suguo
/
googleapis
0
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Web Security Scanner V1 API 

PiperOrigin-RevId: 309819942
This commit is contained in:
Google APIs 2020-05-04 14:50:12 -07:00 committed by Copybara-Service
parent a737a68e21
commit 4ca990cb1a
14 changed files with 1755 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

371
google/cloud/websecurityscanner/v1/BUILD.bazel Normal file
View File

@ -0,0 +1,371 @@
# This file was automatically generated by BuildFileGenerator
# This is an API workspace, having public visibility by default makes perfect sense.
package(default_visibility = ["//visibility:public"])
##############################################################################
# Common
##############################################################################
load("@rules_proto//proto:defs.bzl", "proto_library")
load("@com_google_googleapis_imports//:imports.bzl", "proto_library_with_info")
proto_library(
name = "websecurityscanner_proto",
srcs = [
"crawled_url.proto",
"finding.proto",
"finding_addon.proto",
"finding_type_stats.proto",
"scan_config.proto",
"scan_config_error.proto",
"scan_run.proto",
"scan_run_error_trace.proto",
"scan_run_warning_trace.proto",
"web_security_scanner.proto",
],
deps = [
"//google/api:annotations_proto",
"//google/api:client_proto",
"//google/api:field_behavior_proto",
"//google/api:resource_proto",
"@com_google_protobuf//:empty_proto",
"@com_google_protobuf//:field_mask_proto",
"@com_google_protobuf//:timestamp_proto",
],
)
proto_library_with_info(
name = "websecurityscanner_proto_with_info",
deps = [
":websecurityscanner_proto",
"//google/cloud:common_resources_proto",
],
)
##############################################################################
# Java
##############################################################################
load(
"@com_google_googleapis_imports//:imports.bzl",
"java_gapic_assembly_gradle_pkg",
"java_gapic_library",
"java_gapic_test",
"java_grpc_library",
"java_proto_library",
)
java_proto_library(
name = "websecurityscanner_java_proto",
deps = [":websecurityscanner_proto"],
)
java_grpc_library(
name = "websecurityscanner_java_grpc",
srcs = [":websecurityscanner_proto"],
deps = [":websecurityscanner_java_proto"],
)
java_gapic_library(
name = "websecurityscanner_java_gapic",
src = ":websecurityscanner_proto_with_info",
gapic_yaml = "websecurityscanner_gapic.yaml",
package = "google.cloud.websecurityscanner.v1",
service_yaml = "websecurityscanner_v1.yaml",
test_deps = [
":websecurityscanner_java_grpc",
],
deps = [
":websecurityscanner_java_proto",
],
)
java_gapic_test(
name = "websecurityscanner_java_gapic_test_suite",
test_classes = [
"com.google.cloud.websecurityscanner.v1.WebSecurityScannerClientTest",
],
runtime_deps = [":websecurityscanner_java_gapic_test"],
)
# Open Source Packages
java_gapic_assembly_gradle_pkg(
name = "google-cloud-websecurityscanner-v1-java",
deps = [
":websecurityscanner_java_gapic",
":websecurityscanner_java_grpc",
":websecurityscanner_java_proto",
":websecurityscanner_proto",
],
)
##############################################################################
# Go
##############################################################################
load(
"@com_google_googleapis_imports//:imports.bzl",
"go_gapic_assembly_pkg",
"go_gapic_library",
"go_proto_library",
"go_test",
)
go_proto_library(
name = "websecurityscanner_go_proto",
compilers = ["@io_bazel_rules_go//proto:go_grpc"],
importpath = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1",
protos = [":websecurityscanner_proto"],
deps = [
"//google/api:annotations_go_proto",
],
)
go_gapic_library(
name = "websecurityscanner_go_gapic",
srcs = [":websecurityscanner_proto_with_info"],
grpc_service_config = "websecurityscanner_grpc_service_config.json",
importpath = "cloud.google.com/go/websecurityscanner/apiv1;websecurityscanner",
service_yaml = "websecurityscanner_v1.yaml",
deps = [
":websecurityscanner_go_proto",
],
)
go_test(
name = "websecurityscanner_go_gapic_test",
srcs = [":websecurityscanner_go_gapic_srcjar_test"],
embed = [":websecurityscanner_go_gapic"],
importpath = "cloud.google.com/go/websecurityscanner/apiv1",
)
# Open Source Packages
go_gapic_assembly_pkg(
name = "gapi-cloud-websecurityscanner-v1-go",
deps = [
":websecurityscanner_go_gapic",
":websecurityscanner_go_gapic_srcjar-test.srcjar",
":websecurityscanner_go_proto",
],
)
##############################################################################
# Python
##############################################################################
load(
"@com_google_googleapis_imports//:imports.bzl",
"moved_proto_library",
"py_gapic_assembly_pkg",
"py_gapic_library",
"py_grpc_library",
"py_proto_library",
)
moved_proto_library(
name = "websecurityscanner_moved_proto",
srcs = [":websecurityscanner_proto"],
deps = [
"//google/api:annotations_proto",
"//google/api:client_proto",
"//google/api:field_behavior_proto",
"//google/api:resource_proto",
"@com_google_protobuf//:empty_proto",
"@com_google_protobuf//:field_mask_proto",
"@com_google_protobuf//:timestamp_proto",
],
)
py_proto_library(
name = "websecurityscanner_py_proto",
plugin = "@protoc_docs_plugin//:docs_plugin",
deps = [":websecurityscanner_moved_proto"],
)
py_grpc_library(
name = "websecurityscanner_py_grpc",
srcs = [":websecurityscanner_moved_proto"],
deps = [":websecurityscanner_py_proto"],
)
py_gapic_library(
name = "websecurityscanner_py_gapic",
src = ":websecurityscanner_proto_with_info",
gapic_yaml = "websecurityscanner_gapic.yaml",
package = "google.cloud.websecurityscanner.v1",
service_yaml = "websecurityscanner_v1.yaml",
deps = [
":websecurityscanner_py_grpc",
":websecurityscanner_py_proto",
],
)
# Open Source Packages
py_gapic_assembly_pkg(
name = "websecurityscanner-v1-py",
deps = [
":websecurityscanner_py_gapic",
":websecurityscanner_py_grpc",
":websecurityscanner_py_proto",
],
)
##############################################################################
# PHP
##############################################################################
load(
"@com_google_googleapis_imports//:imports.bzl",
"php_gapic_assembly_pkg",
"php_gapic_library",
"php_grpc_library",
"php_proto_library",
)
php_proto_library(
name = "websecurityscanner_php_proto",
deps = [":websecurityscanner_proto"],
)
php_grpc_library(
name = "websecurityscanner_php_grpc",
srcs = [":websecurityscanner_proto"],
deps = [":websecurityscanner_php_proto"],
)
php_gapic_library(
name = "websecurityscanner_php_gapic",
src = ":websecurityscanner_proto_with_info",
gapic_yaml = "websecurityscanner_gapic.yaml",
package = "google.cloud.websecurityscanner.v1",
service_yaml = "websecurityscanner_v1.yaml",
deps = [
":websecurityscanner_php_grpc",
":websecurityscanner_php_proto",
],
)
# Open Source Packages
php_gapic_assembly_pkg(
name = "google-cloud-websecurityscanner-v1-php",
deps = [
":websecurityscanner_php_gapic",
":websecurityscanner_php_grpc",
":websecurityscanner_php_proto",
],
)
##############################################################################
# Node.js
##############################################################################
load(
"@com_google_googleapis_imports//:imports.bzl",
"nodejs_gapic_assembly_pkg",
"nodejs_gapic_library",
)
nodejs_gapic_library(
name = "websecurityscanner_nodejs_gapic",
src = ":websecurityscanner_proto_with_info",
gapic_yaml = "websecurityscanner_gapic.yaml",
package = "google.cloud.websecurityscanner.v1",
service_yaml = "websecurityscanner_v1.yaml",
deps = [],
)
nodejs_gapic_assembly_pkg(
name = "websecurityscanner-v1-nodejs",
deps = [
":websecurityscanner_nodejs_gapic",
":websecurityscanner_proto",
],
)
##############################################################################
# Ruby
##############################################################################
load(
"@com_google_googleapis_imports//:imports.bzl",
"ruby_gapic_assembly_pkg",
"ruby_gapic_library",
"ruby_grpc_library",
"ruby_proto_library",
)
ruby_proto_library(
name = "websecurityscanner_ruby_proto",
deps = [":websecurityscanner_proto"],
)
ruby_grpc_library(
name = "websecurityscanner_ruby_grpc",
srcs = [":websecurityscanner_proto"],
deps = [":websecurityscanner_ruby_proto"],
)
ruby_gapic_library(
name = "websecurityscanner_ruby_gapic",
src = ":websecurityscanner_proto_with_info",
gapic_yaml = "websecurityscanner_gapic.yaml",
package = "google.cloud.websecurityscanner.v1",
service_yaml = "websecurityscanner_v1.yaml",
deps = [
":websecurityscanner_ruby_grpc",
":websecurityscanner_ruby_proto",
],
)
# Open Source Packages
ruby_gapic_assembly_pkg(
name = "google-cloud-websecurityscanner-v1-ruby",
deps = [
":websecurityscanner_ruby_gapic",
":websecurityscanner_ruby_grpc",
":websecurityscanner_ruby_proto",
],
)
##############################################################################
# C#
##############################################################################
load(
"@com_google_googleapis_imports//:imports.bzl",
"csharp_gapic_assembly_pkg",
"csharp_gapic_library",
"csharp_grpc_library",
"csharp_proto_library",
)
csharp_proto_library(
name = "websecurityscanner_csharp_proto",
deps = [":websecurityscanner_proto"],
)
csharp_grpc_library(
name = "websecurityscanner_csharp_grpc",
srcs = [":websecurityscanner_proto"],
deps = [":websecurityscanner_csharp_proto"],
)
csharp_gapic_library(
name = "websecurityscanner_csharp_gapic",
src = ":websecurityscanner_proto_with_info",
gapic_yaml = "websecurityscanner_gapic.yaml",
package = "google.cloud.websecurityscanner.v1",
service_yaml = "websecurityscanner_v1.yaml",
deps = [
":websecurityscanner_csharp_grpc",
":websecurityscanner_csharp_proto",
],
)
# Open Source Packages
csharp_gapic_assembly_pkg(
name = "google-cloud-websecurityscanner-v1-csharp",
deps = [
":websecurityscanner_csharp_gapic",
":websecurityscanner_csharp_grpc",
":websecurityscanner_csharp_proto",
],
)
##############################################################################
# C++
##############################################################################
# Put your C++ rules here

37
google/cloud/websecurityscanner/v1/crawled_url.proto Normal file
View File

@ -0,0 +1,37 @@
// Copyright 2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto3";
package google.cloud.websecurityscanner.v1;
option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1;websecurityscanner";
option java_multiple_files = true;
option java_outer_classname = "CrawledUrlProto";
option java_package = "com.google.cloud.websecurityscanner.v1";
// A CrawledUrl resource represents a URL that was crawled during a ScanRun. Web
// Security Scanner Service crawls the web applications, following all links
// within the scope of sites, to find the URLs to test against.
message CrawledUrl {
// Output only. The http method of the request that was used to visit the URL, in
// uppercase.
string http_method = 1;
// Output only. The URL that was crawled.
string url = 2;
// Output only. The body of the request that was used to visit the URL.
string body = 3;
}

116
google/cloud/websecurityscanner/v1/finding.proto Normal file
View File

@ -0,0 +1,116 @@
// Copyright 2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto3";
package google.cloud.websecurityscanner.v1;
import "google/api/field_behavior.proto";
import "google/api/resource.proto";
import "google/cloud/websecurityscanner/v1/finding_addon.proto";
option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1;websecurityscanner";
option java_multiple_files = true;
option java_outer_classname = "FindingProto";
option java_package = "com.google.cloud.websecurityscanner.v1";
// A Finding resource represents a vulnerability instance identified during a
// ScanRun.
message Finding {
option (google.api.resource) = {
type: "websecurityscanner.googleapis.com/Finding"
pattern: "projects/{project}/scanConfigs/{scan_config}/scanRuns/{scan_run}/findings/{finding}"
};
// The severity level of a vulnerability.
enum Severity {
// No severity specified. The default value.
SEVERITY_UNSPECIFIED = 0;
// Critical severity.
CRITICAL = 1;
// High severity.
HIGH = 2;
// Medium severity.
MEDIUM = 3;
// Low severity.
LOW = 4;
}
// Output only. The resource name of the Finding. The name follows the format of
// 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'.
// The finding IDs are generated by the system.
string name = 1;
// Output only. The type of the Finding.
// Detailed and up-to-date information on findings can be found here:
// https://cloud.google.com/security-command-center/docs/how-to-remediate-web-security-scanner-findings
string finding_type = 2;
// Output only. The severity level of the reported vulnerability.
Severity severity = 17 [(google.api.field_behavior) = OUTPUT_ONLY];
// Output only. The http method of the request that triggered the vulnerability, in
// uppercase.
string http_method = 3;
// Output only. The URL produced by the server-side fuzzer and used in the request that
// triggered the vulnerability.
string fuzzed_url = 4;
// Output only. The body of the request that triggered the vulnerability.
string body = 5;
// Output only. The description of the vulnerability.
string description = 6;
// Output only. The URL containing human-readable payload that user can leverage to
// reproduce the vulnerability.
string reproduction_url = 7;
// Output only. If the vulnerability was originated from nested IFrame, the immediate
// parent IFrame is reported.
string frame_url = 8;
// Output only. The URL where the browser lands when the vulnerability is detected.
string final_url = 9;
// Output only. The tracking ID uniquely identifies a vulnerability instance across
// multiple ScanRuns.
string tracking_id = 10;
// Output only. An addon containing information reported for a vulnerability with an HTML
// form, if any.
Form form = 16;
// Output only. An addon containing information about outdated libraries.
OutdatedLibrary outdated_library = 11;
// Output only. An addon containing detailed information regarding any resource causing the
// vulnerability such as JavaScript sources, image, audio files, etc.
ViolatingResource violating_resource = 12;
// Output only. An addon containing information about vulnerable or missing HTTP headers.
VulnerableHeaders vulnerable_headers = 15;
// Output only. An addon containing information about request parameters which were found
// to be vulnerable.
VulnerableParameters vulnerable_parameters = 13;
// Output only. An addon containing information reported for an XSS, if any.
Xss xss = 14;
}

144
google/cloud/websecurityscanner/v1/finding_addon.proto Normal file
View File

@ -0,0 +1,144 @@
// Copyright 2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto3";
package google.cloud.websecurityscanner.v1;
option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1;websecurityscanner";
option java_multiple_files = true;
option java_outer_classname = "FindingAddonProto";
option java_package = "com.google.cloud.websecurityscanner.v1";
// ! Information about a vulnerability with an HTML.
message Form {
// ! The URI where to send the form when it's submitted.
string action_uri = 1;
// ! The names of form fields related to the vulnerability.
repeated string fields = 2;
}
// Information reported for an outdated library.
message OutdatedLibrary {
// The name of the outdated library.
string library_name = 1;
// The version number.
string version = 2;
// URLs to learn more information about the vulnerabilities in the library.
repeated string learn_more_urls = 3;
}
// Information regarding any resource causing the vulnerability such
// as JavaScript sources, image, audio files, etc.
message ViolatingResource {
// The MIME type of this resource.
string content_type = 1;
// URL of this violating resource.
string resource_url = 2;
}
// Information about vulnerable request parameters.
message VulnerableParameters {
// The vulnerable parameter names.
repeated string parameter_names = 1;
}
// Information about vulnerable or missing HTTP Headers.
message VulnerableHeaders {
// Describes a HTTP Header.
message Header {
// Header name.
string name = 1;
// Header value.
string value = 2;
}
// List of vulnerable headers.
repeated Header headers = 1;
// List of missing headers.
repeated Header missing_headers = 2;
}
// Information reported for an XSS.
message Xss {
// Types of XSS attack vector.
enum AttackVector {
// Unknown attack vector.
ATTACK_VECTOR_UNSPECIFIED = 0;
// The attack comes from fuzzing the browser's localStorage.
LOCAL_STORAGE = 1;
// The attack comes from fuzzing the browser's sessionStorage.
SESSION_STORAGE = 2;
// The attack comes from fuzzing the window's name property.
WINDOW_NAME = 3;
// The attack comes from fuzzing the referrer property.
REFERRER = 4;
// The attack comes from fuzzing an input element.
FORM_INPUT = 5;
// The attack comes from fuzzing the browser's cookies.
COOKIE = 6;
// The attack comes from hijacking the post messaging mechanism.
POST_MESSAGE = 7;
// The attack comes from fuzzing parameters in the url.
GET_PARAMETERS = 8;
// The attack comes from fuzzing the fragment in the url.
URL_FRAGMENT = 9;
// The attack comes from fuzzing the HTML comments.
HTML_COMMENT = 10;
// The attack comes from fuzzing the POST parameters.
POST_PARAMETERS = 11;
// The attack comes from fuzzing the protocol.
PROTOCOL = 12;
// The attack comes from the server side and is stored.
STORED_XSS = 13;
// The attack is a Same-Origin Method Execution attack via a GET parameter.
SAME_ORIGIN = 14;
// The attack payload is received from a third-party host via a URL that is
// user-controllable
USER_CONTROLLABLE_URL = 15;
}
// Stack traces leading to the point where the XSS occurred.
repeated string stack_traces = 1;
// An error message generated by a javascript breakage.
string error_message = 2;
// The attack vector of the payload triggering this XSS.
AttackVector attack_vector = 3;
// The reproduction url for the seeding POST request of a Stored XSS.
string stored_xss_seeding_url = 4;
}

32
google/cloud/websecurityscanner/v1/finding_type_stats.proto Normal file
View File

@ -0,0 +1,32 @@
// Copyright 2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto3";
package google.cloud.websecurityscanner.v1;
option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1;websecurityscanner";
option java_multiple_files = true;
option java_outer_classname = "FindingTypeStatsProto";
option java_package = "com.google.cloud.websecurityscanner.v1";
// A FindingTypeStats resource represents stats regarding a specific FindingType
// of Findings under a given ScanRun.
message FindingTypeStats {
// Output only. The finding type associated with the stats.
string finding_type = 1;
// Output only. The count of findings belonging to this finding type.
int32 finding_count = 2;
}

185
google/cloud/websecurityscanner/v1/scan_config.proto Normal file
View File

@ -0,0 +1,185 @@
// Copyright 2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto3";
package google.cloud.websecurityscanner.v1;
import "google/api/field_behavior.proto";
import "google/protobuf/timestamp.proto";
option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1;websecurityscanner";
option java_multiple_files = true;
option java_outer_classname = "ScanConfigProto";
option java_package = "com.google.cloud.websecurityscanner.v1";
// A ScanConfig resource contains the configurations to launch a scan.
message ScanConfig {
// Scan authentication configuration.
message Authentication {
// Describes authentication configuration that uses a Google account.
message GoogleAccount {
// Required. The user name of the Google account.
string username = 1;
// Required. Input only. The password of the Google account. The credential is stored encrypted
// and not returned in any response nor included in audit logs.
string password = 2;
}
// Describes authentication configuration that uses a custom account.
message CustomAccount {
// Required. The user name of the custom account.
string username = 1;
// Required. Input only. The password of the custom account. The credential is stored encrypted
// and not returned in any response nor included in audit logs.
string password = 2;
// Required. The login form URL of the website.
string login_url = 3;
}
// Describes authentication configuration for Identity-Aware-Proxy (IAP).
message IapCredential {
// Describes authentication configuration when Web-Security-Scanner
// service account is added in Identity-Aware-Proxy (IAP) access policies.
message IapTestServiceAccountInfo {
// Required. Describes OAuth2 client id of resources protected by
// Identity-Aware-Proxy (IAP).
string target_audience_client_id = 1 [(google.api.field_behavior) = REQUIRED];
}
// Identity-Aware-Proxy (IAP) Authentication Configuration
oneof iap_credentials {
// Authentication configuration when Web-Security-Scanner service
// account is added in Identity-Aware-Proxy (IAP) access policies.
IapTestServiceAccountInfo iap_test_service_account_info = 1;
}
}
// Required.
// Authentication configuration
oneof authentication {
// Authentication using a Google account.
GoogleAccount google_account = 1;
// Authentication using a custom account.
CustomAccount custom_account = 2;
// Authentication using Identity-Aware-Proxy (IAP).
IapCredential iap_credential = 4;
}
}
// Scan schedule configuration.
message Schedule {
// A timestamp indicates when the next run will be scheduled. The value is
// refreshed by the server after each run. If unspecified, it will default
// to current server time, which means the scan will be scheduled to start
// immediately.
google.protobuf.Timestamp schedule_time = 1;
// Required. The duration of time between executions in days.
int32 interval_duration_days = 2;
}
// Type of user agents used for scanning.
enum UserAgent {
// The user agent is unknown. Service will default to CHROME_LINUX.
USER_AGENT_UNSPECIFIED = 0;
// Chrome on Linux. This is the service default if unspecified.
CHROME_LINUX = 1;
// Chrome on Android.
CHROME_ANDROID = 2;
// Safari on IPhone.
SAFARI_IPHONE = 3;
}
// Scan risk levels supported by Web Security Scanner. LOW impact
// scanning will minimize requests with the potential to modify data. To
// achieve the maximum scan coverage, NORMAL risk level is recommended.
enum RiskLevel {
// Use default, which is NORMAL.
RISK_LEVEL_UNSPECIFIED = 0;
// Normal scanning (Recommended)
NORMAL = 1;
// Lower impact scanning
LOW = 2;
}
// Controls export of scan configurations and results to Security
// Command Center.
enum ExportToSecurityCommandCenter {
// Use default, which is ENABLED.
EXPORT_TO_SECURITY_COMMAND_CENTER_UNSPECIFIED = 0;
// Export results of this scan to Security Command Center.
ENABLED = 1;
// Do not export results of this scan to Security Command Center.
DISABLED = 2;
}
// The resource name of the ScanConfig. The name follows the format of
// 'projects/{projectId}/scanConfigs/{scanConfigId}'. The ScanConfig IDs are
// generated by the system.
string name = 1;
// Required. The user provided display name of the ScanConfig.
string display_name = 2;
// The maximum QPS during scanning. A valid value ranges from 5 to 20
// inclusively. If the field is unspecified or its value is set 0, server will
// default to 15. Other values outside of [5, 20] range will be rejected with
// INVALID_ARGUMENT error.
int32 max_qps = 3;
// Required. The starting URLs from which the scanner finds site pages.
repeated string starting_urls = 4;
// The authentication configuration. If specified, service will use the
// authentication configuration during scanning.
Authentication authentication = 5;
// The user agent used during scanning.
UserAgent user_agent = 6;
// The excluded URL patterns as described in
// https://cloud.google.com/security-command-center/docs/how-to-use-web-security-scanner#excluding_urls
repeated string blacklist_patterns = 7;
// The schedule of the ScanConfig.
Schedule schedule = 8;
// Controls export of scan configurations and results to Security
// Command Center.
ExportToSecurityCommandCenter export_to_security_command_center = 10;
// The risk level selected for the scan
RiskLevel risk_level = 12;
// Whether the scan config is managed by Web Security Scanner, output
// only.
bool managed_scan = 13;
// Whether the scan configuration has enabled static IP address scan feature.
// If enabled, the scanner will access applications from static IP addresses.
bool static_ip_scan = 14;
}

186
google/cloud/websecurityscanner/v1/scan_config_error.proto Normal file
View File

@ -0,0 +1,186 @@
// Copyright 2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto3";
package google.cloud.websecurityscanner.v1;
option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1;websecurityscanner";
option java_multiple_files = true;
option java_outer_classname = "ScanConfigErrorProto";
option java_package = "com.google.cloud.websecurityscanner.v1";
// Defines a custom error message used by CreateScanConfig and UpdateScanConfig
// APIs when scan configuration validation fails. It is also reported as part of
// a ScanRunErrorTrace message if scan validation fails due to a scan
// configuration error.
message ScanConfigError {
// Output only.
// Defines an error reason code.
// Next id: 44
enum Code {
option allow_alias = true;
// There is no error.
CODE_UNSPECIFIED = 0;
// There is no error.
OK = 0;
// Indicates an internal server error.
// Please DO NOT USE THIS ERROR CODE unless the root cause is truly unknown.
INTERNAL_ERROR = 1;
// One of the seed URLs is an App Engine URL but we cannot validate the scan
// settings due to an App Engine API backend error.
APPENGINE_API_BACKEND_ERROR = 2;
// One of the seed URLs is an App Engine URL but we cannot access the
// App Engine API to validate scan settings.
APPENGINE_API_NOT_ACCESSIBLE = 3;
// One of the seed URLs is an App Engine URL but the Default Host of the
// App Engine is not set.
APPENGINE_DEFAULT_HOST_MISSING = 4;
// Google corporate accounts can not be used for scanning.
CANNOT_USE_GOOGLE_COM_ACCOUNT = 6;
// The account of the scan creator can not be used for scanning.
CANNOT_USE_OWNER_ACCOUNT = 7;
// This scan targets Compute Engine, but we cannot validate scan settings
// due to a Compute Engine API backend error.
COMPUTE_API_BACKEND_ERROR = 8;
// This scan targets Compute Engine, but we cannot access the Compute Engine
// API to validate the scan settings.
COMPUTE_API_NOT_ACCESSIBLE = 9;
// The Custom Login URL does not belong to the current project.
CUSTOM_LOGIN_URL_DOES_NOT_BELONG_TO_CURRENT_PROJECT = 10;
// The Custom Login URL is malformed (can not be parsed).
CUSTOM_LOGIN_URL_MALFORMED = 11;
// The Custom Login URL is mapped to a non-routable IP address in DNS.
CUSTOM_LOGIN_URL_MAPPED_TO_NON_ROUTABLE_ADDRESS = 12;
// The Custom Login URL is mapped to an IP address which is not reserved for
// the current project.
CUSTOM_LOGIN_URL_MAPPED_TO_UNRESERVED_ADDRESS = 13;
// The Custom Login URL has a non-routable IP address.
CUSTOM_LOGIN_URL_HAS_NON_ROUTABLE_IP_ADDRESS = 14;
// The Custom Login URL has an IP address which is not reserved for the
// current project.
CUSTOM_LOGIN_URL_HAS_UNRESERVED_IP_ADDRESS = 15;
// Another scan with the same name (case-sensitive) already exists.
DUPLICATE_SCAN_NAME = 16;
// A field is set to an invalid value.
INVALID_FIELD_VALUE = 18;
// There was an error trying to authenticate to the scan target.
FAILED_TO_AUTHENTICATE_TO_TARGET = 19;
// Finding type value is not specified in the list findings request.
FINDING_TYPE_UNSPECIFIED = 20;
// Scan targets Compute Engine, yet current project was not whitelisted for
// Google Compute Engine Scanning Alpha access.
FORBIDDEN_TO_SCAN_COMPUTE = 21;
// User tries to update managed scan
FORBIDDEN_UPDATE_TO_MANAGED_SCAN = 43;
// The supplied filter is malformed. For example, it can not be parsed, does
// not have a filter type in expression, or the same filter type appears
// more than once.
MALFORMED_FILTER = 22;
// The supplied resource name is malformed (can not be parsed).
MALFORMED_RESOURCE_NAME = 23;
// The current project is not in an active state.
PROJECT_INACTIVE = 24;
// A required field is not set.
REQUIRED_FIELD = 25;
// Project id, scanconfig id, scanrun id, or finding id are not consistent
// with each other in resource name.
RESOURCE_NAME_INCONSISTENT = 26;
// The scan being requested to start is already running.
SCAN_ALREADY_RUNNING = 27;
// The scan that was requested to be stopped is not running.
SCAN_NOT_RUNNING = 28;
// One of the seed URLs does not belong to the current project.
SEED_URL_DOES_NOT_BELONG_TO_CURRENT_PROJECT = 29;
// One of the seed URLs is malformed (can not be parsed).
SEED_URL_MALFORMED = 30;
// One of the seed URLs is mapped to a non-routable IP address in DNS.
SEED_URL_MAPPED_TO_NON_ROUTABLE_ADDRESS = 31;
// One of the seed URLs is mapped to an IP address which is not reserved
// for the current project.
SEED_URL_MAPPED_TO_UNRESERVED_ADDRESS = 32;
// One of the seed URLs has on-routable IP address.
SEED_URL_HAS_NON_ROUTABLE_IP_ADDRESS = 33;
// One of the seed URLs has an IP address that is not reserved
// for the current project.
SEED_URL_HAS_UNRESERVED_IP_ADDRESS = 35;
// The Web Security Scanner service account is not configured under the
// project.
SERVICE_ACCOUNT_NOT_CONFIGURED = 36;
// A project has reached the maximum number of scans.
TOO_MANY_SCANS = 37;
// Resolving the details of the current project fails.
UNABLE_TO_RESOLVE_PROJECT_INFO = 38;
// One or more blacklist patterns were in the wrong format.
UNSUPPORTED_BLACKLIST_PATTERN_FORMAT = 39;
// The supplied filter is not supported.
UNSUPPORTED_FILTER = 40;
// The supplied finding type is not supported. For example, we do not
// provide findings of the given finding type.
UNSUPPORTED_FINDING_TYPE = 41;
// The URL scheme of one or more of the supplied URLs is not supported.
UNSUPPORTED_URL_SCHEME = 42;
}
// Output only. Indicates the reason code for a configuration failure.
Code code = 1;
// Output only. Indicates the full name of the ScanConfig field that triggers this error,
// for example "scan_config.max_qps". This field is provided for
// troubleshooting purposes only and its actual value can change in the
// future.
string field_name = 2;
}

107
google/cloud/websecurityscanner/v1/scan_run.proto Normal file
View File

@ -0,0 +1,107 @@
// Copyright 2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto3";
package google.cloud.websecurityscanner.v1;
import "google/cloud/websecurityscanner/v1/scan_run_error_trace.proto";
import "google/cloud/websecurityscanner/v1/scan_run_warning_trace.proto";
import "google/protobuf/timestamp.proto";
option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1;websecurityscanner";
option java_multiple_files = true;
option java_outer_classname = "ScanRunProto";
option java_package = "com.google.cloud.websecurityscanner.v1";
// A ScanRun is a output-only resource representing an actual run of the scan.
// Next id: 12
message ScanRun {
// Types of ScanRun execution state.
enum ExecutionState {
// Represents an invalid state caused by internal server error. This value
// should never be returned.
EXECUTION_STATE_UNSPECIFIED = 0;
// The scan is waiting in the queue.
QUEUED = 1;
// The scan is in progress.
SCANNING = 2;
// The scan is either finished or stopped by user.
FINISHED = 3;
}
// Types of ScanRun result state.
enum ResultState {
// Default value. This value is returned when the ScanRun is not yet
// finished.
RESULT_STATE_UNSPECIFIED = 0;
// The scan finished without errors.
SUCCESS = 1;
// The scan finished with errors.
ERROR = 2;
// The scan was terminated by user.
KILLED = 3;
}
// Output only. The resource name of the ScanRun. The name follows the format of
// 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'.
// The ScanRun IDs are generated by the system.
string name = 1;
// Output only. The execution state of the ScanRun.
ExecutionState execution_state = 2;
// Output only. The result state of the ScanRun. This field is only available after the
// execution state reaches "FINISHED".
ResultState result_state = 3;
// Output only. The time at which the ScanRun started.
google.protobuf.Timestamp start_time = 4;
// Output only. The time at which the ScanRun reached termination state - that the ScanRun
// is either finished or stopped by user.
google.protobuf.Timestamp end_time = 5;
// Output only. The number of URLs crawled during this ScanRun. If the scan is in progress,
// the value represents the number of URLs crawled up to now.
int64 urls_crawled_count = 6;
// Output only. The number of URLs tested during this ScanRun. If the scan is in progress,
// the value represents the number of URLs tested up to now. The number of
// URLs tested is usually larger than the number URLS crawled because
// typically a crawled URL is tested with multiple test payloads.
int64 urls_tested_count = 7;
// Output only. Whether the scan run has found any vulnerabilities.
bool has_vulnerabilities = 8;
// Output only. The percentage of total completion ranging from 0 to 100.
// If the scan is in queue, the value is 0.
// If the scan is running, the value ranges from 0 to 100.
// If the scan is finished, the value is 100.
int32 progress_percent = 9;
// Output only. If result_state is an ERROR, this field provides the primary reason for
// scan's termination and more details, if such are available.
ScanRunErrorTrace error_trace = 10;
// Output only. A list of warnings, if such are encountered during this scan run.
repeated ScanRunWarningTrace warning_traces = 11;
}

72
google/cloud/websecurityscanner/v1/scan_run_error_trace.proto Normal file
View File

@ -0,0 +1,72 @@
// Copyright 2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto3";
package google.cloud.websecurityscanner.v1;
import "google/cloud/websecurityscanner/v1/scan_config_error.proto";
option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1;websecurityscanner";
option java_multiple_files = true;
option java_outer_classname = "ScanRunErrorTraceProto";
option java_package = "com.google.cloud.websecurityscanner.v1";
// Output only.
// Defines an error trace message for a ScanRun.
message ScanRunErrorTrace {
// Output only.
// Defines an error reason code.
// Next id: 7
enum Code {
// Default value is never used.
CODE_UNSPECIFIED = 0;
// Indicates that the scan run failed due to an internal server error.
INTERNAL_ERROR = 1;
// Indicates a scan configuration error, usually due to outdated ScanConfig
// settings, such as starting_urls or the DNS configuration.
SCAN_CONFIG_ISSUE = 2;
// Indicates an authentication error, usually due to outdated ScanConfig
// authentication settings.
AUTHENTICATION_CONFIG_ISSUE = 3;
// Indicates a scan operation timeout, usually caused by a very large site.
TIMED_OUT_WHILE_SCANNING = 4;
// Indicates that a scan encountered excessive redirects, either to
// authentication or some other page outside of the scan scope.
TOO_MANY_REDIRECTS = 5;
// Indicates that a scan encountered numerous errors from the web site
// pages. When available, most_common_http_error_code field indicates the
// most common HTTP error code encountered during the scan.
TOO_MANY_HTTP_ERRORS = 6;
}
// Output only. Indicates the error reason code.
Code code = 1;
// Output only. If the scan encounters SCAN_CONFIG_ISSUE error, this field has the error
// message encountered during scan configuration validation that is performed
// before each scan run.
ScanConfigError scan_config_error = 2;
// Output only. If the scan encounters TOO_MANY_HTTP_ERRORS, this field indicates the most
// common HTTP error code, if such is available. For example, if this code is
// 404, the scan has encountered too many NOT_FOUND responses.
int32 most_common_http_error_code = 3;
}

55
google/cloud/websecurityscanner/v1/scan_run_warning_trace.proto Normal file
View File

@ -0,0 +1,55 @@
// Copyright 2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto3";
package google.cloud.websecurityscanner.v1;
option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1;websecurityscanner";
option java_multiple_files = true;
option java_outer_classname = "ScanRunWarningTraceProto";
option java_package = "com.google.cloud.websecurityscanner.v1";
// Output only.
// Defines a warning trace message for ScanRun. Warning traces provide customers
// with useful information that helps make the scanning process more effective.
message ScanRunWarningTrace {
// Output only.
// Defines a warning message code.
// Next id: 6
enum Code {
// Default value is never used.
CODE_UNSPECIFIED = 0;
// Indicates that a scan discovered an unexpectedly low number of URLs. This
// is sometimes caused by complex navigation features or by using a single
// URL for numerous pages.
INSUFFICIENT_CRAWL_RESULTS = 1;
// Indicates that a scan discovered too many URLs to test, or excessive
// redundant URLs.
TOO_MANY_CRAWL_RESULTS = 2;
// Indicates that too many tests have been generated for the scan. Customer
// should try reducing the number of starting URLs, increasing the QPS rate,
// or narrowing down the scope of the scan using the excluded patterns.
TOO_MANY_FUZZ_TASKS = 3;
// Indicates that a scan is blocked by IAP.
BLOCKED_BY_IAP = 4;
}
// Output only. Indicates the warning code.
Code code = 1;
}

334
google/cloud/websecurityscanner/v1/web_security_scanner.proto Normal file
View File

@ -0,0 +1,334 @@
// Copyright 2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto3";
package google.cloud.websecurityscanner.v1;
import "google/api/annotations.proto";
import "google/cloud/websecurityscanner/v1/crawled_url.proto";
import "google/cloud/websecurityscanner/v1/finding.proto";
import "google/cloud/websecurityscanner/v1/finding_type_stats.proto";
import "google/cloud/websecurityscanner/v1/scan_config.proto";
import "google/cloud/websecurityscanner/v1/scan_run.proto";
import "google/protobuf/empty.proto";
import "google/protobuf/field_mask.proto";
import "google/api/client.proto";
option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1;websecurityscanner";
option java_multiple_files = true;
option java_outer_classname = "WebSecurityScannerProto";
option java_package = "com.google.cloud.websecurityscanner.v1";
// Web Security Scanner Service identifies security vulnerabilities in web
// applications hosted on Google Cloud. It crawls your application, and
// attempts to exercise as many user inputs and event handlers as possible.
service WebSecurityScanner {
option (google.api.default_host) = "websecurityscanner.googleapis.com";
option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform";
// Creates a new ScanConfig.
rpc CreateScanConfig(CreateScanConfigRequest) returns (ScanConfig) {
option (google.api.http) = {
post: "/v1/{parent=projects/*}/scanConfigs"
body: "scan_config"
};
}
// Deletes an existing ScanConfig and its child resources.
rpc DeleteScanConfig(DeleteScanConfigRequest) returns (google.protobuf.Empty) {
option (google.api.http) = {
delete: "/v1/{name=projects/*/scanConfigs/*}"
};
}
// Gets a ScanConfig.
rpc GetScanConfig(GetScanConfigRequest) returns (ScanConfig) {
option (google.api.http) = {
get: "/v1/{name=projects/*/scanConfigs/*}"
};
}
// Lists ScanConfigs under a given project.
rpc ListScanConfigs(ListScanConfigsRequest) returns (ListScanConfigsResponse) {
option (google.api.http) = {
get: "/v1/{parent=projects/*}/scanConfigs"
};
}
// Updates a ScanConfig. This method support partial update of a ScanConfig.
rpc UpdateScanConfig(UpdateScanConfigRequest) returns (ScanConfig) {
option (google.api.http) = {
patch: "/v1/{scan_config.name=projects/*/scanConfigs/*}"
body: "scan_config"
};
}
// Start a ScanRun according to the given ScanConfig.
rpc StartScanRun(StartScanRunRequest) returns (ScanRun) {
option (google.api.http) = {
post: "/v1/{name=projects/*/scanConfigs/*}:start"
body: "*"
};
}
// Gets a ScanRun.
rpc GetScanRun(GetScanRunRequest) returns (ScanRun) {
option (google.api.http) = {
get: "/v1/{name=projects/*/scanConfigs/*/scanRuns/*}"
};
}
// Lists ScanRuns under a given ScanConfig, in descending order of ScanRun
// stop time.
rpc ListScanRuns(ListScanRunsRequest) returns (ListScanRunsResponse) {
option (google.api.http) = {
get: "/v1/{parent=projects/*/scanConfigs/*}/scanRuns"
};
}
// Stops a ScanRun. The stopped ScanRun is returned.
rpc StopScanRun(StopScanRunRequest) returns (ScanRun) {
option (google.api.http) = {
post: "/v1/{name=projects/*/scanConfigs/*/scanRuns/*}:stop"
body: "*"
};
}
// List CrawledUrls under a given ScanRun.
rpc ListCrawledUrls(ListCrawledUrlsRequest) returns (ListCrawledUrlsResponse) {
option (google.api.http) = {
get: "/v1/{parent=projects/*/scanConfigs/*/scanRuns/*}/crawledUrls"
};
}
// Gets a Finding.
rpc GetFinding(GetFindingRequest) returns (Finding) {
option (google.api.http) = {
get: "/v1/{name=projects/*/scanConfigs/*/scanRuns/*/findings/*}"
};
}
// List Findings under a given ScanRun.
rpc ListFindings(ListFindingsRequest) returns (ListFindingsResponse) {
option (google.api.http) = {
get: "/v1/{parent=projects/*/scanConfigs/*/scanRuns/*}/findings"
};
}
// List all FindingTypeStats under a given ScanRun.
rpc ListFindingTypeStats(ListFindingTypeStatsRequest) returns (ListFindingTypeStatsResponse) {
option (google.api.http) = {
get: "/v1/{parent=projects/*/scanConfigs/*/scanRuns/*}/findingTypeStats"
};
}
}
// Request for the `CreateScanConfig` method.
message CreateScanConfigRequest {
// Required. The parent resource name where the scan is created, which should be a
// project resource name in the format 'projects/{projectId}'.
string parent = 1;
// Required. The ScanConfig to be created.
ScanConfig scan_config = 2;
}
// Request for the `DeleteScanConfig` method.
message DeleteScanConfigRequest {
// Required. The resource name of the ScanConfig to be deleted. The name follows the
// format of 'projects/{projectId}/scanConfigs/{scanConfigId}'.
string name = 1;
}
// Request for the `GetScanConfig` method.
message GetScanConfigRequest {
// Required. The resource name of the ScanConfig to be returned. The name follows the
// format of 'projects/{projectId}/scanConfigs/{scanConfigId}'.
string name = 1;
}
// Request for the `ListScanConfigs` method.
message ListScanConfigsRequest {
// Required. The parent resource name, which should be a project resource name in the
// format 'projects/{projectId}'.
string parent = 1;
// A token identifying a page of results to be returned. This should be a
// `next_page_token` value returned from a previous List request.
// If unspecified, the first page of results is returned.
string page_token = 2;
// The maximum number of ScanConfigs to return, can be limited by server.
// If not specified or not positive, the implementation will select a
// reasonable value.
int32 page_size = 3;
}
// Request for the `UpdateScanConfigRequest` method.
message UpdateScanConfigRequest {
// Required. The ScanConfig to be updated. The name field must be set to identify the
// resource to be updated. The values of fields not covered by the mask
// will be ignored.
ScanConfig scan_config = 2;
// Required. The update mask applies to the resource. For the `FieldMask` definition,
// see
// https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask
google.protobuf.FieldMask update_mask = 3;
}
// Response for the `ListScanConfigs` method.
message ListScanConfigsResponse {
// The list of ScanConfigs returned.
repeated ScanConfig scan_configs = 1;
// Token to retrieve the next page of results, or empty if there are no
// more results in the list.
string next_page_token = 2;
}
// Request for the `StartScanRun` method.
message StartScanRunRequest {
// Required. The resource name of the ScanConfig to be used. The name follows the
// format of 'projects/{projectId}/scanConfigs/{scanConfigId}'.
string name = 1;
}
// Request for the `GetScanRun` method.
message GetScanRunRequest {
// Required. The resource name of the ScanRun to be returned. The name follows the
// format of
// 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'.
string name = 1;
}
// Request for the `ListScanRuns` method.
message ListScanRunsRequest {
// Required. The parent resource name, which should be a scan resource name in the
// format 'projects/{projectId}/scanConfigs/{scanConfigId}'.
string parent = 1;
// A token identifying a page of results to be returned. This should be a
// `next_page_token` value returned from a previous List request.
// If unspecified, the first page of results is returned.
string page_token = 2;
// The maximum number of ScanRuns to return, can be limited by server.
// If not specified or not positive, the implementation will select a
// reasonable value.
int32 page_size = 3;
}
// Response for the `ListScanRuns` method.
message ListScanRunsResponse {
// The list of ScanRuns returned.
repeated ScanRun scan_runs = 1;
// Token to retrieve the next page of results, or empty if there are no
// more results in the list.
string next_page_token = 2;
}
// Request for the `StopScanRun` method.
message StopScanRunRequest {
// Required. The resource name of the ScanRun to be stopped. The name follows the
// format of
// 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'.
string name = 1;
}
// Request for the `ListCrawledUrls` method.
message ListCrawledUrlsRequest {
// Required. The parent resource name, which should be a scan run resource name in the
// format
// 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'.
string parent = 1;
// A token identifying a page of results to be returned. This should be a
// `next_page_token` value returned from a previous List request.
// If unspecified, the first page of results is returned.
string page_token = 2;
// The maximum number of CrawledUrls to return, can be limited by server.
// If not specified or not positive, the implementation will select a
// reasonable value.
int32 page_size = 3;
}
// Response for the `ListCrawledUrls` method.
message ListCrawledUrlsResponse {
// The list of CrawledUrls returned.
repeated CrawledUrl crawled_urls = 1;
// Token to retrieve the next page of results, or empty if there are no
// more results in the list.
string next_page_token = 2;
}
// Request for the `GetFinding` method.
message GetFindingRequest {
// Required. The resource name of the Finding to be returned. The name follows the
// format of
// 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}/findings/{findingId}'.
string name = 1;
}
// Request for the `ListFindings` method.
message ListFindingsRequest {
// Required. The parent resource name, which should be a scan run resource name in the
// format
// 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'.
string parent = 1;
// The filter expression. The expression must be in the format: <field>
// <operator> <value>.
// Supported field: 'finding_type'.
// Supported operator: '='.
string filter = 2;
// A token identifying a page of results to be returned. This should be a
// `next_page_token` value returned from a previous List request.
// If unspecified, the first page of results is returned.
string page_token = 3;
// The maximum number of Findings to return, can be limited by server.
// If not specified or not positive, the implementation will select a
// reasonable value.
int32 page_size = 4;
}
// Response for the `ListFindings` method.
message ListFindingsResponse {
// The list of Findings returned.
repeated Finding findings = 1;
// Token to retrieve the next page of results, or empty if there are no
// more results in the list.
string next_page_token = 2;
}
// Request for the `ListFindingTypeStats` method.
message ListFindingTypeStatsRequest {
// Required. The parent resource name, which should be a scan run resource name in the
// format
// 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'.
string parent = 1;
}
// Response for the `ListFindingTypeStats` method.
message ListFindingTypeStatsResponse {
// The list of FindingTypeStats returned.
repeated FindingTypeStats finding_type_stats = 1;
}

19
google/cloud/websecurityscanner/v1/websecurityscanner_gapic.yaml Normal file
View File

@ -0,0 +1,19 @@
type: com.google.api.codegen.ConfigProto
config_schema_version: 2.0.0
# The settings of generated code in a specific language.
language_settings:
java:
package_name: com.google.cloud.websecurityscanner.v1
python:
package_name: google.cloud.websecurityscanner_v1.gapic
go:
package_name: cloud.google.com/go/websecurityscanner/apiv1
csharp:
package_name: Google.Cloud.Websecurityscanner.V1
ruby:
package_name: Google::Cloud::Websecurityscanner::V1
php:
package_name: Google\Cloud\WebSecurityScanner\V1
nodejs:
package_name: websecurityscanner.v1
domain_layer_location: google-cloud

75
google/cloud/websecurityscanner/v1/websecurityscanner_grpc_service_config.json Normal file
View File

@ -0,0 +1,75 @@
{
"methodConfig": [
{
"name": [
{
"service": "google.cloud.websecurityscanner.v1.WebSecurityScanner",
"method": "CreateScanConfig"
},
{
"service": "google.cloud.websecurityscanner.v1.WebSecurityScanner",
"method": "UpdateScanConfig"
},
{
"service": "google.cloud.websecurityscanner.v1.WebSecurityScanner",
"method": "StartScanRun"
},
{
"service": "google.cloud.websecurityscanner.v1.WebSecurityScanner",
"method": "StopScanRun"
}
],
"timeout": "600s"
},
{
"name": [
{
"service": "google.cloud.websecurityscanner.v1.WebSecurityScanner",
"method": "DeleteScanConfig"
},
{
"service": "google.cloud.websecurityscanner.v1.WebSecurityScanner",
"method": "GetScanConfig"
},
{
"service": "google.cloud.websecurityscanner.v1.WebSecurityScanner",
"method": "ListScanConfigs"
},
{
"service": "google.cloud.websecurityscanner.v1.WebSecurityScanner",
"method": "GetScanRun"
},
{
"service": "google.cloud.websecurityscanner.v1.WebSecurityScanner",
"method": "ListScanRuns"
},
{
"service": "google.cloud.websecurityscanner.v1.WebSecurityScanner",
"method": "GetFinding"
},
{
"service": "google.cloud.websecurityscanner.v1.WebSecurityScanner",
"method": "ListFindings"
},
{
"service": "google.cloud.websecurityscanner.v1.WebSecurityScanner",
"method": "ListFindingTypeStats"
},
{
"service": "google.cloud.websecurityscanner.v1.WebSecurityScanner",
"method": "ListCrawledUrls"
}
],
"timeout": "600s",
"retryPolicy": {
"initialBackoff": "0.100s",
"maxBackoff": "60s",
"backoffMultiplier": 1.3,
"retryableStatusCodes": [
"DEADLINE_EXCEEDED",
"UNAVAILABLE"
]
}
}
]
}

22
google/cloud/websecurityscanner/v1/websecurityscanner_v1.yaml Normal file
View File

@ -0,0 +1,22 @@
type: google.api.Service
config_version: 3
name: websecurityscanner.googleapis.com
title: Web Security Scanner API
apis:
- name: google.cloud.websecurityscanner.v1.WebSecurityScanner
documentation:
summary: Scans your Compute and App Engine apps for common web vulnerabilities.
backend:
rules:
- selector: 'google.cloud.websecurityscanner.v1.WebSecurityScanner.*'
deadline: 60.0
authentication:
rules:
- selector: 'google.cloud.websecurityscanner.v1.WebSecurityScanner.*'
oauth:
canonical_scopes: |-
https://www.googleapis.com/auth/cloud-platform