diff --git a/SecurityCenter/metadata/V1/Access.php b/SecurityCenter/metadata/V1/Access.php
index a9622dc984d2..9ec754a5ae45 100644
--- a/SecurityCenter/metadata/V1/Access.php
+++ b/SecurityCenter/metadata/V1/Access.php
@@ -16,15 +16,21 @@ public static function initOnce() {
}
$pool->internalAddGeneratedFile(
'
-�
-+google/cloud/securitycenter/v1/access.proto��google.cloud.securitycenter.v1"�
+�
++google/cloud/securitycenter/v1/access.proto��google.cloud.securitycenter.v1"�
�Access��
�principal_email�� �( ��
caller_ip�� �( �B
caller_ip_geo�� �(�2+.google.cloud.securitycenter.v1.Geolocation��
�user_agent_family�� �( ��
�service_name�� �( ��
-�method_name�� �( ""
+�method_name�� �( ��
+�principal_subject�� �( �
+�service_account_key_name�� �( �e
+�service_account_delegation_info� �(�2<.google.cloud.securitycenter.v1.ServiceAccountDelegationInfo"R
+�ServiceAccountDelegationInfo��
+�principal_email�� �( ��
+�principal_subject�� �( ""
�Geolocation��
�region_code�� �( B�
"com.google.cloud.securitycenter.v1B�AccessProtoP�ZLgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter��Google.Cloud.SecurityCenter.V1��Google\\Cloud\\SecurityCenter\\V1�!Google::Cloud::SecurityCenter::V1b�proto3'
diff --git a/SecurityCenter/metadata/V1/Database.php b/SecurityCenter/metadata/V1/Database.php
new file mode 100644
index 000000000000..e6c9a943e7e9
--- /dev/null
+++ b/SecurityCenter/metadata/V1/Database.php
@@ -0,0 +1,33 @@
+internalAddGeneratedFile(
+ '
+�
+-google/cloud/securitycenter/v1/database.proto��google.cloud.securitycenter.v1"b
+�Database��
+�name�� �( ��
+�display_name�� �( ��
+ user_name�� �( �
+�query�� �( ��
+�grantees�� �( B�
+"com.google.cloud.securitycenter.v1B
DatabaseProtoP�ZLgoogle.golang.org/genproto/googleapis/cloud/securitycenter/v1;securitycenter��Google.Cloud.SecurityCenter.V1��Google\\Cloud\\SecurityCenter\\V1�!Google::Cloud::SecurityCenter::V1b�proto3'
+ , true);
+
+ static::$is_initialized = true;
+ }
+}
+
diff --git a/SecurityCenter/metadata/V1/Finding.php b/SecurityCenter/metadata/V1/Finding.php
index b09a59b15082..8c9a9aa998af 100644
Binary files a/SecurityCenter/metadata/V1/Finding.php and b/SecurityCenter/metadata/V1/Finding.php differ
diff --git a/SecurityCenter/metadata/V1/Indicator.php b/SecurityCenter/metadata/V1/Indicator.php
index 2ae1e5ade982..842dc74663af 100644
Binary files a/SecurityCenter/metadata/V1/Indicator.php and b/SecurityCenter/metadata/V1/Indicator.php differ
diff --git a/SecurityCenter/metadata/V1/MitreAttack.php b/SecurityCenter/metadata/V1/MitreAttack.php
index fa2f71abe297..e83dfcda32c1 100644
Binary files a/SecurityCenter/metadata/V1/MitreAttack.php and b/SecurityCenter/metadata/V1/MitreAttack.php differ
diff --git a/SecurityCenter/metadata/V1P1Beta1/Asset.php b/SecurityCenter/metadata/V1P1Beta1/Asset.php
index 295263d5d1cb..77eff788a24d 100644
--- a/SecurityCenter/metadata/V1P1Beta1/Asset.php
+++ b/SecurityCenter/metadata/V1P1Beta1/Asset.php
@@ -19,11 +19,10 @@ public static function initOnce() {
\GPBMetadata\Google\Cloud\Securitycenter\V1P1Beta1\SecurityMarks::initOnce();
\GPBMetadata\Google\Protobuf\Struct::initOnce();
\GPBMetadata\Google\Protobuf\Timestamp::initOnce();
- \GPBMetadata\Google\Api\Annotations::initOnce();
$pool->internalAddGeneratedFile(
'
-�
-1google/cloud/securitycenter/v1p1beta1/asset.proto�%google.cloud.securitycenter.v1p1beta1�2google/cloud/securitycenter/v1p1beta1/folder.proto�:google/cloud/securitycenter/v1p1beta1/security_marks.proto��google/protobuf/struct.proto��google/protobuf/timestamp.proto��google/api/annotations.proto"�
+�
+1google/cloud/securitycenter/v1p1beta1/asset.proto�%google.cloud.securitycenter.v1p1beta1�2google/cloud/securitycenter/v1p1beta1/folder.proto�:google/cloud/securitycenter/v1p1beta1/security_marks.proto��google/protobuf/struct.proto��google/protobuf/timestamp.proto"�
�Asset��
�name�� �( �i
�security_center_properties�� �(�2E.google.cloud.securitycenter.v1p1beta1.Asset.SecurityCenterProperties�a
diff --git a/SecurityCenter/metadata/V1P1Beta1/Finding.php b/SecurityCenter/metadata/V1P1Beta1/Finding.php
index 351c6e991c3c..505a1190ca23 100644
Binary files a/SecurityCenter/metadata/V1P1Beta1/Finding.php and b/SecurityCenter/metadata/V1P1Beta1/Finding.php differ
diff --git a/SecurityCenter/metadata/V1P1Beta1/Folder.php b/SecurityCenter/metadata/V1P1Beta1/Folder.php
index fb10fc32af5b..638d4b7923b9 100644
--- a/SecurityCenter/metadata/V1P1Beta1/Folder.php
+++ b/SecurityCenter/metadata/V1P1Beta1/Folder.php
@@ -14,7 +14,6 @@ public static function initOnce() {
if (static::$is_initialized == true) {
return;
}
- \GPBMetadata\Google\Api\Annotations::initOnce();
$pool->internalAddGeneratedFile(
'
�
diff --git a/SecurityCenter/metadata/V1P1Beta1/NotificationConfig.php b/SecurityCenter/metadata/V1P1Beta1/NotificationConfig.php
index 1473743d47a5..235ef45bda37 100644
Binary files a/SecurityCenter/metadata/V1P1Beta1/NotificationConfig.php and b/SecurityCenter/metadata/V1P1Beta1/NotificationConfig.php differ
diff --git a/SecurityCenter/metadata/V1P1Beta1/NotificationMessage.php b/SecurityCenter/metadata/V1P1Beta1/NotificationMessage.php
index 836784f6d66f..e7bba59150d4 100644
Binary files a/SecurityCenter/metadata/V1P1Beta1/NotificationMessage.php and b/SecurityCenter/metadata/V1P1Beta1/NotificationMessage.php differ
diff --git a/SecurityCenter/metadata/V1P1Beta1/OrganizationSettings.php b/SecurityCenter/metadata/V1P1Beta1/OrganizationSettings.php
index 431edfb6bc75..3787430f9943 100644
Binary files a/SecurityCenter/metadata/V1P1Beta1/OrganizationSettings.php and b/SecurityCenter/metadata/V1P1Beta1/OrganizationSettings.php differ
diff --git a/SecurityCenter/metadata/V1P1Beta1/Resource.php b/SecurityCenter/metadata/V1P1Beta1/Resource.php
index ec2740bf7baf..19a9467bfb08 100644
--- a/SecurityCenter/metadata/V1P1Beta1/Resource.php
+++ b/SecurityCenter/metadata/V1P1Beta1/Resource.php
@@ -16,11 +16,10 @@ public static function initOnce() {
}
\GPBMetadata\Google\Api\FieldBehavior::initOnce();
\GPBMetadata\Google\Cloud\Securitycenter\V1P1Beta1\Folder::initOnce();
- \GPBMetadata\Google\Api\Annotations::initOnce();
$pool->internalAddGeneratedFile(
'
-�
-4google/cloud/securitycenter/v1p1beta1/resource.proto�%google.cloud.securitycenter.v1p1beta1�2google/cloud/securitycenter/v1p1beta1/folder.proto��google/api/annotations.proto"�
+�
+4google/cloud/securitycenter/v1p1beta1/resource.proto�%google.cloud.securitycenter.v1p1beta1�2google/cloud/securitycenter/v1p1beta1/folder.proto"�
�Resource��
�name�� �( ��
�project�� �( ��
diff --git a/SecurityCenter/metadata/V1P1Beta1/RunAssetDiscoveryResponse.php b/SecurityCenter/metadata/V1P1Beta1/RunAssetDiscoveryResponse.php
index 2d99c1701952..87ed29992537 100644
Binary files a/SecurityCenter/metadata/V1P1Beta1/RunAssetDiscoveryResponse.php and b/SecurityCenter/metadata/V1P1Beta1/RunAssetDiscoveryResponse.php differ
diff --git a/SecurityCenter/metadata/V1P1Beta1/SecurityMarks.php b/SecurityCenter/metadata/V1P1Beta1/SecurityMarks.php
index c785d0a1bfa5..6a8c600957ce 100644
--- a/SecurityCenter/metadata/V1P1Beta1/SecurityMarks.php
+++ b/SecurityCenter/metadata/V1P1Beta1/SecurityMarks.php
@@ -15,11 +15,10 @@ public static function initOnce() {
return;
}
\GPBMetadata\Google\Api\Resource::initOnce();
- \GPBMetadata\Google\Api\Annotations::initOnce();
$pool->internalAddGeneratedFile(
'
-�
-:google/cloud/securitycenter/v1p1beta1/security_marks.proto�%google.cloud.securitycenter.v1p1beta1��google/api/annotations.proto"�
+�
+:google/cloud/securitycenter/v1p1beta1/security_marks.proto�%google.cloud.securitycenter.v1p1beta1"�
SecurityMarks��
�name�� �( �N
�marks�� �(�2?.google.cloud.securitycenter.v1p1beta1.SecurityMarks.MarksEntry��
diff --git a/SecurityCenter/metadata/V1P1Beta1/Source.php b/SecurityCenter/metadata/V1P1Beta1/Source.php
index 62b20465a75c..1634a1df8533 100644
--- a/SecurityCenter/metadata/V1P1Beta1/Source.php
+++ b/SecurityCenter/metadata/V1P1Beta1/Source.php
@@ -15,11 +15,10 @@ public static function initOnce() {
return;
}
\GPBMetadata\Google\Api\Resource::initOnce();
- \GPBMetadata\Google\Api\Annotations::initOnce();
$pool->internalAddGeneratedFile(
'
-�
-2google/cloud/securitycenter/v1p1beta1/source.proto�%google.cloud.securitycenter.v1p1beta1��google/api/annotations.proto"�
+�
+2google/cloud/securitycenter/v1p1beta1/source.proto�%google.cloud.securitycenter.v1p1beta1"�
�Source��
�name�� �( ��
�display_name�� �( ��
diff --git a/SecurityCenter/src/V1/Access.php b/SecurityCenter/src/V1/Access.php
index 4993b58d18f1..7ed659c4823c 100644
--- a/SecurityCenter/src/V1/Access.php
+++ b/SecurityCenter/src/V1/Access.php
@@ -17,6 +17,12 @@ class Access extends \Google\Protobuf\Internal\Message
{
/**
* Associated email, such as "foo@google.com".
+ * The email address of the authenticated user (or service account on behalf
+ * of third party principal) making the request. For third party identity
+ * callers, the `principal_subject` field is populated instead of this field.
+ * For privacy reasons, the principal email address is sometimes redacted.
+ * For more information, see [Caller identities in audit
+ * logs](https://cloud.google.com/logging/docs/audit#user-id).
*
* Generated from protobuf field string principal_email = 1;
*/
@@ -53,6 +59,37 @@ class Access extends \Google\Protobuf\Internal\Message
* Generated from protobuf field string method_name = 6;
*/
private $method_name = '';
+ /**
+ * A string representing the principal_subject associated with the identity.
+ * As compared to `principal_email`, supports principals that aren't
+ * associated with email addresses, such as third party principals. For most
+ * identities, the format will be `principal://iam.googleapis.com/{identity
+ * pool name}/subjects/{subject}` except for some GKE identities
+ * (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the legacy
+ * format `serviceAccount:{identity pool name}[{subject}]`
+ *
+ * Generated from protobuf field string principal_subject = 7;
+ */
+ private $principal_subject = '';
+ /**
+ * The name of the service account key used to create or exchange
+ * credentials for authenticating the service account making the request.
+ * This is a scheme-less URI full resource name. For example:
+ * "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}"
+ *
+ * Generated from protobuf field string service_account_key_name = 8;
+ */
+ private $service_account_key_name = '';
+ /**
+ * Identity delegation history of an authenticated service account that makes
+ * the request. It contains information on the real authorities that try to
+ * access GCP resources by delegating on a service account. When multiple
+ * authorities are present, they are guaranteed to be sorted based on the
+ * original ordering of the identity delegation events.
+ *
+ * Generated from protobuf field repeated .google.cloud.securitycenter.v1.ServiceAccountDelegationInfo service_account_delegation_info = 9;
+ */
+ private $service_account_delegation_info;
/**
* Constructor.
@@ -62,6 +99,12 @@ class Access extends \Google\Protobuf\Internal\Message
*
* @type string $principal_email
* Associated email, such as "foo@google.com".
+ * The email address of the authenticated user (or service account on behalf
+ * of third party principal) making the request. For third party identity
+ * callers, the `principal_subject` field is populated instead of this field.
+ * For privacy reasons, the principal email address is sometimes redacted.
+ * For more information, see [Caller identities in audit
+ * logs](https://cloud.google.com/logging/docs/audit#user-id).
* @type string $caller_ip
* Caller's IP address, such as "1.1.1.1".
* @type \Google\Cloud\SecurityCenter\V1\Geolocation $caller_ip_geo
@@ -74,6 +117,25 @@ class Access extends \Google\Protobuf\Internal\Message
* "iam.googleapis.com"
* @type string $method_name
* The method that the service account called, e.g. "SetIamPolicy".
+ * @type string $principal_subject
+ * A string representing the principal_subject associated with the identity.
+ * As compared to `principal_email`, supports principals that aren't
+ * associated with email addresses, such as third party principals. For most
+ * identities, the format will be `principal://iam.googleapis.com/{identity
+ * pool name}/subjects/{subject}` except for some GKE identities
+ * (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the legacy
+ * format `serviceAccount:{identity pool name}[{subject}]`
+ * @type string $service_account_key_name
+ * The name of the service account key used to create or exchange
+ * credentials for authenticating the service account making the request.
+ * This is a scheme-less URI full resource name. For example:
+ * "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}"
+ * @type array<\Google\Cloud\SecurityCenter\V1\ServiceAccountDelegationInfo>|\Google\Protobuf\Internal\RepeatedField $service_account_delegation_info
+ * Identity delegation history of an authenticated service account that makes
+ * the request. It contains information on the real authorities that try to
+ * access GCP resources by delegating on a service account. When multiple
+ * authorities are present, they are guaranteed to be sorted based on the
+ * original ordering of the identity delegation events.
* }
*/
public function __construct($data = NULL) {
@@ -83,6 +145,12 @@ public function __construct($data = NULL) {
/**
* Associated email, such as "foo@google.com".
+ * The email address of the authenticated user (or service account on behalf
+ * of third party principal) making the request. For third party identity
+ * callers, the `principal_subject` field is populated instead of this field.
+ * For privacy reasons, the principal email address is sometimes redacted.
+ * For more information, see [Caller identities in audit
+ * logs](https://cloud.google.com/logging/docs/audit#user-id).
*
* Generated from protobuf field string principal_email = 1;
* @return string
@@ -94,6 +162,12 @@ public function getPrincipalEmail()
/**
* Associated email, such as "foo@google.com".
+ * The email address of the authenticated user (or service account on behalf
+ * of third party principal) making the request. For third party identity
+ * callers, the `principal_subject` field is populated instead of this field.
+ * For privacy reasons, the principal email address is sometimes redacted.
+ * For more information, see [Caller identities in audit
+ * logs](https://cloud.google.com/logging/docs/audit#user-id).
*
* Generated from protobuf field string principal_email = 1;
* @param string $var
@@ -251,5 +325,109 @@ public function setMethodName($var)
return $this;
}
+ /**
+ * A string representing the principal_subject associated with the identity.
+ * As compared to `principal_email`, supports principals that aren't
+ * associated with email addresses, such as third party principals. For most
+ * identities, the format will be `principal://iam.googleapis.com/{identity
+ * pool name}/subjects/{subject}` except for some GKE identities
+ * (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the legacy
+ * format `serviceAccount:{identity pool name}[{subject}]`
+ *
+ * Generated from protobuf field string principal_subject = 7;
+ * @return string
+ */
+ public function getPrincipalSubject()
+ {
+ return $this->principal_subject;
+ }
+
+ /**
+ * A string representing the principal_subject associated with the identity.
+ * As compared to `principal_email`, supports principals that aren't
+ * associated with email addresses, such as third party principals. For most
+ * identities, the format will be `principal://iam.googleapis.com/{identity
+ * pool name}/subjects/{subject}` except for some GKE identities
+ * (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the legacy
+ * format `serviceAccount:{identity pool name}[{subject}]`
+ *
+ * Generated from protobuf field string principal_subject = 7;
+ * @param string $var
+ * @return $this
+ */
+ public function setPrincipalSubject($var)
+ {
+ GPBUtil::checkString($var, True);
+ $this->principal_subject = $var;
+
+ return $this;
+ }
+
+ /**
+ * The name of the service account key used to create or exchange
+ * credentials for authenticating the service account making the request.
+ * This is a scheme-less URI full resource name. For example:
+ * "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}"
+ *
+ * Generated from protobuf field string service_account_key_name = 8;
+ * @return string
+ */
+ public function getServiceAccountKeyName()
+ {
+ return $this->service_account_key_name;
+ }
+
+ /**
+ * The name of the service account key used to create or exchange
+ * credentials for authenticating the service account making the request.
+ * This is a scheme-less URI full resource name. For example:
+ * "//iam.googleapis.com/projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}"
+ *
+ * Generated from protobuf field string service_account_key_name = 8;
+ * @param string $var
+ * @return $this
+ */
+ public function setServiceAccountKeyName($var)
+ {
+ GPBUtil::checkString($var, True);
+ $this->service_account_key_name = $var;
+
+ return $this;
+ }
+
+ /**
+ * Identity delegation history of an authenticated service account that makes
+ * the request. It contains information on the real authorities that try to
+ * access GCP resources by delegating on a service account. When multiple
+ * authorities are present, they are guaranteed to be sorted based on the
+ * original ordering of the identity delegation events.
+ *
+ * Generated from protobuf field repeated .google.cloud.securitycenter.v1.ServiceAccountDelegationInfo service_account_delegation_info = 9;
+ * @return \Google\Protobuf\Internal\RepeatedField
+ */
+ public function getServiceAccountDelegationInfo()
+ {
+ return $this->service_account_delegation_info;
+ }
+
+ /**
+ * Identity delegation history of an authenticated service account that makes
+ * the request. It contains information on the real authorities that try to
+ * access GCP resources by delegating on a service account. When multiple
+ * authorities are present, they are guaranteed to be sorted based on the
+ * original ordering of the identity delegation events.
+ *
+ * Generated from protobuf field repeated .google.cloud.securitycenter.v1.ServiceAccountDelegationInfo service_account_delegation_info = 9;
+ * @param array<\Google\Cloud\SecurityCenter\V1\ServiceAccountDelegationInfo>|\Google\Protobuf\Internal\RepeatedField $var
+ * @return $this
+ */
+ public function setServiceAccountDelegationInfo($var)
+ {
+ $arr = GPBUtil::checkRepeatedField($var, \Google\Protobuf\Internal\GPBType::MESSAGE, \Google\Cloud\SecurityCenter\V1\ServiceAccountDelegationInfo::class);
+ $this->service_account_delegation_info = $arr;
+
+ return $this;
+ }
+
}
diff --git a/SecurityCenter/src/V1/Database.php b/SecurityCenter/src/V1/Database.php
new file mode 100644
index 000000000000..00b28d6e43e9
--- /dev/null
+++ b/SecurityCenter/src/V1/Database.php
@@ -0,0 +1,221 @@
+google.cloud.securitycenter.v1.Database
+ */
+class Database extends \Google\Protobuf\Internal\Message
+{
+ /**
+ * The full resource name of the database the user connected to, if it is
+ * supported by CAI. (https://google.aip.dev/122#full-resource-names)
+ *
+ * Generated from protobuf field string name = 1;
+ */
+ private $name = '';
+ /**
+ * The human readable name of the database the user connected to.
+ *
+ * Generated from protobuf field string display_name = 2;
+ */
+ private $display_name = '';
+ /**
+ * The username used to connect to the DB. This may not necessarily be an IAM
+ * principal, and has no required format.
+ *
+ * Generated from protobuf field string user_name = 3;
+ */
+ private $user_name = '';
+ /**
+ * The SQL statement associated with the relevant access.
+ *
+ * Generated from protobuf field string query = 4;
+ */
+ private $query = '';
+ /**
+ * The target usernames/roles/groups of a SQL privilege grant (not an IAM
+ * policy change).
+ *
+ * Generated from protobuf field repeated string grantees = 5;
+ */
+ private $grantees;
+
+ /**
+ * Constructor.
+ *
+ * @param array $data {
+ * Optional. Data for populating the Message object.
+ *
+ * @type string $name
+ * The full resource name of the database the user connected to, if it is
+ * supported by CAI. (https://google.aip.dev/122#full-resource-names)
+ * @type string $display_name
+ * The human readable name of the database the user connected to.
+ * @type string $user_name
+ * The username used to connect to the DB. This may not necessarily be an IAM
+ * principal, and has no required format.
+ * @type string $query
+ * The SQL statement associated with the relevant access.
+ * @type array|\Google\Protobuf\Internal\RepeatedField $grantees
+ * The target usernames/roles/groups of a SQL privilege grant (not an IAM
+ * policy change).
+ * }
+ */
+ public function __construct($data = NULL) {
+ \GPBMetadata\Google\Cloud\Securitycenter\V1\Database::initOnce();
+ parent::__construct($data);
+ }
+
+ /**
+ * The full resource name of the database the user connected to, if it is
+ * supported by CAI. (https://google.aip.dev/122#full-resource-names)
+ *
+ * Generated from protobuf field string name = 1;
+ * @return string
+ */
+ public function getName()
+ {
+ return $this->name;
+ }
+
+ /**
+ * The full resource name of the database the user connected to, if it is
+ * supported by CAI. (https://google.aip.dev/122#full-resource-names)
+ *
+ * Generated from protobuf field string name = 1;
+ * @param string $var
+ * @return $this
+ */
+ public function setName($var)
+ {
+ GPBUtil::checkString($var, True);
+ $this->name = $var;
+
+ return $this;
+ }
+
+ /**
+ * The human readable name of the database the user connected to.
+ *
+ * Generated from protobuf field string display_name = 2;
+ * @return string
+ */
+ public function getDisplayName()
+ {
+ return $this->display_name;
+ }
+
+ /**
+ * The human readable name of the database the user connected to.
+ *
+ * Generated from protobuf field string display_name = 2;
+ * @param string $var
+ * @return $this
+ */
+ public function setDisplayName($var)
+ {
+ GPBUtil::checkString($var, True);
+ $this->display_name = $var;
+
+ return $this;
+ }
+
+ /**
+ * The username used to connect to the DB. This may not necessarily be an IAM
+ * principal, and has no required format.
+ *
+ * Generated from protobuf field string user_name = 3;
+ * @return string
+ */
+ public function getUserName()
+ {
+ return $this->user_name;
+ }
+
+ /**
+ * The username used to connect to the DB. This may not necessarily be an IAM
+ * principal, and has no required format.
+ *
+ * Generated from protobuf field string user_name = 3;
+ * @param string $var
+ * @return $this
+ */
+ public function setUserName($var)
+ {
+ GPBUtil::checkString($var, True);
+ $this->user_name = $var;
+
+ return $this;
+ }
+
+ /**
+ * The SQL statement associated with the relevant access.
+ *
+ * Generated from protobuf field string query = 4;
+ * @return string
+ */
+ public function getQuery()
+ {
+ return $this->query;
+ }
+
+ /**
+ * The SQL statement associated with the relevant access.
+ *
+ * Generated from protobuf field string query = 4;
+ * @param string $var
+ * @return $this
+ */
+ public function setQuery($var)
+ {
+ GPBUtil::checkString($var, True);
+ $this->query = $var;
+
+ return $this;
+ }
+
+ /**
+ * The target usernames/roles/groups of a SQL privilege grant (not an IAM
+ * policy change).
+ *
+ * Generated from protobuf field repeated string grantees = 5;
+ * @return \Google\Protobuf\Internal\RepeatedField
+ */
+ public function getGrantees()
+ {
+ return $this->grantees;
+ }
+
+ /**
+ * The target usernames/roles/groups of a SQL privilege grant (not an IAM
+ * policy change).
+ *
+ * Generated from protobuf field repeated string grantees = 5;
+ * @param array|\Google\Protobuf\Internal\RepeatedField $var
+ * @return $this
+ */
+ public function setGrantees($var)
+ {
+ $arr = GPBUtil::checkRepeatedField($var, \Google\Protobuf\Internal\GPBType::STRING);
+ $this->grantees = $arr;
+
+ return $this;
+ }
+
+}
+
diff --git a/SecurityCenter/src/V1/Finding.php b/SecurityCenter/src/V1/Finding.php
index b0bc38584e08..759f417b1cb0 100644
--- a/SecurityCenter/src/V1/Finding.php
+++ b/SecurityCenter/src/V1/Finding.php
@@ -164,8 +164,8 @@ class Finding extends \Google\Protobuf\Internal\Message
*/
private $mute_update_time = null;
/**
- * Output only. Third party SIEM/SOAR fields within SCC, contains external system
- * information and external system finding fields.
+ * Output only. Third party SIEM/SOAR fields within SCC, contains external
+ * system information and external system finding fields.
*
* Generated from protobuf field map external_systems = 22 [(.google.api.field_behavior) = OUTPUT_ONLY];
*/
@@ -206,9 +206,9 @@ class Finding extends \Google\Protobuf\Internal\Message
*/
private $processes;
/**
- * Output only. Map containing the point of contacts for the given finding. The key
- * represents the type of contact, while the value contains a list of all the
- * contacts that pertain. Please refer to:
+ * Output only. Map containing the point of contacts for the given finding.
+ * The key represents the type of contact, while the value contains a list of
+ * all the contacts that pertain. Please refer to:
* https://cloud.google.com/resource-manager/docs/managing-notification-contacts#notification-categories
* {
* "security": {
@@ -270,6 +270,12 @@ class Finding extends \Google\Protobuf\Internal\Message
* Generated from protobuf field .google.cloud.securitycenter.v1.Kubernetes kubernetes = 43;
*/
private $kubernetes = null;
+ /**
+ * Database associated with the finding.
+ *
+ * Generated from protobuf field .google.cloud.securitycenter.v1.Database database = 44;
+ */
+ private $database = null;
/**
* Constructor.
@@ -353,8 +359,8 @@ class Finding extends \Google\Protobuf\Internal\Message
* @type \Google\Protobuf\Timestamp $mute_update_time
* Output only. The most recent time this finding was muted or unmuted.
* @type array|\Google\Protobuf\Internal\MapField $external_systems
- * Output only. Third party SIEM/SOAR fields within SCC, contains external system
- * information and external system finding fields.
+ * Output only. Third party SIEM/SOAR fields within SCC, contains external
+ * system information and external system finding fields.
* @type \Google\Cloud\SecurityCenter\V1\MitreAttack $mitre_attack
* MITRE ATT&CK tactics and techniques related to this finding.
* See: https://attack.mitre.org
@@ -371,9 +377,9 @@ class Finding extends \Google\Protobuf\Internal\Message
* @type array<\Google\Cloud\SecurityCenter\V1\Process>|\Google\Protobuf\Internal\RepeatedField $processes
* Represents operating system processes associated with the Finding.
* @type array|\Google\Protobuf\Internal\MapField $contacts
- * Output only. Map containing the point of contacts for the given finding. The key
- * represents the type of contact, while the value contains a list of all the
- * contacts that pertain. Please refer to:
+ * Output only. Map containing the point of contacts for the given finding.
+ * The key represents the type of contact, while the value contains a list of
+ * all the contacts that pertain. Please refer to:
* https://cloud.google.com/resource-manager/docs/managing-notification-contacts#notification-categories
* {
* "security": {
@@ -403,6 +409,8 @@ class Finding extends \Google\Protobuf\Internal\Message
* for both Kubernetes and non-Kubernetes containers.
* @type \Google\Cloud\SecurityCenter\V1\Kubernetes $kubernetes
* Kubernetes resources associated with the finding.
+ * @type \Google\Cloud\SecurityCenter\V1\Database $database
+ * Database associated with the finding.
* }
*/
public function __construct($data = NULL) {
@@ -995,8 +1003,8 @@ public function setMuteUpdateTime($var)
}
/**
- * Output only. Third party SIEM/SOAR fields within SCC, contains external system
- * information and external system finding fields.
+ * Output only. Third party SIEM/SOAR fields within SCC, contains external
+ * system information and external system finding fields.
*
* Generated from protobuf field map external_systems = 22 [(.google.api.field_behavior) = OUTPUT_ONLY];
* @return \Google\Protobuf\Internal\MapField
@@ -1007,8 +1015,8 @@ public function getExternalSystems()
}
/**
- * Output only. Third party SIEM/SOAR fields within SCC, contains external system
- * information and external system finding fields.
+ * Output only. Third party SIEM/SOAR fields within SCC, contains external
+ * system information and external system finding fields.
*
* Generated from protobuf field map external_systems = 22 [(.google.api.field_behavior) = OUTPUT_ONLY];
* @param array|\Google\Protobuf\Internal\MapField $var
@@ -1183,9 +1191,9 @@ public function setProcesses($var)
}
/**
- * Output only. Map containing the point of contacts for the given finding. The key
- * represents the type of contact, while the value contains a list of all the
- * contacts that pertain. Please refer to:
+ * Output only. Map containing the point of contacts for the given finding.
+ * The key represents the type of contact, while the value contains a list of
+ * all the contacts that pertain. Please refer to:
* https://cloud.google.com/resource-manager/docs/managing-notification-contacts#notification-categories
* {
* "security": {
@@ -1209,9 +1217,9 @@ public function getContacts()
}
/**
- * Output only. Map containing the point of contacts for the given finding. The key
- * represents the type of contact, while the value contains a list of all the
- * contacts that pertain. Please refer to:
+ * Output only. Map containing the point of contacts for the given finding.
+ * The key represents the type of contact, while the value contains a list of
+ * all the contacts that pertain. Please refer to:
* https://cloud.google.com/resource-manager/docs/managing-notification-contacts#notification-categories
* {
* "security": {
@@ -1444,5 +1452,41 @@ public function setKubernetes($var)
return $this;
}
+ /**
+ * Database associated with the finding.
+ *
+ * Generated from protobuf field .google.cloud.securitycenter.v1.Database database = 44;
+ * @return \Google\Cloud\SecurityCenter\V1\Database|null
+ */
+ public function getDatabase()
+ {
+ return $this->database;
+ }
+
+ public function hasDatabase()
+ {
+ return isset($this->database);
+ }
+
+ public function clearDatabase()
+ {
+ unset($this->database);
+ }
+
+ /**
+ * Database associated with the finding.
+ *
+ * Generated from protobuf field .google.cloud.securitycenter.v1.Database database = 44;
+ * @param \Google\Cloud\SecurityCenter\V1\Database $var
+ * @return $this
+ */
+ public function setDatabase($var)
+ {
+ GPBUtil::checkMessage($var, \Google\Cloud\SecurityCenter\V1\Database::class);
+ $this->database = $var;
+
+ return $this;
+ }
+
}
diff --git a/SecurityCenter/src/V1/Indicator.php b/SecurityCenter/src/V1/Indicator.php
index c91d26203665..ce1df41f27da 100644
--- a/SecurityCenter/src/V1/Indicator.php
+++ b/SecurityCenter/src/V1/Indicator.php
@@ -37,6 +37,12 @@ class Indicator extends \Google\Protobuf\Internal\Message
* Generated from protobuf field repeated .google.cloud.securitycenter.v1.Indicator.ProcessSignature signatures = 3;
*/
private $signatures;
+ /**
+ * The list of URIs associated to the Findings.
+ *
+ * Generated from protobuf field repeated string uris = 4;
+ */
+ private $uris;
/**
* Constructor.
@@ -51,6 +57,8 @@ class Indicator extends \Google\Protobuf\Internal\Message
* @type array<\Google\Cloud\SecurityCenter\V1\Indicator\ProcessSignature>|\Google\Protobuf\Internal\RepeatedField $signatures
* The list of matched signatures indicating that the given
* process is present in the environment.
+ * @type array|\Google\Protobuf\Internal\RepeatedField $uris
+ * The list of URIs associated to the Findings.
* }
*/
public function __construct($data = NULL) {
@@ -138,5 +146,31 @@ public function setSignatures($var)
return $this;
}
+ /**
+ * The list of URIs associated to the Findings.
+ *
+ * Generated from protobuf field repeated string uris = 4;
+ * @return \Google\Protobuf\Internal\RepeatedField
+ */
+ public function getUris()
+ {
+ return $this->uris;
+ }
+
+ /**
+ * The list of URIs associated to the Findings.
+ *
+ * Generated from protobuf field repeated string uris = 4;
+ * @param array|\Google\Protobuf\Internal\RepeatedField $var
+ * @return $this
+ */
+ public function setUris($var)
+ {
+ $arr = GPBUtil::checkRepeatedField($var, \Google\Protobuf\Internal\GPBType::STRING);
+ $this->uris = $arr;
+
+ return $this;
+ }
+
}
diff --git a/SecurityCenter/src/V1/MitreAttack/Technique.php b/SecurityCenter/src/V1/MitreAttack/Technique.php
index 0ca77c534d9b..a54931ba11ea 100644
--- a/SecurityCenter/src/V1/MitreAttack/Technique.php
+++ b/SecurityCenter/src/V1/MitreAttack/Technique.php
@@ -212,6 +212,18 @@ class Technique
* Generated from protobuf enum NETWORK_SERVICE_DISCOVERY = 32;
*/
const NETWORK_SERVICE_DISCOVERY = 32;
+ /**
+ * T1134
+ *
+ * Generated from protobuf enum ACCESS_TOKEN_MANIPULATION = 33;
+ */
+ const ACCESS_TOKEN_MANIPULATION = 33;
+ /**
+ * T1548
+ *
+ * Generated from protobuf enum ABUSE_ELEVATION_CONTROL_MECHANISM = 34;
+ */
+ const ABUSE_ELEVATION_CONTROL_MECHANISM = 34;
private static $valueToName = [
self::TECHNIQUE_UNSPECIFIED => 'TECHNIQUE_UNSPECIFIED',
@@ -247,6 +259,8 @@ class Technique
self::DOMAIN_POLICY_MODIFICATION => 'DOMAIN_POLICY_MODIFICATION',
self::IMPAIR_DEFENSES => 'IMPAIR_DEFENSES',
self::NETWORK_SERVICE_DISCOVERY => 'NETWORK_SERVICE_DISCOVERY',
+ self::ACCESS_TOKEN_MANIPULATION => 'ACCESS_TOKEN_MANIPULATION',
+ self::ABUSE_ELEVATION_CONTROL_MECHANISM => 'ABUSE_ELEVATION_CONTROL_MECHANISM',
];
public static function name($value)
diff --git a/SecurityCenter/src/V1/ServiceAccountDelegationInfo.php b/SecurityCenter/src/V1/ServiceAccountDelegationInfo.php
new file mode 100644
index 000000000000..01629029e6db
--- /dev/null
+++ b/SecurityCenter/src/V1/ServiceAccountDelegationInfo.php
@@ -0,0 +1,125 @@
+google.cloud.securitycenter.v1.ServiceAccountDelegationInfo
+ */
+class ServiceAccountDelegationInfo extends \Google\Protobuf\Internal\Message
+{
+ /**
+ * The email address of a Google account.
+ *
+ * Generated from protobuf field string principal_email = 1;
+ */
+ private $principal_email = '';
+ /**
+ * A string representing the principal_subject associated with the identity.
+ * As compared to `principal_email`, supports principals that aren't
+ * associated with email addresses, such as third party principals. For most
+ * identities, the format will be `principal://iam.googleapis.com/{identity
+ * pool name}/subjects/{subject}` except for some GKE identities
+ * (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the legacy
+ * format `serviceAccount:{identity pool name}[{subject}]`
+ *
+ * Generated from protobuf field string principal_subject = 2;
+ */
+ private $principal_subject = '';
+
+ /**
+ * Constructor.
+ *
+ * @param array $data {
+ * Optional. Data for populating the Message object.
+ *
+ * @type string $principal_email
+ * The email address of a Google account.
+ * @type string $principal_subject
+ * A string representing the principal_subject associated with the identity.
+ * As compared to `principal_email`, supports principals that aren't
+ * associated with email addresses, such as third party principals. For most
+ * identities, the format will be `principal://iam.googleapis.com/{identity
+ * pool name}/subjects/{subject}` except for some GKE identities
+ * (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the legacy
+ * format `serviceAccount:{identity pool name}[{subject}]`
+ * }
+ */
+ public function __construct($data = NULL) {
+ \GPBMetadata\Google\Cloud\Securitycenter\V1\Access::initOnce();
+ parent::__construct($data);
+ }
+
+ /**
+ * The email address of a Google account.
+ *
+ * Generated from protobuf field string principal_email = 1;
+ * @return string
+ */
+ public function getPrincipalEmail()
+ {
+ return $this->principal_email;
+ }
+
+ /**
+ * The email address of a Google account.
+ *
+ * Generated from protobuf field string principal_email = 1;
+ * @param string $var
+ * @return $this
+ */
+ public function setPrincipalEmail($var)
+ {
+ GPBUtil::checkString($var, True);
+ $this->principal_email = $var;
+
+ return $this;
+ }
+
+ /**
+ * A string representing the principal_subject associated with the identity.
+ * As compared to `principal_email`, supports principals that aren't
+ * associated with email addresses, such as third party principals. For most
+ * identities, the format will be `principal://iam.googleapis.com/{identity
+ * pool name}/subjects/{subject}` except for some GKE identities
+ * (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the legacy
+ * format `serviceAccount:{identity pool name}[{subject}]`
+ *
+ * Generated from protobuf field string principal_subject = 2;
+ * @return string
+ */
+ public function getPrincipalSubject()
+ {
+ return $this->principal_subject;
+ }
+
+ /**
+ * A string representing the principal_subject associated with the identity.
+ * As compared to `principal_email`, supports principals that aren't
+ * associated with email addresses, such as third party principals. For most
+ * identities, the format will be `principal://iam.googleapis.com/{identity
+ * pool name}/subjects/{subject}` except for some GKE identities
+ * (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the legacy
+ * format `serviceAccount:{identity pool name}[{subject}]`
+ *
+ * Generated from protobuf field string principal_subject = 2;
+ * @param string $var
+ * @return $this
+ */
+ public function setPrincipalSubject($var)
+ {
+ GPBUtil::checkString($var, True);
+ $this->principal_subject = $var;
+
+ return $this;
+ }
+
+}
+