1// Copyright 2023 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package google.cloud.securitycenter.v2; 18 19import "google/api/field_behavior.proto"; 20import "google/api/resource.proto"; 21 22option csharp_namespace = "Google.Cloud.SecurityCenter.V2"; 23option go_package = "cloud.google.com/go/securitycenter/apiv2/securitycenterpb;securitycenterpb"; 24option java_multiple_files = true; 25option java_outer_classname = "NotificationConfigProto"; 26option java_package = "com.google.cloud.securitycenter.v2"; 27option php_namespace = "Google\\Cloud\\SecurityCenter\\V2"; 28option ruby_package = "Google::Cloud::SecurityCenter::V2"; 29option (google.api.resource_definition) = { 30 type: "pubsub.googleapis.com/Topic" 31 pattern: "projects/{project}/topics/{topic}" 32}; 33 34// Cloud Security Command Center (Cloud SCC) notification configs. 35// 36// A notification config is a Cloud SCC resource that contains the configuration 37// to send notifications for create/update events of findings, assets and etc. 38message NotificationConfig { 39 option (google.api.resource) = { 40 type: "securitycenter.googleapis.com/NotificationConfig" 41 pattern: "organizations/{organization}/locations/{location}/notificationConfigs/{notification_config}" 42 pattern: "folders/{folder}/locations/{location}/notificationConfigs/{notification_config}" 43 pattern: "projects/{project}/locations/{location}/notificationConfigs/{notification_config}" 44 plural: "notificationConfigs" 45 singular: "notificationConfig" 46 }; 47 48 // The config for streaming-based notifications, which send each event as soon 49 // as it is detected. 50 message StreamingConfig { 51 // Expression that defines the filter to apply across create/update events 52 // of assets or findings as specified by the event type. The expression is a 53 // list of zero or more restrictions combined via logical operators `AND` 54 // and `OR`. Parentheses are supported, and `OR` has higher precedence than 55 // `AND`. 56 // 57 // Restrictions have the form `<field> <operator> <value>` and may have a 58 // `-` character in front of them to indicate negation. The fields map to 59 // those defined in the corresponding resource. 60 // 61 // The supported operators are: 62 // 63 // * `=` for all value types. 64 // * `>`, `<`, `>=`, `<=` for integer values. 65 // * `:`, meaning substring matching, for strings. 66 // 67 // The supported value types are: 68 // 69 // * string literals in quotes. 70 // * integer literals without quotes. 71 // * boolean literals `true` and `false` without quotes. 72 string filter = 1; 73 } 74 75 // The relative resource name of this notification config. See: 76 // https://cloud.google.com/apis/design/resource_names#relative_resource_name 77 // The following list shows some examples: 78 // + 79 // `organizations/{organization_id}/locations/{location_id}/notificationConfigs/notify_public_bucket` 80 // + 81 // `folders/{folder_id}/locations/{location_id}/notificationConfigs/notify_public_bucket` 82 // + 83 // `projects/{project_id}/locations/{location_id}/notificationConfigs/notify_public_bucket` 84 string name = 1; 85 86 // The description of the notification config (max of 1024 characters). 87 string description = 2; 88 89 // The Pub/Sub topic to send notifications to. Its format is 90 // "projects/[project_id]/topics/[topic]". 91 string pubsub_topic = 3 [ 92 (google.api.resource_reference) = { type: "pubsub.googleapis.com/Topic" } 93 ]; 94 95 // Output only. The service account that needs "pubsub.topics.publish" 96 // permission to publish to the Pub/Sub topic. 97 string service_account = 4 [(google.api.field_behavior) = OUTPUT_ONLY]; 98 99 // The config for triggering notifications. 100 oneof notify_config { 101 // The config for triggering streaming-based notifications. 102 StreamingConfig streaming_config = 5; 103 } 104} 105