xref: /aosp_15_r20/external/googleapis/google/cloud/securitycenter/v2/attack_path.proto (revision d5c09012810ac0c9f33fe448fb6da8260d444cc9) 
1// Copyright 2023 Google LLC
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7//     http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15syntax = "proto3";
16
17package google.cloud.securitycenter.v2;
18
19import "google/api/resource.proto";
20
21option csharp_namespace = "Google.Cloud.SecurityCenter.V2";
22option go_package = "cloud.google.com/go/securitycenter/apiv2/securitycenterpb;securitycenterpb";
23option java_multiple_files = true;
24option java_outer_classname = "AttackPathProto";
25option java_package = "com.google.cloud.securitycenter.v2";
26option php_namespace = "Google\\Cloud\\SecurityCenter\\V2";
27option ruby_package = "Google::Cloud::SecurityCenter::V2";
28
29// A path that an attacker could take to reach an exposed resource.
30message AttackPath {
31  option (google.api.resource) = {
32    type: "securitycenter.googleapis.com/AttackPath"
33    pattern: "organizations/{organization}/simulations/{simulation}/valuedResources/{valued_resource}/attackPaths/{attack_path}"
34    plural: "attackPaths"
35    singular: "attackPath"
36  };
37
38  // Represents one point that an attacker passes through in this attack path.
39  message AttackPathNode {
40    // A finding that is associated with this node in the attack path.
41    message PathNodeAssociatedFinding {
42      // Canonical name of the associated findings. Example:
43      // organizations/123/sources/456/findings/789
44      string canonical_finding = 1;
45
46      // The additional taxonomy group within findings from a given source.
47      string finding_category = 2;
48
49      // Full resource name of the finding.
50      string name = 3;
51    }
52
53    // The type of the incoming attack step node.
54    enum NodeType {
55      // Type not specified
56      NODE_TYPE_UNSPECIFIED = 0;
57
58      // Incoming edge joined with AND
59      NODE_TYPE_AND = 1;
60
61      // Incoming edge joined with OR
62      NODE_TYPE_OR = 2;
63
64      // Incoming edge is defense
65      NODE_TYPE_DEFENSE = 3;
66
67      // Incoming edge is attacker
68      NODE_TYPE_ATTACKER = 4;
69    }
70
71    // Detailed steps the attack can take between path nodes.
72    message AttackStepNode {
73      // Unique ID for one Node
74      string uuid = 1;
75
76      // Attack step type. Can be either AND, OR or DEFENSE
77      NodeType type = 2;
78
79      // User friendly name of the attack step
80      string display_name = 3;
81
82      // Attack step labels for metadata
83      map<string, string> labels = 4;
84
85      // Attack step description
86      string description = 5;
87    }
88
89    // The name of the resource at this point in the attack path.
90    // The format of the name follows the Cloud Asset Inventory [resource
91    // name
92    // format]("https://cloud.google.com/asset-inventory/docs/resource-name-format")
93    string resource = 1;
94
95    // The [supported resource
96    // type](https://cloud.google.com/asset-inventory/docs/supported-asset-types")
97    string resource_type = 2;
98
99    // Human-readable name of this resource.
100    string display_name = 3;
101
102    // The findings associated with this node in the attack path.
103    repeated PathNodeAssociatedFinding associated_findings = 4;
104
105    // Unique id of the attack path node.
106    string uuid = 5;
107
108    // A list of attack step nodes that exist in this attack path node.
109    repeated AttackStepNode attack_steps = 6;
110  }
111
112  // Represents a connection between a source node and a destination node in
113  // this attack path.
114  message AttackPathEdge {
115    // The attack node uuid of the source node.
116    string source = 1;
117
118    // The attack node uuid of the destination node.
119    string destination = 2;
120  }
121
122  // The attack path name, for example,
123  //  `organizations/12/simulations/34/valuedResources/56/attackPaths/78`
124  string name = 1;
125
126  // A list of nodes that exist in this attack path.
127  repeated AttackPathNode path_nodes = 2;
128
129  // A list of the edges between nodes in this attack path.
130  repeated AttackPathEdge edges = 3;
131}
132