diff --git a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance/__init__.py b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance/__init__.py index 7fb25e23c2d5..507db47d8d47 100644 --- a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance/__init__.py +++ b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance/__init__.py @@ -35,10 +35,7 @@ CloudControl, CloudControlCategory, CloudControlDetails, - CloudControlGroup, CloudProvider, - Control, - ControlFamily, EnforcementMode, Framework, FrameworkCategory, @@ -51,7 +48,6 @@ ParamValue, PlaceholderSubstitutionRule, RegexpPattern, - RegulatoryControlResponsibilityType, Rule, RuleActionType, Severity, @@ -76,7 +72,6 @@ from google.cloud.cloudsecuritycompliance_v1.types.deployment import ( CloudControlDeployment, CloudControlDeploymentReference, - CloudControlGroupDeployment, CloudControlMetadata, CreateFrameworkDeploymentRequest, DeleteFrameworkDeploymentRequest, @@ -105,9 +100,6 @@ "CELExpression", "CloudControl", "CloudControlDetails", - "CloudControlGroup", - "Control", - "ControlFamily", "Framework", "FrameworkReference", "IntRange", @@ -125,7 +117,6 @@ "CloudProvider", "EnforcementMode", "FrameworkCategory", - "RegulatoryControlResponsibilityType", "RuleActionType", "Severity", "TargetResourceType", @@ -143,7 +134,6 @@ "UpdateFrameworkRequest", "CloudControlDeployment", "CloudControlDeploymentReference", - "CloudControlGroupDeployment", "CloudControlMetadata", "CreateFrameworkDeploymentRequest", "DeleteFrameworkDeploymentRequest", diff --git a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance/gapic_version.py b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance/gapic_version.py index 831f23f5d9a0..20a9cd975b02 100644 --- a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance/gapic_version.py +++ b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance/gapic_version.py @@ -13,5 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. # - -__version__ = "0.1.0" # {x-release-please-version} +__version__ = "0.0.0" # {x-release-please-version} diff --git a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/__init__.py b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/__init__.py index 6f89245a9c8c..a37739db483b 100644 --- a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/__init__.py +++ b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/__init__.py @@ -27,10 +27,7 @@ CloudControl, CloudControlCategory, CloudControlDetails, - CloudControlGroup, CloudProvider, - Control, - ControlFamily, EnforcementMode, Framework, FrameworkCategory, @@ -43,7 +40,6 @@ ParamValue, PlaceholderSubstitutionRule, RegexpPattern, - RegulatoryControlResponsibilityType, Rule, RuleActionType, Severity, @@ -68,7 +64,6 @@ from .types.deployment import ( CloudControlDeployment, CloudControlDeploymentReference, - CloudControlGroupDeployment, CloudControlMetadata, CreateFrameworkDeploymentRequest, DeleteFrameworkDeploymentRequest, @@ -98,13 +93,9 @@ "CloudControlDeployment", "CloudControlDeploymentReference", "CloudControlDetails", - "CloudControlGroup", - "CloudControlGroupDeployment", "CloudControlMetadata", "CloudProvider", "ConfigClient", - "Control", - "ControlFamily", "CreateCloudControlRequest", "CreateFrameworkDeploymentRequest", "CreateFrameworkRequest", @@ -141,7 +132,6 @@ "PlaceholderSubstitutionRule", "ProjectCreationConfig", "RegexpPattern", - "RegulatoryControlResponsibilityType", "Rule", "RuleActionType", "Severity", diff --git a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/gapic_version.py b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/gapic_version.py index 831f23f5d9a0..20a9cd975b02 100644 --- a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/gapic_version.py +++ b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/gapic_version.py @@ -13,5 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. # - -__version__ = "0.1.0" # {x-release-please-version} +__version__ = "0.0.0" # {x-release-please-version} diff --git a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/config/async_client.py b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/config/async_client.py index 02e1d98570d5..73af4ce6db24 100644 --- a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/config/async_client.py +++ b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/config/async_client.py @@ -67,7 +67,9 @@ class ConfigAsyncClient: - """Service describing handlers for config resources""" + """Config Service manages compliance frameworks, cloud controls, + and their configurations. + """ _client: ConfigClient @@ -293,7 +295,10 @@ async def list_frameworks( timeout: Union[float, object] = gapic_v1.method.DEFAULT, metadata: Sequence[Tuple[str, Union[str, bytes]]] = (), ) -> pagers.ListFrameworksAsyncPager: - r"""Lists Frameworks in a given organization. + r"""Lists all Frameworks (both Built-in and Custom) + available within a given parent resource. This method + supports pagination. The latest major version of each + Framework is returned. .. code-block:: python @@ -324,10 +329,12 @@ async def sample_list_frameworks(): Args: request (Optional[Union[google.cloud.cloudsecuritycompliance_v1.types.ListFrameworksRequest, dict]]): - The request object. Request message for [ListFrameworks][]. + The request object. Request message for listing + Frameworks. parent (:class:`str`): Required. The parent resource name, in the format ``organizations/{organization}/locations/{location}``. + Only global location is supported. This corresponds to the ``parent`` field on the ``request`` instance; if ``request`` is provided, this @@ -342,10 +349,13 @@ async def sample_list_frameworks(): Returns: google.cloud.cloudsecuritycompliance_v1.services.config.pagers.ListFrameworksAsyncPager: - Response message for [ListFrameworks][]. + Response message for listing + Frameworks. Contains a paginated list of + Framework resources. - Iterating over this object will yield results and - resolve additional pages automatically. + Iterating over this object will yield + results and resolve additional pages + automatically. """ # Create or coerce a protobuf request object. @@ -417,7 +427,13 @@ async def get_framework( timeout: Union[float, object] = gapic_v1.method.DEFAULT, metadata: Sequence[Tuple[str, Union[str, bytes]]] = (), ) -> common.Framework: - r"""Gets details of a single Framework. + r"""Gets details of a single Framework. This method retrieves a + Framework resource, which can be either Built-in or Custom, + identified by its name. + + By default, the latest major version of the Framework is + returned. A specific major version can be retrieved by + specifying the ``major_revision_id`` in the request. .. code-block:: python @@ -447,7 +463,8 @@ async def sample_get_framework(): Args: request (Optional[Union[google.cloud.cloudsecuritycompliance_v1.types.GetFrameworkRequest, dict]]): - The request object. Message for getting a Framework. + The request object. Request message for getting a + Framework. name (:class:`str`): Required. The name of the framework to retrieve. Format: organizations/{organization}/locations/{location}/frameworks/{framework_id} @@ -465,9 +482,14 @@ async def sample_get_framework(): Returns: google.cloud.cloudsecuritycompliance_v1.types.Framework: - Framework is a collection of - CloudControls which represents - industry/GCP/Customer defined + A Framework is a collection of + CloudControls to address security and + compliance requirements. Frameworks can + be used for prevention, detection, and + auditing. They can be either built-in, + industry-standard frameworks provided by + GCP/AZURE/AWS (e.g., NIST, FedRAMP) or + custom frameworks created by users. """ # Create or coerce a protobuf request object. @@ -530,7 +552,9 @@ async def create_framework( timeout: Union[float, object] = gapic_v1.method.DEFAULT, metadata: Sequence[Tuple[str, Union[str, bytes]]] = (), ) -> common.Framework: - r"""Creates a single framework for a given resource. + r"""Creates a new Framework with type ``Custom`` under a given + parent resource. Frameworks with type ``Built-in`` are managed + by Google and cannot be created through this API. .. code-block:: python @@ -565,7 +589,8 @@ async def sample_create_framework(): Args: request (Optional[Union[google.cloud.cloudsecuritycompliance_v1.types.CreateFrameworkRequest, dict]]): - The request object. Message for creating a Framework + The request object. Request message for creating a + Framework parent (:class:`str`): Required. The parent resource name, in the format ``organizations/{organization}/locations/{location}``. @@ -597,9 +622,14 @@ async def sample_create_framework(): Returns: google.cloud.cloudsecuritycompliance_v1.types.Framework: - Framework is a collection of - CloudControls which represents - industry/GCP/Customer defined + A Framework is a collection of + CloudControls to address security and + compliance requirements. Frameworks can + be used for prevention, detection, and + auditing. They can be either built-in, + industry-standard frameworks provided by + GCP/AZURE/AWS (e.g., NIST, FedRAMP) or + custom frameworks created by users. """ # Create or coerce a protobuf request object. @@ -665,7 +695,19 @@ async def update_framework( timeout: Union[float, object] = gapic_v1.method.DEFAULT, metadata: Sequence[Tuple[str, Union[str, bytes]]] = (), ) -> common.Framework: - r"""Updates a single Framework. + r"""Updates a single Framework. This method allows for partial + updates of a Framework resource. The fields to be updated are + specified using the ``update_mask``. + + - If an ``update_mask`` is provided, only the fields specified + in the mask will be updated. + - If no ``update_mask`` is provided, all fields present in the + request's ``framework`` body will be used to overwrite the + existing resource. + + This operation can only be performed on Frameworks with type + ``CUSTOM``. A successful update will result in a new version of + the Framework. .. code-block:: python @@ -698,7 +740,8 @@ async def sample_update_framework(): Args: request (Optional[Union[google.cloud.cloudsecuritycompliance_v1.types.UpdateFrameworkRequest, dict]]): - The request object. Message for updating a Framework + The request object. Request message for updating a + Framework. framework (:class:`google.cloud.cloudsecuritycompliance_v1.types.Framework`): Required. The resource being updated This corresponds to the ``framework`` field @@ -726,9 +769,14 @@ async def sample_update_framework(): Returns: google.cloud.cloudsecuritycompliance_v1.types.Framework: - Framework is a collection of - CloudControls which represents - industry/GCP/Customer defined + A Framework is a collection of + CloudControls to address security and + compliance requirements. Frameworks can + be used for prevention, detection, and + auditing. They can be either built-in, + industry-standard frameworks provided by + GCP/AZURE/AWS (e.g., NIST, FedRAMP) or + custom frameworks created by users. """ # Create or coerce a protobuf request object. @@ -793,7 +841,14 @@ async def delete_framework( timeout: Union[float, object] = gapic_v1.method.DEFAULT, metadata: Sequence[Tuple[str, Union[str, bytes]]] = (), ) -> None: - r"""Deletes a single Framework. + r"""Deletes a single Custom Framework, including all its minor and + minor revisions. + + - This operation can only be performed on Frameworks with type + ``CUSTOM``. Built-in Frameworks cannot be deleted. + - The Framework cannot be deleted if it is currently deployed on + any resource. + - This action is permanent and cannot be undone. .. code-block:: python @@ -820,7 +875,8 @@ async def sample_delete_framework(): Args: request (Optional[Union[google.cloud.cloudsecuritycompliance_v1.types.DeleteFrameworkRequest, dict]]): - The request object. Message for deleting a Framework + The request object. Request message for deleting a + Framework. name (:class:`str`): Required. Name of the resource, in the format ``organizations/{organization}/locations/{location}/frameworks/{framework}``. @@ -891,7 +947,10 @@ async def list_cloud_controls( timeout: Union[float, object] = gapic_v1.method.DEFAULT, metadata: Sequence[Tuple[str, Union[str, bytes]]] = (), ) -> pagers.ListCloudControlsAsyncPager: - r"""Lists CloudControls in a given organization. + r"""Lists all CloudControls (both Built-in and Custom) + available within a given parent resource. This method + supports pagination. The latest major version of each + CloudControl is returned. .. code-block:: python @@ -922,7 +981,8 @@ async def sample_list_cloud_controls(): Args: request (Optional[Union[google.cloud.cloudsecuritycompliance_v1.types.ListCloudControlsRequest, dict]]): - The request object. Request message for [ListCloudControls][]. + The request object. Request message for listing + CloudControls. parent (:class:`str`): Required. The parent resource name, in the format ``organizations/{organization}/locations/{location}``. @@ -1016,7 +1076,13 @@ async def get_cloud_control( timeout: Union[float, object] = gapic_v1.method.DEFAULT, metadata: Sequence[Tuple[str, Union[str, bytes]]] = (), ) -> common.CloudControl: - r"""Gets details of a single CloudControl. + r"""Gets details of a single CloudControl. This method retrieves a + CloudControl resource, which can be either Built-in or Custom, + identified by its name. + + By default, the latest major version of the CloudControl is + returned. A specific major version can be retrieved by + specifying the ``major_revision_id`` in the request. .. code-block:: python @@ -1046,7 +1112,8 @@ async def sample_get_cloud_control(): Args: request (Optional[Union[google.cloud.cloudsecuritycompliance_v1.types.GetCloudControlRequest, dict]]): - The request object. Message for getting a CloudControl. + The request object. Request message for getting a + CloudControl. name (:class:`str`): Required. The name of the cloudcontrol to retrieve in the format: @@ -1065,9 +1132,14 @@ async def sample_get_cloud_control(): Returns: google.cloud.cloudsecuritycompliance_v1.types.CloudControl: - A CloudControl is a GCP-provided - parameterized concept which is used to - satisfy a Security or Compliance intent. + A CloudControl is the fundamental unit encapsulating the rules + to meet a specific security or compliance intent. It + can contain various rule types (like Organization + Policies, CEL expressions, etc.) enabling different + enforcement modes (Preventive, Detective, Audit). + CloudControls are often parameterized for reusability + and can be either BUILT_IN (provided by Google) or + CUSTOM (defined by the user). """ # Create or coerce a protobuf request object. @@ -1130,7 +1202,9 @@ async def create_cloud_control( timeout: Union[float, object] = gapic_v1.method.DEFAULT, metadata: Sequence[Tuple[str, Union[str, bytes]]] = (), ) -> common.CloudControl: - r"""Creates a single CloudControl for a given resource. + r"""Creates a new CloudControl with type ``Custom`` under a given + parent resource. ``Built-in`` CloudControls are managed by + Google and cannot be created through this API. .. code-block:: python @@ -1165,7 +1239,8 @@ async def sample_create_cloud_control(): Args: request (Optional[Union[google.cloud.cloudsecuritycompliance_v1.types.CreateCloudControlRequest, dict]]): - The request object. Message for creating a CloudControl + The request object. Request message for creating a + CloudControl parent (:class:`str`): Required. The parent resource name, in the format ``organizations/{organization}/locations/{location}``. @@ -1196,9 +1271,14 @@ async def sample_create_cloud_control(): Returns: google.cloud.cloudsecuritycompliance_v1.types.CloudControl: - A CloudControl is a GCP-provided - parameterized concept which is used to - satisfy a Security or Compliance intent. + A CloudControl is the fundamental unit encapsulating the rules + to meet a specific security or compliance intent. It + can contain various rule types (like Organization + Policies, CEL expressions, etc.) enabling different + enforcement modes (Preventive, Detective, Audit). + CloudControls are often parameterized for reusability + and can be either BUILT_IN (provided by Google) or + CUSTOM (defined by the user). """ # Create or coerce a protobuf request object. @@ -1264,7 +1344,18 @@ async def update_cloud_control( timeout: Union[float, object] = gapic_v1.method.DEFAULT, metadata: Sequence[Tuple[str, Union[str, bytes]]] = (), ) -> common.CloudControl: - r"""Updates a single CloudControl. + r"""Updates a single CloudControl. This method allows for partial + updates of a Custom CloudControl resource. Built-in + CloudControls cannot be updated. + + - If an ``update_mask`` is provided, only the fields specified + in the mask will be updated. + - If no ``update_mask`` is provided, all fields present in the + request's ``cloud_control`` body will be used to overwrite the + existing resource. + + A successful update will result in a new version of the + CloudControl. .. code-block:: python @@ -1297,7 +1388,8 @@ async def sample_update_cloud_control(): Args: request (Optional[Union[google.cloud.cloudsecuritycompliance_v1.types.UpdateCloudControlRequest, dict]]): - The request object. Message for updating a CloudControl. + The request object. Request message for + UpdateCloudControl. cloud_control (:class:`google.cloud.cloudsecuritycompliance_v1.types.CloudControl`): Required. The resource being updated This corresponds to the ``cloud_control`` field @@ -1331,9 +1423,14 @@ async def sample_update_cloud_control(): Returns: google.cloud.cloudsecuritycompliance_v1.types.CloudControl: - A CloudControl is a GCP-provided - parameterized concept which is used to - satisfy a Security or Compliance intent. + A CloudControl is the fundamental unit encapsulating the rules + to meet a specific security or compliance intent. It + can contain various rule types (like Organization + Policies, CEL expressions, etc.) enabling different + enforcement modes (Preventive, Detective, Audit). + CloudControls are often parameterized for reusability + and can be either BUILT_IN (provided by Google) or + CUSTOM (defined by the user). """ # Create or coerce a protobuf request object. @@ -1398,7 +1495,14 @@ async def delete_cloud_control( timeout: Union[float, object] = gapic_v1.method.DEFAULT, metadata: Sequence[Tuple[str, Union[str, bytes]]] = (), ) -> None: - r"""Deletes a single CloudControl. + r"""Deletes a single Custom CloudControl, including all its major + and minor revisions. + + - This operation can only be performed on CloudControls with + type ``CUSTOM``. Built-in CloudControls cannot be deleted. + - The CloudControl cannot be deleted if any of its revisions are + currently referenced by any Framework. + - This action is permanent and cannot be undone. .. code-block:: python @@ -1425,7 +1529,8 @@ async def sample_delete_cloud_control(): Args: request (Optional[Union[google.cloud.cloudsecuritycompliance_v1.types.DeleteCloudControlRequest, dict]]): - The request object. Message for deleting a CloudControl. + The request object. Request message for deleting a + CloudControl. name (:class:`str`): Required. Name of the resource, in the format ``organizations/{organization}/locations/{location}/CloudControls/{CloudControl}``. diff --git a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/config/client.py b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/config/client.py index 381f359dc01f..2da50f733616 100644 --- a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/config/client.py +++ b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/config/client.py @@ -111,7 +111,9 @@ def get_transport_class( class ConfigClient(metaclass=ConfigClientMeta): - """Service describing handlers for config resources""" + """Config Service manages compliance frameworks, cloud controls, + and their configurations. + """ @staticmethod def _get_default_mtls_endpoint(api_endpoint): @@ -741,7 +743,10 @@ def list_frameworks( timeout: Union[float, object] = gapic_v1.method.DEFAULT, metadata: Sequence[Tuple[str, Union[str, bytes]]] = (), ) -> pagers.ListFrameworksPager: - r"""Lists Frameworks in a given organization. + r"""Lists all Frameworks (both Built-in and Custom) + available within a given parent resource. This method + supports pagination. The latest major version of each + Framework is returned. .. code-block:: python @@ -772,10 +777,12 @@ def sample_list_frameworks(): Args: request (Union[google.cloud.cloudsecuritycompliance_v1.types.ListFrameworksRequest, dict]): - The request object. Request message for [ListFrameworks][]. + The request object. Request message for listing + Frameworks. parent (str): Required. The parent resource name, in the format ``organizations/{organization}/locations/{location}``. + Only global location is supported. This corresponds to the ``parent`` field on the ``request`` instance; if ``request`` is provided, this @@ -790,10 +797,13 @@ def sample_list_frameworks(): Returns: google.cloud.cloudsecuritycompliance_v1.services.config.pagers.ListFrameworksPager: - Response message for [ListFrameworks][]. + Response message for listing + Frameworks. Contains a paginated list of + Framework resources. - Iterating over this object will yield results and - resolve additional pages automatically. + Iterating over this object will yield + results and resolve additional pages + automatically. """ # Create or coerce a protobuf request object. @@ -862,7 +872,13 @@ def get_framework( timeout: Union[float, object] = gapic_v1.method.DEFAULT, metadata: Sequence[Tuple[str, Union[str, bytes]]] = (), ) -> common.Framework: - r"""Gets details of a single Framework. + r"""Gets details of a single Framework. This method retrieves a + Framework resource, which can be either Built-in or Custom, + identified by its name. + + By default, the latest major version of the Framework is + returned. A specific major version can be retrieved by + specifying the ``major_revision_id`` in the request. .. code-block:: python @@ -892,7 +908,8 @@ def sample_get_framework(): Args: request (Union[google.cloud.cloudsecuritycompliance_v1.types.GetFrameworkRequest, dict]): - The request object. Message for getting a Framework. + The request object. Request message for getting a + Framework. name (str): Required. The name of the framework to retrieve. Format: organizations/{organization}/locations/{location}/frameworks/{framework_id} @@ -910,9 +927,14 @@ def sample_get_framework(): Returns: google.cloud.cloudsecuritycompliance_v1.types.Framework: - Framework is a collection of - CloudControls which represents - industry/GCP/Customer defined + A Framework is a collection of + CloudControls to address security and + compliance requirements. Frameworks can + be used for prevention, detection, and + auditing. They can be either built-in, + industry-standard frameworks provided by + GCP/AZURE/AWS (e.g., NIST, FedRAMP) or + custom frameworks created by users. """ # Create or coerce a protobuf request object. @@ -972,7 +994,9 @@ def create_framework( timeout: Union[float, object] = gapic_v1.method.DEFAULT, metadata: Sequence[Tuple[str, Union[str, bytes]]] = (), ) -> common.Framework: - r"""Creates a single framework for a given resource. + r"""Creates a new Framework with type ``Custom`` under a given + parent resource. Frameworks with type ``Built-in`` are managed + by Google and cannot be created through this API. .. code-block:: python @@ -1007,7 +1031,8 @@ def sample_create_framework(): Args: request (Union[google.cloud.cloudsecuritycompliance_v1.types.CreateFrameworkRequest, dict]): - The request object. Message for creating a Framework + The request object. Request message for creating a + Framework parent (str): Required. The parent resource name, in the format ``organizations/{organization}/locations/{location}``. @@ -1039,9 +1064,14 @@ def sample_create_framework(): Returns: google.cloud.cloudsecuritycompliance_v1.types.Framework: - Framework is a collection of - CloudControls which represents - industry/GCP/Customer defined + A Framework is a collection of + CloudControls to address security and + compliance requirements. Frameworks can + be used for prevention, detection, and + auditing. They can be either built-in, + industry-standard frameworks provided by + GCP/AZURE/AWS (e.g., NIST, FedRAMP) or + custom frameworks created by users. """ # Create or coerce a protobuf request object. @@ -1104,7 +1134,19 @@ def update_framework( timeout: Union[float, object] = gapic_v1.method.DEFAULT, metadata: Sequence[Tuple[str, Union[str, bytes]]] = (), ) -> common.Framework: - r"""Updates a single Framework. + r"""Updates a single Framework. This method allows for partial + updates of a Framework resource. The fields to be updated are + specified using the ``update_mask``. + + - If an ``update_mask`` is provided, only the fields specified + in the mask will be updated. + - If no ``update_mask`` is provided, all fields present in the + request's ``framework`` body will be used to overwrite the + existing resource. + + This operation can only be performed on Frameworks with type + ``CUSTOM``. A successful update will result in a new version of + the Framework. .. code-block:: python @@ -1137,7 +1179,8 @@ def sample_update_framework(): Args: request (Union[google.cloud.cloudsecuritycompliance_v1.types.UpdateFrameworkRequest, dict]): - The request object. Message for updating a Framework + The request object. Request message for updating a + Framework. framework (google.cloud.cloudsecuritycompliance_v1.types.Framework): Required. The resource being updated This corresponds to the ``framework`` field @@ -1165,9 +1208,14 @@ def sample_update_framework(): Returns: google.cloud.cloudsecuritycompliance_v1.types.Framework: - Framework is a collection of - CloudControls which represents - industry/GCP/Customer defined + A Framework is a collection of + CloudControls to address security and + compliance requirements. Frameworks can + be used for prevention, detection, and + auditing. They can be either built-in, + industry-standard frameworks provided by + GCP/AZURE/AWS (e.g., NIST, FedRAMP) or + custom frameworks created by users. """ # Create or coerce a protobuf request object. @@ -1229,7 +1277,14 @@ def delete_framework( timeout: Union[float, object] = gapic_v1.method.DEFAULT, metadata: Sequence[Tuple[str, Union[str, bytes]]] = (), ) -> None: - r"""Deletes a single Framework. + r"""Deletes a single Custom Framework, including all its minor and + minor revisions. + + - This operation can only be performed on Frameworks with type + ``CUSTOM``. Built-in Frameworks cannot be deleted. + - The Framework cannot be deleted if it is currently deployed on + any resource. + - This action is permanent and cannot be undone. .. code-block:: python @@ -1256,7 +1311,8 @@ def sample_delete_framework(): Args: request (Union[google.cloud.cloudsecuritycompliance_v1.types.DeleteFrameworkRequest, dict]): - The request object. Message for deleting a Framework + The request object. Request message for deleting a + Framework. name (str): Required. Name of the resource, in the format ``organizations/{organization}/locations/{location}/frameworks/{framework}``. @@ -1324,7 +1380,10 @@ def list_cloud_controls( timeout: Union[float, object] = gapic_v1.method.DEFAULT, metadata: Sequence[Tuple[str, Union[str, bytes]]] = (), ) -> pagers.ListCloudControlsPager: - r"""Lists CloudControls in a given organization. + r"""Lists all CloudControls (both Built-in and Custom) + available within a given parent resource. This method + supports pagination. The latest major version of each + CloudControl is returned. .. code-block:: python @@ -1355,7 +1414,8 @@ def sample_list_cloud_controls(): Args: request (Union[google.cloud.cloudsecuritycompliance_v1.types.ListCloudControlsRequest, dict]): - The request object. Request message for [ListCloudControls][]. + The request object. Request message for listing + CloudControls. parent (str): Required. The parent resource name, in the format ``organizations/{organization}/locations/{location}``. @@ -1446,7 +1506,13 @@ def get_cloud_control( timeout: Union[float, object] = gapic_v1.method.DEFAULT, metadata: Sequence[Tuple[str, Union[str, bytes]]] = (), ) -> common.CloudControl: - r"""Gets details of a single CloudControl. + r"""Gets details of a single CloudControl. This method retrieves a + CloudControl resource, which can be either Built-in or Custom, + identified by its name. + + By default, the latest major version of the CloudControl is + returned. A specific major version can be retrieved by + specifying the ``major_revision_id`` in the request. .. code-block:: python @@ -1476,7 +1542,8 @@ def sample_get_cloud_control(): Args: request (Union[google.cloud.cloudsecuritycompliance_v1.types.GetCloudControlRequest, dict]): - The request object. Message for getting a CloudControl. + The request object. Request message for getting a + CloudControl. name (str): Required. The name of the cloudcontrol to retrieve in the format: @@ -1495,9 +1562,14 @@ def sample_get_cloud_control(): Returns: google.cloud.cloudsecuritycompliance_v1.types.CloudControl: - A CloudControl is a GCP-provided - parameterized concept which is used to - satisfy a Security or Compliance intent. + A CloudControl is the fundamental unit encapsulating the rules + to meet a specific security or compliance intent. It + can contain various rule types (like Organization + Policies, CEL expressions, etc.) enabling different + enforcement modes (Preventive, Detective, Audit). + CloudControls are often parameterized for reusability + and can be either BUILT_IN (provided by Google) or + CUSTOM (defined by the user). """ # Create or coerce a protobuf request object. @@ -1557,7 +1629,9 @@ def create_cloud_control( timeout: Union[float, object] = gapic_v1.method.DEFAULT, metadata: Sequence[Tuple[str, Union[str, bytes]]] = (), ) -> common.CloudControl: - r"""Creates a single CloudControl for a given resource. + r"""Creates a new CloudControl with type ``Custom`` under a given + parent resource. ``Built-in`` CloudControls are managed by + Google and cannot be created through this API. .. code-block:: python @@ -1592,7 +1666,8 @@ def sample_create_cloud_control(): Args: request (Union[google.cloud.cloudsecuritycompliance_v1.types.CreateCloudControlRequest, dict]): - The request object. Message for creating a CloudControl + The request object. Request message for creating a + CloudControl parent (str): Required. The parent resource name, in the format ``organizations/{organization}/locations/{location}``. @@ -1623,9 +1698,14 @@ def sample_create_cloud_control(): Returns: google.cloud.cloudsecuritycompliance_v1.types.CloudControl: - A CloudControl is a GCP-provided - parameterized concept which is used to - satisfy a Security or Compliance intent. + A CloudControl is the fundamental unit encapsulating the rules + to meet a specific security or compliance intent. It + can contain various rule types (like Organization + Policies, CEL expressions, etc.) enabling different + enforcement modes (Preventive, Detective, Audit). + CloudControls are often parameterized for reusability + and can be either BUILT_IN (provided by Google) or + CUSTOM (defined by the user). """ # Create or coerce a protobuf request object. @@ -1688,7 +1768,18 @@ def update_cloud_control( timeout: Union[float, object] = gapic_v1.method.DEFAULT, metadata: Sequence[Tuple[str, Union[str, bytes]]] = (), ) -> common.CloudControl: - r"""Updates a single CloudControl. + r"""Updates a single CloudControl. This method allows for partial + updates of a Custom CloudControl resource. Built-in + CloudControls cannot be updated. + + - If an ``update_mask`` is provided, only the fields specified + in the mask will be updated. + - If no ``update_mask`` is provided, all fields present in the + request's ``cloud_control`` body will be used to overwrite the + existing resource. + + A successful update will result in a new version of the + CloudControl. .. code-block:: python @@ -1721,7 +1812,8 @@ def sample_update_cloud_control(): Args: request (Union[google.cloud.cloudsecuritycompliance_v1.types.UpdateCloudControlRequest, dict]): - The request object. Message for updating a CloudControl. + The request object. Request message for + UpdateCloudControl. cloud_control (google.cloud.cloudsecuritycompliance_v1.types.CloudControl): Required. The resource being updated This corresponds to the ``cloud_control`` field @@ -1755,9 +1847,14 @@ def sample_update_cloud_control(): Returns: google.cloud.cloudsecuritycompliance_v1.types.CloudControl: - A CloudControl is a GCP-provided - parameterized concept which is used to - satisfy a Security or Compliance intent. + A CloudControl is the fundamental unit encapsulating the rules + to meet a specific security or compliance intent. It + can contain various rule types (like Organization + Policies, CEL expressions, etc.) enabling different + enforcement modes (Preventive, Detective, Audit). + CloudControls are often parameterized for reusability + and can be either BUILT_IN (provided by Google) or + CUSTOM (defined by the user). """ # Create or coerce a protobuf request object. @@ -1819,7 +1916,14 @@ def delete_cloud_control( timeout: Union[float, object] = gapic_v1.method.DEFAULT, metadata: Sequence[Tuple[str, Union[str, bytes]]] = (), ) -> None: - r"""Deletes a single CloudControl. + r"""Deletes a single Custom CloudControl, including all its major + and minor revisions. + + - This operation can only be performed on CloudControls with + type ``CUSTOM``. Built-in CloudControls cannot be deleted. + - The CloudControl cannot be deleted if any of its revisions are + currently referenced by any Framework. + - This action is permanent and cannot be undone. .. code-block:: python @@ -1846,7 +1950,8 @@ def sample_delete_cloud_control(): Args: request (Union[google.cloud.cloudsecuritycompliance_v1.types.DeleteCloudControlRequest, dict]): - The request object. Message for deleting a CloudControl. + The request object. Request message for deleting a + CloudControl. name (str): Required. Name of the resource, in the format ``organizations/{organization}/locations/{location}/CloudControls/{CloudControl}``. diff --git a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/config/transports/grpc.py b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/config/transports/grpc.py index 320600d66cdb..0141ff5ca354 100644 --- a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/config/transports/grpc.py +++ b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/config/transports/grpc.py @@ -113,7 +113,8 @@ def intercept_unary_unary(self, continuation, client_call_details, request): class ConfigGrpcTransport(ConfigTransport): """gRPC backend transport for Config. - Service describing handlers for config resources + Config Service manages compliance frameworks, cloud controls, + and their configurations. This class defines the same methods as the primary client, so the primary client can load the underlying transport implementation @@ -328,7 +329,10 @@ def list_frameworks( ) -> Callable[[config.ListFrameworksRequest], config.ListFrameworksResponse]: r"""Return a callable for the list frameworks method over gRPC. - Lists Frameworks in a given organization. + Lists all Frameworks (both Built-in and Custom) + available within a given parent resource. This method + supports pagination. The latest major version of each + Framework is returned. Returns: Callable[[~.ListFrameworksRequest], @@ -352,7 +356,13 @@ def list_frameworks( def get_framework(self) -> Callable[[config.GetFrameworkRequest], common.Framework]: r"""Return a callable for the get framework method over gRPC. - Gets details of a single Framework. + Gets details of a single Framework. This method retrieves a + Framework resource, which can be either Built-in or Custom, + identified by its name. + + By default, the latest major version of the Framework is + returned. A specific major version can be retrieved by + specifying the ``major_revision_id`` in the request. Returns: Callable[[~.GetFrameworkRequest], @@ -378,7 +388,9 @@ def create_framework( ) -> Callable[[config.CreateFrameworkRequest], common.Framework]: r"""Return a callable for the create framework method over gRPC. - Creates a single framework for a given resource. + Creates a new Framework with type ``Custom`` under a given + parent resource. Frameworks with type ``Built-in`` are managed + by Google and cannot be created through this API. Returns: Callable[[~.CreateFrameworkRequest], @@ -404,7 +416,19 @@ def update_framework( ) -> Callable[[config.UpdateFrameworkRequest], common.Framework]: r"""Return a callable for the update framework method over gRPC. - Updates a single Framework. + Updates a single Framework. This method allows for partial + updates of a Framework resource. The fields to be updated are + specified using the ``update_mask``. + + - If an ``update_mask`` is provided, only the fields specified + in the mask will be updated. + - If no ``update_mask`` is provided, all fields present in the + request's ``framework`` body will be used to overwrite the + existing resource. + + This operation can only be performed on Frameworks with type + ``CUSTOM``. A successful update will result in a new version of + the Framework. Returns: Callable[[~.UpdateFrameworkRequest], @@ -430,7 +454,14 @@ def delete_framework( ) -> Callable[[config.DeleteFrameworkRequest], empty_pb2.Empty]: r"""Return a callable for the delete framework method over gRPC. - Deletes a single Framework. + Deletes a single Custom Framework, including all its minor and + minor revisions. + + - This operation can only be performed on Frameworks with type + ``CUSTOM``. Built-in Frameworks cannot be deleted. + - The Framework cannot be deleted if it is currently deployed on + any resource. + - This action is permanent and cannot be undone. Returns: Callable[[~.DeleteFrameworkRequest], @@ -456,7 +487,10 @@ def list_cloud_controls( ) -> Callable[[config.ListCloudControlsRequest], config.ListCloudControlsResponse]: r"""Return a callable for the list cloud controls method over gRPC. - Lists CloudControls in a given organization. + Lists all CloudControls (both Built-in and Custom) + available within a given parent resource. This method + supports pagination. The latest major version of each + CloudControl is returned. Returns: Callable[[~.ListCloudControlsRequest], @@ -482,7 +516,13 @@ def get_cloud_control( ) -> Callable[[config.GetCloudControlRequest], common.CloudControl]: r"""Return a callable for the get cloud control method over gRPC. - Gets details of a single CloudControl. + Gets details of a single CloudControl. This method retrieves a + CloudControl resource, which can be either Built-in or Custom, + identified by its name. + + By default, the latest major version of the CloudControl is + returned. A specific major version can be retrieved by + specifying the ``major_revision_id`` in the request. Returns: Callable[[~.GetCloudControlRequest], @@ -508,7 +548,9 @@ def create_cloud_control( ) -> Callable[[config.CreateCloudControlRequest], common.CloudControl]: r"""Return a callable for the create cloud control method over gRPC. - Creates a single CloudControl for a given resource. + Creates a new CloudControl with type ``Custom`` under a given + parent resource. ``Built-in`` CloudControls are managed by + Google and cannot be created through this API. Returns: Callable[[~.CreateCloudControlRequest], @@ -534,7 +576,18 @@ def update_cloud_control( ) -> Callable[[config.UpdateCloudControlRequest], common.CloudControl]: r"""Return a callable for the update cloud control method over gRPC. - Updates a single CloudControl. + Updates a single CloudControl. This method allows for partial + updates of a Custom CloudControl resource. Built-in + CloudControls cannot be updated. + + - If an ``update_mask`` is provided, only the fields specified + in the mask will be updated. + - If no ``update_mask`` is provided, all fields present in the + request's ``cloud_control`` body will be used to overwrite the + existing resource. + + A successful update will result in a new version of the + CloudControl. Returns: Callable[[~.UpdateCloudControlRequest], @@ -560,7 +613,14 @@ def delete_cloud_control( ) -> Callable[[config.DeleteCloudControlRequest], empty_pb2.Empty]: r"""Return a callable for the delete cloud control method over gRPC. - Deletes a single CloudControl. + Deletes a single Custom CloudControl, including all its major + and minor revisions. + + - This operation can only be performed on CloudControls with + type ``CUSTOM``. Built-in CloudControls cannot be deleted. + - The CloudControl cannot be deleted if any of its revisions are + currently referenced by any Framework. + - This action is permanent and cannot be undone. Returns: Callable[[~.DeleteCloudControlRequest], diff --git a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/config/transports/grpc_asyncio.py b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/config/transports/grpc_asyncio.py index 1a7535486a88..2f20682109e1 100644 --- a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/config/transports/grpc_asyncio.py +++ b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/config/transports/grpc_asyncio.py @@ -119,7 +119,8 @@ async def intercept_unary_unary(self, continuation, client_call_details, request class ConfigGrpcAsyncIOTransport(ConfigTransport): """gRPC AsyncIO backend transport for Config. - Service describing handlers for config resources + Config Service manages compliance frameworks, cloud controls, + and their configurations. This class defines the same methods as the primary client, so the primary client can load the underlying transport implementation @@ -338,7 +339,10 @@ def list_frameworks( ]: r"""Return a callable for the list frameworks method over gRPC. - Lists Frameworks in a given organization. + Lists all Frameworks (both Built-in and Custom) + available within a given parent resource. This method + supports pagination. The latest major version of each + Framework is returned. Returns: Callable[[~.ListFrameworksRequest], @@ -364,7 +368,13 @@ def get_framework( ) -> Callable[[config.GetFrameworkRequest], Awaitable[common.Framework]]: r"""Return a callable for the get framework method over gRPC. - Gets details of a single Framework. + Gets details of a single Framework. This method retrieves a + Framework resource, which can be either Built-in or Custom, + identified by its name. + + By default, the latest major version of the Framework is + returned. A specific major version can be retrieved by + specifying the ``major_revision_id`` in the request. Returns: Callable[[~.GetFrameworkRequest], @@ -390,7 +400,9 @@ def create_framework( ) -> Callable[[config.CreateFrameworkRequest], Awaitable[common.Framework]]: r"""Return a callable for the create framework method over gRPC. - Creates a single framework for a given resource. + Creates a new Framework with type ``Custom`` under a given + parent resource. Frameworks with type ``Built-in`` are managed + by Google and cannot be created through this API. Returns: Callable[[~.CreateFrameworkRequest], @@ -416,7 +428,19 @@ def update_framework( ) -> Callable[[config.UpdateFrameworkRequest], Awaitable[common.Framework]]: r"""Return a callable for the update framework method over gRPC. - Updates a single Framework. + Updates a single Framework. This method allows for partial + updates of a Framework resource. The fields to be updated are + specified using the ``update_mask``. + + - If an ``update_mask`` is provided, only the fields specified + in the mask will be updated. + - If no ``update_mask`` is provided, all fields present in the + request's ``framework`` body will be used to overwrite the + existing resource. + + This operation can only be performed on Frameworks with type + ``CUSTOM``. A successful update will result in a new version of + the Framework. Returns: Callable[[~.UpdateFrameworkRequest], @@ -442,7 +466,14 @@ def delete_framework( ) -> Callable[[config.DeleteFrameworkRequest], Awaitable[empty_pb2.Empty]]: r"""Return a callable for the delete framework method over gRPC. - Deletes a single Framework. + Deletes a single Custom Framework, including all its minor and + minor revisions. + + - This operation can only be performed on Frameworks with type + ``CUSTOM``. Built-in Frameworks cannot be deleted. + - The Framework cannot be deleted if it is currently deployed on + any resource. + - This action is permanent and cannot be undone. Returns: Callable[[~.DeleteFrameworkRequest], @@ -470,7 +501,10 @@ def list_cloud_controls( ]: r"""Return a callable for the list cloud controls method over gRPC. - Lists CloudControls in a given organization. + Lists all CloudControls (both Built-in and Custom) + available within a given parent resource. This method + supports pagination. The latest major version of each + CloudControl is returned. Returns: Callable[[~.ListCloudControlsRequest], @@ -496,7 +530,13 @@ def get_cloud_control( ) -> Callable[[config.GetCloudControlRequest], Awaitable[common.CloudControl]]: r"""Return a callable for the get cloud control method over gRPC. - Gets details of a single CloudControl. + Gets details of a single CloudControl. This method retrieves a + CloudControl resource, which can be either Built-in or Custom, + identified by its name. + + By default, the latest major version of the CloudControl is + returned. A specific major version can be retrieved by + specifying the ``major_revision_id`` in the request. Returns: Callable[[~.GetCloudControlRequest], @@ -522,7 +562,9 @@ def create_cloud_control( ) -> Callable[[config.CreateCloudControlRequest], Awaitable[common.CloudControl]]: r"""Return a callable for the create cloud control method over gRPC. - Creates a single CloudControl for a given resource. + Creates a new CloudControl with type ``Custom`` under a given + parent resource. ``Built-in`` CloudControls are managed by + Google and cannot be created through this API. Returns: Callable[[~.CreateCloudControlRequest], @@ -548,7 +590,18 @@ def update_cloud_control( ) -> Callable[[config.UpdateCloudControlRequest], Awaitable[common.CloudControl]]: r"""Return a callable for the update cloud control method over gRPC. - Updates a single CloudControl. + Updates a single CloudControl. This method allows for partial + updates of a Custom CloudControl resource. Built-in + CloudControls cannot be updated. + + - If an ``update_mask`` is provided, only the fields specified + in the mask will be updated. + - If no ``update_mask`` is provided, all fields present in the + request's ``cloud_control`` body will be used to overwrite the + existing resource. + + A successful update will result in a new version of the + CloudControl. Returns: Callable[[~.UpdateCloudControlRequest], @@ -574,7 +627,14 @@ def delete_cloud_control( ) -> Callable[[config.DeleteCloudControlRequest], Awaitable[empty_pb2.Empty]]: r"""Return a callable for the delete cloud control method over gRPC. - Deletes a single CloudControl. + Deletes a single Custom CloudControl, including all its major + and minor revisions. + + - This operation can only be performed on CloudControls with + type ``CUSTOM``. Built-in CloudControls cannot be deleted. + - The CloudControl cannot be deleted if any of its revisions are + currently referenced by any Framework. + - This action is permanent and cannot be undone. Returns: Callable[[~.DeleteCloudControlRequest], diff --git a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/config/transports/rest.py b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/config/transports/rest.py index 8d1a3d973c78..a7065a09b87f 100644 --- a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/config/transports/rest.py +++ b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/config/transports/rest.py @@ -706,7 +706,8 @@ class ConfigRestStub: class ConfigRestTransport(_BaseConfigRestTransport): """REST backend synchronous transport for Config. - Service describing handlers for config resources + Config Service manages compliance frameworks, cloud controls, + and their configurations. This class defines the same methods as the primary client, so the primary client can load the underlying transport implementation @@ -823,7 +824,8 @@ def __call__( Args: request (~.config.CreateCloudControlRequest): - The request object. Message for creating a CloudControl + The request object. Request message for creating a + CloudControl retry (google.api_core.retry.Retry): Designation of what errors, if any, should be retried. timeout (float): The timeout for this request. @@ -834,9 +836,14 @@ def __call__( Returns: ~.common.CloudControl: - A CloudControl is a GCP-provided - parameterized concept which is used to - satisfy a Security or Compliance intent. + A CloudControl is the fundamental unit encapsulating the + rules to meet a specific security or compliance intent. + It can contain various rule types (like Organization + Policies, CEL expressions, etc.) enabling different + enforcement modes (Preventive, Detective, Audit). + CloudControls are often parameterized for reusability + and can be either BUILT_IN (provided by Google) or + CUSTOM (defined by the user). """ @@ -982,7 +989,8 @@ def __call__( Args: request (~.config.CreateFrameworkRequest): - The request object. Message for creating a Framework + The request object. Request message for creating a + Framework retry (google.api_core.retry.Retry): Designation of what errors, if any, should be retried. timeout (float): The timeout for this request. @@ -993,9 +1001,14 @@ def __call__( Returns: ~.common.Framework: - Framework is a collection of - CloudControls which represents - industry/GCP/Customer defined + A Framework is a collection of + CloudControls to address security and + compliance requirements. Frameworks can + be used for prevention, detection, and + auditing. They can be either built-in, + industry-standard frameworks provided by + GCP/AZURE/AWS (e.g., NIST, FedRAMP) or + custom frameworks created by users. """ @@ -1140,7 +1153,8 @@ def __call__( Args: request (~.config.DeleteCloudControlRequest): - The request object. Message for deleting a CloudControl. + The request object. Request message for deleting a + CloudControl. retry (google.api_core.retry.Retry): Designation of what errors, if any, should be retried. timeout (float): The timeout for this request. @@ -1250,7 +1264,8 @@ def __call__( Args: request (~.config.DeleteFrameworkRequest): - The request object. Message for deleting a Framework + The request object. Request message for deleting a + Framework. retry (google.api_core.retry.Retry): Designation of what errors, if any, should be retried. timeout (float): The timeout for this request. @@ -1362,7 +1377,8 @@ def __call__( Args: request (~.config.GetCloudControlRequest): - The request object. Message for getting a CloudControl. + The request object. Request message for getting a + CloudControl. retry (google.api_core.retry.Retry): Designation of what errors, if any, should be retried. timeout (float): The timeout for this request. @@ -1373,9 +1389,14 @@ def __call__( Returns: ~.common.CloudControl: - A CloudControl is a GCP-provided - parameterized concept which is used to - satisfy a Security or Compliance intent. + A CloudControl is the fundamental unit encapsulating the + rules to meet a specific security or compliance intent. + It can contain various rule types (like Organization + Policies, CEL expressions, etc.) enabling different + enforcement modes (Preventive, Detective, Audit). + CloudControls are often parameterized for reusability + and can be either BUILT_IN (provided by Google) or + CUSTOM (defined by the user). """ @@ -1513,7 +1534,8 @@ def __call__( Args: request (~.config.GetFrameworkRequest): - The request object. Message for getting a Framework. + The request object. Request message for getting a + Framework. retry (google.api_core.retry.Retry): Designation of what errors, if any, should be retried. timeout (float): The timeout for this request. @@ -1524,9 +1546,14 @@ def __call__( Returns: ~.common.Framework: - Framework is a collection of - CloudControls which represents - industry/GCP/Customer defined + A Framework is a collection of + CloudControls to address security and + compliance requirements. Frameworks can + be used for prevention, detection, and + auditing. They can be either built-in, + industry-standard frameworks provided by + GCP/AZURE/AWS (e.g., NIST, FedRAMP) or + custom frameworks created by users. """ @@ -1664,7 +1691,8 @@ def __call__( Args: request (~.config.ListCloudControlsRequest): - The request object. Request message for [ListCloudControls][]. + The request object. Request message for listing + CloudControls. retry (google.api_core.retry.Retry): Designation of what errors, if any, should be retried. timeout (float): The timeout for this request. @@ -1816,7 +1844,8 @@ def __call__( Args: request (~.config.ListFrameworksRequest): - The request object. Request message for [ListFrameworks][]. + The request object. Request message for listing + Frameworks. retry (google.api_core.retry.Retry): Designation of what errors, if any, should be retried. timeout (float): The timeout for this request. @@ -1827,7 +1856,10 @@ def __call__( Returns: ~.config.ListFrameworksResponse: - Response message for [ListFrameworks][]. + Response message for listing + Frameworks. Contains a paginated list of + Framework resources. + """ http_options = ( @@ -1965,7 +1997,8 @@ def __call__( Args: request (~.config.UpdateCloudControlRequest): - The request object. Message for updating a CloudControl. + The request object. Request message for + UpdateCloudControl. retry (google.api_core.retry.Retry): Designation of what errors, if any, should be retried. timeout (float): The timeout for this request. @@ -1976,9 +2009,14 @@ def __call__( Returns: ~.common.CloudControl: - A CloudControl is a GCP-provided - parameterized concept which is used to - satisfy a Security or Compliance intent. + A CloudControl is the fundamental unit encapsulating the + rules to meet a specific security or compliance intent. + It can contain various rule types (like Organization + Policies, CEL expressions, etc.) enabling different + enforcement modes (Preventive, Detective, Audit). + CloudControls are often parameterized for reusability + and can be either BUILT_IN (provided by Google) or + CUSTOM (defined by the user). """ @@ -2124,7 +2162,8 @@ def __call__( Args: request (~.config.UpdateFrameworkRequest): - The request object. Message for updating a Framework + The request object. Request message for updating a + Framework. retry (google.api_core.retry.Retry): Designation of what errors, if any, should be retried. timeout (float): The timeout for this request. @@ -2135,9 +2174,14 @@ def __call__( Returns: ~.common.Framework: - Framework is a collection of - CloudControls which represents - industry/GCP/Customer defined + A Framework is a collection of + CloudControls to address security and + compliance requirements. Frameworks can + be used for prevention, detection, and + auditing. They can be either built-in, + industry-standard frameworks provided by + GCP/AZURE/AWS (e.g., NIST, FedRAMP) or + custom frameworks created by users. """ diff --git a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/deployment/async_client.py b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/deployment/async_client.py index 61b723a70d12..0f5b39b5747f 100644 --- a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/deployment/async_client.py +++ b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/deployment/async_client.py @@ -69,7 +69,9 @@ class DeploymentAsyncClient: - """Service describing handlers for resources""" + """Deployment service allows users to manage deployments of + Frameworks and Cloud Controls on a target resource. + """ _client: DeploymentClient @@ -311,8 +313,8 @@ async def create_framework_deployment( timeout: Union[float, object] = gapic_v1.method.DEFAULT, metadata: Sequence[Tuple[str, Union[str, bytes]]] = (), ) -> operation_async.AsyncOperation: - r"""Creates a new FrameworkDeployment in a given project - and location. + r"""Creates a new FrameworkDeployment in a given parent + resource. .. code-block:: python @@ -355,10 +357,10 @@ async def sample_create_framework_deployment(): Args: request (Optional[Union[google.cloud.cloudsecuritycompliance_v1.types.CreateFrameworkDeploymentRequest, dict]]): The request object. Request message for - CreateFrameworkDeployment. + CreateFrameworkDeployment API. parent (:class:`str`): - Required. Value for parent. Supported - formats: + Required. The parent resource of the + FrameworkDeployment in the format: organizations/{organization}/locations/{location} Only global location is supported. @@ -366,15 +368,17 @@ async def sample_create_framework_deployment(): on the ``request`` instance; if ``request`` is provided, this should not be set. framework_deployment (:class:`google.cloud.cloudsecuritycompliance_v1.types.FrameworkDeployment`): - Required. The resource being created. + Required. The FrameworkDeployment to + be created. + This corresponds to the ``framework_deployment`` field on the ``request`` instance; if ``request`` is provided, this should not be set. framework_deployment_id (:class:`str`): Optional. User provided identifier. - It should be unique in scope of a parent - Please note that this is optional and if - not provided, a random UUID will be + It should be unique in scope of a + parent. This is optional and if not + provided, a random UUID will be generated. This corresponds to the ``framework_deployment_id`` field @@ -392,8 +396,10 @@ async def sample_create_framework_deployment(): google.api_core.operation_async.AsyncOperation: An object representing a long-running operation. - The result type for the operation will be :class:`google.cloud.cloudsecuritycompliance_v1.types.FrameworkDeployment` FrameworkDeployment is a resource that represents a deployment using a - framework. + The result type for the operation will be :class:`google.cloud.cloudsecuritycompliance_v1.types.FrameworkDeployment` FrameworkDeployment represents deployment of a Framework on a target + resource. Supported target resources are + organizations/{organization}, folders/{folder}, and + projects/{project}. """ # Create or coerce a protobuf request object. @@ -505,9 +511,8 @@ async def sample_delete_framework_deployment(): The request object. Request message for DeleteFrameworkDeployment. name (:class:`str`): - Required. Name of the framework deployment to be deleted - FrameworkDeployment name in either of the following - formats: + Required. name of the FrameworkDeployment to be deleted + in the following format: organizations/{organization}/locations/{location}/frameworkDeployments/{framework_deployment_id} This corresponds to the ``name`` field @@ -636,8 +641,8 @@ async def sample_get_framework_deployment(): The request object. Request message for GetFrameworkDeployment. name (:class:`str`): - Required. FrameworkDeployment name in either of the - following formats: + Required. FrameworkDeployment name in the following + format: organizations/{organization}/locations/{location}/frameworkDeployments/{framework_deployment_id} This corresponds to the ``name`` field @@ -653,9 +658,12 @@ async def sample_get_framework_deployment(): Returns: google.cloud.cloudsecuritycompliance_v1.types.FrameworkDeployment: - FrameworkDeployment is a resource - that represents a deployment using a - framework. + FrameworkDeployment represents + deployment of a Framework on a target + resource. Supported target resources are + organizations/{organization}, + folders/{folder}, and + projects/{project}. """ # Create or coerce a protobuf request object. @@ -718,8 +726,8 @@ async def list_framework_deployments( timeout: Union[float, object] = gapic_v1.method.DEFAULT, metadata: Sequence[Tuple[str, Union[str, bytes]]] = (), ) -> pagers.ListFrameworkDeploymentsAsyncPager: - r"""Lists FrameworkDeployments in a given parent and - location. + r"""Lists FrameworkDeployments in a given parent + resource. .. code-block:: python @@ -753,8 +761,10 @@ async def sample_list_framework_deployments(): The request object. Request message for ListFrameworkDeployments. parent (:class:`str`): - Required. Parent value for - ListFrameworkDeploymentsRequest. + Required. parent resource of the + FrameworkDeployment in the format: + organizations/{organization}/locations/{location} + Only global location is supported. This corresponds to the ``parent`` field on the ``request`` instance; if ``request`` is provided, this @@ -769,8 +779,8 @@ async def sample_list_framework_deployments(): Returns: google.cloud.cloudsecuritycompliance_v1.services.deployment.pagers.ListFrameworkDeploymentsAsyncPager: - Message for response to listing - FrameworkDeployments. + Response message for + ListFrameworkDeployments. Iterating over this object will yield results and resolve additional pages automatically. @@ -880,8 +890,8 @@ async def sample_get_cloud_control_deployment(): The request object. Request message for GetCloudControlDeployment. name (:class:`str`): - Required. CloudControlDeployment name in either of the - following formats: + Required. CloudControlDeployment name in the following + format: organizations/{organization}/locations/{location}/cloudControlDeployments/{cloud_control_deployment_id} This corresponds to the ``name`` field @@ -897,9 +907,12 @@ async def sample_get_cloud_control_deployment(): Returns: google.cloud.cloudsecuritycompliance_v1.types.CloudControlDeployment: - CloudControlDeployment is a resource - that represents a deployment using a - cloud control. + CloudControlDeployment represents + deployment of a CloudControl on a target + resource. Supported target resources are + organizations/{organization}, + folders/{folder}, and + projects/{project}. """ # Create or coerce a protobuf request object. @@ -962,7 +975,8 @@ async def list_cloud_control_deployments( timeout: Union[float, object] = gapic_v1.method.DEFAULT, metadata: Sequence[Tuple[str, Union[str, bytes]]] = (), ) -> pagers.ListCloudControlDeploymentsAsyncPager: - r"""Lists CloudControlDeployments under a given parent. + r"""Lists CloudControlDeployments in a given parent + resource. .. code-block:: python @@ -996,8 +1010,10 @@ async def sample_list_cloud_control_deployments(): The request object. Request message for ListCloudControlDeployments. parent (:class:`str`): - Required. Parent value for - ListCloudControlDeploymentsRequest. + Required. parent resource of the + CloudControlDeployment in the format: + organizations/{organization}/locations/{location} + Only global location is supported. This corresponds to the ``parent`` field on the ``request`` instance; if ``request`` is provided, this @@ -1012,8 +1028,8 @@ async def sample_list_cloud_control_deployments(): Returns: google.cloud.cloudsecuritycompliance_v1.services.deployment.pagers.ListCloudControlDeploymentsAsyncPager: - Message for response to listing - CloudControlDeployments. + Response message for + ListCloudControlDeployments. Iterating over this object will yield results and resolve additional pages automatically. diff --git a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/deployment/client.py b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/deployment/client.py index c5a3e957f39d..ed48d3c7faa8 100644 --- a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/deployment/client.py +++ b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/deployment/client.py @@ -113,7 +113,9 @@ def get_transport_class( class DeploymentClient(metaclass=DeploymentClientMeta): - """Service describing handlers for resources""" + """Deployment service allows users to manage deployments of + Frameworks and Cloud Controls on a target resource. + """ @staticmethod def _get_default_mtls_endpoint(api_endpoint): @@ -769,8 +771,8 @@ def create_framework_deployment( timeout: Union[float, object] = gapic_v1.method.DEFAULT, metadata: Sequence[Tuple[str, Union[str, bytes]]] = (), ) -> operation.Operation: - r"""Creates a new FrameworkDeployment in a given project - and location. + r"""Creates a new FrameworkDeployment in a given parent + resource. .. code-block:: python @@ -813,10 +815,10 @@ def sample_create_framework_deployment(): Args: request (Union[google.cloud.cloudsecuritycompliance_v1.types.CreateFrameworkDeploymentRequest, dict]): The request object. Request message for - CreateFrameworkDeployment. + CreateFrameworkDeployment API. parent (str): - Required. Value for parent. Supported - formats: + Required. The parent resource of the + FrameworkDeployment in the format: organizations/{organization}/locations/{location} Only global location is supported. @@ -824,15 +826,17 @@ def sample_create_framework_deployment(): on the ``request`` instance; if ``request`` is provided, this should not be set. framework_deployment (google.cloud.cloudsecuritycompliance_v1.types.FrameworkDeployment): - Required. The resource being created. + Required. The FrameworkDeployment to + be created. + This corresponds to the ``framework_deployment`` field on the ``request`` instance; if ``request`` is provided, this should not be set. framework_deployment_id (str): Optional. User provided identifier. - It should be unique in scope of a parent - Please note that this is optional and if - not provided, a random UUID will be + It should be unique in scope of a + parent. This is optional and if not + provided, a random UUID will be generated. This corresponds to the ``framework_deployment_id`` field @@ -850,8 +854,10 @@ def sample_create_framework_deployment(): google.api_core.operation.Operation: An object representing a long-running operation. - The result type for the operation will be :class:`google.cloud.cloudsecuritycompliance_v1.types.FrameworkDeployment` FrameworkDeployment is a resource that represents a deployment using a - framework. + The result type for the operation will be :class:`google.cloud.cloudsecuritycompliance_v1.types.FrameworkDeployment` FrameworkDeployment represents deployment of a Framework on a target + resource. Supported target resources are + organizations/{organization}, folders/{folder}, and + projects/{project}. """ # Create or coerce a protobuf request object. @@ -962,9 +968,8 @@ def sample_delete_framework_deployment(): The request object. Request message for DeleteFrameworkDeployment. name (str): - Required. Name of the framework deployment to be deleted - FrameworkDeployment name in either of the following - formats: + Required. name of the FrameworkDeployment to be deleted + in the following format: organizations/{organization}/locations/{location}/frameworkDeployments/{framework_deployment_id} This corresponds to the ``name`` field @@ -1092,8 +1097,8 @@ def sample_get_framework_deployment(): The request object. Request message for GetFrameworkDeployment. name (str): - Required. FrameworkDeployment name in either of the - following formats: + Required. FrameworkDeployment name in the following + format: organizations/{organization}/locations/{location}/frameworkDeployments/{framework_deployment_id} This corresponds to the ``name`` field @@ -1109,9 +1114,12 @@ def sample_get_framework_deployment(): Returns: google.cloud.cloudsecuritycompliance_v1.types.FrameworkDeployment: - FrameworkDeployment is a resource - that represents a deployment using a - framework. + FrameworkDeployment represents + deployment of a Framework on a target + resource. Supported target resources are + organizations/{organization}, + folders/{folder}, and + projects/{project}. """ # Create or coerce a protobuf request object. @@ -1171,8 +1179,8 @@ def list_framework_deployments( timeout: Union[float, object] = gapic_v1.method.DEFAULT, metadata: Sequence[Tuple[str, Union[str, bytes]]] = (), ) -> pagers.ListFrameworkDeploymentsPager: - r"""Lists FrameworkDeployments in a given parent and - location. + r"""Lists FrameworkDeployments in a given parent + resource. .. code-block:: python @@ -1206,8 +1214,10 @@ def sample_list_framework_deployments(): The request object. Request message for ListFrameworkDeployments. parent (str): - Required. Parent value for - ListFrameworkDeploymentsRequest. + Required. parent resource of the + FrameworkDeployment in the format: + organizations/{organization}/locations/{location} + Only global location is supported. This corresponds to the ``parent`` field on the ``request`` instance; if ``request`` is provided, this @@ -1222,8 +1232,8 @@ def sample_list_framework_deployments(): Returns: google.cloud.cloudsecuritycompliance_v1.services.deployment.pagers.ListFrameworkDeploymentsPager: - Message for response to listing - FrameworkDeployments. + Response message for + ListFrameworkDeployments. Iterating over this object will yield results and resolve additional pages automatically. @@ -1332,8 +1342,8 @@ def sample_get_cloud_control_deployment(): The request object. Request message for GetCloudControlDeployment. name (str): - Required. CloudControlDeployment name in either of the - following formats: + Required. CloudControlDeployment name in the following + format: organizations/{organization}/locations/{location}/cloudControlDeployments/{cloud_control_deployment_id} This corresponds to the ``name`` field @@ -1349,9 +1359,12 @@ def sample_get_cloud_control_deployment(): Returns: google.cloud.cloudsecuritycompliance_v1.types.CloudControlDeployment: - CloudControlDeployment is a resource - that represents a deployment using a - cloud control. + CloudControlDeployment represents + deployment of a CloudControl on a target + resource. Supported target resources are + organizations/{organization}, + folders/{folder}, and + projects/{project}. """ # Create or coerce a protobuf request object. @@ -1413,7 +1426,8 @@ def list_cloud_control_deployments( timeout: Union[float, object] = gapic_v1.method.DEFAULT, metadata: Sequence[Tuple[str, Union[str, bytes]]] = (), ) -> pagers.ListCloudControlDeploymentsPager: - r"""Lists CloudControlDeployments under a given parent. + r"""Lists CloudControlDeployments in a given parent + resource. .. code-block:: python @@ -1447,8 +1461,10 @@ def sample_list_cloud_control_deployments(): The request object. Request message for ListCloudControlDeployments. parent (str): - Required. Parent value for - ListCloudControlDeploymentsRequest. + Required. parent resource of the + CloudControlDeployment in the format: + organizations/{organization}/locations/{location} + Only global location is supported. This corresponds to the ``parent`` field on the ``request`` instance; if ``request`` is provided, this @@ -1463,8 +1479,8 @@ def sample_list_cloud_control_deployments(): Returns: google.cloud.cloudsecuritycompliance_v1.services.deployment.pagers.ListCloudControlDeploymentsPager: - Message for response to listing - CloudControlDeployments. + Response message for + ListCloudControlDeployments. Iterating over this object will yield results and resolve additional pages automatically. diff --git a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/deployment/transports/grpc.py b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/deployment/transports/grpc.py index 103356d8a1c9..9173f3d0876a 100644 --- a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/deployment/transports/grpc.py +++ b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/deployment/transports/grpc.py @@ -112,7 +112,8 @@ def intercept_unary_unary(self, continuation, client_call_details, request): class DeploymentGrpcTransport(DeploymentTransport): """gRPC backend transport for Deployment. - Service describing handlers for resources + Deployment service allows users to manage deployments of + Frameworks and Cloud Controls on a target resource. This class defines the same methods as the primary client, so the primary client can load the underlying transport implementation @@ -346,8 +347,8 @@ def create_framework_deployment( ]: r"""Return a callable for the create framework deployment method over gRPC. - Creates a new FrameworkDeployment in a given project - and location. + Creates a new FrameworkDeployment in a given parent + resource. Returns: Callable[[~.CreateFrameworkDeploymentRequest], @@ -436,8 +437,8 @@ def list_framework_deployments( ]: r"""Return a callable for the list framework deployments method over gRPC. - Lists FrameworkDeployments in a given parent and - location. + Lists FrameworkDeployments in a given parent + resource. Returns: Callable[[~.ListFrameworkDeploymentsRequest], @@ -498,7 +499,8 @@ def list_cloud_control_deployments( ]: r"""Return a callable for the list cloud control deployments method over gRPC. - Lists CloudControlDeployments under a given parent. + Lists CloudControlDeployments in a given parent + resource. Returns: Callable[[~.ListCloudControlDeploymentsRequest], diff --git a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/deployment/transports/grpc_asyncio.py b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/deployment/transports/grpc_asyncio.py index 78e2459c7714..00477db37580 100644 --- a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/deployment/transports/grpc_asyncio.py +++ b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/deployment/transports/grpc_asyncio.py @@ -118,7 +118,8 @@ async def intercept_unary_unary(self, continuation, client_call_details, request class DeploymentGrpcAsyncIOTransport(DeploymentTransport): """gRPC AsyncIO backend transport for Deployment. - Service describing handlers for resources + Deployment service allows users to manage deployments of + Frameworks and Cloud Controls on a target resource. This class defines the same methods as the primary client, so the primary client can load the underlying transport implementation @@ -355,8 +356,8 @@ def create_framework_deployment( ]: r"""Return a callable for the create framework deployment method over gRPC. - Creates a new FrameworkDeployment in a given project - and location. + Creates a new FrameworkDeployment in a given parent + resource. Returns: Callable[[~.CreateFrameworkDeploymentRequest], @@ -447,8 +448,8 @@ def list_framework_deployments( ]: r"""Return a callable for the list framework deployments method over gRPC. - Lists FrameworkDeployments in a given parent and - location. + Lists FrameworkDeployments in a given parent + resource. Returns: Callable[[~.ListFrameworkDeploymentsRequest], @@ -510,7 +511,8 @@ def list_cloud_control_deployments( ]: r"""Return a callable for the list cloud control deployments method over gRPC. - Lists CloudControlDeployments under a given parent. + Lists CloudControlDeployments in a given parent + resource. Returns: Callable[[~.ListCloudControlDeploymentsRequest], diff --git a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/deployment/transports/rest.py b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/deployment/transports/rest.py index a17e8c02dc49..8260528e29a9 100644 --- a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/deployment/transports/rest.py +++ b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/services/deployment/transports/rest.py @@ -587,7 +587,8 @@ class DeploymentRestStub: class DeploymentRestTransport(_BaseDeploymentRestTransport): """REST backend synchronous transport for Deployment. - Service describing handlers for resources + Deployment service allows users to manage deployments of + Frameworks and Cloud Controls on a target resource. This class defines the same methods as the primary client, so the primary client can load the underlying transport implementation @@ -760,7 +761,7 @@ def __call__( Args: request (~.deployment.CreateFrameworkDeploymentRequest): The request object. Request message for - CreateFrameworkDeployment. + CreateFrameworkDeployment API. retry (google.api_core.retry.Retry): Designation of what errors, if any, should be retried. timeout (float): The timeout for this request. @@ -1074,9 +1075,12 @@ def __call__( Returns: ~.deployment.CloudControlDeployment: - CloudControlDeployment is a resource - that represents a deployment using a - cloud control. + CloudControlDeployment represents + deployment of a CloudControl on a target + resource. Supported target resources are + organizations/{organization}, + folders/{folder}, and + projects/{project}. """ @@ -1226,9 +1230,12 @@ def __call__( Returns: ~.deployment.FrameworkDeployment: - FrameworkDeployment is a resource - that represents a deployment using a - framework. + FrameworkDeployment represents + deployment of a Framework on a target + resource. Supported target resources are + organizations/{organization}, + folders/{folder}, and + projects/{project}. """ @@ -1378,8 +1385,8 @@ def __call__( Returns: ~.deployment.ListCloudControlDeploymentsResponse: - Message for response to listing - CloudControlDeployments. + Response message for + ListCloudControlDeployments. """ @@ -1535,8 +1542,8 @@ def __call__( Returns: ~.deployment.ListFrameworkDeploymentsResponse: - Message for response to listing - FrameworkDeployments. + Response message for + ListFrameworkDeployments. """ diff --git a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/types/__init__.py b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/types/__init__.py index d1ae950445b4..2fcf1cee660e 100644 --- a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/types/__init__.py +++ b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/types/__init__.py @@ -20,10 +20,7 @@ CloudControl, CloudControlCategory, CloudControlDetails, - CloudControlGroup, CloudProvider, - Control, - ControlFamily, EnforcementMode, Framework, FrameworkCategory, @@ -36,7 +33,6 @@ ParamValue, PlaceholderSubstitutionRule, RegexpPattern, - RegulatoryControlResponsibilityType, Rule, RuleActionType, Severity, @@ -61,7 +57,6 @@ from .deployment import ( CloudControlDeployment, CloudControlDeploymentReference, - CloudControlGroupDeployment, CloudControlMetadata, CreateFrameworkDeploymentRequest, DeleteFrameworkDeploymentRequest, @@ -86,9 +81,6 @@ "CELExpression", "CloudControl", "CloudControlDetails", - "CloudControlGroup", - "Control", - "ControlFamily", "Framework", "FrameworkReference", "IntRange", @@ -106,7 +98,6 @@ "CloudProvider", "EnforcementMode", "FrameworkCategory", - "RegulatoryControlResponsibilityType", "RuleActionType", "Severity", "TargetResourceType", @@ -124,7 +115,6 @@ "UpdateFrameworkRequest", "CloudControlDeployment", "CloudControlDeploymentReference", - "CloudControlGroupDeployment", "CloudControlMetadata", "CreateFrameworkDeploymentRequest", "DeleteFrameworkDeploymentRequest", diff --git a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/types/common.py b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/types/common.py index e72ca78ee59f..9fe73a4697d8 100644 --- a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/types/common.py +++ b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/types/common.py @@ -23,7 +23,6 @@ __protobuf__ = proto.module( package="google.cloud.cloudsecuritycompliance.v1", manifest={ - "RegulatoryControlResponsibilityType", "EnforcementMode", "FrameworkCategory", "CloudControlCategory", @@ -32,7 +31,6 @@ "RuleActionType", "TargetResourceType", "Framework", - "CloudControlGroup", "CloudControlDetails", "FrameworkReference", "Parameter", @@ -50,31 +48,10 @@ "Rule", "CELExpression", "OperationMetadata", - "Control", - "ControlFamily", }, ) -class RegulatoryControlResponsibilityType(proto.Enum): - r"""Regulatory Control Responsibility Type - - Values: - REGULATORY_CONTROL_RESPONSIBILITY_TYPE_UNSPECIFIED (0): - Unspecified. Invalid state. - GOOGLE (1): - Google responsibility. - CUSTOMER (2): - Customer responsibility. - SHARED (3): - Shared responsibility. - """ - REGULATORY_CONTROL_RESPONSIBILITY_TYPE_UNSPECIFIED = 0 - GOOGLE = 1 - CUSTOMER = 2 - SHARED = 3 - - class EnforcementMode(proto.Enum): r"""The enforcement mode of the cloud control. @@ -329,8 +306,11 @@ class TargetResourceType(proto.Enum): class Framework(proto.Message): - r"""Framework is a collection of CloudControls which represents - industry/GCP/Customer defined + r"""A Framework is a collection of CloudControls to address + security and compliance requirements. Frameworks can be used for + prevention, detection, and auditing. They can be either + built-in, industry-standard frameworks provided by GCP/AZURE/AWS + (e.g., NIST, FedRAMP) or custom frameworks created by users. Attributes: name (str): @@ -348,9 +328,6 @@ class Framework(proto.Message): type_ (google.cloud.cloudsecuritycompliance_v1.types.Framework.FrameworkType): Output only. The type of the framework. The default is TYPE_CUSTOM. - cloud_control_group_details (MutableSequence[google.cloud.cloudsecuritycompliance_v1.types.Framework.CloudControlGroupDetails]): - Optional. The details of the cloud control - groups included in the framework. cloud_control_details (MutableSequence[google.cloud.cloudsecuritycompliance_v1.types.CloudControlDetails]): Optional. The details of the cloud controls directly added without any grouping in the @@ -362,6 +339,9 @@ class Framework(proto.Message): supported_target_resource_types (MutableSequence[google.cloud.cloudsecuritycompliance_v1.types.TargetResourceType]): Output only. target resource types supported by the Framework. + supported_enforcement_modes (MutableSequence[google.cloud.cloudsecuritycompliance_v1.types.EnforcementMode]): + Output only. The supported enforcement modes + of the framework. """ class FrameworkType(proto.Enum): @@ -381,28 +361,6 @@ class FrameworkType(proto.Enum): BUILT_IN = 1 CUSTOM = 2 - class CloudControlGroupDetails(proto.Message): - r"""The details of the cloud control group included in the - framework. - - - .. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields - - Attributes: - cloud_control_group (google.cloud.cloudsecuritycompliance_v1.types.CloudControlGroup): - The cloud control group included in the - framework. - - This field is a member of `oneof`_ ``kind``. - """ - - cloud_control_group: "CloudControlGroup" = proto.Field( - proto.MESSAGE, - number=1, - oneof="kind", - message="CloudControlGroup", - ) - name: str = proto.Field( proto.STRING, number=1, @@ -424,13 +382,6 @@ class CloudControlGroupDetails(proto.Message): number=6, enum=FrameworkType, ) - cloud_control_group_details: MutableSequence[ - CloudControlGroupDetails - ] = proto.RepeatedField( - proto.MESSAGE, - number=7, - message=CloudControlGroupDetails, - ) cloud_control_details: MutableSequence["CloudControlDetails"] = proto.RepeatedField( proto.MESSAGE, number=8, @@ -453,87 +404,12 @@ class CloudControlGroupDetails(proto.Message): number=11, enum="TargetResourceType", ) - - -class CloudControlGroup(proto.Message): - r"""CloudControlGroup is an optional entity within a Framework - that helps customers organize their CloudControls. - - Attributes: - name (str): - Required. The name of the cloud control group - in the format: - “organizations/{organization}/locations/{location}/ - cloudControlGroups/{cloud-control-group}” - description (str): - Optional. The description of the cloud - control group.The maximum length is 2000 - characters. - type_ (google.cloud.cloudsecuritycompliance_v1.types.CloudControlGroup.CloudControlGroupType): - Optional. Output only. The type of the cloud control group. - Default is TYPE_CUSTOM. - control_id (str): - Optional. The control identifier used to - fetch the findings. This is same as the control - report name. - cloud_control_details (MutableSequence[google.cloud.cloudsecuritycompliance_v1.types.CloudControlDetails]): - Required. The details of the cloud controls - to be referred to in the framework. - major_revision_id (int): - Optional. Major revision of the cloud control - group. - control (str): - Optional. The industry-defined Control assciated with the - cloud controls in this group. - organizations/{organization}/locations/{location}/controls/{control_id} - """ - - class CloudControlGroupType(proto.Enum): - r"""CloudControlGroupType is the type of the CloudControlGroup. - - Values: - CLOUD_CONTROL_GROUP_TYPE_UNSPECIFIED (0): - Default value. This value is unused. - BUILT_IN (1): - The CloudControlGroup is a built-in group - provided by GCP. - CUSTOM (2): - The CloudControlGroup is a custom group - created by the user. - """ - CLOUD_CONTROL_GROUP_TYPE_UNSPECIFIED = 0 - BUILT_IN = 1 - CUSTOM = 2 - - name: str = proto.Field( - proto.STRING, - number=1, - ) - description: str = proto.Field( - proto.STRING, - number=2, - ) - type_: CloudControlGroupType = proto.Field( + supported_enforcement_modes: MutableSequence[ + "EnforcementMode" + ] = proto.RepeatedField( proto.ENUM, - number=3, - enum=CloudControlGroupType, - ) - control_id: str = proto.Field( - proto.STRING, - number=4, - ) - cloud_control_details: MutableSequence["CloudControlDetails"] = proto.RepeatedField( - proto.MESSAGE, - number=5, - message="CloudControlDetails", - ) - major_revision_id: int = proto.Field( - proto.INT64, - number=6, - ) - control: str = proto.Field( - proto.STRING, - number=8, + number=13, + enum="EnforcementMode", ) @@ -622,8 +498,13 @@ class Parameter(proto.Message): class CloudControl(proto.Message): - r"""A CloudControl is a GCP-provided parameterized concept which - is used to satisfy a Security or Compliance intent. + r"""A CloudControl is the fundamental unit encapsulating the rules to + meet a specific security or compliance intent. It can contain + various rule types (like Organization Policies, CEL expressions, + etc.) enabling different enforcement modes (Preventive, Detective, + Audit). CloudControls are often parameterized for reusability and + can be either BUILT_IN (provided by Google) or CUSTOM (defined by + the user). Attributes: name (str): @@ -1214,191 +1095,4 @@ class OperationMetadata(proto.Message): ) -class Control(proto.Message): - r"""Represents a Regulatory control. - - Attributes: - name (str): - Output only. The name of a Control. Format: - - 'organizations/{organization}/locations/{location}/controls/{control}'' - display_name (str): - Output only. display_name - description (str): - Output only. The description of the control. - family (google.cloud.cloudsecuritycompliance_v1.types.Control.Family): - Output only. Group where the control belongs. - E.g. Access Control. - control_family (google.cloud.cloudsecuritycompliance_v1.types.ControlFamily): - Output only. Regulatory Family of the control - E.g. Access Control - responsibility_type (google.cloud.cloudsecuritycompliance_v1.types.RegulatoryControlResponsibilityType): - Output only. The control comes under whoose - responsibility e.g. GOOGLE, CUSTOMER or SHARED. - google_responsibility_description (str): - Output only. Google responsibility - description of regulatory control. - google_responsibility_implementation (str): - Output only. Google responsibility - implementation of regulatory control. - customer_responsibility_description (str): - Output only. Customer responsibility - description of regulatory control. - customer_responsibility_implementation (str): - Output only. Customer responsibility - implementation of regulatory control. - shared_responsibility_description (str): - Output only. Description of shared - Responsibility between Google and Customer in - implementing this control - additional_content_uri (str): - Output only. Link to the public documentation - related to this control - related_frameworks (MutableSequence[str]): - Output only. The Frameworks that include this - CloudControl - """ - - class Family(proto.Enum): - r"""Family of the control. E.g. Access Control - - Values: - FAMILY_UNSPECIFIED (0): - Unspecified. Invalid state. - AC (1): - Access Control - AT (2): - Awareness and Training - AU (3): - Audit and Accountability - CA (4): - Certification, Accreditation and Security - Assessments - CM (5): - Configuration Management - CP (6): - Contingency Planning - IA (7): - Identification and Authentication - IR (8): - Incident Response - MA (9): - Maintenance - MP (10): - Media Protection - PE (11): - Physical and Environmental Protection - PL (12): - Security Planning - PS (13): - Personnel Security - RA (14): - Risk Assessment - SA (15): - System Services and Acquisition - SC (16): - System and Communications Protection - SI (17): - System and Information Integrity - SR (18): - Supply Chain Risk Management - """ - FAMILY_UNSPECIFIED = 0 - AC = 1 - AT = 2 - AU = 3 - CA = 4 - CM = 5 - CP = 6 - IA = 7 - IR = 8 - MA = 9 - MP = 10 - PE = 11 - PL = 12 - PS = 13 - RA = 14 - SA = 15 - SC = 16 - SI = 17 - SR = 18 - - name: str = proto.Field( - proto.STRING, - number=1, - ) - display_name: str = proto.Field( - proto.STRING, - number=3, - ) - description: str = proto.Field( - proto.STRING, - number=4, - ) - family: Family = proto.Field( - proto.ENUM, - number=5, - enum=Family, - ) - control_family: "ControlFamily" = proto.Field( - proto.MESSAGE, - number=6, - message="ControlFamily", - ) - responsibility_type: "RegulatoryControlResponsibilityType" = proto.Field( - proto.ENUM, - number=7, - enum="RegulatoryControlResponsibilityType", - ) - google_responsibility_description: str = proto.Field( - proto.STRING, - number=8, - ) - google_responsibility_implementation: str = proto.Field( - proto.STRING, - number=9, - ) - customer_responsibility_description: str = proto.Field( - proto.STRING, - number=10, - ) - customer_responsibility_implementation: str = proto.Field( - proto.STRING, - number=11, - ) - shared_responsibility_description: str = proto.Field( - proto.STRING, - number=12, - ) - additional_content_uri: str = proto.Field( - proto.STRING, - number=13, - ) - related_frameworks: MutableSequence[str] = proto.RepeatedField( - proto.STRING, - number=14, - ) - - -class ControlFamily(proto.Message): - r"""Regulatory Family of the control - - Attributes: - family_id (str): - ID of the regulatory control family. - display_name (str): - Display name of the regulatory control - family. - """ - - family_id: str = proto.Field( - proto.STRING, - number=1, - ) - display_name: str = proto.Field( - proto.STRING, - number=2, - ) - - __all__ = tuple(sorted(__protobuf__.manifest)) diff --git a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/types/config.py b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/types/config.py index 271a31e843d5..ea92b040f0f1 100644 --- a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/types/config.py +++ b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/types/config.py @@ -42,12 +42,13 @@ class ListFrameworksRequest(proto.Message): - r"""Request message for [ListFrameworks][]. + r"""Request message for listing Frameworks. Attributes: parent (str): Required. The parent resource name, in the format - ``organizations/{organization}/locations/{location}``. + ``organizations/{organization}/locations/{location}``. Only + global location is supported. page_size (int): Optional. The maximum number of frameworks to return. The default value is ``500``. @@ -75,13 +76,12 @@ class ListFrameworksRequest(proto.Message): class ListFrameworksResponse(proto.Message): - r"""Response message for [ListFrameworks][]. + r"""Response message for listing Frameworks. + Contains a paginated list of Framework resources. Attributes: frameworks (MutableSequence[google.cloud.cloudsecuritycompliance_v1.types.Framework]): - The list of - [Framework][google.cloud.cloudsecuritycompliance.v1.Framework] - resources. + The list of Framework resources. next_page_token (str): A pagination token. To retrieve the next page of results, call the method again with this @@ -104,14 +104,14 @@ def raw_page(self): class GetFrameworkRequest(proto.Message): - r"""Message for getting a Framework. + r"""Request message for getting a Framework. Attributes: name (str): Required. The name of the framework to retrieve. Format: organizations/{organization}/locations/{location}/frameworks/{framework_id} major_revision_id (int): - Optional. The Framework major revision to retrieve. If not + Optional. The Framework major version to retrieve. If not specified, the most recently updated revision_id is retrieved. """ @@ -127,7 +127,7 @@ class GetFrameworkRequest(proto.Message): class CreateFrameworkRequest(proto.Message): - r"""Message for creating a Framework + r"""Request message for creating a Framework Attributes: parent (str): @@ -158,7 +158,7 @@ class CreateFrameworkRequest(proto.Message): class UpdateFrameworkRequest(proto.Message): - r"""Message for updating a Framework + r"""Request message for updating a Framework. Attributes: update_mask (google.protobuf.field_mask_pb2.FieldMask): @@ -171,7 +171,7 @@ class UpdateFrameworkRequest(proto.Message): framework (google.cloud.cloudsecuritycompliance_v1.types.Framework): Required. The resource being updated major_revision_id (int): - Optional. The major revision ID of the + Optional. The major version ID of the framework to update. """ @@ -192,7 +192,7 @@ class UpdateFrameworkRequest(proto.Message): class DeleteFrameworkRequest(proto.Message): - r"""Message for deleting a Framework + r"""Request message for deleting a Framework. Attributes: name (str): @@ -207,7 +207,7 @@ class DeleteFrameworkRequest(proto.Message): class ListCloudControlsRequest(proto.Message): - r"""Request message for [ListCloudControls][]. + r"""Request message for listing CloudControls. Attributes: parent (str): @@ -271,7 +271,7 @@ def raw_page(self): class GetCloudControlRequest(proto.Message): - r"""Message for getting a CloudControl. + r"""Request message for getting a CloudControl. Attributes: name (str): @@ -287,7 +287,7 @@ class GetCloudControlRequest(proto.Message): class CreateCloudControlRequest(proto.Message): - r"""Message for creating a CloudControl + r"""Request message for creating a CloudControl Attributes: parent (str): @@ -317,7 +317,7 @@ class CreateCloudControlRequest(proto.Message): class UpdateCloudControlRequest(proto.Message): - r"""Message for updating a CloudControl. + r"""Request message for UpdateCloudControl. Attributes: update_mask (google.protobuf.field_mask_pb2.FieldMask): @@ -351,7 +351,7 @@ class UpdateCloudControlRequest(proto.Message): class DeleteCloudControlRequest(proto.Message): - r"""Message for deleting a CloudControl. + r"""Request message for deleting a CloudControl. Attributes: name (str): diff --git a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/types/deployment.py b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/types/deployment.py index b2c199f75d6b..64176f077889 100644 --- a/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/types/deployment.py +++ b/packages/google-cloud-cloudsecuritycompliance/google/cloud/cloudsecuritycompliance_v1/types/deployment.py @@ -33,7 +33,6 @@ "FolderCreationConfig", "ProjectCreationConfig", "CloudControlMetadata", - "CloudControlGroupDeployment", "CreateFrameworkDeploymentRequest", "DeleteFrameworkDeploymentRequest", "GetFrameworkDeploymentRequest", @@ -49,7 +48,8 @@ class DeploymentState(proto.Enum): - r""" + r"""DeploymentState represents the state of the Deployment + resource. Values: DEPLOYMENT_STATE_UNSPECIFIED (0): @@ -61,13 +61,22 @@ class DeploymentState(proto.Enum): DEPLOYMENT_STATE_DELETING (3): Deployment is in DELETING state. DEPLOYMENT_STATE_FAILED (4): - Deployment has failed. + Deployment has failed. All the changes made + by the deployment have been successfully rolled + back. A deployment in the FAILED state can be + retried or deleted. DEPLOYMENT_STATE_READY (5): - Deployment is ready. + Deployment is successful and ready to use. DEPLOYMENT_STATE_PARTIALLY_DEPLOYED (6): - Deployment is partially deployed. + Deployment is partially deployed. All the + Cloud Controls were not deployed successfully. + Retrying the operation will resume from the + first failed step. DEPLOYMENT_STATE_PARTIALLY_DELETED (7): - Deployment is partially deleted. + Deployment is partially deleted. All the + Cloud Control Deployments were not deleted + successfully. Retrying the operation will resume + from the first failed step. """ DEPLOYMENT_STATE_UNSPECIFIED = 0 DEPLOYMENT_STATE_VALIDATING = 1 @@ -80,41 +89,42 @@ class DeploymentState(proto.Enum): class FrameworkDeployment(proto.Message): - r"""FrameworkDeployment is a resource that represents a - deployment using a framework. + r"""FrameworkDeployment represents deployment of a Framework on a + target resource. Supported target resources are + organizations/{organization}, folders/{folder}, and + projects/{project}. Attributes: name (str): - Identifier. FrameworkDeployment name in either of the - following formats: + Identifier. FrameworkDeployment name in the following + format: organizations/{organization}/locations/{location}/frameworkDeployments/{framework_deployment_id} target_resource_config (google.cloud.cloudsecuritycompliance_v1.types.TargetResourceConfig): - Required. target_resource_config referencing either an - already existing target_resource or contains config for a - target_resource to be created + Required. The details of the target resource + on which the Framework is to be deployed. It can + either be an existing target resource or a new + target resource to be created. computed_target_resource (str): Output only. The resource on which the Framework is deployed based on the provided - TargetResourceConfig. In format - organizations/{organization}, folders/{folder}, - projects/{project} or - projects/{project}/locations/{location}/applications/{application}. + TargetResourceConfig in the following format: + + organizations/{organization}, folders/{folder} + or projects/{project} framework (google.cloud.cloudsecuritycompliance_v1.types.FrameworkReference): - Required. Framework resource reference + Required. Reference to the framework to be + deployed. description (str): Optional. User provided description of the - deployment + Framework deployment cloud_control_metadata (MutableSequence[google.cloud.cloudsecuritycompliance_v1.types.CloudControlMetadata]): - Required. Deployment mode and parameters for each of the - cloud_controls part of the framework. + Required. Deployment mode and parameters for + each of the Cloud Controls in the framework. + Every Cloud Control in the framework must have a + CloudControlMetadata. deployment_state (google.cloud.cloudsecuritycompliance_v1.types.DeploymentState): - Output only. State of the deployment - cc_deployments (MutableSequence[google.cloud.cloudsecuritycompliance_v1.types.CloudControlDeployment]): - Output only. This field is inlined just for - cloudNext because the one platform apis of - CCDeployment does not exist. Beyond cloud next - it will be replaced with the field below which - is the references of cloud control deployment + Output only. State of the Framework + Deployment create_time (google.protobuf.timestamp_pb2.Timestamp): Output only. The time at which the resource was created. @@ -124,21 +134,20 @@ class FrameworkDeployment(proto.Message): etag (str): Optional. To prevent concurrent updates from overwriting each other, always provide the ``etag`` when you update a - CustomComplianceFramework. You can also provide the ``etag`` - when you delete a CustomComplianceFramework, to help ensure - that you're deleting the intended version of the - CustomComplianceFramework. - cc_group_deployments (MutableSequence[google.cloud.cloudsecuritycompliance_v1.types.CloudControlGroupDeployment]): - Output only. Similarly we'll also have a - field for CloudControlGroups + FrameworkDeployment. You can also provide the ``etag`` when + you delete a FrameworkDeployment, to help ensure that you're + deleting the intended version of the FrameworkDeployment. target_resource_display_name (str): Output only. The display name of the target resource. cloud_control_deployment_references (MutableSequence[google.cloud.cloudsecuritycompliance_v1.types.CloudControlDeploymentReference]): Output only. The references to the cloud control - deployments. Example: If a framework deployment deploys two - cloud controls, cc-deployment-1 and cc-deployment-2, then - the cloud_control_deployment_references will be: { + deployments. It has all the CloudControlDeployments which + are either directly added in the framework or through a + CloudControlGroup. Example: If a framework deployment + deploys two cloud controls, cc-deployment-1 and + cc-deployment-2, then the + cloud_control_deployment_references will be: { cloud_control_deployment_reference: { cloud_control_deployment: "organizations/{organization}/locations/{location}/cloudControlDeployments/cc-deployment-1" @@ -182,11 +191,6 @@ class FrameworkDeployment(proto.Message): number=7, enum="DeploymentState", ) - cc_deployments: MutableSequence["CloudControlDeployment"] = proto.RepeatedField( - proto.MESSAGE, - number=8, - message="CloudControlDeployment", - ) create_time: timestamp_pb2.Timestamp = proto.Field( proto.MESSAGE, number=9, @@ -201,13 +205,6 @@ class FrameworkDeployment(proto.Message): proto.STRING, number=11, ) - cc_group_deployments: MutableSequence[ - "CloudControlGroupDeployment" - ] = proto.RepeatedField( - proto.MESSAGE, - number=12, - message="CloudControlGroupDeployment", - ) target_resource_display_name: str = proto.Field( proto.STRING, number=13, @@ -222,32 +219,37 @@ class FrameworkDeployment(proto.Message): class CloudControlDeployment(proto.Message): - r"""CloudControlDeployment is a resource that represents a - deployment using a cloud control. + r"""CloudControlDeployment represents deployment of a + CloudControl on a target resource. Supported target resources + are organizations/{organization}, folders/{folder}, and + projects/{project}. Attributes: name (str): - Identifier. CloudControlDeployment name in either of the - following formats: + Identifier. CloudControlDeployment name in the following + format: organizations/{organization}/locations/{location}/cloudControlDeployments/{cloud_control_deployment_id} target_resource_config (google.cloud.cloudsecuritycompliance_v1.types.TargetResourceConfig): - Required. target_resource_config referencing either an - already existing target_resource or contains config for a - target_resource to be created + Required. The details of the target resource + on which the CloudControl is to be deployed. It + can either be an existing target resource or a + new target resource to be created. target_resource (str): Output only. The resource on which the CloudControl is deployed based on the provided - TargetResourceConfig. In format + TargetResourceConfig in the following format: + organizations/{organization}, folders/{folder} or projects/{project}. cloud_control_metadata (google.cloud.cloudsecuritycompliance_v1.types.CloudControlMetadata): - Required. CloudControlReference, Deployment mode and - parameters for the cloud_control + Required. Deployment mode and parameters for + the Cloud Control. description (str): Optional. User provided description of the - deployment + CloudControl deployment deployment_state (google.cloud.cloudsecuritycompliance_v1.types.DeploymentState): - Output only. State of the deployment + Output only. State of the CloudControl + deployment create_time (google.protobuf.timestamp_pb2.Timestamp): Output only. The time at which the resource was created. @@ -257,21 +259,21 @@ class CloudControlDeployment(proto.Message): etag (str): Optional. To prevent concurrent updates from overwriting each other, always provide the ``etag`` when you update a - CustomComplianceCloudControl. You can also provide the - ``etag`` when you delete a CustomComplianceCloudControl, to - help ensure that you're deleting the intended version of the - CustomComplianceCloudControl. + CloudControlDeployment. You can also provide the ``etag`` + when you delete a CloudControlDeployment, to help ensure + that you're deleting the intended version of the + CloudControlDeployment. parameter_substituted_cloud_control (google.cloud.cloudsecuritycompliance_v1.types.CloudControl): - Output only. The cloud control after - parameter substitution. + Output only. The CloudControl after + substitution of given parameters. framework_deployment_references (MutableSequence[google.cloud.cloudsecuritycompliance_v1.types.FrameworkDeploymentReference]): - Output only. The references to the framework - deployments that this cloud control deployment - is part of. + Output only. The references to the Framework + deployments that this Cloud Control deployment + is part of. A Cloud Control deployment can be + part of multiple Framework deployments. target_resource_display_name (str): - Output only. The name of the application, - project, folder, or organization that the cloud - control is deployed on. + Output only. The display name of the target + resource. """ name: str = proto.Field( @@ -348,13 +350,12 @@ class TargetResourceConfig(proto.Message): existing_target_resource (str): Optional. CRM node in format organizations/{organization}, folders/{folder}, - projects/{project} or - projects/{project}/locations/{location}/applications/{application}. + or projects/{project} This field is a member of `oneof`_ ``resource_config``. target_resource_creation_config (google.cloud.cloudsecuritycompliance_v1.types.TargetResourceCreationConfig): Optional. Config to create a new resource and use that as - the target_resource for deployment + the target_resource for deployment. This field is a member of `oneof`_ ``resource_config``. """ @@ -374,7 +375,7 @@ class TargetResourceConfig(proto.Message): class TargetResourceCreationConfig(proto.Message): r"""TargetResourceCreationConfig contains the config to create a new - resource and use that as the target_resource for deployment. + resource to be used as the target_resource of a deployment. This message has `oneof`_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. @@ -385,11 +386,13 @@ class TargetResourceCreationConfig(proto.Message): Attributes: folder_creation_config (google.cloud.cloudsecuritycompliance_v1.types.FolderCreationConfig): - Optional. Config to create a new folder + Optional. Config to create a new folder to be used as the + target_resource of a deployment. This field is a member of `oneof`_ ``resource_creation_config``. project_creation_config (google.cloud.cloudsecuritycompliance_v1.types.ProjectCreationConfig): - Optional. Config to create a new project + Optional. Config to create a new project to be used as the + target_resource of a deployment. This field is a member of `oneof`_ ``resource_creation_config``. """ @@ -409,12 +412,13 @@ class TargetResourceCreationConfig(proto.Message): class FolderCreationConfig(proto.Message): - r"""FolderCreationConfig contains the config to create a new - folder. + r"""FolderCreationConfig contains the config to create a new folder to + be used as the target_resource of a deployment. Attributes: parent (str): - Required. organizations/{org} or + Required. The parent of the folder to be + created. It can be an organizations/{org} or folders/{folder} folder_display_name (str): Required. Display name of the folder to be @@ -432,8 +436,8 @@ class FolderCreationConfig(proto.Message): class ProjectCreationConfig(proto.Message): - r"""ProjectCreationConfig contains the config to create a new - project. + r"""ProjectCreationConfig contains the config to create a new project to + be used as the target_resource of a deployment. Attributes: parent (str): @@ -441,10 +445,10 @@ class ProjectCreationConfig(proto.Message): folders/{folder} project_display_name (str): Required. Display name of the project to be - created + created. billing_account_id (str): Required. Billing account id to be used for - the project + the project. """ parent: str = proto.Field( @@ -462,12 +466,12 @@ class ProjectCreationConfig(proto.Message): class CloudControlMetadata(proto.Message): - r"""CloudControlMetadata contains the metadata for each of the - cloud controls part of the framework. + r"""CloudControlMetadata contains the enforcement mode and + parameters of a Cloud Control Deployment. Attributes: cloud_control_details (google.cloud.cloudsecuritycompliance_v1.types.CloudControlDetails): - Required. Cloud control details + Required. Cloud control name and parameters. enforcement_mode (google.cloud.cloudsecuritycompliance_v1.types.EnforcementMode): Required. Enforcement mode of the cloud control @@ -485,72 +489,23 @@ class CloudControlMetadata(proto.Message): ) -class CloudControlGroupDeployment(proto.Message): - r"""CloudControlGroupDeployment contains the cloud control group - and the cloud control deployments in the group. - - Attributes: - cloud_control_group (google.cloud.cloudsecuritycompliance_v1.types.CloudControlGroup): - Required. Cloud control group - cc_deployments (MutableSequence[google.cloud.cloudsecuritycompliance_v1.types.CloudControlDeployment]): - Required. Cloud control deployments in the - group - cc_deployment_references (MutableSequence[google.cloud.cloudsecuritycompliance_v1.types.CloudControlDeploymentReference]): - Output only. The references to the cloud control deployments - in the cloud control group. For example, if a cloud control - group has two cloud controls, ``cloud-control-1`` and - ``cloud-control-2``, and the cloud control deployments for - these cloud controls are ``cloud-control-deployment-1`` and - ``cloud-control-deployment-2`` respectively, then the - references are: - - :: - - cloud_control_deployment_reference: { - cloud_control_deployment: - "organizations/{organization}/locations/{location}/cloudControlDeployments/cloud-control-deployment-1" - }, - cloud_control_deployment_reference: { - cloud_control_deployment: - "organizations/{organization}/locations/{location}/cloudControlDeployments/cloud-control-deployment-2" - } - """ - - cloud_control_group: common.CloudControlGroup = proto.Field( - proto.MESSAGE, - number=1, - message=common.CloudControlGroup, - ) - cc_deployments: MutableSequence["CloudControlDeployment"] = proto.RepeatedField( - proto.MESSAGE, - number=2, - message="CloudControlDeployment", - ) - cc_deployment_references: MutableSequence[ - "CloudControlDeploymentReference" - ] = proto.RepeatedField( - proto.MESSAGE, - number=3, - message="CloudControlDeploymentReference", - ) - - class CreateFrameworkDeploymentRequest(proto.Message): - r"""Request message for CreateFrameworkDeployment. + r"""Request message for CreateFrameworkDeployment API. Attributes: parent (str): - Required. Value for parent. Supported - formats: + Required. The parent resource of the + FrameworkDeployment in the format: organizations/{organization}/locations/{location} Only global location is supported. framework_deployment_id (str): Optional. User provided identifier. It should - be unique in scope of a parent Please note that - this is optional and if not provided, a random - UUID will be generated. + be unique in scope of a parent. This is optional + and if not provided, a random UUID will be + generated. framework_deployment (google.cloud.cloudsecuritycompliance_v1.types.FrameworkDeployment): - Required. The resource being created. + Required. The FrameworkDeployment to be + created. """ parent: str = proto.Field( @@ -573,8 +528,8 @@ class DeleteFrameworkDeploymentRequest(proto.Message): Attributes: name (str): - Required. Name of the framework deployment to be deleted - FrameworkDeployment name in either of the following formats: + Required. name of the FrameworkDeployment to be deleted in + the following format: organizations/{organization}/locations/{location}/frameworkDeployments/{framework_deployment_id} etag (str): Optional. An opaque identifier for the current version of @@ -603,8 +558,7 @@ class GetFrameworkDeploymentRequest(proto.Message): Attributes: name (str): - Required. FrameworkDeployment name in either of the - following formats: + Required. FrameworkDeployment name in the following format: organizations/{organization}/locations/{location}/frameworkDeployments/{framework_deployment_id} """ @@ -619,8 +573,10 @@ class ListFrameworkDeploymentsRequest(proto.Message): Attributes: parent (str): - Required. Parent value for - ListFrameworkDeploymentsRequest. + Required. parent resource of the + FrameworkDeployment in the format: + organizations/{organization}/locations/{location} + Only global location is supported. page_size (int): Optional. Requested page size. Server may return fewer items than requested. If @@ -661,7 +617,7 @@ class ListFrameworkDeploymentsRequest(proto.Message): class ListFrameworkDeploymentsResponse(proto.Message): - r"""Message for response to listing FrameworkDeployments. + r"""Response message for ListFrameworkDeployments. Attributes: framework_deployments (MutableSequence[google.cloud.cloudsecuritycompliance_v1.types.FrameworkDeployment]): @@ -691,8 +647,8 @@ class GetCloudControlDeploymentRequest(proto.Message): Attributes: name (str): - Required. CloudControlDeployment name in either of the - following formats: + Required. CloudControlDeployment name in the following + format: organizations/{organization}/locations/{location}/cloudControlDeployments/{cloud_control_deployment_id} """ @@ -707,8 +663,10 @@ class ListCloudControlDeploymentsRequest(proto.Message): Attributes: parent (str): - Required. Parent value for - ListCloudControlDeploymentsRequest. + Required. parent resource of the + CloudControlDeployment in the format: + organizations/{organization}/locations/{location} + Only global location is supported. page_size (int): Optional. Requested page size. Server may return fewer items than requested. If @@ -749,7 +707,7 @@ class ListCloudControlDeploymentsRequest(proto.Message): class ListCloudControlDeploymentsResponse(proto.Message): - r"""Message for response to listing CloudControlDeployments. + r"""Response message for ListCloudControlDeployments. Attributes: cloud_control_deployments (MutableSequence[google.cloud.cloudsecuritycompliance_v1.types.CloudControlDeployment]): @@ -777,11 +735,11 @@ def raw_page(self): class CloudControlDeploymentReference(proto.Message): - r"""The reference to the cloud control deployment. + r"""The reference to a CloudControlDeployment. Attributes: cloud_control_deployment (str): - Output only. The name of the cloud control deployment. The + Output only. The name of the CloudControlDeployment. The format is: organizations/{org}/locations/{location}/cloudControlDeployments/{cloud_control_deployment_id} """ @@ -793,19 +751,21 @@ class CloudControlDeploymentReference(proto.Message): class FrameworkDeploymentReference(proto.Message): - r"""The reference to the framework deployment. + r"""The reference to a FrameworkDeployment. Attributes: framework_deployment (str): - Output only. The name of the framework. The format is: + Output only. The name of the FrameworkDeployment. The format + is: organizations/{org}/locations/{location}/frameworkDeployments/{framework_deployment_id} framework_reference (google.cloud.cloudsecuritycompliance_v1.types.FrameworkReference): - Optional. The reference to the framework that this + Optional. The reference to the Framework that this deployment is for. Example: { framework: "organizations/{org}/locations/{location}/frameworks/{framework}", major_revision_id: 1 } framework_display_name (str): - Optional. The display name of the framework. + Optional. The display name of the Framework + that this FrameworkDeployment is for. """ framework_deployment: str = proto.Field( diff --git a/packages/google-cloud-cloudsecuritycompliance/tests/unit/gapic/cloudsecuritycompliance_v1/test_config.py b/packages/google-cloud-cloudsecuritycompliance/tests/unit/gapic/cloudsecuritycompliance_v1/test_config.py index 0f1f4b0fb3a7..a3fdc2617d1c 100644 --- a/packages/google-cloud-cloudsecuritycompliance/tests/unit/gapic/cloudsecuritycompliance_v1/test_config.py +++ b/packages/google-cloud-cloudsecuritycompliance/tests/unit/gapic/cloudsecuritycompliance_v1/test_config.py @@ -1596,6 +1596,7 @@ def test_get_framework(request_type, transport: str = "grpc"): supported_target_resource_types=[ common.TargetResourceType.TARGET_RESOURCE_CRM_TYPE_ORG ], + supported_enforcement_modes=[common.EnforcementMode.PREVENTIVE], ) response = client.get_framework(request) @@ -1617,6 +1618,7 @@ def test_get_framework(request_type, transport: str = "grpc"): assert response.supported_target_resource_types == [ common.TargetResourceType.TARGET_RESOURCE_CRM_TYPE_ORG ] + assert response.supported_enforcement_modes == [common.EnforcementMode.PREVENTIVE] def test_get_framework_non_empty_request_with_auto_populated_field(): @@ -1752,6 +1754,7 @@ async def test_get_framework_async( supported_target_resource_types=[ common.TargetResourceType.TARGET_RESOURCE_CRM_TYPE_ORG ], + supported_enforcement_modes=[common.EnforcementMode.PREVENTIVE], ) ) response = await client.get_framework(request) @@ -1774,6 +1777,7 @@ async def test_get_framework_async( assert response.supported_target_resource_types == [ common.TargetResourceType.TARGET_RESOURCE_CRM_TYPE_ORG ] + assert response.supported_enforcement_modes == [common.EnforcementMode.PREVENTIVE] @pytest.mark.asyncio @@ -1951,6 +1955,7 @@ def test_create_framework(request_type, transport: str = "grpc"): supported_target_resource_types=[ common.TargetResourceType.TARGET_RESOURCE_CRM_TYPE_ORG ], + supported_enforcement_modes=[common.EnforcementMode.PREVENTIVE], ) response = client.create_framework(request) @@ -1972,6 +1977,7 @@ def test_create_framework(request_type, transport: str = "grpc"): assert response.supported_target_resource_types == [ common.TargetResourceType.TARGET_RESOURCE_CRM_TYPE_ORG ] + assert response.supported_enforcement_modes == [common.EnforcementMode.PREVENTIVE] def test_create_framework_non_empty_request_with_auto_populated_field(): @@ -2111,6 +2117,7 @@ async def test_create_framework_async( supported_target_resource_types=[ common.TargetResourceType.TARGET_RESOURCE_CRM_TYPE_ORG ], + supported_enforcement_modes=[common.EnforcementMode.PREVENTIVE], ) ) response = await client.create_framework(request) @@ -2133,6 +2140,7 @@ async def test_create_framework_async( assert response.supported_target_resource_types == [ common.TargetResourceType.TARGET_RESOURCE_CRM_TYPE_ORG ] + assert response.supported_enforcement_modes == [common.EnforcementMode.PREVENTIVE] @pytest.mark.asyncio @@ -2330,6 +2338,7 @@ def test_update_framework(request_type, transport: str = "grpc"): supported_target_resource_types=[ common.TargetResourceType.TARGET_RESOURCE_CRM_TYPE_ORG ], + supported_enforcement_modes=[common.EnforcementMode.PREVENTIVE], ) response = client.update_framework(request) @@ -2351,6 +2360,7 @@ def test_update_framework(request_type, transport: str = "grpc"): assert response.supported_target_resource_types == [ common.TargetResourceType.TARGET_RESOURCE_CRM_TYPE_ORG ] + assert response.supported_enforcement_modes == [common.EnforcementMode.PREVENTIVE] def test_update_framework_non_empty_request_with_auto_populated_field(): @@ -2484,6 +2494,7 @@ async def test_update_framework_async( supported_target_resource_types=[ common.TargetResourceType.TARGET_RESOURCE_CRM_TYPE_ORG ], + supported_enforcement_modes=[common.EnforcementMode.PREVENTIVE], ) ) response = await client.update_framework(request) @@ -2506,6 +2517,7 @@ async def test_update_framework_async( assert response.supported_target_resource_types == [ common.TargetResourceType.TARGET_RESOURCE_CRM_TYPE_ORG ] + assert response.supported_enforcement_modes == [common.EnforcementMode.PREVENTIVE] @pytest.mark.asyncio @@ -7478,6 +7490,7 @@ async def test_get_framework_empty_call_grpc_asyncio(): supported_target_resource_types=[ common.TargetResourceType.TARGET_RESOURCE_CRM_TYPE_ORG ], + supported_enforcement_modes=[common.EnforcementMode.PREVENTIVE], ) ) await client.get_framework(request=None) @@ -7514,6 +7527,7 @@ async def test_create_framework_empty_call_grpc_asyncio(): supported_target_resource_types=[ common.TargetResourceType.TARGET_RESOURCE_CRM_TYPE_ORG ], + supported_enforcement_modes=[common.EnforcementMode.PREVENTIVE], ) ) await client.create_framework(request=None) @@ -7550,6 +7564,7 @@ async def test_update_framework_empty_call_grpc_asyncio(): supported_target_resource_types=[ common.TargetResourceType.TARGET_RESOURCE_CRM_TYPE_ORG ], + supported_enforcement_modes=[common.EnforcementMode.PREVENTIVE], ) ) await client.update_framework(request=None) @@ -7952,6 +7967,7 @@ def test_get_framework_rest_call_success(request_type): supported_target_resource_types=[ common.TargetResourceType.TARGET_RESOURCE_CRM_TYPE_ORG ], + supported_enforcement_modes=[common.EnforcementMode.PREVENTIVE], ) # Wrap the value into a proper Response obj @@ -7978,6 +7994,7 @@ def test_get_framework_rest_call_success(request_type): assert response.supported_target_resource_types == [ common.TargetResourceType.TARGET_RESOURCE_CRM_TYPE_ORG ] + assert response.supported_enforcement_modes == [common.EnforcementMode.PREVENTIVE] @pytest.mark.parametrize("null_interceptor", [True, False]) @@ -8081,42 +8098,30 @@ def test_create_framework_rest_call_success(request_type): "display_name": "display_name_value", "description": "description_value", "type_": 1, - "cloud_control_group_details": [ + "cloud_control_details": [ { - "cloud_control_group": { - "name": "name_value", - "description": "description_value", - "type_": 1, - "control_id": "control_id_value", - "cloud_control_details": [ - { - "name": "name_value", - "major_revision_id": 1811, - "parameters": [ - { - "name": "name_value", - "parameter_value": { - "string_value": "string_value_value", - "bool_value": True, - "string_list_value": { - "values": ["values_value1", "values_value2"] - }, - "number_value": 0.1285, - "oneof_value": {}, - }, - } - ], - } - ], - "major_revision_id": 1811, - "control": "control_value", - } + "name": "name_value", + "major_revision_id": 1811, + "parameters": [ + { + "name": "name_value", + "parameter_value": { + "string_value": "string_value_value", + "bool_value": True, + "string_list_value": { + "values": ["values_value1", "values_value2"] + }, + "number_value": 0.1285, + "oneof_value": {}, + }, + } + ], } ], - "cloud_control_details": {}, "category": [1], "supported_cloud_providers": [1], "supported_target_resource_types": [1], + "supported_enforcement_modes": [1], } # The version of a generated dependency at test runtime may differ from the version used during generation. # Delete any fields which are not present in the current runtime dependency @@ -8201,6 +8206,7 @@ def get_message_fields(field): supported_target_resource_types=[ common.TargetResourceType.TARGET_RESOURCE_CRM_TYPE_ORG ], + supported_enforcement_modes=[common.EnforcementMode.PREVENTIVE], ) # Wrap the value into a proper Response obj @@ -8227,6 +8233,7 @@ def get_message_fields(field): assert response.supported_target_resource_types == [ common.TargetResourceType.TARGET_RESOURCE_CRM_TYPE_ORG ] + assert response.supported_enforcement_modes == [common.EnforcementMode.PREVENTIVE] @pytest.mark.parametrize("null_interceptor", [True, False]) @@ -8338,42 +8345,30 @@ def test_update_framework_rest_call_success(request_type): "display_name": "display_name_value", "description": "description_value", "type_": 1, - "cloud_control_group_details": [ + "cloud_control_details": [ { - "cloud_control_group": { - "name": "name_value", - "description": "description_value", - "type_": 1, - "control_id": "control_id_value", - "cloud_control_details": [ - { - "name": "name_value", - "major_revision_id": 1811, - "parameters": [ - { - "name": "name_value", - "parameter_value": { - "string_value": "string_value_value", - "bool_value": True, - "string_list_value": { - "values": ["values_value1", "values_value2"] - }, - "number_value": 0.1285, - "oneof_value": {}, - }, - } - ], - } - ], - "major_revision_id": 1811, - "control": "control_value", - } + "name": "name_value", + "major_revision_id": 1811, + "parameters": [ + { + "name": "name_value", + "parameter_value": { + "string_value": "string_value_value", + "bool_value": True, + "string_list_value": { + "values": ["values_value1", "values_value2"] + }, + "number_value": 0.1285, + "oneof_value": {}, + }, + } + ], } ], - "cloud_control_details": {}, "category": [1], "supported_cloud_providers": [1], "supported_target_resource_types": [1], + "supported_enforcement_modes": [1], } # The version of a generated dependency at test runtime may differ from the version used during generation. # Delete any fields which are not present in the current runtime dependency @@ -8458,6 +8453,7 @@ def get_message_fields(field): supported_target_resource_types=[ common.TargetResourceType.TARGET_RESOURCE_CRM_TYPE_ORG ], + supported_enforcement_modes=[common.EnforcementMode.PREVENTIVE], ) # Wrap the value into a proper Response obj @@ -8484,6 +8480,7 @@ def get_message_fields(field): assert response.supported_target_resource_types == [ common.TargetResourceType.TARGET_RESOURCE_CRM_TYPE_ORG ] + assert response.supported_enforcement_modes == [common.EnforcementMode.PREVENTIVE] @pytest.mark.parametrize("null_interceptor", [True, False]) diff --git a/packages/google-cloud-cloudsecuritycompliance/tests/unit/gapic/cloudsecuritycompliance_v1/test_deployment.py b/packages/google-cloud-cloudsecuritycompliance/tests/unit/gapic/cloudsecuritycompliance_v1/test_deployment.py index 7e43146494df..089f4a1eacc6 100644 --- a/packages/google-cloud-cloudsecuritycompliance/tests/unit/gapic/cloudsecuritycompliance_v1/test_deployment.py +++ b/packages/google-cloud-cloudsecuritycompliance/tests/unit/gapic/cloudsecuritycompliance_v1/test_deployment.py @@ -5460,103 +5460,13 @@ def test_create_framework_deployment_rest_call_success(request_type): } ], "deployment_state": 1, - "cc_deployments": [ - { - "name": "name_value", - "target_resource_config": {}, - "target_resource": "target_resource_value", - "cloud_control_metadata": {}, - "description": "description_value", - "deployment_state": 1, - "create_time": {"seconds": 751, "nanos": 543}, - "update_time": {}, - "etag": "etag_value", - "parameter_substituted_cloud_control": { - "name": "name_value", - "major_revision_id": 1811, - "description": "description_value", - "display_name": "display_name_value", - "supported_enforcement_modes": [1], - "parameter_spec": [ - { - "name": "name_value", - "display_name": "display_name_value", - "description": "description_value", - "is_required": True, - "value_type": 3, - "default_value": {}, - "substitution_rules": [ - { - "placeholder_substitution_rule": { - "attribute": "attribute_value" - }, - "attribute_substitution_rule": { - "attribute": "attribute_value" - }, - } - ], - "sub_parameters": {}, - "validation": { - "allowed_values": {"values": {}}, - "int_range": {"min_": 419, "max_": 421}, - "regexp_pattern": {"pattern": "pattern_value"}, - }, - } - ], - "rules": [ - { - "cel_expression": { - "resource_types_values": {}, - "expression": "expression_value", - }, - "description": "description_value", - "rule_action_types": [1], - } - ], - "severity": 1, - "finding_category": "finding_category_value", - "supported_cloud_providers": [1], - "related_frameworks": [ - "related_frameworks_value1", - "related_frameworks_value2", - ], - "remediation_steps": "remediation_steps_value", - "categories": [1], - "create_time": {}, - "supported_target_resource_types": [1], - }, - "framework_deployment_references": [ - { - "framework_deployment": "framework_deployment_value", - "framework_reference": {}, - "framework_display_name": "framework_display_name_value", - } - ], - "target_resource_display_name": "target_resource_display_name_value", - } - ], - "create_time": {}, + "create_time": {"seconds": 751, "nanos": 543}, "update_time": {}, "etag": "etag_value", - "cc_group_deployments": [ - { - "cloud_control_group": { - "name": "name_value", - "description": "description_value", - "type_": 1, - "control_id": "control_id_value", - "cloud_control_details": {}, - "major_revision_id": 1811, - "control": "control_value", - }, - "cc_deployments": {}, - "cc_deployment_references": [ - {"cloud_control_deployment": "cloud_control_deployment_value"} - ], - } - ], "target_resource_display_name": "target_resource_display_name_value", - "cloud_control_deployment_references": {}, + "cloud_control_deployment_references": [ + {"cloud_control_deployment": "cloud_control_deployment_value"} + ], } # The version of a generated dependency at test runtime may differ from the version used during generation. # Delete any fields which are not present in the current runtime dependency