diff --git a/.release-please-manifest.json b/.release-please-manifest.json index 8bb47c80..1a4b3641 100644 --- a/.release-please-manifest.json +++ b/.release-please-manifest.json @@ -1,3 +1,3 @@ { - ".": "1.18.1" + ".": "1.18.2" } diff --git a/CHANGELOG.md b/CHANGELOG.md index c670c158..5d203ac3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,18 @@ [1]: https://pypi.org/project/google-cloud-securitycenter/#history +## [1.18.2](https://github.com/googleapis/python-securitycenter/compare/v1.18.1...v1.18.2) (2023-01-20) + + +### Bug Fixes + +* Add context manager return types ([367a3bd](https://github.com/googleapis/python-securitycenter/commit/367a3bda34b1d06e1ecbff0db7a4bc8d1dff7436)) + + +### Documentation + +* Add documentation for enums ([367a3bd](https://github.com/googleapis/python-securitycenter/commit/367a3bda34b1d06e1ecbff0db7a4bc8d1dff7436)) + ## [1.18.1](https://github.com/googleapis/python-securitycenter/compare/v1.18.0...v1.18.1) (2023-01-14) diff --git a/google/cloud/securitycenter/gapic_version.py b/google/cloud/securitycenter/gapic_version.py index 21896006..83612d7b 100644 --- a/google/cloud/securitycenter/gapic_version.py +++ b/google/cloud/securitycenter/gapic_version.py @@ -13,4 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. # -__version__ = "1.18.1" # {x-release-please-version} +__version__ = "1.18.2" # {x-release-please-version} diff --git a/google/cloud/securitycenter_v1/gapic_version.py b/google/cloud/securitycenter_v1/gapic_version.py index 21896006..83612d7b 100644 --- a/google/cloud/securitycenter_v1/gapic_version.py +++ b/google/cloud/securitycenter_v1/gapic_version.py @@ -13,4 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. # -__version__ = "1.18.1" # {x-release-please-version} +__version__ = "1.18.2" # {x-release-please-version} diff --git a/google/cloud/securitycenter_v1/services/security_center/client.py b/google/cloud/securitycenter_v1/services/security_center/client.py index e8870422..6d2cfae7 100644 --- a/google/cloud/securitycenter_v1/services/security_center/client.py +++ b/google/cloud/securitycenter_v1/services/security_center/client.py @@ -4982,7 +4982,7 @@ def sample_list_big_query_exports(): # Done; return the response. return response - def __enter__(self): + def __enter__(self) -> "SecurityCenterClient": return self def __exit__(self, type, value, traceback): diff --git a/google/cloud/securitycenter_v1/types/connection.py b/google/cloud/securitycenter_v1/types/connection.py index bbcd0fbd..d6f19a7c 100644 --- a/google/cloud/securitycenter_v1/types/connection.py +++ b/google/cloud/securitycenter_v1/types/connection.py @@ -46,7 +46,22 @@ class Connection(proto.Message): """ class Protocol(proto.Enum): - r"""IANA Internet Protocol Number such as TCP(6) and UDP(17).""" + r"""IANA Internet Protocol Number such as TCP(6) and UDP(17). + + Values: + PROTOCOL_UNSPECIFIED (0): + Unspecified protocol (not HOPOPT). + ICMP (1): + Internet Control Message Protocol. + TCP (6): + Transmission Control Protocol. + UDP (17): + User Datagram Protocol. + GRE (47): + Generic Routing Encapsulation. + ESP (50): + Encap Security Payload. + """ PROTOCOL_UNSPECIFIED = 0 ICMP = 1 TCP = 6 diff --git a/google/cloud/securitycenter_v1/types/finding.py b/google/cloud/securitycenter_v1/types/finding.py index c8594d2a..be9e6690 100644 --- a/google/cloud/securitycenter_v1/types/finding.py +++ b/google/cloud/securitycenter_v1/types/finding.py @@ -218,13 +218,93 @@ class Finding(proto.Message): """ class State(proto.Enum): - r"""The state of the finding.""" + r"""The state of the finding. + + Values: + STATE_UNSPECIFIED (0): + Unspecified state. + ACTIVE (1): + The finding requires attention and has not + been addressed yet. + INACTIVE (2): + The finding has been fixed, triaged as a + non-issue or otherwise addressed and is no + longer active. + """ STATE_UNSPECIFIED = 0 ACTIVE = 1 INACTIVE = 2 class Severity(proto.Enum): - r"""The severity of the finding.""" + r"""The severity of the finding. + + Values: + SEVERITY_UNSPECIFIED (0): + This value is used for findings when a source + doesn't write a severity value. + CRITICAL (1): + Vulnerability: + A critical vulnerability is easily discoverable + by an external actor, exploitable, and results + in the direct ability to execute arbitrary code, + exfiltrate data, and otherwise gain additional + access and privileges to cloud resources and + workloads. Examples include publicly accessible + unprotected user data, public SSH access with + weak or no passwords, etc. + Threat: + Indicates a threat that is able to access, + modify, or delete data or execute unauthorized + code within existing resources. + HIGH (2): + Vulnerability: + A high risk vulnerability can be easily + discovered and exploited in combination with + other vulnerabilities in order to gain direct + access and the ability to execute arbitrary + code, exfiltrate data, and otherwise gain + additional access and privileges to cloud + resources and workloads. An example is a + database with weak or no passwords that is only + accessible internally. This database could + easily be compromised by an actor that had + access to the internal network. + Threat: + Indicates a threat that is able to create new + computational resources in an environment but + not able to access data or execute code in + existing resources. + MEDIUM (3): + Vulnerability: + A medium risk vulnerability could be used by an + actor to gain access to resources or privileges + that enable them to eventually (through multiple + steps or a complex exploit) gain access and the + ability to execute arbitrary code or exfiltrate + data. An example is a service account with + access to more projects than it should have. If + an actor gains access to the service account, + they could potentially use that access to + manipulate a project the service account was not + intended to. + Threat: + Indicates a threat that is able to cause + operational impact but may not access data or + execute unauthorized code. + LOW (4): + Vulnerability: + A low risk vulnerability hampers a security + organization's ability to detect vulnerabilities + or active threats in their deployment, or + prevents the root cause investigation of + security issues. An example is monitoring and + logs being disabled for resource configurations + and access. + Threat: + Indicates a threat that has obtained minimal + access to an environment but is not able to + access data, execute code, or create resources. + """ SEVERITY_UNSPECIFIED = 0 CRITICAL = 1 HIGH = 2 @@ -232,14 +312,46 @@ class Severity(proto.Enum): LOW = 4 class Mute(proto.Enum): - r"""Mute state a finding can be in.""" + r"""Mute state a finding can be in. + + Values: + MUTE_UNSPECIFIED (0): + Unspecified. + MUTED (1): + Finding has been muted. + UNMUTED (2): + Finding has been unmuted. + UNDEFINED (4): + Finding has never been muted/unmuted. + """ MUTE_UNSPECIFIED = 0 MUTED = 1 UNMUTED = 2 UNDEFINED = 4 class FindingClass(proto.Enum): - r"""Represents what kind of Finding it is.""" + r"""Represents what kind of Finding it is. + + Values: + FINDING_CLASS_UNSPECIFIED (0): + Unspecified finding class. + THREAT (1): + Describes unwanted or malicious activity. + VULNERABILITY (2): + Describes a potential weakness in software + that increases risk to Confidentiality & + Integrity & Availability. + MISCONFIGURATION (3): + Describes a potential weakness in cloud + resource/asset configuration that increases + risk. + OBSERVATION (4): + Describes a security observation that is for + informational purposes. + SCC_ERROR (5): + Describes an error that prevents some SCC + functionality. + """ FINDING_CLASS_UNSPECIFIED = 0 THREAT = 1 VULNERABILITY = 2 diff --git a/google/cloud/securitycenter_v1/types/iam_binding.py b/google/cloud/securitycenter_v1/types/iam_binding.py index 1b51d083..ff03885d 100644 --- a/google/cloud/securitycenter_v1/types/iam_binding.py +++ b/google/cloud/securitycenter_v1/types/iam_binding.py @@ -42,7 +42,16 @@ class IamBinding(proto.Message): """ class Action(proto.Enum): - r"""The type of action performed on a Binding in a policy.""" + r"""The type of action performed on a Binding in a policy. + + Values: + ACTION_UNSPECIFIED (0): + Unspecified. + ADD (1): + Addition of a Binding. + REMOVE (2): + Removal of a Binding. + """ ACTION_UNSPECIFIED = 0 ADD = 1 REMOVE = 2 diff --git a/google/cloud/securitycenter_v1/types/kubernetes.py b/google/cloud/securitycenter_v1/types/kubernetes.py index fb6df80f..86f78c94 100644 --- a/google/cloud/securitycenter_v1/types/kubernetes.py +++ b/google/cloud/securitycenter_v1/types/kubernetes.py @@ -136,7 +136,16 @@ class Role(proto.Message): """ class Kind(proto.Enum): - r"""Types of Kubernetes roles.""" + r"""Types of Kubernetes roles. + + Values: + KIND_UNSPECIFIED (0): + Role type is not specified. + ROLE (1): + Kubernetes Role. + CLUSTER_ROLE (2): + Kubernetes ClusterRole. + """ KIND_UNSPECIFIED = 0 ROLE = 1 CLUSTER_ROLE = 2 @@ -203,7 +212,19 @@ class Subject(proto.Message): """ class AuthType(proto.Enum): - r"""Auth types that can be used for Subject's kind field.""" + r"""Auth types that can be used for Subject's kind field. + + Values: + AUTH_TYPE_UNSPECIFIED (0): + Authentication is not specified. + USER (1): + User with valid certificate. + SERVICEACCOUNT (2): + Users managed by Kubernetes API with + credentials stored as Secrets. + GROUP (3): + Collection of users. + """ AUTH_TYPE_UNSPECIFIED = 0 USER = 1 SERVICEACCOUNT = 2 diff --git a/google/cloud/securitycenter_v1/types/mitre_attack.py b/google/cloud/securitycenter_v1/types/mitre_attack.py index 26e3889e..3e01d7ae 100644 --- a/google/cloud/securitycenter_v1/types/mitre_attack.py +++ b/google/cloud/securitycenter_v1/types/mitre_attack.py @@ -57,6 +57,38 @@ class MitreAttack(proto.Message): class Tactic(proto.Enum): r"""MITRE ATT&CK tactics that can be referenced by SCC findings. See: https://attack.mitre.org/tactics/enterprise/ + + Values: + TACTIC_UNSPECIFIED (0): + Unspecified value. + RECONNAISSANCE (1): + TA0043 + RESOURCE_DEVELOPMENT (2): + TA0042 + INITIAL_ACCESS (5): + TA0001 + EXECUTION (3): + TA0002 + PERSISTENCE (6): + TA0003 + PRIVILEGE_ESCALATION (8): + TA0004 + DEFENSE_EVASION (7): + TA0005 + CREDENTIAL_ACCESS (9): + TA0006 + DISCOVERY (10): + TA0007 + LATERAL_MOVEMENT (11): + TA0008 + COLLECTION (12): + TA0009 + COMMAND_AND_CONTROL (4): + TA0011 + EXFILTRATION (13): + TA0010 + IMPACT (14): + TA0040 """ TACTIC_UNSPECIFIED = 0 RECONNAISSANCE = 1 @@ -77,6 +109,80 @@ class Tactic(proto.Enum): class Technique(proto.Enum): r"""MITRE ATT&CK techniques that can be referenced by SCC findings. See: https://attack.mitre.org/techniques/enterprise/ + + Values: + TECHNIQUE_UNSPECIFIED (0): + Unspecified value. + ACTIVE_SCANNING (1): + T1595 + SCANNING_IP_BLOCKS (2): + T1595.001 + INGRESS_TOOL_TRANSFER (3): + T1105 + NATIVE_API (4): + T1106 + SHARED_MODULES (5): + T1129 + COMMAND_AND_SCRIPTING_INTERPRETER (6): + T1059 + UNIX_SHELL (7): + T1059.004 + RESOURCE_HIJACKING (8): + T1496 + PROXY (9): + T1090 + EXTERNAL_PROXY (10): + T1090.002 + MULTI_HOP_PROXY (11): + T1090.003 + DYNAMIC_RESOLUTION (12): + T1568 + UNSECURED_CREDENTIALS (13): + T1552 + VALID_ACCOUNTS (14): + T1078 + LOCAL_ACCOUNTS (15): + T1078.003 + CLOUD_ACCOUNTS (16): + T1078.004 + NETWORK_DENIAL_OF_SERVICE (17): + T1498 + PERMISSION_GROUPS_DISCOVERY (18): + T1069 + CLOUD_GROUPS (19): + T1069.003 + EXFILTRATION_OVER_WEB_SERVICE (20): + T1567 + EXFILTRATION_TO_CLOUD_STORAGE (21): + T1567.002 + ACCOUNT_MANIPULATION (22): + T1098 + SSH_AUTHORIZED_KEYS (23): + T1098.004 + CREATE_OR_MODIFY_SYSTEM_PROCESS (24): + T1543 + STEAL_WEB_SESSION_COOKIE (25): + T1539 + MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE (26): + T1578 + EXPLOIT_PUBLIC_FACING_APPLICATION (27): + T1190 + MODIFY_AUTHENTICATION_PROCESS (28): + T1556 + DATA_DESTRUCTION (29): + T1485 + DOMAIN_POLICY_MODIFICATION (30): + T1484 + IMPAIR_DEFENSES (31): + T1562 + NETWORK_SERVICE_DISCOVERY (32): + T1046 + ACCESS_TOKEN_MANIPULATION (33): + T1134 + ABUSE_ELEVATION_CONTROL_MECHANISM (34): + T1548 + DEFAULT_ACCOUNTS (35): + T1078.001 """ TECHNIQUE_UNSPECIFIED = 0 ACTIVE_SCANNING = 1 diff --git a/google/cloud/securitycenter_v1/types/organization_settings.py b/google/cloud/securitycenter_v1/types/organization_settings.py index 239dbd86..7bb00684 100644 --- a/google/cloud/securitycenter_v1/types/organization_settings.py +++ b/google/cloud/securitycenter_v1/types/organization_settings.py @@ -70,6 +70,20 @@ class InclusionMode(proto.Enum): projects are discovered during asset discovery. If neither are set, then all projects within the organization are discovered during asset discovery. + + Values: + INCLUSION_MODE_UNSPECIFIED (0): + Unspecified. Setting the mode with this value + will disable inclusion/exclusion filtering for + Asset Discovery. + INCLUDE_ONLY (1): + Asset Discovery will capture only the + resources within the projects specified. All + other resources will be ignored. + EXCLUDE (2): + Asset Discovery will ignore all resources + under the projects specified. All other + resources will be retrieved. """ INCLUSION_MODE_UNSPECIFIED = 0 INCLUDE_ONLY = 1 diff --git a/google/cloud/securitycenter_v1/types/run_asset_discovery_response.py b/google/cloud/securitycenter_v1/types/run_asset_discovery_response.py index a5ecb37d..61bde684 100644 --- a/google/cloud/securitycenter_v1/types/run_asset_discovery_response.py +++ b/google/cloud/securitycenter_v1/types/run_asset_discovery_response.py @@ -38,7 +38,21 @@ class RunAssetDiscoveryResponse(proto.Message): """ class State(proto.Enum): - r"""The state of an asset discovery run.""" + r"""The state of an asset discovery run. + + Values: + STATE_UNSPECIFIED (0): + Asset discovery run state was unspecified. + COMPLETED (1): + Asset discovery run completed successfully. + SUPERSEDED (2): + Asset discovery run was cancelled with tasks + still pending, as another run for the same + organization was started with a higher priority. + TERMINATED (3): + Asset discovery run was killed and + terminated. + """ STATE_UNSPECIFIED = 0 COMPLETED = 1 SUPERSEDED = 2 diff --git a/google/cloud/securitycenter_v1/types/securitycenter_service.py b/google/cloud/securitycenter_v1/types/securitycenter_service.py index 4d294f33..c7700f6a 100644 --- a/google/cloud/securitycenter_v1/types/securitycenter_service.py +++ b/google/cloud/securitycenter_v1/types/securitycenter_service.py @@ -1314,6 +1314,17 @@ class StateChange(proto.Enum): between the two points: ADDED, REMOVED, or ACTIVE. If there was no compare_duration supplied in the request the state change will be: UNUSED + + Values: + UNUSED (0): + State change is unused, this is the canonical + default for this enum. + ADDED (1): + Asset was added between the points in time. + REMOVED (2): + Asset was removed between the points in time. + ACTIVE (3): + Asset was present at both point(s) in time. """ UNUSED = 0 ADDED = 1 @@ -1593,6 +1604,24 @@ class StateChange(proto.Enum): finding at timestamp does not match the filter specified, but it did at timestamp - compare_duration. If there was no compare_duration supplied in the request the state change will be: UNUSED + + Values: + UNUSED (0): + State change is unused, this is the canonical + default for this enum. + CHANGED (1): + The finding has changed state in some way + between the points in time and existed at both + points. + UNCHANGED (2): + The finding has not changed state between the + points in time and existed at both points. + ADDED (3): + The finding was created between the points in + time. + REMOVED (4): + The finding at timestamp does not match the filter + specified, but it did at timestamp - compare_duration. """ UNUSED = 0 CHANGED = 1 diff --git a/google/cloud/securitycenter_v1/types/vulnerability.py b/google/cloud/securitycenter_v1/types/vulnerability.py index c99ac19b..cd43b7cb 100644 --- a/google/cloud/securitycenter_v1/types/vulnerability.py +++ b/google/cloud/securitycenter_v1/types/vulnerability.py @@ -156,6 +156,27 @@ class Cvssv3(proto.Message): class AttackVector(proto.Enum): r"""This metric reflects the context by which vulnerability exploitation is possible. + + Values: + ATTACK_VECTOR_UNSPECIFIED (0): + Invalid value. + ATTACK_VECTOR_NETWORK (1): + The vulnerable component is bound to the + network stack and the set of possible attackers + extends beyond the other options listed below, + up to and including the entire Internet. + ATTACK_VECTOR_ADJACENT (2): + The vulnerable component is bound to the + network stack, but the attack is limited at the + protocol level to a logically adjacent topology. + ATTACK_VECTOR_LOCAL (3): + The vulnerable component is not bound to the + network stack and the attacker's path is via + read/write/execute capabilities. + ATTACK_VECTOR_PHYSICAL (4): + The attack requires the attacker to + physically touch or manipulate the vulnerable + component. """ ATTACK_VECTOR_UNSPECIFIED = 0 ATTACK_VECTOR_NETWORK = 1 @@ -166,6 +187,23 @@ class AttackVector(proto.Enum): class AttackComplexity(proto.Enum): r"""This metric describes the conditions beyond the attacker's control that must exist in order to exploit the vulnerability. + + Values: + ATTACK_COMPLEXITY_UNSPECIFIED (0): + Invalid value. + ATTACK_COMPLEXITY_LOW (1): + Specialized access conditions or extenuating + circumstances do not exist. An attacker can + expect repeatable success when attacking the + vulnerable component. + ATTACK_COMPLEXITY_HIGH (2): + A successful attack depends on conditions + beyond the attacker's control. That is, a + successful attack cannot be accomplished at + will, but requires the attacker to invest in + some measurable amount of effort in preparation + or execution against the vulnerable component + before a successful attack can be expected. """ ATTACK_COMPLEXITY_UNSPECIFIED = 0 ATTACK_COMPLEXITY_LOW = 1 @@ -174,6 +212,27 @@ class AttackComplexity(proto.Enum): class PrivilegesRequired(proto.Enum): r"""This metric describes the level of privileges an attacker must possess before successfully exploiting the vulnerability. + + Values: + PRIVILEGES_REQUIRED_UNSPECIFIED (0): + Invalid value. + PRIVILEGES_REQUIRED_NONE (1): + The attacker is unauthorized prior to attack, + and therefore does not require any access to + settings or files of the vulnerable system to + carry out an attack. + PRIVILEGES_REQUIRED_LOW (2): + The attacker requires privileges that provide + basic user capabilities that could normally + affect only settings and files owned by a user. + Alternatively, an attacker with Low privileges + has the ability to access only non-sensitive + resources. + PRIVILEGES_REQUIRED_HIGH (3): + The attacker requires privileges that provide + significant (e.g., administrative) control over + the vulnerable component allowing access to + component-wide settings and files. """ PRIVILEGES_REQUIRED_UNSPECIFIED = 0 PRIVILEGES_REQUIRED_NONE = 1 @@ -184,6 +243,17 @@ class UserInteraction(proto.Enum): r"""This metric captures the requirement for a human user, other than the attacker, to participate in the successful compromise of the vulnerable component. + + Values: + USER_INTERACTION_UNSPECIFIED (0): + Invalid value. + USER_INTERACTION_NONE (1): + The vulnerable system can be exploited + without interaction from any user. + USER_INTERACTION_REQUIRED (2): + Successful exploitation of this vulnerability + requires a user to take some action before the + vulnerability can be exploited. """ USER_INTERACTION_UNSPECIFIED = 0 USER_INTERACTION_NONE = 1 @@ -193,6 +263,19 @@ class Scope(proto.Enum): r"""The Scope metric captures whether a vulnerability in one vulnerable component impacts resources in components beyond its security scope. + + Values: + SCOPE_UNSPECIFIED (0): + Invalid value. + SCOPE_UNCHANGED (1): + An exploited vulnerability can only affect + resources managed by the same security + authority. + SCOPE_CHANGED (2): + An exploited vulnerability can affect + resources beyond the security scope managed by + the security authority of the vulnerable + component. """ SCOPE_UNSPECIFIED = 0 SCOPE_UNCHANGED = 1 @@ -203,6 +286,16 @@ class Impact(proto.Enum): exploited vulnerability on the component that suffers the worst outcome that is most directly and predictably associated with the attack. + + Values: + IMPACT_UNSPECIFIED (0): + Invalid value. + IMPACT_HIGH (1): + High impact. + IMPACT_LOW (2): + Low impact. + IMPACT_NONE (3): + No impact. """ IMPACT_UNSPECIFIED = 0 IMPACT_HIGH = 1 diff --git a/google/cloud/securitycenter_v1beta1/gapic_version.py b/google/cloud/securitycenter_v1beta1/gapic_version.py index 21896006..83612d7b 100644 --- a/google/cloud/securitycenter_v1beta1/gapic_version.py +++ b/google/cloud/securitycenter_v1beta1/gapic_version.py @@ -13,4 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. # -__version__ = "1.18.1" # {x-release-please-version} +__version__ = "1.18.2" # {x-release-please-version} diff --git a/google/cloud/securitycenter_v1beta1/services/security_center/client.py b/google/cloud/securitycenter_v1beta1/services/security_center/client.py index 818fc72b..8551f4d6 100644 --- a/google/cloud/securitycenter_v1beta1/services/security_center/client.py +++ b/google/cloud/securitycenter_v1beta1/services/security_center/client.py @@ -2723,7 +2723,7 @@ def sample_update_security_marks(): # Done; return the response. return response - def __enter__(self): + def __enter__(self) -> "SecurityCenterClient": return self def __exit__(self, type, value, traceback): diff --git a/google/cloud/securitycenter_v1beta1/types/finding.py b/google/cloud/securitycenter_v1beta1/types/finding.py index c02aef73..e825c3a4 100644 --- a/google/cloud/securitycenter_v1beta1/types/finding.py +++ b/google/cloud/securitycenter_v1beta1/types/finding.py @@ -96,7 +96,19 @@ class Finding(proto.Message): """ class State(proto.Enum): - r"""The state of the finding.""" + r"""The state of the finding. + + Values: + STATE_UNSPECIFIED (0): + Unspecified state. + ACTIVE (1): + The finding requires attention and has not + been addressed yet. + INACTIVE (2): + The finding has been fixed, triaged as a + non-issue or otherwise addressed and is no + longer active. + """ STATE_UNSPECIFIED = 0 ACTIVE = 1 INACTIVE = 2 diff --git a/google/cloud/securitycenter_v1beta1/types/organization_settings.py b/google/cloud/securitycenter_v1beta1/types/organization_settings.py index 2d94e528..819dc9be 100644 --- a/google/cloud/securitycenter_v1beta1/types/organization_settings.py +++ b/google/cloud/securitycenter_v1beta1/types/organization_settings.py @@ -66,6 +66,20 @@ class InclusionMode(proto.Enum): projects are discovered during asset discovery. If neither are set, then all projects within the organization are discovered during asset discovery. + + Values: + INCLUSION_MODE_UNSPECIFIED (0): + Unspecified. Setting the mode with this value + will disable inclusion/exclusion filtering for + Asset Discovery. + INCLUDE_ONLY (1): + Asset Discovery will capture only the + resources within the projects specified. All + other resources will be ignored. + EXCLUDE (2): + Asset Discovery will ignore all resources + under the projects specified. All other + resources will be retrieved. """ INCLUSION_MODE_UNSPECIFIED = 0 INCLUDE_ONLY = 1 diff --git a/google/cloud/securitycenter_v1beta1/types/run_asset_discovery_response.py b/google/cloud/securitycenter_v1beta1/types/run_asset_discovery_response.py index 6b81fa6c..9ca334ed 100644 --- a/google/cloud/securitycenter_v1beta1/types/run_asset_discovery_response.py +++ b/google/cloud/securitycenter_v1beta1/types/run_asset_discovery_response.py @@ -38,7 +38,21 @@ class RunAssetDiscoveryResponse(proto.Message): """ class State(proto.Enum): - r"""The state of an asset discovery run.""" + r"""The state of an asset discovery run. + + Values: + STATE_UNSPECIFIED (0): + Asset discovery run state was unspecified. + COMPLETED (1): + Asset discovery run completed successfully. + SUPERSEDED (2): + Asset discovery run was cancelled with tasks + still pending, as another run for the same + organization was started with a higher priority. + TERMINATED (3): + Asset discovery run was killed and + terminated. + """ STATE_UNSPECIFIED = 0 COMPLETED = 1 SUPERSEDED = 2 diff --git a/google/cloud/securitycenter_v1beta1/types/securitycenter_service.py b/google/cloud/securitycenter_v1beta1/types/securitycenter_service.py index 6551cc47..80d940f3 100644 --- a/google/cloud/securitycenter_v1beta1/types/securitycenter_service.py +++ b/google/cloud/securitycenter_v1beta1/types/securitycenter_service.py @@ -697,6 +697,19 @@ class State(proto.Enum): When querying across two points in time this describes the change between the two points: ADDED, REMOVED, or ACTIVE. If there was no compare_duration supplied in the request the state should be: UNUSED + + Values: + STATE_UNSPECIFIED (0): + Unspecified state. + UNUSED (1): + Request did not specify use of this field in + the result. + ADDED (2): + Asset was added between the points in time. + REMOVED (3): + Asset was removed between the points in time. + ACTIVE (4): + Asset was active at both point(s) in time. """ STATE_UNSPECIFIED = 0 UNUSED = 1 diff --git a/google/cloud/securitycenter_v1p1beta1/gapic_version.py b/google/cloud/securitycenter_v1p1beta1/gapic_version.py index 21896006..83612d7b 100644 --- a/google/cloud/securitycenter_v1p1beta1/gapic_version.py +++ b/google/cloud/securitycenter_v1p1beta1/gapic_version.py @@ -13,4 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. # -__version__ = "1.18.1" # {x-release-please-version} +__version__ = "1.18.2" # {x-release-please-version} diff --git a/google/cloud/securitycenter_v1p1beta1/services/security_center/client.py b/google/cloud/securitycenter_v1p1beta1/services/security_center/client.py index a82582c4..df75ac89 100644 --- a/google/cloud/securitycenter_v1p1beta1/services/security_center/client.py +++ b/google/cloud/securitycenter_v1p1beta1/services/security_center/client.py @@ -3460,7 +3460,7 @@ def sample_update_security_marks(): # Done; return the response. return response - def __enter__(self): + def __enter__(self) -> "SecurityCenterClient": return self def __exit__(self, type, value, traceback): diff --git a/google/cloud/securitycenter_v1p1beta1/types/finding.py b/google/cloud/securitycenter_v1p1beta1/types/finding.py index 900cb812..ae9e5bce 100644 --- a/google/cloud/securitycenter_v1p1beta1/types/finding.py +++ b/google/cloud/securitycenter_v1p1beta1/types/finding.py @@ -109,7 +109,19 @@ class Finding(proto.Message): """ class State(proto.Enum): - r"""The state of the finding.""" + r"""The state of the finding. + + Values: + STATE_UNSPECIFIED (0): + Unspecified state. + ACTIVE (1): + The finding requires attention and has not + been addressed yet. + INACTIVE (2): + The finding has been fixed, triaged as a + non-issue or otherwise addressed and is no + longer active. + """ STATE_UNSPECIFIED = 0 ACTIVE = 1 INACTIVE = 2 @@ -117,6 +129,18 @@ class State(proto.Enum): class Severity(proto.Enum): r"""The severity of the finding. This field is managed by the source that writes the finding. + + Values: + SEVERITY_UNSPECIFIED (0): + No severity specified. The default value. + CRITICAL (1): + Critical severity. + HIGH (2): + High severity. + MEDIUM (3): + Medium severity. + LOW (4): + Low severity. """ SEVERITY_UNSPECIFIED = 0 CRITICAL = 1 diff --git a/google/cloud/securitycenter_v1p1beta1/types/notification_config.py b/google/cloud/securitycenter_v1p1beta1/types/notification_config.py index 50ca126b..7bbe634d 100644 --- a/google/cloud/securitycenter_v1p1beta1/types/notification_config.py +++ b/google/cloud/securitycenter_v1p1beta1/types/notification_config.py @@ -61,7 +61,14 @@ class NotificationConfig(proto.Message): """ class EventType(proto.Enum): - r"""The type of events.""" + r"""The type of events. + + Values: + EVENT_TYPE_UNSPECIFIED (0): + Unspecified event type. + FINDING (1): + Events for findings. + """ EVENT_TYPE_UNSPECIFIED = 0 FINDING = 1 diff --git a/google/cloud/securitycenter_v1p1beta1/types/organization_settings.py b/google/cloud/securitycenter_v1p1beta1/types/organization_settings.py index a18af0e8..60e19658 100644 --- a/google/cloud/securitycenter_v1p1beta1/types/organization_settings.py +++ b/google/cloud/securitycenter_v1p1beta1/types/organization_settings.py @@ -70,6 +70,20 @@ class InclusionMode(proto.Enum): projects are discovered during asset discovery. If neither are set, then all projects within the organization are discovered during asset discovery. + + Values: + INCLUSION_MODE_UNSPECIFIED (0): + Unspecified. Setting the mode with this value + will disable inclusion/exclusion filtering for + Asset Discovery. + INCLUDE_ONLY (1): + Asset Discovery will capture only the + resources within the projects specified. All + other resources will be ignored. + EXCLUDE (2): + Asset Discovery will ignore all resources + under the projects specified. All other + resources will be retrieved. """ INCLUSION_MODE_UNSPECIFIED = 0 INCLUDE_ONLY = 1 diff --git a/google/cloud/securitycenter_v1p1beta1/types/run_asset_discovery_response.py b/google/cloud/securitycenter_v1p1beta1/types/run_asset_discovery_response.py index d12ee4f3..da212e8f 100644 --- a/google/cloud/securitycenter_v1p1beta1/types/run_asset_discovery_response.py +++ b/google/cloud/securitycenter_v1p1beta1/types/run_asset_discovery_response.py @@ -38,7 +38,21 @@ class RunAssetDiscoveryResponse(proto.Message): """ class State(proto.Enum): - r"""The state of an asset discovery run.""" + r"""The state of an asset discovery run. + + Values: + STATE_UNSPECIFIED (0): + Asset discovery run state was unspecified. + COMPLETED (1): + Asset discovery run completed successfully. + SUPERSEDED (2): + Asset discovery run was cancelled with tasks + still pending, as another run for the same + organization was started with a higher priority. + TERMINATED (3): + Asset discovery run was killed and + terminated. + """ STATE_UNSPECIFIED = 0 COMPLETED = 1 SUPERSEDED = 2 diff --git a/google/cloud/securitycenter_v1p1beta1/types/securitycenter_service.py b/google/cloud/securitycenter_v1p1beta1/types/securitycenter_service.py index 6aa1545f..3f5e2cc2 100644 --- a/google/cloud/securitycenter_v1p1beta1/types/securitycenter_service.py +++ b/google/cloud/securitycenter_v1p1beta1/types/securitycenter_service.py @@ -1061,6 +1061,17 @@ class StateChange(proto.Enum): between the two points: ADDED, REMOVED, or ACTIVE. If there was no compare_duration supplied in the request the state change will be: UNUSED + + Values: + UNUSED (0): + State change is unused, this is the canonical + default for this enum. + ADDED (1): + Asset was added between the points in time. + REMOVED (2): + Asset was removed between the points in time. + ACTIVE (3): + Asset was present at both point(s) in time. """ UNUSED = 0 ADDED = 1 @@ -1324,6 +1335,24 @@ class StateChange(proto.Enum): finding at timestamp does not match the filter specified, but it did at timestamp - compare_duration. If there was no compare_duration supplied in the request the state change will be: UNUSED + + Values: + UNUSED (0): + State change is unused, this is the canonical + default for this enum. + CHANGED (1): + The finding has changed state in some way + between the points in time and existed at both + points. + UNCHANGED (2): + The finding has not changed state between the + points in time and existed at both points. + ADDED (3): + The finding was created between the points in + time. + REMOVED (4): + The finding at timestamp does not match the filter + specified, but it did at timestamp - compare_duration. """ UNUSED = 0 CHANGED = 1 diff --git a/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v1.json b/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v1.json index 6b7bb5cc..77729919 100644 --- a/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v1.json +++ b/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v1.json @@ -8,7 +8,7 @@ ], "language": "PYTHON", "name": "google-cloud-securitycenter", - "version": "1.18.1" + "version": "1.18.2" }, "snippets": [ { diff --git a/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v1beta1.json b/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v1beta1.json index d51dd59f..78b44f52 100644 --- a/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v1beta1.json +++ b/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v1beta1.json @@ -8,7 +8,7 @@ ], "language": "PYTHON", "name": "google-cloud-securitycenter", - "version": "1.18.1" + "version": "1.18.2" }, "snippets": [ { diff --git a/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v1p1beta1.json b/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v1p1beta1.json index b9bcef26..32a89128 100644 --- a/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v1p1beta1.json +++ b/samples/generated_samples/snippet_metadata_google.cloud.securitycenter.v1p1beta1.json @@ -8,7 +8,7 @@ ], "language": "PYTHON", "name": "google-cloud-securitycenter", - "version": "1.18.1" + "version": "1.18.2" }, "snippets": [ { diff --git a/samples/snippets/requirements-test.txt b/samples/snippets/requirements-test.txt index 490e878f..51d20956 100644 --- a/samples/snippets/requirements-test.txt +++ b/samples/snippets/requirements-test.txt @@ -1,2 +1,2 @@ pytest==7.2.1 -google-cloud-bigquery==3.4.1 +google-cloud-bigquery==3.4.2 diff --git a/samples/snippets/requirements.txt b/samples/snippets/requirements.txt index 2a43dace..06909df0 100644 --- a/samples/snippets/requirements.txt +++ b/samples/snippets/requirements.txt @@ -1,2 +1,2 @@ google-cloud-pubsub==2.13.12 -google-cloud-securitycenter==1.18.0 \ No newline at end of file +google-cloud-securitycenter==1.18.1 \ No newline at end of file