fix(deps): require google-api-core>=1.32.0,>=2.8.0 (#337)

- [ ] Regenerate this pull request now. PiperOrigin-RevId: 459095142 Source-Link: googleapis/googleapis@4f1be99 Source-Link: googleapis/googleapis-gen@ae686d9 Copy-Tag: eyJwIjoiLmdpdGh1Yi8uT3dsQm90LnlhbWwiLCJoIjoiYWU2ODZkOWNkZTRmYzNlMzZkMGFjMDJlZmI4NjQzYjE1ODkwYzFlZCJ9 feat: Added contacts field to findings attributes, specifying Essential Contacts defined at org, folder or project level within a GCP org feat: Added process signature fields to the indicator attribute that helps surface multiple types of signature defined IOCs PiperOrigin-RevId: 458537238 Source-Link: googleapis/googleapis@7fdec62 Source-Link: googleapis/googleapis-gen@bb340e3 Copy-Tag: eyJwIjoiLmdpdGh1Yi8uT3dsQm90LnlhbWwiLCJoIjoiYmIzNDBlMzIyMzUzOWE3OTJhMjA0YmUyYTc5NGZiMmFkMzcyNGY2OCJ9 feat: add audience parameter PiperOrigin-RevId: 456827138 Source-Link: googleapis/googleapis@23f1a15 Source-Link: googleapis/googleapis-gen@4075a85 Copy-Tag: eyJwIjoiLmdpdGh1Yi8uT3dsQm90LnlhbWwiLCJoIjoiNDA3NWE4NTE0ZjY3NjY5MWVjMTU2Njg4YTViYmYxODNhYTk4OTNjZSJ9 feat: Add compliances, processes and exfiltration fields to findings attributes They contain compliance information about a security standard indicating unmet recommendations, represents operating system processes, and data exfiltration attempt of one... or more source(s) to one or more target(s). Source(s) represent the source of data that is exfiltrated, and Target(s) represents the destination the data was copied to PiperOrigin-RevId: 452067806 Source-Link: googleapis/googleapis@5bfadd9 Source-Link: googleapis/googleapis-gen@ae56215 Copy-Tag: eyJwIjoiLmdpdGh1Yi8uT3dsQm90LnlhbWwiLCJoIjoiYWU1NjIxNTI0NmRlZTk2OGE0ZWFjNDNiMDAxMmQ2NzY4NzZlNTJhNCJ9
googleapis · Jul 16, 2022 · 3da7158 · 3da7158
1 parent 9ccbef8
commit 3da7158
Show file tree

Hide file tree

Showing 30 changed files with 835 additions and 44 deletions.
diff --git a/packages/google-cloud-securitycenter/google/cloud/securitycenter/__init__.py b/packages/google-cloud-securitycenter/google/cloud/securitycenter/__init__.py
@@ -23,8 +23,15 @@
 from google.cloud.securitycenter_v1.types.access import Access, Geolocation
 from google.cloud.securitycenter_v1.types.asset import Asset
 from google.cloud.securitycenter_v1.types.bigquery_export import BigQueryExport
+from google.cloud.securitycenter_v1.types.compliance import Compliance
 from google.cloud.securitycenter_v1.types.connection import Connection
+from google.cloud.securitycenter_v1.types.contact_details import Contact, ContactDetails
+from google.cloud.securitycenter_v1.types.exfiltration import (
+    ExfilResource,
+    Exfiltration,
+)
 from google.cloud.securitycenter_v1.types.external_system import ExternalSystem
+from google.cloud.securitycenter_v1.types.file import File
 from google.cloud.securitycenter_v1.types.finding import Finding
 from google.cloud.securitycenter_v1.types.folder import Folder
 from google.cloud.securitycenter_v1.types.iam_binding import IamBinding
@@ -38,6 +45,7 @@
 from google.cloud.securitycenter_v1.types.organization_settings import (
     OrganizationSettings,
 )
+from google.cloud.securitycenter_v1.types.process import EnvironmentVariable, Process
 from google.cloud.securitycenter_v1.types.resource import Resource
 from google.cloud.securitycenter_v1.types.run_asset_discovery_response import (
     RunAssetDiscoveryResponse,
@@ -103,8 +111,14 @@
     "Geolocation",
     "Asset",
     "BigQueryExport",
+    "Compliance",
     "Connection",
+    "Contact",
+    "ContactDetails",
+    "ExfilResource",
+    "Exfiltration",
     "ExternalSystem",
+    "File",
     "Finding",
     "Folder",
     "IamBinding",
@@ -114,6 +128,8 @@
     "NotificationConfig",
     "NotificationMessage",
     "OrganizationSettings",
+    "EnvironmentVariable",
+    "Process",
     "Resource",
     "RunAssetDiscoveryResponse",
     "SecurityMarks",

diff --git a/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/__init__.py b/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/__init__.py
@@ -18,8 +18,12 @@
 from .types.access import Access, Geolocation
 from .types.asset import Asset
 from .types.bigquery_export import BigQueryExport
+from .types.compliance import Compliance
 from .types.connection import Connection
+from .types.contact_details import Contact, ContactDetails
+from .types.exfiltration import ExfilResource, Exfiltration
 from .types.external_system import ExternalSystem
+from .types.file import File
 from .types.finding import Finding
 from .types.folder import Folder
 from .types.iam_binding import IamBinding
@@ -29,6 +33,7 @@
 from .types.notification_config import NotificationConfig
 from .types.notification_message import NotificationMessage
 from .types.organization_settings import OrganizationSettings
+from .types.process import EnvironmentVariable, Process
 from .types.resource import Resource
 from .types.run_asset_discovery_response import RunAssetDiscoveryResponse
 from .types.security_marks import SecurityMarks
@@ -87,7 +92,10 @@
     "BigQueryExport",
     "BulkMuteFindingsRequest",
     "BulkMuteFindingsResponse",
+    "Compliance",
     "Connection",
+    "Contact",
+    "ContactDetails",
     "CreateBigQueryExportRequest",
     "CreateFindingRequest",
     "CreateMuteConfigRequest",
@@ -98,7 +106,11 @@
     "DeleteBigQueryExportRequest",
     "DeleteMuteConfigRequest",
     "DeleteNotificationConfigRequest",
+    "EnvironmentVariable",
+    "ExfilResource",
+    "Exfiltration",
     "ExternalSystem",
+    "File",
     "Finding",
     "Folder",
     "Geolocation",
@@ -131,6 +143,7 @@
     "NotificationConfig",
     "NotificationMessage",
     "OrganizationSettings",
+    "Process",
     "Reference",
     "Resource",
     "RunAssetDiscoveryRequest",

diff --git a/...ud-securitycenter/google/cloud/securitycenter_v1/services/security_center/async_client.py b/...ud-securitycenter/google/cloud/securitycenter_v1/services/security_center/async_client.py
@@ -40,8 +40,15 @@
 from google.protobuf import timestamp_pb2  # type: ignore
 
 from google.cloud.securitycenter_v1.services.security_center import pagers
-from google.cloud.securitycenter_v1.types import access, bigquery_export, connection
+from google.cloud.securitycenter_v1.types import (
+    access,
+    bigquery_export,
+    compliance,
+    connection,
+    exfiltration,
+)
 from google.cloud.securitycenter_v1.types import iam_binding, indicator, mitre_attack
+from google.cloud.securitycenter_v1.types import process, run_asset_discovery_response
 from google.cloud.securitycenter_v1.types import external_system as gcs_external_system
 from google.cloud.securitycenter_v1.types import (
     notification_config as gcs_notification_config,
@@ -56,7 +63,6 @@
 from google.cloud.securitycenter_v1.types import mute_config as gcs_mute_config
 from google.cloud.securitycenter_v1.types import notification_config
 from google.cloud.securitycenter_v1.types import organization_settings
-from google.cloud.securitycenter_v1.types import run_asset_discovery_response
 from google.cloud.securitycenter_v1.types import security_marks
 from google.cloud.securitycenter_v1.types import securitycenter_service
 from google.cloud.securitycenter_v1.types import source

diff --git a/...le-cloud-securitycenter/google/cloud/securitycenter_v1/services/security_center/client.py b/...le-cloud-securitycenter/google/cloud/securitycenter_v1/services/security_center/client.py
@@ -43,8 +43,15 @@
 from google.protobuf import timestamp_pb2  # type: ignore
 
 from google.cloud.securitycenter_v1.services.security_center import pagers
-from google.cloud.securitycenter_v1.types import access, bigquery_export, connection
+from google.cloud.securitycenter_v1.types import (
+    access,
+    bigquery_export,
+    compliance,
+    connection,
+    exfiltration,
+)
 from google.cloud.securitycenter_v1.types import iam_binding, indicator, mitre_attack
+from google.cloud.securitycenter_v1.types import process, run_asset_discovery_response
 from google.cloud.securitycenter_v1.types import external_system as gcs_external_system
 from google.cloud.securitycenter_v1.types import (
     notification_config as gcs_notification_config,
@@ -59,7 +66,6 @@
 from google.cloud.securitycenter_v1.types import mute_config as gcs_mute_config
 from google.cloud.securitycenter_v1.types import notification_config
 from google.cloud.securitycenter_v1.types import organization_settings
-from google.cloud.securitycenter_v1.types import run_asset_discovery_response
 from google.cloud.securitycenter_v1.types import security_marks
 from google.cloud.securitycenter_v1.types import securitycenter_service
 from google.cloud.securitycenter_v1.types import source
@@ -632,6 +638,7 @@ def __init__(
                 quota_project_id=client_options.quota_project_id,
                 client_info=client_info,
                 always_use_jwt_access=True,
+                api_audience=client_options.api_audience,
             )
 
     def bulk_mute_findings(

diff --git a/...securitycenter/google/cloud/securitycenter_v1/services/security_center/transports/base.py b/...securitycenter/google/cloud/securitycenter_v1/services/security_center/transports/base.py
@@ -75,6 +75,7 @@ def __init__(
         quota_project_id: Optional[str] = None,
         client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO,
         always_use_jwt_access: Optional[bool] = False,
+        api_audience: Optional[str] = None,
         **kwargs,
     ) -> None:
         """Instantiate the transport.
@@ -102,11 +103,6 @@ def __init__(
                 be used for service account credentials.
         """
 
-        # Save the hostname. Default to port 443 (HTTPS) if none is specified.
-        if ":" not in host:
-            host += ":443"
-        self._host = host
-
         scopes_kwargs = {"scopes": scopes, "default_scopes": self.AUTH_SCOPES}
 
         # Save the scopes.
@@ -127,6 +123,11 @@ def __init__(
             credentials, _ = google.auth.default(
                 **scopes_kwargs, quota_project_id=quota_project_id
             )
+            # Don't apply audience if the credentials file passed from user.
+            if hasattr(credentials, "with_gdch_audience"):
+                credentials = credentials.with_gdch_audience(
+                    api_audience if api_audience else host
+                )
 
         # If the credentials are service account credentials, then always try to use self signed JWT.
         if (
@@ -139,6 +140,11 @@ def __init__(
         # Save the credentials.
         self._credentials = credentials
 
+        # Save the hostname. Default to port 443 (HTTPS) if none is specified.
+        if ":" not in host:
+            host += ":443"
+        self._host = host
+
     def _prep_wrapped_messages(self, client_info):
         # Precompute the wrapped methods.
         self._wrapped_methods = {

diff --git a/...securitycenter/google/cloud/securitycenter_v1/services/security_center/transports/grpc.py b/...securitycenter/google/cloud/securitycenter_v1/services/security_center/transports/grpc.py
@@ -78,6 +78,7 @@ def __init__(
         quota_project_id: Optional[str] = None,
         client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO,
         always_use_jwt_access: Optional[bool] = False,
+        api_audience: Optional[str] = None,
     ) -> None:
         """Instantiate the transport.
 
@@ -174,6 +175,7 @@ def __init__(
             quota_project_id=quota_project_id,
             client_info=client_info,
             always_use_jwt_access=always_use_jwt_access,
+            api_audience=api_audience,
         )
 
         if not self._grpc_channel:

diff --git a/...center/google/cloud/securitycenter_v1/services/security_center/transports/grpc_asyncio.py b/...center/google/cloud/securitycenter_v1/services/security_center/transports/grpc_asyncio.py
@@ -123,6 +123,7 @@ def __init__(
         quota_project_id=None,
         client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO,
         always_use_jwt_access: Optional[bool] = False,
+        api_audience: Optional[str] = None,
     ) -> None:
         """Instantiate the transport.
 
@@ -219,6 +220,7 @@ def __init__(
             quota_project_id=quota_project_id,
             client_info=client_info,
             always_use_jwt_access=always_use_jwt_access,
+            api_audience=api_audience,
         )
 
         if not self._grpc_channel:

diff --git a/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/types/__init__.py b/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/types/__init__.py
@@ -16,8 +16,12 @@
 from .access import Access, Geolocation
 from .asset import Asset
 from .bigquery_export import BigQueryExport
+from .compliance import Compliance
 from .connection import Connection
+from .contact_details import Contact, ContactDetails
+from .exfiltration import ExfilResource, Exfiltration
 from .external_system import ExternalSystem
+from .file import File
 from .finding import Finding
 from .folder import Folder
 from .iam_binding import IamBinding
@@ -27,6 +31,7 @@
 from .notification_config import NotificationConfig
 from .notification_message import NotificationMessage
 from .organization_settings import OrganizationSettings
+from .process import EnvironmentVariable, Process
 from .resource import Resource
 from .run_asset_discovery_response import RunAssetDiscoveryResponse
 from .security_marks import SecurityMarks
@@ -83,8 +88,14 @@
     "Geolocation",
     "Asset",
     "BigQueryExport",
+    "Compliance",
     "Connection",
+    "Contact",
+    "ContactDetails",
+    "ExfilResource",
+    "Exfiltration",
     "ExternalSystem",
+    "File",
     "Finding",
     "Folder",
     "IamBinding",
@@ -94,6 +105,8 @@
     "NotificationConfig",
     "NotificationMessage",
     "OrganizationSettings",
+    "EnvironmentVariable",
+    "Process",
     "Resource",
     "RunAssetDiscoveryResponse",
     "SecurityMarks",

diff --git a/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/types/compliance.py b/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/types/compliance.py
@@ -0,0 +1,55 @@
+# -*- coding: utf-8 -*-
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+import proto  # type: ignore
+
+__protobuf__ = proto.module(
+    package="google.cloud.securitycenter.v1",
+    manifest={
+        "Compliance",
+    },
+)
+
+
+class Compliance(proto.Message):
+    r"""Contains compliance information about a security standard
+    indicating unmet recommendations.
+
+    Attributes:
+        standard (str):
+            Refers to industry wide standards or
+            benchmarks e.g. "cis", "pci", "owasp", etc.
+        version (str):
+            Version of the standard/benchmark e.g. 1.1
+        ids (Sequence[str]):
+            Policies within the standard/benchmark e.g.
+            A.12.4.1
+    """
+
+    standard = proto.Field(
+        proto.STRING,
+        number=1,
+    )
+    version = proto.Field(
+        proto.STRING,
+        number=2,
+    )
+    ids = proto.RepeatedField(
+        proto.STRING,
+        number=3,
+    )
+
+
+__all__ = tuple(sorted(__protobuf__.manifest))
diff --git a/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/types/contact_details.py b/packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/types/contact_details.py
@@ -0,0 +1,56 @@
+# -*- coding: utf-8 -*-
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+import proto  # type: ignore
+
+__protobuf__ = proto.module(
+    package="google.cloud.securitycenter.v1",
+    manifest={
+        "ContactDetails",
+        "Contact",
+    },
+)
+
+
+class ContactDetails(proto.Message):
+    r"""The details pertaining to specific contacts
+
+    Attributes:
+        contacts (Sequence[google.cloud.securitycenter_v1.types.Contact]):
+            A list of contacts
+    """
+
+    contacts = proto.RepeatedField(
+        proto.MESSAGE,
+        number=1,
+        message="Contact",
+    )
+
+
+class Contact(proto.Message):
+    r"""Representa a single contact's email address
+
+    Attributes:
+        email (str):
+            An email address e.g. "person123@company.com".
+    """
+
+    email = proto.Field(
+        proto.STRING,
+        number=1,
+    )
+
+
+__all__ = tuple(sorted(__protobuf__.manifest))