feat: [google-cloud-securitycenter] added more information about DDoS…

… attack in cloud armor proto (#13527)

BEGIN_COMMIT_OVERRIDE
feat: added more information about DDoS attack in cloud armor proto
feat: added data access event fields to finding proto
docs: Clarified comments for tag_values field in resource_value_config
to make it clear that field represents tag value ids, not tag values
END_COMMIT_OVERRIDE

- [ ] Regenerate this pull request now.

feat: added data access event fields to finding proto
docs: Clarified comments for tag_values field in resource_value_config
to make it clear that field represents tag value ids, not tag values

PiperOrigin-RevId: 726529258

Source-Link:
googleapis/googleapis@f2ce5f2

Source-Link:
googleapis/googleapis-gen@853c69d
Copy-Tag:
eyJwIjoicGFja2FnZXMvZ29vZ2xlLWNsb3VkLXNlY3VyaXR5Y2VudGVyLy5Pd2xCb3QueWFtbCIsImgiOiI4NTNjNjlkMDQ1NjZmNDljNDE3MGMzYzViNmI1ZWQzZjMwNzVjNDk0In0=

---------

Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>

packages/google-cloud-securitycenter/google/cloud/securitycenter_v2/__init__.py

@@ -38,7 +38,11 @@
 from .types.connection import Connection
 from .types.contact_details import Contact, ContactDetails
 from .types.container import Container
+from .types.data_access_event import DataAccessEvent
+from .types.data_flow_event import DataFlowEvent
+from .types.data_retention_deletion_event import DataRetentionDeletionEvent
 from .types.database import Database
+from .types.disk import Disk
 from .types.exfiltration import ExfilResource, Exfiltration
 from .types.external_system import ExternalSystem
 from .types.file import File
@@ -169,11 +173,15 @@
     "CreateSourceRequest",
     "Cve",
     "Cvssv3",
+    "DataAccessEvent",
+    "DataFlowEvent",
+    "DataRetentionDeletionEvent",
     "Database",
     "DeleteBigQueryExportRequest",
     "DeleteMuteConfigRequest",
     "DeleteNotificationConfigRequest",
     "DeleteResourceValueConfigRequest",
+    "Disk",
     "EnvironmentVariable",
     "ExfilResource",
     "Exfiltration",

packages/google-cloud-securitycenter/google/cloud/securitycenter_v2/services/security_center/async_client.py

@@ -66,7 +66,11 @@
     compliance,
     connection,
     container,
+    data_access_event,
+    data_flow_event,
+    data_retention_deletion_event,
     database,
+    disk,
     exfiltration,
 )
 from google.cloud.securitycenter_v2.types import (

packages/google-cloud-securitycenter/google/cloud/securitycenter_v2/services/security_center/client.py

@@ -83,7 +83,11 @@
     compliance,
     connection,
     container,
+    data_access_event,
+    data_flow_event,
+    data_retention_deletion_event,
     database,
+    disk,
     exfiltration,
 )
 from google.cloud.securitycenter_v2.types import (

packages/google-cloud-securitycenter/google/cloud/securitycenter_v2/services/security_center/transports/rest_base.py

@@ -1373,6 +1373,10 @@ def _get_http_options():
                     "method": "get",
                     "uri": "/v2/{parent=organizations/*/simulations/*}/attackPaths",
                 },
+                {
+                    "method": "get",
+                    "uri": "/v2/{parent=organizations/*}/attackPaths",
+                },
                 {
                     "method": "get",
                     "uri": "/v2/{parent=organizations/*/simulations/*/valuedResources/*}/attackPaths",
@@ -1794,6 +1798,10 @@ def _get_http_options():
                     "method": "get",
                     "uri": "/v2/{parent=organizations/*/simulations/*/attackExposureResults/*}/valuedResources",
                 },
+                {
+                    "method": "get",
+                    "uri": "/v2/{parent=organizations/*}/valuedResources",
+                },
             ]
             return http_options
 

packages/google-cloud-securitycenter/google/cloud/securitycenter_v2/types/__init__.py

@@ -32,7 +32,11 @@
 from .connection import Connection
 from .contact_details import Contact, ContactDetails
 from .container import Container
+from .data_access_event import DataAccessEvent
+from .data_flow_event import DataFlowEvent
+from .data_retention_deletion_event import DataRetentionDeletionEvent
 from .database import Database
+from .disk import Disk
 from .exfiltration import ExfilResource, Exfiltration
 from .external_system import ExternalSystem
 from .file import File
@@ -150,7 +154,11 @@
     "Contact",
     "ContactDetails",
     "Container",
+    "DataAccessEvent",
+    "DataFlowEvent",
+    "DataRetentionDeletionEvent",
     "Database",
+    "Disk",
     "ExfilResource",
     "Exfiltration",
     "ExternalSystem",

packages/google-cloud-securitycenter/google/cloud/securitycenter_v2/types/cloud_armor.py

@@ -187,17 +187,35 @@ class Attack(proto.Message):
     r"""Information about DDoS attack volume and classification.
 
     Attributes:
-        volume_pps (int):
+        volume_pps_long (int):
             Total PPS (packets per second) volume of
             attack.
-        volume_bps (int):
+        volume_bps_long (int):
             Total BPS (bytes per second) volume of
             attack.
         classification (str):
             Type of attack, for example, 'SYN-flood',
             'NTP-udp', or 'CHARGEN-udp'.
+        volume_pps (int):
+            Total PPS (packets per second) volume of attack. Deprecated
+            - refer to volume_pps_long instead.
+        volume_bps (int):
+            Total BPS (bytes per second) volume of attack. Deprecated -
+            refer to volume_bps_long instead.
     """
 
+    volume_pps_long: int = proto.Field(
+        proto.INT64,
+        number=4,
+    )
+    volume_bps_long: int = proto.Field(
+        proto.INT64,
+        number=5,
+    )
+    classification: str = proto.Field(
+        proto.STRING,
+        number=3,
+    )
     volume_pps: int = proto.Field(
         proto.INT32,
         number=1,
@@ -206,10 +224,6 @@ class Attack(proto.Message):
         proto.INT32,
         number=2,
     )
-    classification: str = proto.Field(
-        proto.STRING,
-        number=3,
-    )
 
 
 __all__ = tuple(sorted(__protobuf__.manifest))

packages/google-cloud-securitycenter/google/cloud/securitycenter_v2/types/data_access_event.py

@@ -0,0 +1,88 @@
+# -*- coding: utf-8 -*-
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+from __future__ import annotations
+
+from typing import MutableMapping, MutableSequence
+
+from google.protobuf import timestamp_pb2  # type: ignore
+import proto  # type: ignore
+
+__protobuf__ = proto.module(
+    package="google.cloud.securitycenter.v2",
+    manifest={
+        "DataAccessEvent",
+    },
+)
+
+
+class DataAccessEvent(proto.Message):
+    r"""Details about a data access attempt made by a principal not
+    authorized under applicable data security policy.
+
+    Attributes:
+        event_id (str):
+            Unique identifier for data access event.
+        principal_email (str):
+            The email address of the principal that
+            accessed the data. The principal could be a user
+            account, service account, Google group, or
+            other.
+        operation (google.cloud.securitycenter_v2.types.DataAccessEvent.Operation):
+            The operation performed by the principal to
+            access the data.
+        event_time (google.protobuf.timestamp_pb2.Timestamp):
+            Timestamp of data access event.
+    """
+
+    class Operation(proto.Enum):
+        r"""The operation of a data access event.
+
+        Values:
+            OPERATION_UNSPECIFIED (0):
+                The operation is unspecified.
+            READ (1):
+                Represents a read operation.
+            MOVE (2):
+                Represents a move operation.
+            COPY (3):
+                Represents a copy operation.
+        """
+        OPERATION_UNSPECIFIED = 0
+        READ = 1
+        MOVE = 2
+        COPY = 3
+
+    event_id: str = proto.Field(
+        proto.STRING,
+        number=1,
+    )
+    principal_email: str = proto.Field(
+        proto.STRING,
+        number=2,
+    )
+    operation: Operation = proto.Field(
+        proto.ENUM,
+        number=3,
+        enum=Operation,
+    )
+    event_time: timestamp_pb2.Timestamp = proto.Field(
+        proto.MESSAGE,
+        number=4,
+        message=timestamp_pb2.Timestamp,
+    )
+
+
+__all__ = tuple(sorted(__protobuf__.manifest))

packages/google-cloud-securitycenter/google/cloud/securitycenter_v2/types/data_flow_event.py

@@ -0,0 +1,96 @@
+# -*- coding: utf-8 -*-
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+from __future__ import annotations
+
+from typing import MutableMapping, MutableSequence
+
+from google.protobuf import timestamp_pb2  # type: ignore
+import proto  # type: ignore
+
+__protobuf__ = proto.module(
+    package="google.cloud.securitycenter.v2",
+    manifest={
+        "DataFlowEvent",
+    },
+)
+
+
+class DataFlowEvent(proto.Message):
+    r"""Details about a data flow event, in which either the data is
+    moved to or is accessed from a non-compliant geo-location, as
+    defined in the applicable data security policy.
+
+    Attributes:
+        event_id (str):
+            Unique identifier for data flow event.
+        principal_email (str):
+            The email address of the principal that
+            initiated the data flow event. The principal
+            could be a user account, service account, Google
+            group, or other.
+        operation (google.cloud.securitycenter_v2.types.DataFlowEvent.Operation):
+            The operation performed by the principal for
+            the data flow event.
+        violated_location (str):
+            Non-compliant location of the principal or
+            the data destination.
+        event_time (google.protobuf.timestamp_pb2.Timestamp):
+            Timestamp of data flow event.
+    """
+
+    class Operation(proto.Enum):
+        r"""The operation of a data flow event.
+
+        Values:
+            OPERATION_UNSPECIFIED (0):
+                The operation is unspecified.
+            READ (1):
+                Represents a read operation.
+            MOVE (2):
+                Represents a move operation.
+            COPY (3):
+                Represents a copy operation.
+        """
+        OPERATION_UNSPECIFIED = 0
+        READ = 1
+        MOVE = 2
+        COPY = 3
+
+    event_id: str = proto.Field(
+        proto.STRING,
+        number=1,
+    )
+    principal_email: str = proto.Field(
+        proto.STRING,
+        number=2,
+    )
+    operation: Operation = proto.Field(
+        proto.ENUM,
+        number=3,
+        enum=Operation,
+    )
+    violated_location: str = proto.Field(
+        proto.STRING,
+        number=4,
+    )
+    event_time: timestamp_pb2.Timestamp = proto.Field(
+        proto.MESSAGE,
+        number=5,
+        message=timestamp_pb2.Timestamp,
+    )
+
+
+__all__ = tuple(sorted(__protobuf__.manifest))