1// Copyright 2020 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package google.cloud.securitycenter.settings.v1beta1; 18 19import "google/api/field_behavior.proto"; 20import "google/api/resource.proto"; 21import "google/cloud/securitycenter/settings/v1beta1/billing_settings.proto"; 22import "google/cloud/securitycenter/settings/v1beta1/component_settings.proto"; 23import "google/cloud/securitycenter/settings/v1beta1/sink_settings.proto"; 24import "google/protobuf/timestamp.proto"; 25 26option cc_enable_arenas = true; 27option csharp_namespace = "Google.Cloud.SecurityCenter.Settings.V1Beta1"; 28option go_package = "cloud.google.com/go/securitycenter/settings/apiv1beta1/settingspb;settingspb"; 29option java_multiple_files = true; 30option java_outer_classname = "SettingsProto"; 31option java_package = "com.google.cloud.securitycenter.settings.v1beta1"; 32option php_namespace = "Google\\Cloud\\SecurityCenter\\Settings\\V1beta1"; 33option ruby_package = "Google::Cloud::SecurityCenter::Settings::V1beta1"; 34 35// Common configuration settings for all of Security Center. 36message Settings { 37 option (google.api.resource) = { 38 type: "securitycenter.googleapis.com/Settings" 39 pattern: "organizations/{organization}/settings" 40 pattern: "folders/{folder}/settings" 41 pattern: "projects/{project}/settings" 42 pattern: "projects/{project}/locations/{location}/clusters/{cluster}/settings" 43 pattern: "projects/{project}/regions/{region}/clusters/{cluster}/settings" 44 pattern: "projects/{project}/zones/{zone}/clusters/{cluster}/settings" 45 }; 46 47 // The DetectorGroupSettings define the configuration for a detector group. 48 message DetectorGroupSettings { 49 // The state determines if the group is enabled or not. 50 ComponentEnablementState state = 1; 51 } 52 53 // Defines the onboarding states for SCC 54 // 55 // Potentially is just an indicator that a user has reviewed some subset of 56 // our configuration surface, even if it's still currently set to its 57 // API-default state. 58 enum OnboardingState { 59 // No onboarding state has been set. Should not be seen in practice, but 60 // should be functionally equivalent to DISABLED. 61 ONBOARDING_STATE_UNSPECIFIED = 0; 62 63 // SCC is fully on boarded 64 ENABLED = 1; 65 66 // SCC has been disabled after being on boarded 67 DISABLED = 2; 68 69 // SCC's onboarding tier has been explicitly set 70 BILLING_SELECTED = 3; 71 72 // SCC's CTD FindingsProviders have been chosen 73 PROVIDERS_SELECTED = 4; 74 75 // SCC's Service-Resource mappings have been set 76 RESOURCES_SELECTED = 5; 77 78 // SCC's core Service Account was created 79 ORG_SERVICE_ACCOUNT_CREATED = 6; 80 } 81 82 // The relative resource name of the settings resource. 83 // Formats: 84 // * `organizations/{organization}/settings` 85 // * `folders/{folder}/settings` 86 // * `projects/{project}/settings` 87 // * `projects/{project}/locations/{location}/clusters/{cluster}/settings` 88 // * `projects/{project}/regions/{region}/clusters/{cluster}/settings` 89 // * `projects/{project}/zones/{zone}/clusters/{cluster}/settings` 90 string name = 1; 91 92 // Billing settings 93 BillingSettings billing_settings = 2; 94 95 // An enum representing the current on boarding state of SCC. 96 OnboardingState state = 3; 97 98 // Output only. The organization-level service account to be used for security center 99 // components. The component must have permission to "act as" the service 100 // account. 101 string org_service_account = 5 [(google.api.field_behavior) = OUTPUT_ONLY]; 102 103 // Sink settings. 104 SinkSettings sink_settings = 6; 105 106 // The settings for detectors and/or scanners. 107 map<string, ComponentSettings> component_settings = 7; 108 109 // Detector group settings for all Security Center components. 110 // The key is the name of the detector group and the value is the settings for 111 // that group. 112 map<string, DetectorGroupSettings> detector_group_settings = 8; 113 114 // A fingerprint used for optimistic concurrency. If none is provided 115 // on updates then the existing metadata will be blindly overwritten. 116 string etag = 9; 117 118 // Output only. The time these settings were last updated. 119 google.protobuf.Timestamp update_time = 10 [(google.api.field_behavior) = OUTPUT_ONLY]; 120} 121