134 lines
5.0 KiB
Protocol Buffer
134 lines
5.0 KiB
Protocol Buffer
// Copyright 2020 Google LLC
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
syntax = "proto3";
|
|
|
|
package google.cloud.securitycenter.v1p1beta1;
|
|
|
|
import "google/api/annotations.proto";
|
|
import "google/api/field_behavior.proto";
|
|
import "google/api/resource.proto";
|
|
import "google/cloud/securitycenter/v1p1beta1/security_marks.proto";
|
|
import "google/protobuf/struct.proto";
|
|
import "google/protobuf/timestamp.proto";
|
|
|
|
option csharp_namespace = "Google.Cloud.SecurityCenter.V1P1Beta1";
|
|
option go_package = "google.golang.org/genproto/googleapis/cloud/securitycenter/v1p1beta1;securitycenter";
|
|
option java_multiple_files = true;
|
|
option java_package = "com.google.cloud.securitycenter.v1p1beta1";
|
|
option php_namespace = "Google\\Cloud\\SecurityCenter\\V1p1beta1";
|
|
option ruby_package = "Google::Cloud::SecurityCenter::V1p1beta1";
|
|
|
|
// Security Command Center finding.
|
|
//
|
|
// A finding is a record of assessment data (security, risk, health or privacy)
|
|
// ingested into Security Command Center for presentation, notification,
|
|
// analysis, policy testing, and enforcement. For example, an XSS vulnerability
|
|
// in an App Engine application is a finding.
|
|
message Finding {
|
|
option (google.api.resource) = {
|
|
type: "securitycenter.googleapis.com/Finding"
|
|
pattern: "organizations/{organization}/sources/{source}/findings/{finding}"
|
|
};
|
|
|
|
// The state of the finding.
|
|
enum State {
|
|
// Unspecified state.
|
|
STATE_UNSPECIFIED = 0;
|
|
|
|
// The finding requires attention and has not been addressed yet.
|
|
ACTIVE = 1;
|
|
|
|
// The finding has been fixed, triaged as a non-issue or otherwise addressed
|
|
// and is no longer active.
|
|
INACTIVE = 2;
|
|
}
|
|
|
|
// The severity of the finding.
|
|
enum Severity {
|
|
// No severity specified. The default value.
|
|
SEVERITY_UNSPECIFIED = 0;
|
|
|
|
// Critical severity.
|
|
CRITICAL = 1;
|
|
|
|
// High severity.
|
|
HIGH = 2;
|
|
|
|
// Medium severity.
|
|
MEDIUM = 3;
|
|
|
|
// Low severity.
|
|
LOW = 4;
|
|
}
|
|
|
|
// The relative resource name of this finding. See:
|
|
// https://cloud.google.com/apis/design/resource_names#relative_resource_name
|
|
// Example:
|
|
// "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}"
|
|
string name = 1;
|
|
|
|
// The relative resource name of the source the finding belongs to. See:
|
|
// https://cloud.google.com/apis/design/resource_names#relative_resource_name
|
|
// This field is immutable after creation time.
|
|
// For example:
|
|
// "organizations/{organization_id}/sources/{source_id}"
|
|
string parent = 2;
|
|
|
|
// For findings on Google Cloud resources, the full resource
|
|
// name of the Google Cloud resource this finding is for. See:
|
|
// https://cloud.google.com/apis/design/resource_names#full_resource_name
|
|
// When the finding is for a non-Google Cloud resource, the resourceName can
|
|
// be a customer or partner defined string. This field is immutable after
|
|
// creation time.
|
|
string resource_name = 3;
|
|
|
|
// The state of the finding.
|
|
State state = 4;
|
|
|
|
// The additional taxonomy group within findings from a given source.
|
|
// This field is immutable after creation time.
|
|
// Example: "XSS_FLASH_INJECTION"
|
|
string category = 5;
|
|
|
|
// The URI that, if available, points to a web page outside of Security
|
|
// Command Center where additional information about the finding can be found.
|
|
// This field is guaranteed to be either empty or a well formed URL.
|
|
string external_uri = 6;
|
|
|
|
// Source specific properties. These properties are managed by the source
|
|
// that writes the finding. The key names in the source_properties map must be
|
|
// between 1 and 255 characters, and must start with a letter and contain
|
|
// alphanumeric characters or underscores only.
|
|
map<string, google.protobuf.Value> source_properties = 7;
|
|
|
|
// Output only. User specified security marks. These marks are entirely
|
|
// managed by the user and come from the SecurityMarks resource that belongs
|
|
// to the finding.
|
|
SecurityMarks security_marks = 8 [(google.api.field_behavior) = OUTPUT_ONLY];
|
|
|
|
// The time at which the event took place, or when an update to the finding
|
|
// occurred. For example, if the finding represents an open firewall it would
|
|
// capture the time the detector believes the firewall became open. The
|
|
// accuracy is determined by the detector. If the finding were to be resolved
|
|
// afterward, this time would reflect when the finding was resolved.
|
|
google.protobuf.Timestamp event_time = 9;
|
|
|
|
// The time at which the finding was created in Security Command Center.
|
|
google.protobuf.Timestamp create_time = 10;
|
|
|
|
// The severity of the finding.
|
|
Severity severity = 13;
|
|
}
|