1// Copyright 2021 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package google.cloud.securitycenter.v1p1beta1; 18 19import public "google/cloud/securitycenter/v1p1beta1/notification_message.proto"; 20import public "google/cloud/securitycenter/v1p1beta1/run_asset_discovery_response.proto"; 21import "google/api/annotations.proto"; 22import "google/api/client.proto"; 23import "google/api/field_behavior.proto"; 24import "google/api/resource.proto"; 25import "google/cloud/securitycenter/v1p1beta1/asset.proto"; 26import "google/cloud/securitycenter/v1p1beta1/finding.proto"; 27import "google/cloud/securitycenter/v1p1beta1/folder.proto"; 28import "google/cloud/securitycenter/v1p1beta1/notification_config.proto"; 29import "google/cloud/securitycenter/v1p1beta1/organization_settings.proto"; 30import "google/cloud/securitycenter/v1p1beta1/security_marks.proto"; 31import "google/cloud/securitycenter/v1p1beta1/source.proto"; 32import "google/iam/v1/iam_policy.proto"; 33import "google/iam/v1/policy.proto"; 34import "google/longrunning/operations.proto"; 35import "google/protobuf/duration.proto"; 36import "google/protobuf/empty.proto"; 37import "google/protobuf/field_mask.proto"; 38import "google/protobuf/struct.proto"; 39import "google/protobuf/timestamp.proto"; 40 41option csharp_namespace = "Google.Cloud.SecurityCenter.V1P1Beta1"; 42option go_package = "cloud.google.com/go/securitycenter/apiv1p1beta1/securitycenterpb;securitycenterpb"; 43option java_multiple_files = true; 44option java_package = "com.google.cloud.securitycenter.v1p1beta1"; 45option php_namespace = "Google\\Cloud\\SecurityCenter\\V1p1beta1"; 46option ruby_package = "Google::Cloud::SecurityCenter::V1p1beta1"; 47 48// V1p1Beta1 APIs for Security Center service. 49service SecurityCenter { 50 option (google.api.default_host) = "securitycenter.googleapis.com"; 51 option (google.api.oauth_scopes) = "https://www.googleapis.com/auth/cloud-platform"; 52 53 // Creates a source. 54 rpc CreateSource(CreateSourceRequest) returns (Source) { 55 option (google.api.http) = { 56 post: "/v1p1beta1/{parent=organizations/*}/sources" 57 body: "source" 58 }; 59 option (google.api.method_signature) = "parent,source"; 60 } 61 62 // Creates a finding. The corresponding source must exist for finding 63 // creation to succeed. 64 rpc CreateFinding(CreateFindingRequest) returns (Finding) { 65 option (google.api.http) = { 66 post: "/v1p1beta1/{parent=organizations/*/sources/*}/findings" 67 body: "finding" 68 }; 69 option (google.api.method_signature) = "parent,finding_id,finding"; 70 option (google.api.method_signature) = "parent,finding,finding_id"; 71 } 72 73 // Creates a notification config. 74 rpc CreateNotificationConfig(CreateNotificationConfigRequest) returns (NotificationConfig) { 75 option (google.api.http) = { 76 post: "/v1p1beta1/{parent=organizations/*}/notificationConfigs" 77 body: "notification_config" 78 }; 79 option (google.api.method_signature) = "parent,config_id,notification_config"; 80 option (google.api.method_signature) = "parent,notification_config"; 81 } 82 83 // Deletes a notification config. 84 rpc DeleteNotificationConfig(DeleteNotificationConfigRequest) returns (google.protobuf.Empty) { 85 option (google.api.http) = { 86 delete: "/v1p1beta1/{name=organizations/*/notificationConfigs/*}" 87 }; 88 option (google.api.method_signature) = "name"; 89 } 90 91 // Gets the access control policy on the specified Source. 92 rpc GetIamPolicy(google.iam.v1.GetIamPolicyRequest) returns (google.iam.v1.Policy) { 93 option (google.api.http) = { 94 post: "/v1p1beta1/{resource=organizations/*/sources/*}:getIamPolicy" 95 body: "*" 96 }; 97 option (google.api.method_signature) = "resource"; 98 } 99 100 // Gets a notification config. 101 rpc GetNotificationConfig(GetNotificationConfigRequest) returns (NotificationConfig) { 102 option (google.api.http) = { 103 get: "/v1p1beta1/{name=organizations/*/notificationConfigs/*}" 104 }; 105 option (google.api.method_signature) = "name"; 106 } 107 108 // Gets the settings for an organization. 109 rpc GetOrganizationSettings(GetOrganizationSettingsRequest) returns (OrganizationSettings) { 110 option (google.api.http) = { 111 get: "/v1p1beta1/{name=organizations/*/organizationSettings}" 112 }; 113 option (google.api.method_signature) = "name"; 114 } 115 116 // Gets a source. 117 rpc GetSource(GetSourceRequest) returns (Source) { 118 option (google.api.http) = { 119 get: "/v1p1beta1/{name=organizations/*/sources/*}" 120 }; 121 option (google.api.method_signature) = "name"; 122 } 123 124 // Filters an organization's assets and groups them by their specified 125 // properties. 126 rpc GroupAssets(GroupAssetsRequest) returns (GroupAssetsResponse) { 127 option (google.api.http) = { 128 post: "/v1p1beta1/{parent=organizations/*}/assets:group" 129 body: "*" 130 additional_bindings { 131 post: "/v1p1beta1/{parent=folders/*}/assets:group" 132 body: "*" 133 } 134 additional_bindings { 135 post: "/v1p1beta1/{parent=projects/*}/assets:group" 136 body: "*" 137 } 138 }; 139 } 140 141 // Filters an organization or source's findings and groups them by their 142 // specified properties. 143 // 144 // To group across all sources provide a `-` as the source id. 145 // Example: /v1/organizations/{organization_id}/sources/-/findings, 146 // /v1/folders/{folder_id}/sources/-/findings, 147 // /v1/projects/{project_id}/sources/-/findings 148 rpc GroupFindings(GroupFindingsRequest) returns (GroupFindingsResponse) { 149 option (google.api.http) = { 150 post: "/v1p1beta1/{parent=organizations/*/sources/*}/findings:group" 151 body: "*" 152 additional_bindings { 153 post: "/v1p1beta1/{parent=folders/*/sources/*}/findings:group" 154 body: "*" 155 } 156 additional_bindings { 157 post: "/v1p1beta1/{parent=projects/*/sources/*}/findings:group" 158 body: "*" 159 } 160 }; 161 option (google.api.method_signature) = "parent,group_by"; 162 } 163 164 // Lists an organization's assets. 165 rpc ListAssets(ListAssetsRequest) returns (ListAssetsResponse) { 166 option (google.api.http) = { 167 get: "/v1p1beta1/{parent=organizations/*}/assets" 168 additional_bindings { 169 get: "/v1p1beta1/{parent=folders/*}/assets" 170 } 171 additional_bindings { 172 get: "/v1p1beta1/{parent=projects/*}/assets" 173 } 174 }; 175 option (google.api.method_signature) = "parent"; 176 } 177 178 // Lists an organization or source's findings. 179 // 180 // To list across all sources provide a `-` as the source id. 181 // Example: /v1p1beta1/organizations/{organization_id}/sources/-/findings 182 rpc ListFindings(ListFindingsRequest) returns (ListFindingsResponse) { 183 option (google.api.http) = { 184 get: "/v1p1beta1/{parent=organizations/*/sources/*}/findings" 185 additional_bindings { 186 get: "/v1p1beta1/{parent=folders/*/sources/*}/findings" 187 } 188 additional_bindings { 189 get: "/v1p1beta1/{parent=projects/*/sources/*}/findings" 190 } 191 }; 192 option (google.api.method_signature) = "parent"; 193 } 194 195 // Lists notification configs. 196 rpc ListNotificationConfigs(ListNotificationConfigsRequest) returns (ListNotificationConfigsResponse) { 197 option (google.api.http) = { 198 get: "/v1p1beta1/{parent=organizations/*}/notificationConfigs" 199 }; 200 option (google.api.method_signature) = "parent"; 201 } 202 203 // Lists all sources belonging to an organization. 204 rpc ListSources(ListSourcesRequest) returns (ListSourcesResponse) { 205 option (google.api.http) = { 206 get: "/v1p1beta1/{parent=organizations/*}/sources" 207 additional_bindings { 208 get: "/v1p1beta1/{parent=folders/*}/sources" 209 } 210 additional_bindings { 211 get: "/v1p1beta1/{parent=projects/*}/sources" 212 } 213 }; 214 option (google.api.method_signature) = "parent"; 215 } 216 217 // Runs asset discovery. The discovery is tracked with a long-running 218 // operation. 219 // 220 // This API can only be called with limited frequency for an organization. If 221 // it is called too frequently the caller will receive a TOO_MANY_REQUESTS 222 // error. 223 rpc RunAssetDiscovery(RunAssetDiscoveryRequest) returns (google.longrunning.Operation) { 224 option (google.api.http) = { 225 post: "/v1p1beta1/{parent=organizations/*}/assets:runDiscovery" 226 body: "*" 227 }; 228 option (google.api.method_signature) = "parent"; 229 option (google.longrunning.operation_info) = { 230 response_type: "google.cloud.securitycenter.v1p1beta1.RunAssetDiscoveryResponse" 231 metadata_type: "google.protobuf.Empty" 232 }; 233 } 234 235 // Updates the state of a finding. 236 rpc SetFindingState(SetFindingStateRequest) returns (Finding) { 237 option (google.api.http) = { 238 post: "/v1p1beta1/{name=organizations/*/sources/*/findings/*}:setState" 239 body: "*" 240 additional_bindings { 241 post: "/v1p1beta1/{name=folders/*/sources/*/findings/*}:setState" 242 body: "*" 243 } 244 additional_bindings { 245 post: "/v1p1beta1/{name=projects/*/sources/*/findings/*}:setState" 246 body: "*" 247 } 248 }; 249 option (google.api.method_signature) = "name,state,start_time"; 250 } 251 252 // Sets the access control policy on the specified Source. 253 rpc SetIamPolicy(google.iam.v1.SetIamPolicyRequest) returns (google.iam.v1.Policy) { 254 option (google.api.http) = { 255 post: "/v1p1beta1/{resource=organizations/*/sources/*}:setIamPolicy" 256 body: "*" 257 }; 258 option (google.api.method_signature) = "resource,policy"; 259 } 260 261 // Returns the permissions that a caller has on the specified source. 262 rpc TestIamPermissions(google.iam.v1.TestIamPermissionsRequest) returns (google.iam.v1.TestIamPermissionsResponse) { 263 option (google.api.http) = { 264 post: "/v1p1beta1/{resource=organizations/*/sources/*}:testIamPermissions" 265 body: "*" 266 }; 267 option (google.api.method_signature) = "resource,permissions"; 268 } 269 270 // Creates or updates a finding. The corresponding source must exist for a 271 // finding creation to succeed. 272 rpc UpdateFinding(UpdateFindingRequest) returns (Finding) { 273 option (google.api.http) = { 274 patch: "/v1p1beta1/{finding.name=organizations/*/sources/*/findings/*}" 275 body: "finding" 276 additional_bindings { 277 patch: "/v1p1beta1/{finding.name=folders/*/sources/*/findings/*}" 278 body: "finding" 279 } 280 additional_bindings { 281 patch: "/v1p1beta1/{finding.name=projects/*/sources/*/findings/*}" 282 body: "finding" 283 } 284 }; 285 option (google.api.method_signature) = "finding"; 286 option (google.api.method_signature) = "finding,update_mask"; 287 } 288 289 // Updates a notification config. The following update 290 // fields are allowed: description, pubsub_topic, streaming_config.filter 291 rpc UpdateNotificationConfig(UpdateNotificationConfigRequest) returns (NotificationConfig) { 292 option (google.api.http) = { 293 patch: "/v1p1beta1/{notification_config.name=organizations/*/notificationConfigs/*}" 294 body: "notification_config" 295 }; 296 option (google.api.method_signature) = "notification_config"; 297 option (google.api.method_signature) = "notification_config,update_mask"; 298 } 299 300 // Updates an organization's settings. 301 rpc UpdateOrganizationSettings(UpdateOrganizationSettingsRequest) returns (OrganizationSettings) { 302 option (google.api.http) = { 303 patch: "/v1p1beta1/{organization_settings.name=organizations/*/organizationSettings}" 304 body: "organization_settings" 305 }; 306 option (google.api.method_signature) = "organization_settings"; 307 } 308 309 // Updates a source. 310 rpc UpdateSource(UpdateSourceRequest) returns (Source) { 311 option (google.api.http) = { 312 patch: "/v1p1beta1/{source.name=organizations/*/sources/*}" 313 body: "source" 314 }; 315 option (google.api.method_signature) = "source"; 316 option (google.api.method_signature) = "source,update_mask"; 317 } 318 319 // Updates security marks. 320 rpc UpdateSecurityMarks(UpdateSecurityMarksRequest) returns (SecurityMarks) { 321 option (google.api.http) = { 322 patch: "/v1p1beta1/{security_marks.name=organizations/*/assets/*/securityMarks}" 323 body: "security_marks" 324 additional_bindings { 325 patch: "/v1p1beta1/{security_marks.name=folders/*/assets/*/securityMarks}" 326 body: "security_marks" 327 } 328 additional_bindings { 329 patch: "/v1p1beta1/{security_marks.name=projects/*/assets/*/securityMarks}" 330 body: "security_marks" 331 } 332 additional_bindings { 333 patch: "/v1p1beta1/{security_marks.name=organizations/*/sources/*/findings/*/securityMarks}" 334 body: "security_marks" 335 } 336 additional_bindings { 337 patch: "/v1p1beta1/{security_marks.name=folders/*/sources/*/findings/*/securityMarks}" 338 body: "security_marks" 339 } 340 additional_bindings { 341 patch: "/v1p1beta1/{security_marks.name=projects/*/sources/*/findings/*/securityMarks}" 342 body: "security_marks" 343 } 344 }; 345 option (google.api.method_signature) = "security_marks"; 346 option (google.api.method_signature) = "security_marks,update_mask"; 347 } 348} 349 350// Request message for creating a finding. 351message CreateFindingRequest { 352 // Required. Resource name of the new finding's parent. Its format should be 353 // "organizations/[organization_id]/sources/[source_id]". 354 string parent = 1 [ 355 (google.api.field_behavior) = REQUIRED, 356 (google.api.resource_reference) = { 357 type: "securitycenter.googleapis.com/Source" 358 } 359 ]; 360 361 // Required. Unique identifier provided by the client within the parent scope. 362 string finding_id = 2 [(google.api.field_behavior) = REQUIRED]; 363 364 // Required. The Finding being created. The name and security_marks will be ignored as 365 // they are both output only fields on this resource. 366 Finding finding = 3 [(google.api.field_behavior) = REQUIRED]; 367} 368 369// Request message for creating a notification config. 370message CreateNotificationConfigRequest { 371 // Required. Resource name of the new notification config's parent. Its format is 372 // "organizations/[organization_id]". 373 string parent = 1 [ 374 (google.api.field_behavior) = REQUIRED, 375 (google.api.resource_reference) = { 376 type: "cloudresourcemanager.googleapis.com/Organization" 377 } 378 ]; 379 380 // Required. Unique identifier provided by the client within the parent scope. 381 // It must be between 1 and 128 characters, and contains alphanumeric 382 // characters, underscores or hyphens only. 383 string config_id = 2 [(google.api.field_behavior) = REQUIRED]; 384 385 // Required. The notification config being created. The name and the service account 386 // will be ignored as they are both output only fields on this resource. 387 NotificationConfig notification_config = 3 [(google.api.field_behavior) = REQUIRED]; 388} 389 390// Request message for creating a source. 391message CreateSourceRequest { 392 // Required. Resource name of the new source's parent. Its format should be 393 // "organizations/[organization_id]". 394 string parent = 1 [ 395 (google.api.field_behavior) = REQUIRED, 396 (google.api.resource_reference) = { 397 type: "cloudresourcemanager.googleapis.com/Organization" 398 } 399 ]; 400 401 // Required. The Source being created, only the display_name and description will be 402 // used. All other fields will be ignored. 403 Source source = 2 [(google.api.field_behavior) = REQUIRED]; 404} 405 406// Request message for deleting a notification config. 407message DeleteNotificationConfigRequest { 408 // Required. Name of the notification config to delete. Its format is 409 // "organizations/[organization_id]/notificationConfigs/[config_id]". 410 string name = 1 [ 411 (google.api.field_behavior) = REQUIRED, 412 (google.api.resource_reference) = { 413 type: "securitycenter.googleapis.com/NotificationConfig" 414 } 415 ]; 416} 417 418// Request message for getting a notification config. 419message GetNotificationConfigRequest { 420 // Required. Name of the notification config to get. Its format is 421 // "organizations/[organization_id]/notificationConfigs/[config_id]". 422 string name = 1 [ 423 (google.api.field_behavior) = REQUIRED, 424 (google.api.resource_reference) = { 425 type: "securitycenter.googleapis.com/NotificationConfig" 426 } 427 ]; 428} 429 430// Request message for getting organization settings. 431message GetOrganizationSettingsRequest { 432 // Required. Name of the organization to get organization settings for. Its format is 433 // "organizations/[organization_id]/organizationSettings". 434 string name = 1 [ 435 (google.api.field_behavior) = REQUIRED, 436 (google.api.resource_reference) = { 437 type: "securitycenter.googleapis.com/OrganizationSettings" 438 } 439 ]; 440} 441 442// Request message for getting a source. 443message GetSourceRequest { 444 // Required. Relative resource name of the source. Its format is 445 // "organizations/[organization_id]/source/[source_id]". 446 string name = 1 [ 447 (google.api.field_behavior) = REQUIRED, 448 (google.api.resource_reference) = { 449 type: "securitycenter.googleapis.com/Source" 450 } 451 ]; 452} 453 454// Request message for grouping by assets. 455message GroupAssetsRequest { 456 // Required. Name of the organization to groupBy. Its format is 457 // "organizations/[organization_id], folders/[folder_id], or 458 // projects/[project_id]". 459 string parent = 1 [ 460 (google.api.field_behavior) = REQUIRED, 461 (google.api.resource_reference) = { 462 child_type: "securitycenter.googleapis.com/Asset" 463 } 464 ]; 465 466 // Expression that defines the filter to apply across assets. 467 // The expression is a list of zero or more restrictions combined via logical 468 // operators `AND` and `OR`. 469 // Parentheses are supported, and `OR` has higher precedence than `AND`. 470 // 471 // Restrictions have the form `<field> <operator> <value>` and may have a `-` 472 // character in front of them to indicate negation. The fields map to those 473 // defined in the Asset resource. Examples include: 474 // 475 // * name 476 // * security_center_properties.resource_name 477 // * resource_properties.a_property 478 // * security_marks.marks.marka 479 // 480 // The supported operators are: 481 // 482 // * `=` for all value types. 483 // * `>`, `<`, `>=`, `<=` for integer values. 484 // * `:`, meaning substring matching, for strings. 485 // 486 // The supported value types are: 487 // 488 // * string literals in quotes. 489 // * integer literals without quotes. 490 // * boolean literals `true` and `false` without quotes. 491 // 492 // The following field and operator combinations are supported: 493 // 494 // * name: `=` 495 // * update_time: `=`, `>`, `<`, `>=`, `<=` 496 // 497 // Usage: This should be milliseconds since epoch or an RFC3339 string. 498 // Examples: 499 // `update_time = "2019-06-10T16:07:18-07:00"` 500 // `update_time = 1560208038000` 501 // 502 // * create_time: `=`, `>`, `<`, `>=`, `<=` 503 // 504 // Usage: This should be milliseconds since epoch or an RFC3339 string. 505 // Examples: 506 // `create_time = "2019-06-10T16:07:18-07:00"` 507 // `create_time = 1560208038000` 508 // 509 // * iam_policy.policy_blob: `=`, `:` 510 // * resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=` 511 // * security_marks.marks: `=`, `:` 512 // * security_center_properties.resource_name: `=`, `:` 513 // * security_center_properties.resource_name_display_name: `=`, `:` 514 // * security_center_properties.resource_type: `=`, `:` 515 // * security_center_properties.resource_parent: `=`, `:` 516 // * security_center_properties.resource_parent_display_name: `=`, `:` 517 // * security_center_properties.resource_project: `=`, `:` 518 // * security_center_properties.resource_project_display_name: `=`, `:` 519 // * security_center_properties.resource_owners: `=`, `:` 520 // 521 // For example, `resource_properties.size = 100` is a valid filter string. 522 // 523 // Use a partial match on the empty string to filter based on a property 524 // existing: `resource_properties.my_property : ""` 525 // 526 // Use a negated partial match on the empty string to filter based on a 527 // property not existing: `-resource_properties.my_property : ""` 528 string filter = 2; 529 530 // Required. Expression that defines what assets fields to use for grouping. The string 531 // value should follow SQL syntax: comma separated list of fields. For 532 // example: 533 // "security_center_properties.resource_project,security_center_properties.project". 534 // 535 // The following fields are supported when compare_duration is not set: 536 // 537 // * security_center_properties.resource_project 538 // * security_center_properties.resource_project_display_name 539 // * security_center_properties.resource_type 540 // * security_center_properties.resource_parent 541 // * security_center_properties.resource_parent_display_name 542 // 543 // The following fields are supported when compare_duration is set: 544 // 545 // * security_center_properties.resource_type 546 // * security_center_properties.resource_project_display_name 547 // * security_center_properties.resource_parent_display_name 548 string group_by = 3 [(google.api.field_behavior) = REQUIRED]; 549 550 // When compare_duration is set, the GroupResult's "state_change" property is 551 // updated to indicate whether the asset was added, removed, or remained 552 // present during the compare_duration period of time that precedes the 553 // read_time. This is the time between (read_time - compare_duration) and 554 // read_time. 555 // 556 // The state change value is derived based on the presence of the asset at the 557 // two points in time. Intermediate state changes between the two times don't 558 // affect the result. For example, the results aren't affected if the asset is 559 // removed and re-created again. 560 // 561 // Possible "state_change" values when compare_duration is specified: 562 // 563 // * "ADDED": indicates that the asset was not present at the start of 564 // compare_duration, but present at reference_time. 565 // * "REMOVED": indicates that the asset was present at the start of 566 // compare_duration, but not present at reference_time. 567 // * "ACTIVE": indicates that the asset was present at both the 568 // start and the end of the time period defined by 569 // compare_duration and reference_time. 570 // 571 // If compare_duration is not specified, then the only possible state_change 572 // is "UNUSED", which will be the state_change set for all assets present at 573 // read_time. 574 // 575 // If this field is set then `state_change` must be a specified field in 576 // `group_by`. 577 google.protobuf.Duration compare_duration = 4; 578 579 // Time used as a reference point when filtering assets. The filter is limited 580 // to assets existing at the supplied time and their values are those at that 581 // specific time. Absence of this field will default to the API's version of 582 // NOW. 583 google.protobuf.Timestamp read_time = 5; 584 585 // The value returned by the last `GroupAssetsResponse`; indicates 586 // that this is a continuation of a prior `GroupAssets` call, and that the 587 // system should return the next page of data. 588 string page_token = 7; 589 590 // The maximum number of results to return in a single response. Default is 591 // 10, minimum is 1, maximum is 1000. 592 int32 page_size = 8; 593} 594 595// Response message for grouping by assets. 596message GroupAssetsResponse { 597 // Group results. There exists an element for each existing unique 598 // combination of property/values. The element contains a count for the number 599 // of times those specific property/values appear. 600 repeated GroupResult group_by_results = 1; 601 602 // Time used for executing the groupBy request. 603 google.protobuf.Timestamp read_time = 2; 604 605 // Token to retrieve the next page of results, or empty if there are no more 606 // results. 607 string next_page_token = 3; 608 609 // The total number of results matching the query. 610 int32 total_size = 4; 611} 612 613// Request message for grouping by findings. 614message GroupFindingsRequest { 615 // Required. Name of the source to groupBy. Its format is 616 // "organizations/[organization_id]/sources/[source_id]", 617 // folders/[folder_id]/sources/[source_id], or 618 // projects/[project_id]/sources/[source_id]. To groupBy across all sources 619 // provide a source_id of `-`. For example: 620 // organizations/{organization_id}/sources/-, folders/{folder_id}/sources/-, 621 // or projects/{project_id}/sources/- 622 string parent = 1 [ 623 (google.api.field_behavior) = REQUIRED, 624 (google.api.resource_reference) = { 625 type: "securitycenter.googleapis.com/Source" 626 } 627 ]; 628 629 // Expression that defines the filter to apply across findings. 630 // The expression is a list of one or more restrictions combined via logical 631 // operators `AND` and `OR`. 632 // Parentheses are supported, and `OR` has higher precedence than `AND`. 633 // 634 // Restrictions have the form `<field> <operator> <value>` and may have a `-` 635 // character in front of them to indicate negation. Examples include: 636 // 637 // * name 638 // * source_properties.a_property 639 // * security_marks.marks.marka 640 // 641 // The supported operators are: 642 // 643 // * `=` for all value types. 644 // * `>`, `<`, `>=`, `<=` for integer values. 645 // * `:`, meaning substring matching, for strings. 646 // 647 // The supported value types are: 648 // 649 // * string literals in quotes. 650 // * integer literals without quotes. 651 // * boolean literals `true` and `false` without quotes. 652 // 653 // The following field and operator combinations are supported: 654 // 655 // * name: `=` 656 // * parent: `=`, `:` 657 // * resource_name: `=`, `:` 658 // * state: `=`, `:` 659 // * category: `=`, `:` 660 // * external_uri: `=`, `:` 661 // * event_time: `=`, `>`, `<`, `>=`, `<=` 662 // * severity: `=`, `:` 663 // 664 // Usage: This should be milliseconds since epoch or an RFC3339 string. 665 // Examples: 666 // `event_time = "2019-06-10T16:07:18-07:00"` 667 // `event_time = 1560208038000` 668 // 669 // * security_marks.marks: `=`, `:` 670 // * source_properties: `=`, `:`, `>`, `<`, `>=`, `<=` 671 // 672 // For example, `source_properties.size = 100` is a valid filter string. 673 // 674 // Use a partial match on the empty string to filter based on a property 675 // existing: `source_properties.my_property : ""` 676 // 677 // Use a negated partial match on the empty string to filter based on a 678 // property not existing: `-source_properties.my_property : ""` 679 string filter = 2; 680 681 // Required. Expression that defines what assets fields to use for grouping (including 682 // `state_change`). The string value should follow SQL syntax: comma separated 683 // list of fields. For example: "parent,resource_name". 684 // 685 // The following fields are supported: 686 // 687 // * resource_name 688 // * category 689 // * state 690 // * parent 691 // * severity 692 // 693 // The following fields are supported when compare_duration is set: 694 // 695 // * state_change 696 string group_by = 3 [(google.api.field_behavior) = REQUIRED]; 697 698 // Time used as a reference point when filtering findings. The filter is 699 // limited to findings existing at the supplied time and their values are 700 // those at that specific time. Absence of this field will default to the 701 // API's version of NOW. 702 google.protobuf.Timestamp read_time = 4; 703 704 // When compare_duration is set, the GroupResult's "state_change" attribute is 705 // updated to indicate whether the finding had its state changed, the 706 // finding's state remained unchanged, or if the finding was added during the 707 // compare_duration period of time that precedes the read_time. This is the 708 // time between (read_time - compare_duration) and read_time. 709 // 710 // The state_change value is derived based on the presence and state of the 711 // finding at the two points in time. Intermediate state changes between the 712 // two times don't affect the result. For example, the results aren't affected 713 // if the finding is made inactive and then active again. 714 // 715 // Possible "state_change" values when compare_duration is specified: 716 // 717 // * "CHANGED": indicates that the finding was present and matched the given 718 // filter at the start of compare_duration, but changed its 719 // state at read_time. 720 // * "UNCHANGED": indicates that the finding was present and matched the given 721 // filter at the start of compare_duration and did not change 722 // state at read_time. 723 // * "ADDED": indicates that the finding did not match the given filter or 724 // was not present at the start of compare_duration, but was 725 // present at read_time. 726 // * "REMOVED": indicates that the finding was present and matched the 727 // filter at the start of compare_duration, but did not match 728 // the filter at read_time. 729 // 730 // If compare_duration is not specified, then the only possible state_change 731 // is "UNUSED", which will be the state_change set for all findings present 732 // at read_time. 733 // 734 // If this field is set then `state_change` must be a specified field in 735 // `group_by`. 736 google.protobuf.Duration compare_duration = 5; 737 738 // The value returned by the last `GroupFindingsResponse`; indicates 739 // that this is a continuation of a prior `GroupFindings` call, and 740 // that the system should return the next page of data. 741 string page_token = 7; 742 743 // The maximum number of results to return in a single response. Default is 744 // 10, minimum is 1, maximum is 1000. 745 int32 page_size = 8; 746} 747 748// Response message for group by findings. 749message GroupFindingsResponse { 750 // Group results. There exists an element for each existing unique 751 // combination of property/values. The element contains a count for the number 752 // of times those specific property/values appear. 753 repeated GroupResult group_by_results = 1; 754 755 // Time used for executing the groupBy request. 756 google.protobuf.Timestamp read_time = 2; 757 758 // Token to retrieve the next page of results, or empty if there are no more 759 // results. 760 string next_page_token = 3; 761 762 // The total number of results matching the query. 763 int32 total_size = 4; 764} 765 766// Result containing the properties and count of a groupBy request. 767message GroupResult { 768 // Properties matching the groupBy fields in the request. 769 map<string, google.protobuf.Value> properties = 1; 770 771 // Total count of resources for the given properties. 772 int64 count = 2; 773} 774 775// Request message for listing notification configs. 776message ListNotificationConfigsRequest { 777 // Required. Name of the organization to list notification configs. 778 // Its format is "organizations/[organization_id]". 779 string parent = 1 [ 780 (google.api.field_behavior) = REQUIRED, 781 (google.api.resource_reference) = { 782 type: "cloudresourcemanager.googleapis.com/Organization" 783 } 784 ]; 785 786 // The value returned by the last `ListNotificationConfigsResponse`; indicates 787 // that this is a continuation of a prior `ListNotificationConfigs` call, and 788 // that the system should return the next page of data. 789 string page_token = 2; 790 791 // The maximum number of results to return in a single response. Default is 792 // 10, minimum is 1, maximum is 1000. 793 int32 page_size = 3; 794} 795 796// Response message for listing notification configs. 797message ListNotificationConfigsResponse { 798 // Notification configs belonging to the requested parent. 799 repeated NotificationConfig notification_configs = 1; 800 801 // Token to retrieve the next page of results, or empty if there are no more 802 // results. 803 string next_page_token = 2; 804} 805 806// Request message for listing sources. 807message ListSourcesRequest { 808 // Required. Resource name of the parent of sources to list. Its format should be 809 // "organizations/[organization_id], folders/[folder_id], or 810 // projects/[project_id]". 811 string parent = 1 [ 812 (google.api.field_behavior) = REQUIRED, 813 (google.api.resource_reference) = { 814 child_type: "securitycenter.googleapis.com/Source" 815 } 816 ]; 817 818 // The value returned by the last `ListSourcesResponse`; indicates 819 // that this is a continuation of a prior `ListSources` call, and 820 // that the system should return the next page of data. 821 string page_token = 2; 822 823 // The maximum number of results to return in a single response. Default is 824 // 10, minimum is 1, maximum is 1000. 825 int32 page_size = 7; 826} 827 828// Response message for listing sources. 829message ListSourcesResponse { 830 // Sources belonging to the requested parent. 831 repeated Source sources = 1; 832 833 // Token to retrieve the next page of results, or empty if there are no more 834 // results. 835 string next_page_token = 2; 836} 837 838// Request message for listing assets. 839message ListAssetsRequest { 840 // Required. Name of the organization assets should belong to. Its format is 841 // "organizations/[organization_id], folders/[folder_id], or 842 // projects/[project_id]". 843 string parent = 1 [ 844 (google.api.field_behavior) = REQUIRED, 845 (google.api.resource_reference) = { 846 child_type: "securitycenter.googleapis.com/Asset" 847 } 848 ]; 849 850 // Expression that defines the filter to apply across assets. 851 // The expression is a list of zero or more restrictions combined via logical 852 // operators `AND` and `OR`. 853 // Parentheses are supported, and `OR` has higher precedence than `AND`. 854 // 855 // Restrictions have the form `<field> <operator> <value>` and may have a `-` 856 // character in front of them to indicate negation. The fields map to those 857 // defined in the Asset resource. Examples include: 858 // 859 // * name 860 // * security_center_properties.resource_name 861 // * resource_properties.a_property 862 // * security_marks.marks.marka 863 // 864 // The supported operators are: 865 // 866 // * `=` for all value types. 867 // * `>`, `<`, `>=`, `<=` for integer values. 868 // * `:`, meaning substring matching, for strings. 869 // 870 // The supported value types are: 871 // 872 // * string literals in quotes. 873 // * integer literals without quotes. 874 // * boolean literals `true` and `false` without quotes. 875 // 876 // The following are the allowed field and operator combinations: 877 // 878 // * name: `=` 879 // * update_time: `=`, `>`, `<`, `>=`, `<=` 880 // 881 // Usage: This should be milliseconds since epoch or an RFC3339 string. 882 // Examples: 883 // `update_time = "2019-06-10T16:07:18-07:00"` 884 // `update_time = 1560208038000` 885 // 886 // * create_time: `=`, `>`, `<`, `>=`, `<=` 887 // 888 // Usage: This should be milliseconds since epoch or an RFC3339 string. 889 // Examples: 890 // `create_time = "2019-06-10T16:07:18-07:00"` 891 // `create_time = 1560208038000` 892 // 893 // * iam_policy.policy_blob: `=`, `:` 894 // * resource_properties: `=`, `:`, `>`, `<`, `>=`, `<=` 895 // * security_marks.marks: `=`, `:` 896 // * security_center_properties.resource_name: `=`, `:` 897 // * security_center_properties.resource_display_name: `=`, `:` 898 // * security_center_properties.resource_type: `=`, `:` 899 // * security_center_properties.resource_parent: `=`, `:` 900 // * security_center_properties.resource_parent_display_name: `=`, `:` 901 // * security_center_properties.resource_project: `=`, `:` 902 // * security_center_properties.resource_project_display_name: `=`, `:` 903 // * security_center_properties.resource_owners: `=`, `:` 904 // 905 // For example, `resource_properties.size = 100` is a valid filter string. 906 // 907 // Use a partial match on the empty string to filter based on a property 908 // existing: `resource_properties.my_property : ""` 909 // 910 // Use a negated partial match on the empty string to filter based on a 911 // property not existing: `-resource_properties.my_property : ""` 912 string filter = 2; 913 914 // Expression that defines what fields and order to use for sorting. The 915 // string value should follow SQL syntax: comma separated list of fields. For 916 // example: "name,resource_properties.a_property". The default sorting order 917 // is ascending. To specify descending order for a field, a suffix " desc" 918 // should be appended to the field name. For example: "name 919 // desc,resource_properties.a_property". Redundant space characters in the 920 // syntax are insignificant. "name desc,resource_properties.a_property" and " 921 // name desc , resource_properties.a_property " are equivalent. 922 // 923 // The following fields are supported: 924 // name 925 // update_time 926 // resource_properties 927 // security_marks.marks 928 // security_center_properties.resource_name 929 // security_center_properties.resource_display_name 930 // security_center_properties.resource_parent 931 // security_center_properties.resource_parent_display_name 932 // security_center_properties.resource_project 933 // security_center_properties.resource_project_display_name 934 // security_center_properties.resource_type 935 string order_by = 3; 936 937 // Time used as a reference point when filtering assets. The filter is limited 938 // to assets existing at the supplied time and their values are those at that 939 // specific time. Absence of this field will default to the API's version of 940 // NOW. 941 google.protobuf.Timestamp read_time = 4; 942 943 // When compare_duration is set, the ListAssetsResult's "state_change" 944 // attribute is updated to indicate whether the asset was added, removed, or 945 // remained present during the compare_duration period of time that precedes 946 // the read_time. This is the time between (read_time - compare_duration) and 947 // read_time. 948 // 949 // The state_change value is derived based on the presence of the asset at the 950 // two points in time. Intermediate state changes between the two times don't 951 // affect the result. For example, the results aren't affected if the asset is 952 // removed and re-created again. 953 // 954 // Possible "state_change" values when compare_duration is specified: 955 // 956 // * "ADDED": indicates that the asset was not present at the start of 957 // compare_duration, but present at read_time. 958 // * "REMOVED": indicates that the asset was present at the start of 959 // compare_duration, but not present at read_time. 960 // * "ACTIVE": indicates that the asset was present at both the 961 // start and the end of the time period defined by 962 // compare_duration and read_time. 963 // 964 // If compare_duration is not specified, then the only possible state_change 965 // is "UNUSED", which will be the state_change set for all assets present at 966 // read_time. 967 google.protobuf.Duration compare_duration = 5; 968 969 // A field mask to specify the ListAssetsResult fields to be listed in the 970 // response. 971 // An empty field mask will list all fields. 972 google.protobuf.FieldMask field_mask = 7; 973 974 // The value returned by the last `ListAssetsResponse`; indicates 975 // that this is a continuation of a prior `ListAssets` call, and 976 // that the system should return the next page of data. 977 string page_token = 8; 978 979 // The maximum number of results to return in a single response. Default is 980 // 10, minimum is 1, maximum is 1000. 981 int32 page_size = 9; 982} 983 984// Response message for listing assets. 985message ListAssetsResponse { 986 // Result containing the Asset and its State. 987 message ListAssetsResult { 988 // The change in state of the asset. 989 // 990 // When querying across two points in time this describes 991 // the change between the two points: ADDED, REMOVED, or ACTIVE. 992 // If there was no compare_duration supplied in the request the state change 993 // will be: UNUSED 994 enum StateChange { 995 // State change is unused, this is the canonical default for this enum. 996 UNUSED = 0; 997 998 // Asset was added between the points in time. 999 ADDED = 1; 1000 1001 // Asset was removed between the points in time. 1002 REMOVED = 2; 1003 1004 // Asset was present at both point(s) in time. 1005 ACTIVE = 3; 1006 } 1007 1008 // Asset matching the search request. 1009 Asset asset = 1; 1010 1011 // State change of the asset between the points in time. 1012 StateChange state_change = 2; 1013 } 1014 1015 // Assets matching the list request. 1016 repeated ListAssetsResult list_assets_results = 1; 1017 1018 // Time used for executing the list request. 1019 google.protobuf.Timestamp read_time = 2; 1020 1021 // Token to retrieve the next page of results, or empty if there are no more 1022 // results. 1023 string next_page_token = 3; 1024 1025 // The total number of assets matching the query. 1026 int32 total_size = 4; 1027} 1028 1029// Request message for listing findings. 1030message ListFindingsRequest { 1031 // Required. Name of the source the findings belong to. Its format is 1032 // "organizations/[organization_id]/sources/[source_id], 1033 // folders/[folder_id]/sources/[source_id], or 1034 // projects/[project_id]/sources/[source_id]". To list across all sources 1035 // provide a source_id of `-`. For example: 1036 // organizations/{organization_id}/sources/-, folders/{folder_id}/sources/- or 1037 // projects/{projects_id}/sources/- 1038 string parent = 1 [ 1039 (google.api.field_behavior) = REQUIRED, 1040 (google.api.resource_reference) = { 1041 type: "securitycenter.googleapis.com/Source" 1042 } 1043 ]; 1044 1045 // Expression that defines the filter to apply across findings. 1046 // The expression is a list of one or more restrictions combined via logical 1047 // operators `AND` and `OR`. 1048 // Parentheses are supported, and `OR` has higher precedence than `AND`. 1049 // 1050 // Restrictions have the form `<field> <operator> <value>` and may have a `-` 1051 // character in front of them to indicate negation. Examples include: 1052 // 1053 // * name 1054 // * source_properties.a_property 1055 // * security_marks.marks.marka 1056 // 1057 // The supported operators are: 1058 // 1059 // * `=` for all value types. 1060 // * `>`, `<`, `>=`, `<=` for integer values. 1061 // * `:`, meaning substring matching, for strings. 1062 // 1063 // The supported value types are: 1064 // 1065 // * string literals in quotes. 1066 // * integer literals without quotes. 1067 // * boolean literals `true` and `false` without quotes. 1068 // 1069 // The following field and operator combinations are supported: 1070 // 1071 // * name: `=` 1072 // * parent: `=`, `:` 1073 // * resource_name: `=`, `:` 1074 // * state: `=`, `:` 1075 // * category: `=`, `:` 1076 // * external_uri: `=`, `:` 1077 // * event_time: `=`, `>`, `<`, `>=`, `<=` 1078 // * severity: `=`, `:` 1079 // 1080 // Usage: This should be milliseconds since epoch or an RFC3339 string. 1081 // Examples: 1082 // `event_time = "2019-06-10T16:07:18-07:00"` 1083 // `event_time = 1560208038000` 1084 // 1085 // security_marks.marks: `=`, `:` 1086 // source_properties: `=`, `:`, `>`, `<`, `>=`, `<=` 1087 // 1088 // For example, `source_properties.size = 100` is a valid filter string. 1089 // 1090 // Use a partial match on the empty string to filter based on a property 1091 // existing: `source_properties.my_property : ""` 1092 // 1093 // Use a negated partial match on the empty string to filter based on a 1094 // property not existing: `-source_properties.my_property : ""` 1095 string filter = 2; 1096 1097 // Expression that defines what fields and order to use for sorting. The 1098 // string value should follow SQL syntax: comma separated list of fields. For 1099 // example: "name,resource_properties.a_property". The default sorting order 1100 // is ascending. To specify descending order for a field, a suffix " desc" 1101 // should be appended to the field name. For example: "name 1102 // desc,source_properties.a_property". Redundant space characters in the 1103 // syntax are insignificant. "name desc,source_properties.a_property" and " 1104 // name desc , source_properties.a_property " are equivalent. 1105 // 1106 // The following fields are supported: 1107 // name 1108 // parent 1109 // state 1110 // category 1111 // resource_name 1112 // event_time 1113 // source_properties 1114 // security_marks.marks 1115 string order_by = 3; 1116 1117 // Time used as a reference point when filtering findings. The filter is 1118 // limited to findings existing at the supplied time and their values are 1119 // those at that specific time. Absence of this field will default to the 1120 // API's version of NOW. 1121 google.protobuf.Timestamp read_time = 4; 1122 1123 // When compare_duration is set, the ListFindingsResult's "state_change" 1124 // attribute is updated to indicate whether the finding had its state changed, 1125 // the finding's state remained unchanged, or if the finding was added in any 1126 // state during the compare_duration period of time that precedes the 1127 // read_time. This is the time between (read_time - compare_duration) and 1128 // read_time. 1129 // 1130 // The state_change value is derived based on the presence and state of the 1131 // finding at the two points in time. Intermediate state changes between the 1132 // two times don't affect the result. For example, the results aren't affected 1133 // if the finding is made inactive and then active again. 1134 // 1135 // Possible "state_change" values when compare_duration is specified: 1136 // 1137 // * "CHANGED": indicates that the finding was present and matched the given 1138 // filter at the start of compare_duration, but changed its 1139 // state at read_time. 1140 // * "UNCHANGED": indicates that the finding was present and matched the given 1141 // filter at the start of compare_duration and did not change 1142 // state at read_time. 1143 // * "ADDED": indicates that the finding did not match the given filter or 1144 // was not present at the start of compare_duration, but was 1145 // present at read_time. 1146 // * "REMOVED": indicates that the finding was present and matched the 1147 // filter at the start of compare_duration, but did not match 1148 // the filter at read_time. 1149 // 1150 // If compare_duration is not specified, then the only possible state_change 1151 // is "UNUSED", which will be the state_change set for all findings present at 1152 // read_time. 1153 google.protobuf.Duration compare_duration = 5; 1154 1155 // A field mask to specify the Finding fields to be listed in the response. 1156 // An empty field mask will list all fields. 1157 google.protobuf.FieldMask field_mask = 7; 1158 1159 // The value returned by the last `ListFindingsResponse`; indicates 1160 // that this is a continuation of a prior `ListFindings` call, and 1161 // that the system should return the next page of data. 1162 string page_token = 8; 1163 1164 // The maximum number of results to return in a single response. Default is 1165 // 10, minimum is 1, maximum is 1000. 1166 int32 page_size = 9; 1167} 1168 1169// Response message for listing findings. 1170message ListFindingsResponse { 1171 // Result containing the Finding and its StateChange. 1172 message ListFindingsResult { 1173 // Information related to the Google Cloud resource that is 1174 // associated with this finding. 1175 message Resource { 1176 // The full resource name of the resource. See: 1177 // https://cloud.google.com/apis/design/resource_names#full_resource_name 1178 string name = 1; 1179 1180 // The full resource name of project that the resource belongs to. 1181 string project_name = 2; 1182 1183 // The human readable name of project that the resource belongs to. 1184 string project_display_name = 3; 1185 1186 // The full resource name of resource's parent. 1187 string parent_name = 4; 1188 1189 // The human readable name of resource's parent. 1190 string parent_display_name = 5; 1191 1192 // Contains a Folder message for each folder in the assets ancestry. 1193 // The first folder is the deepest nested folder, and the last folder is 1194 // the folder directly under the Organization. 1195 repeated Folder folders = 10; 1196 } 1197 1198 // The change in state of the finding. 1199 // 1200 // When querying across two points in time this describes 1201 // the change in the finding between the two points: CHANGED, UNCHANGED, 1202 // ADDED, or REMOVED. Findings can not be deleted, so REMOVED implies that 1203 // the finding at timestamp does not match the filter specified, but it did 1204 // at timestamp - compare_duration. If there was no compare_duration 1205 // supplied in the request the state change will be: UNUSED 1206 enum StateChange { 1207 // State change is unused, this is the canonical default for this enum. 1208 UNUSED = 0; 1209 1210 // The finding has changed state in some way between the points in time 1211 // and existed at both points. 1212 CHANGED = 1; 1213 1214 // The finding has not changed state between the points in time and 1215 // existed at both points. 1216 UNCHANGED = 2; 1217 1218 // The finding was created between the points in time. 1219 ADDED = 3; 1220 1221 // The finding at timestamp does not match the filter specified, but it 1222 // did at timestamp - compare_duration. 1223 REMOVED = 4; 1224 } 1225 1226 // Finding matching the search request. 1227 Finding finding = 1; 1228 1229 // State change of the finding between the points in time. 1230 StateChange state_change = 2; 1231 1232 // Output only. Resource that is associated with this finding. 1233 Resource resource = 3 [(google.api.field_behavior) = OUTPUT_ONLY]; 1234 } 1235 1236 // Findings matching the list request. 1237 repeated ListFindingsResult list_findings_results = 1; 1238 1239 // Time used for executing the list request. 1240 google.protobuf.Timestamp read_time = 2; 1241 1242 // Token to retrieve the next page of results, or empty if there are no more 1243 // results. 1244 string next_page_token = 3; 1245 1246 // The total number of findings matching the query. 1247 int32 total_size = 4; 1248} 1249 1250// Request message for updating a finding's state. 1251message SetFindingStateRequest { 1252 // Required. The relative resource name of the finding. See: 1253 // https://cloud.google.com/apis/design/resource_names#relative_resource_name 1254 // Example: 1255 // "organizations/{organization_id}/sources/{source_id}/finding/{finding_id}". 1256 string name = 1 [ 1257 (google.api.field_behavior) = REQUIRED, 1258 (google.api.resource_reference) = { 1259 type: "securitycenter.googleapis.com/Finding" 1260 } 1261 ]; 1262 1263 // Required. The desired State of the finding. 1264 Finding.State state = 2 [(google.api.field_behavior) = REQUIRED]; 1265 1266 // Required. The time at which the updated state takes effect. 1267 google.protobuf.Timestamp start_time = 3 [(google.api.field_behavior) = REQUIRED]; 1268} 1269 1270// Request message for running asset discovery for an organization. 1271message RunAssetDiscoveryRequest { 1272 // Required. Name of the organization to run asset discovery for. Its format is 1273 // "organizations/[organization_id]". 1274 string parent = 1 [ 1275 (google.api.field_behavior) = REQUIRED, 1276 (google.api.resource_reference) = { 1277 type: "cloudresourcemanager.googleapis.com/Organization" 1278 } 1279 ]; 1280} 1281 1282// Request message for updating or creating a finding. 1283message UpdateFindingRequest { 1284 // Required. The finding resource to update or create if it does not already exist. 1285 // parent, security_marks, and update_time will be ignored. 1286 // 1287 // In the case of creation, the finding id portion of the name must be 1288 // alphanumeric and less than or equal to 32 characters and greater than 0 1289 // characters in length. 1290 Finding finding = 1 [(google.api.field_behavior) = REQUIRED]; 1291 1292 // The FieldMask to use when updating the finding resource. This field should 1293 // not be specified when creating a finding. 1294 // 1295 // When updating a finding, an empty mask is treated as updating all mutable 1296 // fields and replacing source_properties. Individual source_properties can 1297 // be added/updated by using "source_properties.<property key>" in the field 1298 // mask. 1299 google.protobuf.FieldMask update_mask = 2; 1300} 1301 1302// Request message for updating a notification config. 1303message UpdateNotificationConfigRequest { 1304 // Required. The notification config to update. 1305 NotificationConfig notification_config = 1 [(google.api.field_behavior) = REQUIRED]; 1306 1307 // The FieldMask to use when updating the notification config. 1308 // 1309 // If empty all mutable fields will be updated. 1310 google.protobuf.FieldMask update_mask = 2; 1311} 1312 1313// Request message for updating an organization's settings. 1314message UpdateOrganizationSettingsRequest { 1315 // Required. The organization settings resource to update. 1316 OrganizationSettings organization_settings = 1 [(google.api.field_behavior) = REQUIRED]; 1317 1318 // The FieldMask to use when updating the settings resource. 1319 // 1320 // If empty all mutable fields will be updated. 1321 google.protobuf.FieldMask update_mask = 2; 1322} 1323 1324// Request message for updating a source. 1325message UpdateSourceRequest { 1326 // Required. The source resource to update. 1327 Source source = 1 [(google.api.field_behavior) = REQUIRED]; 1328 1329 // The FieldMask to use when updating the source resource. 1330 // 1331 // If empty all mutable fields will be updated. 1332 google.protobuf.FieldMask update_mask = 2; 1333} 1334 1335// Request message for updating a SecurityMarks resource. 1336message UpdateSecurityMarksRequest { 1337 // Required. The security marks resource to update. 1338 SecurityMarks security_marks = 1 [(google.api.field_behavior) = REQUIRED]; 1339 1340 // The FieldMask to use when updating the security marks resource. 1341 // 1342 // The field mask must not contain duplicate fields. 1343 // If empty or set to "marks", all marks will be replaced. Individual 1344 // marks can be updated using "marks.<mark_key>". 1345 google.protobuf.FieldMask update_mask = 2; 1346 1347 // The time at which the updated SecurityMarks take effect. 1348 // If not set uses current server time. Updates will be applied to the 1349 // SecurityMarks that are active immediately preceding this time. 1350 google.protobuf.Timestamp start_time = 3; 1351} 1352