. /// /// A finding is a record of assessment data like security, risk, health, or /// privacy, that is ingested into Security Command Center for presentation, /// notification, analysis, policy testing, and enforcement. For example, a /// cross-site scripting (XSS) vulnerability in an App Engine application is a /// finding. #[derive(Clone, PartialEq, ::prost::Message)] pub struct Finding { /// The relative resource name of this finding. See: /// /// Example: /// "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}" #[prost(string, tag = "1")] pub name: ::prost::alloc::string::String, /// The relative resource name of the source the finding belongs to. See: /// /// This field is immutable after creation time. /// For example: /// "organizations/{organization_id}/sources/{source_id}" #[prost(string, tag = "2")] pub parent: ::prost::alloc::string::String, /// For findings on Google Cloud resources, the full resource /// name of the Google Cloud resource this finding is for. See: /// /// When the finding is for a non-Google Cloud resource, the resourceName can /// be a customer or partner defined string. This field is immutable after /// creation time. #[prost(string, tag = "3")] pub resource_name: ::prost::alloc::string::String, /// The state of the finding. #[prost(enumeration = "finding::State", tag = "4")] pub state: i32, /// The additional taxonomy group within findings from a given source. /// This field is immutable after creation time. /// Example: "XSS_FLASH_INJECTION" #[prost(string, tag = "5")] pub category: ::prost::alloc::string::String, /// The URI that, if available, points to a web page outside of Security /// Command Center where additional information about the finding can be found. /// This field is guaranteed to be either empty or a well formed URL. #[prost(string, tag = "6")] pub external_uri: ::prost::alloc::string::String, /// Source specific properties. These properties are managed by the source /// that writes the finding. The key names in the source_properties map must be /// between 1 and 255 characters, and must start with a letter and contain /// alphanumeric characters or underscores only. #[prost(map = "string, message", tag = "7")] pub source_properties: ::std::collections::HashMap<::prost::alloc::string::String, ::prost_types::Value>, /// Output only. User specified security marks. These marks are entirely /// managed by the user and come from the SecurityMarks resource that belongs /// to the finding. #[prost(message, optional, tag = "8")] pub security_marks: ::core::option::Option, /// The time at which the event took place, or when an update to the finding /// occurred. For example, if the finding represents an open firewall it would /// capture the time the detector believes the firewall became open. The /// accuracy is determined by the detector. If the finding were to be resolved /// afterward, this time would reflect when the finding was resolved. Must not /// be set to a value greater than the current timestamp. #[prost(message, optional, tag = "9")] pub event_time: ::core::option::Option<::prost_types::Timestamp>, /// The time at which the finding was created in Security Command Center. #[prost(message, optional, tag = "10")] pub create_time: ::core::option::Option<::prost_types::Timestamp>, /// The severity of the finding. This field is managed by the source that /// writes the finding. #[prost(enumeration = "finding::Severity", tag = "12")] pub severity: i32, /// The canonical name of the finding. It's either /// "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", /// "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or /// "projects/{project_number}/sources/{source_id}/findings/{finding_id}", /// depending on the closest CRM ancestor of the resource associated with the /// finding. #[prost(string, tag = "14")] pub canonical_name: ::prost::alloc::string::String, /// Indicates the mute state of a finding (either unspecified, muted, unmuted /// or undefined). #[prost(enumeration = "finding::Mute", tag = "15")] pub mute: i32, /// The class of the finding. #[prost(enumeration = "finding::FindingClass", tag = "17")] pub finding_class: i32, /// Represents what's commonly known as an Indicator of compromise (IoC) in /// computer forensics. This is an artifact observed on a network or in an /// operating system that, with high confidence, indicates a computer /// intrusion. /// Reference: #[prost(message, optional, tag = "18")] pub indicator: ::core::option::Option, /// Represents vulnerability specific fields like cve, cvss scores etc. /// CVE stands for Common Vulnerabilities and Exposures /// () #[prost(message, optional, tag = "20")] pub vulnerability: ::core::option::Option, /// Output only. The most recent time this finding was muted or unmuted. #[prost(message, optional, tag = "21")] pub mute_update_time: ::core::option::Option<::prost_types::Timestamp>, /// Output only. Third party SIEM/SOAR fields within SCC, contains external system /// information and external system finding fields. #[prost(map = "string, message", tag = "22")] pub external_systems: ::std::collections::HashMap<::prost::alloc::string::String, ExternalSystem>, /// First known as mute_annotation. Records additional information about the /// mute operation e.g. mute config that muted the finding, user who muted the /// finding, etc. #[prost(string, tag = "28")] pub mute_initiator: ::prost::alloc::string::String, } /// Nested message and enum types in `Finding`. pub mod finding { /// The state of the finding. #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)] #[repr(i32)] pub enum State { /// Unspecified state. Unspecified = 0, /// The finding requires attention and has not been addressed yet. Active = 1, /// The finding has been fixed, triaged as a non-issue or otherwise addressed /// and is no longer active. Inactive = 2, } /// The severity of the finding. #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)] #[repr(i32)] pub enum Severity { /// This value is used for findings when a source doesn't write a severity /// value. Unspecified = 0, /// Vulnerability: /// A critical vulnerability is easily discoverable by an external actor, /// exploitable, and results in the direct ability to execute arbitrary code, /// exfiltrate data, and otherwise gain additional access and privileges to /// cloud resources and workloads. Examples include publicly accessible /// unprotected user data, public SSH access with weak or no passwords, etc. /// /// Threat: /// Indicates a threat that is able to access, modify, or delete data or /// execute unauthorized code within existing resources. Critical = 1, /// Vulnerability: /// A high risk vulnerability can be easily discovered and exploited in /// combination with other vulnerabilities in order to gain direct access and /// the ability to execute arbitrary code, exfiltrate data, and otherwise /// gain additional access and privileges to cloud resources and workloads. /// An example is a database with weak or no passwords that is only /// accessible internally. This database could easily be compromised by an /// actor that had access to the internal network. /// /// Threat: /// Indicates a threat that is able to create new computational resources in /// an environment but not able to access data or execute code in existing /// resources. High = 2, /// Vulnerability: /// A medium risk vulnerability could be used by an actor to gain access to /// resources or privileges that enable them to eventually (through multiple /// steps or a complex exploit) gain access and the ability to execute /// arbitrary code or exfiltrate data. An example is a service account with /// access to more projects than it should have. If an actor gains access to /// the service account, they could potentially use that access to manipulate /// a project the service account was not intended to. /// /// Threat: /// Indicates a threat that is able to cause operational impact but may not /// access data or execute unauthorized code. Medium = 3, /// Vulnerability: /// A low risk vulnerability hampers a security organization’s ability to /// detect vulnerabilities or active threats in their deployment, or prevents /// the root cause investigation of security issues. An example is monitoring /// and logs being disabled for resource configurations and access. /// /// Threat: /// Indicates a threat that has obtained minimal access to an environment but /// is not able to access data, execute code, or create resources. Low = 4, } /// Mute state a finding can be in. #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)] #[repr(i32)] pub enum Mute { /// Unspecified. Unspecified = 0, /// Finding has been muted. Muted = 1, /// Finding has been unmuted. Unmuted = 2, /// Finding has never been muted/unmuted. Undefined = 4, } /// Represents what kind of Finding it is. #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)] #[repr(i32)] pub enum FindingClass { /// Unspecified finding class. Unspecified = 0, /// Describes unwanted or malicious activity. Threat = 1, /// Describes a potential weakness in software that increases risk to /// Confidentiality & Integrity & Availability. Vulnerability = 2, /// Describes a potential weakness in cloud resource/asset configuration that /// increases risk. Misconfiguration = 3, /// Describes a security observation that is for informational purposes. Observation = 4, } } /// A mute config is a Cloud SCC resource that contains the configuration /// to mute create/update events of findings. #[derive(Clone, PartialEq, ::prost::Message)] pub struct MuteConfig { /// This field will be ignored if provided on config creation. Format /// "organizations/{organization}/muteConfigs/{mute_config}" /// "folders/{folder}/muteConfigs/{mute_config}" /// "projects/{project}/muteConfigs/{mute_config}" #[prost(string, tag = "1")] pub name: ::prost::alloc::string::String, /// The human readable name to be displayed for the mute config. #[deprecated] #[prost(string, tag = "2")] pub display_name: ::prost::alloc::string::String, /// A description of the mute config. #[prost(string, tag = "3")] pub description: ::prost::alloc::string::String, /// Required. An expression that defines the filter to apply across create/update events /// of findings. While creating a filter string, be mindful of the /// scope in which the mute configuration is being created. E.g., If a filter /// contains project = X but is created under the project = Y scope, it might /// not match any findings. /// /// The following field and operator combinations are supported: /// /// * severity: `=`, `:` /// * category: `=`, `:` /// * resource.name: `=`, `:` /// * resource.project_name: `=`, `:` /// * resource.project_display_name: `=`, `:` /// * resource.folders.resource_folder: `=`, `:` /// * resource.parent_name: `=`, `:` /// * resource.parent_display_name: `=`, `:` /// * resource.type: `=`, `:` /// * finding_class: `=`, `:` /// * indicator.ip_addresses: `=`, `:` /// * indicator.domains: `=`, `:` #[prost(string, tag = "4")] pub filter: ::prost::alloc::string::String, /// Output only. The time at which the mute config was created. /// This field is set by the server and will be ignored if provided on config /// creation. #[prost(message, optional, tag = "5")] pub create_time: ::core::option::Option<::prost_types::Timestamp>, /// Output only. The most recent time at which the mute config was updated. /// This field is set by the server and will be ignored if provided on config /// creation or update. #[prost(message, optional, tag = "6")] pub update_time: ::core::option::Option<::prost_types::Timestamp>, /// Output only. Email address of the user who last edited the mute config. /// This field is set by the server and will be ignored if provided on config /// creation or update. #[prost(string, tag = "7")] pub most_recent_editor: ::prost::alloc::string::String, } /// Cloud Security Command Center (Cloud SCC) notification configs. /// /// A notification config is a Cloud SCC resource that contains the configuration /// to send notifications for create/update events of findings, assets and etc. #[derive(Clone, PartialEq, ::prost::Message)] pub struct NotificationConfig { /// The relative resource name of this notification config. See: /// /// Example: /// "organizations/{organization_id}/notificationConfigs/notify_public_bucket". #[prost(string, tag = "1")] pub name: ::prost::alloc::string::String, /// The description of the notification config (max of 1024 characters). #[prost(string, tag = "2")] pub description: ::prost::alloc::string::String, /// The Pub/Sub topic to send notifications to. Its format is /// "projects/\[project_id]/topics/[topic\]". #[prost(string, tag = "3")] pub pubsub_topic: ::prost::alloc::string::String, /// Output only. The service account that needs "pubsub.topics.publish" /// permission to publish to the Pub/Sub topic. #[prost(string, tag = "4")] pub service_account: ::prost::alloc::string::String, /// The config for triggering notifications. #[prost(oneof = "notification_config::NotifyConfig", tags = "5")] pub notify_config: ::core::option::Option, } /// Nested message and enum types in `NotificationConfig`. pub mod notification_config { /// The config for streaming-based notifications, which send each event as soon /// as it is detected. #[derive(Clone, PartialEq, ::prost::Message)] pub struct StreamingConfig { /// Expression that defines the filter to apply across create/update events /// of assets or findings as specified by the event type. The expression is a /// list of zero or more restrictions combined via logical operators `AND` /// and `OR`. Parentheses are supported, and `OR` has higher precedence than /// `AND`. /// /// Restrictions have the form ` ` and may have a /// `-` character in front of them to indicate negation. The fields map to /// those defined in the corresponding resource. /// /// The supported operators are: /// /// * `=` for all value types. /// * `>`, `<`, `>=`, `<=` for integer values. /// * `:`, meaning substring matching, for strings. /// /// The supported value types are: /// /// * string literals in quotes. /// * integer literals without quotes. /// * boolean literals `true` and `false` without quotes. #[prost(string, tag = "1")] pub filter: ::prost::alloc::string::String, } /// The config for triggering notifications. #[derive(Clone, PartialEq, ::prost::Oneof)] pub enum NotifyConfig { /// The config for triggering streaming-based notifications. #[prost(message, tag = "5")] StreamingConfig(StreamingConfig), } } /// Information related to the Google Cloud resource. #[derive(Clone, PartialEq, ::prost::Message)] pub struct Resource { /// The full resource name of the resource. See: /// #[prost(string, tag = "1")] pub name: ::prost::alloc::string::String, /// The full resource name of project that the resource belongs to. #[prost(string, tag = "2")] pub project: ::prost::alloc::string::String, /// The human readable name of project that the resource belongs to. #[prost(string, tag = "3")] pub project_display_name: ::prost::alloc::string::String, /// The full resource name of resource's parent. #[prost(string, tag = "4")] pub parent: ::prost::alloc::string::String, /// The human readable name of resource's parent. #[prost(string, tag = "5")] pub parent_display_name: ::prost::alloc::string::String, /// The full resource type of the resource. #[prost(string, tag = "6")] pub r#type: ::prost::alloc::string::String, /// Output only. Contains a Folder message for each folder in the assets ancestry. /// The first folder is the deepest nested folder, and the last folder is the /// folder directly under the Organization. #[prost(message, repeated, tag = "7")] pub folders: ::prost::alloc::vec::Vec, /// The human readable name of the resource. #[prost(string, tag = "8")] pub display_name: ::prost::alloc::string::String, } /// Cloud SCC's Notification #[derive(Clone, PartialEq, ::prost::Message)] pub struct NotificationMessage { /// Name of the notification config that generated current notification. #[prost(string, tag = "1")] pub notification_config_name: ::prost::alloc::string::String, /// The Cloud resource tied to this notification's Finding. #[prost(message, optional, tag = "3")] pub resource: ::core::option::Option, /// Notification Event. #[prost(oneof = "notification_message::Event", tags = "2")] pub event: ::core::option::Option, } /// Nested message and enum types in `NotificationMessage`. pub mod notification_message { /// Notification Event. #[derive(Clone, PartialEq, ::prost::Oneof)] pub enum Event { /// If it's a Finding based notification config, this field will be /// populated. #[prost(message, tag = "2")] Finding(super::Finding), } } /// User specified settings that are attached to the Security Command /// Center organization. #[derive(Clone, PartialEq, ::prost::Message)] pub struct OrganizationSettings { /// The relative resource name of the settings. See: /// /// Example: /// "organizations/{organization_id}/organizationSettings". #[prost(string, tag = "1")] pub name: ::prost::alloc::string::String, /// A flag that indicates if Asset Discovery should be enabled. If the flag is /// set to `true`, then discovery of assets will occur. If it is set to `false, /// all historical assets will remain, but discovery of future assets will not /// occur. #[prost(bool, tag = "2")] pub enable_asset_discovery: bool, /// The configuration used for Asset Discovery runs. #[prost(message, optional, tag = "3")] pub asset_discovery_config: ::core::option::Option, } /// Nested message and enum types in `OrganizationSettings`. pub mod organization_settings { /// The configuration used for Asset Discovery runs. #[derive(Clone, PartialEq, ::prost::Message)] pub struct AssetDiscoveryConfig { /// The project ids to use for filtering asset discovery. #[prost(string, repeated, tag = "1")] pub project_ids: ::prost::alloc::vec::Vec<::prost::alloc::string::String>, /// The mode to use for filtering asset discovery. #[prost(enumeration = "asset_discovery_config::InclusionMode", tag = "2")] pub inclusion_mode: i32, /// The folder ids to use for filtering asset discovery. /// It consists of only digits, e.g., 756619654966. #[prost(string, repeated, tag = "3")] pub folder_ids: ::prost::alloc::vec::Vec<::prost::alloc::string::String>, } /// Nested message and enum types in `AssetDiscoveryConfig`. pub mod asset_discovery_config { /// The mode of inclusion when running Asset Discovery. /// Asset discovery can be limited by explicitly identifying projects to be /// included or excluded. If INCLUDE_ONLY is set, then only those projects /// within the organization and their children are discovered during asset /// discovery. If EXCLUDE is set, then projects that don't match those /// projects are discovered during asset discovery. If neither are set, then /// all projects within the organization are discovered during asset /// discovery. #[derive( Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration, )] #[repr(i32)] pub enum InclusionMode { /// Unspecified. Setting the mode with this value will disable /// inclusion/exclusion filtering for Asset Discovery. Unspecified = 0, /// Asset Discovery will capture only the resources within the projects /// specified. All other resources will be ignored. IncludeOnly = 1, /// Asset Discovery will ignore all resources under the projects specified. /// All other resources will be retrieved. Exclude = 2, } } } /// Response of asset discovery run #[derive(Clone, PartialEq, ::prost::Message)] pub struct RunAssetDiscoveryResponse { /// The state of an asset discovery run. #[prost(enumeration = "run_asset_discovery_response::State", tag = "1")] pub state: i32, /// The duration between asset discovery run start and end #[prost(message, optional, tag = "2")] pub duration: ::core::option::Option<::prost_types::Duration>, } /// Nested message and enum types in `RunAssetDiscoveryResponse`. pub mod run_asset_discovery_response { /// The state of an asset discovery run. #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)] #[repr(i32)] pub enum State { /// Asset discovery run state was unspecified. Unspecified = 0, /// Asset discovery run completed successfully. Completed = 1, /// Asset discovery run was cancelled with tasks still pending, as another /// run for the same organization was started with a higher priority. Superseded = 2, /// Asset discovery run was killed and terminated. Terminated = 3, } } /// Security Command Center finding source. A finding source /// is an entity or a mechanism that can produce a finding. A source is like a /// container of findings that come from the same scanner, logger, monitor, and /// other tools. #[derive(Clone, PartialEq, ::prost::Message)] pub struct Source { /// The relative resource name of this source. See: /// /// Example: /// "organizations/{organization_id}/sources/{source_id}" #[prost(string, tag = "1")] pub name: ::prost::alloc::string::String, /// The source's display name. /// A source's display name must be unique amongst its siblings, for example, /// two sources with the same parent can't share the same display name. /// The display name must have a length between 1 and 64 characters /// (inclusive). #[prost(string, tag = "2")] pub display_name: ::prost::alloc::string::String, /// The description of the source (max of 1024 characters). /// Example: /// "Web Security Scanner is a web security scanner for common /// vulnerabilities in App Engine applications. It can automatically /// scan and detect four common vulnerabilities, including cross-site-scripting /// (XSS), Flash injection, mixed content (HTTP in HTTPS), and /// outdated or insecure libraries." #[prost(string, tag = "3")] pub description: ::prost::alloc::string::String, /// The canonical name of the finding. It's either /// "organizations/{organization_id}/sources/{source_id}", /// "folders/{folder_id}/sources/{source_id}" or /// "projects/{project_number}/sources/{source_id}", /// depending on the closest CRM ancestor of the resource associated with the /// finding. #[prost(string, tag = "14")] pub canonical_name: ::prost::alloc::string::String, } /// Request message for bulk findings update. /// /// Note: /// 1. If multiple bulk update requests match the same resource, the order in /// which they get executed is not defined. /// 2. Once a bulk operation is started, there is no way to stop it. #[derive(Clone, PartialEq, ::prost::Message)] pub struct BulkMuteFindingsRequest { /// Required. The parent, at which bulk action needs to be applied. Its format is /// "organizations/\[organization_id\]", "folders/\[folder_id\]", /// "projects/\[project_id\]". #[prost(string, tag = "1")] pub parent: ::prost::alloc::string::String, /// Expression that identifies findings that should be updated. /// The expression is a list of zero or more restrictions combined /// via logical operators `AND` and `OR`. Parentheses are supported, and `OR` /// has higher precedence than `AND`. /// /// Restrictions have the form ` ` and may have a /// `-` character in front of them to indicate negation. The fields map to /// those defined in the corresponding resource. /// /// The supported operators are: /// /// * `=` for all value types. /// * `>`, `<`, `>=`, `<=` for integer values. /// * `:`, meaning substring matching, for strings. /// /// The supported value types are: /// /// * string literals in quotes. /// * integer literals without quotes. /// * boolean literals `true` and `false` without quotes. #[prost(string, tag = "2")] pub filter: ::prost::alloc::string::String, /// This can be a mute configuration name or any identifier for mute/unmute /// of findings based on the filter. #[deprecated] #[prost(string, tag = "3")] pub mute_annotation: ::prost::alloc::string::String, } /// The response to a BulkMute request. Contains the LRO information. #[derive(Clone, PartialEq, ::prost::Message)] pub struct BulkMuteFindingsResponse {} /// Request message for creating a finding. #[derive(Clone, PartialEq, ::prost::Message)] pub struct CreateFindingRequest { /// Required. Resource name of the new finding's parent. Its format should be /// "organizations/\[organization_id]/sources/[source_id\]". #[prost(string, tag = "1")] pub parent: ::prost::alloc::string::String, /// Required. Unique identifier provided by the client within the parent scope. /// It must be alphanumeric and less than or equal to 32 characters and /// greater than 0 characters in length. #[prost(string, tag = "2")] pub finding_id: ::prost::alloc::string::String, /// Required. The Finding being created. The name and security_marks will be ignored as /// they are both output only fields on this resource. #[prost(message, optional, tag = "3")] pub finding: ::core::option::Option, } /// Request message for creating a mute config. #[derive(Clone, PartialEq, ::prost::Message)] pub struct CreateMuteConfigRequest { /// Required. Resource name of the new mute configs's parent. Its format is /// "organizations/\[organization_id\]", "folders/\[folder_id\]", or /// "projects/\[project_id\]". #[prost(string, tag = "1")] pub parent: ::prost::alloc::string::String, /// Required. The mute config being created. #[prost(message, optional, tag = "2")] pub mute_config: ::core::option::Option, /// Required. Unique identifier provided by the client within the parent scope. /// It must consist of lower case letters, numbers, and hyphen, with the first /// character a letter, the last a letter or a number, and a 63 character /// maximum. #[prost(string, tag = "3")] pub mute_config_id: ::prost::alloc::string::String, } /// Request message for creating a notification config. #[derive(Clone, PartialEq, ::prost::Message)] pub struct CreateNotificationConfigRequest { /// Required. Resource name of the new notification config's parent. Its format is /// "organizations/\[organization_id\]". #[prost(string, tag = "1")] pub parent: ::prost::alloc::string::String, /// Required. /// Unique identifier provided by the client within the parent scope. /// It must be between 1 and 128 characters, and contains alphanumeric /// characters, underscores or hyphens only. #[prost(string, tag = "2")] pub config_id: ::prost::alloc::string::String, /// Required. The notification config being created. The name and the service account /// will be ignored as they are both output only fields on this resource. #[prost(message, optional, tag = "3")] pub notification_config: ::core::option::Option, } /// Request message for creating a source. #[derive(Clone, PartialEq, ::prost::Message)] pub struct CreateSourceRequest { /// Required. Resource name of the new source's parent. Its format should be /// "organizations/\[organization_id\]". #[prost(string, tag = "1")] pub parent: ::prost::alloc::string::String, /// Required. The Source being created, only the display_name and description will be /// used. All other fields will be ignored. #[prost(message, optional, tag = "2")] pub source: ::core::option::Option, } /// Request message for deleting a mute config. #[derive(Clone, PartialEq, ::prost::Message)] pub struct DeleteMuteConfigRequest { /// Required. Name of the mute config to delete. Its format is /// organizations/{organization}/muteConfigs/{config_id}, /// folders/{folder}/muteConfigs/{config_id}, or /// projects/{project}/muteConfigs/{config_id} #[prost(string, tag = "1")] pub name: ::prost::alloc::string::String, } /// Request message for deleting a notification config. #[derive(Clone, PartialEq, ::prost::Message)] pub struct DeleteNotificationConfigRequest { /// Required. Name of the notification config to delete. Its format is /// "organizations/\[organization_id]/notificationConfigs/[config_id\]". #[prost(string, tag = "1")] pub name: ::prost::alloc::string::String, } /// Request message for retrieving a mute config. #[derive(Clone, PartialEq, ::prost::Message)] pub struct GetMuteConfigRequest { /// Required. Name of the mute config to retrieve. Its format is /// organizations/{organization}/muteConfigs/{config_id}, /// folders/{folder}/muteConfigs/{config_id}, or /// projects/{project}/muteConfigs/{config_id} #[prost(string, tag = "1")] pub name: ::prost::alloc::string::String, } /// Request message for getting a notification config. #[derive(Clone, PartialEq, ::prost::Message)] pub struct GetNotificationConfigRequest { /// Required. Name of the notification config to get. Its format is /// "organizations/\[organization_id]/notificationConfigs/[config_id\]". #[prost(string, tag = "1")] pub name: ::prost::alloc::string::String, } /// Request message for getting organization settings. #[derive(Clone, PartialEq, ::prost::Message)] pub struct GetOrganizationSettingsRequest { /// Required. Name of the organization to get organization settings for. Its format is /// "organizations/\[organization_id\]/organizationSettings". #[prost(string, tag = "1")] pub name: ::prost::alloc::string::String, } /// Request message for getting a source. #[derive(Clone, PartialEq, ::prost::Message)] pub struct GetSourceRequest { /// Required. Relative resource name of the source. Its format is /// "organizations/\[organization_id]/source/[source_id\]". #[prost(string, tag = "1")] pub name: ::prost::alloc::string::String, } /// Request message for grouping by assets. #[derive(Clone, PartialEq, ::prost::Message)] pub struct GroupAssetsRequest { /// Required. Name of the organization to groupBy. Its format is /// "organizations/\[organization_id\], folders/\[folder_id\], or /// projects/\[project_id\]". #[prost(string, tag = "1")] pub parent: ::prost::alloc::string::String, /// Expression that defines the filter to apply across assets. /// The expression is a list of zero or more restrictions combined via logical /// operators `AND` and `OR`. /// Parentheses are supported, and `OR` has higher precedence than `AND`. /// /// Restrictions have the form ` ` and may have a `-` /// character in front of them to indicate negation. The fields map to those /// defined in the Asset resource. Examples include: /// /// * name /// * security_center_properties.resource_name /// * resource_properties.a_property /// * security_marks.marks.marka /// /// The supported operators are: /// /// * `=` for all value types. /// * `>`, `<`, `>=`, `<=` for integer values. /// * `:`, meaning substring matching, for strings. /// /// The supported value types are: /// /// * string literals in quotes. /// * integer literals without quotes. /// * boolean literals `true` and `false` without quotes. /// /// The following field and operator combinations are supported: /// /// * name: `=` /// * update_time: `=`, `>`, `<`, `>=`, `<=` /// /// Usage: This should be milliseconds since epoch or an RFC3339 string. /// Examples: /// `update_time = "2019-06-10T16:07:18-07:00"` /// `update_time = 1560208038000` /// /// * create_time: `=`, `>`, `<`, `>=`, `<=` /// /// Usage: This should be milliseconds since epoch or an RFC3339 string. /// Examples: /// `create_time = "2019-06-10T16:07:18-07:00"` /// `create_time = 1560208038000` /// /// * iam_policy.policy_blob: `=`, `:` /// * resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=` /// * security_marks.marks: `=`, `:` /// * security_center_properties.resource_name: `=`, `:` /// * security_center_properties.resource_display_name: `=`, `:` /// * security_center_properties.resource_type: `=`, `:` /// * security_center_properties.resource_parent: `=`, `:` /// * security_center_properties.resource_parent_display_name: `=`, `:` /// * security_center_properties.resource_project: `=`, `:` /// * security_center_properties.resource_project_display_name: `=`, `:` /// * security_center_properties.resource_owners: `=`, `:` /// /// For example, `resource_properties.size = 100` is a valid filter string. /// /// Use a partial match on the empty string to filter based on a property /// existing: `resource_properties.my_property : ""` /// /// Use a negated partial match on the empty string to filter based on a /// property not existing: `-resource_properties.my_property : ""` #[prost(string, tag = "2")] pub filter: ::prost::alloc::string::String, /// Required. Expression that defines what assets fields to use for grouping. The string /// value should follow SQL syntax: comma separated list of fields. For /// example: /// "security_center_properties.resource_project,security_center_properties.project". /// /// The following fields are supported when compare_duration is not set: /// /// * security_center_properties.resource_project /// * security_center_properties.resource_project_display_name /// * security_center_properties.resource_type /// * security_center_properties.resource_parent /// * security_center_properties.resource_parent_display_name /// /// The following fields are supported when compare_duration is set: /// /// * security_center_properties.resource_type /// * security_center_properties.resource_project_display_name /// * security_center_properties.resource_parent_display_name #[prost(string, tag = "3")] pub group_by: ::prost::alloc::string::String, /// When compare_duration is set, the GroupResult's "state_change" property is /// updated to indicate whether the asset was added, removed, or remained /// present during the compare_duration period of time that precedes the /// read_time. This is the time between (read_time - compare_duration) and /// read_time. /// /// The state change value is derived based on the presence of the asset at the /// two points in time. Intermediate state changes between the two times don't /// affect the result. For example, the results aren't affected if the asset is /// removed and re-created again. /// /// Possible "state_change" values when compare_duration is specified: /// /// * "ADDED": indicates that the asset was not present at the start of /// compare_duration, but present at reference_time. /// * "REMOVED": indicates that the asset was present at the start of /// compare_duration, but not present at reference_time. /// * "ACTIVE": indicates that the asset was present at both the /// start and the end of the time period defined by /// compare_duration and reference_time. /// /// If compare_duration is not specified, then the only possible state_change /// is "UNUSED", which will be the state_change set for all assets present at /// read_time. /// /// If this field is set then `state_change` must be a specified field in /// `group_by`. #[prost(message, optional, tag = "4")] pub compare_duration: ::core::option::Option<::prost_types::Duration>, /// Time used as a reference point when filtering assets. The filter is limited /// to assets existing at the supplied time and their values are those at that /// specific time. Absence of this field will default to the API's version of /// NOW. #[prost(message, optional, tag = "5")] pub read_time: ::core::option::Option<::prost_types::Timestamp>, /// The value returned by the last `GroupAssetsResponse`; indicates /// that this is a continuation of a prior `GroupAssets` call, and that the /// system should return the next page of data. #[prost(string, tag = "7")] pub page_token: ::prost::alloc::string::String, /// The maximum number of results to return in a single response. Default is /// 10, minimum is 1, maximum is 1000. #[prost(int32, tag = "8")] pub page_size: i32, } /// Response message for grouping by assets. #[derive(Clone, PartialEq, ::prost::Message)] pub struct GroupAssetsResponse { /// Group results. There exists an element for each existing unique /// combination of property/values. The element contains a count for the number /// of times those specific property/values appear. #[prost(message, repeated, tag = "1")] pub group_by_results: ::prost::alloc::vec::Vec, /// Time used for executing the groupBy request. #[prost(message, optional, tag = "2")] pub read_time: ::core::option::Option<::prost_types::Timestamp>, /// Token to retrieve the next page of results, or empty if there are no more /// results. #[prost(string, tag = "3")] pub next_page_token: ::prost::alloc::string::String, /// The total number of results matching the query. #[prost(int32, tag = "4")] pub total_size: i32, } /// Request message for grouping by findings. #[derive(Clone, PartialEq, ::prost::Message)] pub struct GroupFindingsRequest { /// Required. Name of the source to groupBy. Its format is /// "organizations/\[organization_id]/sources/[source_id\]", /// folders/\[folder_id]/sources/[source_id\], or /// projects/\[project_id]/sources/[source_id\]. To groupBy across all sources /// provide a source_id of `-`. For example: /// organizations/{organization_id}/sources/-, folders/{folder_id}/sources/-, /// or projects/{project_id}/sources/- #[prost(string, tag = "1")] pub parent: ::prost::alloc::string::String, /// Expression that defines the filter to apply across findings. /// The expression is a list of one or more restrictions combined via logical /// operators `AND` and `OR`. /// Parentheses are supported, and `OR` has higher precedence than `AND`. /// /// Restrictions have the form ` ` and may have a `-` /// character in front of them to indicate negation. Examples include: /// /// * name /// * source_properties.a_property /// * security_marks.marks.marka /// /// The supported operators are: /// /// * `=` for all value types. /// * `>`, `<`, `>=`, `<=` for integer values. /// * `:`, meaning substring matching, for strings. /// /// The supported value types are: /// /// * string literals in quotes. /// * integer literals without quotes. /// * boolean literals `true` and `false` without quotes. /// /// The following field and operator combinations are supported: /// /// * name: `=` /// * parent: `=`, `:` /// * resource_name: `=`, `:` /// * state: `=`, `:` /// * category: `=`, `:` /// * external_uri: `=`, `:` /// * event_time: `=`, `>`, `<`, `>=`, `<=` /// /// Usage: This should be milliseconds since epoch or an RFC3339 string. /// Examples: /// `event_time = "2019-06-10T16:07:18-07:00"` /// `event_time = 1560208038000` /// /// * severity: `=`, `:` /// * workflow_state: `=`, `:` /// * security_marks.marks: `=`, `:` /// * source_properties: `=`, `:`, `>`, `<`, `>=`, `<=` /// /// For example, `source_properties.size = 100` is a valid filter string. /// /// Use a partial match on the empty string to filter based on a property /// existing: `source_properties.my_property : ""` /// /// Use a negated partial match on the empty string to filter based on a /// property not existing: `-source_properties.my_property : ""` /// /// * resource: /// * resource.name: `=`, `:` /// * resource.parent_name: `=`, `:` /// * resource.parent_display_name: `=`, `:` /// * resource.project_name: `=`, `:` /// * resource.project_display_name: `=`, `:` /// * resource.type: `=`, `:` #[prost(string, tag = "2")] pub filter: ::prost::alloc::string::String, /// Required. Expression that defines what assets fields to use for grouping (including /// `state_change`). The string value should follow SQL syntax: comma separated /// list of fields. For example: "parent,resource_name". /// /// The following fields are supported: /// /// * resource_name /// * category /// * state /// * parent /// * severity /// /// The following fields are supported when compare_duration is set: /// /// * state_change #[prost(string, tag = "3")] pub group_by: ::prost::alloc::string::String, /// Time used as a reference point when filtering findings. The filter is /// limited to findings existing at the supplied time and their values are /// those at that specific time. Absence of this field will default to the /// API's version of NOW. #[prost(message, optional, tag = "4")] pub read_time: ::core::option::Option<::prost_types::Timestamp>, /// When compare_duration is set, the GroupResult's "state_change" attribute is /// updated to indicate whether the finding had its state changed, the /// finding's state remained unchanged, or if the finding was added during the /// compare_duration period of time that precedes the read_time. This is the /// time between (read_time - compare_duration) and read_time. /// /// The state_change value is derived based on the presence and state of the /// finding at the two points in time. Intermediate state changes between the /// two times don't affect the result. For example, the results aren't affected /// if the finding is made inactive and then active again. /// /// Possible "state_change" values when compare_duration is specified: /// /// * "CHANGED": indicates that the finding was present and matched the given /// filter at the start of compare_duration, but changed its /// state at read_time. /// * "UNCHANGED": indicates that the finding was present and matched the given /// filter at the start of compare_duration and did not change /// state at read_time. /// * "ADDED": indicates that the finding did not match the given filter or /// was not present at the start of compare_duration, but was /// present at read_time. /// * "REMOVED": indicates that the finding was present and matched the /// filter at the start of compare_duration, but did not match /// the filter at read_time. /// /// If compare_duration is not specified, then the only possible state_change /// is "UNUSED", which will be the state_change set for all findings present /// at read_time. /// /// If this field is set then `state_change` must be a specified field in /// `group_by`. #[prost(message, optional, tag = "5")] pub compare_duration: ::core::option::Option<::prost_types::Duration>, /// The value returned by the last `GroupFindingsResponse`; indicates /// that this is a continuation of a prior `GroupFindings` call, and /// that the system should return the next page of data. #[prost(string, tag = "7")] pub page_token: ::prost::alloc::string::String, /// The maximum number of results to return in a single response. Default is /// 10, minimum is 1, maximum is 1000. #[prost(int32, tag = "8")] pub page_size: i32, } /// Response message for group by findings. #[derive(Clone, PartialEq, ::prost::Message)] pub struct GroupFindingsResponse { /// Group results. There exists an element for each existing unique /// combination of property/values. The element contains a count for the number /// of times those specific property/values appear. #[prost(message, repeated, tag = "1")] pub group_by_results: ::prost::alloc::vec::Vec, /// Time used for executing the groupBy request. #[prost(message, optional, tag = "2")] pub read_time: ::core::option::Option<::prost_types::Timestamp>, /// Token to retrieve the next page of results, or empty if there are no more /// results. #[prost(string, tag = "3")] pub next_page_token: ::prost::alloc::string::String, /// The total number of results matching the query. #[prost(int32, tag = "4")] pub total_size: i32, } /// Result containing the properties and count of a groupBy request. #[derive(Clone, PartialEq, ::prost::Message)] pub struct GroupResult { /// Properties matching the groupBy fields in the request. #[prost(map = "string, message", tag = "1")] pub properties: ::std::collections::HashMap<::prost::alloc::string::String, ::prost_types::Value>, /// Total count of resources for the given properties. #[prost(int64, tag = "2")] pub count: i64, } /// Request message for listing mute configs at a given scope e.g. organization, /// folder or project. #[derive(Clone, PartialEq, ::prost::Message)] pub struct ListMuteConfigsRequest { /// Required. The parent, which owns the collection of mute configs. Its format is /// "organizations/\[organization_id\]", "folders/\[folder_id\]", /// "projects/\[project_id\]". #[prost(string, tag = "1")] pub parent: ::prost::alloc::string::String, /// The maximum number of configs to return. The service may return fewer than /// this value. /// If unspecified, at most 10 configs will be returned. /// The maximum value is 1000; values above 1000 will be coerced to 1000. #[prost(int32, tag = "2")] pub page_size: i32, /// A page token, received from a previous `ListMuteConfigs` call. /// Provide this to retrieve the subsequent page. /// /// When paginating, all other parameters provided to `ListMuteConfigs` must /// match the call that provided the page token. #[prost(string, tag = "3")] pub page_token: ::prost::alloc::string::String, } /// Response message for listing mute configs. #[derive(Clone, PartialEq, ::prost::Message)] pub struct ListMuteConfigsResponse { /// The mute configs from the specified parent. #[prost(message, repeated, tag = "1")] pub mute_configs: ::prost::alloc::vec::Vec, /// A token, which can be sent as `page_token` to retrieve the next page. /// If this field is omitted, there are no subsequent pages. #[prost(string, tag = "2")] pub next_page_token: ::prost::alloc::string::String, } /// Request message for listing notification configs. #[derive(Clone, PartialEq, ::prost::Message)] pub struct ListNotificationConfigsRequest { /// Required. Name of the organization to list notification configs. /// Its format is "organizations/\[organization_id\]". #[prost(string, tag = "1")] pub parent: ::prost::alloc::string::String, /// The value returned by the last `ListNotificationConfigsResponse`; indicates /// that this is a continuation of a prior `ListNotificationConfigs` call, and /// that the system should return the next page of data. #[prost(string, tag = "2")] pub page_token: ::prost::alloc::string::String, /// The maximum number of results to return in a single response. Default is /// 10, minimum is 1, maximum is 1000. #[prost(int32, tag = "3")] pub page_size: i32, } /// Response message for listing notification configs. #[derive(Clone, PartialEq, ::prost::Message)] pub struct ListNotificationConfigsResponse { /// Notification configs belonging to the requested parent. #[prost(message, repeated, tag = "1")] pub notification_configs: ::prost::alloc::vec::Vec, /// Token to retrieve the next page of results, or empty if there are no more /// results. #[prost(string, tag = "2")] pub next_page_token: ::prost::alloc::string::String, } /// Request message for listing sources. #[derive(Clone, PartialEq, ::prost::Message)] pub struct ListSourcesRequest { /// Required. Resource name of the parent of sources to list. Its format should be /// "organizations/\[organization_id\], folders/\[folder_id\], or /// projects/\[project_id\]". #[prost(string, tag = "1")] pub parent: ::prost::alloc::string::String, /// The value returned by the last `ListSourcesResponse`; indicates /// that this is a continuation of a prior `ListSources` call, and /// that the system should return the next page of data. #[prost(string, tag = "2")] pub page_token: ::prost::alloc::string::String, /// The maximum number of results to return in a single response. Default is /// 10, minimum is 1, maximum is 1000. #[prost(int32, tag = "7")] pub page_size: i32, } /// Response message for listing sources. #[derive(Clone, PartialEq, ::prost::Message)] pub struct ListSourcesResponse { /// Sources belonging to the requested parent. #[prost(message, repeated, tag = "1")] pub sources: ::prost::alloc::vec::Vec, /// Token to retrieve the next page of results, or empty if there are no more /// results. #[prost(string, tag = "2")] pub next_page_token: ::prost::alloc::string::String, } /// Request message for listing assets. #[derive(Clone, PartialEq, ::prost::Message)] pub struct ListAssetsRequest { /// Required. Name of the organization assets should belong to. Its format is /// "organizations/\[organization_id\], folders/\[folder_id\], or /// projects/\[project_id\]". #[prost(string, tag = "1")] pub parent: ::prost::alloc::string::String, /// Expression that defines the filter to apply across assets. /// The expression is a list of zero or more restrictions combined via logical /// operators `AND` and `OR`. /// Parentheses are supported, and `OR` has higher precedence than `AND`. /// /// Restrictions have the form ` ` and may have a `-` /// character in front of them to indicate negation. The fields map to those /// defined in the Asset resource. Examples include: /// /// * name /// * security_center_properties.resource_name /// * resource_properties.a_property /// * security_marks.marks.marka /// /// The supported operators are: /// /// * `=` for all value types. /// * `>`, `<`, `>=`, `<=` for integer values. /// * `:`, meaning substring matching, for strings. /// /// The supported value types are: /// /// * string literals in quotes. /// * integer literals without quotes. /// * boolean literals `true` and `false` without quotes. /// /// The following are the allowed field and operator combinations: /// /// * name: `=` /// * update_time: `=`, `>`, `<`, `>=`, `<=` /// /// Usage: This should be milliseconds since epoch or an RFC3339 string. /// Examples: /// `update_time = "2019-06-10T16:07:18-07:00"` /// `update_time = 1560208038000` /// /// * create_time: `=`, `>`, `<`, `>=`, `<=` /// /// Usage: This should be milliseconds since epoch or an RFC3339 string. /// Examples: /// `create_time = "2019-06-10T16:07:18-07:00"` /// `create_time = 1560208038000` /// /// * iam_policy.policy_blob: `=`, `:` /// * resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=` /// * security_marks.marks: `=`, `:` /// * security_center_properties.resource_name: `=`, `:` /// * security_center_properties.resource_display_name: `=`, `:` /// * security_center_properties.resource_type: `=`, `:` /// * security_center_properties.resource_parent: `=`, `:` /// * security_center_properties.resource_parent_display_name: `=`, `:` /// * security_center_properties.resource_project: `=`, `:` /// * security_center_properties.resource_project_display_name: `=`, `:` /// * security_center_properties.resource_owners: `=`, `:` /// /// For example, `resource_properties.size = 100` is a valid filter string. /// /// Use a partial match on the empty string to filter based on a property /// existing: `resource_properties.my_property : ""` /// /// Use a negated partial match on the empty string to filter based on a /// property not existing: `-resource_properties.my_property : ""` #[prost(string, tag = "2")] pub filter: ::prost::alloc::string::String, /// Expression that defines what fields and order to use for sorting. The /// string value should follow SQL syntax: comma separated list of fields. For /// example: "name,resource_properties.a_property". The default sorting order /// is ascending. To specify descending order for a field, a suffix " desc" /// should be appended to the field name. For example: "name /// desc,resource_properties.a_property". Redundant space characters in the /// syntax are insignificant. "name desc,resource_properties.a_property" and " /// name desc , resource_properties.a_property " are equivalent. /// /// The following fields are supported: /// name /// update_time /// resource_properties /// security_marks.marks /// security_center_properties.resource_name /// security_center_properties.resource_display_name /// security_center_properties.resource_parent /// security_center_properties.resource_parent_display_name /// security_center_properties.resource_project /// security_center_properties.resource_project_display_name /// security_center_properties.resource_type #[prost(string, tag = "3")] pub order_by: ::prost::alloc::string::String, /// Time used as a reference point when filtering assets. The filter is limited /// to assets existing at the supplied time and their values are those at that /// specific time. Absence of this field will default to the API's version of /// NOW. #[prost(message, optional, tag = "4")] pub read_time: ::core::option::Option<::prost_types::Timestamp>, /// When compare_duration is set, the ListAssetsResult's "state_change" /// attribute is updated to indicate whether the asset was added, removed, or /// remained present during the compare_duration period of time that precedes /// the read_time. This is the time between (read_time - compare_duration) and /// read_time. /// /// The state_change value is derived based on the presence of the asset at the /// two points in time. Intermediate state changes between the two times don't /// affect the result. For example, the results aren't affected if the asset is /// removed and re-created again. /// /// Possible "state_change" values when compare_duration is specified: /// /// * "ADDED": indicates that the asset was not present at the start of /// compare_duration, but present at read_time. /// * "REMOVED": indicates that the asset was present at the start of /// compare_duration, but not present at read_time. /// * "ACTIVE": indicates that the asset was present at both the /// start and the end of the time period defined by /// compare_duration and read_time. /// /// If compare_duration is not specified, then the only possible state_change /// is "UNUSED", which will be the state_change set for all assets present at /// read_time. #[prost(message, optional, tag = "5")] pub compare_duration: ::core::option::Option<::prost_types::Duration>, /// A field mask to specify the ListAssetsResult fields to be listed in the /// response. /// An empty field mask will list all fields. #[prost(message, optional, tag = "7")] pub field_mask: ::core::option::Option<::prost_types::FieldMask>, /// The value returned by the last `ListAssetsResponse`; indicates /// that this is a continuation of a prior `ListAssets` call, and /// that the system should return the next page of data. #[prost(string, tag = "8")] pub page_token: ::prost::alloc::string::String, /// The maximum number of results to return in a single response. Default is /// 10, minimum is 1, maximum is 1000. #[prost(int32, tag = "9")] pub page_size: i32, } /// Response message for listing assets. #[derive(Clone, PartialEq, ::prost::Message)] pub struct ListAssetsResponse { /// Assets matching the list request. #[prost(message, repeated, tag = "1")] pub list_assets_results: ::prost::alloc::vec::Vec, /// Time used for executing the list request. #[prost(message, optional, tag = "2")] pub read_time: ::core::option::Option<::prost_types::Timestamp>, /// Token to retrieve the next page of results, or empty if there are no more /// results. #[prost(string, tag = "3")] pub next_page_token: ::prost::alloc::string::String, /// The total number of assets matching the query. #[prost(int32, tag = "4")] pub total_size: i32, } /// Nested message and enum types in `ListAssetsResponse`. pub mod list_assets_response { /// Result containing the Asset and its State. #[derive(Clone, PartialEq, ::prost::Message)] pub struct ListAssetsResult { /// Asset matching the search request. #[prost(message, optional, tag = "1")] pub asset: ::core::option::Option, /// State change of the asset between the points in time. #[prost(enumeration = "list_assets_result::StateChange", tag = "2")] pub state_change: i32, } /// Nested message and enum types in `ListAssetsResult`. pub mod list_assets_result { /// The change in state of the asset. /// /// When querying across two points in time this describes /// the change between the two points: ADDED, REMOVED, or ACTIVE. /// If there was no compare_duration supplied in the request the state change /// will be: UNUSED #[derive( Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration, )] #[repr(i32)] pub enum StateChange { /// State change is unused, this is the canonical default for this enum. Unused = 0, /// Asset was added between the points in time. Added = 1, /// Asset was removed between the points in time. Removed = 2, /// Asset was present at both point(s) in time. Active = 3, } } } /// Request message for listing findings. #[derive(Clone, PartialEq, ::prost::Message)] pub struct ListFindingsRequest { /// Required. Name of the source the findings belong to. Its format is /// "organizations/\[organization_id]/sources/[source_id\], /// folders/\[folder_id]/sources/[source_id\], or /// projects/\[project_id]/sources/[source_id\]". To list across all sources /// provide a source_id of `-`. For example: /// organizations/{organization_id}/sources/-, folders/{folder_id}/sources/- or /// projects/{projects_id}/sources/- #[prost(string, tag = "1")] pub parent: ::prost::alloc::string::String, /// Expression that defines the filter to apply across findings. /// The expression is a list of one or more restrictions combined via logical /// operators `AND` and `OR`. /// Parentheses are supported, and `OR` has higher precedence than `AND`. /// /// Restrictions have the form ` ` and may have a `-` /// character in front of them to indicate negation. Examples include: /// /// * name /// * source_properties.a_property /// * security_marks.marks.marka /// /// The supported operators are: /// /// * `=` for all value types. /// * `>`, `<`, `>=`, `<=` for integer values. /// * `:`, meaning substring matching, for strings. /// /// The supported value types are: /// /// * string literals in quotes. /// * integer literals without quotes. /// * boolean literals `true` and `false` without quotes. /// /// The following field and operator combinations are supported: /// /// * name: `=` /// * parent: `=`, `:` /// * resource_name: `=`, `:` /// * state: `=`, `:` /// * category: `=`, `:` /// * external_uri: `=`, `:` /// * event_time: `=`, `>`, `<`, `>=`, `<=` /// /// Usage: This should be milliseconds since epoch or an RFC3339 string. /// Examples: /// `event_time = "2019-06-10T16:07:18-07:00"` /// `event_time = 1560208038000` /// /// * severity: `=`, `:` /// * workflow_state: `=`, `:` /// * security_marks.marks: `=`, `:` /// * source_properties: `=`, `:`, `>`, `<`, `>=`, `<=` /// /// For example, `source_properties.size = 100` is a valid filter string. /// /// Use a partial match on the empty string to filter based on a property /// existing: `source_properties.my_property : ""` /// /// Use a negated partial match on the empty string to filter based on a /// property not existing: `-source_properties.my_property : ""` /// /// * resource: /// * resource.name: `=`, `:` /// * resource.parent_name: `=`, `:` /// * resource.parent_display_name: `=`, `:` /// * resource.project_name: `=`, `:` /// * resource.project_display_name: `=`, `:` /// * resource.type: `=`, `:` /// * resource.folders.resource_folder: `=`, `:` /// * resource.display_name: `=`, `:` #[prost(string, tag = "2")] pub filter: ::prost::alloc::string::String, /// Expression that defines what fields and order to use for sorting. The /// string value should follow SQL syntax: comma separated list of fields. For /// example: "name,resource_properties.a_property". The default sorting order /// is ascending. To specify descending order for a field, a suffix " desc" /// should be appended to the field name. For example: "name /// desc,source_properties.a_property". Redundant space characters in the /// syntax are insignificant. "name desc,source_properties.a_property" and " /// name desc , source_properties.a_property " are equivalent. /// /// The following fields are supported: /// name /// parent /// state /// category /// resource_name /// event_time /// source_properties /// security_marks.marks #[prost(string, tag = "3")] pub order_by: ::prost::alloc::string::String, /// Time used as a reference point when filtering findings. The filter is /// limited to findings existing at the supplied time and their values are /// those at that specific time. Absence of this field will default to the /// API's version of NOW. #[prost(message, optional, tag = "4")] pub read_time: ::core::option::Option<::prost_types::Timestamp>, /// When compare_duration is set, the ListFindingsResult's "state_change" /// attribute is updated to indicate whether the finding had its state changed, /// the finding's state remained unchanged, or if the finding was added in any /// state during the compare_duration period of time that precedes the /// read_time. This is the time between (read_time - compare_duration) and /// read_time. /// /// The state_change value is derived based on the presence and state of the /// finding at the two points in time. Intermediate state changes between the /// two times don't affect the result. For example, the results aren't affected /// if the finding is made inactive and then active again. /// /// Possible "state_change" values when compare_duration is specified: /// /// * "CHANGED": indicates that the finding was present and matched the given /// filter at the start of compare_duration, but changed its /// state at read_time. /// * "UNCHANGED": indicates that the finding was present and matched the given /// filter at the start of compare_duration and did not change /// state at read_time. /// * "ADDED": indicates that the finding did not match the given filter or /// was not present at the start of compare_duration, but was /// present at read_time. /// * "REMOVED": indicates that the finding was present and matched the /// filter at the start of compare_duration, but did not match /// the filter at read_time. /// /// If compare_duration is not specified, then the only possible state_change /// is "UNUSED", which will be the state_change set for all findings present at /// read_time. #[prost(message, optional, tag = "5")] pub compare_duration: ::core::option::Option<::prost_types::Duration>, /// A field mask to specify the Finding fields to be listed in the response. /// An empty field mask will list all fields. #[prost(message, optional, tag = "7")] pub field_mask: ::core::option::Option<::prost_types::FieldMask>, /// The value returned by the last `ListFindingsResponse`; indicates /// that this is a continuation of a prior `ListFindings` call, and /// that the system should return the next page of data. #[prost(string, tag = "8")] pub page_token: ::prost::alloc::string::String, /// The maximum number of results to return in a single response. Default is /// 10, minimum is 1, maximum is 1000. #[prost(int32, tag = "9")] pub page_size: i32, } /// Response message for listing findings. #[derive(Clone, PartialEq, ::prost::Message)] pub struct ListFindingsResponse { /// Findings matching the list request. #[prost(message, repeated, tag = "1")] pub list_findings_results: ::prost::alloc::vec::Vec, /// Time used for executing the list request. #[prost(message, optional, tag = "2")] pub read_time: ::core::option::Option<::prost_types::Timestamp>, /// Token to retrieve the next page of results, or empty if there are no more /// results. #[prost(string, tag = "3")] pub next_page_token: ::prost::alloc::string::String, /// The total number of findings matching the query. #[prost(int32, tag = "4")] pub total_size: i32, } /// Nested message and enum types in `ListFindingsResponse`. pub mod list_findings_response { /// Result containing the Finding and its StateChange. #[derive(Clone, PartialEq, ::prost::Message)] pub struct ListFindingsResult { /// Finding matching the search request. #[prost(message, optional, tag = "1")] pub finding: ::core::option::Option, /// State change of the finding between the points in time. #[prost(enumeration = "list_findings_result::StateChange", tag = "2")] pub state_change: i32, /// Output only. Resource that is associated with this finding. #[prost(message, optional, tag = "3")] pub resource: ::core::option::Option, } /// Nested message and enum types in `ListFindingsResult`. pub mod list_findings_result { /// Information related to the Google Cloud resource that is /// associated with this finding. #[derive(Clone, PartialEq, ::prost::Message)] pub struct Resource { /// The full resource name of the resource. See: /// #[prost(string, tag = "1")] pub name: ::prost::alloc::string::String, /// The full resource name of project that the resource belongs to. #[prost(string, tag = "2")] pub project_name: ::prost::alloc::string::String, /// The human readable name of project that the resource belongs to. #[prost(string, tag = "3")] pub project_display_name: ::prost::alloc::string::String, /// The full resource name of resource's parent. #[prost(string, tag = "4")] pub parent_name: ::prost::alloc::string::String, /// The human readable name of resource's parent. #[prost(string, tag = "5")] pub parent_display_name: ::prost::alloc::string::String, /// The full resource type of the resource. #[prost(string, tag = "6")] pub r#type: ::prost::alloc::string::String, /// Contains a Folder message for each folder in the assets ancestry. /// The first folder is the deepest nested folder, and the last folder is /// the folder directly under the Organization. #[prost(message, repeated, tag = "7")] pub folders: ::prost::alloc::vec::Vec, /// The human readable name of the resource. #[prost(string, tag = "8")] pub display_name: ::prost::alloc::string::String, } /// The change in state of the finding. /// /// When querying across two points in time this describes /// the change in the finding between the two points: CHANGED, UNCHANGED, /// ADDED, or REMOVED. Findings can not be deleted, so REMOVED implies that /// the finding at timestamp does not match the filter specified, but it did /// at timestamp - compare_duration. If there was no compare_duration /// supplied in the request the state change will be: UNUSED #[derive( Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration, )] #[repr(i32)] pub enum StateChange { /// State change is unused, this is the canonical default for this enum. Unused = 0, /// The finding has changed state in some way between the points in time /// and existed at both points. Changed = 1, /// The finding has not changed state between the points in time and /// existed at both points. Unchanged = 2, /// The finding was created between the points in time. Added = 3, /// The finding at timestamp does not match the filter specified, but it /// did at timestamp - compare_duration. Removed = 4, } } } /// Request message for updating a finding's state. #[derive(Clone, PartialEq, ::prost::Message)] pub struct SetFindingStateRequest { /// Required. The relative resource name of the finding. See: /// /// Example: /// "organizations/{organization_id}/sources/{source_id}/finding/{finding_id}". #[prost(string, tag = "1")] pub name: ::prost::alloc::string::String, /// Required. The desired State of the finding. #[prost(enumeration = "finding::State", tag = "2")] pub state: i32, /// Required. The time at which the updated state takes effect. #[prost(message, optional, tag = "3")] pub start_time: ::core::option::Option<::prost_types::Timestamp>, } /// Request message for updating a finding's mute status. #[derive(Clone, PartialEq, ::prost::Message)] pub struct SetMuteRequest { /// Required. The relative resource name of the finding. See: /// /// Example: /// "organizations/{organization_id}/sources/{source_id}/finding/{finding_id}", /// "folders/{folder_id}/sources/{source_id}/finding/{finding_id}", /// "projects/{project_id}/sources/{source_id}/finding/{finding_id}". #[prost(string, tag = "1")] pub name: ::prost::alloc::string::String, /// Required. The desired state of the Mute. #[prost(enumeration = "finding::Mute", tag = "2")] pub mute: i32, } /// Request message for running asset discovery for an organization. #[derive(Clone, PartialEq, ::prost::Message)] pub struct RunAssetDiscoveryRequest { /// Required. Name of the organization to run asset discovery for. Its format is /// "organizations/\[organization_id\]". #[prost(string, tag = "1")] pub parent: ::prost::alloc::string::String, } /// Request message for updating a ExternalSystem resource. #[derive(Clone, PartialEq, ::prost::Message)] pub struct UpdateExternalSystemRequest { /// Required. The external system resource to update. #[prost(message, optional, tag = "1")] pub external_system: ::core::option::Option, /// The FieldMask to use when updating the external system resource. /// /// If empty all mutable fields will be updated. #[prost(message, optional, tag = "2")] pub update_mask: ::core::option::Option<::prost_types::FieldMask>, } /// Request message for updating or creating a finding. #[derive(Clone, PartialEq, ::prost::Message)] pub struct UpdateFindingRequest { /// Required. The finding resource to update or create if it does not already exist. /// parent, security_marks, and update_time will be ignored. /// /// In the case of creation, the finding id portion of the name must be /// alphanumeric and less than or equal to 32 characters and greater than 0 /// characters in length. #[prost(message, optional, tag = "1")] pub finding: ::core::option::Option, /// The FieldMask to use when updating the finding resource. This field should /// not be specified when creating a finding. /// /// When updating a finding, an empty mask is treated as updating all mutable /// fields and replacing source_properties. Individual source_properties can /// be added/updated by using "source_properties." in the field /// mask. #[prost(message, optional, tag = "2")] pub update_mask: ::core::option::Option<::prost_types::FieldMask>, } /// Request message for updating a mute config. #[derive(Clone, PartialEq, ::prost::Message)] pub struct UpdateMuteConfigRequest { /// Required. The mute config being updated. #[prost(message, optional, tag = "1")] pub mute_config: ::core::option::Option, /// The list of fields to be updated. /// If empty all mutable fields will be updated. #[prost(message, optional, tag = "2")] pub update_mask: ::core::option::Option<::prost_types::FieldMask>, } /// Request message for updating a notification config. #[derive(Clone, PartialEq, ::prost::Message)] pub struct UpdateNotificationConfigRequest { /// Required. The notification config to update. #[prost(message, optional, tag = "1")] pub notification_config: ::core::option::Option, /// The FieldMask to use when updating the notification config. /// /// If empty all mutable fields will be updated. #[prost(message, optional, tag = "2")] pub update_mask: ::core::option::Option<::prost_types::FieldMask>, } /// Request message for updating an organization's settings. #[derive(Clone, PartialEq, ::prost::Message)] pub struct UpdateOrganizationSettingsRequest { /// Required. The organization settings resource to update. #[prost(message, optional, tag = "1")] pub organization_settings: ::core::option::Option, /// The FieldMask to use when updating the settings resource. /// /// If empty all mutable fields will be updated. #[prost(message, optional, tag = "2")] pub update_mask: ::core::option::Option<::prost_types::FieldMask>, } /// Request message for updating a source. #[derive(Clone, PartialEq, ::prost::Message)] pub struct UpdateSourceRequest { /// Required. The source resource to update. #[prost(message, optional, tag = "1")] pub source: ::core::option::Option, /// The FieldMask to use when updating the source resource. /// /// If empty all mutable fields will be updated. #[prost(message, optional, tag = "2")] pub update_mask: ::core::option::Option<::prost_types::FieldMask>, } /// Request message for updating a SecurityMarks resource. #[derive(Clone, PartialEq, ::prost::Message)] pub struct UpdateSecurityMarksRequest { /// Required. The security marks resource to update. #[prost(message, optional, tag = "1")] pub security_marks: ::core::option::Option, /// The FieldMask to use when updating the security marks resource. /// /// The field mask must not contain duplicate fields. /// If empty or set to "marks", all marks will be replaced. Individual /// marks can be updated using "marks.". #[prost(message, optional, tag = "2")] pub update_mask: ::core::option::Option<::prost_types::FieldMask>, /// The time at which the updated SecurityMarks take effect. /// If not set uses current server time. Updates will be applied to the /// SecurityMarks that are active immediately preceding this time. #[prost(message, optional, tag = "3")] pub start_time: ::core::option::Option<::prost_types::Timestamp>, } #[doc = r" Generated client implementations."] pub mod security_center_client { #![allow(unused_variables, dead_code, missing_docs, clippy::let_unit_value)] use tonic::codegen::*; #[doc = " V1 APIs for Security Center service."] #[derive(Debug, Clone)] pub struct SecurityCenterClient { inner: tonic::client::Grpc, } impl SecurityCenterClient where T: tonic::client::GrpcService, T::ResponseBody: Body + Send + 'static, T::Error: Into, ::Error: Into + Send, { pub fn new(inner: T) -> Self { let inner = tonic::client::Grpc::new(inner); Self { inner } } pub fn with_interceptor( inner: T, interceptor: F, ) -> SecurityCenterClient> where F: tonic::service::Interceptor, T: tonic::codegen::Service< http::Request, Response = http::Response< >::ResponseBody, >, >, >>::Error: Into + Send + Sync, { SecurityCenterClient::new(InterceptedService::new(inner, interceptor)) } #[doc = r" Compress requests with `gzip`."] #[doc = r""] #[doc = r" This requires the server to support it otherwise it might respond with an"] #[doc = r" error."] pub fn send_gzip(mut self) -> Self { self.inner = self.inner.send_gzip(); self } #[doc = r" Enable decompressing responses with `gzip`."] pub fn accept_gzip(mut self) -> Self { self.inner = self.inner.accept_gzip(); self } #[doc = " Kicks off an LRO to bulk mute findings for a parent based on a filter. The"] #[doc = " parent can be either an organization, folder or project. The findings"] #[doc = " matched by the filter will be muted after the LRO is done."] pub async fn bulk_mute_findings( &mut self, request: impl tonic::IntoRequest, ) -> Result< tonic::Response, tonic::Status, > { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/BulkMuteFindings", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Creates a source."] pub async fn create_source( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/CreateSource", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Creates a finding. The corresponding source must exist for finding creation"] #[doc = " to succeed."] pub async fn create_finding( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/CreateFinding", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Creates a mute config."] pub async fn create_mute_config( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/CreateMuteConfig", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Creates a notification config."] pub async fn create_notification_config( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/CreateNotificationConfig", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Deletes an existing mute config."] pub async fn delete_mute_config( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/DeleteMuteConfig", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Deletes a notification config."] pub async fn delete_notification_config( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/DeleteNotificationConfig", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Gets the access control policy on the specified Source."] pub async fn get_iam_policy( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/GetIamPolicy", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Gets a mute config."] pub async fn get_mute_config( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/GetMuteConfig", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Gets a notification config."] pub async fn get_notification_config( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/GetNotificationConfig", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Gets the settings for an organization."] pub async fn get_organization_settings( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/GetOrganizationSettings", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Gets a source."] pub async fn get_source( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/GetSource", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Filters an organization's assets and groups them by their specified"] #[doc = " properties."] pub async fn group_assets( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/GroupAssets", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Filters an organization or source's findings and groups them by their"] #[doc = " specified properties."] #[doc = ""] #[doc = " To group across all sources provide a `-` as the source id."] #[doc = " Example: /v1/organizations/{organization_id}/sources/-/findings,"] #[doc = " /v1/folders/{folder_id}/sources/-/findings,"] #[doc = " /v1/projects/{project_id}/sources/-/findings"] pub async fn group_findings( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/GroupFindings", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Lists an organization's assets."] pub async fn list_assets( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/ListAssets", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Lists an organization or source's findings."] #[doc = ""] #[doc = " To list across all sources provide a `-` as the source id."] #[doc = " Example: /v1/organizations/{organization_id}/sources/-/findings"] pub async fn list_findings( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/ListFindings", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Lists mute configs."] pub async fn list_mute_configs( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/ListMuteConfigs", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Lists notification configs."] pub async fn list_notification_configs( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/ListNotificationConfigs", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Lists all sources belonging to an organization."] pub async fn list_sources( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/ListSources", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Runs asset discovery. The discovery is tracked with a long-running"] #[doc = " operation."] #[doc = ""] #[doc = " This API can only be called with limited frequency for an organization. If"] #[doc = " it is called too frequently the caller will receive a TOO_MANY_REQUESTS"] #[doc = " error."] pub async fn run_asset_discovery( &mut self, request: impl tonic::IntoRequest, ) -> Result< tonic::Response, tonic::Status, > { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/RunAssetDiscovery", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Updates the state of a finding."] pub async fn set_finding_state( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/SetFindingState", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Updates the mute state of a finding."] pub async fn set_mute( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/SetMute", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Sets the access control policy on the specified Source."] pub async fn set_iam_policy( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/SetIamPolicy", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Returns the permissions that a caller has on the specified source."] pub async fn test_iam_permissions( &mut self, request: impl tonic::IntoRequest< super::super::super::super::iam::v1::TestIamPermissionsRequest, >, ) -> Result< tonic::Response, tonic::Status, > { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/TestIamPermissions", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Updates external system. This is for a given finding."] pub async fn update_external_system( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/UpdateExternalSystem", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Creates or updates a finding. The corresponding source must exist for a"] #[doc = " finding creation to succeed."] pub async fn update_finding( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/UpdateFinding", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Updates a mute config."] pub async fn update_mute_config( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/UpdateMuteConfig", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = ""] #[doc = " Updates a notification config. The following update"] #[doc = " fields are allowed: description, pubsub_topic, streaming_config.filter"] pub async fn update_notification_config( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/UpdateNotificationConfig", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Updates an organization's settings."] pub async fn update_organization_settings( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/UpdateOrganizationSettings", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Updates a source."] pub async fn update_source( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/UpdateSource", ); self.inner.unary(request.into_request(), path, codec).await } #[doc = " Updates security marks."] pub async fn update_security_marks( &mut self, request: impl tonic::IntoRequest, ) -> Result, tonic::Status> { self.inner.ready().await.map_err(|e| { tonic::Status::new( tonic::Code::Unknown, format!("Service was not ready: {}", e.into()), ) })?; let codec = tonic::codec::ProstCodec::default(); let path = http::uri::PathAndQuery::from_static( "/google.cloud.securitycenter.v1.SecurityCenter/UpdateSecurityMarks", ); self.inner.unary(request.into_request(), path, codec).await } } }