1// Copyright 2020 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package google.cloud.securitycenter.settings.v1beta1; 18 19import "google/api/field_behavior.proto"; 20import "google/cloud/securitycenter/settings/v1beta1/billing_settings.proto"; 21 22option cc_enable_arenas = true; 23option csharp_namespace = "Google.Cloud.SecurityCenter.Settings.V1Beta1"; 24option go_package = "cloud.google.com/go/securitycenter/settings/apiv1beta1/settingspb;settingspb"; 25option java_multiple_files = true; 26option java_outer_classname = "DetectorsProto"; 27option java_package = "com.google.cloud.securitycenter.settings.v1beta1"; 28option php_namespace = "Google\\Cloud\\SecurityCenter\\Settings\\V1beta1"; 29option ruby_package = "Google::Cloud::SecurityCenter::Settings::V1beta1"; 30 31// Detector is a set of detectors or scanners act as individual checks done 32// within a component e.g. bad IP, bad domains, IAM anomaly, cryptomining, open 33// firewall, etc. Detector is independent of Organization, meaning each detector 34// must be defined for a given Security Center component under a specified 35// billing tier. Organizations can configure the list of detectors based on 36// their subscribed billing tier. 37// 38// Defines a detector, its billing tier and any applicable labels. 39message Detector { 40 // Output only. Detector Identifier 41 string detector = 1 [(google.api.field_behavior) = OUTPUT_ONLY]; 42 43 // Output only. Component that supports detector type. Multiple components may support the 44 // same detector. 45 string component = 2 [(google.api.field_behavior) = OUTPUT_ONLY]; 46 47 // Output only. The billing tier may be different for a detector of the same name in 48 // another component. 49 BillingTier billing_tier = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; 50 51 // Output only. Google curated detector labels. These are alphanumeric tags that are not 52 // necessarily human readable. Labels can be used to group detectors together 53 // in the future. An example might be tagging all detectors “PCI” that help 54 // with PCI compliance. 55 repeated string detector_labels = 4 [(google.api.field_behavior) = OUTPUT_ONLY]; 56} 57