You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardexpand all lines: docs/dyn/securitycenter_v1.folders.sources.findings.html
+45
Original file line number
Diff line number
Diff line change
@@ -212,6 +212,15 @@ <h3>Method Details</h3>
212
212
"userAgentFamily": "A String", # Type of user agent associated with the finding. For example, an operating system shell or an embedded or standalone application.
213
213
"userName": "A String", # A string that represents a username. The username provided depends on the type of the finding and is likely not an IAM principal. For example, this can be a system username if the finding is related to a virtual machine, or it can be an application login username.
214
214
},
215
+
"attackExposure": { # An attack exposure contains the results of an attack path simulation run. # The results of an attack path simulation relevant to this finding.
216
+
"attackExposureResult": "A String", # The resource name of the attack path simulation result that contains the details regarding this attack exposure score. Example: organizations/123/attackExposureResults/456
217
+
"exposedHighValueResourcesCount": 42, # The number of high value resources that are exposed as a result of this finding.
218
+
"exposedLowValueResourcesCount": 42, # The number of high value resources that are exposed as a result of this finding.
219
+
"exposedMediumValueResourcesCount": 42, # The number of medium value resources that are exposed as a result of this finding.
220
+
"latestCalculationTime": "A String", # The most recent time the attack exposure was updated on this finding.
221
+
"score": 3.14, # A number between 0 (inclusive) and infinity that represents how important this finding is to remediate. The higher the score, the more important it is to remediate.
222
+
"state": "A String", # What state this AttackExposure is in. This captures whether or not an attack exposure has been calculated or not.
223
+
},
215
224
"canonicalName": "A String", # The canonical name of the finding. It's either "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or "projects/{project_number}/sources/{source_id}/findings/{finding_id}", depending on the closest CRM ancestor of the resource associated with the finding.
216
225
"category": "A String", # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: "XSS_FLASH_INJECTION"
217
226
"cloudDlpDataProfile": { # The [data profile](https://cloud.google.com/dlp/docs/data-profiles) associated with the finding. # Cloud DLP data profile that is associated with the finding.
@@ -613,6 +622,15 @@ <h3>Method Details</h3>
613
622
"userAgentFamily": "A String", # Type of user agent associated with the finding. For example, an operating system shell or an embedded or standalone application.
614
623
"userName": "A String", # A string that represents a username. The username provided depends on the type of the finding and is likely not an IAM principal. For example, this can be a system username if the finding is related to a virtual machine, or it can be an application login username.
615
624
},
625
+
"attackExposure": { # An attack exposure contains the results of an attack path simulation run. # The results of an attack path simulation relevant to this finding.
626
+
"attackExposureResult": "A String", # The resource name of the attack path simulation result that contains the details regarding this attack exposure score. Example: organizations/123/attackExposureResults/456
627
+
"exposedHighValueResourcesCount": 42, # The number of high value resources that are exposed as a result of this finding.
628
+
"exposedLowValueResourcesCount": 42, # The number of high value resources that are exposed as a result of this finding.
629
+
"exposedMediumValueResourcesCount": 42, # The number of medium value resources that are exposed as a result of this finding.
630
+
"latestCalculationTime": "A String", # The most recent time the attack exposure was updated on this finding.
631
+
"score": 3.14, # A number between 0 (inclusive) and infinity that represents how important this finding is to remediate. The higher the score, the more important it is to remediate.
632
+
"state": "A String", # What state this AttackExposure is in. This captures whether or not an attack exposure has been calculated or not.
633
+
},
616
634
"canonicalName": "A String", # The canonical name of the finding. It's either "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or "projects/{project_number}/sources/{source_id}/findings/{finding_id}", depending on the closest CRM ancestor of the resource associated with the finding.
617
635
"category": "A String", # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: "XSS_FLASH_INJECTION"
618
636
"cloudDlpDataProfile": { # The [data profile](https://cloud.google.com/dlp/docs/data-profiles) associated with the finding. # Cloud DLP data profile that is associated with the finding.
@@ -977,6 +995,15 @@ <h3>Method Details</h3>
977
995
"userAgentFamily": "A String", # Type of user agent associated with the finding. For example, an operating system shell or an embedded or standalone application.
978
996
"userName": "A String", # A string that represents a username. The username provided depends on the type of the finding and is likely not an IAM principal. For example, this can be a system username if the finding is related to a virtual machine, or it can be an application login username.
979
997
},
998
+
"attackExposure": { # An attack exposure contains the results of an attack path simulation run. # The results of an attack path simulation relevant to this finding.
999
+
"attackExposureResult": "A String", # The resource name of the attack path simulation result that contains the details regarding this attack exposure score. Example: organizations/123/attackExposureResults/456
1000
+
"exposedHighValueResourcesCount": 42, # The number of high value resources that are exposed as a result of this finding.
1001
+
"exposedLowValueResourcesCount": 42, # The number of high value resources that are exposed as a result of this finding.
1002
+
"exposedMediumValueResourcesCount": 42, # The number of medium value resources that are exposed as a result of this finding.
1003
+
"latestCalculationTime": "A String", # The most recent time the attack exposure was updated on this finding.
1004
+
"score": 3.14, # A number between 0 (inclusive) and infinity that represents how important this finding is to remediate. The higher the score, the more important it is to remediate.
1005
+
"state": "A String", # What state this AttackExposure is in. This captures whether or not an attack exposure has been calculated or not.
1006
+
},
980
1007
"canonicalName": "A String", # The canonical name of the finding. It's either "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or "projects/{project_number}/sources/{source_id}/findings/{finding_id}", depending on the closest CRM ancestor of the resource associated with the finding.
981
1008
"category": "A String", # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: "XSS_FLASH_INJECTION"
982
1009
"cloudDlpDataProfile": { # The [data profile](https://cloud.google.com/dlp/docs/data-profiles) associated with the finding. # Cloud DLP data profile that is associated with the finding.
@@ -1354,6 +1381,15 @@ <h3>Method Details</h3>
1354
1381
"userAgentFamily": "A String", # Type of user agent associated with the finding. For example, an operating system shell or an embedded or standalone application.
1355
1382
"userName": "A String", # A string that represents a username. The username provided depends on the type of the finding and is likely not an IAM principal. For example, this can be a system username if the finding is related to a virtual machine, or it can be an application login username.
1356
1383
},
1384
+
"attackExposure": { # An attack exposure contains the results of an attack path simulation run. # The results of an attack path simulation relevant to this finding.
1385
+
"attackExposureResult": "A String", # The resource name of the attack path simulation result that contains the details regarding this attack exposure score. Example: organizations/123/attackExposureResults/456
1386
+
"exposedHighValueResourcesCount": 42, # The number of high value resources that are exposed as a result of this finding.
1387
+
"exposedLowValueResourcesCount": 42, # The number of high value resources that are exposed as a result of this finding.
1388
+
"exposedMediumValueResourcesCount": 42, # The number of medium value resources that are exposed as a result of this finding.
1389
+
"latestCalculationTime": "A String", # The most recent time the attack exposure was updated on this finding.
1390
+
"score": 3.14, # A number between 0 (inclusive) and infinity that represents how important this finding is to remediate. The higher the score, the more important it is to remediate.
1391
+
"state": "A String", # What state this AttackExposure is in. This captures whether or not an attack exposure has been calculated or not.
1392
+
},
1357
1393
"canonicalName": "A String", # The canonical name of the finding. It's either "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or "projects/{project_number}/sources/{source_id}/findings/{finding_id}", depending on the closest CRM ancestor of the resource associated with the finding.
1358
1394
"category": "A String", # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: "XSS_FLASH_INJECTION"
1359
1395
"cloudDlpDataProfile": { # The [data profile](https://cloud.google.com/dlp/docs/data-profiles) associated with the finding. # Cloud DLP data profile that is associated with the finding.
@@ -1732,6 +1768,15 @@ <h3>Method Details</h3>
1732
1768
"userAgentFamily": "A String", # Type of user agent associated with the finding. For example, an operating system shell or an embedded or standalone application.
1733
1769
"userName": "A String", # A string that represents a username. The username provided depends on the type of the finding and is likely not an IAM principal. For example, this can be a system username if the finding is related to a virtual machine, or it can be an application login username.
1734
1770
},
1771
+
"attackExposure": { # An attack exposure contains the results of an attack path simulation run. # The results of an attack path simulation relevant to this finding.
1772
+
"attackExposureResult": "A String", # The resource name of the attack path simulation result that contains the details regarding this attack exposure score. Example: organizations/123/attackExposureResults/456
1773
+
"exposedHighValueResourcesCount": 42, # The number of high value resources that are exposed as a result of this finding.
1774
+
"exposedLowValueResourcesCount": 42, # The number of high value resources that are exposed as a result of this finding.
1775
+
"exposedMediumValueResourcesCount": 42, # The number of medium value resources that are exposed as a result of this finding.
1776
+
"latestCalculationTime": "A String", # The most recent time the attack exposure was updated on this finding.
1777
+
"score": 3.14, # A number between 0 (inclusive) and infinity that represents how important this finding is to remediate. The higher the score, the more important it is to remediate.
1778
+
"state": "A String", # What state this AttackExposure is in. This captures whether or not an attack exposure has been calculated or not.
1779
+
},
1735
1780
"canonicalName": "A String", # The canonical name of the finding. It's either "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or "projects/{project_number}/sources/{source_id}/findings/{finding_id}", depending on the closest CRM ancestor of the resource associated with the finding.
1736
1781
"category": "A String", # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: "XSS_FLASH_INJECTION"
1737
1782
"cloudDlpDataProfile": { # The [data profile](https://cloud.google.com/dlp/docs/data-profiles) associated with the finding. # Cloud DLP data profile that is associated with the finding.
<pclass="firstline">Deletes an ETD custom module. Deletion at resident level also deletes modules at all descendants. Deletion at any other level is not supported.</p>
85
+
<pclass="firstline">Deletes an Event Threat Detection custom module.</p>
<pclass="firstline">Updates an ETD custom module at the given level. All config fields can be updated when updating the module at resident level. Only enablement state can be updated when updating the module at inherited levels. Updating the module has a side-effect that it updates all descendants that are inherited from this module.</p>
97
+
<pclass="firstline">Updates an Event Threat Detection custom module.</p>
<pre>Creates an ETD custom module at the given level. Creating a module has a side-effect of creating modules at all descendants.
106
+
<pre>Creates an Event Threat Detection custom module.
107
107
108
108
Args:
109
-
parent: string, Required. The new custom module's parent. Its format is: * "organizations/{organization}/eventThreatDetectionSettings". * "folders/{folder}/eventThreatDetectionSettings". * "projects/{project}/eventThreatDetectionSettings". (required)
109
+
parent: string, Required. The new custom module's parent. Its format is: * "organizations/{organization}/eventThreatDetectionSettings". (required)
<pre>Deletes an ETD custom module. Deletion at resident level also deletes modules at all descendants. Deletion at any other level is not supported.
150
+
<pre>Deletes an Event Threat Detection custom module.
151
151
152
152
Args:
153
-
name: string, Required. Name of the custom module to delete. Its format is: * "organizations/{organization}/eventThreatDetectionSettings/customModules/{module}". * "folders/{folder}/eventThreatDetectionSettings/customModules/{module}". * "projects/{project}/eventThreatDetectionSettings/customModules/{module}". (required)
153
+
name: string, Required. Name of the custom module to delete. Its format is: * "organizations/{organization}/eventThreatDetectionSettings/customModules/{module}". (required)
<pre>Gets an ETD custom module. Retrieves the module at the given level.
168
+
<pre>Gets an Event Threat Detection custom module.
169
169
170
170
Args:
171
-
name: string, Required. Name of the custom module to get. Its format is: * "organizations/{organization}/eventThreatDetectionSettings/customModules/{module}". * "folders/{folder}/eventThreatDetectionSettings/customModules/{module}". * "projects/{project}/eventThreatDetectionSettings/customModules/{module}". (required)
171
+
name: string, Required. Name of the custom module to get. Its format is: * "organizations/{organization}/eventThreatDetectionSettings/customModules/{module}". (required)
<pre>Lists ETD custom modules. Retrieve all resident and inherited modules at the given level (no descendants).
196
+
<pre>Lists Event Threat Detection custom modules.
197
197
198
198
Args:
199
-
parent: string, Required. Name of the parent to list custom modules. Its format is: * "organizations/{organization}/eventThreatDetectionSettings". * "folders/{folder}/eventThreatDetectionSettings". * "projects/{project}/eventThreatDetectionSettings". (required)
199
+
parent: string, Required. Name of the parent to list custom modules under. Its format is: * "organizations/{organization}/eventThreatDetectionSettings". (required)
200
200
pageSize: integer, The maximum number of modules to return. The service may return fewer than this value. If unspecified, at most 10 configs will be returned. The maximum value is 1000; values above 1000 will be coerced to 1000.
201
201
pageToken: string, A page token, received from a previous `ListEventThreatDetectionCustomModules` call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to `ListEventThreatDetectionCustomModules` must match the call that provided the page token.
202
202
x__xgafv: string, V1 error format.
@@ -207,7 +207,7 @@ <h3>Method Details</h3>
207
207
Returns:
208
208
An object of the form:
209
209
210
-
{ # Response for listing EventThreatDetectionCustomModules.
210
+
{ # Response for listing Event Threat Detection custom modules.
211
211
"eventThreatDetectionCustomModules": [ # Custom modules belonging to the requested parent.
212
212
{ # Represents an instance of an Event Threat Detection custom module, including its full module name, display name, enablement state, and last updated time. You can create a custom module at the organization level only.
213
213
"config": { # Config for the module. For the resident module, its config value is defined at this level. For the inherited module, its config value is inherited from the ancestor module.
<pre>Updates an ETD custom module at the given level. All config fields can be updated when updating the module at resident level. Only enablement state can be updated when updating the module at inherited levels. Updating the module has a side-effect that it updates all descendants that are inherited from this module.
245
+
<pre>Updates an Event Threat Detection custom module.
246
246
247
247
Args:
248
248
name: string, Immutable. The resource name of the Event Threat Detection custom module. Its format is: * "organizations/{organization}/eventThreatDetectionSettings/customModules/{module}". * "folders/{folder}/eventThreatDetectionSettings/customModules/{module}". * "projects/{project}/eventThreatDetectionSettings/customModules/{module}". (required)
<pre>Validates the given Event Threat Detection Custom Module.
96
+
<pre>Validates the given Event Threat Detection custom module.
97
97
98
98
Args:
99
-
parent: string, Required. Resource name of the parent to validate the Custom Module under. Its format is: * "organizations/{organization}/eventThreatDetectionSettings". * "folders/{folder}/eventThreatDetectionSettings". * "projects/{project}/eventThreatDetectionSettings". (required)
99
+
parent: string, Required. Resource name of the parent to validate the Custom Module under. Its format is: * "organizations/{organization}/eventThreatDetectionSettings". (required)
100
100
body: object, The request body.
101
101
The object takes the form of:
102
102
103
-
{ # Request to validate an EventThreatDetectionCustomModule.
103
+
{ # Request to validate an Event Threat Detection custom module.
104
104
"rawText": "A String", # Required. The raw text of the module's contents. Used to generate error messages.
105
105
"type": "A String", # Required. The type of the module (e.g. CONFIGURABLE_BAD_IP).
106
106
}
@@ -113,7 +113,7 @@ <h3>Method Details</h3>
113
113
Returns:
114
114
An object of the form:
115
115
116
-
{ # Response to validating an Event Threat Detection Custom Module.
116
+
{ # Response to validating an Event Threat Detection custom module.
117
117
"errors": { # A list of zero or more errors encountered while validating the uploaded configuration of an Event Threat Detection Custom Module. # A list of errors returned by the validator. If the list is empty, there were no errors.
118
118
"errors": [
119
119
{ # An error encountered while validating the uploaded configuration of an Event Threat Detection Custom Module.
<pre>Lists the attack paths for a set of simulation results or valued resources and filter.
95
+
96
+
Args:
97
+
parent: string, Required. Name of parent to list attack paths. Valid formats: "organizations/{organization}", "organizations/{organization}/simulations/{simulation}" "organizations/{organization}/simulations/{simulation}/attackExposureResults/{attack_exposure_result_v2}" "organizations/{organization}/simulations/{simulation}/valuedResources/{valued_resource}" (required)
98
+
filter: string, The filter expression that filters the attack path in the response. Supported fields: * `valued_resources` supports =
99
+
pageSize: integer, The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.
100
+
pageToken: string, The value returned by the last `ListAttackPathsResponse`; indicates that this is a continuation of a prior `ListAttackPaths` call, and that the system should return the next page of data.
101
+
x__xgafv: string, V1 error format.
102
+
Allowed values
103
+
1 - v1 error format
104
+
2 - v2 error format
105
+
106
+
Returns:
107
+
An object of the form:
108
+
109
+
{ # Response message for listing the attack paths for a given simulation or valued resource.
110
+
"attackPaths": [ # The attack paths that the attack path simulation identified.
111
+
{ # A path that an attacker could take to reach an exposed resource.
112
+
"edges": [ # A list of the edges between nodes in this attack path.
113
+
{ # Represents a connection between a source node and a destination node in this attack path.
114
+
"destination": "A String", # The attack node uuid of the destination node.
115
+
"source": "A String", # The attack node uuid of the source node.
116
+
},
117
+
],
118
+
"name": "A String", # The attack path name, for example, `organizations/12/simulation/34/valuedResources/56/attackPaths/78`
119
+
"pathNodes": [ # A list of nodes that exist in this attack path.
120
+
{ # Represents one point that an attacker passes through in this attack path.
121
+
"associatedFindings": [ # The findings associated with this node in the attack path.
122
+
{ # A finding that is associated with this node in the attack path.
123
+
"canonicalFinding": "A String", # Canonical name of the associated findings. Example: organizations/123/sources/456/findings/789
124
+
"findingCategory": "A String", # The additional taxonomy group within findings from a given source.
125
+
"name": "A String", # Full resource name of the finding.
126
+
},
127
+
],
128
+
"attackSteps": [ # A list of attack step nodes that exist in this attack path node.
129
+
{ # Detailed steps the attack can take between path nodes.
"displayName": "A String", # User friendly name of the attack step
132
+
"labels": { # Attack step labels for metadata
133
+
"a_key": "A String",
134
+
},
135
+
"type": "A String", # Attack step type. Can be either AND, OR or DEFENSE
136
+
"uuid": "A String", # Unique ID for one Node
137
+
},
138
+
],
139
+
"displayName": "A String", # Human-readable name of this resource.
140
+
"resource": "A String", # The name of the resource at this point in the attack path. The format of the name follows the Cloud Asset Inventory [resource name format]("https://cloud.google.com/asset-inventory/docs/resource-name-format")
141
+
"resourceType": "A String", # The [supported resource type](http://cloud/asset-inventory/docs/supported-asset-types")
142
+
"uuid": "A String", # Unique id of the attack path node.
143
+
},
144
+
],
145
+
},
146
+
],
147
+
"nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no more results.
<pre>Lists the valued resources for a set of simulation results and filter.
95
+
96
+
Args:
97
+
parent: string, Required. Name of parent to list valued resources. Valid formats: "organizations/{organization}", "organizations/{organization}/simulations/{simulation}" "organizations/{organization}/simulations/{simulation}/attackExposureResults/{attack_exposure_result_v2}" (required)
98
+
filter: string, The filter expression that filters the valued resources in the response. Supported fields: * `resource_value` supports = * `resource_type` supports =
99
+
pageSize: integer, The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.
100
+
pageToken: string, The value returned by the last `ListValuedResourcesResponse`; indicates that this is a continuation of a prior `ListValuedResources` call, and that the system should return the next page of data.
101
+
x__xgafv: string, V1 error format.
102
+
Allowed values
103
+
1 - v1 error format
104
+
2 - v2 error format
105
+
106
+
Returns:
107
+
An object of the form:
108
+
109
+
{ # Response message for listing the valued resources for a given simulation.
110
+
"nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no more results.
111
+
"totalSize": 42, # The estimated total number of results matching the query.
112
+
"valuedResources": [ # The valued resources that the attack path simulation identified.
113
+
{ # A resource that is determined to have value to a user's system
114
+
"displayName": "A String", # Human-readable name of the valued resource.
115
+
"exposedScore": 3.14, # Exposed score for this valued resource. A value of 0 means no exposure was detected exposure.
116
+
"name": "A String", # Valued resource name, for example, e.g.: `organizations/123/simulations/456/valuedResources/789`
117
+
"resource": "A String", # The [full resource name](https://cloud.google.com/apis/design/resource_names#full_resource_name) of the valued resource.
118
+
"resourceType": "A String", # The [resource type](https://cloud.google.com/asset-inventory/docs/supported-asset-types) of the valued resource.
119
+
"resourceValue": "A String", # How valuable this resource is.
120
+
"resourceValueConfigsUsed": [ # List of resource value configurations' metadata used to determine the value of this resource. Maximum of 100.
121
+
{ # Metadata about a ResourceValueConfig. For example, id and name.
122
+
"name": "A String", # Resource value config name
<pre>Lists the attack paths for a set of simulation results or valued resources and filter.
95
+
96
+
Args:
97
+
parent: string, Required. Name of parent to list attack paths. Valid formats: "organizations/{organization}", "organizations/{organization}/simulations/{simulation}" "organizations/{organization}/simulations/{simulation}/attackExposureResults/{attack_exposure_result_v2}" "organizations/{organization}/simulations/{simulation}/valuedResources/{valued_resource}" (required)
98
+
filter: string, The filter expression that filters the attack path in the response. Supported fields: * `valued_resources` supports =
99
+
pageSize: integer, The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.
100
+
pageToken: string, The value returned by the last `ListAttackPathsResponse`; indicates that this is a continuation of a prior `ListAttackPaths` call, and that the system should return the next page of data.
101
+
x__xgafv: string, V1 error format.
102
+
Allowed values
103
+
1 - v1 error format
104
+
2 - v2 error format
105
+
106
+
Returns:
107
+
An object of the form:
108
+
109
+
{ # Response message for listing the attack paths for a given simulation or valued resource.
110
+
"attackPaths": [ # The attack paths that the attack path simulation identified.
111
+
{ # A path that an attacker could take to reach an exposed resource.
112
+
"edges": [ # A list of the edges between nodes in this attack path.
113
+
{ # Represents a connection between a source node and a destination node in this attack path.
114
+
"destination": "A String", # The attack node uuid of the destination node.
115
+
"source": "A String", # The attack node uuid of the source node.
116
+
},
117
+
],
118
+
"name": "A String", # The attack path name, for example, `organizations/12/simulation/34/valuedResources/56/attackPaths/78`
119
+
"pathNodes": [ # A list of nodes that exist in this attack path.
120
+
{ # Represents one point that an attacker passes through in this attack path.
121
+
"associatedFindings": [ # The findings associated with this node in the attack path.
122
+
{ # A finding that is associated with this node in the attack path.
123
+
"canonicalFinding": "A String", # Canonical name of the associated findings. Example: organizations/123/sources/456/findings/789
124
+
"findingCategory": "A String", # The additional taxonomy group within findings from a given source.
125
+
"name": "A String", # Full resource name of the finding.
126
+
},
127
+
],
128
+
"attackSteps": [ # A list of attack step nodes that exist in this attack path node.
129
+
{ # Detailed steps the attack can take between path nodes.
"displayName": "A String", # User friendly name of the attack step
132
+
"labels": { # Attack step labels for metadata
133
+
"a_key": "A String",
134
+
},
135
+
"type": "A String", # Attack step type. Can be either AND, OR or DEFENSE
136
+
"uuid": "A String", # Unique ID for one Node
137
+
},
138
+
],
139
+
"displayName": "A String", # Human-readable name of this resource.
140
+
"resource": "A String", # The name of the resource at this point in the attack path. The format of the name follows the Cloud Asset Inventory [resource name format]("https://cloud.google.com/asset-inventory/docs/resource-name-format")
141
+
"resourceType": "A String", # The [supported resource type](http://cloud/asset-inventory/docs/supported-asset-types")
142
+
"uuid": "A String", # Unique id of the attack path node.
143
+
},
144
+
],
145
+
},
146
+
],
147
+
"nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no more results.
<pre>Get the simulation by name or the latest simulation for the given organization.
107
+
108
+
Args:
109
+
name: string, Required. The organization name or simulation name of this simulation Valid format: "organizations/{organization}/simulations/latest" "organizations/{organization}/simulations/{simulation}" (required)
110
+
x__xgafv: string, V1 error format.
111
+
Allowed values
112
+
1 - v1 error format
113
+
2 - v2 error format
114
+
115
+
Returns:
116
+
An object of the form:
117
+
118
+
{ # Attack path simulation
119
+
"createTime": "A String", # Output only. Time simulation was created
120
+
"name": "A String", # Full resource name of the Simulation: organizations/123/simulations/456
121
+
"resourceValueConfigsMetadata": [ # Resource value configurations' metadata used in this simulation. Maximum of 100.
122
+
{ # Metadata about a ResourceValueConfig. For example, id and name.
123
+
"name": "A String", # Resource value config name
<pre>Lists the attack paths for a set of simulation results or valued resources and filter.
95
+
96
+
Args:
97
+
parent: string, Required. Name of parent to list attack paths. Valid formats: "organizations/{organization}", "organizations/{organization}/simulations/{simulation}" "organizations/{organization}/simulations/{simulation}/attackExposureResults/{attack_exposure_result_v2}" "organizations/{organization}/simulations/{simulation}/valuedResources/{valued_resource}" (required)
98
+
filter: string, The filter expression that filters the attack path in the response. Supported fields: * `valued_resources` supports =
99
+
pageSize: integer, The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.
100
+
pageToken: string, The value returned by the last `ListAttackPathsResponse`; indicates that this is a continuation of a prior `ListAttackPaths` call, and that the system should return the next page of data.
101
+
x__xgafv: string, V1 error format.
102
+
Allowed values
103
+
1 - v1 error format
104
+
2 - v2 error format
105
+
106
+
Returns:
107
+
An object of the form:
108
+
109
+
{ # Response message for listing the attack paths for a given simulation or valued resource.
110
+
"attackPaths": [ # The attack paths that the attack path simulation identified.
111
+
{ # A path that an attacker could take to reach an exposed resource.
112
+
"edges": [ # A list of the edges between nodes in this attack path.
113
+
{ # Represents a connection between a source node and a destination node in this attack path.
114
+
"destination": "A String", # The attack node uuid of the destination node.
115
+
"source": "A String", # The attack node uuid of the source node.
116
+
},
117
+
],
118
+
"name": "A String", # The attack path name, for example, `organizations/12/simulation/34/valuedResources/56/attackPaths/78`
119
+
"pathNodes": [ # A list of nodes that exist in this attack path.
120
+
{ # Represents one point that an attacker passes through in this attack path.
121
+
"associatedFindings": [ # The findings associated with this node in the attack path.
122
+
{ # A finding that is associated with this node in the attack path.
123
+
"canonicalFinding": "A String", # Canonical name of the associated findings. Example: organizations/123/sources/456/findings/789
124
+
"findingCategory": "A String", # The additional taxonomy group within findings from a given source.
125
+
"name": "A String", # Full resource name of the finding.
126
+
},
127
+
],
128
+
"attackSteps": [ # A list of attack step nodes that exist in this attack path node.
129
+
{ # Detailed steps the attack can take between path nodes.
"displayName": "A String", # User friendly name of the attack step
132
+
"labels": { # Attack step labels for metadata
133
+
"a_key": "A String",
134
+
},
135
+
"type": "A String", # Attack step type. Can be either AND, OR or DEFENSE
136
+
"uuid": "A String", # Unique ID for one Node
137
+
},
138
+
],
139
+
"displayName": "A String", # Human-readable name of this resource.
140
+
"resource": "A String", # The name of the resource at this point in the attack path. The format of the name follows the Cloud Asset Inventory [resource name format]("https://cloud.google.com/asset-inventory/docs/resource-name-format")
141
+
"resourceType": "A String", # The [supported resource type](http://cloud/asset-inventory/docs/supported-asset-types")
142
+
"uuid": "A String", # Unique id of the attack path node.
143
+
},
144
+
],
145
+
},
146
+
],
147
+
"nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no more results.
<pre>Lists the valued resources for a set of simulation results and filter.
100
+
101
+
Args:
102
+
parent: string, Required. Name of parent to list valued resources. Valid formats: "organizations/{organization}", "organizations/{organization}/simulations/{simulation}" "organizations/{organization}/simulations/{simulation}/attackExposureResults/{attack_exposure_result_v2}" (required)
103
+
filter: string, The filter expression that filters the valued resources in the response. Supported fields: * `resource_value` supports = * `resource_type` supports =
104
+
pageSize: integer, The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.
105
+
pageToken: string, The value returned by the last `ListValuedResourcesResponse`; indicates that this is a continuation of a prior `ListValuedResources` call, and that the system should return the next page of data.
106
+
x__xgafv: string, V1 error format.
107
+
Allowed values
108
+
1 - v1 error format
109
+
2 - v2 error format
110
+
111
+
Returns:
112
+
An object of the form:
113
+
114
+
{ # Response message for listing the valued resources for a given simulation.
115
+
"nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no more results.
116
+
"totalSize": 42, # The estimated total number of results matching the query.
117
+
"valuedResources": [ # The valued resources that the attack path simulation identified.
118
+
{ # A resource that is determined to have value to a user's system
119
+
"displayName": "A String", # Human-readable name of the valued resource.
120
+
"exposedScore": 3.14, # Exposed score for this valued resource. A value of 0 means no exposure was detected exposure.
121
+
"name": "A String", # Valued resource name, for example, e.g.: `organizations/123/simulations/456/valuedResources/789`
122
+
"resource": "A String", # The [full resource name](https://cloud.google.com/apis/design/resource_names#full_resource_name) of the valued resource.
123
+
"resourceType": "A String", # The [resource type](https://cloud.google.com/asset-inventory/docs/supported-asset-types) of the valued resource.
124
+
"resourceValue": "A String", # How valuable this resource is.
125
+
"resourceValueConfigsUsed": [ # List of resource value configurations' metadata used to determine the value of this resource. Maximum of 100.
126
+
{ # Metadata about a ResourceValueConfig. For example, id and name.
127
+
"name": "A String", # Resource value config name
Copy file name to clipboardexpand all lines: docs/dyn/securitycenter_v1.projects.sources.findings.html
+45
Original file line number
Diff line number
Diff line change
@@ -212,6 +212,15 @@ <h3>Method Details</h3>
212
212
"userAgentFamily": "A String", # Type of user agent associated with the finding. For example, an operating system shell or an embedded or standalone application.
213
213
"userName": "A String", # A string that represents a username. The username provided depends on the type of the finding and is likely not an IAM principal. For example, this can be a system username if the finding is related to a virtual machine, or it can be an application login username.
214
214
},
215
+
"attackExposure": { # An attack exposure contains the results of an attack path simulation run. # The results of an attack path simulation relevant to this finding.
216
+
"attackExposureResult": "A String", # The resource name of the attack path simulation result that contains the details regarding this attack exposure score. Example: organizations/123/attackExposureResults/456
217
+
"exposedHighValueResourcesCount": 42, # The number of high value resources that are exposed as a result of this finding.
218
+
"exposedLowValueResourcesCount": 42, # The number of high value resources that are exposed as a result of this finding.
219
+
"exposedMediumValueResourcesCount": 42, # The number of medium value resources that are exposed as a result of this finding.
220
+
"latestCalculationTime": "A String", # The most recent time the attack exposure was updated on this finding.
221
+
"score": 3.14, # A number between 0 (inclusive) and infinity that represents how important this finding is to remediate. The higher the score, the more important it is to remediate.
222
+
"state": "A String", # What state this AttackExposure is in. This captures whether or not an attack exposure has been calculated or not.
223
+
},
215
224
"canonicalName": "A String", # The canonical name of the finding. It's either "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or "projects/{project_number}/sources/{source_id}/findings/{finding_id}", depending on the closest CRM ancestor of the resource associated with the finding.
216
225
"category": "A String", # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: "XSS_FLASH_INJECTION"
217
226
"cloudDlpDataProfile": { # The [data profile](https://cloud.google.com/dlp/docs/data-profiles) associated with the finding. # Cloud DLP data profile that is associated with the finding.
@@ -613,6 +622,15 @@ <h3>Method Details</h3>
613
622
"userAgentFamily": "A String", # Type of user agent associated with the finding. For example, an operating system shell or an embedded or standalone application.
614
623
"userName": "A String", # A string that represents a username. The username provided depends on the type of the finding and is likely not an IAM principal. For example, this can be a system username if the finding is related to a virtual machine, or it can be an application login username.
615
624
},
625
+
"attackExposure": { # An attack exposure contains the results of an attack path simulation run. # The results of an attack path simulation relevant to this finding.
626
+
"attackExposureResult": "A String", # The resource name of the attack path simulation result that contains the details regarding this attack exposure score. Example: organizations/123/attackExposureResults/456
627
+
"exposedHighValueResourcesCount": 42, # The number of high value resources that are exposed as a result of this finding.
628
+
"exposedLowValueResourcesCount": 42, # The number of high value resources that are exposed as a result of this finding.
629
+
"exposedMediumValueResourcesCount": 42, # The number of medium value resources that are exposed as a result of this finding.
630
+
"latestCalculationTime": "A String", # The most recent time the attack exposure was updated on this finding.
631
+
"score": 3.14, # A number between 0 (inclusive) and infinity that represents how important this finding is to remediate. The higher the score, the more important it is to remediate.
632
+
"state": "A String", # What state this AttackExposure is in. This captures whether or not an attack exposure has been calculated or not.
633
+
},
616
634
"canonicalName": "A String", # The canonical name of the finding. It's either "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or "projects/{project_number}/sources/{source_id}/findings/{finding_id}", depending on the closest CRM ancestor of the resource associated with the finding.
617
635
"category": "A String", # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: "XSS_FLASH_INJECTION"
618
636
"cloudDlpDataProfile": { # The [data profile](https://cloud.google.com/dlp/docs/data-profiles) associated with the finding. # Cloud DLP data profile that is associated with the finding.
@@ -977,6 +995,15 @@ <h3>Method Details</h3>
977
995
"userAgentFamily": "A String", # Type of user agent associated with the finding. For example, an operating system shell or an embedded or standalone application.
978
996
"userName": "A String", # A string that represents a username. The username provided depends on the type of the finding and is likely not an IAM principal. For example, this can be a system username if the finding is related to a virtual machine, or it can be an application login username.
979
997
},
998
+
"attackExposure": { # An attack exposure contains the results of an attack path simulation run. # The results of an attack path simulation relevant to this finding.
999
+
"attackExposureResult": "A String", # The resource name of the attack path simulation result that contains the details regarding this attack exposure score. Example: organizations/123/attackExposureResults/456
1000
+
"exposedHighValueResourcesCount": 42, # The number of high value resources that are exposed as a result of this finding.
1001
+
"exposedLowValueResourcesCount": 42, # The number of high value resources that are exposed as a result of this finding.
1002
+
"exposedMediumValueResourcesCount": 42, # The number of medium value resources that are exposed as a result of this finding.
1003
+
"latestCalculationTime": "A String", # The most recent time the attack exposure was updated on this finding.
1004
+
"score": 3.14, # A number between 0 (inclusive) and infinity that represents how important this finding is to remediate. The higher the score, the more important it is to remediate.
1005
+
"state": "A String", # What state this AttackExposure is in. This captures whether or not an attack exposure has been calculated or not.
1006
+
},
980
1007
"canonicalName": "A String", # The canonical name of the finding. It's either "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or "projects/{project_number}/sources/{source_id}/findings/{finding_id}", depending on the closest CRM ancestor of the resource associated with the finding.
981
1008
"category": "A String", # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: "XSS_FLASH_INJECTION"
982
1009
"cloudDlpDataProfile": { # The [data profile](https://cloud.google.com/dlp/docs/data-profiles) associated with the finding. # Cloud DLP data profile that is associated with the finding.
@@ -1354,6 +1381,15 @@ <h3>Method Details</h3>
1354
1381
"userAgentFamily": "A String", # Type of user agent associated with the finding. For example, an operating system shell or an embedded or standalone application.
1355
1382
"userName": "A String", # A string that represents a username. The username provided depends on the type of the finding and is likely not an IAM principal. For example, this can be a system username if the finding is related to a virtual machine, or it can be an application login username.
1356
1383
},
1384
+
"attackExposure": { # An attack exposure contains the results of an attack path simulation run. # The results of an attack path simulation relevant to this finding.
1385
+
"attackExposureResult": "A String", # The resource name of the attack path simulation result that contains the details regarding this attack exposure score. Example: organizations/123/attackExposureResults/456
1386
+
"exposedHighValueResourcesCount": 42, # The number of high value resources that are exposed as a result of this finding.
1387
+
"exposedLowValueResourcesCount": 42, # The number of high value resources that are exposed as a result of this finding.
1388
+
"exposedMediumValueResourcesCount": 42, # The number of medium value resources that are exposed as a result of this finding.
1389
+
"latestCalculationTime": "A String", # The most recent time the attack exposure was updated on this finding.
1390
+
"score": 3.14, # A number between 0 (inclusive) and infinity that represents how important this finding is to remediate. The higher the score, the more important it is to remediate.
1391
+
"state": "A String", # What state this AttackExposure is in. This captures whether or not an attack exposure has been calculated or not.
1392
+
},
1357
1393
"canonicalName": "A String", # The canonical name of the finding. It's either "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or "projects/{project_number}/sources/{source_id}/findings/{finding_id}", depending on the closest CRM ancestor of the resource associated with the finding.
1358
1394
"category": "A String", # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: "XSS_FLASH_INJECTION"
1359
1395
"cloudDlpDataProfile": { # The [data profile](https://cloud.google.com/dlp/docs/data-profiles) associated with the finding. # Cloud DLP data profile that is associated with the finding.
@@ -1732,6 +1768,15 @@ <h3>Method Details</h3>
1732
1768
"userAgentFamily": "A String", # Type of user agent associated with the finding. For example, an operating system shell or an embedded or standalone application.
1733
1769
"userName": "A String", # A string that represents a username. The username provided depends on the type of the finding and is likely not an IAM principal. For example, this can be a system username if the finding is related to a virtual machine, or it can be an application login username.
1734
1770
},
1771
+
"attackExposure": { # An attack exposure contains the results of an attack path simulation run. # The results of an attack path simulation relevant to this finding.
1772
+
"attackExposureResult": "A String", # The resource name of the attack path simulation result that contains the details regarding this attack exposure score. Example: organizations/123/attackExposureResults/456
1773
+
"exposedHighValueResourcesCount": 42, # The number of high value resources that are exposed as a result of this finding.
1774
+
"exposedLowValueResourcesCount": 42, # The number of high value resources that are exposed as a result of this finding.
1775
+
"exposedMediumValueResourcesCount": 42, # The number of medium value resources that are exposed as a result of this finding.
1776
+
"latestCalculationTime": "A String", # The most recent time the attack exposure was updated on this finding.
1777
+
"score": 3.14, # A number between 0 (inclusive) and infinity that represents how important this finding is to remediate. The higher the score, the more important it is to remediate.
1778
+
"state": "A String", # What state this AttackExposure is in. This captures whether or not an attack exposure has been calculated or not.
1779
+
},
1735
1780
"canonicalName": "A String", # The canonical name of the finding. It's either "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or "projects/{project_number}/sources/{source_id}/findings/{finding_id}", depending on the closest CRM ancestor of the resource associated with the finding.
1736
1781
"category": "A String", # The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: "XSS_FLASH_INJECTION"
1737
1782
"cloudDlpDataProfile": { # The [data profile](https://cloud.google.com/dlp/docs/data-profiles) associated with the finding. # Cloud DLP data profile that is associated with the finding.
"description": "An attack exposure contains the results of an attack path simulation run.",
1057
+
"id": "AttackExposure",
1058
+
"properties": {
1059
+
"attackExposureResult": {
1060
+
"description": "The resource name of the attack path simulation result that contains the details regarding this attack exposure score. Example: organizations/123/attackExposureResults/456",
1061
+
"type": "string"
1062
+
},
1063
+
"exposedHighValueResourcesCount": {
1064
+
"description": "The number of high value resources that are exposed as a result of this finding.",
1065
+
"format": "int32",
1066
+
"type": "integer"
1067
+
},
1068
+
"exposedLowValueResourcesCount": {
1069
+
"description": "The number of high value resources that are exposed as a result of this finding.",
1070
+
"format": "int32",
1071
+
"type": "integer"
1072
+
},
1073
+
"exposedMediumValueResourcesCount": {
1074
+
"description": "The number of medium value resources that are exposed as a result of this finding.",
1075
+
"format": "int32",
1076
+
"type": "integer"
1077
+
},
1078
+
"latestCalculationTime": {
1079
+
"description": "The most recent time the attack exposure was updated on this finding.",
1080
+
"format": "google-datetime",
1081
+
"type": "string"
1082
+
},
1083
+
"score": {
1084
+
"description": "A number between 0 (inclusive) and infinity that represents how important this finding is to remediate. The higher the score, the more important it is to remediate.",
1085
+
"format": "double",
1086
+
"type": "number"
1087
+
},
1088
+
"state": {
1089
+
"description": "What state this AttackExposure is in. This captures whether or not an attack exposure has been calculated or not.",
1090
+
"enum": [
1091
+
"STATE_UNSPECIFIED",
1092
+
"CALCULATED",
1093
+
"NOT_CALCULATED"
1094
+
],
1095
+
"enumDescriptions": [
1096
+
"The state is not specified.",
1097
+
"The attack exposure has been calculated.",
1098
+
"The attack exposure has not been calculated."
1099
+
],
1100
+
"type": "string"
1101
+
}
1102
+
},
1103
+
"type": "object"
1104
+
},
1055
1105
"AuditConfig": {
1056
1106
"description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.",
1057
1107
"id": "AuditConfig",
@@ -1636,6 +1686,10 @@
1636
1686
"$ref": "Access",
1637
1687
"description": "Access details associated with the finding, such as more information on the caller, which method was accessed, and from where."
1638
1688
},
1689
+
"attackExposure": {
1690
+
"$ref": "AttackExposure",
1691
+
"description": "The results of an attack path simulation relevant to this finding."
1692
+
},
1639
1693
"canonicalName": {
1640
1694
"description": "The canonical name of the finding. It's either \"organizations/{organization_id}/sources/{source_id}/findings/{finding_id}\", \"folders/{folder_id}/sources/{source_id}/findings/{finding_id}\" or \"projects/{project_number}/sources/{source_id}/findings/{finding_id}\", depending on the closest CRM ancestor of the resource associated with the finding.",
"description": "Output only. Timestamp this resource value config was created.",
2322
+
"format": "google-datetime",
2323
+
"readOnly": true,
2324
+
"type": "string"
2325
+
},
2326
+
"description": {
2327
+
"description": "Description of the resource value config.",
2328
+
"type": "string"
2329
+
},
2330
+
"name": {
2331
+
"description": "Name for the resource value config",
2332
+
"type": "string"
2333
+
},
2334
+
"resourceLabelsSelector": {
2335
+
"additionalProperties": {
2336
+
"type": "string"
2337
+
},
2338
+
"description": "List of resource labels to search for, evaluated with AND. E.g. \"resource_labels_selector\": {\"key\": \"value\", \"env\": \"prod\"} will match resources with labels \"key\": \"value\" AND \"env\": \"prod\" https://cloud.google.com/resource-manager/docs/creating-managing-labels",
2339
+
"type": "object"
2340
+
},
2341
+
"resourceType": {
2342
+
"description": "Apply resource_value only to resources that match resource_type. resource_type will be checked with \"AND\" of other resources. E.g. \"storage.googleapis.com/Bucket\" with resource_value \"HIGH\" will apply \"HIGH\" value only to \"storage.googleapis.com/Bucket\" resources.",
2343
+
"type": "string"
2344
+
},
2345
+
"resourceValue": {
2346
+
"description": "Required. Resource value level this expression represents",
2347
+
"enum": [
2348
+
"RESOURCE_VALUE_UNSPECIFIED",
2349
+
"HIGH",
2350
+
"MEDIUM",
2351
+
"LOW",
2352
+
"NONE"
2353
+
],
2354
+
"enumDescriptions": [
2355
+
"Unspecific value",
2356
+
"High resource value",
2357
+
"Medium resource value",
2358
+
"Low resource value",
2359
+
"No resource value, e.g. ignore these resources"
2360
+
],
2361
+
"type": "string"
2362
+
},
2363
+
"scope": {
2364
+
"description": "Project or folder to scope this config to. For example, \"project/456\" would apply this config only to resources in \"project/456\" scope will be checked with \"AND\" of other resources.",
2365
+
"type": "string"
2366
+
},
2367
+
"tagValues": {
2368
+
"description": "Required. Tag values combined with AND to check against. Values in the form \"tagValues/123\" E.g. [ \"tagValues/123\", \"tagValues/456\", \"tagValues/789\" ] https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing",
2369
+
"items": {
2370
+
"type": "string"
2371
+
},
2372
+
"type": "array"
2373
+
},
2374
+
"updateTime": {
2375
+
"description": "Output only. Timestamp this resource value config was last updated.",
"description": "An attack exposure contains the results of an attack path simulation run.",
2078
+
"id": "AttackExposure",
2079
+
"properties": {
2080
+
"attackExposureResult": {
2081
+
"description": "The resource name of the attack path simulation result that contains the details regarding this attack exposure score. Example: organizations/123/attackExposureResults/456",
2082
+
"type": "string"
2083
+
},
2084
+
"exposedHighValueResourcesCount": {
2085
+
"description": "The number of high value resources that are exposed as a result of this finding.",
2086
+
"format": "int32",
2087
+
"type": "integer"
2088
+
},
2089
+
"exposedLowValueResourcesCount": {
2090
+
"description": "The number of high value resources that are exposed as a result of this finding.",
2091
+
"format": "int32",
2092
+
"type": "integer"
2093
+
},
2094
+
"exposedMediumValueResourcesCount": {
2095
+
"description": "The number of medium value resources that are exposed as a result of this finding.",
2096
+
"format": "int32",
2097
+
"type": "integer"
2098
+
},
2099
+
"latestCalculationTime": {
2100
+
"description": "The most recent time the attack exposure was updated on this finding.",
2101
+
"format": "google-datetime",
2102
+
"type": "string"
2103
+
},
2104
+
"score": {
2105
+
"description": "A number between 0 (inclusive) and infinity that represents how important this finding is to remediate. The higher the score, the more important it is to remediate.",
2106
+
"format": "double",
2107
+
"type": "number"
2108
+
},
2109
+
"state": {
2110
+
"description": "What state this AttackExposure is in. This captures whether or not an attack exposure has been calculated or not.",
2111
+
"enum": [
2112
+
"STATE_UNSPECIFIED",
2113
+
"CALCULATED",
2114
+
"NOT_CALCULATED"
2115
+
],
2116
+
"enumDescriptions": [
2117
+
"The state is not specified.",
2118
+
"The attack exposure has been calculated.",
2119
+
"The attack exposure has not been calculated."
2120
+
],
2121
+
"type": "string"
2122
+
}
2123
+
},
2124
+
"type": "object"
2125
+
},
2076
2126
"CloudDlpDataProfile": {
2077
2127
"description": "The [data profile](https://cloud.google.com/dlp/docs/data-profiles) associated with the finding.",
2078
2128
"id": "CloudDlpDataProfile",
@@ -2728,6 +2778,10 @@
2728
2778
"$ref": "Access",
2729
2779
"description": "Access details associated with the finding, such as more information on the caller, which method was accessed, and from where."
2730
2780
},
2781
+
"attackExposure": {
2782
+
"$ref": "AttackExposure",
2783
+
"description": "The results of an attack path simulation relevant to this finding."
2784
+
},
2731
2785
"canonicalName": {
2732
2786
"description": "The canonical name of the finding. It's either \"organizations/{organization_id}/sources/{source_id}/findings/{finding_id}\", \"folders/{folder_id}/sources/{source_id}/findings/{finding_id}\" or \"projects/{project_number}/sources/{source_id}/findings/{finding_id}\", depending on the closest CRM ancestor of the resource associated with the finding.",
"description": "Output only. Timestamp this resource value config was created.",
3391
+
"format": "google-datetime",
3392
+
"readOnly": true,
3393
+
"type": "string"
3394
+
},
3395
+
"description": {
3396
+
"description": "Description of the resource value config.",
3397
+
"type": "string"
3398
+
},
3399
+
"name": {
3400
+
"description": "Name for the resource value config",
3401
+
"type": "string"
3402
+
},
3403
+
"resourceLabelsSelector": {
3404
+
"additionalProperties": {
3405
+
"type": "string"
3406
+
},
3407
+
"description": "List of resource labels to search for, evaluated with AND. E.g. \"resource_labels_selector\": {\"key\": \"value\", \"env\": \"prod\"} will match resources with labels \"key\": \"value\" AND \"env\": \"prod\" https://cloud.google.com/resource-manager/docs/creating-managing-labels",
3408
+
"type": "object"
3409
+
},
3410
+
"resourceType": {
3411
+
"description": "Apply resource_value only to resources that match resource_type. resource_type will be checked with \"AND\" of other resources. E.g. \"storage.googleapis.com/Bucket\" with resource_value \"HIGH\" will apply \"HIGH\" value only to \"storage.googleapis.com/Bucket\" resources.",
3412
+
"type": "string"
3413
+
},
3414
+
"resourceValue": {
3415
+
"description": "Required. Resource value level this expression represents",
3416
+
"enum": [
3417
+
"RESOURCE_VALUE_UNSPECIFIED",
3418
+
"HIGH",
3419
+
"MEDIUM",
3420
+
"LOW",
3421
+
"NONE"
3422
+
],
3423
+
"enumDescriptions": [
3424
+
"Unspecific value",
3425
+
"High resource value",
3426
+
"Medium resource value",
3427
+
"Low resource value",
3428
+
"No resource value, e.g. ignore these resources"
3429
+
],
3430
+
"type": "string"
3431
+
},
3432
+
"scope": {
3433
+
"description": "Project or folder to scope this config to. For example, \"project/456\" would apply this config only to resources in \"project/456\" scope will be checked with \"AND\" of other resources.",
3434
+
"type": "string"
3435
+
},
3436
+
"tagValues": {
3437
+
"description": "Required. Tag values combined with AND to check against. Values in the form \"tagValues/123\" E.g. [ \"tagValues/123\", \"tagValues/456\", \"tagValues/789\" ] https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing",
3438
+
"items": {
3439
+
"type": "string"
3440
+
},
3441
+
"type": "array"
3442
+
},
3443
+
"updateTime": {
3444
+
"description": "Output only. Timestamp this resource value config was last updated.",
0 commit comments