Class: Google::Cloud::SecurityCenter::V1::AttackPath

Inherits:
Object
  • Object
show all
Extended by:
Protobuf::MessageExts::ClassMethods
Includes:
Protobuf::MessageExts
Defined in:
proto_docs/google/cloud/securitycenter/v1/attack_path.rb

Overview

A path that an attacker could take to reach an exposed resource.

Defined Under Namespace

Classes: AttackPathEdge, AttackPathNode

Instance Attribute Summary collapse

Instance Attribute Details

#edges::Array<::Google::Cloud::SecurityCenter::V1::AttackPath::AttackPathEdge>

Returns A list of the edges between nodes in this attack path.

Returns:



35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
 
# File 'proto_docs/google/cloud/securitycenter/v1/attack_path.rb', line 35

class AttackPath
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Represents one point that an attacker passes through in this attack path.
  # @!attribute [rw] resource
  #   @return [::String]
  #     The name of the resource at this point in the attack path.
  #     The format of the name follows the Cloud Asset Inventory [resource
  #     name
  #     format](https://cloud.google.com/asset-inventory/docs/resource-name-format)
  # @!attribute [rw] resource_type
  #   @return [::String]
  #     The [supported resource
  #     type](https://cloud.google.com/asset-inventory/docs/supported-asset-types)
  # @!attribute [rw] display_name
  #   @return [::String]
  #     Human-readable name of this resource.
  # @!attribute [rw] associated_findings
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::AttackPath::AttackPathNode::PathNodeAssociatedFinding>]
  #     The findings associated with this node in the attack path.
  # @!attribute [rw] uuid
  #   @return [::String]
  #     Unique id of the attack path node.
  # @!attribute [rw] attack_steps
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::AttackPath::AttackPathNode::AttackStepNode>]
  #     A list of attack step nodes that exist in this attack path node.
  class AttackPathNode
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # A finding that is associated with this node in the attack path.
    # @!attribute [rw] canonical_finding
    #   @return [::String]
    #     Canonical name of the associated findings. Example:
    #     `organizations/123/sources/456/findings/789`
    # @!attribute [rw] finding_category
    #   @return [::String]
    #     The additional taxonomy group within findings from a given source.
    # @!attribute [rw] name
    #   @return [::String]
    #     Full resource name of the finding.
    class PathNodeAssociatedFinding
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods
    end

    # Detailed steps the attack can take between path nodes.
    # @!attribute [rw] uuid
    #   @return [::String]
    #     Unique ID for one Node
    # @!attribute [rw] type
    #   @return [::Google::Cloud::SecurityCenter::V1::AttackPath::AttackPathNode::NodeType]
    #     Attack step type. Can be either AND, OR or DEFENSE
    # @!attribute [rw] display_name
    #   @return [::String]
    #     User friendly name of the attack step
    # @!attribute [rw] labels
    #   @return [::Google::Protobuf::Map{::String => ::String}]
    #     Attack step labels for metadata
    # @!attribute [rw] description
    #   @return [::String]
    #     Attack step description
    class AttackStepNode
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods

      # @!attribute [rw] key
      #   @return [::String]
      # @!attribute [rw] value
      #   @return [::String]
      class LabelsEntry
        include ::Google::Protobuf::MessageExts
        extend ::Google::Protobuf::MessageExts::ClassMethods
      end
    end

    # The type of the incoming attack step node.
    module NodeType
      # Type not specified
      NODE_TYPE_UNSPECIFIED = 0

      # Incoming edge joined with AND
      NODE_TYPE_AND = 1

      # Incoming edge joined with OR
      NODE_TYPE_OR = 2

      # Incoming edge is defense
      NODE_TYPE_DEFENSE = 3

      # Incoming edge is attacker
      NODE_TYPE_ATTACKER = 4
    end
  end

  # Represents a connection between a source node and a destination node in
  # this attack path.
  # @!attribute [rw] source
  #   @return [::String]
  #     The attack node uuid of the source node.
  # @!attribute [rw] destination
  #   @return [::String]
  #     The attack node uuid of the destination node.
  class AttackPathEdge
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#name::String

Returns The attack path name, for example, organizations/12/simulation/34/valuedResources/56/attackPaths/78.

Returns:

  • (::String)

    The attack path name, for example, organizations/12/simulation/34/valuedResources/56/attackPaths/78



35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
 
# File 'proto_docs/google/cloud/securitycenter/v1/attack_path.rb', line 35

class AttackPath
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Represents one point that an attacker passes through in this attack path.
  # @!attribute [rw] resource
  #   @return [::String]
  #     The name of the resource at this point in the attack path.
  #     The format of the name follows the Cloud Asset Inventory [resource
  #     name
  #     format](https://cloud.google.com/asset-inventory/docs/resource-name-format)
  # @!attribute [rw] resource_type
  #   @return [::String]
  #     The [supported resource
  #     type](https://cloud.google.com/asset-inventory/docs/supported-asset-types)
  # @!attribute [rw] display_name
  #   @return [::String]
  #     Human-readable name of this resource.
  # @!attribute [rw] associated_findings
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::AttackPath::AttackPathNode::PathNodeAssociatedFinding>]
  #     The findings associated with this node in the attack path.
  # @!attribute [rw] uuid
  #   @return [::String]
  #     Unique id of the attack path node.
  # @!attribute [rw] attack_steps
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::AttackPath::AttackPathNode::AttackStepNode>]
  #     A list of attack step nodes that exist in this attack path node.
  class AttackPathNode
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # A finding that is associated with this node in the attack path.
    # @!attribute [rw] canonical_finding
    #   @return [::String]
    #     Canonical name of the associated findings. Example:
    #     `organizations/123/sources/456/findings/789`
    # @!attribute [rw] finding_category
    #   @return [::String]
    #     The additional taxonomy group within findings from a given source.
    # @!attribute [rw] name
    #   @return [::String]
    #     Full resource name of the finding.
    class PathNodeAssociatedFinding
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods
    end

    # Detailed steps the attack can take between path nodes.
    # @!attribute [rw] uuid
    #   @return [::String]
    #     Unique ID for one Node
    # @!attribute [rw] type
    #   @return [::Google::Cloud::SecurityCenter::V1::AttackPath::AttackPathNode::NodeType]
    #     Attack step type. Can be either AND, OR or DEFENSE
    # @!attribute [rw] display_name
    #   @return [::String]
    #     User friendly name of the attack step
    # @!attribute [rw] labels
    #   @return [::Google::Protobuf::Map{::String => ::String}]
    #     Attack step labels for metadata
    # @!attribute [rw] description
    #   @return [::String]
    #     Attack step description
    class AttackStepNode
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods

      # @!attribute [rw] key
      #   @return [::String]
      # @!attribute [rw] value
      #   @return [::String]
      class LabelsEntry
        include ::Google::Protobuf::MessageExts
        extend ::Google::Protobuf::MessageExts::ClassMethods
      end
    end

    # The type of the incoming attack step node.
    module NodeType
      # Type not specified
      NODE_TYPE_UNSPECIFIED = 0

      # Incoming edge joined with AND
      NODE_TYPE_AND = 1

      # Incoming edge joined with OR
      NODE_TYPE_OR = 2

      # Incoming edge is defense
      NODE_TYPE_DEFENSE = 3

      # Incoming edge is attacker
      NODE_TYPE_ATTACKER = 4
    end
  end

  # Represents a connection between a source node and a destination node in
  # this attack path.
  # @!attribute [rw] source
  #   @return [::String]
  #     The attack node uuid of the source node.
  # @!attribute [rw] destination
  #   @return [::String]
  #     The attack node uuid of the destination node.
  class AttackPathEdge
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#path_nodes::Array<::Google::Cloud::SecurityCenter::V1::AttackPath::AttackPathNode>

Returns A list of nodes that exist in this attack path.

Returns:



35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
 
# File 'proto_docs/google/cloud/securitycenter/v1/attack_path.rb', line 35

class AttackPath
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Represents one point that an attacker passes through in this attack path.
  # @!attribute [rw] resource
  #   @return [::String]
  #     The name of the resource at this point in the attack path.
  #     The format of the name follows the Cloud Asset Inventory [resource
  #     name
  #     format](https://cloud.google.com/asset-inventory/docs/resource-name-format)
  # @!attribute [rw] resource_type
  #   @return [::String]
  #     The [supported resource
  #     type](https://cloud.google.com/asset-inventory/docs/supported-asset-types)
  # @!attribute [rw] display_name
  #   @return [::String]
  #     Human-readable name of this resource.
  # @!attribute [rw] associated_findings
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::AttackPath::AttackPathNode::PathNodeAssociatedFinding>]
  #     The findings associated with this node in the attack path.
  # @!attribute [rw] uuid
  #   @return [::String]
  #     Unique id of the attack path node.
  # @!attribute [rw] attack_steps
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::AttackPath::AttackPathNode::AttackStepNode>]
  #     A list of attack step nodes that exist in this attack path node.
  class AttackPathNode
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # A finding that is associated with this node in the attack path.
    # @!attribute [rw] canonical_finding
    #   @return [::String]
    #     Canonical name of the associated findings. Example:
    #     `organizations/123/sources/456/findings/789`
    # @!attribute [rw] finding_category
    #   @return [::String]
    #     The additional taxonomy group within findings from a given source.
    # @!attribute [rw] name
    #   @return [::String]
    #     Full resource name of the finding.
    class PathNodeAssociatedFinding
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods
    end

    # Detailed steps the attack can take between path nodes.
    # @!attribute [rw] uuid
    #   @return [::String]
    #     Unique ID for one Node
    # @!attribute [rw] type
    #   @return [::Google::Cloud::SecurityCenter::V1::AttackPath::AttackPathNode::NodeType]
    #     Attack step type. Can be either AND, OR or DEFENSE
    # @!attribute [rw] display_name
    #   @return [::String]
    #     User friendly name of the attack step
    # @!attribute [rw] labels
    #   @return [::Google::Protobuf::Map{::String => ::String}]
    #     Attack step labels for metadata
    # @!attribute [rw] description
    #   @return [::String]
    #     Attack step description
    class AttackStepNode
      include ::Google::Protobuf::MessageExts
      extend ::Google::Protobuf::MessageExts::ClassMethods

      # @!attribute [rw] key
      #   @return [::String]
      # @!attribute [rw] value
      #   @return [::String]
      class LabelsEntry
        include ::Google::Protobuf::MessageExts
        extend ::Google::Protobuf::MessageExts::ClassMethods
      end
    end

    # The type of the incoming attack step node.
    module NodeType
      # Type not specified
      NODE_TYPE_UNSPECIFIED = 0

      # Incoming edge joined with AND
      NODE_TYPE_AND = 1

      # Incoming edge joined with OR
      NODE_TYPE_OR = 2

      # Incoming edge is defense
      NODE_TYPE_DEFENSE = 3

      # Incoming edge is attacker
      NODE_TYPE_ATTACKER = 4
    end
  end

  # Represents a connection between a source node and a destination node in
  # this attack path.
  # @!attribute [rw] source
  #   @return [::String]
  #     The attack node uuid of the source node.
  # @!attribute [rw] destination
  #   @return [::String]
  #     The attack node uuid of the destination node.
  class AttackPathEdge
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end