1// Copyright 2023 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package google.cloud.securitycenter.v1; 18 19import "google/api/field_behavior.proto"; 20import "google/api/resource.proto"; 21 22option csharp_namespace = "Google.Cloud.SecurityCenter.V1"; 23option go_package = "cloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb"; 24option java_multiple_files = true; 25option java_outer_classname = "NotificationConfigProto"; 26option java_package = "com.google.cloud.securitycenter.v1"; 27option php_namespace = "Google\\Cloud\\SecurityCenter\\V1"; 28option ruby_package = "Google::Cloud::SecurityCenter::V1"; 29option (google.api.resource_definition) = { 30 type: "pubsub.googleapis.com/Topic" 31 pattern: "projects/{project}/topics/{topic}" 32}; 33 34// Cloud Security Command Center (Cloud SCC) notification configs. 35// 36// A notification config is a Cloud SCC resource that contains the configuration 37// to send notifications for create/update events of findings, assets and etc. 38message NotificationConfig { 39 option (google.api.resource) = { 40 type: "securitycenter.googleapis.com/NotificationConfig" 41 pattern: "organizations/{organization}/notificationConfigs/{notification_config}" 42 pattern: "folders/{folder}/notificationConfigs/{notification_config}" 43 pattern: "projects/{project}/notificationConfigs/{notification_config}" 44 }; 45 46 // The config for streaming-based notifications, which send each event as soon 47 // as it is detected. 48 message StreamingConfig { 49 // Expression that defines the filter to apply across create/update events 50 // of assets or findings as specified by the event type. The expression is a 51 // list of zero or more restrictions combined via logical operators `AND` 52 // and `OR`. Parentheses are supported, and `OR` has higher precedence than 53 // `AND`. 54 // 55 // Restrictions have the form `<field> <operator> <value>` and may have a 56 // `-` character in front of them to indicate negation. The fields map to 57 // those defined in the corresponding resource. 58 // 59 // The supported operators are: 60 // 61 // * `=` for all value types. 62 // * `>`, `<`, `>=`, `<=` for integer values. 63 // * `:`, meaning substring matching, for strings. 64 // 65 // The supported value types are: 66 // 67 // * string literals in quotes. 68 // * integer literals without quotes. 69 // * boolean literals `true` and `false` without quotes. 70 string filter = 1; 71 } 72 73 // The relative resource name of this notification config. See: 74 // https://cloud.google.com/apis/design/resource_names#relative_resource_name 75 // Example: 76 // "organizations/{organization_id}/notificationConfigs/notify_public_bucket", 77 // "folders/{folder_id}/notificationConfigs/notify_public_bucket", 78 // or "projects/{project_id}/notificationConfigs/notify_public_bucket". 79 string name = 1; 80 81 // The description of the notification config (max of 1024 characters). 82 string description = 2; 83 84 // The Pub/Sub topic to send notifications to. Its format is 85 // "projects/[project_id]/topics/[topic]". 86 string pubsub_topic = 3 [ 87 (google.api.resource_reference) = { type: "pubsub.googleapis.com/Topic" } 88 ]; 89 90 // Output only. The service account that needs "pubsub.topics.publish" 91 // permission to publish to the Pub/Sub topic. 92 string service_account = 4 [(google.api.field_behavior) = OUTPUT_ONLY]; 93 94 // The config for triggering notifications. 95 oneof notify_config { 96 // The config for triggering streaming-based notifications. 97 StreamingConfig streaming_config = 5; 98 } 99} 100