feat: Automated regeneration of securitycenter v1 client (#20353)

Auto-created at 2024-10-06 09:54:49 +0000 using the toys pull request generator.
googleapis · Oct 6, 2024 · 59f3b3a · 59f3b3a
1 parent 9db860a
commit 59f3b3a
Show file tree

Hide file tree

Showing 6 changed files with 94 additions and 251 deletions.
diff --git a/api_names_out.yaml b/api_names_out.yaml
@@ -293715,6 +293715,7 @@
 "/securitycenter:v1/AzureMetadata/subscription": subscription
 "/securitycenter:v1/AzureMetadata/tenant": tenant
 "/securitycenter:v1/AzureResourceGroup": azure_resource_group
+"/securitycenter:v1/AzureResourceGroup/id": id
 "/securitycenter:v1/AzureResourceGroup/name": name
 "/securitycenter:v1/AzureSubscription": azure_subscription
 "/securitycenter:v1/AzureSubscription/displayName": display_name
@@ -293752,6 +293753,8 @@
 "/securitycenter:v1/BulkMuteFindingsRequest/filter": filter
 "/securitycenter:v1/BulkMuteFindingsRequest/muteAnnotation": mute_annotation
 "/securitycenter:v1/BulkMuteFindingsRequest/muteState": mute_state
+"/securitycenter:v1/CelPolicySpec": cel_policy_spec
+"/securitycenter:v1/CelPolicySpec/spec": spec
 "/securitycenter:v1/CloudArmor": cloud_armor
 "/securitycenter:v1/CloudArmor/adaptiveProtection": adaptive_protection
 "/securitycenter:v1/CloudArmor/attack": attack
@@ -294019,6 +294022,7 @@
 "/securitycenter:v1/GoogleCloudSecuritycenterV1Binding/subjects/subject": subject
 "/securitycenter:v1/GoogleCloudSecuritycenterV1BulkMuteFindingsResponse": google_cloud_securitycenter_v1_bulk_mute_findings_response
 "/securitycenter:v1/GoogleCloudSecuritycenterV1CustomConfig": google_cloud_securitycenter_v1_custom_config
+"/securitycenter:v1/GoogleCloudSecuritycenterV1CustomConfig/celPolicy": cel_policy
 "/securitycenter:v1/GoogleCloudSecuritycenterV1CustomConfig/customOutput": custom_output
 "/securitycenter:v1/GoogleCloudSecuritycenterV1CustomConfig/description": description
 "/securitycenter:v1/GoogleCloudSecuritycenterV1CustomConfig/predicate": predicate
@@ -294253,6 +294257,7 @@
 "/securitycenter:v1/GoogleCloudSecuritycenterV2AzureMetadata/subscription": subscription
 "/securitycenter:v1/GoogleCloudSecuritycenterV2AzureMetadata/tenant": tenant
 "/securitycenter:v1/GoogleCloudSecuritycenterV2AzureResourceGroup": google_cloud_securitycenter_v2_azure_resource_group
+"/securitycenter:v1/GoogleCloudSecuritycenterV2AzureResourceGroup/id": id
 "/securitycenter:v1/GoogleCloudSecuritycenterV2AzureResourceGroup/name": name
 "/securitycenter:v1/GoogleCloudSecuritycenterV2AzureSubscription": google_cloud_securitycenter_v2_azure_subscription
 "/securitycenter:v1/GoogleCloudSecuritycenterV2AzureSubscription/displayName": display_name

diff --git a/generated/google-apis-securitycenter_v1/CHANGELOG.md b/generated/google-apis-securitycenter_v1/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Release history for google-apis-securitycenter_v1
 
+### v0.88.0 (2024-10-06)
+
+* Regenerated from discovery document revision 20240926
+
 ### v0.87.0 (2024-09-22)
 
 * Regenerated from discovery document revision 20240916

diff --git a/generated/google-apis-securitycenter_v1/lib/google/apis/securitycenter_v1/classes.rb b/generated/google-apis-securitycenter_v1/lib/google/apis/securitycenter_v1/classes.rb
@@ -848,6 +848,11 @@ def update!(**args)
       class AzureResourceGroup
         include Google::Apis::Core::Hashable
 
+        # The ID of the Azure resource group.
+        # Corresponds to the JSON property `id`
+        # @return [String]
+        attr_accessor :id
+
         # The name of the Azure resource group. This is not a UUID.
         # Corresponds to the JSON property `name`
         # @return [String]
@@ -859,6 +864,7 @@ def initialize(**args)
 
         # Update properties of this object
         def update!(**args)
+          @id = args[:id] if args.key?(:id)
           @name = args[:name] if args.key?(:name)
         end
       end
@@ -1195,6 +1201,40 @@ def update!(**args)
         end
       end
 
+      # YAML-based rule that uses CEL, which supports the declaration of variables and
+      # a filtering predicate. A vulnerable resource is emitted if the evaluation is
+      # false. Given: 1) the resource types as: - resource_types: "compute.googleapis.
+      # com/Instance" - resource_types: "compute.googleapis.com/Firewall" 2) the CEL
+      # policy spec as: name: bad_instance resource_filters: - name: instance
+      # resource_type: compute.googleapis.com/Instance filter: > instance.status == '
+      # RUNNING' && 'public' in instance.tags.items - name: firewall resource_type:
+      # compute.googleapis.com/Firewall filter: > firewall.direction == 'INGRESS' && !
+      # firewall.disabled && firewall.allowed.exists(rule, rule.IPProtocol.upperAscii()
+      # in ['TCP', 'ALL'] && rule.ports.exists(port, network.portsInRange(port, '11-
+      # 256'))) rule: match: - predicate: > instance.networkInterfaces.exists(net,
+      # firewall.network == net.network) output: > `'message': 'Compute instance with
+      # publicly accessible ports', 'instance': instance.name` Users are able to join
+      # resource types together using the exact format as Kubernetes Validating
+      # Admission policies.
+      class CelPolicySpec
+        include Google::Apis::Core::Hashable
+
+        # The CEL policy to evaluate to produce findings. A finding is generated when
+        # the policy validation evaluates to false.
+        # Corresponds to the JSON property `spec`
+        # @return [String]
+        attr_accessor :spec
+
+        def initialize(**args)
+           update!(**args)
+        end
+
+        # Update properties of this object
+        def update!(**args)
+          @spec = args[:spec] if args.key?(:spec)
+        end
+      end
+
       # Fields related to Google Cloud Armor findings.
       class CloudArmor
         include Google::Apis::Core::Hashable
@@ -3095,6 +3135,25 @@ def update!(**args)
       class GoogleCloudSecuritycenterV1CustomConfig
         include Google::Apis::Core::Hashable
 
+        # YAML-based rule that uses CEL, which supports the declaration of variables and
+        # a filtering predicate. A vulnerable resource is emitted if the evaluation is
+        # false. Given: 1) the resource types as: - resource_types: "compute.googleapis.
+        # com/Instance" - resource_types: "compute.googleapis.com/Firewall" 2) the CEL
+        # policy spec as: name: bad_instance resource_filters: - name: instance
+        # resource_type: compute.googleapis.com/Instance filter: > instance.status == '
+        # RUNNING' && 'public' in instance.tags.items - name: firewall resource_type:
+        # compute.googleapis.com/Firewall filter: > firewall.direction == 'INGRESS' && !
+        # firewall.disabled && firewall.allowed.exists(rule, rule.IPProtocol.upperAscii()
+        # in ['TCP', 'ALL'] && rule.ports.exists(port, network.portsInRange(port, '11-
+        # 256'))) rule: match: - predicate: > instance.networkInterfaces.exists(net,
+        # firewall.network == net.network) output: > `'message': 'Compute instance with
+        # publicly accessible ports', 'instance': instance.name` Users are able to join
+        # resource types together using the exact format as Kubernetes Validating
+        # Admission policies.
+        # Corresponds to the JSON property `celPolicy`
+        # @return [Google::Apis::SecuritycenterV1::CelPolicySpec]
+        attr_accessor :cel_policy
+
         # A set of optional name-value pairs that define custom source properties to
         # return with each finding that is generated by the custom module. The custom
         # source properties that are defined here are included in the finding JSON under
@@ -3153,6 +3212,7 @@ def initialize(**args)
 
         # Update properties of this object
         def update!(**args)
+          @cel_policy = args[:cel_policy] if args.key?(:cel_policy)
           @custom_output = args[:custom_output] if args.key?(:custom_output)
           @description = args[:description] if args.key?(:description)
           @predicate = args[:predicate] if args.key?(:predicate)
@@ -4671,6 +4731,11 @@ def update!(**args)
       class GoogleCloudSecuritycenterV2AzureResourceGroup
         include Google::Apis::Core::Hashable
 
+        # The ID of the Azure resource group.
+        # Corresponds to the JSON property `id`
+        # @return [String]
+        attr_accessor :id
+
         # The name of the Azure resource group. This is not a UUID.
         # Corresponds to the JSON property `name`
         # @return [String]
@@ -4682,6 +4747,7 @@ def initialize(**args)
 
         # Update properties of this object
         def update!(**args)
+          @id = args[:id] if args.key?(:id)
           @name = args[:name] if args.key?(:name)
         end
       end

diff --git a/generated/google-apis-securitycenter_v1/lib/google/apis/securitycenter_v1/gem_version.rb b/generated/google-apis-securitycenter_v1/lib/google/apis/securitycenter_v1/gem_version.rb
@@ -16,13 +16,13 @@ module Google
   module Apis
     module SecuritycenterV1
       # Version of the google-apis-securitycenter_v1 gem
-      GEM_VERSION = "0.87.0"
+      GEM_VERSION = "0.88.0"
 
       # Version of the code generator used to generate this client
       GENERATOR_VERSION = "0.15.1"
 
       # Revision of the discovery document this client was generated from
-      REVISION = "20240916"
+      REVISION = "20240926"
     end
   end
 end
diff --git a/generated/google-apis-securitycenter_v1/lib/google/apis/securitycenter_v1/representations.rb b/generated/google-apis-securitycenter_v1/lib/google/apis/securitycenter_v1/representations.rb
@@ -190,6 +190,12 @@ class Representation < Google::Apis::Core::JsonRepresentation; end
         include Google::Apis::Core::JsonObjectSupport
       end
 
+      class CelPolicySpec
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+
+        include Google::Apis::Core::JsonObjectSupport
+      end
+
       class CloudArmor
         class Representation < Google::Apis::Core::JsonRepresentation; end
 
@@ -1804,6 +1810,7 @@ class Representation < Google::Apis::Core::JsonRepresentation
       class AzureResourceGroup
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
+          property :id, as: 'id'
           property :name, as: 'name'
         end
       end
@@ -1875,6 +1882,13 @@ class Representation < Google::Apis::Core::JsonRepresentation
         end
       end
 
+      class CelPolicySpec
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :spec, as: 'spec'
+        end
+      end
+
       class CloudArmor
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
@@ -2352,6 +2366,8 @@ class Representation < Google::Apis::Core::JsonRepresentation
       class GoogleCloudSecuritycenterV1CustomConfig
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
+          property :cel_policy, as: 'celPolicy', class: Google::Apis::SecuritycenterV1::CelPolicySpec, decorator: Google::Apis::SecuritycenterV1::CelPolicySpec::Representation
+
           property :custom_output, as: 'customOutput', class: Google::Apis::SecuritycenterV1::GoogleCloudSecuritycenterV1CustomOutputSpec, decorator: Google::Apis::SecuritycenterV1::GoogleCloudSecuritycenterV1CustomOutputSpec::Representation
 
           property :description, as: 'description'
@@ -2722,6 +2738,7 @@ class Representation < Google::Apis::Core::JsonRepresentation
       class GoogleCloudSecuritycenterV2AzureResourceGroup
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
+          property :id, as: 'id'
           property :name, as: 'name'
         end
       end