|
732 | 732 | "resources": { |
733 | 733 | "muteConfigs": { |
734 | 734 | "methods": { |
735 | | - "create": { |
736 | | - "description": "Creates a mute config.", |
737 | | - "flatPath": "v1/folders/{foldersId}/locations/{locationsId}/muteConfigs", |
738 | | - "httpMethod": "POST", |
739 | | - "id": "securitycenter.folders.locations.muteConfigs.create", |
740 | | - "parameterOrder": [ |
741 | | - "parent" |
742 | | - ], |
743 | | - "parameters": { |
744 | | - "muteConfigId": { |
745 | | - "description": "Required. Unique identifier provided by the client within the parent scope. It must consist of only lowercase letters, numbers, and hyphens, must start with a letter, must end with either a letter or a number, and must be 63 characters or less.", |
746 | | - "location": "query", |
747 | | - "type": "string" |
748 | | - }, |
749 | | - "parent": { |
750 | | - "description": "Required. Resource name of the new mute configs's parent. Its format is `organizations/[organization_id]`, `folders/[folder_id]`, or `projects/[project_id]`.", |
751 | | - "location": "path", |
752 | | - "pattern": "^folders/[^/]+/locations/[^/]+$", |
753 | | - "required": true, |
754 | | - "type": "string" |
755 | | - } |
756 | | - }, |
757 | | - "path": "v1/{+parent}/muteConfigs", |
758 | | - "request": { |
759 | | - "$ref": "GoogleCloudSecuritycenterV1MuteConfig" |
760 | | - }, |
761 | | - "response": { |
762 | | - "$ref": "GoogleCloudSecuritycenterV1MuteConfig" |
763 | | - }, |
764 | | - "scopes": [ |
765 | | - "https://www.googleapis.com/auth/cloud-platform" |
766 | | - ] |
767 | | - }, |
768 | 735 | "delete": { |
769 | 736 | "description": "Deletes an existing mute config.", |
770 | 737 | "flatPath": "v1/folders/{foldersId}/locations/{locationsId}/muteConfigs/{muteConfigsId}", |
|
815 | 782 | "https://www.googleapis.com/auth/cloud-platform" |
816 | 783 | ] |
817 | 784 | }, |
818 | | - "list": { |
819 | | - "description": "Lists mute configs.", |
820 | | - "flatPath": "v1/folders/{foldersId}/locations/{locationsId}/muteConfigs", |
821 | | - "httpMethod": "GET", |
822 | | - "id": "securitycenter.folders.locations.muteConfigs.list", |
823 | | - "parameterOrder": [ |
824 | | - "parent" |
825 | | - ], |
826 | | - "parameters": { |
827 | | - "pageSize": { |
828 | | - "description": "The maximum number of configs to return. The service may return fewer than this value. If unspecified, at most 10 configs will be returned. The maximum value is 1000; values above 1000 will be coerced to 1000.", |
829 | | - "format": "int32", |
830 | | - "location": "query", |
831 | | - "type": "integer" |
832 | | - }, |
833 | | - "pageToken": { |
834 | | - "description": "A page token, received from a previous `ListMuteConfigs` call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to `ListMuteConfigs` must match the call that provided the page token.", |
835 | | - "location": "query", |
836 | | - "type": "string" |
837 | | - }, |
838 | | - "parent": { |
839 | | - "description": "Required. The parent, which owns the collection of mute configs. Its format is `organizations/[organization_id]`, `folders/[folder_id]`, `projects/[project_id]`.", |
840 | | - "location": "path", |
841 | | - "pattern": "^folders/[^/]+/locations/[^/]+/muteConfigs$", |
842 | | - "required": true, |
843 | | - "type": "string" |
844 | | - } |
845 | | - }, |
846 | | - "path": "v1/{+parent}", |
847 | | - "response": { |
848 | | - "$ref": "ListMuteConfigsResponse" |
849 | | - }, |
850 | | - "scopes": [ |
851 | | - "https://www.googleapis.com/auth/cloud-platform" |
852 | | - ] |
853 | | - }, |
854 | 785 | "patch": { |
855 | 786 | "description": "Updates a mute config.", |
856 | 787 | "flatPath": "v1/folders/{foldersId}/locations/{locationsId}/muteConfigs/{muteConfigsId}", |
|
2508 | 2439 | "resources": { |
2509 | 2440 | "muteConfigs": { |
2510 | 2441 | "methods": { |
2511 | | - "create": { |
2512 | | - "description": "Creates a mute config.", |
2513 | | - "flatPath": "v1/organizations/{organizationsId}/locations/{locationsId}/muteConfigs", |
2514 | | - "httpMethod": "POST", |
2515 | | - "id": "securitycenter.organizations.locations.muteConfigs.create", |
2516 | | - "parameterOrder": [ |
2517 | | - "parent" |
2518 | | - ], |
2519 | | - "parameters": { |
2520 | | - "muteConfigId": { |
2521 | | - "description": "Required. Unique identifier provided by the client within the parent scope. It must consist of only lowercase letters, numbers, and hyphens, must start with a letter, must end with either a letter or a number, and must be 63 characters or less.", |
2522 | | - "location": "query", |
2523 | | - "type": "string" |
2524 | | - }, |
2525 | | - "parent": { |
2526 | | - "description": "Required. Resource name of the new mute configs's parent. Its format is `organizations/[organization_id]`, `folders/[folder_id]`, or `projects/[project_id]`.", |
2527 | | - "location": "path", |
2528 | | - "pattern": "^organizations/[^/]+/locations/[^/]+$", |
2529 | | - "required": true, |
2530 | | - "type": "string" |
2531 | | - } |
2532 | | - }, |
2533 | | - "path": "v1/{+parent}/muteConfigs", |
2534 | | - "request": { |
2535 | | - "$ref": "GoogleCloudSecuritycenterV1MuteConfig" |
2536 | | - }, |
2537 | | - "response": { |
2538 | | - "$ref": "GoogleCloudSecuritycenterV1MuteConfig" |
2539 | | - }, |
2540 | | - "scopes": [ |
2541 | | - "https://www.googleapis.com/auth/cloud-platform" |
2542 | | - ] |
2543 | | - }, |
2544 | 2442 | "delete": { |
2545 | 2443 | "description": "Deletes an existing mute config.", |
2546 | 2444 | "flatPath": "v1/organizations/{organizationsId}/locations/{locationsId}/muteConfigs/{muteConfigsId}", |
|
2591 | 2489 | "https://www.googleapis.com/auth/cloud-platform" |
2592 | 2490 | ] |
2593 | 2491 | }, |
2594 | | - "list": { |
2595 | | - "description": "Lists mute configs.", |
2596 | | - "flatPath": "v1/organizations/{organizationsId}/locations/{locationsId}/muteConfigs", |
2597 | | - "httpMethod": "GET", |
2598 | | - "id": "securitycenter.organizations.locations.muteConfigs.list", |
2599 | | - "parameterOrder": [ |
2600 | | - "parent" |
2601 | | - ], |
2602 | | - "parameters": { |
2603 | | - "pageSize": { |
2604 | | - "description": "The maximum number of configs to return. The service may return fewer than this value. If unspecified, at most 10 configs will be returned. The maximum value is 1000; values above 1000 will be coerced to 1000.", |
2605 | | - "format": "int32", |
2606 | | - "location": "query", |
2607 | | - "type": "integer" |
2608 | | - }, |
2609 | | - "pageToken": { |
2610 | | - "description": "A page token, received from a previous `ListMuteConfigs` call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to `ListMuteConfigs` must match the call that provided the page token.", |
2611 | | - "location": "query", |
2612 | | - "type": "string" |
2613 | | - }, |
2614 | | - "parent": { |
2615 | | - "description": "Required. The parent, which owns the collection of mute configs. Its format is `organizations/[organization_id]`, `folders/[folder_id]`, `projects/[project_id]`.", |
2616 | | - "location": "path", |
2617 | | - "pattern": "^organizations/[^/]+/locations/[^/]+/muteConfigs$", |
2618 | | - "required": true, |
2619 | | - "type": "string" |
2620 | | - } |
2621 | | - }, |
2622 | | - "path": "v1/{+parent}", |
2623 | | - "response": { |
2624 | | - "$ref": "ListMuteConfigsResponse" |
2625 | | - }, |
2626 | | - "scopes": [ |
2627 | | - "https://www.googleapis.com/auth/cloud-platform" |
2628 | | - ] |
2629 | | - }, |
2630 | 2492 | "patch": { |
2631 | 2493 | "description": "Updates a mute config.", |
2632 | 2494 | "flatPath": "v1/organizations/{organizationsId}/locations/{locationsId}/muteConfigs/{muteConfigsId}", |
|
5017 | 4879 | "resources": { |
5018 | 4880 | "muteConfigs": { |
5019 | 4881 | "methods": { |
5020 | | - "create": { |
5021 | | - "description": "Creates a mute config.", |
5022 | | - "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/muteConfigs", |
5023 | | - "httpMethod": "POST", |
5024 | | - "id": "securitycenter.projects.locations.muteConfigs.create", |
5025 | | - "parameterOrder": [ |
5026 | | - "parent" |
5027 | | - ], |
5028 | | - "parameters": { |
5029 | | - "muteConfigId": { |
5030 | | - "description": "Required. Unique identifier provided by the client within the parent scope. It must consist of only lowercase letters, numbers, and hyphens, must start with a letter, must end with either a letter or a number, and must be 63 characters or less.", |
5031 | | - "location": "query", |
5032 | | - "type": "string" |
5033 | | - }, |
5034 | | - "parent": { |
5035 | | - "description": "Required. Resource name of the new mute configs's parent. Its format is `organizations/[organization_id]`, `folders/[folder_id]`, or `projects/[project_id]`.", |
5036 | | - "location": "path", |
5037 | | - "pattern": "^projects/[^/]+/locations/[^/]+$", |
5038 | | - "required": true, |
5039 | | - "type": "string" |
5040 | | - } |
5041 | | - }, |
5042 | | - "path": "v1/{+parent}/muteConfigs", |
5043 | | - "request": { |
5044 | | - "$ref": "GoogleCloudSecuritycenterV1MuteConfig" |
5045 | | - }, |
5046 | | - "response": { |
5047 | | - "$ref": "GoogleCloudSecuritycenterV1MuteConfig" |
5048 | | - }, |
5049 | | - "scopes": [ |
5050 | | - "https://www.googleapis.com/auth/cloud-platform" |
5051 | | - ] |
5052 | | - }, |
5053 | 4882 | "delete": { |
5054 | 4883 | "description": "Deletes an existing mute config.", |
5055 | 4884 | "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/muteConfigs/{muteConfigsId}", |
|
5100 | 4929 | "https://www.googleapis.com/auth/cloud-platform" |
5101 | 4930 | ] |
5102 | 4931 | }, |
5103 | | - "list": { |
5104 | | - "description": "Lists mute configs.", |
5105 | | - "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/muteConfigs", |
5106 | | - "httpMethod": "GET", |
5107 | | - "id": "securitycenter.projects.locations.muteConfigs.list", |
5108 | | - "parameterOrder": [ |
5109 | | - "parent" |
5110 | | - ], |
5111 | | - "parameters": { |
5112 | | - "pageSize": { |
5113 | | - "description": "The maximum number of configs to return. The service may return fewer than this value. If unspecified, at most 10 configs will be returned. The maximum value is 1000; values above 1000 will be coerced to 1000.", |
5114 | | - "format": "int32", |
5115 | | - "location": "query", |
5116 | | - "type": "integer" |
5117 | | - }, |
5118 | | - "pageToken": { |
5119 | | - "description": "A page token, received from a previous `ListMuteConfigs` call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to `ListMuteConfigs` must match the call that provided the page token.", |
5120 | | - "location": "query", |
5121 | | - "type": "string" |
5122 | | - }, |
5123 | | - "parent": { |
5124 | | - "description": "Required. The parent, which owns the collection of mute configs. Its format is `organizations/[organization_id]`, `folders/[folder_id]`, `projects/[project_id]`.", |
5125 | | - "location": "path", |
5126 | | - "pattern": "^projects/[^/]+/locations/[^/]+/muteConfigs$", |
5127 | | - "required": true, |
5128 | | - "type": "string" |
5129 | | - } |
5130 | | - }, |
5131 | | - "path": "v1/{+parent}", |
5132 | | - "response": { |
5133 | | - "$ref": "ListMuteConfigsResponse" |
5134 | | - }, |
5135 | | - "scopes": [ |
5136 | | - "https://www.googleapis.com/auth/cloud-platform" |
5137 | | - ] |
5138 | | - }, |
5139 | 4932 | "patch": { |
5140 | 4933 | "description": "Updates a mute config.", |
5141 | 4934 | "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/muteConfigs/{muteConfigsId}", |
|
6084 | 5877 | } |
6085 | 5878 | } |
6086 | 5879 | }, |
6087 | | - "revision": "20240827", |
| 5880 | + "revision": "20240926", |
6088 | 5881 | "rootUrl": "https://securitycenter.googleapis.com/", |
6089 | 5882 | "schemas": { |
6090 | 5883 | "Access": { |
|
6630 | 6423 | "description": "Represents an Azure resource group.", |
6631 | 6424 | "id": "AzureResourceGroup", |
6632 | 6425 | "properties": { |
| 6426 | + "id": { |
| 6427 | + "description": "The ID of the Azure resource group.", |
| 6428 | + "type": "string" |
| 6429 | + }, |
6633 | 6430 | "name": { |
6634 | 6431 | "description": "The name of the Azure resource group. This is not a UUID.", |
6635 | 6432 | "type": "string" |
|
6656 | 6453 | "description": "Represents a Microsoft Entra tenant.", |
6657 | 6454 | "id": "AzureTenant", |
6658 | 6455 | "properties": { |
| 6456 | + "displayName": { |
| 6457 | + "description": "The display name of the Azure tenant.", |
| 6458 | + "type": "string" |
| 6459 | + }, |
6659 | 6460 | "id": { |
6660 | 6461 | "description": "The ID of the Microsoft Entra tenant, for example, \"a11aaa11-aa11-1aa1-11aa-1aaa11a\".", |
6661 | 6462 | "type": "string" |
|
6800 | 6601 | }, |
6801 | 6602 | "type": "object" |
6802 | 6603 | }, |
| 6604 | + "CelPolicySpec": { |
| 6605 | + "description": "YAML-based rule that uses CEL, which supports the declaration of variables and a filtering predicate. A vulnerable resource is emitted if the evaluation is false. Given: 1) the resource types as: - resource_types: \"compute.googleapis.com/Instance\" - resource_types: \"compute.googleapis.com/Firewall\" 2) the CEL policy spec as: name: bad_instance resource_filters: - name: instance resource_type: compute.googleapis.com/Instance filter: > instance.status == 'RUNNING' && 'public' in instance.tags.items - name: firewall resource_type: compute.googleapis.com/Firewall filter: > firewall.direction == 'INGRESS' && !firewall.disabled && firewall.allowed.exists(rule, rule.IPProtocol.upperAscii() in ['TCP', 'ALL'] && rule.ports.exists(port, network.portsInRange(port, '11-256'))) rule: match: - predicate: > instance.networkInterfaces.exists(net, firewall.network == net.network) output: > {'message': 'Compute instance with publicly accessible ports', 'instance': instance.name} Users are able to join resource types together using the exact format as Kubernetes Validating Admission policies.", |
| 6606 | + "id": "CelPolicySpec", |
| 6607 | + "properties": { |
| 6608 | + "spec": { |
| 6609 | + "description": "The CEL policy to evaluate to produce findings. A finding is generated when the policy validation evaluates to false.", |
| 6610 | + "type": "string" |
| 6611 | + } |
| 6612 | + }, |
| 6613 | + "type": "object" |
| 6614 | + }, |
6803 | 6615 | "CloudArmor": { |
6804 | 6616 | "description": "Fields related to Google Cloud Armor findings.", |
6805 | 6617 | "id": "CloudArmor", |
|
8238 | 8050 | "description": "Defines the properties in a custom module configuration for Security Health Analytics. Use the custom module configuration to create custom detectors that generate custom findings for resources that you specify.", |
8239 | 8051 | "id": "GoogleCloudSecuritycenterV1CustomConfig", |
8240 | 8052 | "properties": { |
| 8053 | + "celPolicy": { |
| 8054 | + "$ref": "CelPolicySpec", |
| 8055 | + "description": "The CEL policy spec attached to the custom module." |
| 8056 | + }, |
8241 | 8057 | "customOutput": { |
8242 | 8058 | "$ref": "GoogleCloudSecuritycenterV1CustomOutputSpec", |
8243 | 8059 | "description": "Custom output properties." |
|
9320 | 9136 | "description": "Represents an Azure resource group.", |
9321 | 9137 | "id": "GoogleCloudSecuritycenterV2AzureResourceGroup", |
9322 | 9138 | "properties": { |
| 9139 | + "id": { |
| 9140 | + "description": "The ID of the Azure resource group.", |
| 9141 | + "type": "string" |
| 9142 | + }, |
9323 | 9143 | "name": { |
9324 | 9144 | "description": "The name of the Azure resource group. This is not a UUID.", |
9325 | 9145 | "type": "string" |
|
9346 | 9166 | "description": "Represents a Microsoft Entra tenant.", |
9347 | 9167 | "id": "GoogleCloudSecuritycenterV2AzureTenant", |
9348 | 9168 | "properties": { |
| 9169 | + "displayName": { |
| 9170 | + "description": "The display name of the Azure tenant.", |
| 9171 | + "type": "string" |
| 9172 | + }, |
9349 | 9173 | "id": { |
9350 | 9174 | "description": "The ID of the Microsoft Entra tenant, for example, \"a11aaa11-aa11-1aa1-11aa-1aaa11a\".", |
9351 | 9175 | "type": "string" |
|
0 commit comments