pkg.gl

AccessReview: Conveys information about a Kubernetes access review (such as one returned by a `kubectl auth can-i` (https://kubernetes.io/docs/reference/access-authn-authz/authorization/#checking-api-access) command) that was involved in a finding.

AdaptiveProtection

AdaptiveProtection: Information about Google Cloud Armor Adaptive Protection (https://cloud.google.com/armor/docs/cloud-armor-overview#google-cloud-armor-adaptive-protection).

Allowed

Allowed: Allowed IP rule.

Application

Application: Represents an application associated with a finding.

Attack

Attack: Information about DDoS attack volume and classification.

AttackExposure

AttackExposure: An attack exposure contains the results of an attack path simulation run.

AwsAccount

AwsAccount: An AWS account that is a member of an organization.

AwsMetadata

AwsMetadata: AWS metadata associated with the resource, only applicable if the finding's cloud provider is Amazon Web Services.

AwsOrganization

AwsOrganization: An organization is a collection of accounts that are centrally managed together using consolidated billing, organized hierarchically with organizational units (OUs), and controlled with policies.

AwsOrganizationalUnit

AwsOrganizationalUnit: An Organizational Unit (OU) is a container of AWS accounts within a root of an organization.

AzureManagementGroup

AzureManagementGroup: Represents an Azure management group.

AzureMetadata

AzureMetadata: Azure metadata associated with the resource, only applicable if the finding's cloud provider is Microsoft Azure.

AzureResourceGroup

AzureResourceGroup: Represents an Azure resource group.

AzureSubscription

AzureSubscription: Represents an Azure subscription.

AzureTenant

AzureTenant: Represents a Microsoft Entra tenant.

BackupDisasterRecovery

BackupDisasterRecovery: Information related to Google Cloud Backup and DR Service findings.

CloudArmor

CloudArmor: Fields related to Google Cloud Armor findings.

CloudDlpDataProfile

CloudDlpDataProfile: The data profile (https://cloud.google.com/dlp/docs/data-profiles) associated with the finding.

CloudDlpInspection

CloudDlpInspection: Details about the Cloud Data Loss Prevention (Cloud DLP) inspection job (https://cloud.google.com/dlp/docs/concepts-job-triggers) that produced the finding.

CloudLoggingEntry

CloudLoggingEntry: Metadata taken from a Cloud Logging LogEntry (https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry).

Compliance

Compliance: Contains compliance information about a security standard indicating unmet recommendations.

ComplianceSnapshot

ComplianceSnapshot: Result containing the properties and count of a ComplianceSnapshot request.

Config

Config: Configuration of a module.

Connection

Connection: Contains information about the IP connection associated with the finding.

Contact

Contact: The email address of a contact.

ContactDetails

ContactDetails: Details about specific contacts.

Container

Container: Container associated with the finding.

ContainerThreatDetectionSettings

ContainerThreatDetectionSettings: Resource capturing the settings for the Container Threat Detection service.

Cve

Cve: CVE stands for Common Vulnerabilities and Exposures.

Cvssv3

Cvssv3: Common Vulnerability Scoring System version 3.

DataAccessEvent

DataAccessEvent: Details about a data access attempt made by a principal not authorized under applicable data security policy.

Database

Database: Represents database access information, such as queries.

DataFlowEvent

DataFlowEvent: Details about a data flow event, in which either the data is moved to or is accessed from a non-compliant geo-location, as defined in the applicable data security policy.

DataRetentionDeletionEvent

DataRetentionDeletionEvent: Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy.

Denied

Denied: Denied IP rule.

Details

Details: Details of a subscription.

Detection

Detection: Memory hash detection contributing to the binary family match.

Disk

Disk: Contains information about the disk associated with the finding.

DiskPath

DiskPath: Path of the file in terms of underlying disk/partition identifiers.

DynamicMuteRecord

DynamicMuteRecord: The record of a dynamic mute rule that matches the finding.

EnvironmentVariable

EnvironmentVariable: A name-value pair representing an environment variable used in an operating system process.

EventThreatDetectionSettings

EventThreatDetectionSettings: Resource capturing the settings for the Event Threat Detection service.

ExfilResource

ExfilResource: Resource where data was exfiltrated from or exfiltrated to.

Exfiltration

Exfiltration: Exfiltration represents a data exfiltration attempt from one or more sources to one or more targets.

Expr

Expr: Represents a textual expression in the Common Expression Language (CEL) syntax.

File

File: File information about the related binary/library used by an executable, or the script used by a script interpreter.

Finding

Finding: Security Command Center finding.

Folder

Folder: Message that contains the resource name and display name of a folder resource.

FoldersContainerThreatDetectionSettingsCalculateCall

FoldersContainerThreatDetectionSettingsService

FoldersEventThreatDetectionSettingsCalculateCall

FoldersEventThreatDetectionSettingsService

FoldersGetContainerThreatDetectionSettingsCall

FoldersGetEventThreatDetectionSettingsCall

FoldersGetRapidVulnerabilityDetectionSettingsCall

FoldersGetSecurityCenterSettingsCall

FoldersGetSecurityHealthAnalyticsSettingsCall

FoldersGetVirtualMachineThreatDetectionSettingsCall

FoldersGetWebSecurityScannerSettingsCall

FoldersRapidVulnerabilityDetectionSettingsCalculateCall

FoldersRapidVulnerabilityDetectionSettingsService

FoldersSecurityHealthAnalyticsSettingsCalculateCall

FoldersSecurityHealthAnalyticsSettingsService

FoldersService

FoldersUpdateContainerThreatDetectionSettingsCall

FoldersUpdateEventThreatDetectionSettingsCall

FoldersUpdateRapidVulnerabilityDetectionSettingsCall

FoldersUpdateSecurityHealthAnalyticsSettingsCall

FoldersUpdateVirtualMachineThreatDetectionSettingsCall

FoldersUpdateWebSecurityScannerSettingsCall

FoldersVirtualMachineThreatDetectionSettingsCalculateCall

FoldersVirtualMachineThreatDetectionSettingsService

FoldersWebSecurityScannerSettingsCalculateCall

FoldersWebSecurityScannerSettingsService

GcpMetadata

GcpMetadata: GCP metadata associated with the resource, only applicable if the finding's cloud provider is Google Cloud Platform.

Geolocation

Geolocation: Represents a geographical location for a given access.

GoogleCloudSecuritycenterV1beta1RunAssetDiscoveryResponse

GoogleCloudSecuritycenterV1beta1RunAssetDiscoveryResponse: Response of asset discovery run.

GoogleCloudSecuritycenterV1BigQueryExport

GoogleCloudSecuritycenterV1BigQueryExport: Configures how to deliver Findings to BigQuery Instance.

GoogleCloudSecuritycenterV1Binding

GoogleCloudSecuritycenterV1Binding: Represents a Kubernetes RoleBinding or ClusterRoleBinding.

GoogleCloudSecuritycenterV1BulkMuteFindingsResponse

GoogleCloudSecuritycenterV1BulkMuteFindingsResponse: The response to a BulkMute request.

GoogleCloudSecuritycenterV1CustomConfig

GoogleCloudSecuritycenterV1CustomConfig: Defines the properties in a custom module configuration for Security Health Analytics.

GoogleCloudSecuritycenterV1CustomOutputSpec

GoogleCloudSecuritycenterV1CustomOutputSpec: A set of optional name-value pairs that define custom source properties to return with each finding that is generated by the custom module.

GoogleCloudSecuritycenterV1EffectiveSecurityHealthAnalyticsCustomModule

GoogleCloudSecuritycenterV1EffectiveSecurityHealthAnalyticsCustomModule: An EffectiveSecurityHealthAnalyticsCustomModule is the representation of a Security Health Analytics custom module at a specified level of the resource hierarchy: organization, folder, or project.

GoogleCloudSecuritycenterV1ExternalSystem

GoogleCloudSecuritycenterV1ExternalSystem: Representation of third party SIEM/SOAR fields within SCC.

GoogleCloudSecuritycenterV1MuteConfig

GoogleCloudSecuritycenterV1MuteConfig: A mute config is a Cloud SCC resource that contains the configuration to mute create/update events of findings.

GoogleCloudSecuritycenterV1NotificationMessage

GoogleCloudSecuritycenterV1NotificationMessage: Cloud SCC's Notification.

GoogleCloudSecuritycenterV1p1beta1Finding

GoogleCloudSecuritycenterV1p1beta1Finding: Security Command Center finding.

GoogleCloudSecuritycenterV1p1beta1Folder

GoogleCloudSecuritycenterV1p1beta1Folder: Message that contains the resource name and display name of a folder resource.

GoogleCloudSecuritycenterV1p1beta1NotificationMessage

GoogleCloudSecuritycenterV1p1beta1NotificationMessage: Security Command Center's Notification.

GoogleCloudSecuritycenterV1p1beta1Resource

GoogleCloudSecuritycenterV1p1beta1Resource: Information related to the Google Cloud resource.

GoogleCloudSecuritycenterV1p1beta1RunAssetDiscoveryResponse

GoogleCloudSecuritycenterV1p1beta1RunAssetDiscoveryResponse: Response of asset discovery run.

GoogleCloudSecuritycenterV1p1beta1SecurityMarks

GoogleCloudSecuritycenterV1p1beta1SecurityMarks: User specified security marks that are attached to the parent Security Command Center resource.

GoogleCloudSecuritycenterV1Property

GoogleCloudSecuritycenterV1Property: An individual name-value pair that defines a custom source property.

GoogleCloudSecuritycenterV1Resource

GoogleCloudSecuritycenterV1Resource: Information related to the Google Cloud resource.

GoogleCloudSecuritycenterV1ResourceSelector

GoogleCloudSecuritycenterV1ResourceSelector: Resource for selecting resource type.

GoogleCloudSecuritycenterV1ResourceValueConfig

GoogleCloudSecuritycenterV1ResourceValueConfig: A resource value configuration (RVC) is a mapping configuration of user's resources to resource values.

GoogleCloudSecuritycenterV1RunAssetDiscoveryResponse

GoogleCloudSecuritycenterV1RunAssetDiscoveryResponse: Response of asset discovery run.

GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule

GoogleCloudSecuritycenterV1SecurityHealthAnalyticsCustomModule: Represents an instance of a Security Health Analytics custom module, including its full module name, display name, enablement state, and last updated time.

GoogleCloudSecuritycenterV1SensitiveDataProtectionMapping

GoogleCloudSecuritycenterV1SensitiveDataProtectionMapping: Resource value mapping for Sensitive Data Protection findings.

GoogleCloudSecuritycenterV2Access

GoogleCloudSecuritycenterV2Access: Represents an access event.

GoogleCloudSecuritycenterV2AccessReview

GoogleCloudSecuritycenterV2AccessReview: Conveys information about a Kubernetes access review (such as one returned by a `kubectl auth can-i` (https://kubernetes.io/docs/reference/access-authn-authz/authorization/#checking-api-access) command) that was involved in a finding.

GoogleCloudSecuritycenterV2AdaptiveProtection

GoogleCloudSecuritycenterV2AdaptiveProtection: Information about Google Cloud Armor Adaptive Protection (https://cloud.google.com/armor/docs/cloud-armor-overview#google-cloud-armor-adaptive-protection).

GoogleCloudSecuritycenterV2Allowed

GoogleCloudSecuritycenterV2Allowed: Allowed IP rule.

GoogleCloudSecuritycenterV2Application

GoogleCloudSecuritycenterV2Application: Represents an application associated with a finding.

GoogleCloudSecuritycenterV2Attack

GoogleCloudSecuritycenterV2Attack: Information about DDoS attack volume and classification.

GoogleCloudSecuritycenterV2AttackExposure

GoogleCloudSecuritycenterV2AttackExposure: An attack exposure contains the results of an attack path simulation run.

GoogleCloudSecuritycenterV2AwsAccount

GoogleCloudSecuritycenterV2AwsAccount: An AWS account that is a member of an organization.

GoogleCloudSecuritycenterV2AwsMetadata

GoogleCloudSecuritycenterV2AwsMetadata: AWS metadata associated with the resource, only applicable if the finding's cloud provider is Amazon Web Services.

GoogleCloudSecuritycenterV2AwsOrganization

GoogleCloudSecuritycenterV2AwsOrganization: An organization is a collection of accounts that are centrally managed together using consolidated billing, organized hierarchically with organizational units (OUs), and controlled with policies.

GoogleCloudSecuritycenterV2AwsOrganizationalUnit

GoogleCloudSecuritycenterV2AwsOrganizationalUnit: An Organizational Unit (OU) is a container of AWS accounts within a root of an organization.

GoogleCloudSecuritycenterV2AzureManagementGroup

GoogleCloudSecuritycenterV2AzureManagementGroup: Represents an Azure management group.

GoogleCloudSecuritycenterV2AzureMetadata

GoogleCloudSecuritycenterV2AzureMetadata: Azure metadata associated with the resource, only applicable if the finding's cloud provider is Microsoft Azure.

GoogleCloudSecuritycenterV2AzureResourceGroup

GoogleCloudSecuritycenterV2AzureResourceGroup: Represents an Azure resource group.

GoogleCloudSecuritycenterV2AzureSubscription

GoogleCloudSecuritycenterV2AzureSubscription: Represents an Azure subscription.

GoogleCloudSecuritycenterV2AzureTenant

GoogleCloudSecuritycenterV2AzureTenant: Represents a Microsoft Entra tenant.

GoogleCloudSecuritycenterV2BackupDisasterRecovery

GoogleCloudSecuritycenterV2BackupDisasterRecovery: Information related to Google Cloud Backup and DR Service findings.

GoogleCloudSecuritycenterV2BigQueryExport

GoogleCloudSecuritycenterV2BigQueryExport: Configures how to deliver Findings to BigQuery Instance.

GoogleCloudSecuritycenterV2Binding

GoogleCloudSecuritycenterV2Binding: Represents a Kubernetes RoleBinding or ClusterRoleBinding.

GoogleCloudSecuritycenterV2BulkMuteFindingsResponse

GoogleCloudSecuritycenterV2BulkMuteFindingsResponse: The response to a BulkMute request.

GoogleCloudSecuritycenterV2CloudArmor

GoogleCloudSecuritycenterV2CloudArmor: Fields related to Google Cloud Armor findings.

GoogleCloudSecuritycenterV2CloudDlpDataProfile

GoogleCloudSecuritycenterV2CloudDlpDataProfile: The data profile (https://cloud.google.com/dlp/docs/data-profiles) associated with the finding.

GoogleCloudSecuritycenterV2CloudDlpInspection

GoogleCloudSecuritycenterV2CloudDlpInspection: Details about the Cloud Data Loss Prevention (Cloud DLP) inspection job (https://cloud.google.com/dlp/docs/concepts-job-triggers) that produced the finding.

GoogleCloudSecuritycenterV2CloudLoggingEntry

GoogleCloudSecuritycenterV2CloudLoggingEntry: Metadata taken from a Cloud Logging LogEntry (https://cloud.google.com/logging/docs/reference/v2/rest/v2/LogEntry).

GoogleCloudSecuritycenterV2Compliance

GoogleCloudSecuritycenterV2Compliance: Contains compliance information about a security standard indicating unmet recommendations.

GoogleCloudSecuritycenterV2Connection

GoogleCloudSecuritycenterV2Connection: Contains information about the IP connection associated with the finding.

GoogleCloudSecuritycenterV2Contact

GoogleCloudSecuritycenterV2Contact: The email address of a contact.

GoogleCloudSecuritycenterV2ContactDetails

GoogleCloudSecuritycenterV2ContactDetails: Details about specific contacts.

GoogleCloudSecuritycenterV2Container

GoogleCloudSecuritycenterV2Container: Container associated with the finding.

GoogleCloudSecuritycenterV2Cve

GoogleCloudSecuritycenterV2Cve: CVE stands for Common Vulnerabilities and Exposures.

GoogleCloudSecuritycenterV2Cvssv3

GoogleCloudSecuritycenterV2Cvssv3: Common Vulnerability Scoring System version 3.

GoogleCloudSecuritycenterV2DataAccessEvent

GoogleCloudSecuritycenterV2DataAccessEvent: Details about a data access attempt made by a principal not authorized under applicable data security policy.

GoogleCloudSecuritycenterV2Database

GoogleCloudSecuritycenterV2Database: Represents database access information, such as queries.

GoogleCloudSecuritycenterV2DataFlowEvent

GoogleCloudSecuritycenterV2DataFlowEvent: Details about a data flow event, in which either the data is moved to or is accessed from a non-compliant geo-location, as defined in the applicable data security policy.

GoogleCloudSecuritycenterV2DataRetentionDeletionEvent

GoogleCloudSecuritycenterV2DataRetentionDeletionEvent: Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy.

GoogleCloudSecuritycenterV2Denied

GoogleCloudSecuritycenterV2Denied: Denied IP rule.

GoogleCloudSecuritycenterV2Detection

GoogleCloudSecuritycenterV2Detection: Memory hash detection contributing to the binary family match.

GoogleCloudSecuritycenterV2Disk

GoogleCloudSecuritycenterV2Disk: Contains information about the disk associated with the finding.

GoogleCloudSecuritycenterV2DiskPath

GoogleCloudSecuritycenterV2DiskPath: Path of the file in terms of underlying disk/partition identifiers.

GoogleCloudSecuritycenterV2DynamicMuteRecord

GoogleCloudSecuritycenterV2DynamicMuteRecord: The record of a dynamic mute rule that matches the finding.

GoogleCloudSecuritycenterV2EnvironmentVariable

GoogleCloudSecuritycenterV2EnvironmentVariable: A name-value pair representing an environment variable used in an operating system process.

GoogleCloudSecuritycenterV2ExfilResource

GoogleCloudSecuritycenterV2ExfilResource: Resource where data was exfiltrated from or exfiltrated to.

GoogleCloudSecuritycenterV2Exfiltration

GoogleCloudSecuritycenterV2Exfiltration: Exfiltration represents a data exfiltration attempt from one or more sources to one or more targets.

GoogleCloudSecuritycenterV2ExternalSystem

GoogleCloudSecuritycenterV2ExternalSystem: Representation of third party SIEM/SOAR fields within SCC.

GoogleCloudSecuritycenterV2File

GoogleCloudSecuritycenterV2File: File information about the related binary/library used by an executable, or the script used by a script interpreter.

GoogleCloudSecuritycenterV2Finding

GoogleCloudSecuritycenterV2Finding: Security Command Center finding.

GoogleCloudSecuritycenterV2Folder

GoogleCloudSecuritycenterV2Folder: Message that contains the resource name and display name of a folder resource.

GoogleCloudSecuritycenterV2Geolocation

GoogleCloudSecuritycenterV2Geolocation: Represents a geographical location for a given access.

GoogleCloudSecuritycenterV2GroupMembership

GoogleCloudSecuritycenterV2GroupMembership: Contains details about groups of which this finding is a member.

GoogleCloudSecuritycenterV2IamBinding

GoogleCloudSecuritycenterV2IamBinding: Represents a particular IAM binding, which captures a member's role addition, removal, or state.

GoogleCloudSecuritycenterV2Indicator

GoogleCloudSecuritycenterV2Indicator: Represents what's commonly known as an _indicator of compromise_ (IoC) in computer forensics.

GoogleCloudSecuritycenterV2IpRule

GoogleCloudSecuritycenterV2IpRule: IP rule information.

GoogleCloudSecuritycenterV2IpRules

GoogleCloudSecuritycenterV2IpRules: IP rules associated with the finding.

GoogleCloudSecuritycenterV2Issue

GoogleCloudSecuritycenterV2Issue: Security Command Center Issue.

GoogleCloudSecuritycenterV2IssueDomain

GoogleCloudSecuritycenterV2IssueDomain: The domains of an issue.

GoogleCloudSecuritycenterV2IssueFinding

GoogleCloudSecuritycenterV2IssueFinding: Finding related to an issue.

GoogleCloudSecuritycenterV2IssueFindingCve

GoogleCloudSecuritycenterV2IssueFindingCve: The CVE of the finding.

GoogleCloudSecuritycenterV2IssueFindingSecurityBulletin

GoogleCloudSecuritycenterV2IssueFindingSecurityBulletin: The security bulletin of the finding.

GoogleCloudSecuritycenterV2IssueMute

GoogleCloudSecuritycenterV2IssueMute: The mute information of the issue.

GoogleCloudSecuritycenterV2IssueResource

GoogleCloudSecuritycenterV2IssueResource: A resource associated with the an issue.

GoogleCloudSecuritycenterV2IssueResourceAwsMetadata

GoogleCloudSecuritycenterV2IssueResourceAwsMetadata: The AWS metadata of a resource associated with an issue.

GoogleCloudSecuritycenterV2IssueResourceAwsMetadataAwsAccount

GoogleCloudSecuritycenterV2IssueResourceAwsMetadataAwsAccount: The AWS account of the resource associated with the issue.

GoogleCloudSecuritycenterV2IssueResourceAzureMetadata

GoogleCloudSecuritycenterV2IssueResourceAzureMetadata: The Azure metadata of a resource associated with an issue.

GoogleCloudSecuritycenterV2IssueResourceAzureMetadataAzureSubscription

GoogleCloudSecuritycenterV2IssueResourceAzureMetadataAzureSubscription: The Azure subscription of the resource associated with the issue.

GoogleCloudSecuritycenterV2IssueResourceGoogleCloudMetadata

GoogleCloudSecuritycenterV2IssueResourceGoogleCloudMetadata: Google Cloud metadata of a resource associated with an issue.

GoogleCloudSecuritycenterV2IssueSecurityContext

GoogleCloudSecuritycenterV2IssueSecurityContext: Security context associated with an issue.

GoogleCloudSecuritycenterV2IssueSecurityContextAggregatedCount

GoogleCloudSecuritycenterV2IssueSecurityContextAggregatedCount: Aggregated count of a security context.

GoogleCloudSecuritycenterV2IssueSecurityContextContext

GoogleCloudSecuritycenterV2IssueSecurityContextContext: Context of a security context.

GoogleCloudSecuritycenterV2Job

GoogleCloudSecuritycenterV2Job: Describes a job.

GoogleCloudSecuritycenterV2KernelRootkit

GoogleCloudSecuritycenterV2KernelRootkit: Kernel mode rootkit signatures.

GoogleCloudSecuritycenterV2Kubernetes

GoogleCloudSecuritycenterV2Kubernetes: Kubernetes-related attributes.

GoogleCloudSecuritycenterV2Label

GoogleCloudSecuritycenterV2Label: Represents a generic name-value label.

GoogleCloudSecuritycenterV2LoadBalancer

GoogleCloudSecuritycenterV2LoadBalancer: Contains information related to the load balancer associated with the finding.

GoogleCloudSecuritycenterV2LogEntry

GoogleCloudSecuritycenterV2LogEntry: An individual entry in a log.

GoogleCloudSecuritycenterV2MemoryHashSignature

GoogleCloudSecuritycenterV2MemoryHashSignature: A signature corresponding to memory page hashes.

GoogleCloudSecuritycenterV2MitreAttack

GoogleCloudSecuritycenterV2MitreAttack: MITRE ATT&CK tactics and techniques related to this finding.

GoogleCloudSecuritycenterV2MuteConfig

GoogleCloudSecuritycenterV2MuteConfig: A mute config is a Cloud SCC resource that contains the configuration to mute create/update events of findings.

GoogleCloudSecuritycenterV2MuteInfo

GoogleCloudSecuritycenterV2MuteInfo: Mute information about the finding, including whether the finding has a static mute or any matching dynamic mute rules.

GoogleCloudSecuritycenterV2Network

GoogleCloudSecuritycenterV2Network: Contains information about a VPC network associated with the finding.

GoogleCloudSecuritycenterV2Node

GoogleCloudSecuritycenterV2Node: Kubernetes nodes associated with the finding.

GoogleCloudSecuritycenterV2NodePool

GoogleCloudSecuritycenterV2NodePool: Provides GKE node pool information.

GoogleCloudSecuritycenterV2Notebook

GoogleCloudSecuritycenterV2Notebook: Represents a Jupyter notebook IPYNB file, such as a Colab Enterprise notebook (https://cloud.google.com/colab/docs/introduction) file, that is associated with a finding.

GoogleCloudSecuritycenterV2NotificationMessage

GoogleCloudSecuritycenterV2NotificationMessage: Cloud SCC's Notification.

GoogleCloudSecuritycenterV2Object

GoogleCloudSecuritycenterV2Object: Kubernetes object related to the finding, uniquely identified by GKNN.

GoogleCloudSecuritycenterV2OrgPolicy

GoogleCloudSecuritycenterV2OrgPolicy: Contains information about the org policies associated with the finding.

GoogleCloudSecuritycenterV2Package

GoogleCloudSecuritycenterV2Package: Package is a generic definition of a package.

GoogleCloudSecuritycenterV2Pod

GoogleCloudSecuritycenterV2Pod: A Kubernetes Pod.

GoogleCloudSecuritycenterV2PolicyDriftDetails

GoogleCloudSecuritycenterV2PolicyDriftDetails: The policy field that violates the deployed posture and its expected and detected values.

GoogleCloudSecuritycenterV2PortRange

GoogleCloudSecuritycenterV2PortRange: A port range which is inclusive of the min and max values.

GoogleCloudSecuritycenterV2Process

GoogleCloudSecuritycenterV2Process: Represents an operating system process.

GoogleCloudSecuritycenterV2ProcessSignature

GoogleCloudSecuritycenterV2ProcessSignature: Indicates what signature matched this process.

GoogleCloudSecuritycenterV2Reference

GoogleCloudSecuritycenterV2Reference: Additional Links.

GoogleCloudSecuritycenterV2Requests

GoogleCloudSecuritycenterV2Requests: Information about the requests relevant to the finding.

GoogleCloudSecuritycenterV2Resource

GoogleCloudSecuritycenterV2Resource: Information related to the Google Cloud resource.

GoogleCloudSecuritycenterV2ResourcePath

GoogleCloudSecuritycenterV2ResourcePath: Represents the path of resources leading up to the resource this finding is about.

GoogleCloudSecuritycenterV2ResourcePathNode

GoogleCloudSecuritycenterV2ResourcePathNode: A node within the resource path.

GoogleCloudSecuritycenterV2ResourceValueConfig

GoogleCloudSecuritycenterV2ResourceValueConfig: A resource value configuration (RVC) is a mapping configuration of user's resources to resource values.

GoogleCloudSecuritycenterV2Role

GoogleCloudSecuritycenterV2Role: Kubernetes Role or ClusterRole.

GoogleCloudSecuritycenterV2SecurityBulletin

GoogleCloudSecuritycenterV2SecurityBulletin: SecurityBulletin are notifications of vulnerabilities of Google products.

GoogleCloudSecuritycenterV2SecurityMarks

GoogleCloudSecuritycenterV2SecurityMarks: User specified security marks that are attached to the parent Security Command Center resource.

GoogleCloudSecuritycenterV2SecurityPolicy

GoogleCloudSecuritycenterV2SecurityPolicy: Information about the Google Cloud Armor security policy (https://cloud.google.com/armor/docs/security-policy-overview) relevant to the finding.

GoogleCloudSecuritycenterV2SecurityPosture

GoogleCloudSecuritycenterV2SecurityPosture: Represents a posture that is deployed on Google Cloud by the Security Command Center Posture Management service.

GoogleCloudSecuritycenterV2SensitiveDataProtectionMapping

GoogleCloudSecuritycenterV2SensitiveDataProtectionMapping: Resource value mapping for Sensitive Data Protection findings If any of these mappings have a resource value that is not unspecified, the resource_value field will be ignored when reading this configuration.

GoogleCloudSecuritycenterV2ServiceAccountDelegationInfo

GoogleCloudSecuritycenterV2ServiceAccountDelegationInfo: Identity delegation history of an authenticated service account.

GoogleCloudSecuritycenterV2StaticMute

GoogleCloudSecuritycenterV2StaticMute: Information about the static mute state.

GoogleCloudSecuritycenterV2Subject

GoogleCloudSecuritycenterV2Subject: Represents a Kubernetes subject.

GoogleCloudSecuritycenterV2TicketInfo

GoogleCloudSecuritycenterV2TicketInfo: Information about the ticket, if any, that is being used to track the resolution of the issue that is identified by this finding.

GoogleCloudSecuritycenterV2ToxicCombination

GoogleCloudSecuritycenterV2ToxicCombination: Contains details about a group of security issues that, when the issues occur together, represent a greater risk than when the issues occur independently.

GoogleCloudSecuritycenterV2Vulnerability

GoogleCloudSecuritycenterV2Vulnerability: Refers to common vulnerability fields e.g.

GoogleCloudSecuritycenterV2YaraRuleSignature

GoogleCloudSecuritycenterV2YaraRuleSignature: A signature corresponding to a YARA rule.

GroupMembership

GroupMembership: Contains details about groups of which this finding is a member.

IamBinding

IamBinding: Represents a particular IAM binding, which captures a member's role addition, removal, or state.

Indicator

Indicator: Represents what's commonly known as an _indicator of compromise_ (IoC) in computer forensics.

IpRule

IpRule: IP rule information.

IpRules

IpRules: IP rules associated with the finding.

Job

Job: Describes a job.

KernelRootkit

KernelRootkit: Kernel mode rootkit signatures.

Kubernetes

Kubernetes: Kubernetes-related attributes.

Label

Label: Represents a generic name-value label.

LoadBalancer

LoadBalancer: Contains information related to the load balancer associated with the finding.

LogEntry

LogEntry: An individual entry in a log.

MemoryHashSignature

MemoryHashSignature: A signature corresponding to memory page hashes.

MitreAttack

MitreAttack: MITRE ATT&CK tactics and techniques related to this finding.

MuteInfo

MuteInfo: Mute information about the finding, including whether the finding has a static mute or any matching dynamic mute rules.

Network

Network: Contains information about a VPC network associated with the finding.

Node

Node: Kubernetes nodes associated with the finding.

NodePool

NodePool: Provides GKE node pool information.

Notebook

Notebook: Represents a Jupyter notebook IPYNB file, such as a Colab Enterprise notebook (https://cloud.google.com/colab/docs/introduction) file, that is associated with a finding.

Object

Object: Kubernetes object related to the finding, uniquely identified by GKNN.

OrganizationsContainerThreatDetectionSettingsCalculateCall

OrganizationsContainerThreatDetectionSettingsService

OrganizationsEventThreatDetectionSettingsCalculateCall

OrganizationsEventThreatDetectionSettingsService

OrganizationsGetContainerThreatDetectionSettingsCall

OrganizationsGetEventThreatDetectionSettingsCall

OrganizationsGetRapidVulnerabilityDetectionSettingsCall

OrganizationsGetSecurityCenterSettingsCall

OrganizationsGetSecurityHealthAnalyticsSettingsCall

OrganizationsGetSubscriptionCall

OrganizationsGetVirtualMachineThreatDetectionSettingsCall

OrganizationsGetWebSecurityScannerSettingsCall

OrganizationsRapidVulnerabilityDetectionSettingsCalculateCall

OrganizationsRapidVulnerabilityDetectionSettingsService

OrganizationsSecurityHealthAnalyticsSettingsCalculateCall

OrganizationsSecurityHealthAnalyticsSettingsService

OrganizationsService

OrganizationsUpdateContainerThreatDetectionSettingsCall

OrganizationsUpdateEventThreatDetectionSettingsCall

OrganizationsUpdateRapidVulnerabilityDetectionSettingsCall

OrganizationsUpdateSecurityHealthAnalyticsSettingsCall

OrganizationsUpdateVirtualMachineThreatDetectionSettingsCall

OrganizationsUpdateWebSecurityScannerSettingsCall

OrganizationsVirtualMachineThreatDetectionSettingsCalculateCall

OrganizationsVirtualMachineThreatDetectionSettingsService

OrganizationsWebSecurityScannerSettingsCalculateCall

OrganizationsWebSecurityScannerSettingsService

OrgPolicy

OrgPolicy: Contains information about the org policies associated with the finding.

Package

Package: Package is a generic definition of a package.

Pod

Pod: A Kubernetes Pod.

PolicyDriftDetails

PolicyDriftDetails: The policy field that violates the deployed posture and its expected and detected values.

PortRange

PortRange: A port range which is inclusive of the min and max values.

Process

Process: Represents an operating system process.

ProcessSignature

ProcessSignature: Indicates what signature matched this process.

ProjectsContainerThreatDetectionSettingsCalculateCall

ProjectsContainerThreatDetectionSettingsService

ProjectsEventThreatDetectionSettingsCalculateCall

ProjectsEventThreatDetectionSettingsService

ProjectsGetContainerThreatDetectionSettingsCall

ProjectsGetEventThreatDetectionSettingsCall

ProjectsGetRapidVulnerabilityDetectionSettingsCall

ProjectsGetSecurityCenterSettingsCall

ProjectsGetSecurityHealthAnalyticsSettingsCall

ProjectsGetVirtualMachineThreatDetectionSettingsCall

ProjectsGetWebSecurityScannerSettingsCall

ProjectsLocationsClustersContainerThreatDetectionSettingsCalculateCall

ProjectsLocationsClustersContainerThreatDetectionSettingsService

ProjectsLocationsClustersGetContainerThreatDetectionSettingsCall

ProjectsLocationsClustersService

ProjectsLocationsClustersUpdateContainerThreatDetectionSettingsCall

ProjectsLocationsService

ProjectsRapidVulnerabilityDetectionSettingsCalculateCall

ProjectsRapidVulnerabilityDetectionSettingsService

ProjectsSecurityHealthAnalyticsSettingsCalculateCall

ProjectsSecurityHealthAnalyticsSettingsService

ProjectsService

ProjectsUpdateContainerThreatDetectionSettingsCall

ProjectsUpdateEventThreatDetectionSettingsCall

ProjectsUpdateRapidVulnerabilityDetectionSettingsCall

ProjectsUpdateSecurityHealthAnalyticsSettingsCall

ProjectsUpdateVirtualMachineThreatDetectionSettingsCall

ProjectsUpdateWebSecurityScannerSettingsCall

ProjectsVirtualMachineThreatDetectionSettingsCalculateCall

ProjectsVirtualMachineThreatDetectionSettingsService

ProjectsWebSecurityScannerSettingsCalculateCall

ProjectsWebSecurityScannerSettingsService

RapidVulnerabilityDetectionSettings

RapidVulnerabilityDetectionSettings: Resource capturing the settings for the Rapid Vulnerability Detection service.

Reference

Reference: Additional Links.

Requests

Requests: Information about the requests relevant to the finding.

ResourcePath

ResourcePath: Represents the path of resources leading up to the resource this finding is about.

ResourcePathNode

ResourcePathNode: A node within the resource path.

Role

Role: Kubernetes Role or ClusterRole.

SecurityBulletin

SecurityBulletin: SecurityBulletin are notifications of vulnerabilities of Google products.

SecurityCenterSettings

SecurityCenterSettings: Resource capturing the settings for Security Center.

SecurityHealthAnalyticsSettings

SecurityHealthAnalyticsSettings: Resource capturing the settings for the Security Health Analytics service.

SecurityMarks

SecurityMarks: User specified security marks that are attached to the parent Security Command Center resource.

SecurityPolicy

SecurityPolicy: Information about the Google Cloud Armor security policy (https://cloud.google.com/armor/docs/security-policy-overview) relevant to the finding.

SecurityPosture

SecurityPosture: Represents a posture that is deployed on Google Cloud by the Security Command Center Posture Management service.

Service

ServiceAccountDelegationInfo

ServiceAccountDelegationInfo: Identity delegation history of an authenticated service account.

StaticMute

StaticMute: Information about the static mute state.

Subject

Subject: Represents a Kubernetes subject.

Subscription

Subscription: Resource capturing the state of an organization's subscription.

TicketInfo

TicketInfo: Information about the ticket, if any, that is being used to track the resolution of the issue that is identified by this finding.

ToxicCombination

ToxicCombination: Contains details about a group of security issues that, when the issues occur together, represent a greater risk than when the issues occur independently.

VirtualMachineThreatDetectionSettings

VirtualMachineThreatDetectionSettings: Resource capturing the settings for the Virtual Machine Threat Detection service.

Vulnerability

Vulnerability: Refers to common vulnerability fields e.g.

VulnerabilityCountBySeverity

VulnerabilityCountBySeverity: Vulnerability count by severity.

VulnerabilitySnapshot

VulnerabilitySnapshot: Result containing the properties and count of a VulnerabilitySnapshot request.

WebSecurityScannerSettings

WebSecurityScannerSettings: Resource capturing the settings for the Web Security Scanner service.

YaraRuleSignature

YaraRuleSignature: A signature corresponding to a YARA rule.