1// Copyright 2024 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package google.cloud.securitycenter.v1; 18 19option csharp_namespace = "Google.Cloud.SecurityCenter.V1"; 20option go_package = "cloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb"; 21option java_multiple_files = true; 22option java_outer_classname = "SecurityPostureProto"; 23option java_package = "com.google.cloud.securitycenter.v1"; 24option php_namespace = "Google\\Cloud\\SecurityCenter\\V1"; 25option ruby_package = "Google::Cloud::SecurityCenter::V1"; 26 27// Represents a posture that is deployed on Google Cloud by the 28// Security Command Center Posture Management service. 29// A posture contains one or more policy sets. A policy set is a 30// group of policies that enforce a set of security rules on Google 31// Cloud. 32message SecurityPosture { 33 // The policy field that violates the deployed posture and its expected and 34 // detected values. 35 message PolicyDriftDetails { 36 // The name of the updated field, for example 37 // constraint.implementation.policy_rules[0].enforce 38 string field = 1; 39 40 // The value of this field that was configured in a posture, for example, 41 // `true` or `allowed_values={"projects/29831892"}`. 42 string expected_value = 2; 43 44 // The detected value that violates the deployed posture, for example, 45 // `false` or `allowed_values={"projects/22831892"}`. 46 string detected_value = 3; 47 } 48 49 // Name of the posture, for example, `CIS-Posture`. 50 string name = 1; 51 52 // The version of the posture, for example, `c7cfa2a8`. 53 string revision_id = 2; 54 55 // The project, folder, or organization on which the posture is deployed, 56 // for example, `projects/{project_number}`. 57 string posture_deployment_resource = 3; 58 59 // The name of the posture deployment, for example, 60 // `organizations/{org_id}/posturedeployments/{posture_deployment_id}`. 61 string posture_deployment = 4; 62 63 // The name of the updated policy, for example, 64 // `projects/{project_id}/policies/{constraint_name}`. 65 string changed_policy = 5; 66 67 // The name of the updated policyset, for example, `cis-policyset`. 68 string policy_set = 6; 69 70 // The ID of the updated policy, for example, `compute-policy-1`. 71 string policy = 7; 72 73 // The details about a change in an updated policy that violates the deployed 74 // posture. 75 repeated PolicyDriftDetails policy_drift_details = 8; 76} 77