▽

Package containersecurity_logging

Variables

Enum value maps for FindingType.

var (
    FindingType_name = map[int32]string{
        0: "FINDING_TYPE_UNSPECIFIED",
        1: "FINDING_TYPE_MISCONFIG",
        2: "FINDING_TYPE_VULNERABILITY",
    }
    FindingType_value = map[string]int32{
        "FINDING_TYPE_UNSPECIFIED":   0,
        "FINDING_TYPE_MISCONFIG":     1,
        "FINDING_TYPE_VULNERABILITY": 2,
    }
)

Enum value maps for Severity.

var (
    Severity_name = map[int32]string{
        0: "SEVERITY_UNSPECIFIED",
        1: "SEVERITY_CRITICAL",
        2: "SEVERITY_HIGH",
        3: "SEVERITY_MEDIUM",
        4: "SEVERITY_LOW",
    }
    Severity_value = map[string]int32{
        "SEVERITY_UNSPECIFIED": 0,
        "SEVERITY_CRITICAL":    1,
        "SEVERITY_HIGH":        2,
        "SEVERITY_MEDIUM":      3,
        "SEVERITY_LOW":         4,
    }
)

Enum value maps for Finding_State.

var (
    Finding_State_name = map[int32]string{
        0: "STATE_UNSPECIFIED",
        1: "ACTIVE",
        2: "REMEDIATED",
    }
    Finding_State_value = map[string]int32{
        "STATE_UNSPECIFIED": 0,
        "ACTIVE":            1,
        "REMEDIATED":        2,
    }
)

var File_google_cloud_kubernetes_security_containersecurity_logging_logging_proto protoreflect.FileDescriptor

type Finding ¶

A security concern for an asset(i.e cluster, workload, etc). Each finding corresponds to a type of security concern. A finding is created during the scan of an asset by any one of the GKE Security Posture features that are enabled.

type Finding struct {

    // Fully qualified resource name of the k8s resource, e.g.:
    // {api}/{version}/namespaces/{namespace}/{kind}/{workload name}
    ResourceName string `protobuf:"bytes,1,opt,name=resource_name,json=resourceName,proto3" json:"resource_name,omitempty"`
    // The type of security finding this is.
    Type FindingType `protobuf:"varint,2,opt,name=type,proto3,enum=cloud.kubernetes.security.containersecurity_logging.FindingType" json:"type,omitempty"`
    // State determines whether the finding still exists or has been resolved.
    State Finding_State `protobuf:"varint,3,opt,name=state,proto3,enum=cloud.kubernetes.security.containersecurity_logging.Finding_State" json:"state,omitempty"`
    // The human readable representation of the specific security finding.
    // e.g. RUN_AS_NONROOT, CVE_ID_0 etc depending on the type.
    Finding string `protobuf:"bytes,4,opt,name=finding,proto3" json:"finding,omitempty"`
    // Severity determines the recommended actions for this finding.
    Severity Severity `protobuf:"varint,5,opt,name=severity,proto3,enum=cloud.kubernetes.security.containersecurity_logging.Severity" json:"severity,omitempty"`
    // The time this finding was found/remediated.
    EventTime *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=event_time,json=eventTime,proto3" json:"event_time,omitempty"`
    // Specific details about the security finding if there are any.
    //
    // Types that are assignable to Details:
    //
    //	*Finding_Vulnerability
    Details isFinding_Details `protobuf_oneof:"details"`
    // contains filtered or unexported fields
}

func (*Finding) Descriptor ¶

func (*Finding) Descriptor() ([]byte, []int)

Deprecated: Use Finding.ProtoReflect.Descriptor instead.

func (*Finding) GetDetails ¶

func (m *Finding) GetDetails() isFinding_Details

func (*Finding) GetEventTime ¶

func (x *Finding) GetEventTime() *timestamppb.Timestamp

func (*Finding) GetFinding ¶

func (x *Finding) GetFinding() string

func (*Finding) GetResourceName ¶

func (x *Finding) GetResourceName() string

func (*Finding) GetSeverity ¶

func (x *Finding) GetSeverity() Severity

func (*Finding) GetState ¶

func (x *Finding) GetState() Finding_State

func (*Finding) GetType ¶

func (x *Finding) GetType() FindingType

func (*Finding) GetVulnerability ¶

func (x *Finding) GetVulnerability() *Vulnerability

func (*Finding) ProtoMessage ¶

func (*Finding) ProtoMessage()

func (*Finding) ProtoReflect ¶

func (x *Finding) ProtoReflect() protoreflect.Message

func (*Finding) Reset ¶

func (x *Finding) Reset()

func (*Finding) String ¶

func (x *Finding) String() string

type FindingType ¶

FindingType is an enumeration of all possible finding types in GKE Security Posture.

type FindingType int32

const (
    // Default value, unspecified.
    FindingType_FINDING_TYPE_UNSPECIFIED FindingType = 0
    // Workload misconfiguration policy audit.
    FindingType_FINDING_TYPE_MISCONFIG FindingType = 1
    // Workload vulnerabilities scanning.
    FindingType_FINDING_TYPE_VULNERABILITY FindingType = 2
)

func (FindingType) Descriptor ¶

func (FindingType) Descriptor() protoreflect.EnumDescriptor

func (FindingType) Enum ¶

func (x FindingType) Enum() *FindingType

func (FindingType) EnumDescriptor ¶

func (FindingType) EnumDescriptor() ([]byte, []int)

Deprecated: Use FindingType.Descriptor instead.

func (FindingType) Number ¶

func (x FindingType) Number() protoreflect.EnumNumber

func (FindingType) String ¶

func (x FindingType) String() string

func (FindingType) Type ¶

func (FindingType) Type() protoreflect.EnumType

type Finding_State ¶

The current state of the finding(e.g still active, has been fixed etc).

type Finding_State int32

const (
    // Default value, only used to determine that nothing was specified.
    Finding_STATE_UNSPECIFIED Finding_State = 0
    // Active state means that the finding exists on the asset.
    Finding_ACTIVE Finding_State = 1
    // Remediated means that the finding has been fixed on the asset.
    Finding_REMEDIATED Finding_State = 2
)

func (Finding_State) Descriptor ¶

func (Finding_State) Descriptor() protoreflect.EnumDescriptor

func (Finding_State) Enum ¶

func (x Finding_State) Enum() *Finding_State

func (Finding_State) EnumDescriptor ¶

func (Finding_State) EnumDescriptor() ([]byte, []int)

Deprecated: Use Finding_State.Descriptor instead.

func (Finding_State) Number ¶

func (x Finding_State) Number() protoreflect.EnumNumber

func (Finding_State) String ¶

func (x Finding_State) String() string

func (Finding_State) Type ¶

func (Finding_State) Type() protoreflect.EnumType

type Finding_Vulnerability ¶

type Finding_Vulnerability struct {
    Vulnerability *Vulnerability `protobuf:"bytes,7,opt,name=vulnerability,proto3,oneof"`
}

type Severity ¶

Severity is an enumeration of all the possible severities of a violation.

type Severity int32

const (
    // Default value, only used to determine that nothing was specified.
    Severity_SEVERITY_UNSPECIFIED Severity = 0
    // SEVERITY_CRITICAL recommends taking action immediately.
    Severity_SEVERITY_CRITICAL Severity = 1
    // SEVERITY_HIGH recommends taking action if possible.
    Severity_SEVERITY_HIGH Severity = 2
    // SEVERITY_MEDIUM recommends investigation.
    Severity_SEVERITY_MEDIUM Severity = 3
    // SEVERITY_LOW recommends being aware of the problem.
    Severity_SEVERITY_LOW Severity = 4
)

func (Severity) Descriptor ¶

func (Severity) Descriptor() protoreflect.EnumDescriptor

func (Severity) Enum ¶

func (x Severity) Enum() *Severity

func (Severity) EnumDescriptor ¶

func (Severity) EnumDescriptor() ([]byte, []int)

Deprecated: Use Severity.Descriptor instead.

func (Severity) Number ¶

func (x Severity) Number() protoreflect.EnumNumber

func (Severity) String ¶

func (x Severity) String() string

func (Severity) Type ¶

func (Severity) Type() protoreflect.EnumType

type Vulnerability ¶

Identifies a package vulnerability found within a workload.

type Vulnerability struct {

    // package name where vulnerability detected
    PackageName string `protobuf:"bytes,1,opt,name=package_name,json=packageName,proto3" json:"package_name,omitempty"`
    // affected package version
    AffectedPackageVersion string `protobuf:"bytes,2,opt,name=affected_package_version,json=affectedPackageVersion,proto3" json:"affected_package_version,omitempty"`
    // title of vulnerability assigned by CVE
    CveId string `protobuf:"bytes,3,opt,name=cve_id,json=cveId,proto3" json:"cve_id,omitempty"`
    // cpe_uri where vulnerability detected
    CpeUri string `protobuf:"bytes,4,opt,name=cpe_uri,json=cpeUri,proto3" json:"cpe_uri,omitempty"`
    // assigned severity for vulnerability
    Severity Severity `protobuf:"varint,5,opt,name=severity,proto3,enum=cloud.kubernetes.security.containersecurity_logging.Severity" json:"severity,omitempty"`
    // overall CVSS score
    CvssScore float32 `protobuf:"fixed32,6,opt,name=cvss_score,json=cvssScore,proto3" json:"cvss_score,omitempty"`
    // detailed CVSS score, format `CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N`
    CvssVector string `protobuf:"bytes,7,opt,name=cvss_vector,json=cvssVector,proto3" json:"cvss_vector,omitempty"`
    // cpe_uri where vulnerability is fixed
    FixedCpeUri string `protobuf:"bytes,8,opt,name=fixed_cpe_uri,json=fixedCpeUri,proto3" json:"fixed_cpe_uri,omitempty"`
    // type of package (os, maven, go)
    PackageType string `protobuf:"bytes,9,opt,name=package_type,json=packageType,proto3" json:"package_type,omitempty"`
    // package name where vulnerability is fixed
    FixedPackage string `protobuf:"bytes,10,opt,name=fixed_package,json=fixedPackage,proto3" json:"fixed_package,omitempty"`
    // fixed package version
    FixedPackageVersion string `protobuf:"bytes,11,opt,name=fixed_package_version,json=fixedPackageVersion,proto3" json:"fixed_package_version,omitempty"`
    // detailed description
    Description string `protobuf:"bytes,12,opt,name=description,proto3" json:"description,omitempty"`
    // reference URL for source CVE database
    RelatedUrls []string `protobuf:"bytes,13,rep,name=related_urls,json=relatedUrls,proto3" json:"related_urls,omitempty"`
    // affected images
    AffectedImages []string `protobuf:"bytes,14,rep,name=affected_images,json=affectedImages,proto3" json:"affected_images,omitempty"`
    // contains filtered or unexported fields
}

func (*Vulnerability) Descriptor ¶

func (*Vulnerability) Descriptor() ([]byte, []int)

Deprecated: Use Vulnerability.ProtoReflect.Descriptor instead.

func (*Vulnerability) GetAffectedImages ¶

func (x *Vulnerability) GetAffectedImages() []string

func (*Vulnerability) GetAffectedPackageVersion ¶

func (x *Vulnerability) GetAffectedPackageVersion() string

func (*Vulnerability) GetCpeUri ¶

func (x *Vulnerability) GetCpeUri() string

func (*Vulnerability) GetCveId ¶

func (x *Vulnerability) GetCveId() string

func (*Vulnerability) GetCvssScore ¶

func (x *Vulnerability) GetCvssScore() float32

func (*Vulnerability) GetCvssVector ¶

func (x *Vulnerability) GetCvssVector() string

func (*Vulnerability) GetDescription ¶

func (x *Vulnerability) GetDescription() string

func (*Vulnerability) GetFixedCpeUri ¶

func (x *Vulnerability) GetFixedCpeUri() string

func (*Vulnerability) GetFixedPackage ¶

func (x *Vulnerability) GetFixedPackage() string

func (*Vulnerability) GetFixedPackageVersion ¶

func (x *Vulnerability) GetFixedPackageVersion() string

func (*Vulnerability) GetPackageName ¶

func (x *Vulnerability) GetPackageName() string

func (*Vulnerability) GetPackageType ¶

func (x *Vulnerability) GetPackageType() string

func (*Vulnerability) GetRelatedUrls ¶

func (x *Vulnerability) GetRelatedUrls() []string

func (*Vulnerability) GetSeverity ¶

func (x *Vulnerability) GetSeverity() Severity

func (*Vulnerability) ProtoMessage ¶

func (*Vulnerability) ProtoMessage()

func (*Vulnerability) ProtoReflect ¶

func (x *Vulnerability) ProtoReflect() protoreflect.Message

func (*Vulnerability) Reset ¶

func (x *Vulnerability) Reset()

func (*Vulnerability) String ¶

func (x *Vulnerability) String() string