From d26e37f55ea6ac298386f73bfa939ec94489be33 Mon Sep 17 00:00:00 2001 From: Yoshi Automation Bot Date: Tue, 18 Apr 2023 07:13:20 +0000 Subject: [PATCH] feat(all): auto-regenerate discovery clients --- .../v1alpha/analyticsadmin-api.json | 35 +++- analyticsadmin/v1alpha/analyticsadmin-gen.go | 186 ++++++++++++++++++ api-list.json | 15 -- beyondcorp/v1alpha/beyondcorp-api.json | 90 +-------- beyondcorp/v1alpha/beyondcorp-gen.go | 105 ---------- bigquery/v2/bigquery-api.json | 9 +- bigquery/v2/bigquery-gen.go | 5 +- .../v1/businessprofileperformance-api.json | 8 +- .../v1/businessprofileperformance-gen.go | 9 +- .../v3/cloudresourcemanager-api.json | 12 +- .../v3/cloudresourcemanager-gen.go | 40 ++-- ids/v1/ids-api.json | 12 +- ids/v1/ids-gen.go | 31 ++- osconfig/v1alpha/osconfig-api.json | 4 +- osconfig/v1alpha/osconfig-gen.go | 2 + securitycenter/v1/securitycenter-api.json | 58 +++--- securitycenter/v1/securitycenter-gen.go | 171 ++++++++-------- .../v1beta1/securitycenter-api.json | 40 ++-- securitycenter/v1beta1/securitycenter-gen.go | 117 +++++------ .../v1beta2/securitycenter-api.json | 40 ++-- securitycenter/v1beta2/securitycenter-gen.go | 117 +++++------ tpu/v2alpha1/tpu-api.json | 36 +--- tpu/v2alpha1/tpu-gen.go | 146 -------------- 23 files changed, 574 insertions(+), 714 deletions(-) diff --git a/analyticsadmin/v1alpha/analyticsadmin-api.json b/analyticsadmin/v1alpha/analyticsadmin-api.json index a669ce0b744..7c2153bce6f 100644 --- a/analyticsadmin/v1alpha/analyticsadmin-api.json +++ b/analyticsadmin/v1alpha/analyticsadmin-api.json @@ -1061,6 +1061,28 @@ "https://www.googleapis.com/auth/analytics.readonly" ] }, + "fetchConnectedGa4Property": { + "description": "Given a specified UA property, looks up the GA4 property connected to it. Note: this cannot be used with GA4 properties.", + "flatPath": "v1alpha/properties:fetchConnectedGa4Property", + "httpMethod": "GET", + "id": "analyticsadmin.properties.fetchConnectedGa4Property", + "parameterOrder": [], + "parameters": { + "property": { + "description": "Required. The UA property for which to look up the connected GA4 property. Note this request uses the internal property ID, not the tracking ID of the form UA-XXXXXX-YY. Format: properties/{internal_web_property_id} Example: properties/1234", + "location": "query", + "type": "string" + } + }, + "path": "v1alpha/properties:fetchConnectedGa4Property", + "response": { + "$ref": "GoogleAnalyticsAdminV1alphaFetchConnectedGa4PropertyResponse" + }, + "scopes": [ + "https://www.googleapis.com/auth/analytics.edit", + "https://www.googleapis.com/auth/analytics.readonly" + ] + }, "get": { "description": "Lookup for a single \"GA4\" Property.", "flatPath": "v1alpha/properties/{propertiesId}", @@ -4040,7 +4062,7 @@ } } }, - "revision": "20230410", + "revision": "20230416", "rootUrl": "https://analyticsadmin.googleapis.com/", "schemas": { "GoogleAnalyticsAdminV1alphaAccessBetweenFilter": { @@ -6354,6 +6376,17 @@ }, "type": "object" }, + "GoogleAnalyticsAdminV1alphaFetchConnectedGa4PropertyResponse": { + "description": "Response for looking up GA4 property connected to a UA property.", + "id": "GoogleAnalyticsAdminV1alphaFetchConnectedGa4PropertyResponse", + "properties": { + "property": { + "description": "The GA4 property connected to the UA property. An empty string is returned when there is no connected GA4 property. Format: properties/{property_id} Example: properties/1234", + "type": "string" + } + }, + "type": "object" + }, "GoogleAnalyticsAdminV1alphaFirebaseLink": { "description": "A link between a GA4 property and a Firebase project.", "id": "GoogleAnalyticsAdminV1alphaFirebaseLink", diff --git a/analyticsadmin/v1alpha/analyticsadmin-gen.go b/analyticsadmin/v1alpha/analyticsadmin-gen.go index 0c822fd4f2d..e3a8f4f0479 100644 --- a/analyticsadmin/v1alpha/analyticsadmin-gen.go +++ b/analyticsadmin/v1alpha/analyticsadmin-gen.go @@ -4500,6 +4500,41 @@ func (s *GoogleAnalyticsAdminV1alphaFetchAutomatedGa4ConfigurationOptOutResponse return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } +// GoogleAnalyticsAdminV1alphaFetchConnectedGa4PropertyResponse: +// Response for looking up GA4 property connected to a UA property. +type GoogleAnalyticsAdminV1alphaFetchConnectedGa4PropertyResponse struct { + // Property: The GA4 property connected to the UA property. An empty + // string is returned when there is no connected GA4 property. Format: + // properties/{property_id} Example: properties/1234 + Property string `json:"property,omitempty"` + + // ServerResponse contains the HTTP response code and headers from the + // server. + googleapi.ServerResponse `json:"-"` + + // ForceSendFields is a list of field names (e.g. "Property") to + // unconditionally include in API requests. By default, fields with + // empty or default values are omitted from API requests. However, any + // non-pointer, non-interface field appearing in ForceSendFields will be + // sent to the server regardless of whether the field is empty or not. + // This may be used to include empty fields in Patch requests. + ForceSendFields []string `json:"-"` + + // NullFields is a list of field names (e.g. "Property") to include in + // API requests with the JSON null value. By default, fields with empty + // values are omitted from API requests. However, any field with an + // empty value appearing in NullFields will be sent to the server as + // null. It is an error if a field in this list has a non-empty value. + // This may be used to include null fields in Patch requests. + NullFields []string `json:"-"` +} + +func (s *GoogleAnalyticsAdminV1alphaFetchConnectedGa4PropertyResponse) MarshalJSON() ([]byte, error) { + type NoMethod GoogleAnalyticsAdminV1alphaFetchConnectedGa4PropertyResponse + raw := NoMethod(*s) + return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) +} + // GoogleAnalyticsAdminV1alphaFirebaseLink: A link between a GA4 // property and a Firebase project. type GoogleAnalyticsAdminV1alphaFirebaseLink struct { @@ -11683,6 +11718,157 @@ func (c *PropertiesFetchAutomatedGa4ConfigurationOptOutCall) Do(opts ...googleap } +// method id "analyticsadmin.properties.fetchConnectedGa4Property": + +type PropertiesFetchConnectedGa4PropertyCall struct { + s *Service + urlParams_ gensupport.URLParams + ifNoneMatch_ string + ctx_ context.Context + header_ http.Header +} + +// FetchConnectedGa4Property: Given a specified UA property, looks up +// the GA4 property connected to it. Note: this cannot be used with GA4 +// properties. +func (r *PropertiesService) FetchConnectedGa4Property() *PropertiesFetchConnectedGa4PropertyCall { + c := &PropertiesFetchConnectedGa4PropertyCall{s: r.s, urlParams_: make(gensupport.URLParams)} + return c +} + +// Property sets the optional parameter "property": Required. The UA +// property for which to look up the connected GA4 property. Note this +// request uses the internal property ID, not the tracking ID of the +// form UA-XXXXXX-YY. Format: properties/{internal_web_property_id} +// Example: properties/1234 +func (c *PropertiesFetchConnectedGa4PropertyCall) Property(property string) *PropertiesFetchConnectedGa4PropertyCall { + c.urlParams_.Set("property", property) + return c +} + +// Fields allows partial responses to be retrieved. See +// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse +// for more information. +func (c *PropertiesFetchConnectedGa4PropertyCall) Fields(s ...googleapi.Field) *PropertiesFetchConnectedGa4PropertyCall { + c.urlParams_.Set("fields", googleapi.CombineFields(s)) + return c +} + +// IfNoneMatch sets the optional parameter which makes the operation +// fail if the object's ETag matches the given value. This is useful for +// getting updates only after the object has changed since the last +// request. Use googleapi.IsNotModified to check whether the response +// error from Do is the result of In-None-Match. +func (c *PropertiesFetchConnectedGa4PropertyCall) IfNoneMatch(entityTag string) *PropertiesFetchConnectedGa4PropertyCall { + c.ifNoneMatch_ = entityTag + return c +} + +// Context sets the context to be used in this call's Do method. Any +// pending HTTP request will be aborted if the provided context is +// canceled. +func (c *PropertiesFetchConnectedGa4PropertyCall) Context(ctx context.Context) *PropertiesFetchConnectedGa4PropertyCall { + c.ctx_ = ctx + return c +} + +// Header returns an http.Header that can be modified by the caller to +// add HTTP headers to the request. +func (c *PropertiesFetchConnectedGa4PropertyCall) Header() http.Header { + if c.header_ == nil { + c.header_ = make(http.Header) + } + return c.header_ +} + +func (c *PropertiesFetchConnectedGa4PropertyCall) doRequest(alt string) (*http.Response, error) { + reqHeaders := make(http.Header) + reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) + for k, v := range c.header_ { + reqHeaders[k] = v + } + reqHeaders.Set("User-Agent", c.s.userAgent()) + if c.ifNoneMatch_ != "" { + reqHeaders.Set("If-None-Match", c.ifNoneMatch_) + } + var body io.Reader = nil + c.urlParams_.Set("alt", alt) + c.urlParams_.Set("prettyPrint", "false") + urls := googleapi.ResolveRelative(c.s.BasePath, "v1alpha/properties:fetchConnectedGa4Property") + urls += "?" + c.urlParams_.Encode() + req, err := http.NewRequest("GET", urls, body) + if err != nil { + return nil, err + } + req.Header = reqHeaders + return gensupport.SendRequest(c.ctx_, c.s.client, req) +} + +// Do executes the "analyticsadmin.properties.fetchConnectedGa4Property" call. +// Exactly one of +// *GoogleAnalyticsAdminV1alphaFetchConnectedGa4PropertyResponse or +// error will be non-nil. Any non-2xx status code is an error. Response +// headers are in either +// *GoogleAnalyticsAdminV1alphaFetchConnectedGa4PropertyResponse.ServerRe +// sponse.Header or (if a response was returned at all) in +// error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check +// whether the returned error was because http.StatusNotModified was +// returned. +func (c *PropertiesFetchConnectedGa4PropertyCall) Do(opts ...googleapi.CallOption) (*GoogleAnalyticsAdminV1alphaFetchConnectedGa4PropertyResponse, error) { + gensupport.SetOptions(c.urlParams_, opts...) + res, err := c.doRequest("json") + if res != nil && res.StatusCode == http.StatusNotModified { + if res.Body != nil { + res.Body.Close() + } + return nil, gensupport.WrapError(&googleapi.Error{ + Code: res.StatusCode, + Header: res.Header, + }) + } + if err != nil { + return nil, err + } + defer googleapi.CloseBody(res) + if err := googleapi.CheckResponse(res); err != nil { + return nil, gensupport.WrapError(err) + } + ret := &GoogleAnalyticsAdminV1alphaFetchConnectedGa4PropertyResponse{ + ServerResponse: googleapi.ServerResponse{ + Header: res.Header, + HTTPStatusCode: res.StatusCode, + }, + } + target := &ret + if err := gensupport.DecodeResponse(target, res); err != nil { + return nil, err + } + return ret, nil + // { + // "description": "Given a specified UA property, looks up the GA4 property connected to it. Note: this cannot be used with GA4 properties.", + // "flatPath": "v1alpha/properties:fetchConnectedGa4Property", + // "httpMethod": "GET", + // "id": "analyticsadmin.properties.fetchConnectedGa4Property", + // "parameterOrder": [], + // "parameters": { + // "property": { + // "description": "Required. The UA property for which to look up the connected GA4 property. Note this request uses the internal property ID, not the tracking ID of the form UA-XXXXXX-YY. Format: properties/{internal_web_property_id} Example: properties/1234", + // "location": "query", + // "type": "string" + // } + // }, + // "path": "v1alpha/properties:fetchConnectedGa4Property", + // "response": { + // "$ref": "GoogleAnalyticsAdminV1alphaFetchConnectedGa4PropertyResponse" + // }, + // "scopes": [ + // "https://www.googleapis.com/auth/analytics.edit", + // "https://www.googleapis.com/auth/analytics.readonly" + // ] + // } + +} + // method id "analyticsadmin.properties.get": type PropertiesGetCall struct { diff --git a/api-list.json b/api-list.json index 2352ee86801..035727b417f 100644 --- a/api-list.json +++ b/api-list.json @@ -1291,21 +1291,6 @@ "documentationLink": "https://cloud.google.com/identity/", "preferred": true }, - { - "kind": "discovery#directoryItem", - "id": "cloudiot:v1", - "name": "cloudiot", - "version": "v1", - "title": "Cloud IoT API", - "description": "Registers and manages IoT (Internet of Things) devices that connect to the Google Cloud Platform.", - "discoveryRestUrl": "https://cloudiot.googleapis.com/$discovery/rest?version=v1", - "icons": { - "x16": "https://www.gstatic.com/images/branding/product/1x/googleg_16dp.png", - "x32": "https://www.gstatic.com/images/branding/product/1x/googleg_32dp.png" - }, - "documentationLink": "https://cloud.google.com/iot", - "preferred": true - }, { "kind": "discovery#directoryItem", "id": "cloudkms:v1", diff --git a/beyondcorp/v1alpha/beyondcorp-api.json b/beyondcorp/v1alpha/beyondcorp-api.json index dc10178e5c9..8fadf9ac623 100644 --- a/beyondcorp/v1alpha/beyondcorp-api.json +++ b/beyondcorp/v1alpha/beyondcorp-api.json @@ -3072,7 +3072,7 @@ } } }, - "revision": "20230308", + "revision": "20230406", "rootUrl": "https://beyondcorp.googleapis.com/", "schemas": { "AllocatedConnection": { @@ -4701,94 +4701,6 @@ }, "type": "object" }, - "GoogleCloudBeyondcorpClientconnectorservicesV1ClientConnectorServiceOperationMetadata": { - "description": "Represents the metadata of the long-running operation.", - "id": "GoogleCloudBeyondcorpClientconnectorservicesV1ClientConnectorServiceOperationMetadata", - "properties": { - "apiVersion": { - "description": "Output only. API version used to start the operation.", - "readOnly": true, - "type": "string" - }, - "createTime": { - "description": "Output only. The time the operation was created.", - "format": "google-datetime", - "readOnly": true, - "type": "string" - }, - "endTime": { - "description": "Output only. The time the operation finished running.", - "format": "google-datetime", - "readOnly": true, - "type": "string" - }, - "requestedCancellation": { - "description": "Output only. Identifies whether the user has requested cancellation of the operation. Operations that have successfully been cancelled have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`.", - "readOnly": true, - "type": "boolean" - }, - "statusMessage": { - "description": "Output only. Human-readable status of the operation, if any.", - "readOnly": true, - "type": "string" - }, - "target": { - "description": "Output only. Server-defined resource path for the target of the operation.", - "readOnly": true, - "type": "string" - }, - "verb": { - "description": "Output only. Name of the verb executed by the operation.", - "readOnly": true, - "type": "string" - } - }, - "type": "object" - }, - "GoogleCloudBeyondcorpClientgatewaysV1ClientGatewayOperationMetadata": { - "description": "Represents the metadata of the long-running operation.", - "id": "GoogleCloudBeyondcorpClientgatewaysV1ClientGatewayOperationMetadata", - "properties": { - "apiVersion": { - "description": "Output only. API version used to start the operation.", - "readOnly": true, - "type": "string" - }, - "createTime": { - "description": "Output only. The time the operation was created.", - "format": "google-datetime", - "readOnly": true, - "type": "string" - }, - "endTime": { - "description": "Output only. The time the operation finished running.", - "format": "google-datetime", - "readOnly": true, - "type": "string" - }, - "requestedCancellation": { - "description": "Output only. Identifies whether the user has requested cancellation of the operation. Operations that have been cancelled successfully have Operation.error value with a google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`.", - "readOnly": true, - "type": "boolean" - }, - "statusMessage": { - "description": "Output only. Human-readable status of the operation, if any.", - "readOnly": true, - "type": "string" - }, - "target": { - "description": "Output only. Server-defined resource path for the target of the operation.", - "readOnly": true, - "type": "string" - }, - "verb": { - "description": "Output only. Name of the verb executed by the operation.", - "readOnly": true, - "type": "string" - } - }, - "type": "object" - }, "GoogleCloudBeyondcorpSaasplatformInsightsV1alphaAppliedConfig": { "description": "The configuration that was applied to generate the result.", "id": "GoogleCloudBeyondcorpSaasplatformInsightsV1alphaAppliedConfig", diff --git a/beyondcorp/v1alpha/beyondcorp-gen.go b/beyondcorp/v1alpha/beyondcorp-gen.go index a5bd34ce25c..ccdef22fbe8 100644 --- a/beyondcorp/v1alpha/beyondcorp-gen.go +++ b/beyondcorp/v1alpha/beyondcorp-gen.go @@ -2587,111 +2587,6 @@ func (s *GoogleCloudBeyondcorpAppgatewaysV1AppGatewayOperationMetadata) MarshalJ return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } -// GoogleCloudBeyondcorpClientconnectorservicesV1ClientConnectorServiceOp -// erationMetadata: Represents the metadata of the long-running -// operation. -type GoogleCloudBeyondcorpClientconnectorservicesV1ClientConnectorServiceOperationMetadata struct { - // ApiVersion: Output only. API version used to start the operation. - ApiVersion string `json:"apiVersion,omitempty"` - - // CreateTime: Output only. The time the operation was created. - CreateTime string `json:"createTime,omitempty"` - - // EndTime: Output only. The time the operation finished running. - EndTime string `json:"endTime,omitempty"` - - // RequestedCancellation: Output only. Identifies whether the user has - // requested cancellation of the operation. Operations that have - // successfully been cancelled have Operation.error value with a - // google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. - RequestedCancellation bool `json:"requestedCancellation,omitempty"` - - // StatusMessage: Output only. Human-readable status of the operation, - // if any. - StatusMessage string `json:"statusMessage,omitempty"` - - // Target: Output only. Server-defined resource path for the target of - // the operation. - Target string `json:"target,omitempty"` - - // Verb: Output only. Name of the verb executed by the operation. - Verb string `json:"verb,omitempty"` - - // ForceSendFields is a list of field names (e.g. "ApiVersion") to - // unconditionally include in API requests. By default, fields with - // empty or default values are omitted from API requests. However, any - // non-pointer, non-interface field appearing in ForceSendFields will be - // sent to the server regardless of whether the field is empty or not. - // This may be used to include empty fields in Patch requests. - ForceSendFields []string `json:"-"` - - // NullFields is a list of field names (e.g. "ApiVersion") to include in - // API requests with the JSON null value. By default, fields with empty - // values are omitted from API requests. However, any field with an - // empty value appearing in NullFields will be sent to the server as - // null. It is an error if a field in this list has a non-empty value. - // This may be used to include null fields in Patch requests. - NullFields []string `json:"-"` -} - -func (s *GoogleCloudBeyondcorpClientconnectorservicesV1ClientConnectorServiceOperationMetadata) MarshalJSON() ([]byte, error) { - type NoMethod GoogleCloudBeyondcorpClientconnectorservicesV1ClientConnectorServiceOperationMetadata - raw := NoMethod(*s) - return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) -} - -// GoogleCloudBeyondcorpClientgatewaysV1ClientGatewayOperationMetadata: -// Represents the metadata of the long-running operation. -type GoogleCloudBeyondcorpClientgatewaysV1ClientGatewayOperationMetadata struct { - // ApiVersion: Output only. API version used to start the operation. - ApiVersion string `json:"apiVersion,omitempty"` - - // CreateTime: Output only. The time the operation was created. - CreateTime string `json:"createTime,omitempty"` - - // EndTime: Output only. The time the operation finished running. - EndTime string `json:"endTime,omitempty"` - - // RequestedCancellation: Output only. Identifies whether the user has - // requested cancellation of the operation. Operations that have been - // cancelled successfully have Operation.error value with a - // google.rpc.Status.code of 1, corresponding to `Code.CANCELLED`. - RequestedCancellation bool `json:"requestedCancellation,omitempty"` - - // StatusMessage: Output only. Human-readable status of the operation, - // if any. - StatusMessage string `json:"statusMessage,omitempty"` - - // Target: Output only. Server-defined resource path for the target of - // the operation. - Target string `json:"target,omitempty"` - - // Verb: Output only. Name of the verb executed by the operation. - Verb string `json:"verb,omitempty"` - - // ForceSendFields is a list of field names (e.g. "ApiVersion") to - // unconditionally include in API requests. By default, fields with - // empty or default values are omitted from API requests. However, any - // non-pointer, non-interface field appearing in ForceSendFields will be - // sent to the server regardless of whether the field is empty or not. - // This may be used to include empty fields in Patch requests. - ForceSendFields []string `json:"-"` - - // NullFields is a list of field names (e.g. "ApiVersion") to include in - // API requests with the JSON null value. By default, fields with empty - // values are omitted from API requests. However, any field with an - // empty value appearing in NullFields will be sent to the server as - // null. It is an error if a field in this list has a non-empty value. - // This may be used to include null fields in Patch requests. - NullFields []string `json:"-"` -} - -func (s *GoogleCloudBeyondcorpClientgatewaysV1ClientGatewayOperationMetadata) MarshalJSON() ([]byte, error) { - type NoMethod GoogleCloudBeyondcorpClientgatewaysV1ClientGatewayOperationMetadata - raw := NoMethod(*s) - return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) -} - // GoogleCloudBeyondcorpSaasplatformInsightsV1alphaAppliedConfig: The // configuration that was applied to generate the result. type GoogleCloudBeyondcorpSaasplatformInsightsV1alphaAppliedConfig struct { diff --git a/bigquery/v2/bigquery-api.json b/bigquery/v2/bigquery-api.json index 53a8e6bac97..452fcd1a8be 100644 --- a/bigquery/v2/bigquery-api.json +++ b/bigquery/v2/bigquery-api.json @@ -1710,7 +1710,7 @@ } } }, - "revision": "20230401", + "revision": "20230408", "rootUrl": "https://bigquery.googleapis.com/", "schemas": { "AggregateClassificationMetrics": { @@ -6947,7 +6947,12 @@ "type": "boolean" }, "autoArimaMaxOrder": { - "description": "The max value of non-seasonal p and q.", + "description": "The max value of the sum of non-seasonal p and q.", + "format": "int64", + "type": "string" + }, + "autoArimaMinOrder": { + "description": "The min value of the sum of non-seasonal p and q.", "format": "int64", "type": "string" }, diff --git a/bigquery/v2/bigquery-gen.go b/bigquery/v2/bigquery-gen.go index 8c3ed3fda60..83ad6ac22fd 100644 --- a/bigquery/v2/bigquery-gen.go +++ b/bigquery/v2/bigquery-gen.go @@ -8870,9 +8870,12 @@ type TrainingOptions struct { // AutoArima: Whether to enable auto ARIMA or not. AutoArima bool `json:"autoArima,omitempty"` - // AutoArimaMaxOrder: The max value of non-seasonal p and q. + // AutoArimaMaxOrder: The max value of the sum of non-seasonal p and q. AutoArimaMaxOrder int64 `json:"autoArimaMaxOrder,omitempty,string"` + // AutoArimaMinOrder: The min value of the sum of non-seasonal p and q. + AutoArimaMinOrder int64 `json:"autoArimaMinOrder,omitempty,string"` + // BatchSize: Batch size for dnn models. BatchSize int64 `json:"batchSize,omitempty,string"` diff --git a/businessprofileperformance/v1/businessprofileperformance-api.json b/businessprofileperformance/v1/businessprofileperformance-api.json index e6b9165beb3..9b88f9c9678 100644 --- a/businessprofileperformance/v1/businessprofileperformance-api.json +++ b/businessprofileperformance/v1/businessprofileperformance-api.json @@ -269,7 +269,7 @@ "type": "integer" }, "dailySubEntityType.dayOfWeek": { - "description": "Represents the day of the week. Eg: MONDAY.", + "description": "Represents the day of the week. Eg: MONDAY. Currently supported DailyMetrics = NONE.", "enum": [ "DAY_OF_WEEK_UNSPECIFIED", "MONDAY", @@ -417,7 +417,7 @@ } } }, - "revision": "20230308", + "revision": "20230416", "rootUrl": "https://businessprofileperformance.googleapis.com/", "schemas": { "DailyMetricTimeSeries": { @@ -472,7 +472,7 @@ "id": "DailySubEntityType", "properties": { "dayOfWeek": { - "description": "Represents the day of the week. Eg: MONDAY.", + "description": "Represents the day of the week. Eg: MONDAY. Currently supported DailyMetrics = NONE.", "enum": [ "DAY_OF_WEEK_UNSPECIFIED", "MONDAY", @@ -497,7 +497,7 @@ }, "timeOfDay": { "$ref": "TimeOfDay", - "description": "Represents the time of the day in 24 hour format. Eg: 13:34:20" + "description": "Represents the time of the day in 24 hour format. Eg: 13:34:20 Currently supported DailyMetrics = NONE." } }, "type": "object" diff --git a/businessprofileperformance/v1/businessprofileperformance-gen.go b/businessprofileperformance/v1/businessprofileperformance-gen.go index 563515b9fa1..25f3d4a7015 100644 --- a/businessprofileperformance/v1/businessprofileperformance-gen.go +++ b/businessprofileperformance/v1/businessprofileperformance-gen.go @@ -241,7 +241,8 @@ func (s *DailyMetricTimeSeries) MarshalJSON() ([]byte, error) { // DailySubEntityType: Represents all possible subentity types that are // associated with DailyMetrics. type DailySubEntityType struct { - // DayOfWeek: Represents the day of the week. Eg: MONDAY. + // DayOfWeek: Represents the day of the week. Eg: MONDAY. Currently + // supported DailyMetrics = NONE. // // Possible values: // "DAY_OF_WEEK_UNSPECIFIED" - The day of the week is unspecified. @@ -255,7 +256,7 @@ type DailySubEntityType struct { DayOfWeek string `json:"dayOfWeek,omitempty"` // TimeOfDay: Represents the time of the day in 24 hour format. Eg: - // 13:34:20 + // 13:34:20 Currently supported DailyMetrics = NONE. TimeOfDay *TimeOfDay `json:"timeOfDay,omitempty"` // ForceSendFields is a list of field names (e.g. "DayOfWeek") to @@ -1106,7 +1107,7 @@ func (c *LocationsGetDailyMetricsTimeSeriesCall) DailyRangeStartDateYear(dailyRa // DailySubEntityTypeDayOfWeek sets the optional parameter // "dailySubEntityType.dayOfWeek": Represents the day of the week. Eg: -// MONDAY. +// MONDAY. Currently supported DailyMetrics = NONE. // // Possible values: // @@ -1335,7 +1336,7 @@ func (c *LocationsGetDailyMetricsTimeSeriesCall) Do(opts ...googleapi.CallOption // "type": "integer" // }, // "dailySubEntityType.dayOfWeek": { - // "description": "Represents the day of the week. Eg: MONDAY.", + // "description": "Represents the day of the week. Eg: MONDAY. Currently supported DailyMetrics = NONE.", // "enum": [ // "DAY_OF_WEEK_UNSPECIFIED", // "MONDAY", diff --git a/cloudresourcemanager/v3/cloudresourcemanager-api.json b/cloudresourcemanager/v3/cloudresourcemanager-api.json index 6a6bb2fcb3b..af239dcba9d 100644 --- a/cloudresourcemanager/v3/cloudresourcemanager-api.json +++ b/cloudresourcemanager/v3/cloudresourcemanager-api.json @@ -1314,7 +1314,7 @@ "type": "string" }, "parent": { - "description": "Required. The resource name of the new TagKey's parent. Must be of the form `folders/{folder_id}` or `organizations/{org_id}`.", + "description": "Required. The resource name of the TagKey's parent. Must be of the form `organizations/{org_id}` or `projects/{project_id}` or `projects/{project_number}`", "location": "query", "type": "string" } @@ -1805,7 +1805,7 @@ } } }, - "revision": "20230403", + "revision": "20230416", "rootUrl": "https://cloudresourcemanager.googleapis.com/", "schemas": { "AuditConfig": { @@ -2042,11 +2042,11 @@ "type": "boolean" }, "namespacedTagKey": { - "description": "The namespaced_name of the TagKey. Now only supported in the format of `{organization_id}/{tag_key_short_name}`. Other formats will be supported when we add non-org parented tags.", + "description": "The namespaced name of the TagKey. Can be in the form `{organization_id}/{tag_key_short_name}` or `{project_id}/{tag_key_short_name}` or `{project_number}/{tag_key_short_name}`.", "type": "string" }, "namespacedTagValue": { - "description": "Namespaced name of the TagValue. Now only supported in the format `{organization_id}/{tag_key_short_name}/{tag_value_short_name}`. Other formats will be supported when we add non-org parented tags.", + "description": "The namespaced name of the TagValue. Can be in the form `{organization_id}/{tag_key_short_name}/{tag_value_short_name}` or `{project_id}/{tag_key_short_name}/{tag_value_short_name}` or `{project_number}/{tag_key_short_name}/{tag_value_short_name}`.", "type": "string" }, "tagKey": { @@ -2861,7 +2861,7 @@ "type": "string" }, "parent": { - "description": "Immutable. The resource name of the new TagKey's parent. Must be of the form `organizations/{org_id}`.", + "description": "Immutable. The resource name of the TagKey's parent. A TagKey can be parented by an Organization or a Project. For a TagKey parented by an Organization, its parent must be in the form `organizations/{org_id}`. For a TagKey parented by a Project, its parent can be in the form `projects/{project_id}` or `projects/{project_number}`.", "type": "string" }, "purpose": { @@ -2919,7 +2919,7 @@ "type": "string" }, "namespacedName": { - "description": "Output only. Namespaced name of the TagValue. Now only supported in the format `{organization_id}/{tag_key_short_name}/{short_name}`. Other formats will be supported when we add non-org parented tags.", + "description": "Output only. The namespaced name of the TagValue. Can be in the form `{organization_id}/{tag_key_short_name}/{tag_value_short_name}` or `{project_id}/{tag_key_short_name}/{tag_value_short_name}` or `{project_number}/{tag_key_short_name}/{tag_value_short_name}`.", "readOnly": true, "type": "string" }, diff --git a/cloudresourcemanager/v3/cloudresourcemanager-gen.go b/cloudresourcemanager/v3/cloudresourcemanager-gen.go index a64f8cf4602..4efd6eddd0e 100644 --- a/cloudresourcemanager/v3/cloudresourcemanager-gen.go +++ b/cloudresourcemanager/v3/cloudresourcemanager-gen.go @@ -662,15 +662,17 @@ type EffectiveTag struct { // value is directly attached to the resource, inherited will be false. Inherited bool `json:"inherited,omitempty"` - // NamespacedTagKey: The namespaced_name of the TagKey. Now only - // supported in the format of `{organization_id}/{tag_key_short_name}`. - // Other formats will be supported when we add non-org parented tags. + // NamespacedTagKey: The namespaced name of the TagKey. Can be in the + // form `{organization_id}/{tag_key_short_name}` or + // `{project_id}/{tag_key_short_name}` or + // `{project_number}/{tag_key_short_name}`. NamespacedTagKey string `json:"namespacedTagKey,omitempty"` - // NamespacedTagValue: Namespaced name of the TagValue. Now only - // supported in the format - // `{organization_id}/{tag_key_short_name}/{tag_value_short_name}`. - // Other formats will be supported when we add non-org parented tags. + // NamespacedTagValue: The namespaced name of the TagValue. Can be in + // the form + // `{organization_id}/{tag_key_short_name}/{tag_value_short_name}` or + // `{project_id}/{tag_key_short_name}/{tag_value_short_name}` or + // `{project_number}/{tag_key_short_name}/{tag_value_short_name}`. NamespacedTagValue string `json:"namespacedTagValue,omitempty"` // TagKey: The name of the TagKey, in the format `tagKeys/{id}`, such as @@ -2208,8 +2210,12 @@ type TagKey struct { // TagKey. NamespacedName string `json:"namespacedName,omitempty"` - // Parent: Immutable. The resource name of the new TagKey's parent. Must - // be of the form `organizations/{org_id}`. + // Parent: Immutable. The resource name of the TagKey's parent. A TagKey + // can be parented by an Organization or a Project. For a TagKey + // parented by an Organization, its parent must be in the form + // `organizations/{org_id}`. For a TagKey parented by a Project, its + // parent can be in the form `projects/{project_id}` or + // `projects/{project_number}`. Parent string `json:"parent,omitempty"` // Purpose: Optional. A purpose denotes that this Tag is intended for @@ -2295,10 +2301,11 @@ type TagValue struct { // `tagValues/456`. Name string `json:"name,omitempty"` - // NamespacedName: Output only. Namespaced name of the TagValue. Now - // only supported in the format - // `{organization_id}/{tag_key_short_name}/{short_name}`. Other formats - // will be supported when we add non-org parented tags. + // NamespacedName: Output only. The namespaced name of the TagValue. Can + // be in the form + // `{organization_id}/{tag_key_short_name}/{tag_value_short_name}` or + // `{project_id}/{tag_key_short_name}/{tag_value_short_name}` or + // `{project_number}/{tag_key_short_name}/{tag_value_short_name}`. NamespacedName string `json:"namespacedName,omitempty"` // Parent: Immutable. The resource name of the new TagValue's parent @@ -9053,8 +9060,9 @@ func (c *TagKeysListCall) PageToken(pageToken string) *TagKeysListCall { } // Parent sets the optional parameter "parent": Required. The resource -// name of the new TagKey's parent. Must be of the form -// `folders/{folder_id}` or `organizations/{org_id}`. +// name of the TagKey's parent. Must be of the form +// `organizations/{org_id}` or `projects/{project_id}` or +// `projects/{project_number}` func (c *TagKeysListCall) Parent(parent string) *TagKeysListCall { c.urlParams_.Set("parent", parent) return c @@ -9174,7 +9182,7 @@ func (c *TagKeysListCall) Do(opts ...googleapi.CallOption) (*ListTagKeysResponse // "type": "string" // }, // "parent": { - // "description": "Required. The resource name of the new TagKey's parent. Must be of the form `folders/{folder_id}` or `organizations/{org_id}`.", + // "description": "Required. The resource name of the TagKey's parent. Must be of the form `organizations/{org_id}` or `projects/{project_id}` or `projects/{project_number}`", // "location": "query", // "type": "string" // } diff --git a/ids/v1/ids-api.json b/ids/v1/ids-api.json index 19d6d33a5ba..fab5f38d4fe 100644 --- a/ids/v1/ids-api.json +++ b/ids/v1/ids-api.json @@ -201,7 +201,7 @@ "type": "string" }, "requestId": { - "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "location": "query", "type": "string" } @@ -234,7 +234,7 @@ "type": "string" }, "requestId": { - "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "location": "query", "type": "string" } @@ -366,7 +366,7 @@ "type": "string" }, "requestId": { - "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", "location": "query", "type": "string" }, @@ -527,7 +527,7 @@ ] }, "list": { - "description": "Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`. NOTE: the `name` binding allows API services to override the binding to use different resource name schemes, such as `users/*/operations`. To override the binding, API services can add a binding such as `\"/v1/{name=users/*}/operations\"` to their service configuration. For backwards compatibility, the default name includes the operations collection id, however overriding users must ensure the name binding is the parent resource, without the operations collection id.", + "description": "Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`.", "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/operations", "httpMethod": "GET", "id": "ids.projects.locations.operations.list", @@ -574,7 +574,7 @@ } } }, - "revision": "20221113", + "revision": "20230404", "rootUrl": "https://ids.googleapis.com/", "schemas": { "AuditConfig": { @@ -634,7 +634,7 @@ "description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)." }, "members": { - "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. ", + "description": "Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.", "items": { "type": "string" }, diff --git a/ids/v1/ids-gen.go b/ids/v1/ids-gen.go index 136d2f31432..964fda1d651 100644 --- a/ids/v1/ids-gen.go +++ b/ids/v1/ids-gen.go @@ -309,7 +309,9 @@ type Binding struct { // (https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). // For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. // * `group:{emailid}`: An email address that represents a Google group. - // For example, `admins@example.com`. * + // For example, `admins@example.com`. * `domain:{domain}`: The G Suite + // domain (primary) that represents all the users of that domain. For + // example, `google.com` or `example.com`. * // `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus // unique identifier) representing a user that has been recently // deleted. For example, `alice@example.com?uid=123456789012345678901`. @@ -326,9 +328,7 @@ type Binding struct { // that has been recently deleted. For example, // `admins@example.com?uid=123456789012345678901`. If the group is // recovered, this value reverts to `group:{emailid}` and the recovered - // group retains the role in the binding. * `domain:{domain}`: The G - // Suite domain (primary) that represents all the users of that domain. - // For example, `google.com` or `example.com`. + // group retains the role in the binding. Members []string `json:"members,omitempty"` // Role: Role that is assigned to the list of `members`, or principals. @@ -1446,7 +1446,7 @@ func (c *ProjectsLocationsEndpointsCreateCall) EndpointId(endpointId string) *Pr // if you must retry your request, the server will know to ignore the // request if it has already been completed. The server will guarantee // that for at least 60 minutes since the first request. For example, -// consider a situation where you make an initial request and t he +// consider a situation where you make an initial request and the // request times out. If you make the request again with the same // request ID, the server can check if original operation with the same // request ID was received, and if so, will ignore the second request. @@ -1571,7 +1571,7 @@ func (c *ProjectsLocationsEndpointsCreateCall) Do(opts ...googleapi.CallOption) // "type": "string" // }, // "requestId": { - // "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + // "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", // "location": "query", // "type": "string" // } @@ -1614,7 +1614,7 @@ func (r *ProjectsLocationsEndpointsService) Delete(name string) *ProjectsLocatio // if you must retry your request, the server will know to ignore the // request if it has already been completed. The server will guarantee // that for at least 60 minutes after the first request. For example, -// consider a situation where you make an initial request and t he +// consider a situation where you make an initial request and the // request times out. If you make the request again with the same // request ID, the server can check if original operation with the same // request ID was received, and if so, will ignore the second request. @@ -1729,7 +1729,7 @@ func (c *ProjectsLocationsEndpointsDeleteCall) Do(opts ...googleapi.CallOption) // "type": "string" // }, // "requestId": { - // "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + // "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes after the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", // "location": "query", // "type": "string" // } @@ -2313,7 +2313,7 @@ func (r *ProjectsLocationsEndpointsService) Patch(name string, endpoint *Endpoin // if you must retry your request, the server will know to ignore the // request if it has already been completed. The server will guarantee // that for at least 60 minutes since the first request. For example, -// consider a situation where you make an initial request and t he +// consider a situation where you make an initial request and the // request times out. If you make the request again with the same // request ID, the server can check if original operation with the same // request ID was received, and if so, will ignore the second request. @@ -2444,7 +2444,7 @@ func (c *ProjectsLocationsEndpointsPatchCall) Do(opts ...googleapi.CallOption) ( // "type": "string" // }, // "requestId": { - // "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and t he request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", + // "description": "An optional request ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).", // "location": "query", // "type": "string" // }, @@ -3213,14 +3213,7 @@ type ProjectsLocationsOperationsListCall struct { // List: Lists operations that match the specified filter in the // request. If the server doesn't support this method, it returns -// `UNIMPLEMENTED`. NOTE: the `name` binding allows API services to -// override the binding to use different resource name schemes, such as -// `users/*/operations`. To override the binding, API services can add a -// binding such as "/v1/{name=users/*}/operations" to their service -// configuration. For backwards compatibility, the default name includes -// the operations collection id, however overriding users must ensure -// the name binding is the parent resource, without the operations -// collection id. +// `UNIMPLEMENTED`. // // - name: The name of the operation's parent resource. func (r *ProjectsLocationsOperationsService) List(name string) *ProjectsLocationsOperationsListCall { @@ -3349,7 +3342,7 @@ func (c *ProjectsLocationsOperationsListCall) Do(opts ...googleapi.CallOption) ( } return ret, nil // { - // "description": "Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`. NOTE: the `name` binding allows API services to override the binding to use different resource name schemes, such as `users/*/operations`. To override the binding, API services can add a binding such as `\"/v1/{name=users/*}/operations\"` to their service configuration. For backwards compatibility, the default name includes the operations collection id, however overriding users must ensure the name binding is the parent resource, without the operations collection id.", + // "description": "Lists operations that match the specified filter in the request. If the server doesn't support this method, it returns `UNIMPLEMENTED`.", // "flatPath": "v1/projects/{projectsId}/locations/{locationsId}/operations", // "httpMethod": "GET", // "id": "ids.projects.locations.operations.list", diff --git a/osconfig/v1alpha/osconfig-api.json b/osconfig/v1alpha/osconfig-api.json index 4ea99998ffc..0260e0eaf10 100644 --- a/osconfig/v1alpha/osconfig-api.json +++ b/osconfig/v1alpha/osconfig-api.json @@ -112,6 +112,7 @@ "instanceOSPoliciesCompliances": { "methods": { "get": { + "deprecated": true, "description": "Get OS policies compliance data for the specified Compute Engine VM instance.", "flatPath": "v1alpha/projects/{projectsId}/locations/{locationsId}/instanceOSPoliciesCompliances/{instanceOSPoliciesCompliancesId}", "httpMethod": "GET", @@ -137,6 +138,7 @@ ] }, "list": { + "deprecated": true, "description": "List OS policies compliance data for all Compute Engine VM instances in the specified zone.", "flatPath": "v1alpha/projects/{projectsId}/locations/{locationsId}/instanceOSPoliciesCompliances", "httpMethod": "GET", @@ -684,7 +686,7 @@ } } }, - "revision": "20221218", + "revision": "20230416", "rootUrl": "https://osconfig.googleapis.com/", "schemas": { "CVSSv3": { diff --git a/osconfig/v1alpha/osconfig-gen.go b/osconfig/v1alpha/osconfig-gen.go index 7061a25692c..72224840982 100644 --- a/osconfig/v1alpha/osconfig-gen.go +++ b/osconfig/v1alpha/osconfig-gen.go @@ -3632,6 +3632,7 @@ func (c *ProjectsLocationsInstanceOSPoliciesCompliancesGetCall) Do(opts ...googl } return ret, nil // { + // "deprecated": true, // "description": "Get OS policies compliance data for the specified Compute Engine VM instance.", // "flatPath": "v1alpha/projects/{projectsId}/locations/{locationsId}/instanceOSPoliciesCompliances/{instanceOSPoliciesCompliancesId}", // "httpMethod": "GET", @@ -3807,6 +3808,7 @@ func (c *ProjectsLocationsInstanceOSPoliciesCompliancesListCall) Do(opts ...goog } return ret, nil // { + // "deprecated": true, // "description": "List OS policies compliance data for all Compute Engine VM instances in the specified zone.", // "flatPath": "v1alpha/projects/{projectsId}/locations/{locationsId}/instanceOSPoliciesCompliances", // "httpMethod": "GET", diff --git a/securitycenter/v1/securitycenter-api.json b/securitycenter/v1/securitycenter-api.json index 00fc7307920..09d0a441b56 100644 --- a/securitycenter/v1/securitycenter-api.json +++ b/securitycenter/v1/securitycenter-api.json @@ -901,7 +901,7 @@ ] }, "patch": { - "description": "Updates the SecurityHealthAnalyticsCustomModule under the given name based on the given update mask. Updating the enablement state is supported on both resident and inherited modules (though resident modules cannot have an enablement state of “inherited”). Updating the display name and custom config of a module is supported on resident modules only.", + "description": "Updates the SecurityHealthAnalyticsCustomModule under the given name based on the given update mask. Updating the enablement state is supported on both resident and inherited modules (though resident modules cannot have an enablement state of \"inherited\"). Updating the display name and custom config of a module is supported on resident modules only.", "flatPath": "v1/folders/{foldersId}/securityHealthAnalyticsSettings/customModules/{customModulesId}", "httpMethod": "PATCH", "id": "securitycenter.folders.securityHealthAnalyticsSettings.customModules.patch", @@ -1147,7 +1147,7 @@ ], "parameters": { "name": { - "description": "The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: \"organizations/{organization_id}/sources/{source_id}/findings/{finding_id}\"", + "description": "The [relative resource name](https://cloud.google.com/apis/design/resource_names#relative_resource_name) of the finding. Example: \"organizations/{organization_id}/sources/{source_id}/findings/{finding_id}\", \"folders/{folder_id}/sources/{source_id}/findings/{finding_id}\", \"projects/{project_id}/sources/{source_id}/findings/{finding_id}\".", "location": "path", "pattern": "^folders/[^/]+/sources/[^/]+/findings/[^/]+$", "required": true, @@ -2318,7 +2318,7 @@ ] }, "patch": { - "description": "Updates the SecurityHealthAnalyticsCustomModule under the given name based on the given update mask. Updating the enablement state is supported on both resident and inherited modules (though resident modules cannot have an enablement state of “inherited”). Updating the display name and custom config of a module is supported on resident modules only.", + "description": "Updates the SecurityHealthAnalyticsCustomModule under the given name based on the given update mask. Updating the enablement state is supported on both resident and inherited modules (though resident modules cannot have an enablement state of \"inherited\"). Updating the display name and custom config of a module is supported on resident modules only.", "flatPath": "v1/organizations/{organizationsId}/securityHealthAnalyticsSettings/customModules/{customModulesId}", "httpMethod": "PATCH", "id": "securitycenter.organizations.securityHealthAnalyticsSettings.customModules.patch", @@ -2768,7 +2768,7 @@ ], "parameters": { "name": { - "description": "The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: \"organizations/{organization_id}/sources/{source_id}/findings/{finding_id}\"", + "description": "The [relative resource name](https://cloud.google.com/apis/design/resource_names#relative_resource_name) of the finding. Example: \"organizations/{organization_id}/sources/{source_id}/findings/{finding_id}\", \"folders/{folder_id}/sources/{source_id}/findings/{finding_id}\", \"projects/{project_id}/sources/{source_id}/findings/{finding_id}\".", "location": "path", "pattern": "^organizations/[^/]+/sources/[^/]+/findings/[^/]+$", "required": true, @@ -3730,7 +3730,7 @@ ] }, "patch": { - "description": "Updates the SecurityHealthAnalyticsCustomModule under the given name based on the given update mask. Updating the enablement state is supported on both resident and inherited modules (though resident modules cannot have an enablement state of “inherited”). Updating the display name and custom config of a module is supported on resident modules only.", + "description": "Updates the SecurityHealthAnalyticsCustomModule under the given name based on the given update mask. Updating the enablement state is supported on both resident and inherited modules (though resident modules cannot have an enablement state of \"inherited\"). Updating the display name and custom config of a module is supported on resident modules only.", "flatPath": "v1/projects/{projectsId}/securityHealthAnalyticsSettings/customModules/{customModulesId}", "httpMethod": "PATCH", "id": "securitycenter.projects.securityHealthAnalyticsSettings.customModules.patch", @@ -3976,7 +3976,7 @@ ], "parameters": { "name": { - "description": "The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: \"organizations/{organization_id}/sources/{source_id}/findings/{finding_id}\"", + "description": "The [relative resource name](https://cloud.google.com/apis/design/resource_names#relative_resource_name) of the finding. Example: \"organizations/{organization_id}/sources/{source_id}/findings/{finding_id}\", \"folders/{folder_id}/sources/{source_id}/findings/{finding_id}\", \"projects/{project_id}/sources/{source_id}/findings/{finding_id}\".", "location": "path", "pattern": "^projects/[^/]+/sources/[^/]+/findings/[^/]+$", "required": true, @@ -4143,7 +4143,7 @@ } } }, - "revision": "20230410", + "revision": "20230414", "rootUrl": "https://securitycenter.googleapis.com/", "schemas": { "Access": { @@ -4163,22 +4163,22 @@ "type": "string" }, "principalEmail": { - "description": "Associated email, such as \"foo@google.com\". The email address of the authenticated user (or service account on behalf of third party principal) making the request. For third party identity callers, the `principal_subject` field is populated instead of this field. For privacy reasons, the principal email address is sometimes redacted. For more information, see [Caller identities in audit logs](https://cloud.google.com/logging/docs/audit#user-id).", + "description": "Associated email, such as \"foo@google.com\". The email address of the authenticated user or a service account acting on behalf of a third party principal making the request. For third party identity callers, the `principal_subject` field is populated instead of this field. For privacy reasons, the principal email address is sometimes redacted. For more information, see [Caller identities in audit logs](https://cloud.google.com/logging/docs/audit#user-id).", "type": "string" }, "principalSubject": { - "description": "A string representing the principal_subject associated with the identity. As compared to `principal_email`, supports principals that aren't associated with email addresses, such as third party principals. For most identities, the format will be `principal://iam.googleapis.com/{identity pool name}/subjects/{subject}` except for some GKE identities (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the legacy format `serviceAccount:{identity pool name}[{subject}]`", + "description": "A string that represents the principal_subject that is associated with the identity. Unlike `principal_email`, `principal_subject` supports principals that aren't associated with email addresses, such as third party principals. For most identities, the format is `principal://iam.googleapis.com/{identity pool name}/subject/{subject}`. Some GKE identities, such as GKE_WORKLOAD, FREEFORM, and GKE_HUB_WORKLOAD, still use the legacy format `serviceAccount:{identity pool name}[{subject}]`.", "type": "string" }, "serviceAccountDelegationInfo": { - "description": "Identity delegation history of an authenticated service account that makes the request. It contains information on the real authorities that try to access GCP resources by delegating on a service account. When multiple authorities are present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.", + "description": "The identity delegation history of an authenticated service account that made the request. The `serviceAccountDelegationInfo[]` object contains information about the real authorities that try to access Google Cloud resources by delegating on a service account. When multiple authorities are present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.", "items": { "$ref": "ServiceAccountDelegationInfo" }, "type": "array" }, "serviceAccountKeyName": { - "description": "The name of the service account key used to create or exchange credentials for authenticating the service account making the request. This is a scheme-less URI full resource name. For example: \"//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}\" ", + "description": "The name of the service account key that was used to create or exchange credentials when authenticating the service account that made the request. This is a scheme-less URI full resource name. For example: \"//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}\". ", "type": "string" }, "serviceName": { @@ -4186,11 +4186,11 @@ "type": "string" }, "userAgentFamily": { - "description": "What kind of user agent is associated, for example operating system shells, embedded or stand-alone applications, etc.", + "description": "Type of user agent associated with the finding. For example, an operating system shell or an embedded or standalone application.", "type": "string" }, "userName": { - "description": "A string that represents the username of a user, user account, or other entity involved in the access event. What the entity is and what its role in the access event is depends on the finding that this field appears in. The entity is likely not an IAM principal, but could be a user that is logged into an operating system, if the finding is VM-related, or a user that is logged into some type of application that is involved in the access event.", + "description": "A string that represents a username. The username provided depends on the type of the finding and is likely not an IAM principal. For example, this can be a system username if the finding is related to a virtual machine, or it can be an application login username.", "type": "string" } }, @@ -4878,7 +4878,7 @@ "properties": { "access": { "$ref": "Access", - "description": "Access details associated to the Finding, such as more information on the caller, which method was accessed, from where, etc." + "description": "Access details associated with the finding, such as more information on the caller, which method was accessed, and from where." }, "canonicalName": { "description": "The canonical name of the finding. It's either \"organizations/{organization_id}/sources/{source_id}/findings/{finding_id}\", \"folders/{folder_id}/sources/{source_id}/findings/{finding_id}\" or \"projects/{project_number}/sources/{source_id}/findings/{finding_id}\", depending on the closest CRM ancestor of the resource associated with the finding.", @@ -4890,11 +4890,11 @@ }, "cloudDlpDataProfile": { "$ref": "CloudDlpDataProfile", - "description": "Cloud DLP data profile associated with the finding." + "description": "Cloud DLP data profile that is associated with the finding." }, "cloudDlpInspection": { "$ref": "CloudDlpInspection", - "description": "Cloud DLP inspection associated with the finding." + "description": "Cloud Data Loss Prevention (Cloud DLP) inspection results that are associated with the finding." }, "compliances": { "description": "Contains compliance information for security standards associated to the finding.", @@ -4919,7 +4919,7 @@ "type": "object" }, "containers": { - "description": "Containers associated with the finding. containers provides information for both Kubernetes and non-Kubernetes containers.", + "description": "Containers associated with the finding. This field provides information for both Kubernetes and non-Kubernetes containers.", "items": { "$ref": "Container" }, @@ -4935,7 +4935,7 @@ "description": "Database associated with the finding." }, "description": { - "description": "Contains more detail about the finding.", + "description": "Contains more details about the finding.", "type": "string" }, "eventTime": { @@ -4945,7 +4945,7 @@ }, "exfiltration": { "$ref": "Exfiltration", - "description": "Represents exfiltration associated with the Finding." + "description": "Represents exfiltrations associated with the finding." }, "externalSystems": { "additionalProperties": { @@ -4987,7 +4987,7 @@ "type": "string" }, "iamBindings": { - "description": "Represents IAM bindings associated with the Finding.", + "description": "Represents IAM bindings associated with the finding.", "items": { "$ref": "IamBinding" }, @@ -4995,11 +4995,11 @@ }, "indicator": { "$ref": "Indicator", - "description": "Represents what's commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise" + "description": "Represents what's commonly known as an *indicator of compromise* (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. For more information, see [Indicator of compromise](https://en.wikipedia.org/wiki/Indicator_of_compromise)." }, "kernelRootkit": { "$ref": "KernelRootkit", - "description": "Kernel Rootkit signature." + "description": "Signature of the kernel rootkit." }, "kubernetes": { "$ref": "Kubernetes", @@ -5030,7 +5030,7 @@ "type": "string" }, "muteInitiator": { - "description": "First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc. Unlike other attributes of a finding, a finding provider shouldn't set the value of mute.", + "description": "Records additional information about the mute operation, for example, the [mute configuration](/security-command-center/docs/how-to-mute-findings) that muted the finding and the user who muted the finding.", "type": "string" }, "muteUpdateTime": { @@ -5040,11 +5040,11 @@ "type": "string" }, "name": { - "description": "The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: \"organizations/{organization_id}/sources/{source_id}/findings/{finding_id}\"", + "description": "The [relative resource name](https://cloud.google.com/apis/design/resource_names#relative_resource_name) of the finding. Example: \"organizations/{organization_id}/sources/{source_id}/findings/{finding_id}\", \"folders/{folder_id}/sources/{source_id}/findings/{finding_id}\", \"projects/{project_id}/sources/{source_id}/findings/{finding_id}\".", "type": "string" }, "nextSteps": { - "description": "Next steps associate to the finding.", + "description": "Steps to address the finding.", "type": "string" }, "parent": { @@ -5083,7 +5083,7 @@ ], "enumDescriptions": [ "This value is used for findings when a source doesn't write a severity value.", - "Vulnerability: A critical vulnerability is easily discoverable by an external actor, exploitable, and results in the direct ability to execute arbitrary code, exfiltrate data, and otherwise gain additional access and privileges to cloud resources and workloads. Examples include publicly accessible unprotected user data, public SSH access with weak or no passwords, etc. Threat: Indicates a threat that is able to access, modify, or delete data or execute unauthorized code within existing resources.", + "Vulnerability: A critical vulnerability is easily discoverable by an external actor, exploitable, and results in the direct ability to execute arbitrary code, exfiltrate data, and otherwise gain additional access and privileges to cloud resources and workloads. Examples include publicly accessible unprotected user data and public SSH access with weak or no passwords. Threat: Indicates a threat that is able to access, modify, or delete data or execute unauthorized code within existing resources.", "Vulnerability: A high risk vulnerability can be easily discovered and exploited in combination with other vulnerabilities in order to gain direct access and the ability to execute arbitrary code, exfiltrate data, and otherwise gain additional access and privileges to cloud resources and workloads. An example is a database with weak or no passwords that is only accessible internally. This database could easily be compromised by an actor that had access to the internal network. Threat: Indicates a threat that is able to create new computational resources in an environment but not able to access data or execute code in existing resources.", "Vulnerability: A medium risk vulnerability could be used by an actor to gain access to resources or privileges that enable them to eventually (through multiple steps or a complex exploit) gain access and the ability to execute arbitrary code or exfiltrate data. An example is a service account with access to more projects than it should have. If an actor gains access to the service account, they could potentially use that access to manipulate a project the service account was not intended to. Threat: Indicates a threat that is able to cause operational impact but may not access data or execute unauthorized code.", "Vulnerability: A low risk vulnerability hampers a security organization's ability to detect vulnerabilities or active threats in their deployment, or prevents the root cause investigation of security issues. An example is monitoring and logs being disabled for resource configurations and access. Threat: Indicates a threat that has obtained minimal access to an environment but is not able to access data, execute code, or create resources." @@ -6212,7 +6212,7 @@ "type": "object" }, "ListDescendantSecurityHealthAnalyticsCustomModulesResponse": { - "description": "Response message for listing descendant security health analytics custom modules.", + "description": "Response message for listing descendant Security Health Analytics custom modules.", "id": "ListDescendantSecurityHealthAnalyticsCustomModulesResponse", "properties": { "nextPageToken": { @@ -6230,7 +6230,7 @@ "type": "object" }, "ListEffectiveSecurityHealthAnalyticsCustomModulesResponse": { - "description": "Response message for listing effective security health analytics custom modules.", + "description": "Response message for listing effective Security Health Analytics custom modules.", "id": "ListEffectiveSecurityHealthAnalyticsCustomModulesResponse", "properties": { "effectiveSecurityHealthAnalyticsCustomModules": { @@ -6364,7 +6364,7 @@ "type": "object" }, "ListSecurityHealthAnalyticsCustomModulesResponse": { - "description": "Response message for listing security health analytics custom modules.", + "description": "Response message for listing Security Health Analytics custom modules.", "id": "ListSecurityHealthAnalyticsCustomModulesResponse", "properties": { "nextPageToken": { diff --git a/securitycenter/v1/securitycenter-gen.go b/securitycenter/v1/securitycenter-gen.go index bcc29047a2d..3ae30acd58f 100644 --- a/securitycenter/v1/securitycenter-gen.go +++ b/securitycenter/v1/securitycenter-gen.go @@ -593,55 +593,55 @@ type Access struct { MethodName string `json:"methodName,omitempty"` // PrincipalEmail: Associated email, such as "foo@google.com". The email - // address of the authenticated user (or service account on behalf of - // third party principal) making the request. For third party identity - // callers, the `principal_subject` field is populated instead of this - // field. For privacy reasons, the principal email address is sometimes - // redacted. For more information, see Caller identities in audit logs - // (https://cloud.google.com/logging/docs/audit#user-id). + // address of the authenticated user or a service account acting on + // behalf of a third party principal making the request. For third party + // identity callers, the `principal_subject` field is populated instead + // of this field. For privacy reasons, the principal email address is + // sometimes redacted. For more information, see Caller identities in + // audit logs (https://cloud.google.com/logging/docs/audit#user-id). PrincipalEmail string `json:"principalEmail,omitempty"` - // PrincipalSubject: A string representing the principal_subject - // associated with the identity. As compared to `principal_email`, - // supports principals that aren't associated with email addresses, such - // as third party principals. For most identities, the format will be - // `principal://iam.googleapis.com/{identity pool - // name}/subjects/{subject}` except for some GKE identities - // (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the - // legacy format `serviceAccount:{identity pool name}[{subject}]` + // PrincipalSubject: A string that represents the principal_subject that + // is associated with the identity. Unlike `principal_email`, + // `principal_subject` supports principals that aren't associated with + // email addresses, such as third party principals. For most identities, + // the format is `principal://iam.googleapis.com/{identity pool + // name}/subject/{subject}`. Some GKE identities, such as GKE_WORKLOAD, + // FREEFORM, and GKE_HUB_WORKLOAD, still use the legacy format + // `serviceAccount:{identity pool name}[{subject}]`. PrincipalSubject string `json:"principalSubject,omitempty"` - // ServiceAccountDelegationInfo: Identity delegation history of an - // authenticated service account that makes the request. It contains - // information on the real authorities that try to access GCP resources - // by delegating on a service account. When multiple authorities are + // ServiceAccountDelegationInfo: The identity delegation history of an + // authenticated service account that made the request. The + // `serviceAccountDelegationInfo[]` object contains information about + // the real authorities that try to access Google Cloud resources by + // delegating on a service account. When multiple authorities are // present, they are guaranteed to be sorted based on the original // ordering of the identity delegation events. ServiceAccountDelegationInfo []*ServiceAccountDelegationInfo `json:"serviceAccountDelegationInfo,omitempty"` - // ServiceAccountKeyName: The name of the service account key used to - // create or exchange credentials for authenticating the service account - // making the request. This is a scheme-less URI full resource name. For - // example: + // ServiceAccountKeyName: The name of the service account key that was + // used to create or exchange credentials when authenticating the + // service account that made the request. This is a scheme-less URI full + // resource name. For example: // "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/ - // keys/{key}" + // keys/{key}". ServiceAccountKeyName string `json:"serviceAccountKeyName,omitempty"` // ServiceName: This is the API service that the service account made a // call to, e.g. "iam.googleapis.com" ServiceName string `json:"serviceName,omitempty"` - // UserAgentFamily: What kind of user agent is associated, for example - // operating system shells, embedded or stand-alone applications, etc. + // UserAgentFamily: Type of user agent associated with the finding. For + // example, an operating system shell or an embedded or standalone + // application. UserAgentFamily string `json:"userAgentFamily,omitempty"` - // UserName: A string that represents the username of a user, user - // account, or other entity involved in the access event. What the - // entity is and what its role in the access event is depends on the - // finding that this field appears in. The entity is likely not an IAM - // principal, but could be a user that is logged into an operating - // system, if the finding is VM-related, or a user that is logged into - // some type of application that is involved in the access event. + // UserName: A string that represents a username. The username provided + // depends on the type of the finding and is likely not an IAM + // principal. For example, this can be a system username if the finding + // is related to a virtual machine, or it can be an application login + // username. UserName string `json:"userName,omitempty"` // ForceSendFields is a list of field names (e.g. "CallerIp") to @@ -1841,9 +1841,8 @@ func (s *File) MarshalJSON() ([]byte, error) { // scripting (XSS) vulnerability in an App Engine application is a // finding. type Finding struct { - // Access: Access details associated to the Finding, such as more - // information on the caller, which method was accessed, from where, - // etc. + // Access: Access details associated with the finding, such as more + // information on the caller, which method was accessed, and from where. Access *Access `json:"access,omitempty"` // CanonicalName: The canonical name of the finding. It's either @@ -1860,11 +1859,12 @@ type Finding struct { // "XSS_FLASH_INJECTION" Category string `json:"category,omitempty"` - // CloudDlpDataProfile: Cloud DLP data profile associated with the - // finding. + // CloudDlpDataProfile: Cloud DLP data profile that is associated with + // the finding. CloudDlpDataProfile *CloudDlpDataProfile `json:"cloudDlpDataProfile,omitempty"` - // CloudDlpInspection: Cloud DLP inspection associated with the finding. + // CloudDlpInspection: Cloud Data Loss Prevention (Cloud DLP) inspection + // results that are associated with the finding. CloudDlpInspection *CloudDlpInspection `json:"cloudDlpInspection,omitempty"` // Compliances: Contains compliance information for security standards @@ -1884,7 +1884,7 @@ type Finding struct { // "email": "person2@company.com" } ] } } Contacts map[string]ContactDetails `json:"contacts,omitempty"` - // Containers: Containers associated with the finding. containers + // Containers: Containers associated with the finding. This field // provides information for both Kubernetes and non-Kubernetes // containers. Containers []*Container `json:"containers,omitempty"` @@ -1896,7 +1896,7 @@ type Finding struct { // Database: Database associated with the finding. Database *Database `json:"database,omitempty"` - // Description: Contains more detail about the finding. + // Description: Contains more details about the finding. Description string `json:"description,omitempty"` // EventTime: The time the finding was first detected. If an existing @@ -1908,7 +1908,7 @@ type Finding struct { // must not be set to a value greater than the current timestamp. EventTime string `json:"eventTime,omitempty"` - // Exfiltration: Represents exfiltration associated with the Finding. + // Exfiltration: Represents exfiltrations associated with the finding. Exfiltration *Exfiltration `json:"exfiltration,omitempty"` // ExternalSystems: Output only. Third party SIEM/SOAR fields within @@ -1940,17 +1940,18 @@ type Finding struct { // functionality. FindingClass string `json:"findingClass,omitempty"` - // IamBindings: Represents IAM bindings associated with the Finding. + // IamBindings: Represents IAM bindings associated with the finding. IamBindings []*IamBinding `json:"iamBindings,omitempty"` - // Indicator: Represents what's commonly known as an Indicator of - // compromise (IoC) in computer forensics. This is an artifact observed + // Indicator: Represents what's commonly known as an *indicator of + // compromise* (IoC) in computer forensics. This is an artifact observed // on a network or in an operating system that, with high confidence, - // indicates a computer intrusion. Reference: - // https://en.wikipedia.org/wiki/Indicator_of_compromise + // indicates a computer intrusion. For more information, see Indicator + // of compromise + // (https://en.wikipedia.org/wiki/Indicator_of_compromise). Indicator *Indicator `json:"indicator,omitempty"` - // KernelRootkit: Kernel Rootkit signature. + // KernelRootkit: Signature of the kernel rootkit. KernelRootkit *KernelRootkit `json:"kernelRootkit,omitempty"` // Kubernetes: Kubernetes resources associated with the finding. @@ -1977,24 +1978,26 @@ type Finding struct { // "UNDEFINED" - Finding has never been muted/unmuted. Mute string `json:"mute,omitempty"` - // MuteInitiator: First known as mute_annotation. Records additional - // information about the mute operation e.g. mute config that muted the - // finding, user who muted the finding, etc. Unlike other attributes of - // a finding, a finding provider shouldn't set the value of mute. + // MuteInitiator: Records additional information about the mute + // operation, for example, the mute configuration + // (/security-command-center/docs/how-to-mute-findings) that muted the + // finding and the user who muted the finding. MuteInitiator string `json:"muteInitiator,omitempty"` // MuteUpdateTime: Output only. The most recent time this finding was // muted or unmuted. MuteUpdateTime string `json:"muteUpdateTime,omitempty"` - // Name: The relative resource name of this finding. See: - // https://cloud.google.com/apis/design/resource_names#relative_resource_name - // Example: + // Name: The relative resource name + // (https://cloud.google.com/apis/design/resource_names#relative_resource_name) + // of the finding. Example: // "organizations/{organization_id}/sources/{source_id}/findings/{finding - // _id}" + // _id}", + // "folders/{folder_id}/sources/{source_id}/findings/{finding_id}", + // "projects/{project_id}/sources/{source_id}/findings/{finding_id}". Name string `json:"name,omitempty"` - // NextSteps: Next steps associate to the finding. + // NextSteps: Steps to address the finding. NextSteps string `json:"nextSteps,omitempty"` // Parent: The relative resource name of the source the finding belongs @@ -2037,7 +2040,7 @@ type Finding struct { // direct ability to execute arbitrary code, exfiltrate data, and // otherwise gain additional access and privileges to cloud resources // and workloads. Examples include publicly accessible unprotected user - // data, public SSH access with weak or no passwords, etc. Threat: + // data and public SSH access with weak or no passwords. Threat: // Indicates a threat that is able to access, modify, or delete data or // execute unauthorized code within existing resources. // "HIGH" - Vulnerability: A high risk vulnerability can be easily @@ -4042,7 +4045,7 @@ func (s *ListBigQueryExportsResponse) MarshalJSON() ([]byte, error) { } // ListDescendantSecurityHealthAnalyticsCustomModulesResponse: Response -// message for listing descendant security health analytics custom +// message for listing descendant Security Health Analytics custom // modules. type ListDescendantSecurityHealthAnalyticsCustomModulesResponse struct { // NextPageToken: If not empty, indicates that there may be more custom @@ -4081,7 +4084,7 @@ func (s *ListDescendantSecurityHealthAnalyticsCustomModulesResponse) MarshalJSON } // ListEffectiveSecurityHealthAnalyticsCustomModulesResponse: Response -// message for listing effective security health analytics custom +// message for listing effective Security Health Analytics custom // modules. type ListEffectiveSecurityHealthAnalyticsCustomModulesResponse struct { // EffectiveSecurityHealthAnalyticsCustomModules: Effective custom @@ -4323,7 +4326,7 @@ func (s *ListOperationsResponse) MarshalJSON() ([]byte, error) { } // ListSecurityHealthAnalyticsCustomModulesResponse: Response message -// for listing security health analytics custom modules. +// for listing Security Health Analytics custom modules. type ListSecurityHealthAnalyticsCustomModulesResponse struct { // NextPageToken: If not empty, indicates that there may be more custom // modules to be returned. @@ -9879,7 +9882,7 @@ type FoldersSecurityHealthAnalyticsSettingsCustomModulesPatchCall struct { // Patch: Updates the SecurityHealthAnalyticsCustomModule under the // given name based on the given update mask. Updating the enablement // state is supported on both resident and inherited modules (though -// resident modules cannot have an enablement state of “inherited”). +// resident modules cannot have an enablement state of "inherited"). // Updating the display name and custom config of a module is supported // on resident modules only. // @@ -10000,7 +10003,7 @@ func (c *FoldersSecurityHealthAnalyticsSettingsCustomModulesPatchCall) Do(opts . } return ret, nil // { - // "description": "Updates the SecurityHealthAnalyticsCustomModule under the given name based on the given update mask. Updating the enablement state is supported on both resident and inherited modules (though resident modules cannot have an enablement state of “inherited”). Updating the display name and custom config of a module is supported on resident modules only.", + // "description": "Updates the SecurityHealthAnalyticsCustomModule under the given name based on the given update mask. Updating the enablement state is supported on both resident and inherited modules (though resident modules cannot have an enablement state of \"inherited\"). Updating the display name and custom config of a module is supported on resident modules only.", // "flatPath": "v1/folders/{foldersId}/securityHealthAnalyticsSettings/customModules/{customModulesId}", // "httpMethod": "PATCH", // "id": "securitycenter.folders.securityHealthAnalyticsSettings.customModules.patch", @@ -11106,11 +11109,13 @@ type FoldersSourcesFindingsPatchCall struct { // Patch: Creates or updates a finding. The corresponding source must // exist for a finding creation to succeed. // -// - name: The relative resource name of this finding. See: -// https://cloud.google.com/apis/design/resource_names#relative_resource_name -// Example: +// - name: The relative resource name +// (https://cloud.google.com/apis/design/resource_names#relative_resource_name) +// of the finding. Example: // "organizations/{organization_id}/sources/{source_id}/findings/{findi -// ng_id}". +// ng_id}", +// "folders/{folder_id}/sources/{source_id}/findings/{finding_id}", +// "projects/{project_id}/sources/{source_id}/findings/{finding_id}". func (r *FoldersSourcesFindingsService) Patch(name string, finding *Finding) *FoldersSourcesFindingsPatchCall { c := &FoldersSourcesFindingsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} c.name = name @@ -11229,7 +11234,7 @@ func (c *FoldersSourcesFindingsPatchCall) Do(opts ...googleapi.CallOption) (*Fin // ], // "parameters": { // "name": { - // "description": "The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: \"organizations/{organization_id}/sources/{source_id}/findings/{finding_id}\"", + // "description": "The [relative resource name](https://cloud.google.com/apis/design/resource_names#relative_resource_name) of the finding. Example: \"organizations/{organization_id}/sources/{source_id}/findings/{finding_id}\", \"folders/{folder_id}/sources/{source_id}/findings/{finding_id}\", \"projects/{project_id}/sources/{source_id}/findings/{finding_id}\".", // "location": "path", // "pattern": "^folders/[^/]+/sources/[^/]+/findings/[^/]+$", // "required": true, @@ -17079,7 +17084,7 @@ type OrganizationsSecurityHealthAnalyticsSettingsCustomModulesPatchCall struct { // Patch: Updates the SecurityHealthAnalyticsCustomModule under the // given name based on the given update mask. Updating the enablement // state is supported on both resident and inherited modules (though -// resident modules cannot have an enablement state of “inherited”). +// resident modules cannot have an enablement state of "inherited"). // Updating the display name and custom config of a module is supported // on resident modules only. // @@ -17200,7 +17205,7 @@ func (c *OrganizationsSecurityHealthAnalyticsSettingsCustomModulesPatchCall) Do( } return ret, nil // { - // "description": "Updates the SecurityHealthAnalyticsCustomModule under the given name based on the given update mask. Updating the enablement state is supported on both resident and inherited modules (though resident modules cannot have an enablement state of “inherited”). Updating the display name and custom config of a module is supported on resident modules only.", + // "description": "Updates the SecurityHealthAnalyticsCustomModule under the given name based on the given update mask. Updating the enablement state is supported on both resident and inherited modules (though resident modules cannot have an enablement state of \"inherited\"). Updating the display name and custom config of a module is supported on resident modules only.", // "flatPath": "v1/organizations/{organizationsId}/securityHealthAnalyticsSettings/customModules/{customModulesId}", // "httpMethod": "PATCH", // "id": "securitycenter.organizations.securityHealthAnalyticsSettings.customModules.patch", @@ -19348,11 +19353,13 @@ type OrganizationsSourcesFindingsPatchCall struct { // Patch: Creates or updates a finding. The corresponding source must // exist for a finding creation to succeed. // -// - name: The relative resource name of this finding. See: -// https://cloud.google.com/apis/design/resource_names#relative_resource_name -// Example: +// - name: The relative resource name +// (https://cloud.google.com/apis/design/resource_names#relative_resource_name) +// of the finding. Example: // "organizations/{organization_id}/sources/{source_id}/findings/{findi -// ng_id}". +// ng_id}", +// "folders/{folder_id}/sources/{source_id}/findings/{finding_id}", +// "projects/{project_id}/sources/{source_id}/findings/{finding_id}". func (r *OrganizationsSourcesFindingsService) Patch(name string, finding *Finding) *OrganizationsSourcesFindingsPatchCall { c := &OrganizationsSourcesFindingsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} c.name = name @@ -19471,7 +19478,7 @@ func (c *OrganizationsSourcesFindingsPatchCall) Do(opts ...googleapi.CallOption) // ], // "parameters": { // "name": { - // "description": "The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: \"organizations/{organization_id}/sources/{source_id}/findings/{finding_id}\"", + // "description": "The [relative resource name](https://cloud.google.com/apis/design/resource_names#relative_resource_name) of the finding. Example: \"organizations/{organization_id}/sources/{source_id}/findings/{finding_id}\", \"folders/{folder_id}/sources/{source_id}/findings/{finding_id}\", \"projects/{project_id}/sources/{source_id}/findings/{finding_id}\".", // "location": "path", // "pattern": "^organizations/[^/]+/sources/[^/]+/findings/[^/]+$", // "required": true, @@ -24239,7 +24246,7 @@ type ProjectsSecurityHealthAnalyticsSettingsCustomModulesPatchCall struct { // Patch: Updates the SecurityHealthAnalyticsCustomModule under the // given name based on the given update mask. Updating the enablement // state is supported on both resident and inherited modules (though -// resident modules cannot have an enablement state of “inherited”). +// resident modules cannot have an enablement state of "inherited"). // Updating the display name and custom config of a module is supported // on resident modules only. // @@ -24360,7 +24367,7 @@ func (c *ProjectsSecurityHealthAnalyticsSettingsCustomModulesPatchCall) Do(opts } return ret, nil // { - // "description": "Updates the SecurityHealthAnalyticsCustomModule under the given name based on the given update mask. Updating the enablement state is supported on both resident and inherited modules (though resident modules cannot have an enablement state of “inherited”). Updating the display name and custom config of a module is supported on resident modules only.", + // "description": "Updates the SecurityHealthAnalyticsCustomModule under the given name based on the given update mask. Updating the enablement state is supported on both resident and inherited modules (though resident modules cannot have an enablement state of \"inherited\"). Updating the display name and custom config of a module is supported on resident modules only.", // "flatPath": "v1/projects/{projectsId}/securityHealthAnalyticsSettings/customModules/{customModulesId}", // "httpMethod": "PATCH", // "id": "securitycenter.projects.securityHealthAnalyticsSettings.customModules.patch", @@ -25466,11 +25473,13 @@ type ProjectsSourcesFindingsPatchCall struct { // Patch: Creates or updates a finding. The corresponding source must // exist for a finding creation to succeed. // -// - name: The relative resource name of this finding. See: -// https://cloud.google.com/apis/design/resource_names#relative_resource_name -// Example: +// - name: The relative resource name +// (https://cloud.google.com/apis/design/resource_names#relative_resource_name) +// of the finding. Example: // "organizations/{organization_id}/sources/{source_id}/findings/{findi -// ng_id}". +// ng_id}", +// "folders/{folder_id}/sources/{source_id}/findings/{finding_id}", +// "projects/{project_id}/sources/{source_id}/findings/{finding_id}". func (r *ProjectsSourcesFindingsService) Patch(name string, finding *Finding) *ProjectsSourcesFindingsPatchCall { c := &ProjectsSourcesFindingsPatchCall{s: r.s, urlParams_: make(gensupport.URLParams)} c.name = name @@ -25589,7 +25598,7 @@ func (c *ProjectsSourcesFindingsPatchCall) Do(opts ...googleapi.CallOption) (*Fi // ], // "parameters": { // "name": { - // "description": "The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: \"organizations/{organization_id}/sources/{source_id}/findings/{finding_id}\"", + // "description": "The [relative resource name](https://cloud.google.com/apis/design/resource_names#relative_resource_name) of the finding. Example: \"organizations/{organization_id}/sources/{source_id}/findings/{finding_id}\", \"folders/{folder_id}/sources/{source_id}/findings/{finding_id}\", \"projects/{project_id}/sources/{source_id}/findings/{finding_id}\".", // "location": "path", // "pattern": "^projects/[^/]+/sources/[^/]+/findings/[^/]+$", // "required": true, diff --git a/securitycenter/v1beta1/securitycenter-api.json b/securitycenter/v1beta1/securitycenter-api.json index c0cf426d8e4..a9c73323af0 100644 --- a/securitycenter/v1beta1/securitycenter-api.json +++ b/securitycenter/v1beta1/securitycenter-api.json @@ -896,7 +896,7 @@ } } }, - "revision": "20230410", + "revision": "20230414", "rootUrl": "https://securitycenter.googleapis.com/", "schemas": { "Access": { @@ -916,22 +916,22 @@ "type": "string" }, "principalEmail": { - "description": "Associated email, such as \"foo@google.com\". The email address of the authenticated user (or service account on behalf of third party principal) making the request. For third party identity callers, the `principal_subject` field is populated instead of this field. For privacy reasons, the principal email address is sometimes redacted. For more information, see [Caller identities in audit logs](https://cloud.google.com/logging/docs/audit#user-id).", + "description": "Associated email, such as \"foo@google.com\". The email address of the authenticated user or a service account acting on behalf of a third party principal making the request. For third party identity callers, the `principal_subject` field is populated instead of this field. For privacy reasons, the principal email address is sometimes redacted. For more information, see [Caller identities in audit logs](https://cloud.google.com/logging/docs/audit#user-id).", "type": "string" }, "principalSubject": { - "description": "A string representing the principal_subject associated with the identity. As compared to `principal_email`, supports principals that aren't associated with email addresses, such as third party principals. For most identities, the format will be `principal://iam.googleapis.com/{identity pool name}/subjects/{subject}` except for some GKE identities (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the legacy format `serviceAccount:{identity pool name}[{subject}]`", + "description": "A string that represents the principal_subject that is associated with the identity. Unlike `principal_email`, `principal_subject` supports principals that aren't associated with email addresses, such as third party principals. For most identities, the format is `principal://iam.googleapis.com/{identity pool name}/subject/{subject}`. Some GKE identities, such as GKE_WORKLOAD, FREEFORM, and GKE_HUB_WORKLOAD, still use the legacy format `serviceAccount:{identity pool name}[{subject}]`.", "type": "string" }, "serviceAccountDelegationInfo": { - "description": "Identity delegation history of an authenticated service account that makes the request. It contains information on the real authorities that try to access GCP resources by delegating on a service account. When multiple authorities are present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.", + "description": "The identity delegation history of an authenticated service account that made the request. The `serviceAccountDelegationInfo[]` object contains information about the real authorities that try to access Google Cloud resources by delegating on a service account. When multiple authorities are present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.", "items": { "$ref": "ServiceAccountDelegationInfo" }, "type": "array" }, "serviceAccountKeyName": { - "description": "The name of the service account key used to create or exchange credentials for authenticating the service account making the request. This is a scheme-less URI full resource name. For example: \"//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}\" ", + "description": "The name of the service account key that was used to create or exchange credentials when authenticating the service account that made the request. This is a scheme-less URI full resource name. For example: \"//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}\". ", "type": "string" }, "serviceName": { @@ -939,11 +939,11 @@ "type": "string" }, "userAgentFamily": { - "description": "What kind of user agent is associated, for example operating system shells, embedded or stand-alone applications, etc.", + "description": "Type of user agent associated with the finding. For example, an operating system shell or an embedded or standalone application.", "type": "string" }, "userName": { - "description": "A string that represents the username of a user, user account, or other entity involved in the access event. What the entity is and what its role in the access event is depends on the finding that this field appears in. The entity is likely not an IAM principal, but could be a user that is logged into an operating system, if the finding is VM-related, or a user that is logged into some type of application that is involved in the access event.", + "description": "A string that represents a username. The username provided depends on the type of the finding and is likely not an IAM principal. For example, this can be a system username if the finding is related to a virtual machine, or it can be an application login username.", "type": "string" } }, @@ -1607,7 +1607,7 @@ "properties": { "access": { "$ref": "Access", - "description": "Access details associated to the Finding, such as more information on the caller, which method was accessed, from where, etc." + "description": "Access details associated with the finding, such as more information on the caller, which method was accessed, and from where." }, "canonicalName": { "description": "The canonical name of the finding. It's either \"organizations/{organization_id}/sources/{source_id}/findings/{finding_id}\", \"folders/{folder_id}/sources/{source_id}/findings/{finding_id}\" or \"projects/{project_number}/sources/{source_id}/findings/{finding_id}\", depending on the closest CRM ancestor of the resource associated with the finding.", @@ -1619,11 +1619,11 @@ }, "cloudDlpDataProfile": { "$ref": "CloudDlpDataProfile", - "description": "Cloud DLP data profile associated with the finding." + "description": "Cloud DLP data profile that is associated with the finding." }, "cloudDlpInspection": { "$ref": "CloudDlpInspection", - "description": "Cloud DLP inspection associated with the finding." + "description": "Cloud Data Loss Prevention (Cloud DLP) inspection results that are associated with the finding." }, "compliances": { "description": "Contains compliance information for security standards associated to the finding.", @@ -1648,7 +1648,7 @@ "type": "object" }, "containers": { - "description": "Containers associated with the finding. containers provides information for both Kubernetes and non-Kubernetes containers.", + "description": "Containers associated with the finding. This field provides information for both Kubernetes and non-Kubernetes containers.", "items": { "$ref": "Container" }, @@ -1664,7 +1664,7 @@ "description": "Database associated with the finding." }, "description": { - "description": "Contains more detail about the finding.", + "description": "Contains more details about the finding.", "type": "string" }, "eventTime": { @@ -1674,7 +1674,7 @@ }, "exfiltration": { "$ref": "Exfiltration", - "description": "Represents exfiltration associated with the Finding." + "description": "Represents exfiltrations associated with the finding." }, "externalSystems": { "additionalProperties": { @@ -1716,7 +1716,7 @@ "type": "string" }, "iamBindings": { - "description": "Represents IAM bindings associated with the Finding.", + "description": "Represents IAM bindings associated with the finding.", "items": { "$ref": "IamBinding" }, @@ -1724,11 +1724,11 @@ }, "indicator": { "$ref": "Indicator", - "description": "Represents what's commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise" + "description": "Represents what's commonly known as an *indicator of compromise* (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. For more information, see [Indicator of compromise](https://en.wikipedia.org/wiki/Indicator_of_compromise)." }, "kernelRootkit": { "$ref": "KernelRootkit", - "description": "Kernel Rootkit signature." + "description": "Signature of the kernel rootkit." }, "kubernetes": { "$ref": "Kubernetes", @@ -1759,7 +1759,7 @@ "type": "string" }, "muteInitiator": { - "description": "First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc. Unlike other attributes of a finding, a finding provider shouldn't set the value of mute.", + "description": "Records additional information about the mute operation, for example, the [mute configuration](/security-command-center/docs/how-to-mute-findings) that muted the finding and the user who muted the finding.", "type": "string" }, "muteUpdateTime": { @@ -1769,11 +1769,11 @@ "type": "string" }, "name": { - "description": "The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: \"organizations/{organization_id}/sources/{source_id}/findings/{finding_id}\"", + "description": "The [relative resource name](https://cloud.google.com/apis/design/resource_names#relative_resource_name) of the finding. Example: \"organizations/{organization_id}/sources/{source_id}/findings/{finding_id}\", \"folders/{folder_id}/sources/{source_id}/findings/{finding_id}\", \"projects/{project_id}/sources/{source_id}/findings/{finding_id}\".", "type": "string" }, "nextSteps": { - "description": "Next steps associate to the finding.", + "description": "Steps to address the finding.", "type": "string" }, "parent": { @@ -1812,7 +1812,7 @@ ], "enumDescriptions": [ "This value is used for findings when a source doesn't write a severity value.", - "Vulnerability: A critical vulnerability is easily discoverable by an external actor, exploitable, and results in the direct ability to execute arbitrary code, exfiltrate data, and otherwise gain additional access and privileges to cloud resources and workloads. Examples include publicly accessible unprotected user data, public SSH access with weak or no passwords, etc. Threat: Indicates a threat that is able to access, modify, or delete data or execute unauthorized code within existing resources.", + "Vulnerability: A critical vulnerability is easily discoverable by an external actor, exploitable, and results in the direct ability to execute arbitrary code, exfiltrate data, and otherwise gain additional access and privileges to cloud resources and workloads. Examples include publicly accessible unprotected user data and public SSH access with weak or no passwords. Threat: Indicates a threat that is able to access, modify, or delete data or execute unauthorized code within existing resources.", "Vulnerability: A high risk vulnerability can be easily discovered and exploited in combination with other vulnerabilities in order to gain direct access and the ability to execute arbitrary code, exfiltrate data, and otherwise gain additional access and privileges to cloud resources and workloads. An example is a database with weak or no passwords that is only accessible internally. This database could easily be compromised by an actor that had access to the internal network. Threat: Indicates a threat that is able to create new computational resources in an environment but not able to access data or execute code in existing resources.", "Vulnerability: A medium risk vulnerability could be used by an actor to gain access to resources or privileges that enable them to eventually (through multiple steps or a complex exploit) gain access and the ability to execute arbitrary code or exfiltrate data. An example is a service account with access to more projects than it should have. If an actor gains access to the service account, they could potentially use that access to manipulate a project the service account was not intended to. Threat: Indicates a threat that is able to cause operational impact but may not access data or execute unauthorized code.", "Vulnerability: A low risk vulnerability hampers a security organization's ability to detect vulnerabilities or active threats in their deployment, or prevents the root cause investigation of security issues. An example is monitoring and logs being disabled for resource configurations and access. Threat: Indicates a threat that has obtained minimal access to an environment but is not able to access data, execute code, or create resources." diff --git a/securitycenter/v1beta1/securitycenter-gen.go b/securitycenter/v1beta1/securitycenter-gen.go index e5029e5dfc7..b25484b7817 100644 --- a/securitycenter/v1beta1/securitycenter-gen.go +++ b/securitycenter/v1beta1/securitycenter-gen.go @@ -209,55 +209,55 @@ type Access struct { MethodName string `json:"methodName,omitempty"` // PrincipalEmail: Associated email, such as "foo@google.com". The email - // address of the authenticated user (or service account on behalf of - // third party principal) making the request. For third party identity - // callers, the `principal_subject` field is populated instead of this - // field. For privacy reasons, the principal email address is sometimes - // redacted. For more information, see Caller identities in audit logs - // (https://cloud.google.com/logging/docs/audit#user-id). + // address of the authenticated user or a service account acting on + // behalf of a third party principal making the request. For third party + // identity callers, the `principal_subject` field is populated instead + // of this field. For privacy reasons, the principal email address is + // sometimes redacted. For more information, see Caller identities in + // audit logs (https://cloud.google.com/logging/docs/audit#user-id). PrincipalEmail string `json:"principalEmail,omitempty"` - // PrincipalSubject: A string representing the principal_subject - // associated with the identity. As compared to `principal_email`, - // supports principals that aren't associated with email addresses, such - // as third party principals. For most identities, the format will be - // `principal://iam.googleapis.com/{identity pool - // name}/subjects/{subject}` except for some GKE identities - // (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the - // legacy format `serviceAccount:{identity pool name}[{subject}]` + // PrincipalSubject: A string that represents the principal_subject that + // is associated with the identity. Unlike `principal_email`, + // `principal_subject` supports principals that aren't associated with + // email addresses, such as third party principals. For most identities, + // the format is `principal://iam.googleapis.com/{identity pool + // name}/subject/{subject}`. Some GKE identities, such as GKE_WORKLOAD, + // FREEFORM, and GKE_HUB_WORKLOAD, still use the legacy format + // `serviceAccount:{identity pool name}[{subject}]`. PrincipalSubject string `json:"principalSubject,omitempty"` - // ServiceAccountDelegationInfo: Identity delegation history of an - // authenticated service account that makes the request. It contains - // information on the real authorities that try to access GCP resources - // by delegating on a service account. When multiple authorities are + // ServiceAccountDelegationInfo: The identity delegation history of an + // authenticated service account that made the request. The + // `serviceAccountDelegationInfo[]` object contains information about + // the real authorities that try to access Google Cloud resources by + // delegating on a service account. When multiple authorities are // present, they are guaranteed to be sorted based on the original // ordering of the identity delegation events. ServiceAccountDelegationInfo []*ServiceAccountDelegationInfo `json:"serviceAccountDelegationInfo,omitempty"` - // ServiceAccountKeyName: The name of the service account key used to - // create or exchange credentials for authenticating the service account - // making the request. This is a scheme-less URI full resource name. For - // example: + // ServiceAccountKeyName: The name of the service account key that was + // used to create or exchange credentials when authenticating the + // service account that made the request. This is a scheme-less URI full + // resource name. For example: // "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/ - // keys/{key}" + // keys/{key}". ServiceAccountKeyName string `json:"serviceAccountKeyName,omitempty"` // ServiceName: This is the API service that the service account made a // call to, e.g. "iam.googleapis.com" ServiceName string `json:"serviceName,omitempty"` - // UserAgentFamily: What kind of user agent is associated, for example - // operating system shells, embedded or stand-alone applications, etc. + // UserAgentFamily: Type of user agent associated with the finding. For + // example, an operating system shell or an embedded or standalone + // application. UserAgentFamily string `json:"userAgentFamily,omitempty"` - // UserName: A string that represents the username of a user, user - // account, or other entity involved in the access event. What the - // entity is and what its role in the access event is depends on the - // finding that this field appears in. The entity is likely not an IAM - // principal, but could be a user that is logged into an operating - // system, if the finding is VM-related, or a user that is logged into - // some type of application that is involved in the access event. + // UserName: A string that represents a username. The username provided + // depends on the type of the finding and is likely not an IAM + // principal. For example, this can be a system username if the finding + // is related to a virtual machine, or it can be an application login + // username. UserName string `json:"userName,omitempty"` // ForceSendFields is a list of field names (e.g. "CallerIp") to @@ -1400,9 +1400,8 @@ func (s *File) MarshalJSON() ([]byte, error) { // scripting (XSS) vulnerability in an App Engine application is a // finding. type Finding struct { - // Access: Access details associated to the Finding, such as more - // information on the caller, which method was accessed, from where, - // etc. + // Access: Access details associated with the finding, such as more + // information on the caller, which method was accessed, and from where. Access *Access `json:"access,omitempty"` // CanonicalName: The canonical name of the finding. It's either @@ -1419,11 +1418,12 @@ type Finding struct { // "XSS_FLASH_INJECTION" Category string `json:"category,omitempty"` - // CloudDlpDataProfile: Cloud DLP data profile associated with the - // finding. + // CloudDlpDataProfile: Cloud DLP data profile that is associated with + // the finding. CloudDlpDataProfile *CloudDlpDataProfile `json:"cloudDlpDataProfile,omitempty"` - // CloudDlpInspection: Cloud DLP inspection associated with the finding. + // CloudDlpInspection: Cloud Data Loss Prevention (Cloud DLP) inspection + // results that are associated with the finding. CloudDlpInspection *CloudDlpInspection `json:"cloudDlpInspection,omitempty"` // Compliances: Contains compliance information for security standards @@ -1443,7 +1443,7 @@ type Finding struct { // "email": "person2@company.com" } ] } } Contacts map[string]ContactDetails `json:"contacts,omitempty"` - // Containers: Containers associated with the finding. containers + // Containers: Containers associated with the finding. This field // provides information for both Kubernetes and non-Kubernetes // containers. Containers []*Container `json:"containers,omitempty"` @@ -1455,7 +1455,7 @@ type Finding struct { // Database: Database associated with the finding. Database *Database `json:"database,omitempty"` - // Description: Contains more detail about the finding. + // Description: Contains more details about the finding. Description string `json:"description,omitempty"` // EventTime: The time the finding was first detected. If an existing @@ -1467,7 +1467,7 @@ type Finding struct { // must not be set to a value greater than the current timestamp. EventTime string `json:"eventTime,omitempty"` - // Exfiltration: Represents exfiltration associated with the Finding. + // Exfiltration: Represents exfiltrations associated with the finding. Exfiltration *Exfiltration `json:"exfiltration,omitempty"` // ExternalSystems: Output only. Third party SIEM/SOAR fields within @@ -1499,17 +1499,18 @@ type Finding struct { // functionality. FindingClass string `json:"findingClass,omitempty"` - // IamBindings: Represents IAM bindings associated with the Finding. + // IamBindings: Represents IAM bindings associated with the finding. IamBindings []*IamBinding `json:"iamBindings,omitempty"` - // Indicator: Represents what's commonly known as an Indicator of - // compromise (IoC) in computer forensics. This is an artifact observed + // Indicator: Represents what's commonly known as an *indicator of + // compromise* (IoC) in computer forensics. This is an artifact observed // on a network or in an operating system that, with high confidence, - // indicates a computer intrusion. Reference: - // https://en.wikipedia.org/wiki/Indicator_of_compromise + // indicates a computer intrusion. For more information, see Indicator + // of compromise + // (https://en.wikipedia.org/wiki/Indicator_of_compromise). Indicator *Indicator `json:"indicator,omitempty"` - // KernelRootkit: Kernel Rootkit signature. + // KernelRootkit: Signature of the kernel rootkit. KernelRootkit *KernelRootkit `json:"kernelRootkit,omitempty"` // Kubernetes: Kubernetes resources associated with the finding. @@ -1536,24 +1537,26 @@ type Finding struct { // "UNDEFINED" - Finding has never been muted/unmuted. Mute string `json:"mute,omitempty"` - // MuteInitiator: First known as mute_annotation. Records additional - // information about the mute operation e.g. mute config that muted the - // finding, user who muted the finding, etc. Unlike other attributes of - // a finding, a finding provider shouldn't set the value of mute. + // MuteInitiator: Records additional information about the mute + // operation, for example, the mute configuration + // (/security-command-center/docs/how-to-mute-findings) that muted the + // finding and the user who muted the finding. MuteInitiator string `json:"muteInitiator,omitempty"` // MuteUpdateTime: Output only. The most recent time this finding was // muted or unmuted. MuteUpdateTime string `json:"muteUpdateTime,omitempty"` - // Name: The relative resource name of this finding. See: - // https://cloud.google.com/apis/design/resource_names#relative_resource_name - // Example: + // Name: The relative resource name + // (https://cloud.google.com/apis/design/resource_names#relative_resource_name) + // of the finding. Example: // "organizations/{organization_id}/sources/{source_id}/findings/{finding - // _id}" + // _id}", + // "folders/{folder_id}/sources/{source_id}/findings/{finding_id}", + // "projects/{project_id}/sources/{source_id}/findings/{finding_id}". Name string `json:"name,omitempty"` - // NextSteps: Next steps associate to the finding. + // NextSteps: Steps to address the finding. NextSteps string `json:"nextSteps,omitempty"` // Parent: The relative resource name of the source the finding belongs @@ -1596,7 +1599,7 @@ type Finding struct { // direct ability to execute arbitrary code, exfiltrate data, and // otherwise gain additional access and privileges to cloud resources // and workloads. Examples include publicly accessible unprotected user - // data, public SSH access with weak or no passwords, etc. Threat: + // data and public SSH access with weak or no passwords. Threat: // Indicates a threat that is able to access, modify, or delete data or // execute unauthorized code within existing resources. // "HIGH" - Vulnerability: A high risk vulnerability can be easily diff --git a/securitycenter/v1beta2/securitycenter-api.json b/securitycenter/v1beta2/securitycenter-api.json index d06c7f4db9b..61372b26d60 100644 --- a/securitycenter/v1beta2/securitycenter-api.json +++ b/securitycenter/v1beta2/securitycenter-api.json @@ -1981,7 +1981,7 @@ } } }, - "revision": "20230410", + "revision": "20230414", "rootUrl": "https://securitycenter.googleapis.com/", "schemas": { "Access": { @@ -2001,22 +2001,22 @@ "type": "string" }, "principalEmail": { - "description": "Associated email, such as \"foo@google.com\". The email address of the authenticated user (or service account on behalf of third party principal) making the request. For third party identity callers, the `principal_subject` field is populated instead of this field. For privacy reasons, the principal email address is sometimes redacted. For more information, see [Caller identities in audit logs](https://cloud.google.com/logging/docs/audit#user-id).", + "description": "Associated email, such as \"foo@google.com\". The email address of the authenticated user or a service account acting on behalf of a third party principal making the request. For third party identity callers, the `principal_subject` field is populated instead of this field. For privacy reasons, the principal email address is sometimes redacted. For more information, see [Caller identities in audit logs](https://cloud.google.com/logging/docs/audit#user-id).", "type": "string" }, "principalSubject": { - "description": "A string representing the principal_subject associated with the identity. As compared to `principal_email`, supports principals that aren't associated with email addresses, such as third party principals. For most identities, the format will be `principal://iam.googleapis.com/{identity pool name}/subjects/{subject}` except for some GKE identities (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the legacy format `serviceAccount:{identity pool name}[{subject}]`", + "description": "A string that represents the principal_subject that is associated with the identity. Unlike `principal_email`, `principal_subject` supports principals that aren't associated with email addresses, such as third party principals. For most identities, the format is `principal://iam.googleapis.com/{identity pool name}/subject/{subject}`. Some GKE identities, such as GKE_WORKLOAD, FREEFORM, and GKE_HUB_WORKLOAD, still use the legacy format `serviceAccount:{identity pool name}[{subject}]`.", "type": "string" }, "serviceAccountDelegationInfo": { - "description": "Identity delegation history of an authenticated service account that makes the request. It contains information on the real authorities that try to access GCP resources by delegating on a service account. When multiple authorities are present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.", + "description": "The identity delegation history of an authenticated service account that made the request. The `serviceAccountDelegationInfo[]` object contains information about the real authorities that try to access Google Cloud resources by delegating on a service account. When multiple authorities are present, they are guaranteed to be sorted based on the original ordering of the identity delegation events.", "items": { "$ref": "ServiceAccountDelegationInfo" }, "type": "array" }, "serviceAccountKeyName": { - "description": "The name of the service account key used to create or exchange credentials for authenticating the service account making the request. This is a scheme-less URI full resource name. For example: \"//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}\" ", + "description": "The name of the service account key that was used to create or exchange credentials when authenticating the service account that made the request. This is a scheme-less URI full resource name. For example: \"//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}\". ", "type": "string" }, "serviceName": { @@ -2024,11 +2024,11 @@ "type": "string" }, "userAgentFamily": { - "description": "What kind of user agent is associated, for example operating system shells, embedded or stand-alone applications, etc.", + "description": "Type of user agent associated with the finding. For example, an operating system shell or an embedded or standalone application.", "type": "string" }, "userName": { - "description": "A string that represents the username of a user, user account, or other entity involved in the access event. What the entity is and what its role in the access event is depends on the finding that this field appears in. The entity is likely not an IAM principal, but could be a user that is logged into an operating system, if the finding is VM-related, or a user that is logged into some type of application that is involved in the access event.", + "description": "A string that represents a username. The username provided depends on the type of the finding and is likely not an IAM principal. For example, this can be a system username if the finding is related to a virtual machine, or it can be an application login username.", "type": "string" } }, @@ -2699,7 +2699,7 @@ "properties": { "access": { "$ref": "Access", - "description": "Access details associated to the Finding, such as more information on the caller, which method was accessed, from where, etc." + "description": "Access details associated with the finding, such as more information on the caller, which method was accessed, and from where." }, "canonicalName": { "description": "The canonical name of the finding. It's either \"organizations/{organization_id}/sources/{source_id}/findings/{finding_id}\", \"folders/{folder_id}/sources/{source_id}/findings/{finding_id}\" or \"projects/{project_number}/sources/{source_id}/findings/{finding_id}\", depending on the closest CRM ancestor of the resource associated with the finding.", @@ -2711,11 +2711,11 @@ }, "cloudDlpDataProfile": { "$ref": "CloudDlpDataProfile", - "description": "Cloud DLP data profile associated with the finding." + "description": "Cloud DLP data profile that is associated with the finding." }, "cloudDlpInspection": { "$ref": "CloudDlpInspection", - "description": "Cloud DLP inspection associated with the finding." + "description": "Cloud Data Loss Prevention (Cloud DLP) inspection results that are associated with the finding." }, "compliances": { "description": "Contains compliance information for security standards associated to the finding.", @@ -2740,7 +2740,7 @@ "type": "object" }, "containers": { - "description": "Containers associated with the finding. containers provides information for both Kubernetes and non-Kubernetes containers.", + "description": "Containers associated with the finding. This field provides information for both Kubernetes and non-Kubernetes containers.", "items": { "$ref": "Container" }, @@ -2756,7 +2756,7 @@ "description": "Database associated with the finding." }, "description": { - "description": "Contains more detail about the finding.", + "description": "Contains more details about the finding.", "type": "string" }, "eventTime": { @@ -2766,7 +2766,7 @@ }, "exfiltration": { "$ref": "Exfiltration", - "description": "Represents exfiltration associated with the Finding." + "description": "Represents exfiltrations associated with the finding." }, "externalSystems": { "additionalProperties": { @@ -2808,7 +2808,7 @@ "type": "string" }, "iamBindings": { - "description": "Represents IAM bindings associated with the Finding.", + "description": "Represents IAM bindings associated with the finding.", "items": { "$ref": "IamBinding" }, @@ -2816,11 +2816,11 @@ }, "indicator": { "$ref": "Indicator", - "description": "Represents what's commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise" + "description": "Represents what's commonly known as an *indicator of compromise* (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. For more information, see [Indicator of compromise](https://en.wikipedia.org/wiki/Indicator_of_compromise)." }, "kernelRootkit": { "$ref": "KernelRootkit", - "description": "Kernel Rootkit signature." + "description": "Signature of the kernel rootkit." }, "kubernetes": { "$ref": "Kubernetes", @@ -2851,7 +2851,7 @@ "type": "string" }, "muteInitiator": { - "description": "First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc. Unlike other attributes of a finding, a finding provider shouldn't set the value of mute.", + "description": "Records additional information about the mute operation, for example, the [mute configuration](/security-command-center/docs/how-to-mute-findings) that muted the finding and the user who muted the finding.", "type": "string" }, "muteUpdateTime": { @@ -2861,11 +2861,11 @@ "type": "string" }, "name": { - "description": "The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: \"organizations/{organization_id}/sources/{source_id}/findings/{finding_id}\"", + "description": "The [relative resource name](https://cloud.google.com/apis/design/resource_names#relative_resource_name) of the finding. Example: \"organizations/{organization_id}/sources/{source_id}/findings/{finding_id}\", \"folders/{folder_id}/sources/{source_id}/findings/{finding_id}\", \"projects/{project_id}/sources/{source_id}/findings/{finding_id}\".", "type": "string" }, "nextSteps": { - "description": "Next steps associate to the finding.", + "description": "Steps to address the finding.", "type": "string" }, "parent": { @@ -2904,7 +2904,7 @@ ], "enumDescriptions": [ "This value is used for findings when a source doesn't write a severity value.", - "Vulnerability: A critical vulnerability is easily discoverable by an external actor, exploitable, and results in the direct ability to execute arbitrary code, exfiltrate data, and otherwise gain additional access and privileges to cloud resources and workloads. Examples include publicly accessible unprotected user data, public SSH access with weak or no passwords, etc. Threat: Indicates a threat that is able to access, modify, or delete data or execute unauthorized code within existing resources.", + "Vulnerability: A critical vulnerability is easily discoverable by an external actor, exploitable, and results in the direct ability to execute arbitrary code, exfiltrate data, and otherwise gain additional access and privileges to cloud resources and workloads. Examples include publicly accessible unprotected user data and public SSH access with weak or no passwords. Threat: Indicates a threat that is able to access, modify, or delete data or execute unauthorized code within existing resources.", "Vulnerability: A high risk vulnerability can be easily discovered and exploited in combination with other vulnerabilities in order to gain direct access and the ability to execute arbitrary code, exfiltrate data, and otherwise gain additional access and privileges to cloud resources and workloads. An example is a database with weak or no passwords that is only accessible internally. This database could easily be compromised by an actor that had access to the internal network. Threat: Indicates a threat that is able to create new computational resources in an environment but not able to access data or execute code in existing resources.", "Vulnerability: A medium risk vulnerability could be used by an actor to gain access to resources or privileges that enable them to eventually (through multiple steps or a complex exploit) gain access and the ability to execute arbitrary code or exfiltrate data. An example is a service account with access to more projects than it should have. If an actor gains access to the service account, they could potentially use that access to manipulate a project the service account was not intended to. Threat: Indicates a threat that is able to cause operational impact but may not access data or execute unauthorized code.", "Vulnerability: A low risk vulnerability hampers a security organization's ability to detect vulnerabilities or active threats in their deployment, or prevents the root cause investigation of security issues. An example is monitoring and logs being disabled for resource configurations and access. Threat: Indicates a threat that has obtained minimal access to an environment but is not able to access data, execute code, or create resources." diff --git a/securitycenter/v1beta2/securitycenter-gen.go b/securitycenter/v1beta2/securitycenter-gen.go index 84fc0ce03d5..70206b293da 100644 --- a/securitycenter/v1beta2/securitycenter-gen.go +++ b/securitycenter/v1beta2/securitycenter-gen.go @@ -437,55 +437,55 @@ type Access struct { MethodName string `json:"methodName,omitempty"` // PrincipalEmail: Associated email, such as "foo@google.com". The email - // address of the authenticated user (or service account on behalf of - // third party principal) making the request. For third party identity - // callers, the `principal_subject` field is populated instead of this - // field. For privacy reasons, the principal email address is sometimes - // redacted. For more information, see Caller identities in audit logs - // (https://cloud.google.com/logging/docs/audit#user-id). + // address of the authenticated user or a service account acting on + // behalf of a third party principal making the request. For third party + // identity callers, the `principal_subject` field is populated instead + // of this field. For privacy reasons, the principal email address is + // sometimes redacted. For more information, see Caller identities in + // audit logs (https://cloud.google.com/logging/docs/audit#user-id). PrincipalEmail string `json:"principalEmail,omitempty"` - // PrincipalSubject: A string representing the principal_subject - // associated with the identity. As compared to `principal_email`, - // supports principals that aren't associated with email addresses, such - // as third party principals. For most identities, the format will be - // `principal://iam.googleapis.com/{identity pool - // name}/subjects/{subject}` except for some GKE identities - // (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the - // legacy format `serviceAccount:{identity pool name}[{subject}]` + // PrincipalSubject: A string that represents the principal_subject that + // is associated with the identity. Unlike `principal_email`, + // `principal_subject` supports principals that aren't associated with + // email addresses, such as third party principals. For most identities, + // the format is `principal://iam.googleapis.com/{identity pool + // name}/subject/{subject}`. Some GKE identities, such as GKE_WORKLOAD, + // FREEFORM, and GKE_HUB_WORKLOAD, still use the legacy format + // `serviceAccount:{identity pool name}[{subject}]`. PrincipalSubject string `json:"principalSubject,omitempty"` - // ServiceAccountDelegationInfo: Identity delegation history of an - // authenticated service account that makes the request. It contains - // information on the real authorities that try to access GCP resources - // by delegating on a service account. When multiple authorities are + // ServiceAccountDelegationInfo: The identity delegation history of an + // authenticated service account that made the request. The + // `serviceAccountDelegationInfo[]` object contains information about + // the real authorities that try to access Google Cloud resources by + // delegating on a service account. When multiple authorities are // present, they are guaranteed to be sorted based on the original // ordering of the identity delegation events. ServiceAccountDelegationInfo []*ServiceAccountDelegationInfo `json:"serviceAccountDelegationInfo,omitempty"` - // ServiceAccountKeyName: The name of the service account key used to - // create or exchange credentials for authenticating the service account - // making the request. This is a scheme-less URI full resource name. For - // example: + // ServiceAccountKeyName: The name of the service account key that was + // used to create or exchange credentials when authenticating the + // service account that made the request. This is a scheme-less URI full + // resource name. For example: // "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/ - // keys/{key}" + // keys/{key}". ServiceAccountKeyName string `json:"serviceAccountKeyName,omitempty"` // ServiceName: This is the API service that the service account made a // call to, e.g. "iam.googleapis.com" ServiceName string `json:"serviceName,omitempty"` - // UserAgentFamily: What kind of user agent is associated, for example - // operating system shells, embedded or stand-alone applications, etc. + // UserAgentFamily: Type of user agent associated with the finding. For + // example, an operating system shell or an embedded or standalone + // application. UserAgentFamily string `json:"userAgentFamily,omitempty"` - // UserName: A string that represents the username of a user, user - // account, or other entity involved in the access event. What the - // entity is and what its role in the access event is depends on the - // finding that this field appears in. The entity is likely not an IAM - // principal, but could be a user that is logged into an operating - // system, if the finding is VM-related, or a user that is logged into - // some type of application that is involved in the access event. + // UserName: A string that represents a username. The username provided + // depends on the type of the finding and is likely not an IAM + // principal. For example, this can be a system username if the finding + // is related to a virtual machine, or it can be an application login + // username. UserName string `json:"userName,omitempty"` // ForceSendFields is a list of field names (e.g. "CallerIp") to @@ -1544,9 +1544,8 @@ func (s *File) MarshalJSON() ([]byte, error) { // scripting (XSS) vulnerability in an App Engine application is a // finding. type Finding struct { - // Access: Access details associated to the Finding, such as more - // information on the caller, which method was accessed, from where, - // etc. + // Access: Access details associated with the finding, such as more + // information on the caller, which method was accessed, and from where. Access *Access `json:"access,omitempty"` // CanonicalName: The canonical name of the finding. It's either @@ -1563,11 +1562,12 @@ type Finding struct { // "XSS_FLASH_INJECTION" Category string `json:"category,omitempty"` - // CloudDlpDataProfile: Cloud DLP data profile associated with the - // finding. + // CloudDlpDataProfile: Cloud DLP data profile that is associated with + // the finding. CloudDlpDataProfile *CloudDlpDataProfile `json:"cloudDlpDataProfile,omitempty"` - // CloudDlpInspection: Cloud DLP inspection associated with the finding. + // CloudDlpInspection: Cloud Data Loss Prevention (Cloud DLP) inspection + // results that are associated with the finding. CloudDlpInspection *CloudDlpInspection `json:"cloudDlpInspection,omitempty"` // Compliances: Contains compliance information for security standards @@ -1587,7 +1587,7 @@ type Finding struct { // "email": "person2@company.com" } ] } } Contacts map[string]ContactDetails `json:"contacts,omitempty"` - // Containers: Containers associated with the finding. containers + // Containers: Containers associated with the finding. This field // provides information for both Kubernetes and non-Kubernetes // containers. Containers []*Container `json:"containers,omitempty"` @@ -1599,7 +1599,7 @@ type Finding struct { // Database: Database associated with the finding. Database *Database `json:"database,omitempty"` - // Description: Contains more detail about the finding. + // Description: Contains more details about the finding. Description string `json:"description,omitempty"` // EventTime: The time the finding was first detected. If an existing @@ -1611,7 +1611,7 @@ type Finding struct { // must not be set to a value greater than the current timestamp. EventTime string `json:"eventTime,omitempty"` - // Exfiltration: Represents exfiltration associated with the Finding. + // Exfiltration: Represents exfiltrations associated with the finding. Exfiltration *Exfiltration `json:"exfiltration,omitempty"` // ExternalSystems: Output only. Third party SIEM/SOAR fields within @@ -1643,17 +1643,18 @@ type Finding struct { // functionality. FindingClass string `json:"findingClass,omitempty"` - // IamBindings: Represents IAM bindings associated with the Finding. + // IamBindings: Represents IAM bindings associated with the finding. IamBindings []*IamBinding `json:"iamBindings,omitempty"` - // Indicator: Represents what's commonly known as an Indicator of - // compromise (IoC) in computer forensics. This is an artifact observed + // Indicator: Represents what's commonly known as an *indicator of + // compromise* (IoC) in computer forensics. This is an artifact observed // on a network or in an operating system that, with high confidence, - // indicates a computer intrusion. Reference: - // https://en.wikipedia.org/wiki/Indicator_of_compromise + // indicates a computer intrusion. For more information, see Indicator + // of compromise + // (https://en.wikipedia.org/wiki/Indicator_of_compromise). Indicator *Indicator `json:"indicator,omitempty"` - // KernelRootkit: Kernel Rootkit signature. + // KernelRootkit: Signature of the kernel rootkit. KernelRootkit *KernelRootkit `json:"kernelRootkit,omitempty"` // Kubernetes: Kubernetes resources associated with the finding. @@ -1680,24 +1681,26 @@ type Finding struct { // "UNDEFINED" - Finding has never been muted/unmuted. Mute string `json:"mute,omitempty"` - // MuteInitiator: First known as mute_annotation. Records additional - // information about the mute operation e.g. mute config that muted the - // finding, user who muted the finding, etc. Unlike other attributes of - // a finding, a finding provider shouldn't set the value of mute. + // MuteInitiator: Records additional information about the mute + // operation, for example, the mute configuration + // (/security-command-center/docs/how-to-mute-findings) that muted the + // finding and the user who muted the finding. MuteInitiator string `json:"muteInitiator,omitempty"` // MuteUpdateTime: Output only. The most recent time this finding was // muted or unmuted. MuteUpdateTime string `json:"muteUpdateTime,omitempty"` - // Name: The relative resource name of this finding. See: - // https://cloud.google.com/apis/design/resource_names#relative_resource_name - // Example: + // Name: The relative resource name + // (https://cloud.google.com/apis/design/resource_names#relative_resource_name) + // of the finding. Example: // "organizations/{organization_id}/sources/{source_id}/findings/{finding - // _id}" + // _id}", + // "folders/{folder_id}/sources/{source_id}/findings/{finding_id}", + // "projects/{project_id}/sources/{source_id}/findings/{finding_id}". Name string `json:"name,omitempty"` - // NextSteps: Next steps associate to the finding. + // NextSteps: Steps to address the finding. NextSteps string `json:"nextSteps,omitempty"` // Parent: The relative resource name of the source the finding belongs @@ -1740,7 +1743,7 @@ type Finding struct { // direct ability to execute arbitrary code, exfiltrate data, and // otherwise gain additional access and privileges to cloud resources // and workloads. Examples include publicly accessible unprotected user - // data, public SSH access with weak or no passwords, etc. Threat: + // data and public SSH access with weak or no passwords. Threat: // Indicates a threat that is able to access, modify, or delete data or // execute unauthorized code within existing resources. // "HIGH" - Vulnerability: A high risk vulnerability can be easily diff --git a/tpu/v2alpha1/tpu-api.json b/tpu/v2alpha1/tpu-api.json index 1bd82c3e809..1ecf9c95719 100644 --- a/tpu/v2alpha1/tpu-api.json +++ b/tpu/v2alpha1/tpu-api.json @@ -809,34 +809,6 @@ "scopes": [ "https://www.googleapis.com/auth/cloud-platform" ] - }, - "reset": { - "description": "Resets a QueuedResource TPU instance", - "flatPath": "v2alpha1/projects/{projectsId}/locations/{locationsId}/queuedResources/{queuedResourcesId}:reset", - "httpMethod": "POST", - "id": "tpu.projects.locations.queuedResources.reset", - "parameterOrder": [ - "name" - ], - "parameters": { - "name": { - "description": "Required. The name of the queued resource.", - "location": "path", - "pattern": "^projects/[^/]+/locations/[^/]+/queuedResources/[^/]+$", - "required": true, - "type": "string" - } - }, - "path": "v2alpha1/{+name}:reset", - "request": { - "$ref": "ResetQueuedResourceRequest" - }, - "response": { - "$ref": "Operation" - }, - "scopes": [ - "https://www.googleapis.com/auth/cloud-platform" - ] } } }, @@ -920,7 +892,7 @@ } } }, - "revision": "20230330", + "revision": "20230410", "rootUrl": "https://tpu.googleapis.com/", "schemas": { "AcceleratorConfig": { @@ -1817,12 +1789,6 @@ }, "type": "object" }, - "ResetQueuedResourceRequest": { - "description": "Request for ResetQueuedResource.", - "id": "ResetQueuedResourceRequest", - "properties": {}, - "type": "object" - }, "RuntimeVersion": { "description": "A runtime version that a Node can be configured with.", "id": "RuntimeVersion", diff --git a/tpu/v2alpha1/tpu-gen.go b/tpu/v2alpha1/tpu-gen.go index 64d71229414..af00a67ee35 100644 --- a/tpu/v2alpha1/tpu-gen.go +++ b/tpu/v2alpha1/tpu-gen.go @@ -1535,10 +1535,6 @@ func (s *QueueingPolicy) MarshalJSON() ([]byte, error) { return gensupport.MarshalJSON(raw, s.ForceSendFields, s.NullFields) } -// ResetQueuedResourceRequest: Request for ResetQueuedResource. -type ResetQueuedResourceRequest struct { -} - // RuntimeVersion: A runtime version that a Node can be configured with. type RuntimeVersion struct { // Name: The resource name. @@ -5376,148 +5372,6 @@ func (c *ProjectsLocationsQueuedResourcesListCall) Pages(ctx context.Context, f } } -// method id "tpu.projects.locations.queuedResources.reset": - -type ProjectsLocationsQueuedResourcesResetCall struct { - s *Service - name string - resetqueuedresourcerequest *ResetQueuedResourceRequest - urlParams_ gensupport.URLParams - ctx_ context.Context - header_ http.Header -} - -// Reset: Resets a QueuedResource TPU instance -// -// - name: The name of the queued resource. -func (r *ProjectsLocationsQueuedResourcesService) Reset(name string, resetqueuedresourcerequest *ResetQueuedResourceRequest) *ProjectsLocationsQueuedResourcesResetCall { - c := &ProjectsLocationsQueuedResourcesResetCall{s: r.s, urlParams_: make(gensupport.URLParams)} - c.name = name - c.resetqueuedresourcerequest = resetqueuedresourcerequest - return c -} - -// Fields allows partial responses to be retrieved. See -// https://developers.google.com/gdata/docs/2.0/basics#PartialResponse -// for more information. -func (c *ProjectsLocationsQueuedResourcesResetCall) Fields(s ...googleapi.Field) *ProjectsLocationsQueuedResourcesResetCall { - c.urlParams_.Set("fields", googleapi.CombineFields(s)) - return c -} - -// Context sets the context to be used in this call's Do method. Any -// pending HTTP request will be aborted if the provided context is -// canceled. -func (c *ProjectsLocationsQueuedResourcesResetCall) Context(ctx context.Context) *ProjectsLocationsQueuedResourcesResetCall { - c.ctx_ = ctx - return c -} - -// Header returns an http.Header that can be modified by the caller to -// add HTTP headers to the request. -func (c *ProjectsLocationsQueuedResourcesResetCall) Header() http.Header { - if c.header_ == nil { - c.header_ = make(http.Header) - } - return c.header_ -} - -func (c *ProjectsLocationsQueuedResourcesResetCall) doRequest(alt string) (*http.Response, error) { - reqHeaders := make(http.Header) - reqHeaders.Set("x-goog-api-client", "gl-go/"+gensupport.GoVersion()+" gdcl/"+internal.Version) - for k, v := range c.header_ { - reqHeaders[k] = v - } - reqHeaders.Set("User-Agent", c.s.userAgent()) - var body io.Reader = nil - body, err := googleapi.WithoutDataWrapper.JSONReader(c.resetqueuedresourcerequest) - if err != nil { - return nil, err - } - reqHeaders.Set("Content-Type", "application/json") - c.urlParams_.Set("alt", alt) - c.urlParams_.Set("prettyPrint", "false") - urls := googleapi.ResolveRelative(c.s.BasePath, "v2alpha1/{+name}:reset") - urls += "?" + c.urlParams_.Encode() - req, err := http.NewRequest("POST", urls, body) - if err != nil { - return nil, err - } - req.Header = reqHeaders - googleapi.Expand(req.URL, map[string]string{ - "name": c.name, - }) - return gensupport.SendRequest(c.ctx_, c.s.client, req) -} - -// Do executes the "tpu.projects.locations.queuedResources.reset" call. -// Exactly one of *Operation or error will be non-nil. Any non-2xx -// status code is an error. Response headers are in either -// *Operation.ServerResponse.Header or (if a response was returned at -// all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified -// to check whether the returned error was because -// http.StatusNotModified was returned. -func (c *ProjectsLocationsQueuedResourcesResetCall) Do(opts ...googleapi.CallOption) (*Operation, error) { - gensupport.SetOptions(c.urlParams_, opts...) - res, err := c.doRequest("json") - if res != nil && res.StatusCode == http.StatusNotModified { - if res.Body != nil { - res.Body.Close() - } - return nil, gensupport.WrapError(&googleapi.Error{ - Code: res.StatusCode, - Header: res.Header, - }) - } - if err != nil { - return nil, err - } - defer googleapi.CloseBody(res) - if err := googleapi.CheckResponse(res); err != nil { - return nil, gensupport.WrapError(err) - } - ret := &Operation{ - ServerResponse: googleapi.ServerResponse{ - Header: res.Header, - HTTPStatusCode: res.StatusCode, - }, - } - target := &ret - if err := gensupport.DecodeResponse(target, res); err != nil { - return nil, err - } - return ret, nil - // { - // "description": "Resets a QueuedResource TPU instance", - // "flatPath": "v2alpha1/projects/{projectsId}/locations/{locationsId}/queuedResources/{queuedResourcesId}:reset", - // "httpMethod": "POST", - // "id": "tpu.projects.locations.queuedResources.reset", - // "parameterOrder": [ - // "name" - // ], - // "parameters": { - // "name": { - // "description": "Required. The name of the queued resource.", - // "location": "path", - // "pattern": "^projects/[^/]+/locations/[^/]+/queuedResources/[^/]+$", - // "required": true, - // "type": "string" - // } - // }, - // "path": "v2alpha1/{+name}:reset", - // "request": { - // "$ref": "ResetQueuedResourceRequest" - // }, - // "response": { - // "$ref": "Operation" - // }, - // "scopes": [ - // "https://www.googleapis.com/auth/cloud-platform" - // ] - // } - -} - // method id "tpu.projects.locations.runtimeVersions.get": type ProjectsLocationsRuntimeVersionsGetCall struct {