Filters an organization's assets and groups them by their specified properties.
Args:
- parent: string, Required. Name of the organization to groupBy. Its format is "organizations/[organization_id], folders/[folder_id], or projects/[project_id]". (required)
+ parent: string, Required. Name of the parent to groupBy. Its format is "organizations/[organization_id], folders/[folder_id], or projects/[project_id]". (required)
body: object, The request body.
The object takes the form of:
@@ -158,7 +158,7 @@ Method Details
Lists an organization's assets.
Args:
- parent: string, Required. Name of the organization assets should belong to. Its format is "organizations/[organization_id], folders/[folder_id], or projects/[project_id]". (required)
+ parent: string, Required. Name of the parent assets should belong to. Its format is "organizations/[organization_id], folders/[folder_id], or projects/[project_id]". (required)
compareDuration: string, When compare_duration is set, the ListAssetsResult's "state_change" attribute is updated to indicate whether the asset was added, removed, or remained present during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time. The state_change value is derived based on the presence of the asset at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the asset is removed and re-created again. Possible "state_change" values when compare_duration is specified: * "ADDED": indicates that the asset was not present at the start of compare_duration, but present at read_time. * "REMOVED": indicates that the asset was present at the start of compare_duration, but not present at read_time. * "ACTIVE": indicates that the asset was present at both the start and the end of the time period defined by compare_duration and read_time. If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all assets present at read_time.
fieldMask: string, A field mask to specify the ListAssetsResult fields to be listed in the response. An empty field mask will list all fields.
filter: string, Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators `AND` and `OR`. Parentheses are supported, and `OR` has higher precedence than `AND`. Restrictions have the form ` ` and may have a `-` character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include: * name * security_center_properties.resource_name * resource_properties.a_property * security_marks.marks.marka The supported operators are: * `=` for all value types. * `>`, `<`, `>=`, `<=` for integer values. * `:`, meaning substring matching, for strings. The supported value types are: * string literals in quotes. * integer literals without quotes. * boolean literals `true` and `false` without quotes. The following are the allowed field and operator combinations: * name: `=` * update_time: `=`, `>`, `<`, `>=`, `<=` Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: `update_time = "2019-06-10T16:07:18-07:00"` `update_time = 1560208038000` * create_time: `=`, `>`, `<`, `>=`, `<=` Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: `create_time = "2019-06-10T16:07:18-07:00"` `create_time = 1560208038000` * iam_policy.policy_blob: `=`, `:` * resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=` * security_marks.marks: `=`, `:` * security_center_properties.resource_name: `=`, `:` * security_center_properties.resource_display_name: `=`, `:` * security_center_properties.resource_type: `=`, `:` * security_center_properties.resource_parent: `=`, `:` * security_center_properties.resource_parent_display_name: `=`, `:` * security_center_properties.resource_project: `=`, `:` * security_center_properties.resource_project_display_name: `=`, `:` * security_center_properties.resource_owners: `=`, `:` For example, `resource_properties.size = 100` is a valid filter string. Use a partial match on the empty string to filter based on a property existing: `resource_properties.my_property : ""` Use a negated partial match on the empty string to filter based on a property not existing: `-resource_properties.my_property : ""`
diff --git a/docs/dyn/securitycenter_v1.folders.notificationConfigs.html b/docs/dyn/securitycenter_v1.folders.notificationConfigs.html
index bc3669298cd..836f7eef7e8 100644
--- a/docs/dyn/securitycenter_v1.folders.notificationConfigs.html
+++ b/docs/dyn/securitycenter_v1.folders.notificationConfigs.html
@@ -112,7 +112,7 @@ Method Details
{ # Cloud Security Command Center (Cloud SCC) notification configs. A notification config is a Cloud SCC resource that contains the configuration to send notifications for create/update events of findings, assets and etc.
"description": "A String", # The description of the notification config (max of 1024 characters).
- "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket".
+ "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket", "folders/{folder_id}/notificationConfigs/notify_public_bucket", or "projects/{project_id}/notificationConfigs/notify_public_bucket".
"pubsubTopic": "A String", # The Pub/Sub topic to send notifications to. Its format is "projects/[project_id]/topics/[topic]".
"serviceAccount": "A String", # Output only. The service account that needs "pubsub.topics.publish" permission to publish to the Pub/Sub topic.
"streamingConfig": { # The config for streaming-based notifications, which send each event as soon as it is detected. # The config for triggering streaming-based notifications.
@@ -131,7 +131,7 @@ Method Details
{ # Cloud Security Command Center (Cloud SCC) notification configs. A notification config is a Cloud SCC resource that contains the configuration to send notifications for create/update events of findings, assets and etc.
"description": "A String", # The description of the notification config (max of 1024 characters).
- "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket".
+ "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket", "folders/{folder_id}/notificationConfigs/notify_public_bucket", or "projects/{project_id}/notificationConfigs/notify_public_bucket".
"pubsubTopic": "A String", # The Pub/Sub topic to send notifications to. Its format is "projects/[project_id]/topics/[topic]".
"serviceAccount": "A String", # Output only. The service account that needs "pubsub.topics.publish" permission to publish to the Pub/Sub topic.
"streamingConfig": { # The config for streaming-based notifications, which send each event as soon as it is detected. # The config for triggering streaming-based notifications.
@@ -145,7 +145,7 @@ Method Details
Deletes a notification config.
Args:
- name: string, Required. Name of the notification config to delete. Its format is "organizations/[organization_id]/notificationConfigs/[config_id]". (required)
+ name: string, Required. Name of the notification config to delete. Its format is "organizations/[organization_id]/notificationConfigs/[config_id]", "folders/[folder_id]/notificationConfigs/[config_id]", or "projects/[project_id]/notificationConfigs/[config_id]". (required)
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
@@ -163,7 +163,7 @@ Method Details
Gets a notification config.
Args:
- name: string, Required. Name of the notification config to get. Its format is "organizations/[organization_id]/notificationConfigs/[config_id]". (required)
+ name: string, Required. Name of the notification config to get. Its format is "organizations/[organization_id]/notificationConfigs/[config_id]", "folders/[folder_id]/notificationConfigs/[config_id]", or "projects/[project_id]/notificationConfigs/[config_id]". (required)
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
@@ -174,7 +174,7 @@ Method Details
{ # Cloud Security Command Center (Cloud SCC) notification configs. A notification config is a Cloud SCC resource that contains the configuration to send notifications for create/update events of findings, assets and etc.
"description": "A String", # The description of the notification config (max of 1024 characters).
- "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket".
+ "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket", "folders/{folder_id}/notificationConfigs/notify_public_bucket", or "projects/{project_id}/notificationConfigs/notify_public_bucket".
"pubsubTopic": "A String", # The Pub/Sub topic to send notifications to. Its format is "projects/[project_id]/topics/[topic]".
"serviceAccount": "A String", # Output only. The service account that needs "pubsub.topics.publish" permission to publish to the Pub/Sub topic.
"streamingConfig": { # The config for streaming-based notifications, which send each event as soon as it is detected. # The config for triggering streaming-based notifications.
@@ -188,7 +188,7 @@ Method Details
Lists notification configs.
Args:
- parent: string, Required. Name of the organization to list notification configs. Its format is "organizations/[organization_id]", "folders/[folder_id]", or "projects/[project_id]". (required)
+ parent: string, Required. Name of the parent to list notification configs. Its format is "organizations/[organization_id]", "folders/[folder_id]", or "projects/[project_id]". (required)
pageSize: integer, The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.
pageToken: string, The value returned by the last `ListNotificationConfigsResponse`; indicates that this is a continuation of a prior `ListNotificationConfigs` call, and that the system should return the next page of data.
x__xgafv: string, V1 error format.
@@ -204,7 +204,7 @@ Method Details
"notificationConfigs": [ # Notification configs belonging to the requested parent.
{ # Cloud Security Command Center (Cloud SCC) notification configs. A notification config is a Cloud SCC resource that contains the configuration to send notifications for create/update events of findings, assets and etc.
"description": "A String", # The description of the notification config (max of 1024 characters).
- "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket".
+ "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket", "folders/{folder_id}/notificationConfigs/notify_public_bucket", or "projects/{project_id}/notificationConfigs/notify_public_bucket".
"pubsubTopic": "A String", # The Pub/Sub topic to send notifications to. Its format is "projects/[project_id]/topics/[topic]".
"serviceAccount": "A String", # Output only. The service account that needs "pubsub.topics.publish" permission to publish to the Pub/Sub topic.
"streamingConfig": { # The config for streaming-based notifications, which send each event as soon as it is detected. # The config for triggering streaming-based notifications.
@@ -234,13 +234,13 @@ Method Details
Updates a notification config. The following update fields are allowed: description, pubsub_topic, streaming_config.filter
Args:
- name: string, The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket". (required)
+ name: string, The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket", "folders/{folder_id}/notificationConfigs/notify_public_bucket", or "projects/{project_id}/notificationConfigs/notify_public_bucket". (required)
body: object, The request body.
The object takes the form of:
{ # Cloud Security Command Center (Cloud SCC) notification configs. A notification config is a Cloud SCC resource that contains the configuration to send notifications for create/update events of findings, assets and etc.
"description": "A String", # The description of the notification config (max of 1024 characters).
- "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket".
+ "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket", "folders/{folder_id}/notificationConfigs/notify_public_bucket", or "projects/{project_id}/notificationConfigs/notify_public_bucket".
"pubsubTopic": "A String", # The Pub/Sub topic to send notifications to. Its format is "projects/[project_id]/topics/[topic]".
"serviceAccount": "A String", # Output only. The service account that needs "pubsub.topics.publish" permission to publish to the Pub/Sub topic.
"streamingConfig": { # The config for streaming-based notifications, which send each event as soon as it is detected. # The config for triggering streaming-based notifications.
@@ -259,7 +259,7 @@ Method Details
{ # Cloud Security Command Center (Cloud SCC) notification configs. A notification config is a Cloud SCC resource that contains the configuration to send notifications for create/update events of findings, assets and etc.
"description": "A String", # The description of the notification config (max of 1024 characters).
- "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket".
+ "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket", "folders/{folder_id}/notificationConfigs/notify_public_bucket", or "projects/{project_id}/notificationConfigs/notify_public_bucket".
"pubsubTopic": "A String", # The Pub/Sub topic to send notifications to. Its format is "projects/[project_id]/topics/[topic]".
"serviceAccount": "A String", # Output only. The service account that needs "pubsub.topics.publish" permission to publish to the Pub/Sub topic.
"streamingConfig": { # The config for streaming-based notifications, which send each event as soon as it is detected. # The config for triggering streaming-based notifications.
diff --git a/docs/dyn/securitycenter_v1.folders.sources.findings.html b/docs/dyn/securitycenter_v1.folders.sources.findings.html
index 4bc30917ab5..ae05e05ca34 100644
--- a/docs/dyn/securitycenter_v1.folders.sources.findings.html
+++ b/docs/dyn/securitycenter_v1.folders.sources.findings.html
@@ -340,6 +340,17 @@ Method Details
"A String",
],
},
+ "kernelRootkit": { # Kernel mode rootkit signatures. # Kernel Rootkit signature.
+ "name": "A String", # Rootkit name when available.
+ "unexpectedCodeModification": True or False, # Flag indicating unexpected modifications of kernel code memory.
+ "unexpectedFtraceHandler": True or False, # Flag indicating presence of ftrace points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedInterruptHandler": True or False, # Flag indicating presence of interrupt handlers that are are not in the expected kernel, module code regions.
+ "unexpectedKernelCodePages": True or False, # Flag indicating presence of kernel code pages that are not in the expected kernel, module code regions.
+ "unexpectedKprobeHandler": True or False, # Flag indicating presence of kprobe points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedProcessesInRunqueue": True or False, # Flag indicating unexpected process(es) in the scheduler run-queue, those that are in the run-queue, but not in the process task-list.
+ "unexpectedReadOnlyDataModification": True or False, # Flag indicating unexpected modifications of kernel read-only data memory.
+ "unexpectedSystemCallHandler": True or False, # Flag indicating presence of system call handlers that are are not in the expected kernel, module code regions.
+ },
"kubernetes": { # Kubernetes related attributes. # Kubernetes resources associated with the finding.
"accessReviews": [ # Provides information on any Kubernetes access reviews (i.e. privilege checks) relevant to the finding.
{ # Conveys information about a Kubernetes access review (e.g. kubectl auth can-i ...) that was involved in a finding.
@@ -715,6 +726,17 @@ Method Details
"A String",
],
},
+ "kernelRootkit": { # Kernel mode rootkit signatures. # Kernel Rootkit signature.
+ "name": "A String", # Rootkit name when available.
+ "unexpectedCodeModification": True or False, # Flag indicating unexpected modifications of kernel code memory.
+ "unexpectedFtraceHandler": True or False, # Flag indicating presence of ftrace points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedInterruptHandler": True or False, # Flag indicating presence of interrupt handlers that are are not in the expected kernel, module code regions.
+ "unexpectedKernelCodePages": True or False, # Flag indicating presence of kernel code pages that are not in the expected kernel, module code regions.
+ "unexpectedKprobeHandler": True or False, # Flag indicating presence of kprobe points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedProcessesInRunqueue": True or False, # Flag indicating unexpected process(es) in the scheduler run-queue, those that are in the run-queue, but not in the process task-list.
+ "unexpectedReadOnlyDataModification": True or False, # Flag indicating unexpected modifications of kernel read-only data memory.
+ "unexpectedSystemCallHandler": True or False, # Flag indicating presence of system call handlers that are are not in the expected kernel, module code regions.
+ },
"kubernetes": { # Kubernetes related attributes. # Kubernetes resources associated with the finding.
"accessReviews": [ # Provides information on any Kubernetes access reviews (i.e. privilege checks) relevant to the finding.
{ # Conveys information about a Kubernetes access review (e.g. kubectl auth can-i ...) that was involved in a finding.
@@ -1053,6 +1075,17 @@ Method Details
"A String",
],
},
+ "kernelRootkit": { # Kernel mode rootkit signatures. # Kernel Rootkit signature.
+ "name": "A String", # Rootkit name when available.
+ "unexpectedCodeModification": True or False, # Flag indicating unexpected modifications of kernel code memory.
+ "unexpectedFtraceHandler": True or False, # Flag indicating presence of ftrace points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedInterruptHandler": True or False, # Flag indicating presence of interrupt handlers that are are not in the expected kernel, module code regions.
+ "unexpectedKernelCodePages": True or False, # Flag indicating presence of kernel code pages that are not in the expected kernel, module code regions.
+ "unexpectedKprobeHandler": True or False, # Flag indicating presence of kprobe points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedProcessesInRunqueue": True or False, # Flag indicating unexpected process(es) in the scheduler run-queue, those that are in the run-queue, but not in the process task-list.
+ "unexpectedReadOnlyDataModification": True or False, # Flag indicating unexpected modifications of kernel read-only data memory.
+ "unexpectedSystemCallHandler": True or False, # Flag indicating presence of system call handlers that are are not in the expected kernel, module code regions.
+ },
"kubernetes": { # Kubernetes related attributes. # Kubernetes resources associated with the finding.
"accessReviews": [ # Provides information on any Kubernetes access reviews (i.e. privilege checks) relevant to the finding.
{ # Conveys information about a Kubernetes access review (e.g. kubectl auth can-i ...) that was involved in a finding.
@@ -1404,6 +1437,17 @@ Method Details
"A String",
],
},
+ "kernelRootkit": { # Kernel mode rootkit signatures. # Kernel Rootkit signature.
+ "name": "A String", # Rootkit name when available.
+ "unexpectedCodeModification": True or False, # Flag indicating unexpected modifications of kernel code memory.
+ "unexpectedFtraceHandler": True or False, # Flag indicating presence of ftrace points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedInterruptHandler": True or False, # Flag indicating presence of interrupt handlers that are are not in the expected kernel, module code regions.
+ "unexpectedKernelCodePages": True or False, # Flag indicating presence of kernel code pages that are not in the expected kernel, module code regions.
+ "unexpectedKprobeHandler": True or False, # Flag indicating presence of kprobe points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedProcessesInRunqueue": True or False, # Flag indicating unexpected process(es) in the scheduler run-queue, those that are in the run-queue, but not in the process task-list.
+ "unexpectedReadOnlyDataModification": True or False, # Flag indicating unexpected modifications of kernel read-only data memory.
+ "unexpectedSystemCallHandler": True or False, # Flag indicating presence of system call handlers that are are not in the expected kernel, module code regions.
+ },
"kubernetes": { # Kubernetes related attributes. # Kubernetes resources associated with the finding.
"accessReviews": [ # Provides information on any Kubernetes access reviews (i.e. privilege checks) relevant to the finding.
{ # Conveys information about a Kubernetes access review (e.g. kubectl auth can-i ...) that was involved in a finding.
@@ -1756,6 +1800,17 @@ Method Details
"A String",
],
},
+ "kernelRootkit": { # Kernel mode rootkit signatures. # Kernel Rootkit signature.
+ "name": "A String", # Rootkit name when available.
+ "unexpectedCodeModification": True or False, # Flag indicating unexpected modifications of kernel code memory.
+ "unexpectedFtraceHandler": True or False, # Flag indicating presence of ftrace points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedInterruptHandler": True or False, # Flag indicating presence of interrupt handlers that are are not in the expected kernel, module code regions.
+ "unexpectedKernelCodePages": True or False, # Flag indicating presence of kernel code pages that are not in the expected kernel, module code regions.
+ "unexpectedKprobeHandler": True or False, # Flag indicating presence of kprobe points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedProcessesInRunqueue": True or False, # Flag indicating unexpected process(es) in the scheduler run-queue, those that are in the run-queue, but not in the process task-list.
+ "unexpectedReadOnlyDataModification": True or False, # Flag indicating unexpected modifications of kernel read-only data memory.
+ "unexpectedSystemCallHandler": True or False, # Flag indicating presence of system call handlers that are are not in the expected kernel, module code regions.
+ },
"kubernetes": { # Kubernetes related attributes. # Kubernetes resources associated with the finding.
"accessReviews": [ # Provides information on any Kubernetes access reviews (i.e. privilege checks) relevant to the finding.
{ # Conveys information about a Kubernetes access review (e.g. kubectl auth can-i ...) that was involved in a finding.
diff --git a/docs/dyn/securitycenter_v1.organizations.assets.html b/docs/dyn/securitycenter_v1.organizations.assets.html
index ca1e21d537f..3471e74ee83 100644
--- a/docs/dyn/securitycenter_v1.organizations.assets.html
+++ b/docs/dyn/securitycenter_v1.organizations.assets.html
@@ -106,7 +106,7 @@ Method Details
Filters an organization's assets and groups them by their specified properties.
Args:
- parent: string, Required. Name of the organization to groupBy. Its format is "organizations/[organization_id], folders/[folder_id], or projects/[project_id]". (required)
+ parent: string, Required. Name of the parent to groupBy. Its format is "organizations/[organization_id], folders/[folder_id], or projects/[project_id]". (required)
body: object, The request body.
The object takes the form of:
@@ -161,7 +161,7 @@ Method Details
Lists an organization's assets.
Args:
- parent: string, Required. Name of the organization assets should belong to. Its format is "organizations/[organization_id], folders/[folder_id], or projects/[project_id]". (required)
+ parent: string, Required. Name of the parent assets should belong to. Its format is "organizations/[organization_id], folders/[folder_id], or projects/[project_id]". (required)
compareDuration: string, When compare_duration is set, the ListAssetsResult's "state_change" attribute is updated to indicate whether the asset was added, removed, or remained present during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time. The state_change value is derived based on the presence of the asset at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the asset is removed and re-created again. Possible "state_change" values when compare_duration is specified: * "ADDED": indicates that the asset was not present at the start of compare_duration, but present at read_time. * "REMOVED": indicates that the asset was present at the start of compare_duration, but not present at read_time. * "ACTIVE": indicates that the asset was present at both the start and the end of the time period defined by compare_duration and read_time. If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all assets present at read_time.
fieldMask: string, A field mask to specify the ListAssetsResult fields to be listed in the response. An empty field mask will list all fields.
filter: string, Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators `AND` and `OR`. Parentheses are supported, and `OR` has higher precedence than `AND`. Restrictions have the form ` ` and may have a `-` character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include: * name * security_center_properties.resource_name * resource_properties.a_property * security_marks.marks.marka The supported operators are: * `=` for all value types. * `>`, `<`, `>=`, `<=` for integer values. * `:`, meaning substring matching, for strings. The supported value types are: * string literals in quotes. * integer literals without quotes. * boolean literals `true` and `false` without quotes. The following are the allowed field and operator combinations: * name: `=` * update_time: `=`, `>`, `<`, `>=`, `<=` Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: `update_time = "2019-06-10T16:07:18-07:00"` `update_time = 1560208038000` * create_time: `=`, `>`, `<`, `>=`, `<=` Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: `create_time = "2019-06-10T16:07:18-07:00"` `create_time = 1560208038000` * iam_policy.policy_blob: `=`, `:` * resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=` * security_marks.marks: `=`, `:` * security_center_properties.resource_name: `=`, `:` * security_center_properties.resource_display_name: `=`, `:` * security_center_properties.resource_type: `=`, `:` * security_center_properties.resource_parent: `=`, `:` * security_center_properties.resource_parent_display_name: `=`, `:` * security_center_properties.resource_project: `=`, `:` * security_center_properties.resource_project_display_name: `=`, `:` * security_center_properties.resource_owners: `=`, `:` For example, `resource_properties.size = 100` is a valid filter string. Use a partial match on the empty string to filter based on a property existing: `resource_properties.my_property : ""` Use a negated partial match on the empty string to filter based on a property not existing: `-resource_properties.my_property : ""`
diff --git a/docs/dyn/securitycenter_v1.organizations.notificationConfigs.html b/docs/dyn/securitycenter_v1.organizations.notificationConfigs.html
index 12846f3f349..aec08a77d0a 100644
--- a/docs/dyn/securitycenter_v1.organizations.notificationConfigs.html
+++ b/docs/dyn/securitycenter_v1.organizations.notificationConfigs.html
@@ -112,7 +112,7 @@ Method Details
{ # Cloud Security Command Center (Cloud SCC) notification configs. A notification config is a Cloud SCC resource that contains the configuration to send notifications for create/update events of findings, assets and etc.
"description": "A String", # The description of the notification config (max of 1024 characters).
- "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket".
+ "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket", "folders/{folder_id}/notificationConfigs/notify_public_bucket", or "projects/{project_id}/notificationConfigs/notify_public_bucket".
"pubsubTopic": "A String", # The Pub/Sub topic to send notifications to. Its format is "projects/[project_id]/topics/[topic]".
"serviceAccount": "A String", # Output only. The service account that needs "pubsub.topics.publish" permission to publish to the Pub/Sub topic.
"streamingConfig": { # The config for streaming-based notifications, which send each event as soon as it is detected. # The config for triggering streaming-based notifications.
@@ -131,7 +131,7 @@ Method Details
{ # Cloud Security Command Center (Cloud SCC) notification configs. A notification config is a Cloud SCC resource that contains the configuration to send notifications for create/update events of findings, assets and etc.
"description": "A String", # The description of the notification config (max of 1024 characters).
- "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket".
+ "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket", "folders/{folder_id}/notificationConfigs/notify_public_bucket", or "projects/{project_id}/notificationConfigs/notify_public_bucket".
"pubsubTopic": "A String", # The Pub/Sub topic to send notifications to. Its format is "projects/[project_id]/topics/[topic]".
"serviceAccount": "A String", # Output only. The service account that needs "pubsub.topics.publish" permission to publish to the Pub/Sub topic.
"streamingConfig": { # The config for streaming-based notifications, which send each event as soon as it is detected. # The config for triggering streaming-based notifications.
@@ -145,7 +145,7 @@ Method Details
Deletes a notification config.
Args:
- name: string, Required. Name of the notification config to delete. Its format is "organizations/[organization_id]/notificationConfigs/[config_id]". (required)
+ name: string, Required. Name of the notification config to delete. Its format is "organizations/[organization_id]/notificationConfigs/[config_id]", "folders/[folder_id]/notificationConfigs/[config_id]", or "projects/[project_id]/notificationConfigs/[config_id]". (required)
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
@@ -163,7 +163,7 @@ Method Details
Gets a notification config.
Args:
- name: string, Required. Name of the notification config to get. Its format is "organizations/[organization_id]/notificationConfigs/[config_id]". (required)
+ name: string, Required. Name of the notification config to get. Its format is "organizations/[organization_id]/notificationConfigs/[config_id]", "folders/[folder_id]/notificationConfigs/[config_id]", or "projects/[project_id]/notificationConfigs/[config_id]". (required)
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
@@ -174,7 +174,7 @@ Method Details
{ # Cloud Security Command Center (Cloud SCC) notification configs. A notification config is a Cloud SCC resource that contains the configuration to send notifications for create/update events of findings, assets and etc.
"description": "A String", # The description of the notification config (max of 1024 characters).
- "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket".
+ "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket", "folders/{folder_id}/notificationConfigs/notify_public_bucket", or "projects/{project_id}/notificationConfigs/notify_public_bucket".
"pubsubTopic": "A String", # The Pub/Sub topic to send notifications to. Its format is "projects/[project_id]/topics/[topic]".
"serviceAccount": "A String", # Output only. The service account that needs "pubsub.topics.publish" permission to publish to the Pub/Sub topic.
"streamingConfig": { # The config for streaming-based notifications, which send each event as soon as it is detected. # The config for triggering streaming-based notifications.
@@ -188,7 +188,7 @@ Method Details
Lists notification configs.
Args:
- parent: string, Required. Name of the organization to list notification configs. Its format is "organizations/[organization_id]", "folders/[folder_id]", or "projects/[project_id]". (required)
+ parent: string, Required. Name of the parent to list notification configs. Its format is "organizations/[organization_id]", "folders/[folder_id]", or "projects/[project_id]". (required)
pageSize: integer, The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.
pageToken: string, The value returned by the last `ListNotificationConfigsResponse`; indicates that this is a continuation of a prior `ListNotificationConfigs` call, and that the system should return the next page of data.
x__xgafv: string, V1 error format.
@@ -204,7 +204,7 @@ Method Details
"notificationConfigs": [ # Notification configs belonging to the requested parent.
{ # Cloud Security Command Center (Cloud SCC) notification configs. A notification config is a Cloud SCC resource that contains the configuration to send notifications for create/update events of findings, assets and etc.
"description": "A String", # The description of the notification config (max of 1024 characters).
- "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket".
+ "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket", "folders/{folder_id}/notificationConfigs/notify_public_bucket", or "projects/{project_id}/notificationConfigs/notify_public_bucket".
"pubsubTopic": "A String", # The Pub/Sub topic to send notifications to. Its format is "projects/[project_id]/topics/[topic]".
"serviceAccount": "A String", # Output only. The service account that needs "pubsub.topics.publish" permission to publish to the Pub/Sub topic.
"streamingConfig": { # The config for streaming-based notifications, which send each event as soon as it is detected. # The config for triggering streaming-based notifications.
@@ -234,13 +234,13 @@ Method Details
Updates a notification config. The following update fields are allowed: description, pubsub_topic, streaming_config.filter
Args:
- name: string, The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket". (required)
+ name: string, The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket", "folders/{folder_id}/notificationConfigs/notify_public_bucket", or "projects/{project_id}/notificationConfigs/notify_public_bucket". (required)
body: object, The request body.
The object takes the form of:
{ # Cloud Security Command Center (Cloud SCC) notification configs. A notification config is a Cloud SCC resource that contains the configuration to send notifications for create/update events of findings, assets and etc.
"description": "A String", # The description of the notification config (max of 1024 characters).
- "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket".
+ "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket", "folders/{folder_id}/notificationConfigs/notify_public_bucket", or "projects/{project_id}/notificationConfigs/notify_public_bucket".
"pubsubTopic": "A String", # The Pub/Sub topic to send notifications to. Its format is "projects/[project_id]/topics/[topic]".
"serviceAccount": "A String", # Output only. The service account that needs "pubsub.topics.publish" permission to publish to the Pub/Sub topic.
"streamingConfig": { # The config for streaming-based notifications, which send each event as soon as it is detected. # The config for triggering streaming-based notifications.
@@ -259,7 +259,7 @@ Method Details
{ # Cloud Security Command Center (Cloud SCC) notification configs. A notification config is a Cloud SCC resource that contains the configuration to send notifications for create/update events of findings, assets and etc.
"description": "A String", # The description of the notification config (max of 1024 characters).
- "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket".
+ "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket", "folders/{folder_id}/notificationConfigs/notify_public_bucket", or "projects/{project_id}/notificationConfigs/notify_public_bucket".
"pubsubTopic": "A String", # The Pub/Sub topic to send notifications to. Its format is "projects/[project_id]/topics/[topic]".
"serviceAccount": "A String", # Output only. The service account that needs "pubsub.topics.publish" permission to publish to the Pub/Sub topic.
"streamingConfig": { # The config for streaming-based notifications, which send each event as soon as it is detected. # The config for triggering streaming-based notifications.
diff --git a/docs/dyn/securitycenter_v1.organizations.sources.findings.html b/docs/dyn/securitycenter_v1.organizations.sources.findings.html
index 2c8daeaa1c3..8d78b1ff679 100644
--- a/docs/dyn/securitycenter_v1.organizations.sources.findings.html
+++ b/docs/dyn/securitycenter_v1.organizations.sources.findings.html
@@ -273,6 +273,17 @@ Method Details
"A String",
],
},
+ "kernelRootkit": { # Kernel mode rootkit signatures. # Kernel Rootkit signature.
+ "name": "A String", # Rootkit name when available.
+ "unexpectedCodeModification": True or False, # Flag indicating unexpected modifications of kernel code memory.
+ "unexpectedFtraceHandler": True or False, # Flag indicating presence of ftrace points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedInterruptHandler": True or False, # Flag indicating presence of interrupt handlers that are are not in the expected kernel, module code regions.
+ "unexpectedKernelCodePages": True or False, # Flag indicating presence of kernel code pages that are not in the expected kernel, module code regions.
+ "unexpectedKprobeHandler": True or False, # Flag indicating presence of kprobe points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedProcessesInRunqueue": True or False, # Flag indicating unexpected process(es) in the scheduler run-queue, those that are in the run-queue, but not in the process task-list.
+ "unexpectedReadOnlyDataModification": True or False, # Flag indicating unexpected modifications of kernel read-only data memory.
+ "unexpectedSystemCallHandler": True or False, # Flag indicating presence of system call handlers that are are not in the expected kernel, module code regions.
+ },
"kubernetes": { # Kubernetes related attributes. # Kubernetes resources associated with the finding.
"accessReviews": [ # Provides information on any Kubernetes access reviews (i.e. privilege checks) relevant to the finding.
{ # Conveys information about a Kubernetes access review (e.g. kubectl auth can-i ...) that was involved in a finding.
@@ -611,6 +622,17 @@ Method Details
"A String",
],
},
+ "kernelRootkit": { # Kernel mode rootkit signatures. # Kernel Rootkit signature.
+ "name": "A String", # Rootkit name when available.
+ "unexpectedCodeModification": True or False, # Flag indicating unexpected modifications of kernel code memory.
+ "unexpectedFtraceHandler": True or False, # Flag indicating presence of ftrace points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedInterruptHandler": True or False, # Flag indicating presence of interrupt handlers that are are not in the expected kernel, module code regions.
+ "unexpectedKernelCodePages": True or False, # Flag indicating presence of kernel code pages that are not in the expected kernel, module code regions.
+ "unexpectedKprobeHandler": True or False, # Flag indicating presence of kprobe points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedProcessesInRunqueue": True or False, # Flag indicating unexpected process(es) in the scheduler run-queue, those that are in the run-queue, but not in the process task-list.
+ "unexpectedReadOnlyDataModification": True or False, # Flag indicating unexpected modifications of kernel read-only data memory.
+ "unexpectedSystemCallHandler": True or False, # Flag indicating presence of system call handlers that are are not in the expected kernel, module code regions.
+ },
"kubernetes": { # Kubernetes related attributes. # Kubernetes resources associated with the finding.
"accessReviews": [ # Provides information on any Kubernetes access reviews (i.e. privilege checks) relevant to the finding.
{ # Conveys information about a Kubernetes access review (e.g. kubectl auth can-i ...) that was involved in a finding.
@@ -1020,6 +1042,17 @@ Method Details
"A String",
],
},
+ "kernelRootkit": { # Kernel mode rootkit signatures. # Kernel Rootkit signature.
+ "name": "A String", # Rootkit name when available.
+ "unexpectedCodeModification": True or False, # Flag indicating unexpected modifications of kernel code memory.
+ "unexpectedFtraceHandler": True or False, # Flag indicating presence of ftrace points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedInterruptHandler": True or False, # Flag indicating presence of interrupt handlers that are are not in the expected kernel, module code regions.
+ "unexpectedKernelCodePages": True or False, # Flag indicating presence of kernel code pages that are not in the expected kernel, module code regions.
+ "unexpectedKprobeHandler": True or False, # Flag indicating presence of kprobe points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedProcessesInRunqueue": True or False, # Flag indicating unexpected process(es) in the scheduler run-queue, those that are in the run-queue, but not in the process task-list.
+ "unexpectedReadOnlyDataModification": True or False, # Flag indicating unexpected modifications of kernel read-only data memory.
+ "unexpectedSystemCallHandler": True or False, # Flag indicating presence of system call handlers that are are not in the expected kernel, module code regions.
+ },
"kubernetes": { # Kubernetes related attributes. # Kubernetes resources associated with the finding.
"accessReviews": [ # Provides information on any Kubernetes access reviews (i.e. privilege checks) relevant to the finding.
{ # Conveys information about a Kubernetes access review (e.g. kubectl auth can-i ...) that was involved in a finding.
@@ -1395,6 +1428,17 @@ Method Details
"A String",
],
},
+ "kernelRootkit": { # Kernel mode rootkit signatures. # Kernel Rootkit signature.
+ "name": "A String", # Rootkit name when available.
+ "unexpectedCodeModification": True or False, # Flag indicating unexpected modifications of kernel code memory.
+ "unexpectedFtraceHandler": True or False, # Flag indicating presence of ftrace points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedInterruptHandler": True or False, # Flag indicating presence of interrupt handlers that are are not in the expected kernel, module code regions.
+ "unexpectedKernelCodePages": True or False, # Flag indicating presence of kernel code pages that are not in the expected kernel, module code regions.
+ "unexpectedKprobeHandler": True or False, # Flag indicating presence of kprobe points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedProcessesInRunqueue": True or False, # Flag indicating unexpected process(es) in the scheduler run-queue, those that are in the run-queue, but not in the process task-list.
+ "unexpectedReadOnlyDataModification": True or False, # Flag indicating unexpected modifications of kernel read-only data memory.
+ "unexpectedSystemCallHandler": True or False, # Flag indicating presence of system call handlers that are are not in the expected kernel, module code regions.
+ },
"kubernetes": { # Kubernetes related attributes. # Kubernetes resources associated with the finding.
"accessReviews": [ # Provides information on any Kubernetes access reviews (i.e. privilege checks) relevant to the finding.
{ # Conveys information about a Kubernetes access review (e.g. kubectl auth can-i ...) that was involved in a finding.
@@ -1733,6 +1777,17 @@ Method Details
"A String",
],
},
+ "kernelRootkit": { # Kernel mode rootkit signatures. # Kernel Rootkit signature.
+ "name": "A String", # Rootkit name when available.
+ "unexpectedCodeModification": True or False, # Flag indicating unexpected modifications of kernel code memory.
+ "unexpectedFtraceHandler": True or False, # Flag indicating presence of ftrace points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedInterruptHandler": True or False, # Flag indicating presence of interrupt handlers that are are not in the expected kernel, module code regions.
+ "unexpectedKernelCodePages": True or False, # Flag indicating presence of kernel code pages that are not in the expected kernel, module code regions.
+ "unexpectedKprobeHandler": True or False, # Flag indicating presence of kprobe points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedProcessesInRunqueue": True or False, # Flag indicating unexpected process(es) in the scheduler run-queue, those that are in the run-queue, but not in the process task-list.
+ "unexpectedReadOnlyDataModification": True or False, # Flag indicating unexpected modifications of kernel read-only data memory.
+ "unexpectedSystemCallHandler": True or False, # Flag indicating presence of system call handlers that are are not in the expected kernel, module code regions.
+ },
"kubernetes": { # Kubernetes related attributes. # Kubernetes resources associated with the finding.
"accessReviews": [ # Provides information on any Kubernetes access reviews (i.e. privilege checks) relevant to the finding.
{ # Conveys information about a Kubernetes access review (e.g. kubectl auth can-i ...) that was involved in a finding.
@@ -2084,6 +2139,17 @@ Method Details
"A String",
],
},
+ "kernelRootkit": { # Kernel mode rootkit signatures. # Kernel Rootkit signature.
+ "name": "A String", # Rootkit name when available.
+ "unexpectedCodeModification": True or False, # Flag indicating unexpected modifications of kernel code memory.
+ "unexpectedFtraceHandler": True or False, # Flag indicating presence of ftrace points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedInterruptHandler": True or False, # Flag indicating presence of interrupt handlers that are are not in the expected kernel, module code regions.
+ "unexpectedKernelCodePages": True or False, # Flag indicating presence of kernel code pages that are not in the expected kernel, module code regions.
+ "unexpectedKprobeHandler": True or False, # Flag indicating presence of kprobe points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedProcessesInRunqueue": True or False, # Flag indicating unexpected process(es) in the scheduler run-queue, those that are in the run-queue, but not in the process task-list.
+ "unexpectedReadOnlyDataModification": True or False, # Flag indicating unexpected modifications of kernel read-only data memory.
+ "unexpectedSystemCallHandler": True or False, # Flag indicating presence of system call handlers that are are not in the expected kernel, module code regions.
+ },
"kubernetes": { # Kubernetes related attributes. # Kubernetes resources associated with the finding.
"accessReviews": [ # Provides information on any Kubernetes access reviews (i.e. privilege checks) relevant to the finding.
{ # Conveys information about a Kubernetes access review (e.g. kubectl auth can-i ...) that was involved in a finding.
@@ -2436,6 +2502,17 @@ Method Details
"A String",
],
},
+ "kernelRootkit": { # Kernel mode rootkit signatures. # Kernel Rootkit signature.
+ "name": "A String", # Rootkit name when available.
+ "unexpectedCodeModification": True or False, # Flag indicating unexpected modifications of kernel code memory.
+ "unexpectedFtraceHandler": True or False, # Flag indicating presence of ftrace points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedInterruptHandler": True or False, # Flag indicating presence of interrupt handlers that are are not in the expected kernel, module code regions.
+ "unexpectedKernelCodePages": True or False, # Flag indicating presence of kernel code pages that are not in the expected kernel, module code regions.
+ "unexpectedKprobeHandler": True or False, # Flag indicating presence of kprobe points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedProcessesInRunqueue": True or False, # Flag indicating unexpected process(es) in the scheduler run-queue, those that are in the run-queue, but not in the process task-list.
+ "unexpectedReadOnlyDataModification": True or False, # Flag indicating unexpected modifications of kernel read-only data memory.
+ "unexpectedSystemCallHandler": True or False, # Flag indicating presence of system call handlers that are are not in the expected kernel, module code regions.
+ },
"kubernetes": { # Kubernetes related attributes. # Kubernetes resources associated with the finding.
"accessReviews": [ # Provides information on any Kubernetes access reviews (i.e. privilege checks) relevant to the finding.
{ # Conveys information about a Kubernetes access review (e.g. kubectl auth can-i ...) that was involved in a finding.
diff --git a/docs/dyn/securitycenter_v1.projects.assets.html b/docs/dyn/securitycenter_v1.projects.assets.html
index ee4d091f0c2..37aaa9551e4 100644
--- a/docs/dyn/securitycenter_v1.projects.assets.html
+++ b/docs/dyn/securitycenter_v1.projects.assets.html
@@ -103,7 +103,7 @@ Method Details
Filters an organization's assets and groups them by their specified properties.
Args:
- parent: string, Required. Name of the organization to groupBy. Its format is "organizations/[organization_id], folders/[folder_id], or projects/[project_id]". (required)
+ parent: string, Required. Name of the parent to groupBy. Its format is "organizations/[organization_id], folders/[folder_id], or projects/[project_id]". (required)
body: object, The request body.
The object takes the form of:
@@ -158,7 +158,7 @@ Method Details
Lists an organization's assets.
Args:
- parent: string, Required. Name of the organization assets should belong to. Its format is "organizations/[organization_id], folders/[folder_id], or projects/[project_id]". (required)
+ parent: string, Required. Name of the parent assets should belong to. Its format is "organizations/[organization_id], folders/[folder_id], or projects/[project_id]". (required)
compareDuration: string, When compare_duration is set, the ListAssetsResult's "state_change" attribute is updated to indicate whether the asset was added, removed, or remained present during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time. The state_change value is derived based on the presence of the asset at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the asset is removed and re-created again. Possible "state_change" values when compare_duration is specified: * "ADDED": indicates that the asset was not present at the start of compare_duration, but present at read_time. * "REMOVED": indicates that the asset was present at the start of compare_duration, but not present at read_time. * "ACTIVE": indicates that the asset was present at both the start and the end of the time period defined by compare_duration and read_time. If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all assets present at read_time.
fieldMask: string, A field mask to specify the ListAssetsResult fields to be listed in the response. An empty field mask will list all fields.
filter: string, Expression that defines the filter to apply across assets. The expression is a list of zero or more restrictions combined via logical operators `AND` and `OR`. Parentheses are supported, and `OR` has higher precedence than `AND`. Restrictions have the form ` ` and may have a `-` character in front of them to indicate negation. The fields map to those defined in the Asset resource. Examples include: * name * security_center_properties.resource_name * resource_properties.a_property * security_marks.marks.marka The supported operators are: * `=` for all value types. * `>`, `<`, `>=`, `<=` for integer values. * `:`, meaning substring matching, for strings. The supported value types are: * string literals in quotes. * integer literals without quotes. * boolean literals `true` and `false` without quotes. The following are the allowed field and operator combinations: * name: `=` * update_time: `=`, `>`, `<`, `>=`, `<=` Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: `update_time = "2019-06-10T16:07:18-07:00"` `update_time = 1560208038000` * create_time: `=`, `>`, `<`, `>=`, `<=` Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: `create_time = "2019-06-10T16:07:18-07:00"` `create_time = 1560208038000` * iam_policy.policy_blob: `=`, `:` * resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=` * security_marks.marks: `=`, `:` * security_center_properties.resource_name: `=`, `:` * security_center_properties.resource_display_name: `=`, `:` * security_center_properties.resource_type: `=`, `:` * security_center_properties.resource_parent: `=`, `:` * security_center_properties.resource_parent_display_name: `=`, `:` * security_center_properties.resource_project: `=`, `:` * security_center_properties.resource_project_display_name: `=`, `:` * security_center_properties.resource_owners: `=`, `:` For example, `resource_properties.size = 100` is a valid filter string. Use a partial match on the empty string to filter based on a property existing: `resource_properties.my_property : ""` Use a negated partial match on the empty string to filter based on a property not existing: `-resource_properties.my_property : ""`
diff --git a/docs/dyn/securitycenter_v1.projects.notificationConfigs.html b/docs/dyn/securitycenter_v1.projects.notificationConfigs.html
index 5a771934bbe..7ce737854e7 100644
--- a/docs/dyn/securitycenter_v1.projects.notificationConfigs.html
+++ b/docs/dyn/securitycenter_v1.projects.notificationConfigs.html
@@ -112,7 +112,7 @@ Method Details
{ # Cloud Security Command Center (Cloud SCC) notification configs. A notification config is a Cloud SCC resource that contains the configuration to send notifications for create/update events of findings, assets and etc.
"description": "A String", # The description of the notification config (max of 1024 characters).
- "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket".
+ "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket", "folders/{folder_id}/notificationConfigs/notify_public_bucket", or "projects/{project_id}/notificationConfigs/notify_public_bucket".
"pubsubTopic": "A String", # The Pub/Sub topic to send notifications to. Its format is "projects/[project_id]/topics/[topic]".
"serviceAccount": "A String", # Output only. The service account that needs "pubsub.topics.publish" permission to publish to the Pub/Sub topic.
"streamingConfig": { # The config for streaming-based notifications, which send each event as soon as it is detected. # The config for triggering streaming-based notifications.
@@ -131,7 +131,7 @@ Method Details
{ # Cloud Security Command Center (Cloud SCC) notification configs. A notification config is a Cloud SCC resource that contains the configuration to send notifications for create/update events of findings, assets and etc.
"description": "A String", # The description of the notification config (max of 1024 characters).
- "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket".
+ "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket", "folders/{folder_id}/notificationConfigs/notify_public_bucket", or "projects/{project_id}/notificationConfigs/notify_public_bucket".
"pubsubTopic": "A String", # The Pub/Sub topic to send notifications to. Its format is "projects/[project_id]/topics/[topic]".
"serviceAccount": "A String", # Output only. The service account that needs "pubsub.topics.publish" permission to publish to the Pub/Sub topic.
"streamingConfig": { # The config for streaming-based notifications, which send each event as soon as it is detected. # The config for triggering streaming-based notifications.
@@ -145,7 +145,7 @@ Method Details
Deletes a notification config.
Args:
- name: string, Required. Name of the notification config to delete. Its format is "organizations/[organization_id]/notificationConfigs/[config_id]". (required)
+ name: string, Required. Name of the notification config to delete. Its format is "organizations/[organization_id]/notificationConfigs/[config_id]", "folders/[folder_id]/notificationConfigs/[config_id]", or "projects/[project_id]/notificationConfigs/[config_id]". (required)
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
@@ -163,7 +163,7 @@ Method Details
Gets a notification config.
Args:
- name: string, Required. Name of the notification config to get. Its format is "organizations/[organization_id]/notificationConfigs/[config_id]". (required)
+ name: string, Required. Name of the notification config to get. Its format is "organizations/[organization_id]/notificationConfigs/[config_id]", "folders/[folder_id]/notificationConfigs/[config_id]", or "projects/[project_id]/notificationConfigs/[config_id]". (required)
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
@@ -174,7 +174,7 @@ Method Details
{ # Cloud Security Command Center (Cloud SCC) notification configs. A notification config is a Cloud SCC resource that contains the configuration to send notifications for create/update events of findings, assets and etc.
"description": "A String", # The description of the notification config (max of 1024 characters).
- "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket".
+ "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket", "folders/{folder_id}/notificationConfigs/notify_public_bucket", or "projects/{project_id}/notificationConfigs/notify_public_bucket".
"pubsubTopic": "A String", # The Pub/Sub topic to send notifications to. Its format is "projects/[project_id]/topics/[topic]".
"serviceAccount": "A String", # Output only. The service account that needs "pubsub.topics.publish" permission to publish to the Pub/Sub topic.
"streamingConfig": { # The config for streaming-based notifications, which send each event as soon as it is detected. # The config for triggering streaming-based notifications.
@@ -188,7 +188,7 @@ Method Details
Lists notification configs.
Args:
- parent: string, Required. Name of the organization to list notification configs. Its format is "organizations/[organization_id]", "folders/[folder_id]", or "projects/[project_id]". (required)
+ parent: string, Required. Name of the parent to list notification configs. Its format is "organizations/[organization_id]", "folders/[folder_id]", or "projects/[project_id]". (required)
pageSize: integer, The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.
pageToken: string, The value returned by the last `ListNotificationConfigsResponse`; indicates that this is a continuation of a prior `ListNotificationConfigs` call, and that the system should return the next page of data.
x__xgafv: string, V1 error format.
@@ -204,7 +204,7 @@ Method Details
"notificationConfigs": [ # Notification configs belonging to the requested parent.
{ # Cloud Security Command Center (Cloud SCC) notification configs. A notification config is a Cloud SCC resource that contains the configuration to send notifications for create/update events of findings, assets and etc.
"description": "A String", # The description of the notification config (max of 1024 characters).
- "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket".
+ "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket", "folders/{folder_id}/notificationConfigs/notify_public_bucket", or "projects/{project_id}/notificationConfigs/notify_public_bucket".
"pubsubTopic": "A String", # The Pub/Sub topic to send notifications to. Its format is "projects/[project_id]/topics/[topic]".
"serviceAccount": "A String", # Output only. The service account that needs "pubsub.topics.publish" permission to publish to the Pub/Sub topic.
"streamingConfig": { # The config for streaming-based notifications, which send each event as soon as it is detected. # The config for triggering streaming-based notifications.
@@ -234,13 +234,13 @@ Method Details
Updates a notification config. The following update fields are allowed: description, pubsub_topic, streaming_config.filter
Args:
- name: string, The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket". (required)
+ name: string, The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket", "folders/{folder_id}/notificationConfigs/notify_public_bucket", or "projects/{project_id}/notificationConfigs/notify_public_bucket". (required)
body: object, The request body.
The object takes the form of:
{ # Cloud Security Command Center (Cloud SCC) notification configs. A notification config is a Cloud SCC resource that contains the configuration to send notifications for create/update events of findings, assets and etc.
"description": "A String", # The description of the notification config (max of 1024 characters).
- "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket".
+ "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket", "folders/{folder_id}/notificationConfigs/notify_public_bucket", or "projects/{project_id}/notificationConfigs/notify_public_bucket".
"pubsubTopic": "A String", # The Pub/Sub topic to send notifications to. Its format is "projects/[project_id]/topics/[topic]".
"serviceAccount": "A String", # Output only. The service account that needs "pubsub.topics.publish" permission to publish to the Pub/Sub topic.
"streamingConfig": { # The config for streaming-based notifications, which send each event as soon as it is detected. # The config for triggering streaming-based notifications.
@@ -259,7 +259,7 @@ Method Details
{ # Cloud Security Command Center (Cloud SCC) notification configs. A notification config is a Cloud SCC resource that contains the configuration to send notifications for create/update events of findings, assets and etc.
"description": "A String", # The description of the notification config (max of 1024 characters).
- "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket".
+ "name": "A String", # The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/notificationConfigs/notify_public_bucket", "folders/{folder_id}/notificationConfigs/notify_public_bucket", or "projects/{project_id}/notificationConfigs/notify_public_bucket".
"pubsubTopic": "A String", # The Pub/Sub topic to send notifications to. Its format is "projects/[project_id]/topics/[topic]".
"serviceAccount": "A String", # Output only. The service account that needs "pubsub.topics.publish" permission to publish to the Pub/Sub topic.
"streamingConfig": { # The config for streaming-based notifications, which send each event as soon as it is detected. # The config for triggering streaming-based notifications.
diff --git a/docs/dyn/securitycenter_v1.projects.sources.findings.html b/docs/dyn/securitycenter_v1.projects.sources.findings.html
index ab5bdbdc453..750c37a1e6d 100644
--- a/docs/dyn/securitycenter_v1.projects.sources.findings.html
+++ b/docs/dyn/securitycenter_v1.projects.sources.findings.html
@@ -340,6 +340,17 @@ Method Details
"A String",
],
},
+ "kernelRootkit": { # Kernel mode rootkit signatures. # Kernel Rootkit signature.
+ "name": "A String", # Rootkit name when available.
+ "unexpectedCodeModification": True or False, # Flag indicating unexpected modifications of kernel code memory.
+ "unexpectedFtraceHandler": True or False, # Flag indicating presence of ftrace points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedInterruptHandler": True or False, # Flag indicating presence of interrupt handlers that are are not in the expected kernel, module code regions.
+ "unexpectedKernelCodePages": True or False, # Flag indicating presence of kernel code pages that are not in the expected kernel, module code regions.
+ "unexpectedKprobeHandler": True or False, # Flag indicating presence of kprobe points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedProcessesInRunqueue": True or False, # Flag indicating unexpected process(es) in the scheduler run-queue, those that are in the run-queue, but not in the process task-list.
+ "unexpectedReadOnlyDataModification": True or False, # Flag indicating unexpected modifications of kernel read-only data memory.
+ "unexpectedSystemCallHandler": True or False, # Flag indicating presence of system call handlers that are are not in the expected kernel, module code regions.
+ },
"kubernetes": { # Kubernetes related attributes. # Kubernetes resources associated with the finding.
"accessReviews": [ # Provides information on any Kubernetes access reviews (i.e. privilege checks) relevant to the finding.
{ # Conveys information about a Kubernetes access review (e.g. kubectl auth can-i ...) that was involved in a finding.
@@ -715,6 +726,17 @@ Method Details
"A String",
],
},
+ "kernelRootkit": { # Kernel mode rootkit signatures. # Kernel Rootkit signature.
+ "name": "A String", # Rootkit name when available.
+ "unexpectedCodeModification": True or False, # Flag indicating unexpected modifications of kernel code memory.
+ "unexpectedFtraceHandler": True or False, # Flag indicating presence of ftrace points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedInterruptHandler": True or False, # Flag indicating presence of interrupt handlers that are are not in the expected kernel, module code regions.
+ "unexpectedKernelCodePages": True or False, # Flag indicating presence of kernel code pages that are not in the expected kernel, module code regions.
+ "unexpectedKprobeHandler": True or False, # Flag indicating presence of kprobe points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedProcessesInRunqueue": True or False, # Flag indicating unexpected process(es) in the scheduler run-queue, those that are in the run-queue, but not in the process task-list.
+ "unexpectedReadOnlyDataModification": True or False, # Flag indicating unexpected modifications of kernel read-only data memory.
+ "unexpectedSystemCallHandler": True or False, # Flag indicating presence of system call handlers that are are not in the expected kernel, module code regions.
+ },
"kubernetes": { # Kubernetes related attributes. # Kubernetes resources associated with the finding.
"accessReviews": [ # Provides information on any Kubernetes access reviews (i.e. privilege checks) relevant to the finding.
{ # Conveys information about a Kubernetes access review (e.g. kubectl auth can-i ...) that was involved in a finding.
@@ -1053,6 +1075,17 @@ Method Details
"A String",
],
},
+ "kernelRootkit": { # Kernel mode rootkit signatures. # Kernel Rootkit signature.
+ "name": "A String", # Rootkit name when available.
+ "unexpectedCodeModification": True or False, # Flag indicating unexpected modifications of kernel code memory.
+ "unexpectedFtraceHandler": True or False, # Flag indicating presence of ftrace points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedInterruptHandler": True or False, # Flag indicating presence of interrupt handlers that are are not in the expected kernel, module code regions.
+ "unexpectedKernelCodePages": True or False, # Flag indicating presence of kernel code pages that are not in the expected kernel, module code regions.
+ "unexpectedKprobeHandler": True or False, # Flag indicating presence of kprobe points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedProcessesInRunqueue": True or False, # Flag indicating unexpected process(es) in the scheduler run-queue, those that are in the run-queue, but not in the process task-list.
+ "unexpectedReadOnlyDataModification": True or False, # Flag indicating unexpected modifications of kernel read-only data memory.
+ "unexpectedSystemCallHandler": True or False, # Flag indicating presence of system call handlers that are are not in the expected kernel, module code regions.
+ },
"kubernetes": { # Kubernetes related attributes. # Kubernetes resources associated with the finding.
"accessReviews": [ # Provides information on any Kubernetes access reviews (i.e. privilege checks) relevant to the finding.
{ # Conveys information about a Kubernetes access review (e.g. kubectl auth can-i ...) that was involved in a finding.
@@ -1404,6 +1437,17 @@ Method Details
"A String",
],
},
+ "kernelRootkit": { # Kernel mode rootkit signatures. # Kernel Rootkit signature.
+ "name": "A String", # Rootkit name when available.
+ "unexpectedCodeModification": True or False, # Flag indicating unexpected modifications of kernel code memory.
+ "unexpectedFtraceHandler": True or False, # Flag indicating presence of ftrace points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedInterruptHandler": True or False, # Flag indicating presence of interrupt handlers that are are not in the expected kernel, module code regions.
+ "unexpectedKernelCodePages": True or False, # Flag indicating presence of kernel code pages that are not in the expected kernel, module code regions.
+ "unexpectedKprobeHandler": True or False, # Flag indicating presence of kprobe points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedProcessesInRunqueue": True or False, # Flag indicating unexpected process(es) in the scheduler run-queue, those that are in the run-queue, but not in the process task-list.
+ "unexpectedReadOnlyDataModification": True or False, # Flag indicating unexpected modifications of kernel read-only data memory.
+ "unexpectedSystemCallHandler": True or False, # Flag indicating presence of system call handlers that are are not in the expected kernel, module code regions.
+ },
"kubernetes": { # Kubernetes related attributes. # Kubernetes resources associated with the finding.
"accessReviews": [ # Provides information on any Kubernetes access reviews (i.e. privilege checks) relevant to the finding.
{ # Conveys information about a Kubernetes access review (e.g. kubectl auth can-i ...) that was involved in a finding.
@@ -1756,6 +1800,17 @@ Method Details
"A String",
],
},
+ "kernelRootkit": { # Kernel mode rootkit signatures. # Kernel Rootkit signature.
+ "name": "A String", # Rootkit name when available.
+ "unexpectedCodeModification": True or False, # Flag indicating unexpected modifications of kernel code memory.
+ "unexpectedFtraceHandler": True or False, # Flag indicating presence of ftrace points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedInterruptHandler": True or False, # Flag indicating presence of interrupt handlers that are are not in the expected kernel, module code regions.
+ "unexpectedKernelCodePages": True or False, # Flag indicating presence of kernel code pages that are not in the expected kernel, module code regions.
+ "unexpectedKprobeHandler": True or False, # Flag indicating presence of kprobe points with callbacks pointing to regions that are not in the expected kernel or module code range.
+ "unexpectedProcessesInRunqueue": True or False, # Flag indicating unexpected process(es) in the scheduler run-queue, those that are in the run-queue, but not in the process task-list.
+ "unexpectedReadOnlyDataModification": True or False, # Flag indicating unexpected modifications of kernel read-only data memory.
+ "unexpectedSystemCallHandler": True or False, # Flag indicating presence of system call handlers that are are not in the expected kernel, module code regions.
+ },
"kubernetes": { # Kubernetes related attributes. # Kubernetes resources associated with the finding.
"accessReviews": [ # Provides information on any Kubernetes access reviews (i.e. privilege checks) relevant to the finding.
{ # Conveys information about a Kubernetes access review (e.g. kubectl auth can-i ...) that was involved in a finding.
diff --git a/docs/dyn/securitycenter_v1beta2.folders.containerThreatDetectionSettings.html b/docs/dyn/securitycenter_v1beta2.folders.containerThreatDetectionSettings.html
index 0d4d70a1807..0501be9241e 100644
--- a/docs/dyn/securitycenter_v1beta2.folders.containerThreatDetectionSettings.html
+++ b/docs/dyn/securitycenter_v1beta2.folders.containerThreatDetectionSettings.html
@@ -76,14 +76,14 @@ Security Command Center API . Instance Methods
calculate(name, x__xgafv=None)
-Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings.
+Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Close httplib2 connections.
Method Details
calculate(name, x__xgafv=None)
- Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings.
+ Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Args:
name: string, Required. The name of the ContainerThreatDetectionSettings to calculate. Formats: * organizations/{organization}/containerThreatDetectionSettings * folders/{folder}/containerThreatDetectionSettings * projects/{project}/containerThreatDetectionSettings * projects/{project}/locations/{location}/clusters/{cluster}/containerThreatDetectionSettings (required)
diff --git a/docs/dyn/securitycenter_v1beta2.folders.eventThreatDetectionSettings.html b/docs/dyn/securitycenter_v1beta2.folders.eventThreatDetectionSettings.html
index d66f1e24ecf..fc38963c6cf 100644
--- a/docs/dyn/securitycenter_v1beta2.folders.eventThreatDetectionSettings.html
+++ b/docs/dyn/securitycenter_v1beta2.folders.eventThreatDetectionSettings.html
@@ -76,14 +76,14 @@ Security Command Center API . Instance Methods
calculate(name, x__xgafv=None)
-Calculates the effective EventThreatDetectionSettings based on its level in the resource hierarchy and its settings.
+Calculates the effective EventThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Close httplib2 connections.
Method Details
calculate(name, x__xgafv=None)
- Calculates the effective EventThreatDetectionSettings based on its level in the resource hierarchy and its settings.
+ Calculates the effective EventThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Args:
name: string, Required. The name of the EventThreatDetectionSettings to calculate. Formats: * organizations/{organization}/eventThreatDetectionSettings * folders/{folder}/eventThreatDetectionSettings * projects/{project}/eventThreatDetectionSettings (required)
diff --git a/docs/dyn/securitycenter_v1beta2.folders.html b/docs/dyn/securitycenter_v1beta2.folders.html
index 5cc9c1d5bbb..877b6072b8e 100644
--- a/docs/dyn/securitycenter_v1beta2.folders.html
+++ b/docs/dyn/securitycenter_v1beta2.folders.html
@@ -109,28 +109,28 @@ Instance Methods
Close httplib2 connections.
getContainerThreatDetectionSettings(name, x__xgafv=None)
-Get the ContainerThreatDetectionSettings resource.
+Get the ContainerThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetContainerThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateContainerThreatDetectionSettings for this purpose.
getEventThreatDetectionSettings(name, x__xgafv=None)
-Get the EventThreatDetectionSettings resource.
+Get the EventThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetEventThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateEventThreatDetectionSettings for this purpose.
getOnboardingState(name, x__xgafv=None)
Retrieve the OnboardingState of a resource.
getRapidVulnerabilityDetectionSettings(name, x__xgafv=None)
-Get the RapidVulnerabilityDetectionSettings resource.
+Get the RapidVulnerabilityDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetRapidVulnerabilityDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateRapidVulnerabilityDetectionSettings for this purpose.
getSecurityCenterSettings(name, x__xgafv=None)
Get the SecurityCenterSettings resource.
getSecurityHealthAnalyticsSettings(name, x__xgafv=None)
-Get the SecurityHealthAnalyticsSettings resource.
+Get the SecurityHealthAnalyticsSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetSecurityHealthAnalyticsSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateSecurityHealthAnalyticsSettings for this purpose.
getVirtualMachineThreatDetectionSettings(name, x__xgafv=None)
-Get the VirtualMachineThreatDetectionSettings resource.
+Get the VirtualMachineThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetVirtualMachineThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateVirtualMachineThreatDetectionSettings for this purpose.
getWebSecurityScannerSettings(name, x__xgafv=None)
-Get the WebSecurityScannerSettings resource.
+Get the WebSecurityScannerSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetWebSecurityScannerSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateWebSecurityScannerSettings for this purpose.
updateContainerThreatDetectionSettings(name, body=None, updateMask=None, x__xgafv=None)
Update the ContainerThreatDetectionSettings resource.
@@ -157,7 +157,7 @@ Method Details
getContainerThreatDetectionSettings(name, x__xgafv=None)
- Get the ContainerThreatDetectionSettings resource.
+ Get the ContainerThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetContainerThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateContainerThreatDetectionSettings for this purpose.
Args:
name: string, Required. The name of the ContainerThreatDetectionSettings to retrieve. Formats: * organizations/{organization}/containerThreatDetectionSettings * folders/{folder}/containerThreatDetectionSettings * projects/{project}/containerThreatDetectionSettings * projects/{project}/locations/{location}/clusters/{cluster}/containerThreatDetectionSettings (required)
@@ -187,7 +187,7 @@ Method Details
getEventThreatDetectionSettings(name, x__xgafv=None)
- Get the EventThreatDetectionSettings resource.
+ Get the EventThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetEventThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateEventThreatDetectionSettings for this purpose.
Args:
name: string, Required. The name of the EventThreatDetectionSettings to retrieve. Formats: * organizations/{organization}/eventThreatDetectionSettings * folders/{folder}/eventThreatDetectionSettings * projects/{project}/eventThreatDetectionSettings (required)
@@ -236,7 +236,7 @@ Method Details
getRapidVulnerabilityDetectionSettings(name, x__xgafv=None)
- Get the RapidVulnerabilityDetectionSettings resource.
+ Get the RapidVulnerabilityDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetRapidVulnerabilityDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateRapidVulnerabilityDetectionSettings for this purpose.
Args:
name: string, Required. The name of the RapidVulnerabilityDetectionSettings to retrieve. Formats: * organizations/{organization}/rapidVulnerabilityDetectionSettings * folders/{folder}/rapidVulnerabilityDetectionSettings * projects/{project}/rapidVulnerabilityDetectionSettings (required)
@@ -287,7 +287,7 @@ Method Details
getSecurityHealthAnalyticsSettings(name, x__xgafv=None)
- Get the SecurityHealthAnalyticsSettings resource.
+ Get the SecurityHealthAnalyticsSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetSecurityHealthAnalyticsSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateSecurityHealthAnalyticsSettings for this purpose.
Args:
name: string, Required. The name of the SecurityHealthAnalyticsSettings to retrieve. Formats: * organizations/{organization}/securityHealthAnalyticsSettings * folders/{folder}/securityHealthAnalyticsSettings * projects/{project}/securityHealthAnalyticsSettings (required)
@@ -317,7 +317,7 @@ Method Details
getVirtualMachineThreatDetectionSettings(name, x__xgafv=None)
- Get the VirtualMachineThreatDetectionSettings resource.
+ Get the VirtualMachineThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetVirtualMachineThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateVirtualMachineThreatDetectionSettings for this purpose.
Args:
name: string, Required. The name of the VirtualMachineThreatDetectionSettings to retrieve. Formats: * organizations/{organization}/virtualMachineThreatDetectionSettings * folders/{folder}/virtualMachineThreatDetectionSettings * projects/{project}/virtualMachineThreatDetectionSettings (required)
@@ -347,7 +347,7 @@ Method Details
getWebSecurityScannerSettings(name, x__xgafv=None)
- Get the WebSecurityScannerSettings resource.
+ Get the WebSecurityScannerSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetWebSecurityScannerSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateWebSecurityScannerSettings for this purpose.
Args:
name: string, Required. The name of the WebSecurityScannerSettings to retrieve. Formats: * organizations/{organization}/webSecurityScannerSettings * folders/{folder}/webSecurityScannerSettings * projects/{project}/webSecurityScannerSettings (required)
diff --git a/docs/dyn/securitycenter_v1beta2.folders.rapidVulnerabilityDetectionSettings.html b/docs/dyn/securitycenter_v1beta2.folders.rapidVulnerabilityDetectionSettings.html
index 8438957f8b6..88c2af50169 100644
--- a/docs/dyn/securitycenter_v1beta2.folders.rapidVulnerabilityDetectionSettings.html
+++ b/docs/dyn/securitycenter_v1beta2.folders.rapidVulnerabilityDetectionSettings.html
@@ -76,14 +76,14 @@ Security Command Center API . Instance Methods
calculate(name, x__xgafv=None)
-Calculates the effective RapidVulnerabilityDetectionSettings based on its level in the resource hierarchy and its settings.
+Calculates the effective RapidVulnerabilityDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Close httplib2 connections.
Method Details
calculate(name, x__xgafv=None)
- Calculates the effective RapidVulnerabilityDetectionSettings based on its level in the resource hierarchy and its settings.
+ Calculates the effective RapidVulnerabilityDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Args:
name: string, Required. The name of the RapidVulnerabilityDetectionSettings to calculate. Formats: * organizations/{organization}/rapidVulnerabilityDetectionSettings * folders/{folder}/rapidVulnerabilityDetectionSettings * projects/{project}/rapidVulnerabilityDetectionSettings (required)
diff --git a/docs/dyn/securitycenter_v1beta2.folders.securityHealthAnalyticsSettings.html b/docs/dyn/securitycenter_v1beta2.folders.securityHealthAnalyticsSettings.html
index 9bd02fc5c37..114921cc15d 100644
--- a/docs/dyn/securitycenter_v1beta2.folders.securityHealthAnalyticsSettings.html
+++ b/docs/dyn/securitycenter_v1beta2.folders.securityHealthAnalyticsSettings.html
@@ -76,14 +76,14 @@ Security Command Center API . Instance Methods
calculate(name, x__xgafv=None)
-Calculates the effective SecurityHealthAnalyticsSettings based on its level in the resource hierarchy and its settings.
+Calculates the effective SecurityHealthAnalyticsSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Close httplib2 connections.
Method Details
calculate(name, x__xgafv=None)
- Calculates the effective SecurityHealthAnalyticsSettings based on its level in the resource hierarchy and its settings.
+ Calculates the effective SecurityHealthAnalyticsSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Args:
name: string, Required. The name of the SecurityHealthAnalyticsSettings to calculate. Formats: * organizations/{organization}/securityHealthAnalyticsSettings * folders/{folder}/securityHealthAnalyticsSettings * projects/{project}/securityHealthAnalyticsSettings (required)
diff --git a/docs/dyn/securitycenter_v1beta2.folders.virtualMachineThreatDetectionSettings.html b/docs/dyn/securitycenter_v1beta2.folders.virtualMachineThreatDetectionSettings.html
index 70d84db4392..7e1a5aab973 100644
--- a/docs/dyn/securitycenter_v1beta2.folders.virtualMachineThreatDetectionSettings.html
+++ b/docs/dyn/securitycenter_v1beta2.folders.virtualMachineThreatDetectionSettings.html
@@ -76,14 +76,14 @@ Security Command Center API . Instance Methods
calculate(name, x__xgafv=None)
-Calculates the effective VirtualMachineThreatDetectionSettings based on its level in the resource hierarchy and its settings.
+Calculates the effective VirtualMachineThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Close httplib2 connections.
Method Details
calculate(name, x__xgafv=None)
- Calculates the effective VirtualMachineThreatDetectionSettings based on its level in the resource hierarchy and its settings.
+ Calculates the effective VirtualMachineThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Args:
name: string, Required. The name of the VirtualMachineThreatDetectionSettings to calculate. Formats: * organizations/{organization}/virtualMachineThreatDetectionSettings * folders/{folder}/virtualMachineThreatDetectionSettings * projects/{project}/virtualMachineThreatDetectionSettings (required)
diff --git a/docs/dyn/securitycenter_v1beta2.folders.webSecurityScannerSettings.html b/docs/dyn/securitycenter_v1beta2.folders.webSecurityScannerSettings.html
index ee664fdd2e4..f8ad579263d 100644
--- a/docs/dyn/securitycenter_v1beta2.folders.webSecurityScannerSettings.html
+++ b/docs/dyn/securitycenter_v1beta2.folders.webSecurityScannerSettings.html
@@ -76,14 +76,14 @@ Security Command Center API . Instance Methods
calculate(name, x__xgafv=None)
-Calculates the effective WebSecurityScannerSettings based on its level in the resource hierarchy and its settings.
+Calculates the effective WebSecurityScannerSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Close httplib2 connections.
Method Details
calculate(name, x__xgafv=None)
- Calculates the effective WebSecurityScannerSettings based on its level in the resource hierarchy and its settings.
+ Calculates the effective WebSecurityScannerSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Args:
name: string, Required. The name of the WebSecurityScannerSettings to calculate. Formats: * organizations/{organization}/webSecurityScannerSettings * folders/{folder}/webSecurityScannerSettings * projects/{project}/webSecurityScannerSettings (required)
diff --git a/docs/dyn/securitycenter_v1beta2.organizations.containerThreatDetectionSettings.html b/docs/dyn/securitycenter_v1beta2.organizations.containerThreatDetectionSettings.html
index 0a9bd26d178..54e509390c2 100644
--- a/docs/dyn/securitycenter_v1beta2.organizations.containerThreatDetectionSettings.html
+++ b/docs/dyn/securitycenter_v1beta2.organizations.containerThreatDetectionSettings.html
@@ -76,14 +76,14 @@ Security Command Center API . Instance Methods
calculate(name, x__xgafv=None)
-Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings.
+Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Close httplib2 connections.
Method Details
calculate(name, x__xgafv=None)
- Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings.
+ Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Args:
name: string, Required. The name of the ContainerThreatDetectionSettings to calculate. Formats: * organizations/{organization}/containerThreatDetectionSettings * folders/{folder}/containerThreatDetectionSettings * projects/{project}/containerThreatDetectionSettings * projects/{project}/locations/{location}/clusters/{cluster}/containerThreatDetectionSettings (required)
diff --git a/docs/dyn/securitycenter_v1beta2.organizations.eventThreatDetectionSettings.html b/docs/dyn/securitycenter_v1beta2.organizations.eventThreatDetectionSettings.html
index 48beeb981b8..52e9904c98e 100644
--- a/docs/dyn/securitycenter_v1beta2.organizations.eventThreatDetectionSettings.html
+++ b/docs/dyn/securitycenter_v1beta2.organizations.eventThreatDetectionSettings.html
@@ -76,14 +76,14 @@ Security Command Center API . Instance Methods
calculate(name, x__xgafv=None)
-Calculates the effective EventThreatDetectionSettings based on its level in the resource hierarchy and its settings.
+Calculates the effective EventThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Close httplib2 connections.
Method Details
calculate(name, x__xgafv=None)
- Calculates the effective EventThreatDetectionSettings based on its level in the resource hierarchy and its settings.
+ Calculates the effective EventThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Args:
name: string, Required. The name of the EventThreatDetectionSettings to calculate. Formats: * organizations/{organization}/eventThreatDetectionSettings * folders/{folder}/eventThreatDetectionSettings * projects/{project}/eventThreatDetectionSettings (required)
diff --git a/docs/dyn/securitycenter_v1beta2.organizations.html b/docs/dyn/securitycenter_v1beta2.organizations.html
index adb1c3997ed..2e3e819c44c 100644
--- a/docs/dyn/securitycenter_v1beta2.organizations.html
+++ b/docs/dyn/securitycenter_v1beta2.organizations.html
@@ -109,31 +109,31 @@ Instance Methods
Close httplib2 connections.
getContainerThreatDetectionSettings(name, x__xgafv=None)
-Get the ContainerThreatDetectionSettings resource.
+Get the ContainerThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetContainerThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateContainerThreatDetectionSettings for this purpose.
getEventThreatDetectionSettings(name, x__xgafv=None)
-Get the EventThreatDetectionSettings resource.
+Get the EventThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetEventThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateEventThreatDetectionSettings for this purpose.
getOnboardingState(name, x__xgafv=None)
Retrieve the OnboardingState of a resource.
getRapidVulnerabilityDetectionSettings(name, x__xgafv=None)
-Get the RapidVulnerabilityDetectionSettings resource.
+Get the RapidVulnerabilityDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetRapidVulnerabilityDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateRapidVulnerabilityDetectionSettings for this purpose.
getSecurityCenterSettings(name, x__xgafv=None)
Get the SecurityCenterSettings resource.
getSecurityHealthAnalyticsSettings(name, x__xgafv=None)
-Get the SecurityHealthAnalyticsSettings resource.
+Get the SecurityHealthAnalyticsSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetSecurityHealthAnalyticsSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateSecurityHealthAnalyticsSettings for this purpose.
getSubscription(name, x__xgafv=None)
Get the Subscription resource.
getVirtualMachineThreatDetectionSettings(name, x__xgafv=None)
-Get the VirtualMachineThreatDetectionSettings resource.
+Get the VirtualMachineThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetVirtualMachineThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateVirtualMachineThreatDetectionSettings for this purpose.
getWebSecurityScannerSettings(name, x__xgafv=None)
-Get the WebSecurityScannerSettings resource.
+Get the WebSecurityScannerSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetWebSecurityScannerSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateWebSecurityScannerSettings for this purpose.
updateContainerThreatDetectionSettings(name, body=None, updateMask=None, x__xgafv=None)
Update the ContainerThreatDetectionSettings resource.
@@ -160,7 +160,7 @@ Method Details
getContainerThreatDetectionSettings(name, x__xgafv=None)
- Get the ContainerThreatDetectionSettings resource.
+ Get the ContainerThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetContainerThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateContainerThreatDetectionSettings for this purpose.
Args:
name: string, Required. The name of the ContainerThreatDetectionSettings to retrieve. Formats: * organizations/{organization}/containerThreatDetectionSettings * folders/{folder}/containerThreatDetectionSettings * projects/{project}/containerThreatDetectionSettings * projects/{project}/locations/{location}/clusters/{cluster}/containerThreatDetectionSettings (required)
@@ -190,7 +190,7 @@ Method Details
getEventThreatDetectionSettings(name, x__xgafv=None)
- Get the EventThreatDetectionSettings resource.
+ Get the EventThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetEventThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateEventThreatDetectionSettings for this purpose.
Args:
name: string, Required. The name of the EventThreatDetectionSettings to retrieve. Formats: * organizations/{organization}/eventThreatDetectionSettings * folders/{folder}/eventThreatDetectionSettings * projects/{project}/eventThreatDetectionSettings (required)
@@ -239,7 +239,7 @@ Method Details
getRapidVulnerabilityDetectionSettings(name, x__xgafv=None)
- Get the RapidVulnerabilityDetectionSettings resource.
+ Get the RapidVulnerabilityDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetRapidVulnerabilityDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateRapidVulnerabilityDetectionSettings for this purpose.
Args:
name: string, Required. The name of the RapidVulnerabilityDetectionSettings to retrieve. Formats: * organizations/{organization}/rapidVulnerabilityDetectionSettings * folders/{folder}/rapidVulnerabilityDetectionSettings * projects/{project}/rapidVulnerabilityDetectionSettings (required)
@@ -290,7 +290,7 @@ Method Details
getSecurityHealthAnalyticsSettings(name, x__xgafv=None)
- Get the SecurityHealthAnalyticsSettings resource.
+ Get the SecurityHealthAnalyticsSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetSecurityHealthAnalyticsSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateSecurityHealthAnalyticsSettings for this purpose.
Args:
name: string, Required. The name of the SecurityHealthAnalyticsSettings to retrieve. Formats: * organizations/{organization}/securityHealthAnalyticsSettings * folders/{folder}/securityHealthAnalyticsSettings * projects/{project}/securityHealthAnalyticsSettings (required)
@@ -345,7 +345,7 @@ Method Details
getVirtualMachineThreatDetectionSettings(name, x__xgafv=None)
- Get the VirtualMachineThreatDetectionSettings resource.
+ Get the VirtualMachineThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetVirtualMachineThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateVirtualMachineThreatDetectionSettings for this purpose.
Args:
name: string, Required. The name of the VirtualMachineThreatDetectionSettings to retrieve. Formats: * organizations/{organization}/virtualMachineThreatDetectionSettings * folders/{folder}/virtualMachineThreatDetectionSettings * projects/{project}/virtualMachineThreatDetectionSettings (required)
@@ -375,7 +375,7 @@ Method Details
getWebSecurityScannerSettings(name, x__xgafv=None)
- Get the WebSecurityScannerSettings resource.
+ Get the WebSecurityScannerSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetWebSecurityScannerSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateWebSecurityScannerSettings for this purpose.
Args:
name: string, Required. The name of the WebSecurityScannerSettings to retrieve. Formats: * organizations/{organization}/webSecurityScannerSettings * folders/{folder}/webSecurityScannerSettings * projects/{project}/webSecurityScannerSettings (required)
diff --git a/docs/dyn/securitycenter_v1beta2.organizations.rapidVulnerabilityDetectionSettings.html b/docs/dyn/securitycenter_v1beta2.organizations.rapidVulnerabilityDetectionSettings.html
index 2a53269d71b..24c07ef161b 100644
--- a/docs/dyn/securitycenter_v1beta2.organizations.rapidVulnerabilityDetectionSettings.html
+++ b/docs/dyn/securitycenter_v1beta2.organizations.rapidVulnerabilityDetectionSettings.html
@@ -76,14 +76,14 @@ Security Command Center API . Instance Methods
calculate(name, x__xgafv=None)
-Calculates the effective RapidVulnerabilityDetectionSettings based on its level in the resource hierarchy and its settings.
+Calculates the effective RapidVulnerabilityDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Close httplib2 connections.
Method Details
calculate(name, x__xgafv=None)
- Calculates the effective RapidVulnerabilityDetectionSettings based on its level in the resource hierarchy and its settings.
+ Calculates the effective RapidVulnerabilityDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Args:
name: string, Required. The name of the RapidVulnerabilityDetectionSettings to calculate. Formats: * organizations/{organization}/rapidVulnerabilityDetectionSettings * folders/{folder}/rapidVulnerabilityDetectionSettings * projects/{project}/rapidVulnerabilityDetectionSettings (required)
diff --git a/docs/dyn/securitycenter_v1beta2.organizations.securityHealthAnalyticsSettings.html b/docs/dyn/securitycenter_v1beta2.organizations.securityHealthAnalyticsSettings.html
index 98f5317fb05..6d9306afc1a 100644
--- a/docs/dyn/securitycenter_v1beta2.organizations.securityHealthAnalyticsSettings.html
+++ b/docs/dyn/securitycenter_v1beta2.organizations.securityHealthAnalyticsSettings.html
@@ -76,14 +76,14 @@ Security Command Center API . Instance Methods
calculate(name, x__xgafv=None)
-Calculates the effective SecurityHealthAnalyticsSettings based on its level in the resource hierarchy and its settings.
+Calculates the effective SecurityHealthAnalyticsSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Close httplib2 connections.
Method Details
calculate(name, x__xgafv=None)
- Calculates the effective SecurityHealthAnalyticsSettings based on its level in the resource hierarchy and its settings.
+ Calculates the effective SecurityHealthAnalyticsSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Args:
name: string, Required. The name of the SecurityHealthAnalyticsSettings to calculate. Formats: * organizations/{organization}/securityHealthAnalyticsSettings * folders/{folder}/securityHealthAnalyticsSettings * projects/{project}/securityHealthAnalyticsSettings (required)
diff --git a/docs/dyn/securitycenter_v1beta2.organizations.virtualMachineThreatDetectionSettings.html b/docs/dyn/securitycenter_v1beta2.organizations.virtualMachineThreatDetectionSettings.html
index 8daaaef053e..c5cd2272199 100644
--- a/docs/dyn/securitycenter_v1beta2.organizations.virtualMachineThreatDetectionSettings.html
+++ b/docs/dyn/securitycenter_v1beta2.organizations.virtualMachineThreatDetectionSettings.html
@@ -76,14 +76,14 @@ Security Command Center API . Instance Methods
calculate(name, x__xgafv=None)
-Calculates the effective VirtualMachineThreatDetectionSettings based on its level in the resource hierarchy and its settings.
+Calculates the effective VirtualMachineThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Close httplib2 connections.
Method Details
calculate(name, x__xgafv=None)
- Calculates the effective VirtualMachineThreatDetectionSettings based on its level in the resource hierarchy and its settings.
+ Calculates the effective VirtualMachineThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Args:
name: string, Required. The name of the VirtualMachineThreatDetectionSettings to calculate. Formats: * organizations/{organization}/virtualMachineThreatDetectionSettings * folders/{folder}/virtualMachineThreatDetectionSettings * projects/{project}/virtualMachineThreatDetectionSettings (required)
diff --git a/docs/dyn/securitycenter_v1beta2.organizations.webSecurityScannerSettings.html b/docs/dyn/securitycenter_v1beta2.organizations.webSecurityScannerSettings.html
index 1a4e5d792f7..8e7295ffd66 100644
--- a/docs/dyn/securitycenter_v1beta2.organizations.webSecurityScannerSettings.html
+++ b/docs/dyn/securitycenter_v1beta2.organizations.webSecurityScannerSettings.html
@@ -76,14 +76,14 @@ Security Command Center API . Instance Methods
calculate(name, x__xgafv=None)
-Calculates the effective WebSecurityScannerSettings based on its level in the resource hierarchy and its settings.
+Calculates the effective WebSecurityScannerSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Close httplib2 connections.
Method Details
calculate(name, x__xgafv=None)
- Calculates the effective WebSecurityScannerSettings based on its level in the resource hierarchy and its settings.
+ Calculates the effective WebSecurityScannerSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Args:
name: string, Required. The name of the WebSecurityScannerSettings to calculate. Formats: * organizations/{organization}/webSecurityScannerSettings * folders/{folder}/webSecurityScannerSettings * projects/{project}/webSecurityScannerSettings (required)
diff --git a/docs/dyn/securitycenter_v1beta2.projects.containerThreatDetectionSettings.html b/docs/dyn/securitycenter_v1beta2.projects.containerThreatDetectionSettings.html
index 0a2ff255941..6c94c893522 100644
--- a/docs/dyn/securitycenter_v1beta2.projects.containerThreatDetectionSettings.html
+++ b/docs/dyn/securitycenter_v1beta2.projects.containerThreatDetectionSettings.html
@@ -76,14 +76,14 @@ Security Command Center API . Instance Methods
calculate(name, x__xgafv=None)
-Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings.
+Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Close httplib2 connections.
Method Details
calculate(name, x__xgafv=None)
- Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings.
+ Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Args:
name: string, Required. The name of the ContainerThreatDetectionSettings to calculate. Formats: * organizations/{organization}/containerThreatDetectionSettings * folders/{folder}/containerThreatDetectionSettings * projects/{project}/containerThreatDetectionSettings * projects/{project}/locations/{location}/clusters/{cluster}/containerThreatDetectionSettings (required)
diff --git a/docs/dyn/securitycenter_v1beta2.projects.eventThreatDetectionSettings.html b/docs/dyn/securitycenter_v1beta2.projects.eventThreatDetectionSettings.html
index c3d90107d83..710c3d5fc5c 100644
--- a/docs/dyn/securitycenter_v1beta2.projects.eventThreatDetectionSettings.html
+++ b/docs/dyn/securitycenter_v1beta2.projects.eventThreatDetectionSettings.html
@@ -76,14 +76,14 @@ Security Command Center API . Instance Methods
calculate(name, x__xgafv=None)
-Calculates the effective EventThreatDetectionSettings based on its level in the resource hierarchy and its settings.
+Calculates the effective EventThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Close httplib2 connections.
Method Details
calculate(name, x__xgafv=None)
- Calculates the effective EventThreatDetectionSettings based on its level in the resource hierarchy and its settings.
+ Calculates the effective EventThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Args:
name: string, Required. The name of the EventThreatDetectionSettings to calculate. Formats: * organizations/{organization}/eventThreatDetectionSettings * folders/{folder}/eventThreatDetectionSettings * projects/{project}/eventThreatDetectionSettings (required)
diff --git a/docs/dyn/securitycenter_v1beta2.projects.html b/docs/dyn/securitycenter_v1beta2.projects.html
index 89e83f7bb58..fa21a6ee6a5 100644
--- a/docs/dyn/securitycenter_v1beta2.projects.html
+++ b/docs/dyn/securitycenter_v1beta2.projects.html
@@ -114,28 +114,28 @@ Instance Methods
Close httplib2 connections.
getContainerThreatDetectionSettings(name, x__xgafv=None)
-Get the ContainerThreatDetectionSettings resource.
+Get the ContainerThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetContainerThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateContainerThreatDetectionSettings for this purpose.
getEventThreatDetectionSettings(name, x__xgafv=None)
-Get the EventThreatDetectionSettings resource.
+Get the EventThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetEventThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateEventThreatDetectionSettings for this purpose.
getOnboardingState(name, x__xgafv=None)
Retrieve the OnboardingState of a resource.
getRapidVulnerabilityDetectionSettings(name, x__xgafv=None)
-Get the RapidVulnerabilityDetectionSettings resource.
+Get the RapidVulnerabilityDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetRapidVulnerabilityDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateRapidVulnerabilityDetectionSettings for this purpose.
getSecurityCenterSettings(name, x__xgafv=None)
Get the SecurityCenterSettings resource.
getSecurityHealthAnalyticsSettings(name, x__xgafv=None)
-Get the SecurityHealthAnalyticsSettings resource.
+Get the SecurityHealthAnalyticsSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetSecurityHealthAnalyticsSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateSecurityHealthAnalyticsSettings for this purpose.
getVirtualMachineThreatDetectionSettings(name, x__xgafv=None)
-Get the VirtualMachineThreatDetectionSettings resource.
+Get the VirtualMachineThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetVirtualMachineThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateVirtualMachineThreatDetectionSettings for this purpose.
getWebSecurityScannerSettings(name, x__xgafv=None)
-Get the WebSecurityScannerSettings resource.
+Get the WebSecurityScannerSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetWebSecurityScannerSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateWebSecurityScannerSettings for this purpose.
updateContainerThreatDetectionSettings(name, body=None, updateMask=None, x__xgafv=None)
Update the ContainerThreatDetectionSettings resource.
@@ -162,7 +162,7 @@ Method Details
getContainerThreatDetectionSettings(name, x__xgafv=None)
- Get the ContainerThreatDetectionSettings resource.
+ Get the ContainerThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetContainerThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateContainerThreatDetectionSettings for this purpose.
Args:
name: string, Required. The name of the ContainerThreatDetectionSettings to retrieve. Formats: * organizations/{organization}/containerThreatDetectionSettings * folders/{folder}/containerThreatDetectionSettings * projects/{project}/containerThreatDetectionSettings * projects/{project}/locations/{location}/clusters/{cluster}/containerThreatDetectionSettings (required)
@@ -192,7 +192,7 @@ Method Details
getEventThreatDetectionSettings(name, x__xgafv=None)
- Get the EventThreatDetectionSettings resource.
+ Get the EventThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetEventThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateEventThreatDetectionSettings for this purpose.
Args:
name: string, Required. The name of the EventThreatDetectionSettings to retrieve. Formats: * organizations/{organization}/eventThreatDetectionSettings * folders/{folder}/eventThreatDetectionSettings * projects/{project}/eventThreatDetectionSettings (required)
@@ -241,7 +241,7 @@ Method Details
getRapidVulnerabilityDetectionSettings(name, x__xgafv=None)
- Get the RapidVulnerabilityDetectionSettings resource.
+ Get the RapidVulnerabilityDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetRapidVulnerabilityDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateRapidVulnerabilityDetectionSettings for this purpose.
Args:
name: string, Required. The name of the RapidVulnerabilityDetectionSettings to retrieve. Formats: * organizations/{organization}/rapidVulnerabilityDetectionSettings * folders/{folder}/rapidVulnerabilityDetectionSettings * projects/{project}/rapidVulnerabilityDetectionSettings (required)
@@ -292,7 +292,7 @@ Method Details
getSecurityHealthAnalyticsSettings(name, x__xgafv=None)
- Get the SecurityHealthAnalyticsSettings resource.
+ Get the SecurityHealthAnalyticsSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetSecurityHealthAnalyticsSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateSecurityHealthAnalyticsSettings for this purpose.
Args:
name: string, Required. The name of the SecurityHealthAnalyticsSettings to retrieve. Formats: * organizations/{organization}/securityHealthAnalyticsSettings * folders/{folder}/securityHealthAnalyticsSettings * projects/{project}/securityHealthAnalyticsSettings (required)
@@ -322,7 +322,7 @@ Method Details
getVirtualMachineThreatDetectionSettings(name, x__xgafv=None)
- Get the VirtualMachineThreatDetectionSettings resource.
+ Get the VirtualMachineThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetVirtualMachineThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateVirtualMachineThreatDetectionSettings for this purpose.
Args:
name: string, Required. The name of the VirtualMachineThreatDetectionSettings to retrieve. Formats: * organizations/{organization}/virtualMachineThreatDetectionSettings * folders/{folder}/virtualMachineThreatDetectionSettings * projects/{project}/virtualMachineThreatDetectionSettings (required)
@@ -352,7 +352,7 @@ Method Details
getWebSecurityScannerSettings(name, x__xgafv=None)
- Get the WebSecurityScannerSettings resource.
+ Get the WebSecurityScannerSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetWebSecurityScannerSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateWebSecurityScannerSettings for this purpose.
Args:
name: string, Required. The name of the WebSecurityScannerSettings to retrieve. Formats: * organizations/{organization}/webSecurityScannerSettings * folders/{folder}/webSecurityScannerSettings * projects/{project}/webSecurityScannerSettings (required)
diff --git a/docs/dyn/securitycenter_v1beta2.projects.locations.clusters.containerThreatDetectionSettings.html b/docs/dyn/securitycenter_v1beta2.projects.locations.clusters.containerThreatDetectionSettings.html
index 512814a1a48..9100d0dd95b 100644
--- a/docs/dyn/securitycenter_v1beta2.projects.locations.clusters.containerThreatDetectionSettings.html
+++ b/docs/dyn/securitycenter_v1beta2.projects.locations.clusters.containerThreatDetectionSettings.html
@@ -76,14 +76,14 @@ Security Command Center API . Instance Methods
calculate(name, x__xgafv=None)
-Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings.
+Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Close httplib2 connections.
Method Details
calculate(name, x__xgafv=None)
- Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings.
+ Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Args:
name: string, Required. The name of the ContainerThreatDetectionSettings to calculate. Formats: * organizations/{organization}/containerThreatDetectionSettings * folders/{folder}/containerThreatDetectionSettings * projects/{project}/containerThreatDetectionSettings * projects/{project}/locations/{location}/clusters/{cluster}/containerThreatDetectionSettings (required)
diff --git a/docs/dyn/securitycenter_v1beta2.projects.locations.clusters.html b/docs/dyn/securitycenter_v1beta2.projects.locations.clusters.html
index 305fa422f07..f2d8674bbca 100644
--- a/docs/dyn/securitycenter_v1beta2.projects.locations.clusters.html
+++ b/docs/dyn/securitycenter_v1beta2.projects.locations.clusters.html
@@ -84,7 +84,7 @@ Instance Methods
Close httplib2 connections.
getContainerThreatDetectionSettings(name, x__xgafv=None)
-Get the ContainerThreatDetectionSettings resource.
+Get the ContainerThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetContainerThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateContainerThreatDetectionSettings for this purpose.
updateContainerThreatDetectionSettings(name, body=None, updateMask=None, x__xgafv=None)
Update the ContainerThreatDetectionSettings resource.
@@ -96,7 +96,7 @@ Method Details
getContainerThreatDetectionSettings(name, x__xgafv=None)
- Get the ContainerThreatDetectionSettings resource.
+ Get the ContainerThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetContainerThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateContainerThreatDetectionSettings for this purpose.
Args:
name: string, Required. The name of the ContainerThreatDetectionSettings to retrieve. Formats: * organizations/{organization}/containerThreatDetectionSettings * folders/{folder}/containerThreatDetectionSettings * projects/{project}/containerThreatDetectionSettings * projects/{project}/locations/{location}/clusters/{cluster}/containerThreatDetectionSettings (required)
diff --git a/docs/dyn/securitycenter_v1beta2.projects.rapidVulnerabilityDetectionSettings.html b/docs/dyn/securitycenter_v1beta2.projects.rapidVulnerabilityDetectionSettings.html
index 11dd3baa1a0..205692bf0aa 100644
--- a/docs/dyn/securitycenter_v1beta2.projects.rapidVulnerabilityDetectionSettings.html
+++ b/docs/dyn/securitycenter_v1beta2.projects.rapidVulnerabilityDetectionSettings.html
@@ -76,14 +76,14 @@ Security Command Center API . Instance Methods
calculate(name, x__xgafv=None)
-Calculates the effective RapidVulnerabilityDetectionSettings based on its level in the resource hierarchy and its settings.
+Calculates the effective RapidVulnerabilityDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Close httplib2 connections.
Method Details
calculate(name, x__xgafv=None)
- Calculates the effective RapidVulnerabilityDetectionSettings based on its level in the resource hierarchy and its settings.
+ Calculates the effective RapidVulnerabilityDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Args:
name: string, Required. The name of the RapidVulnerabilityDetectionSettings to calculate. Formats: * organizations/{organization}/rapidVulnerabilityDetectionSettings * folders/{folder}/rapidVulnerabilityDetectionSettings * projects/{project}/rapidVulnerabilityDetectionSettings (required)
diff --git a/docs/dyn/securitycenter_v1beta2.projects.securityHealthAnalyticsSettings.html b/docs/dyn/securitycenter_v1beta2.projects.securityHealthAnalyticsSettings.html
index 43e3466ceb4..2729ea1e1f0 100644
--- a/docs/dyn/securitycenter_v1beta2.projects.securityHealthAnalyticsSettings.html
+++ b/docs/dyn/securitycenter_v1beta2.projects.securityHealthAnalyticsSettings.html
@@ -76,14 +76,14 @@ Security Command Center API . Instance Methods
calculate(name, x__xgafv=None)
-Calculates the effective SecurityHealthAnalyticsSettings based on its level in the resource hierarchy and its settings.
+Calculates the effective SecurityHealthAnalyticsSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Close httplib2 connections.
Method Details
calculate(name, x__xgafv=None)
- Calculates the effective SecurityHealthAnalyticsSettings based on its level in the resource hierarchy and its settings.
+ Calculates the effective SecurityHealthAnalyticsSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Args:
name: string, Required. The name of the SecurityHealthAnalyticsSettings to calculate. Formats: * organizations/{organization}/securityHealthAnalyticsSettings * folders/{folder}/securityHealthAnalyticsSettings * projects/{project}/securityHealthAnalyticsSettings (required)
diff --git a/docs/dyn/securitycenter_v1beta2.projects.virtualMachineThreatDetectionSettings.html b/docs/dyn/securitycenter_v1beta2.projects.virtualMachineThreatDetectionSettings.html
index adcaa10c237..e1043329e89 100644
--- a/docs/dyn/securitycenter_v1beta2.projects.virtualMachineThreatDetectionSettings.html
+++ b/docs/dyn/securitycenter_v1beta2.projects.virtualMachineThreatDetectionSettings.html
@@ -76,14 +76,14 @@ Security Command Center API . Instance Methods
calculate(name, x__xgafv=None)
-Calculates the effective VirtualMachineThreatDetectionSettings based on its level in the resource hierarchy and its settings.
+Calculates the effective VirtualMachineThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Close httplib2 connections.
Method Details
calculate(name, x__xgafv=None)
- Calculates the effective VirtualMachineThreatDetectionSettings based on its level in the resource hierarchy and its settings.
+ Calculates the effective VirtualMachineThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Args:
name: string, Required. The name of the VirtualMachineThreatDetectionSettings to calculate. Formats: * organizations/{organization}/virtualMachineThreatDetectionSettings * folders/{folder}/virtualMachineThreatDetectionSettings * projects/{project}/virtualMachineThreatDetectionSettings (required)
diff --git a/docs/dyn/securitycenter_v1beta2.projects.webSecurityScannerSettings.html b/docs/dyn/securitycenter_v1beta2.projects.webSecurityScannerSettings.html
index 04e81690c44..82b7b3febaf 100644
--- a/docs/dyn/securitycenter_v1beta2.projects.webSecurityScannerSettings.html
+++ b/docs/dyn/securitycenter_v1beta2.projects.webSecurityScannerSettings.html
@@ -76,14 +76,14 @@ Security Command Center API . Instance Methods
calculate(name, x__xgafv=None)
-Calculates the effective WebSecurityScannerSettings based on its level in the resource hierarchy and its settings.
+Calculates the effective WebSecurityScannerSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Close httplib2 connections.
Method Details
calculate(name, x__xgafv=None)
- Calculates the effective WebSecurityScannerSettings based on its level in the resource hierarchy and its settings.
+ Calculates the effective WebSecurityScannerSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.
Args:
name: string, Required. The name of the WebSecurityScannerSettings to calculate. Formats: * organizations/{organization}/webSecurityScannerSettings * folders/{folder}/webSecurityScannerSettings * projects/{project}/webSecurityScannerSettings (required)
diff --git a/googleapiclient/discovery_cache/documents/securitycenter.v1.json b/googleapiclient/discovery_cache/documents/securitycenter.v1.json
index 5326ffcdbad..3f7a521bad3 100644
--- a/googleapiclient/discovery_cache/documents/securitycenter.v1.json
+++ b/googleapiclient/discovery_cache/documents/securitycenter.v1.json
@@ -119,7 +119,7 @@
],
"parameters": {
"parent": {
- "description": "Required. Name of the organization to groupBy. Its format is \"organizations/[organization_id], folders/[folder_id], or projects/[project_id]\".",
+ "description": "Required. Name of the parent to groupBy. Its format is \"organizations/[organization_id], folders/[folder_id], or projects/[project_id]\".",
"location": "path",
"pattern": "^folders/[^/]+$",
"required": true,
@@ -180,7 +180,7 @@
"type": "string"
},
"parent": {
- "description": "Required. Name of the organization assets should belong to. Its format is \"organizations/[organization_id], folders/[folder_id], or projects/[project_id]\".",
+ "description": "Required. Name of the parent assets should belong to. Its format is \"organizations/[organization_id], folders/[folder_id], or projects/[project_id]\".",
"location": "path",
"pattern": "^folders/[^/]+$",
"required": true,
@@ -634,7 +634,7 @@
],
"parameters": {
"name": {
- "description": "Required. Name of the notification config to delete. Its format is \"organizations/[organization_id]/notificationConfigs/[config_id]\".",
+ "description": "Required. Name of the notification config to delete. Its format is \"organizations/[organization_id]/notificationConfigs/[config_id]\", \"folders/[folder_id]/notificationConfigs/[config_id]\", or \"projects/[project_id]/notificationConfigs/[config_id]\".",
"location": "path",
"pattern": "^folders/[^/]+/notificationConfigs/[^/]+$",
"required": true,
@@ -659,7 +659,7 @@
],
"parameters": {
"name": {
- "description": "Required. Name of the notification config to get. Its format is \"organizations/[organization_id]/notificationConfigs/[config_id]\".",
+ "description": "Required. Name of the notification config to get. Its format is \"organizations/[organization_id]/notificationConfigs/[config_id]\", \"folders/[folder_id]/notificationConfigs/[config_id]\", or \"projects/[project_id]/notificationConfigs/[config_id]\".",
"location": "path",
"pattern": "^folders/[^/]+/notificationConfigs/[^/]+$",
"required": true,
@@ -695,7 +695,7 @@
"type": "string"
},
"parent": {
- "description": "Required. Name of the organization to list notification configs. Its format is \"organizations/[organization_id]\", \"folders/[folder_id]\", or \"projects/[project_id]\".",
+ "description": "Required. Name of the parent to list notification configs. Its format is \"organizations/[organization_id]\", \"folders/[folder_id]\", or \"projects/[project_id]\".",
"location": "path",
"pattern": "^folders/[^/]+$",
"required": true,
@@ -720,7 +720,7 @@
],
"parameters": {
"name": {
- "description": "The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: \"organizations/{organization_id}/notificationConfigs/notify_public_bucket\".",
+ "description": "The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: \"organizations/{organization_id}/notificationConfigs/notify_public_bucket\", \"folders/{folder_id}/notificationConfigs/notify_public_bucket\", or \"projects/{project_id}/notificationConfigs/notify_public_bucket\".",
"location": "path",
"pattern": "^folders/[^/]+/notificationConfigs/[^/]+$",
"required": true,
@@ -1131,7 +1131,7 @@
],
"parameters": {
"parent": {
- "description": "Required. Name of the organization to groupBy. Its format is \"organizations/[organization_id], folders/[folder_id], or projects/[project_id]\".",
+ "description": "Required. Name of the parent to groupBy. Its format is \"organizations/[organization_id], folders/[folder_id], or projects/[project_id]\".",
"location": "path",
"pattern": "^organizations/[^/]+$",
"required": true,
@@ -1192,7 +1192,7 @@
"type": "string"
},
"parent": {
- "description": "Required. Name of the organization assets should belong to. Its format is \"organizations/[organization_id], folders/[folder_id], or projects/[project_id]\".",
+ "description": "Required. Name of the parent assets should belong to. Its format is \"organizations/[organization_id], folders/[folder_id], or projects/[project_id]\".",
"location": "path",
"pattern": "^organizations/[^/]+$",
"required": true,
@@ -1674,7 +1674,7 @@
],
"parameters": {
"name": {
- "description": "Required. Name of the notification config to delete. Its format is \"organizations/[organization_id]/notificationConfigs/[config_id]\".",
+ "description": "Required. Name of the notification config to delete. Its format is \"organizations/[organization_id]/notificationConfigs/[config_id]\", \"folders/[folder_id]/notificationConfigs/[config_id]\", or \"projects/[project_id]/notificationConfigs/[config_id]\".",
"location": "path",
"pattern": "^organizations/[^/]+/notificationConfigs/[^/]+$",
"required": true,
@@ -1699,7 +1699,7 @@
],
"parameters": {
"name": {
- "description": "Required. Name of the notification config to get. Its format is \"organizations/[organization_id]/notificationConfigs/[config_id]\".",
+ "description": "Required. Name of the notification config to get. Its format is \"organizations/[organization_id]/notificationConfigs/[config_id]\", \"folders/[folder_id]/notificationConfigs/[config_id]\", or \"projects/[project_id]/notificationConfigs/[config_id]\".",
"location": "path",
"pattern": "^organizations/[^/]+/notificationConfigs/[^/]+$",
"required": true,
@@ -1735,7 +1735,7 @@
"type": "string"
},
"parent": {
- "description": "Required. Name of the organization to list notification configs. Its format is \"organizations/[organization_id]\", \"folders/[folder_id]\", or \"projects/[project_id]\".",
+ "description": "Required. Name of the parent to list notification configs. Its format is \"organizations/[organization_id]\", \"folders/[folder_id]\", or \"projects/[project_id]\".",
"location": "path",
"pattern": "^organizations/[^/]+$",
"required": true,
@@ -1760,7 +1760,7 @@
],
"parameters": {
"name": {
- "description": "The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: \"organizations/{organization_id}/notificationConfigs/notify_public_bucket\".",
+ "description": "The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: \"organizations/{organization_id}/notificationConfigs/notify_public_bucket\", \"folders/{folder_id}/notificationConfigs/notify_public_bucket\", or \"projects/{project_id}/notificationConfigs/notify_public_bucket\".",
"location": "path",
"pattern": "^organizations/[^/]+/notificationConfigs/[^/]+$",
"required": true,
@@ -2434,7 +2434,7 @@
],
"parameters": {
"parent": {
- "description": "Required. Name of the organization to groupBy. Its format is \"organizations/[organization_id], folders/[folder_id], or projects/[project_id]\".",
+ "description": "Required. Name of the parent to groupBy. Its format is \"organizations/[organization_id], folders/[folder_id], or projects/[project_id]\".",
"location": "path",
"pattern": "^projects/[^/]+$",
"required": true,
@@ -2495,7 +2495,7 @@
"type": "string"
},
"parent": {
- "description": "Required. Name of the organization assets should belong to. Its format is \"organizations/[organization_id], folders/[folder_id], or projects/[project_id]\".",
+ "description": "Required. Name of the parent assets should belong to. Its format is \"organizations/[organization_id], folders/[folder_id], or projects/[project_id]\".",
"location": "path",
"pattern": "^projects/[^/]+$",
"required": true,
@@ -2949,7 +2949,7 @@
],
"parameters": {
"name": {
- "description": "Required. Name of the notification config to delete. Its format is \"organizations/[organization_id]/notificationConfigs/[config_id]\".",
+ "description": "Required. Name of the notification config to delete. Its format is \"organizations/[organization_id]/notificationConfigs/[config_id]\", \"folders/[folder_id]/notificationConfigs/[config_id]\", or \"projects/[project_id]/notificationConfigs/[config_id]\".",
"location": "path",
"pattern": "^projects/[^/]+/notificationConfigs/[^/]+$",
"required": true,
@@ -2974,7 +2974,7 @@
],
"parameters": {
"name": {
- "description": "Required. Name of the notification config to get. Its format is \"organizations/[organization_id]/notificationConfigs/[config_id]\".",
+ "description": "Required. Name of the notification config to get. Its format is \"organizations/[organization_id]/notificationConfigs/[config_id]\", \"folders/[folder_id]/notificationConfigs/[config_id]\", or \"projects/[project_id]/notificationConfigs/[config_id]\".",
"location": "path",
"pattern": "^projects/[^/]+/notificationConfigs/[^/]+$",
"required": true,
@@ -3010,7 +3010,7 @@
"type": "string"
},
"parent": {
- "description": "Required. Name of the organization to list notification configs. Its format is \"organizations/[organization_id]\", \"folders/[folder_id]\", or \"projects/[project_id]\".",
+ "description": "Required. Name of the parent to list notification configs. Its format is \"organizations/[organization_id]\", \"folders/[folder_id]\", or \"projects/[project_id]\".",
"location": "path",
"pattern": "^projects/[^/]+$",
"required": true,
@@ -3035,7 +3035,7 @@
],
"parameters": {
"name": {
- "description": "The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: \"organizations/{organization_id}/notificationConfigs/notify_public_bucket\".",
+ "description": "The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: \"organizations/{organization_id}/notificationConfigs/notify_public_bucket\", \"folders/{folder_id}/notificationConfigs/notify_public_bucket\", or \"projects/{project_id}/notificationConfigs/notify_public_bucket\".",
"location": "path",
"pattern": "^projects/[^/]+/notificationConfigs/[^/]+$",
"required": true,
@@ -3372,7 +3372,7 @@
}
}
},
- "revision": "20221117",
+ "revision": "20221121",
"rootUrl": "https://securitycenter.googleapis.com/",
"schemas": {
"Access": {
@@ -4217,6 +4217,10 @@
"$ref": "Indicator",
"description": "Represents what's commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise"
},
+ "kernelRootkit": {
+ "$ref": "KernelRootkit",
+ "description": "Kernel Rootkit signature."
+ },
"kubernetes": {
"$ref": "Kubernetes",
"description": "Kubernetes resources associated with the finding."
@@ -5186,6 +5190,49 @@
},
"type": "object"
},
+ "KernelRootkit": {
+ "description": "Kernel mode rootkit signatures.",
+ "id": "KernelRootkit",
+ "properties": {
+ "name": {
+ "description": "Rootkit name when available.",
+ "type": "string"
+ },
+ "unexpectedCodeModification": {
+ "description": "Flag indicating unexpected modifications of kernel code memory.",
+ "type": "boolean"
+ },
+ "unexpectedFtraceHandler": {
+ "description": "Flag indicating presence of ftrace points with callbacks pointing to regions that are not in the expected kernel or module code range.",
+ "type": "boolean"
+ },
+ "unexpectedInterruptHandler": {
+ "description": "Flag indicating presence of interrupt handlers that are are not in the expected kernel, module code regions.",
+ "type": "boolean"
+ },
+ "unexpectedKernelCodePages": {
+ "description": "Flag indicating presence of kernel code pages that are not in the expected kernel, module code regions.",
+ "type": "boolean"
+ },
+ "unexpectedKprobeHandler": {
+ "description": "Flag indicating presence of kprobe points with callbacks pointing to regions that are not in the expected kernel or module code range.",
+ "type": "boolean"
+ },
+ "unexpectedProcessesInRunqueue": {
+ "description": "Flag indicating unexpected process(es) in the scheduler run-queue, those that are in the run-queue, but not in the process task-list.",
+ "type": "boolean"
+ },
+ "unexpectedReadOnlyDataModification": {
+ "description": "Flag indicating unexpected modifications of kernel read-only data memory.",
+ "type": "boolean"
+ },
+ "unexpectedSystemCallHandler": {
+ "description": "Flag indicating presence of system call handlers that are are not in the expected kernel, module code regions.",
+ "type": "boolean"
+ }
+ },
+ "type": "object"
+ },
"Kubernetes": {
"description": "Kubernetes related attributes.",
"id": "Kubernetes",
@@ -5769,7 +5816,7 @@
"type": "string"
},
"name": {
- "description": "The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: \"organizations/{organization_id}/notificationConfigs/notify_public_bucket\".",
+ "description": "The relative resource name of this notification config. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: \"organizations/{organization_id}/notificationConfigs/notify_public_bucket\", \"folders/{folder_id}/notificationConfigs/notify_public_bucket\", or \"projects/{project_id}/notificationConfigs/notify_public_bucket\".",
"type": "string"
},
"pubsubTopic": {
diff --git a/googleapiclient/discovery_cache/documents/securitycenter.v1beta1.json b/googleapiclient/discovery_cache/documents/securitycenter.v1beta1.json
index 5ac0c0b22e7..83c192cb302 100644
--- a/googleapiclient/discovery_cache/documents/securitycenter.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/securitycenter.v1beta1.json
@@ -896,7 +896,7 @@
}
}
},
- "revision": "20221117",
+ "revision": "20221121",
"rootUrl": "https://securitycenter.googleapis.com/",
"schemas": {
"Access": {
@@ -1717,6 +1717,10 @@
"$ref": "Indicator",
"description": "Represents what's commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise"
},
+ "kernelRootkit": {
+ "$ref": "KernelRootkit",
+ "description": "Kernel Rootkit signature."
+ },
"kubernetes": {
"$ref": "Kubernetes",
"description": "Kubernetes resources associated with the finding."
@@ -2741,6 +2745,49 @@
},
"type": "object"
},
+ "KernelRootkit": {
+ "description": "Kernel mode rootkit signatures.",
+ "id": "KernelRootkit",
+ "properties": {
+ "name": {
+ "description": "Rootkit name when available.",
+ "type": "string"
+ },
+ "unexpectedCodeModification": {
+ "description": "Flag indicating unexpected modifications of kernel code memory.",
+ "type": "boolean"
+ },
+ "unexpectedFtraceHandler": {
+ "description": "Flag indicating presence of ftrace points with callbacks pointing to regions that are not in the expected kernel or module code range.",
+ "type": "boolean"
+ },
+ "unexpectedInterruptHandler": {
+ "description": "Flag indicating presence of interrupt handlers that are are not in the expected kernel, module code regions.",
+ "type": "boolean"
+ },
+ "unexpectedKernelCodePages": {
+ "description": "Flag indicating presence of kernel code pages that are not in the expected kernel, module code regions.",
+ "type": "boolean"
+ },
+ "unexpectedKprobeHandler": {
+ "description": "Flag indicating presence of kprobe points with callbacks pointing to regions that are not in the expected kernel or module code range.",
+ "type": "boolean"
+ },
+ "unexpectedProcessesInRunqueue": {
+ "description": "Flag indicating unexpected process(es) in the scheduler run-queue, those that are in the run-queue, but not in the process task-list.",
+ "type": "boolean"
+ },
+ "unexpectedReadOnlyDataModification": {
+ "description": "Flag indicating unexpected modifications of kernel read-only data memory.",
+ "type": "boolean"
+ },
+ "unexpectedSystemCallHandler": {
+ "description": "Flag indicating presence of system call handlers that are are not in the expected kernel, module code regions.",
+ "type": "boolean"
+ }
+ },
+ "type": "object"
+ },
"Kubernetes": {
"description": "Kubernetes related attributes.",
"id": "Kubernetes",
diff --git a/googleapiclient/discovery_cache/documents/securitycenter.v1beta2.json b/googleapiclient/discovery_cache/documents/securitycenter.v1beta2.json
index 4aa4912eef1..dc690e147ac 100644
--- a/googleapiclient/discovery_cache/documents/securitycenter.v1beta2.json
+++ b/googleapiclient/discovery_cache/documents/securitycenter.v1beta2.json
@@ -108,7 +108,7 @@
"folders": {
"methods": {
"getContainerThreatDetectionSettings": {
- "description": "Get the ContainerThreatDetectionSettings resource.",
+ "description": "Get the ContainerThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetContainerThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateContainerThreatDetectionSettings for this purpose.",
"flatPath": "v1beta2/folders/{foldersId}/containerThreatDetectionSettings",
"httpMethod": "GET",
"id": "securitycenter.folders.getContainerThreatDetectionSettings",
@@ -133,7 +133,7 @@
]
},
"getEventThreatDetectionSettings": {
- "description": "Get the EventThreatDetectionSettings resource.",
+ "description": "Get the EventThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetEventThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateEventThreatDetectionSettings for this purpose.",
"flatPath": "v1beta2/folders/{foldersId}/eventThreatDetectionSettings",
"httpMethod": "GET",
"id": "securitycenter.folders.getEventThreatDetectionSettings",
@@ -183,7 +183,7 @@
]
},
"getRapidVulnerabilityDetectionSettings": {
- "description": "Get the RapidVulnerabilityDetectionSettings resource.",
+ "description": "Get the RapidVulnerabilityDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetRapidVulnerabilityDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateRapidVulnerabilityDetectionSettings for this purpose.",
"flatPath": "v1beta2/folders/{foldersId}/rapidVulnerabilityDetectionSettings",
"httpMethod": "GET",
"id": "securitycenter.folders.getRapidVulnerabilityDetectionSettings",
@@ -233,7 +233,7 @@
]
},
"getSecurityHealthAnalyticsSettings": {
- "description": "Get the SecurityHealthAnalyticsSettings resource.",
+ "description": "Get the SecurityHealthAnalyticsSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetSecurityHealthAnalyticsSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateSecurityHealthAnalyticsSettings for this purpose.",
"flatPath": "v1beta2/folders/{foldersId}/securityHealthAnalyticsSettings",
"httpMethod": "GET",
"id": "securitycenter.folders.getSecurityHealthAnalyticsSettings",
@@ -258,7 +258,7 @@
]
},
"getVirtualMachineThreatDetectionSettings": {
- "description": "Get the VirtualMachineThreatDetectionSettings resource.",
+ "description": "Get the VirtualMachineThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetVirtualMachineThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateVirtualMachineThreatDetectionSettings for this purpose.",
"flatPath": "v1beta2/folders/{foldersId}/virtualMachineThreatDetectionSettings",
"httpMethod": "GET",
"id": "securitycenter.folders.getVirtualMachineThreatDetectionSettings",
@@ -283,7 +283,7 @@
]
},
"getWebSecurityScannerSettings": {
- "description": "Get the WebSecurityScannerSettings resource.",
+ "description": "Get the WebSecurityScannerSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetWebSecurityScannerSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateWebSecurityScannerSettings for this purpose.",
"flatPath": "v1beta2/folders/{foldersId}/webSecurityScannerSettings",
"httpMethod": "GET",
"id": "securitycenter.folders.getWebSecurityScannerSettings",
@@ -516,7 +516,7 @@
"containerThreatDetectionSettings": {
"methods": {
"calculate": {
- "description": "Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings.",
+ "description": "Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.",
"flatPath": "v1beta2/folders/{foldersId}/containerThreatDetectionSettings:calculate",
"httpMethod": "GET",
"id": "securitycenter.folders.containerThreatDetectionSettings.calculate",
@@ -545,7 +545,7 @@
"eventThreatDetectionSettings": {
"methods": {
"calculate": {
- "description": "Calculates the effective EventThreatDetectionSettings based on its level in the resource hierarchy and its settings.",
+ "description": "Calculates the effective EventThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.",
"flatPath": "v1beta2/folders/{foldersId}/eventThreatDetectionSettings:calculate",
"httpMethod": "GET",
"id": "securitycenter.folders.eventThreatDetectionSettings.calculate",
@@ -574,7 +574,7 @@
"rapidVulnerabilityDetectionSettings": {
"methods": {
"calculate": {
- "description": "Calculates the effective RapidVulnerabilityDetectionSettings based on its level in the resource hierarchy and its settings.",
+ "description": "Calculates the effective RapidVulnerabilityDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.",
"flatPath": "v1beta2/folders/{foldersId}/rapidVulnerabilityDetectionSettings:calculate",
"httpMethod": "GET",
"id": "securitycenter.folders.rapidVulnerabilityDetectionSettings.calculate",
@@ -603,7 +603,7 @@
"securityHealthAnalyticsSettings": {
"methods": {
"calculate": {
- "description": "Calculates the effective SecurityHealthAnalyticsSettings based on its level in the resource hierarchy and its settings.",
+ "description": "Calculates the effective SecurityHealthAnalyticsSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.",
"flatPath": "v1beta2/folders/{foldersId}/securityHealthAnalyticsSettings:calculate",
"httpMethod": "GET",
"id": "securitycenter.folders.securityHealthAnalyticsSettings.calculate",
@@ -632,7 +632,7 @@
"virtualMachineThreatDetectionSettings": {
"methods": {
"calculate": {
- "description": "Calculates the effective VirtualMachineThreatDetectionSettings based on its level in the resource hierarchy and its settings.",
+ "description": "Calculates the effective VirtualMachineThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.",
"flatPath": "v1beta2/folders/{foldersId}/virtualMachineThreatDetectionSettings:calculate",
"httpMethod": "GET",
"id": "securitycenter.folders.virtualMachineThreatDetectionSettings.calculate",
@@ -661,7 +661,7 @@
"webSecurityScannerSettings": {
"methods": {
"calculate": {
- "description": "Calculates the effective WebSecurityScannerSettings based on its level in the resource hierarchy and its settings.",
+ "description": "Calculates the effective WebSecurityScannerSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.",
"flatPath": "v1beta2/folders/{foldersId}/webSecurityScannerSettings:calculate",
"httpMethod": "GET",
"id": "securitycenter.folders.webSecurityScannerSettings.calculate",
@@ -692,7 +692,7 @@
"organizations": {
"methods": {
"getContainerThreatDetectionSettings": {
- "description": "Get the ContainerThreatDetectionSettings resource.",
+ "description": "Get the ContainerThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetContainerThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateContainerThreatDetectionSettings for this purpose.",
"flatPath": "v1beta2/organizations/{organizationsId}/containerThreatDetectionSettings",
"httpMethod": "GET",
"id": "securitycenter.organizations.getContainerThreatDetectionSettings",
@@ -717,7 +717,7 @@
]
},
"getEventThreatDetectionSettings": {
- "description": "Get the EventThreatDetectionSettings resource.",
+ "description": "Get the EventThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetEventThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateEventThreatDetectionSettings for this purpose.",
"flatPath": "v1beta2/organizations/{organizationsId}/eventThreatDetectionSettings",
"httpMethod": "GET",
"id": "securitycenter.organizations.getEventThreatDetectionSettings",
@@ -767,7 +767,7 @@
]
},
"getRapidVulnerabilityDetectionSettings": {
- "description": "Get the RapidVulnerabilityDetectionSettings resource.",
+ "description": "Get the RapidVulnerabilityDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetRapidVulnerabilityDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateRapidVulnerabilityDetectionSettings for this purpose.",
"flatPath": "v1beta2/organizations/{organizationsId}/rapidVulnerabilityDetectionSettings",
"httpMethod": "GET",
"id": "securitycenter.organizations.getRapidVulnerabilityDetectionSettings",
@@ -817,7 +817,7 @@
]
},
"getSecurityHealthAnalyticsSettings": {
- "description": "Get the SecurityHealthAnalyticsSettings resource.",
+ "description": "Get the SecurityHealthAnalyticsSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetSecurityHealthAnalyticsSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateSecurityHealthAnalyticsSettings for this purpose.",
"flatPath": "v1beta2/organizations/{organizationsId}/securityHealthAnalyticsSettings",
"httpMethod": "GET",
"id": "securitycenter.organizations.getSecurityHealthAnalyticsSettings",
@@ -867,7 +867,7 @@
]
},
"getVirtualMachineThreatDetectionSettings": {
- "description": "Get the VirtualMachineThreatDetectionSettings resource.",
+ "description": "Get the VirtualMachineThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetVirtualMachineThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateVirtualMachineThreatDetectionSettings for this purpose.",
"flatPath": "v1beta2/organizations/{organizationsId}/virtualMachineThreatDetectionSettings",
"httpMethod": "GET",
"id": "securitycenter.organizations.getVirtualMachineThreatDetectionSettings",
@@ -892,7 +892,7 @@
]
},
"getWebSecurityScannerSettings": {
- "description": "Get the WebSecurityScannerSettings resource.",
+ "description": "Get the WebSecurityScannerSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetWebSecurityScannerSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateWebSecurityScannerSettings for this purpose.",
"flatPath": "v1beta2/organizations/{organizationsId}/webSecurityScannerSettings",
"httpMethod": "GET",
"id": "securitycenter.organizations.getWebSecurityScannerSettings",
@@ -1125,7 +1125,7 @@
"containerThreatDetectionSettings": {
"methods": {
"calculate": {
- "description": "Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings.",
+ "description": "Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.",
"flatPath": "v1beta2/organizations/{organizationsId}/containerThreatDetectionSettings:calculate",
"httpMethod": "GET",
"id": "securitycenter.organizations.containerThreatDetectionSettings.calculate",
@@ -1154,7 +1154,7 @@
"eventThreatDetectionSettings": {
"methods": {
"calculate": {
- "description": "Calculates the effective EventThreatDetectionSettings based on its level in the resource hierarchy and its settings.",
+ "description": "Calculates the effective EventThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.",
"flatPath": "v1beta2/organizations/{organizationsId}/eventThreatDetectionSettings:calculate",
"httpMethod": "GET",
"id": "securitycenter.organizations.eventThreatDetectionSettings.calculate",
@@ -1183,7 +1183,7 @@
"rapidVulnerabilityDetectionSettings": {
"methods": {
"calculate": {
- "description": "Calculates the effective RapidVulnerabilityDetectionSettings based on its level in the resource hierarchy and its settings.",
+ "description": "Calculates the effective RapidVulnerabilityDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.",
"flatPath": "v1beta2/organizations/{organizationsId}/rapidVulnerabilityDetectionSettings:calculate",
"httpMethod": "GET",
"id": "securitycenter.organizations.rapidVulnerabilityDetectionSettings.calculate",
@@ -1212,7 +1212,7 @@
"securityHealthAnalyticsSettings": {
"methods": {
"calculate": {
- "description": "Calculates the effective SecurityHealthAnalyticsSettings based on its level in the resource hierarchy and its settings.",
+ "description": "Calculates the effective SecurityHealthAnalyticsSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.",
"flatPath": "v1beta2/organizations/{organizationsId}/securityHealthAnalyticsSettings:calculate",
"httpMethod": "GET",
"id": "securitycenter.organizations.securityHealthAnalyticsSettings.calculate",
@@ -1241,7 +1241,7 @@
"virtualMachineThreatDetectionSettings": {
"methods": {
"calculate": {
- "description": "Calculates the effective VirtualMachineThreatDetectionSettings based on its level in the resource hierarchy and its settings.",
+ "description": "Calculates the effective VirtualMachineThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.",
"flatPath": "v1beta2/organizations/{organizationsId}/virtualMachineThreatDetectionSettings:calculate",
"httpMethod": "GET",
"id": "securitycenter.organizations.virtualMachineThreatDetectionSettings.calculate",
@@ -1270,7 +1270,7 @@
"webSecurityScannerSettings": {
"methods": {
"calculate": {
- "description": "Calculates the effective WebSecurityScannerSettings based on its level in the resource hierarchy and its settings.",
+ "description": "Calculates the effective WebSecurityScannerSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.",
"flatPath": "v1beta2/organizations/{organizationsId}/webSecurityScannerSettings:calculate",
"httpMethod": "GET",
"id": "securitycenter.organizations.webSecurityScannerSettings.calculate",
@@ -1301,7 +1301,7 @@
"projects": {
"methods": {
"getContainerThreatDetectionSettings": {
- "description": "Get the ContainerThreatDetectionSettings resource.",
+ "description": "Get the ContainerThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetContainerThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateContainerThreatDetectionSettings for this purpose.",
"flatPath": "v1beta2/projects/{projectsId}/containerThreatDetectionSettings",
"httpMethod": "GET",
"id": "securitycenter.projects.getContainerThreatDetectionSettings",
@@ -1326,7 +1326,7 @@
]
},
"getEventThreatDetectionSettings": {
- "description": "Get the EventThreatDetectionSettings resource.",
+ "description": "Get the EventThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetEventThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateEventThreatDetectionSettings for this purpose.",
"flatPath": "v1beta2/projects/{projectsId}/eventThreatDetectionSettings",
"httpMethod": "GET",
"id": "securitycenter.projects.getEventThreatDetectionSettings",
@@ -1376,7 +1376,7 @@
]
},
"getRapidVulnerabilityDetectionSettings": {
- "description": "Get the RapidVulnerabilityDetectionSettings resource.",
+ "description": "Get the RapidVulnerabilityDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetRapidVulnerabilityDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateRapidVulnerabilityDetectionSettings for this purpose.",
"flatPath": "v1beta2/projects/{projectsId}/rapidVulnerabilityDetectionSettings",
"httpMethod": "GET",
"id": "securitycenter.projects.getRapidVulnerabilityDetectionSettings",
@@ -1426,7 +1426,7 @@
]
},
"getSecurityHealthAnalyticsSettings": {
- "description": "Get the SecurityHealthAnalyticsSettings resource.",
+ "description": "Get the SecurityHealthAnalyticsSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetSecurityHealthAnalyticsSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateSecurityHealthAnalyticsSettings for this purpose.",
"flatPath": "v1beta2/projects/{projectsId}/securityHealthAnalyticsSettings",
"httpMethod": "GET",
"id": "securitycenter.projects.getSecurityHealthAnalyticsSettings",
@@ -1451,7 +1451,7 @@
]
},
"getVirtualMachineThreatDetectionSettings": {
- "description": "Get the VirtualMachineThreatDetectionSettings resource.",
+ "description": "Get the VirtualMachineThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetVirtualMachineThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateVirtualMachineThreatDetectionSettings for this purpose.",
"flatPath": "v1beta2/projects/{projectsId}/virtualMachineThreatDetectionSettings",
"httpMethod": "GET",
"id": "securitycenter.projects.getVirtualMachineThreatDetectionSettings",
@@ -1476,7 +1476,7 @@
]
},
"getWebSecurityScannerSettings": {
- "description": "Get the WebSecurityScannerSettings resource.",
+ "description": "Get the WebSecurityScannerSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetWebSecurityScannerSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateWebSecurityScannerSettings for this purpose.",
"flatPath": "v1beta2/projects/{projectsId}/webSecurityScannerSettings",
"httpMethod": "GET",
"id": "securitycenter.projects.getWebSecurityScannerSettings",
@@ -1709,7 +1709,7 @@
"containerThreatDetectionSettings": {
"methods": {
"calculate": {
- "description": "Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings.",
+ "description": "Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.",
"flatPath": "v1beta2/projects/{projectsId}/containerThreatDetectionSettings:calculate",
"httpMethod": "GET",
"id": "securitycenter.projects.containerThreatDetectionSettings.calculate",
@@ -1738,7 +1738,7 @@
"eventThreatDetectionSettings": {
"methods": {
"calculate": {
- "description": "Calculates the effective EventThreatDetectionSettings based on its level in the resource hierarchy and its settings.",
+ "description": "Calculates the effective EventThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.",
"flatPath": "v1beta2/projects/{projectsId}/eventThreatDetectionSettings:calculate",
"httpMethod": "GET",
"id": "securitycenter.projects.eventThreatDetectionSettings.calculate",
@@ -1769,7 +1769,7 @@
"clusters": {
"methods": {
"getContainerThreatDetectionSettings": {
- "description": "Get the ContainerThreatDetectionSettings resource.",
+ "description": "Get the ContainerThreatDetectionSettings resource. In the returned settings response, a missing field only indicates that it was not explicitly set, so no assumption should be made about these fields. In other words, GetContainerThreatDetectionSettings does not calculate the effective service settings for the resource, which accounts for inherited settings and defaults. Instead, use CalculateContainerThreatDetectionSettings for this purpose.",
"flatPath": "v1beta2/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/containerThreatDetectionSettings",
"httpMethod": "GET",
"id": "securitycenter.projects.locations.clusters.getContainerThreatDetectionSettings",
@@ -1832,7 +1832,7 @@
"containerThreatDetectionSettings": {
"methods": {
"calculate": {
- "description": "Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings.",
+ "description": "Calculates the effective ContainerThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.",
"flatPath": "v1beta2/projects/{projectsId}/locations/{locationsId}/clusters/{clustersId}/containerThreatDetectionSettings:calculate",
"httpMethod": "GET",
"id": "securitycenter.projects.locations.clusters.containerThreatDetectionSettings.calculate",
@@ -1865,7 +1865,7 @@
"rapidVulnerabilityDetectionSettings": {
"methods": {
"calculate": {
- "description": "Calculates the effective RapidVulnerabilityDetectionSettings based on its level in the resource hierarchy and its settings.",
+ "description": "Calculates the effective RapidVulnerabilityDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.",
"flatPath": "v1beta2/projects/{projectsId}/rapidVulnerabilityDetectionSettings:calculate",
"httpMethod": "GET",
"id": "securitycenter.projects.rapidVulnerabilityDetectionSettings.calculate",
@@ -1894,7 +1894,7 @@
"securityHealthAnalyticsSettings": {
"methods": {
"calculate": {
- "description": "Calculates the effective SecurityHealthAnalyticsSettings based on its level in the resource hierarchy and its settings.",
+ "description": "Calculates the effective SecurityHealthAnalyticsSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.",
"flatPath": "v1beta2/projects/{projectsId}/securityHealthAnalyticsSettings:calculate",
"httpMethod": "GET",
"id": "securitycenter.projects.securityHealthAnalyticsSettings.calculate",
@@ -1923,7 +1923,7 @@
"virtualMachineThreatDetectionSettings": {
"methods": {
"calculate": {
- "description": "Calculates the effective VirtualMachineThreatDetectionSettings based on its level in the resource hierarchy and its settings.",
+ "description": "Calculates the effective VirtualMachineThreatDetectionSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.",
"flatPath": "v1beta2/projects/{projectsId}/virtualMachineThreatDetectionSettings:calculate",
"httpMethod": "GET",
"id": "securitycenter.projects.virtualMachineThreatDetectionSettings.calculate",
@@ -1952,7 +1952,7 @@
"webSecurityScannerSettings": {
"methods": {
"calculate": {
- "description": "Calculates the effective WebSecurityScannerSettings based on its level in the resource hierarchy and its settings.",
+ "description": "Calculates the effective WebSecurityScannerSettings based on its level in the resource hierarchy and its settings. Settings provided closer to the target resource take precedence over those further away (e.g. folder will override organization level settings). The default SCC setting for the detector service defaults can be overridden at organization, folder and project levels. No assumptions should be made about the SCC defaults as it is considered an internal implementation detail.",
"flatPath": "v1beta2/projects/{projectsId}/webSecurityScannerSettings:calculate",
"httpMethod": "GET",
"id": "securitycenter.projects.webSecurityScannerSettings.calculate",
@@ -1981,7 +1981,7 @@
}
}
},
- "revision": "20221117",
+ "revision": "20221121",
"rootUrl": "https://securitycenter.googleapis.com/",
"schemas": {
"Access": {
@@ -2784,6 +2784,10 @@
"$ref": "Indicator",
"description": "Represents what's commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise"
},
+ "kernelRootkit": {
+ "$ref": "KernelRootkit",
+ "description": "Kernel Rootkit signature."
+ },
"kubernetes": {
"$ref": "Kubernetes",
"description": "Kubernetes resources associated with the finding."
@@ -3576,6 +3580,49 @@
},
"type": "object"
},
+ "KernelRootkit": {
+ "description": "Kernel mode rootkit signatures.",
+ "id": "KernelRootkit",
+ "properties": {
+ "name": {
+ "description": "Rootkit name when available.",
+ "type": "string"
+ },
+ "unexpectedCodeModification": {
+ "description": "Flag indicating unexpected modifications of kernel code memory.",
+ "type": "boolean"
+ },
+ "unexpectedFtraceHandler": {
+ "description": "Flag indicating presence of ftrace points with callbacks pointing to regions that are not in the expected kernel or module code range.",
+ "type": "boolean"
+ },
+ "unexpectedInterruptHandler": {
+ "description": "Flag indicating presence of interrupt handlers that are are not in the expected kernel, module code regions.",
+ "type": "boolean"
+ },
+ "unexpectedKernelCodePages": {
+ "description": "Flag indicating presence of kernel code pages that are not in the expected kernel, module code regions.",
+ "type": "boolean"
+ },
+ "unexpectedKprobeHandler": {
+ "description": "Flag indicating presence of kprobe points with callbacks pointing to regions that are not in the expected kernel or module code range.",
+ "type": "boolean"
+ },
+ "unexpectedProcessesInRunqueue": {
+ "description": "Flag indicating unexpected process(es) in the scheduler run-queue, those that are in the run-queue, but not in the process task-list.",
+ "type": "boolean"
+ },
+ "unexpectedReadOnlyDataModification": {
+ "description": "Flag indicating unexpected modifications of kernel read-only data memory.",
+ "type": "boolean"
+ },
+ "unexpectedSystemCallHandler": {
+ "description": "Flag indicating presence of system call handlers that are are not in the expected kernel, module code regions.",
+ "type": "boolean"
+ }
+ },
+ "type": "object"
+ },
"Kubernetes": {
"description": "Kubernetes related attributes.",
"id": "Kubernetes",