1// Copyright 2020 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package google.cloud.securitycenter.v1beta1; 18 19import "google/api/resource.proto"; 20 21option go_package = "cloud.google.com/go/securitycenter/apiv1beta1/securitycenterpb;securitycenterpb"; 22option java_multiple_files = true; 23option java_package = "com.google.cloud.securitycenter.v1beta1"; 24 25// User specified settings that are attached to the Security Command 26// Center organization. 27message OrganizationSettings { 28 option (google.api.resource) = { 29 type: "securitycenter.googleapis.com/OrganizationSettings" 30 pattern: "organizations/{organization}/organizationSettings" 31 }; 32 33 // The configuration used for Asset Discovery runs. 34 message AssetDiscoveryConfig { 35 // The mode of inclusion when running Asset Discovery. 36 // Asset discovery can be limited by explicitly identifying projects to be 37 // included or excluded. If INCLUDE_ONLY is set, then only those projects 38 // within the organization and their children are discovered during asset 39 // discovery. If EXCLUDE is set, then projects that don't match those 40 // projects are discovered during asset discovery. If neither are set, then 41 // all projects within the organization are discovered during asset 42 // discovery. 43 enum InclusionMode { 44 // Unspecified. Setting the mode with this value will disable 45 // inclusion/exclusion filtering for Asset Discovery. 46 INCLUSION_MODE_UNSPECIFIED = 0; 47 48 // Asset Discovery will capture only the resources within the projects 49 // specified. All other resources will be ignored. 50 INCLUDE_ONLY = 1; 51 52 // Asset Discovery will ignore all resources under the projects specified. 53 // All other resources will be retrieved. 54 EXCLUDE = 2; 55 } 56 57 // The project ids to use for filtering asset discovery. 58 repeated string project_ids = 1; 59 60 // The mode to use for filtering asset discovery. 61 InclusionMode inclusion_mode = 2; 62 } 63 64 // The relative resource name of the settings. See: 65 // https://cloud.google.com/apis/design/resource_names#relative_resource_name 66 // Example: 67 // "organizations/{organization_id}/organizationSettings". 68 string name = 1; 69 70 // A flag that indicates if Asset Discovery should be enabled. If the flag is 71 // set to `true`, then discovery of assets will occur. If it is set to `false, 72 // all historical assets will remain, but discovery of future assets will not 73 // occur. 74 bool enable_asset_discovery = 2; 75 76 // The configuration used for Asset Discovery runs. 77 AssetDiscoveryConfig asset_discovery_config = 3; 78} 79