feat: [google-cloud-securitycenter] Add cloud_armor field to finding's list of attributes (#12586)

- [ ] Regenerate this pull request now.

PiperOrigin-RevId: 625555619

Source-Link:
googleapis/googleapis@42c6f00

Source-Link:
googleapis/googleapis-gen@113f042
Copy-Tag:
eyJwIjoicGFja2FnZXMvZ29vZ2xlLWNsb3VkLXNlY3VyaXR5Y2VudGVyLy5Pd2xCb3QueWFtbCIsImgiOiIxMTNmMDQyZDExNmY0Mzg4NDM0ZGUwZTdkNDExNmJkODllZjc2OWMzIn0=

---------

Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>

Author: gcf-owl-bot[bot]

packages/google-cloud-securitycenter/google/cloud/securitycenter/__init__.py

@@ -35,6 +35,13 @@
     BackupDisasterRecovery,
 )
 from google.cloud.securitycenter_v1.types.bigquery_export import BigQueryExport
+from google.cloud.securitycenter_v1.types.cloud_armor import (
+    AdaptiveProtection,
+    Attack,
+    CloudArmor,
+    Requests,
+    SecurityPolicy,
+)
 from google.cloud.securitycenter_v1.types.cloud_dlp_data_profile import (
     CloudDlpDataProfile,
 )
@@ -164,6 +171,11 @@
     "Asset",
     "BackupDisasterRecovery",
     "BigQueryExport",
+    "AdaptiveProtection",
+    "Attack",
+    "CloudArmor",
+    "Requests",
+    "SecurityPolicy",
     "CloudDlpDataProfile",
     "CloudDlpInspection",
     "Compliance",

packages/google-cloud-securitycenter/google/cloud/securitycenter/gapic_version.py

@@ -13,4 +13,4 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
-__version__ = "1.30.1"  # {x-release-please-version}
+__version__ = "0.0.0"  # {x-release-please-version}

packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/__init__.py

@@ -24,6 +24,13 @@
 from .types.asset import Asset
 from .types.backup_disaster_recovery import BackupDisasterRecovery
 from .types.bigquery_export import BigQueryExport
+from .types.cloud_armor import (
+    AdaptiveProtection,
+    Attack,
+    CloudArmor,
+    Requests,
+    SecurityPolicy,
+)
 from .types.cloud_dlp_data_profile import CloudDlpDataProfile
 from .types.cloud_dlp_inspection import CloudDlpInspection
 from .types.compliance import Compliance
@@ -133,12 +140,15 @@
 __all__ = (
     "SecurityCenterAsyncClient",
     "Access",
+    "AdaptiveProtection",
     "Application",
     "Asset",
+    "Attack",
     "BackupDisasterRecovery",
     "BigQueryExport",
     "BulkMuteFindingsRequest",
     "BulkMuteFindingsResponse",
+    "CloudArmor",
     "CloudDlpDataProfile",
     "CloudDlpInspection",
     "CloudLoggingEntry",
@@ -217,13 +227,15 @@
     "Package",
     "Process",
     "Reference",
+    "Requests",
     "Resource",
     "RunAssetDiscoveryRequest",
     "RunAssetDiscoveryResponse",
     "SecurityBulletin",
     "SecurityCenterClient",
     "SecurityHealthAnalyticsCustomModule",
     "SecurityMarks",
+    "SecurityPolicy",
     "SecurityPosture",
     "ServiceAccountDelegationInfo",
     "SetFindingStateRequest",

packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/gapic_version.py

@@ -13,4 +13,4 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
-__version__ = "1.30.1"  # {x-release-please-version}
+__version__ = "0.0.0"  # {x-release-please-version}

packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/services/security_center/async_client.py

@@ -58,6 +58,7 @@
     application,
     backup_disaster_recovery,
     bigquery_export,
+    cloud_armor,
     cloud_dlp_data_profile,
     cloud_dlp_inspection,
     compliance,

packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/services/security_center/client.py

@@ -62,6 +62,7 @@
     application,
     backup_disaster_recovery,
     bigquery_export,
+    cloud_armor,
     cloud_dlp_data_profile,
     cloud_dlp_inspection,
     compliance,

packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/types/__init__.py

@@ -18,6 +18,13 @@
 from .asset import Asset
 from .backup_disaster_recovery import BackupDisasterRecovery
 from .bigquery_export import BigQueryExport
+from .cloud_armor import (
+    AdaptiveProtection,
+    Attack,
+    CloudArmor,
+    Requests,
+    SecurityPolicy,
+)
 from .cloud_dlp_data_profile import CloudDlpDataProfile
 from .cloud_dlp_inspection import CloudDlpInspection
 from .compliance import Compliance
@@ -130,6 +137,11 @@
     "Asset",
     "BackupDisasterRecovery",
     "BigQueryExport",
+    "AdaptiveProtection",
+    "Attack",
+    "CloudArmor",
+    "Requests",
+    "SecurityPolicy",
     "CloudDlpDataProfile",
     "CloudDlpInspection",
     "Compliance",

packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/types/cloud_armor.py

@@ -0,0 +1,215 @@
+# -*- coding: utf-8 -*-
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+from __future__ import annotations
+
+from typing import MutableMapping, MutableSequence
+
+from google.protobuf import duration_pb2  # type: ignore
+import proto  # type: ignore
+
+__protobuf__ = proto.module(
+    package="google.cloud.securitycenter.v1",
+    manifest={
+        "CloudArmor",
+        "SecurityPolicy",
+        "Requests",
+        "AdaptiveProtection",
+        "Attack",
+    },
+)
+
+
+class CloudArmor(proto.Message):
+    r"""Fields related to Google Cloud Armor findings.
+
+    Attributes:
+        security_policy (google.cloud.securitycenter_v1.types.SecurityPolicy):
+            Information about the `Google Cloud Armor security
+            policy <https://cloud.google.com/armor/docs/security-policy-overview>`__
+            relevant to the finding.
+        requests (google.cloud.securitycenter_v1.types.Requests):
+            Information about incoming requests evaluated by `Google
+            Cloud Armor security
+            policies <https://cloud.google.com/armor/docs/security-policy-overview>`__.
+        adaptive_protection (google.cloud.securitycenter_v1.types.AdaptiveProtection):
+            Information about potential Layer 7 DDoS attacks identified
+            by `Google Cloud Armor Adaptive
+            Protection <https://cloud.google.com/armor/docs/adaptive-protection-overview>`__.
+        attack (google.cloud.securitycenter_v1.types.Attack):
+            Information about DDoS attack volume and
+            classification.
+        threat_vector (str):
+            Distinguish between volumetric & protocol DDoS attack and
+            application layer attacks. For example, “L3_4” for Layer 3
+            and Layer 4 DDoS attacks, or “L_7” for Layer 7 DDoS attacks.
+        duration (google.protobuf.duration_pb2.Duration):
+            Duration of attack from the start until the
+            current moment (updated every 5 minutes).
+    """
+
+    security_policy: "SecurityPolicy" = proto.Field(
+        proto.MESSAGE,
+        number=1,
+        message="SecurityPolicy",
+    )
+    requests: "Requests" = proto.Field(
+        proto.MESSAGE,
+        number=2,
+        message="Requests",
+    )
+    adaptive_protection: "AdaptiveProtection" = proto.Field(
+        proto.MESSAGE,
+        number=3,
+        message="AdaptiveProtection",
+    )
+    attack: "Attack" = proto.Field(
+        proto.MESSAGE,
+        number=4,
+        message="Attack",
+    )
+    threat_vector: str = proto.Field(
+        proto.STRING,
+        number=5,
+    )
+    duration: duration_pb2.Duration = proto.Field(
+        proto.MESSAGE,
+        number=6,
+        message=duration_pb2.Duration,
+    )
+
+
+class SecurityPolicy(proto.Message):
+    r"""Information about the `Google Cloud Armor security
+    policy <https://cloud.google.com/armor/docs/security-policy-overview>`__
+    relevant to the finding.
+
+    Attributes:
+        name (str):
+            The name of the Google Cloud Armor security
+            policy, for example, "my-security-policy".
+        type_ (str):
+            The type of Google Cloud Armor security
+            policy for example, ‘backend security policy’,
+            ‘edge security policy’, ‘network edge security
+            policy’, or ‘always-on DDoS protection’.
+        preview (bool):
+            Whether or not the associated rule or policy
+            is in preview mode.
+    """
+
+    name: str = proto.Field(
+        proto.STRING,
+        number=1,
+    )
+    type_: str = proto.Field(
+        proto.STRING,
+        number=2,
+    )
+    preview: bool = proto.Field(
+        proto.BOOL,
+        number=3,
+    )
+
+
+class Requests(proto.Message):
+    r"""Information about the requests relevant to the finding.
+
+    Attributes:
+        ratio (float):
+            For 'Increasing deny ratio', the ratio is the
+            denied traffic divided by the allowed traffic.
+            For 'Allowed traffic spike', the ratio is the
+            allowed traffic in the short term divided by
+            allowed traffic in the long term.
+        short_term_allowed (int):
+            Allowed RPS (requests per second) in the
+            short term.
+        long_term_allowed (int):
+            Allowed RPS (requests per second) over the
+            long term.
+        long_term_denied (int):
+            Denied RPS (requests per second) over the
+            long term.
+    """
+
+    ratio: float = proto.Field(
+        proto.DOUBLE,
+        number=1,
+    )
+    short_term_allowed: int = proto.Field(
+        proto.INT32,
+        number=2,
+    )
+    long_term_allowed: int = proto.Field(
+        proto.INT32,
+        number=3,
+    )
+    long_term_denied: int = proto.Field(
+        proto.INT32,
+        number=4,
+    )
+
+
+class AdaptiveProtection(proto.Message):
+    r"""Information about `Google Cloud Armor Adaptive
+    Protection <https://cloud.google.com/armor/docs/cloud-armor-overview#google-cloud-armor-adaptive-protection>`__.
+
+    Attributes:
+        confidence (float):
+            A score of 0 means that there is low confidence that the
+            detected event is an actual attack. A score of 1 means that
+            there is high confidence that the detected event is an
+            attack. See the `Adaptive Protection
+            documentation <https://cloud.google.com/armor/docs/adaptive-protection-overview#configure-alert-tuning>`__
+            for further explanation.
+    """
+
+    confidence: float = proto.Field(
+        proto.DOUBLE,
+        number=1,
+    )
+
+
+class Attack(proto.Message):
+    r"""Information about DDoS attack volume and classification.
+
+    Attributes:
+        volume_pps (int):
+            Total PPS (packets per second) volume of
+            attack.
+        volume_bps (int):
+            Total BPS (bytes per second) volume of
+            attack.
+        classification (str):
+            Type of attack, for example, ‘SYN-flood’,
+            ‘NTP-udp’, or ‘CHARGEN-udp’.
+    """
+
+    volume_pps: int = proto.Field(
+        proto.INT32,
+        number=1,
+    )
+    volume_bps: int = proto.Field(
+        proto.INT32,
+        number=2,
+    )
+    classification: str = proto.Field(
+        proto.STRING,
+        number=3,
+    )
+
+
+__all__ = tuple(sorted(__protobuf__.manifest))

packages/google-cloud-securitycenter/google/cloud/securitycenter_v1/types/finding.py

@@ -47,6 +47,7 @@
 from google.cloud.securitycenter_v1.types import vulnerability as gcs_vulnerability
 from google.cloud.securitycenter_v1.types import access as gcs_access
 from google.cloud.securitycenter_v1.types import application as gcs_application
+from google.cloud.securitycenter_v1.types import cloud_armor as gcs_cloud_armor
 from google.cloud.securitycenter_v1.types import database as gcs_database
 from google.cloud.securitycenter_v1.types import indicator as gcs_indicator
 from google.cloud.securitycenter_v1.types import kubernetes as gcs_kubernetes
@@ -263,6 +264,8 @@ class Finding(proto.Message):
         load_balancers (MutableSequence[google.cloud.securitycenter_v1.types.LoadBalancer]):
             The load balancers associated with the
             finding.
+        cloud_armor (google.cloud.securitycenter_v1.types.CloudArmor):
+            Fields related to Cloud Armor findings.
         notebook (google.cloud.securitycenter_v1.types.Notebook):
             Notebook associated with the finding.
     """
@@ -643,6 +646,11 @@ class FindingClass(proto.Enum):
         number=58,
         message=load_balancer.LoadBalancer,
     )
+    cloud_armor: gcs_cloud_armor.CloudArmor = proto.Field(
+        proto.MESSAGE,
+        number=59,
+        message=gcs_cloud_armor.CloudArmor,
+    )
     notebook: gcs_notebook.Notebook = proto.Field(
         proto.MESSAGE,
         number=63,

packages/google-cloud-securitycenter/google/cloud/securitycenter_v1beta1/gapic_version.py

@@ -13,4 +13,4 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
-__version__ = "1.30.1"  # {x-release-please-version}
+__version__ = "0.0.0"  # {x-release-please-version}