1// Copyright 2023 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package google.cloud.securitycenter.v1; 18 19import "google/api/resource.proto"; 20 21option csharp_namespace = "Google.Cloud.SecurityCenter.V1"; 22option go_package = "cloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb"; 23option java_multiple_files = true; 24option java_package = "com.google.cloud.securitycenter.v1"; 25option php_namespace = "Google\\Cloud\\SecurityCenter\\V1"; 26option ruby_package = "Google::Cloud::SecurityCenter::V1"; 27 28// User specified settings that are attached to the Security Command 29// Center organization. 30message OrganizationSettings { 31 option (google.api.resource) = { 32 type: "securitycenter.googleapis.com/OrganizationSettings" 33 pattern: "organizations/{organization}/organizationSettings" 34 }; 35 36 // The configuration used for Asset Discovery runs. 37 message AssetDiscoveryConfig { 38 // The mode of inclusion when running Asset Discovery. 39 // Asset discovery can be limited by explicitly identifying projects to be 40 // included or excluded. If INCLUDE_ONLY is set, then only those projects 41 // within the organization and their children are discovered during asset 42 // discovery. If EXCLUDE is set, then projects that don't match those 43 // projects are discovered during asset discovery. If neither are set, then 44 // all projects within the organization are discovered during asset 45 // discovery. 46 enum InclusionMode { 47 // Unspecified. Setting the mode with this value will disable 48 // inclusion/exclusion filtering for Asset Discovery. 49 INCLUSION_MODE_UNSPECIFIED = 0; 50 51 // Asset Discovery will capture only the resources within the projects 52 // specified. All other resources will be ignored. 53 INCLUDE_ONLY = 1; 54 55 // Asset Discovery will ignore all resources under the projects specified. 56 // All other resources will be retrieved. 57 EXCLUDE = 2; 58 } 59 60 // The project ids to use for filtering asset discovery. 61 repeated string project_ids = 1; 62 63 // The mode to use for filtering asset discovery. 64 InclusionMode inclusion_mode = 2; 65 66 // The folder ids to use for filtering asset discovery. 67 // It consists of only digits, e.g., 756619654966. 68 repeated string folder_ids = 3; 69 } 70 71 // The relative resource name of the settings. See: 72 // https://cloud.google.com/apis/design/resource_names#relative_resource_name 73 // Example: 74 // "organizations/{organization_id}/organizationSettings". 75 string name = 1; 76 77 // A flag that indicates if Asset Discovery should be enabled. If the flag is 78 // set to `true`, then discovery of assets will occur. If it is set to 79 // `false`, all historical assets will remain, but discovery of future assets 80 // will not occur. 81 bool enable_asset_discovery = 2; 82 83 // The configuration used for Asset Discovery runs. 84 AssetDiscoveryConfig asset_discovery_config = 3; 85} 86