Class: Google::Cloud::SecurityCenter::V1::Kubernetes

Inherits:

Object

• Object
• Google::Cloud::SecurityCenter::V1::Kubernetes

Extended by:

Protobuf::MessageExts::ClassMethods

Includes:

Protobuf::MessageExts

Defined in:

proto_docs/google/cloud/securitycenter/v1/kubernetes.rb

Overview

Kubernetes-related attributes.

Defined Under Namespace

Classes: AccessReview, Binding, Node, NodePool, Object, Pod, Role, Subject

Instance Attribute Summary

• #access_reviews ⇒ ::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::AccessReview>

  Provides information on any Kubernetes access reviews (privilege checks) relevant to the finding.

• #bindings ⇒ ::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Binding>

  Provides Kubernetes role binding information for findings that involve RoleBindings or ClusterRoleBindings.

• #node_pools ⇒ ::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::NodePool>

  GKE node pools associated with the finding.

• #nodes ⇒ ::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Node>

  Provides Kubernetes node information.

• #objects ⇒ ::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Object>

  Kubernetes objects related to the finding.

• #pods ⇒ ::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Pod>

  Kubernetes Pods associated with the finding.

• #roles ⇒ ::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Role>

  Provides Kubernetes role information for findings that involve Roles or ClusterRoles.

Instance Attribute Details

#access_reviews ⇒ ::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::AccessReview>

Returns Provides information on any Kubernetes access reviews (privilege checks) relevant to the finding.

Returns:

• (::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::AccessReview>) —

  Provides information on any Kubernetes access reviews (privilege checks) relevant to the finding.

# File 'proto_docs/google/cloud/securitycenter/v1/kubernetes.rb', line 58

class Kubernetes
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # A Kubernetes Pod.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Kubernetes Pod namespace.
  # @!attribute [rw] name
  #   @return [::String]
  #     Kubernetes Pod name.
  # @!attribute [rw] labels
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Label>]
  #     Pod labels.  For Kubernetes containers, these are applied to the
  #     container.
  # @!attribute [rw] containers
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Container>]
  #     Pod containers associated with this finding, if any.
  class Pod
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Kubernetes nodes associated with the finding.
  # @!attribute [rw] name
  #   @return [::String]
  #     [Full resource name](https://google.aip.dev/122#full-resource-names) of
  #     the Compute Engine VM running the cluster node.
  class Node
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Provides GKE node pool information.
  # @!attribute [rw] name
  #   @return [::String]
  #     Kubernetes node pool name.
  # @!attribute [rw] nodes
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Node>]
  #     Nodes associated with the finding.
  class NodePool
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Kubernetes Role or ClusterRole.
  # @!attribute [rw] kind
  #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes::Role::Kind]
  #     Role type.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Role namespace.
  # @!attribute [rw] name
  #   @return [::String]
  #     Role name.
  class Role
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Types of Kubernetes roles.
    module Kind
      # Role type is not specified.
      KIND_UNSPECIFIED = 0

      # Kubernetes Role.
      ROLE = 1

      # Kubernetes ClusterRole.
      CLUSTER_ROLE = 2
    end
  end

  # Represents a Kubernetes RoleBinding or ClusterRoleBinding.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Namespace for the binding.
  # @!attribute [rw] name
  #   @return [::String]
  #     Name for the binding.
  # @!attribute [rw] role
  #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes::Role]
  #     The Role or ClusterRole referenced by the binding.
  # @!attribute [rw] subjects
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Subject>]
  #     Represents one or more subjects that are bound to the role. Not always
  #     available for PATCH requests.
  class Binding
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Represents a Kubernetes subject.
  # @!attribute [rw] kind
  #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes::Subject::AuthType]
  #     Authentication type for the subject.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Namespace for the subject.
  # @!attribute [rw] name
  #   @return [::String]
  #     Name for the subject.
  class Subject
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Auth types that can be used for the subject's kind field.
    module AuthType
      # Authentication is not specified.
      AUTH_TYPE_UNSPECIFIED = 0

      # User with valid certificate.
      USER = 1

      # Users managed by Kubernetes API with credentials stored as secrets.
      SERVICEACCOUNT = 2

      # Collection of users.
      GROUP = 3
    end
  end

  # Conveys information about a Kubernetes access review (such as one returned
  # by a [`kubectl auth
  # can-i`](https://kubernetes.io/docs/reference/access-authn-authz/authorization/#checking-api-access)
  # command) that was involved in a finding.
  # @!attribute [rw] group
  #   @return [::String]
  #     The API group of the resource. "*" means all.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Namespace of the action being requested. Currently, there is no
  #     distinction between no namespace and all namespaces.  Both
  #     are represented by "" (empty).
  # @!attribute [rw] name
  #   @return [::String]
  #     The name of the resource being requested. Empty means all.
  # @!attribute [rw] resource
  #   @return [::String]
  #     The optional resource type requested. "*" means all.
  # @!attribute [rw] subresource
  #   @return [::String]
  #     The optional subresource type.
  # @!attribute [rw] verb
  #   @return [::String]
  #     A Kubernetes resource API verb, like get, list, watch, create, update,
  #     delete, proxy. "*" means all.
  # @!attribute [rw] version
  #   @return [::String]
  #     The API version of the resource. "*" means all.
  class AccessReview
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Kubernetes object related to the finding, uniquely identified by GKNN.
  # Used if the object Kind is not one of Pod, Node, NodePool, Binding, or
  # AccessReview.
  # @!attribute [rw] group
  #   @return [::String]
  #     Kubernetes object group, such as "policy.k8s.io/v1".
  # @!attribute [rw] kind
  #   @return [::String]
  #     Kubernetes object kind, such as "Namespace".
  # @!attribute [rw] ns
  #   @return [::String]
  #     Kubernetes object namespace. Must be a valid DNS label. Named
  #     "ns" to avoid collision with C++ namespace keyword. For details see
  #     https://kubernetes.io/docs/tasks/administer-cluster/namespaces/.
  # @!attribute [rw] name
  #   @return [::String]
  #     Kubernetes object name. For details see
  #     https://kubernetes.io/docs/concepts/overview/working-with-objects/names/.
  # @!attribute [rw] containers
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Container>]
  #     Pod containers associated with this finding, if any.
  class Object
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#bindings ⇒ ::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Binding>

Returns Provides Kubernetes role binding information for findings that involve RoleBindings or ClusterRoleBindings.

Returns:

• (::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Binding>) —

  Provides Kubernetes role binding information for findings that involve RoleBindings or ClusterRoleBindings.

# File 'proto_docs/google/cloud/securitycenter/v1/kubernetes.rb', line 58

class Kubernetes
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # A Kubernetes Pod.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Kubernetes Pod namespace.
  # @!attribute [rw] name
  #   @return [::String]
  #     Kubernetes Pod name.
  # @!attribute [rw] labels
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Label>]
  #     Pod labels.  For Kubernetes containers, these are applied to the
  #     container.
  # @!attribute [rw] containers
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Container>]
  #     Pod containers associated with this finding, if any.
  class Pod
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Kubernetes nodes associated with the finding.
  # @!attribute [rw] name
  #   @return [::String]
  #     [Full resource name](https://google.aip.dev/122#full-resource-names) of
  #     the Compute Engine VM running the cluster node.
  class Node
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Provides GKE node pool information.
  # @!attribute [rw] name
  #   @return [::String]
  #     Kubernetes node pool name.
  # @!attribute [rw] nodes
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Node>]
  #     Nodes associated with the finding.
  class NodePool
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Kubernetes Role or ClusterRole.
  # @!attribute [rw] kind
  #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes::Role::Kind]
  #     Role type.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Role namespace.
  # @!attribute [rw] name
  #   @return [::String]
  #     Role name.
  class Role
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Types of Kubernetes roles.
    module Kind
      # Role type is not specified.
      KIND_UNSPECIFIED = 0

      # Kubernetes Role.
      ROLE = 1

      # Kubernetes ClusterRole.
      CLUSTER_ROLE = 2
    end
  end

  # Represents a Kubernetes RoleBinding or ClusterRoleBinding.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Namespace for the binding.
  # @!attribute [rw] name
  #   @return [::String]
  #     Name for the binding.
  # @!attribute [rw] role
  #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes::Role]
  #     The Role or ClusterRole referenced by the binding.
  # @!attribute [rw] subjects
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Subject>]
  #     Represents one or more subjects that are bound to the role. Not always
  #     available for PATCH requests.
  class Binding
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Represents a Kubernetes subject.
  # @!attribute [rw] kind
  #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes::Subject::AuthType]
  #     Authentication type for the subject.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Namespace for the subject.
  # @!attribute [rw] name
  #   @return [::String]
  #     Name for the subject.
  class Subject
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Auth types that can be used for the subject's kind field.
    module AuthType
      # Authentication is not specified.
      AUTH_TYPE_UNSPECIFIED = 0

      # User with valid certificate.
      USER = 1

      # Users managed by Kubernetes API with credentials stored as secrets.
      SERVICEACCOUNT = 2

      # Collection of users.
      GROUP = 3
    end
  end

  # Conveys information about a Kubernetes access review (such as one returned
  # by a [`kubectl auth
  # can-i`](https://kubernetes.io/docs/reference/access-authn-authz/authorization/#checking-api-access)
  # command) that was involved in a finding.
  # @!attribute [rw] group
  #   @return [::String]
  #     The API group of the resource. "*" means all.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Namespace of the action being requested. Currently, there is no
  #     distinction between no namespace and all namespaces.  Both
  #     are represented by "" (empty).
  # @!attribute [rw] name
  #   @return [::String]
  #     The name of the resource being requested. Empty means all.
  # @!attribute [rw] resource
  #   @return [::String]
  #     The optional resource type requested. "*" means all.
  # @!attribute [rw] subresource
  #   @return [::String]
  #     The optional subresource type.
  # @!attribute [rw] verb
  #   @return [::String]
  #     A Kubernetes resource API verb, like get, list, watch, create, update,
  #     delete, proxy. "*" means all.
  # @!attribute [rw] version
  #   @return [::String]
  #     The API version of the resource. "*" means all.
  class AccessReview
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Kubernetes object related to the finding, uniquely identified by GKNN.
  # Used if the object Kind is not one of Pod, Node, NodePool, Binding, or
  # AccessReview.
  # @!attribute [rw] group
  #   @return [::String]
  #     Kubernetes object group, such as "policy.k8s.io/v1".
  # @!attribute [rw] kind
  #   @return [::String]
  #     Kubernetes object kind, such as "Namespace".
  # @!attribute [rw] ns
  #   @return [::String]
  #     Kubernetes object namespace. Must be a valid DNS label. Named
  #     "ns" to avoid collision with C++ namespace keyword. For details see
  #     https://kubernetes.io/docs/tasks/administer-cluster/namespaces/.
  # @!attribute [rw] name
  #   @return [::String]
  #     Kubernetes object name. For details see
  #     https://kubernetes.io/docs/concepts/overview/working-with-objects/names/.
  # @!attribute [rw] containers
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Container>]
  #     Pod containers associated with this finding, if any.
  class Object
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#node_pools ⇒ ::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::NodePool>

Returns GKE node pools associated with the finding. This field contains node pool information for each node, when it is available.

Returns:

• (::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::NodePool>) —

  GKE node pools associated with the finding. This field contains node pool information for each node, when it is available.

# File 'proto_docs/google/cloud/securitycenter/v1/kubernetes.rb', line 58

class Kubernetes
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # A Kubernetes Pod.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Kubernetes Pod namespace.
  # @!attribute [rw] name
  #   @return [::String]
  #     Kubernetes Pod name.
  # @!attribute [rw] labels
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Label>]
  #     Pod labels.  For Kubernetes containers, these are applied to the
  #     container.
  # @!attribute [rw] containers
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Container>]
  #     Pod containers associated with this finding, if any.
  class Pod
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Kubernetes nodes associated with the finding.
  # @!attribute [rw] name
  #   @return [::String]
  #     [Full resource name](https://google.aip.dev/122#full-resource-names) of
  #     the Compute Engine VM running the cluster node.
  class Node
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Provides GKE node pool information.
  # @!attribute [rw] name
  #   @return [::String]
  #     Kubernetes node pool name.
  # @!attribute [rw] nodes
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Node>]
  #     Nodes associated with the finding.
  class NodePool
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Kubernetes Role or ClusterRole.
  # @!attribute [rw] kind
  #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes::Role::Kind]
  #     Role type.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Role namespace.
  # @!attribute [rw] name
  #   @return [::String]
  #     Role name.
  class Role
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Types of Kubernetes roles.
    module Kind
      # Role type is not specified.
      KIND_UNSPECIFIED = 0

      # Kubernetes Role.
      ROLE = 1

      # Kubernetes ClusterRole.
      CLUSTER_ROLE = 2
    end
  end

  # Represents a Kubernetes RoleBinding or ClusterRoleBinding.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Namespace for the binding.
  # @!attribute [rw] name
  #   @return [::String]
  #     Name for the binding.
  # @!attribute [rw] role
  #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes::Role]
  #     The Role or ClusterRole referenced by the binding.
  # @!attribute [rw] subjects
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Subject>]
  #     Represents one or more subjects that are bound to the role. Not always
  #     available for PATCH requests.
  class Binding
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Represents a Kubernetes subject.
  # @!attribute [rw] kind
  #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes::Subject::AuthType]
  #     Authentication type for the subject.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Namespace for the subject.
  # @!attribute [rw] name
  #   @return [::String]
  #     Name for the subject.
  class Subject
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Auth types that can be used for the subject's kind field.
    module AuthType
      # Authentication is not specified.
      AUTH_TYPE_UNSPECIFIED = 0

      # User with valid certificate.
      USER = 1

      # Users managed by Kubernetes API with credentials stored as secrets.
      SERVICEACCOUNT = 2

      # Collection of users.
      GROUP = 3
    end
  end

  # Conveys information about a Kubernetes access review (such as one returned
  # by a [`kubectl auth
  # can-i`](https://kubernetes.io/docs/reference/access-authn-authz/authorization/#checking-api-access)
  # command) that was involved in a finding.
  # @!attribute [rw] group
  #   @return [::String]
  #     The API group of the resource. "*" means all.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Namespace of the action being requested. Currently, there is no
  #     distinction between no namespace and all namespaces.  Both
  #     are represented by "" (empty).
  # @!attribute [rw] name
  #   @return [::String]
  #     The name of the resource being requested. Empty means all.
  # @!attribute [rw] resource
  #   @return [::String]
  #     The optional resource type requested. "*" means all.
  # @!attribute [rw] subresource
  #   @return [::String]
  #     The optional subresource type.
  # @!attribute [rw] verb
  #   @return [::String]
  #     A Kubernetes resource API verb, like get, list, watch, create, update,
  #     delete, proxy. "*" means all.
  # @!attribute [rw] version
  #   @return [::String]
  #     The API version of the resource. "*" means all.
  class AccessReview
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Kubernetes object related to the finding, uniquely identified by GKNN.
  # Used if the object Kind is not one of Pod, Node, NodePool, Binding, or
  # AccessReview.
  # @!attribute [rw] group
  #   @return [::String]
  #     Kubernetes object group, such as "policy.k8s.io/v1".
  # @!attribute [rw] kind
  #   @return [::String]
  #     Kubernetes object kind, such as "Namespace".
  # @!attribute [rw] ns
  #   @return [::String]
  #     Kubernetes object namespace. Must be a valid DNS label. Named
  #     "ns" to avoid collision with C++ namespace keyword. For details see
  #     https://kubernetes.io/docs/tasks/administer-cluster/namespaces/.
  # @!attribute [rw] name
  #   @return [::String]
  #     Kubernetes object name. For details see
  #     https://kubernetes.io/docs/concepts/overview/working-with-objects/names/.
  # @!attribute [rw] containers
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Container>]
  #     Pod containers associated with this finding, if any.
  class Object
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#nodes ⇒ ::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Node>

Returns Provides Kubernetes node information.

Returns:

• (::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Node>) —

  Provides Kubernetes node information.

# File 'proto_docs/google/cloud/securitycenter/v1/kubernetes.rb', line 58

class Kubernetes
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # A Kubernetes Pod.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Kubernetes Pod namespace.
  # @!attribute [rw] name
  #   @return [::String]
  #     Kubernetes Pod name.
  # @!attribute [rw] labels
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Label>]
  #     Pod labels.  For Kubernetes containers, these are applied to the
  #     container.
  # @!attribute [rw] containers
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Container>]
  #     Pod containers associated with this finding, if any.
  class Pod
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Kubernetes nodes associated with the finding.
  # @!attribute [rw] name
  #   @return [::String]
  #     [Full resource name](https://google.aip.dev/122#full-resource-names) of
  #     the Compute Engine VM running the cluster node.
  class Node
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Provides GKE node pool information.
  # @!attribute [rw] name
  #   @return [::String]
  #     Kubernetes node pool name.
  # @!attribute [rw] nodes
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Node>]
  #     Nodes associated with the finding.
  class NodePool
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Kubernetes Role or ClusterRole.
  # @!attribute [rw] kind
  #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes::Role::Kind]
  #     Role type.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Role namespace.
  # @!attribute [rw] name
  #   @return [::String]
  #     Role name.
  class Role
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Types of Kubernetes roles.
    module Kind
      # Role type is not specified.
      KIND_UNSPECIFIED = 0

      # Kubernetes Role.
      ROLE = 1

      # Kubernetes ClusterRole.
      CLUSTER_ROLE = 2
    end
  end

  # Represents a Kubernetes RoleBinding or ClusterRoleBinding.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Namespace for the binding.
  # @!attribute [rw] name
  #   @return [::String]
  #     Name for the binding.
  # @!attribute [rw] role
  #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes::Role]
  #     The Role or ClusterRole referenced by the binding.
  # @!attribute [rw] subjects
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Subject>]
  #     Represents one or more subjects that are bound to the role. Not always
  #     available for PATCH requests.
  class Binding
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Represents a Kubernetes subject.
  # @!attribute [rw] kind
  #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes::Subject::AuthType]
  #     Authentication type for the subject.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Namespace for the subject.
  # @!attribute [rw] name
  #   @return [::String]
  #     Name for the subject.
  class Subject
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Auth types that can be used for the subject's kind field.
    module AuthType
      # Authentication is not specified.
      AUTH_TYPE_UNSPECIFIED = 0

      # User with valid certificate.
      USER = 1

      # Users managed by Kubernetes API with credentials stored as secrets.
      SERVICEACCOUNT = 2

      # Collection of users.
      GROUP = 3
    end
  end

  # Conveys information about a Kubernetes access review (such as one returned
  # by a [`kubectl auth
  # can-i`](https://kubernetes.io/docs/reference/access-authn-authz/authorization/#checking-api-access)
  # command) that was involved in a finding.
  # @!attribute [rw] group
  #   @return [::String]
  #     The API group of the resource. "*" means all.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Namespace of the action being requested. Currently, there is no
  #     distinction between no namespace and all namespaces.  Both
  #     are represented by "" (empty).
  # @!attribute [rw] name
  #   @return [::String]
  #     The name of the resource being requested. Empty means all.
  # @!attribute [rw] resource
  #   @return [::String]
  #     The optional resource type requested. "*" means all.
  # @!attribute [rw] subresource
  #   @return [::String]
  #     The optional subresource type.
  # @!attribute [rw] verb
  #   @return [::String]
  #     A Kubernetes resource API verb, like get, list, watch, create, update,
  #     delete, proxy. "*" means all.
  # @!attribute [rw] version
  #   @return [::String]
  #     The API version of the resource. "*" means all.
  class AccessReview
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Kubernetes object related to the finding, uniquely identified by GKNN.
  # Used if the object Kind is not one of Pod, Node, NodePool, Binding, or
  # AccessReview.
  # @!attribute [rw] group
  #   @return [::String]
  #     Kubernetes object group, such as "policy.k8s.io/v1".
  # @!attribute [rw] kind
  #   @return [::String]
  #     Kubernetes object kind, such as "Namespace".
  # @!attribute [rw] ns
  #   @return [::String]
  #     Kubernetes object namespace. Must be a valid DNS label. Named
  #     "ns" to avoid collision with C++ namespace keyword. For details see
  #     https://kubernetes.io/docs/tasks/administer-cluster/namespaces/.
  # @!attribute [rw] name
  #   @return [::String]
  #     Kubernetes object name. For details see
  #     https://kubernetes.io/docs/concepts/overview/working-with-objects/names/.
  # @!attribute [rw] containers
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Container>]
  #     Pod containers associated with this finding, if any.
  class Object
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#objects ⇒ ::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Object>

Returns Kubernetes objects related to the finding.

Returns:

• (::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Object>) —

  Kubernetes objects related to the finding.

# File 'proto_docs/google/cloud/securitycenter/v1/kubernetes.rb', line 58

class Kubernetes
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # A Kubernetes Pod.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Kubernetes Pod namespace.
  # @!attribute [rw] name
  #   @return [::String]
  #     Kubernetes Pod name.
  # @!attribute [rw] labels
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Label>]
  #     Pod labels.  For Kubernetes containers, these are applied to the
  #     container.
  # @!attribute [rw] containers
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Container>]
  #     Pod containers associated with this finding, if any.
  class Pod
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Kubernetes nodes associated with the finding.
  # @!attribute [rw] name
  #   @return [::String]
  #     [Full resource name](https://google.aip.dev/122#full-resource-names) of
  #     the Compute Engine VM running the cluster node.
  class Node
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Provides GKE node pool information.
  # @!attribute [rw] name
  #   @return [::String]
  #     Kubernetes node pool name.
  # @!attribute [rw] nodes
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Node>]
  #     Nodes associated with the finding.
  class NodePool
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Kubernetes Role or ClusterRole.
  # @!attribute [rw] kind
  #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes::Role::Kind]
  #     Role type.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Role namespace.
  # @!attribute [rw] name
  #   @return [::String]
  #     Role name.
  class Role
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Types of Kubernetes roles.
    module Kind
      # Role type is not specified.
      KIND_UNSPECIFIED = 0

      # Kubernetes Role.
      ROLE = 1

      # Kubernetes ClusterRole.
      CLUSTER_ROLE = 2
    end
  end

  # Represents a Kubernetes RoleBinding or ClusterRoleBinding.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Namespace for the binding.
  # @!attribute [rw] name
  #   @return [::String]
  #     Name for the binding.
  # @!attribute [rw] role
  #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes::Role]
  #     The Role or ClusterRole referenced by the binding.
  # @!attribute [rw] subjects
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Subject>]
  #     Represents one or more subjects that are bound to the role. Not always
  #     available for PATCH requests.
  class Binding
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Represents a Kubernetes subject.
  # @!attribute [rw] kind
  #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes::Subject::AuthType]
  #     Authentication type for the subject.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Namespace for the subject.
  # @!attribute [rw] name
  #   @return [::String]
  #     Name for the subject.
  class Subject
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Auth types that can be used for the subject's kind field.
    module AuthType
      # Authentication is not specified.
      AUTH_TYPE_UNSPECIFIED = 0

      # User with valid certificate.
      USER = 1

      # Users managed by Kubernetes API with credentials stored as secrets.
      SERVICEACCOUNT = 2

      # Collection of users.
      GROUP = 3
    end
  end

  # Conveys information about a Kubernetes access review (such as one returned
  # by a [`kubectl auth
  # can-i`](https://kubernetes.io/docs/reference/access-authn-authz/authorization/#checking-api-access)
  # command) that was involved in a finding.
  # @!attribute [rw] group
  #   @return [::String]
  #     The API group of the resource. "*" means all.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Namespace of the action being requested. Currently, there is no
  #     distinction between no namespace and all namespaces.  Both
  #     are represented by "" (empty).
  # @!attribute [rw] name
  #   @return [::String]
  #     The name of the resource being requested. Empty means all.
  # @!attribute [rw] resource
  #   @return [::String]
  #     The optional resource type requested. "*" means all.
  # @!attribute [rw] subresource
  #   @return [::String]
  #     The optional subresource type.
  # @!attribute [rw] verb
  #   @return [::String]
  #     A Kubernetes resource API verb, like get, list, watch, create, update,
  #     delete, proxy. "*" means all.
  # @!attribute [rw] version
  #   @return [::String]
  #     The API version of the resource. "*" means all.
  class AccessReview
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Kubernetes object related to the finding, uniquely identified by GKNN.
  # Used if the object Kind is not one of Pod, Node, NodePool, Binding, or
  # AccessReview.
  # @!attribute [rw] group
  #   @return [::String]
  #     Kubernetes object group, such as "policy.k8s.io/v1".
  # @!attribute [rw] kind
  #   @return [::String]
  #     Kubernetes object kind, such as "Namespace".
  # @!attribute [rw] ns
  #   @return [::String]
  #     Kubernetes object namespace. Must be a valid DNS label. Named
  #     "ns" to avoid collision with C++ namespace keyword. For details see
  #     https://kubernetes.io/docs/tasks/administer-cluster/namespaces/.
  # @!attribute [rw] name
  #   @return [::String]
  #     Kubernetes object name. For details see
  #     https://kubernetes.io/docs/concepts/overview/working-with-objects/names/.
  # @!attribute [rw] containers
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Container>]
  #     Pod containers associated with this finding, if any.
  class Object
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#pods ⇒ ::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Pod>

Returns Kubernetes Pods associated with the finding. This field contains Pod records for each container that is owned by a Pod.

Returns:

• (::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Pod>) —

  Kubernetes Pods associated with the finding. This field contains Pod records for each container that is owned by a Pod.

# File 'proto_docs/google/cloud/securitycenter/v1/kubernetes.rb', line 58

class Kubernetes
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # A Kubernetes Pod.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Kubernetes Pod namespace.
  # @!attribute [rw] name
  #   @return [::String]
  #     Kubernetes Pod name.
  # @!attribute [rw] labels
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Label>]
  #     Pod labels.  For Kubernetes containers, these are applied to the
  #     container.
  # @!attribute [rw] containers
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Container>]
  #     Pod containers associated with this finding, if any.
  class Pod
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Kubernetes nodes associated with the finding.
  # @!attribute [rw] name
  #   @return [::String]
  #     [Full resource name](https://google.aip.dev/122#full-resource-names) of
  #     the Compute Engine VM running the cluster node.
  class Node
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Provides GKE node pool information.
  # @!attribute [rw] name
  #   @return [::String]
  #     Kubernetes node pool name.
  # @!attribute [rw] nodes
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Node>]
  #     Nodes associated with the finding.
  class NodePool
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Kubernetes Role or ClusterRole.
  # @!attribute [rw] kind
  #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes::Role::Kind]
  #     Role type.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Role namespace.
  # @!attribute [rw] name
  #   @return [::String]
  #     Role name.
  class Role
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Types of Kubernetes roles.
    module Kind
      # Role type is not specified.
      KIND_UNSPECIFIED = 0

      # Kubernetes Role.
      ROLE = 1

      # Kubernetes ClusterRole.
      CLUSTER_ROLE = 2
    end
  end

  # Represents a Kubernetes RoleBinding or ClusterRoleBinding.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Namespace for the binding.
  # @!attribute [rw] name
  #   @return [::String]
  #     Name for the binding.
  # @!attribute [rw] role
  #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes::Role]
  #     The Role or ClusterRole referenced by the binding.
  # @!attribute [rw] subjects
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Subject>]
  #     Represents one or more subjects that are bound to the role. Not always
  #     available for PATCH requests.
  class Binding
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Represents a Kubernetes subject.
  # @!attribute [rw] kind
  #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes::Subject::AuthType]
  #     Authentication type for the subject.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Namespace for the subject.
  # @!attribute [rw] name
  #   @return [::String]
  #     Name for the subject.
  class Subject
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Auth types that can be used for the subject's kind field.
    module AuthType
      # Authentication is not specified.
      AUTH_TYPE_UNSPECIFIED = 0

      # User with valid certificate.
      USER = 1

      # Users managed by Kubernetes API with credentials stored as secrets.
      SERVICEACCOUNT = 2

      # Collection of users.
      GROUP = 3
    end
  end

  # Conveys information about a Kubernetes access review (such as one returned
  # by a [`kubectl auth
  # can-i`](https://kubernetes.io/docs/reference/access-authn-authz/authorization/#checking-api-access)
  # command) that was involved in a finding.
  # @!attribute [rw] group
  #   @return [::String]
  #     The API group of the resource. "*" means all.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Namespace of the action being requested. Currently, there is no
  #     distinction between no namespace and all namespaces.  Both
  #     are represented by "" (empty).
  # @!attribute [rw] name
  #   @return [::String]
  #     The name of the resource being requested. Empty means all.
  # @!attribute [rw] resource
  #   @return [::String]
  #     The optional resource type requested. "*" means all.
  # @!attribute [rw] subresource
  #   @return [::String]
  #     The optional subresource type.
  # @!attribute [rw] verb
  #   @return [::String]
  #     A Kubernetes resource API verb, like get, list, watch, create, update,
  #     delete, proxy. "*" means all.
  # @!attribute [rw] version
  #   @return [::String]
  #     The API version of the resource. "*" means all.
  class AccessReview
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Kubernetes object related to the finding, uniquely identified by GKNN.
  # Used if the object Kind is not one of Pod, Node, NodePool, Binding, or
  # AccessReview.
  # @!attribute [rw] group
  #   @return [::String]
  #     Kubernetes object group, such as "policy.k8s.io/v1".
  # @!attribute [rw] kind
  #   @return [::String]
  #     Kubernetes object kind, such as "Namespace".
  # @!attribute [rw] ns
  #   @return [::String]
  #     Kubernetes object namespace. Must be a valid DNS label. Named
  #     "ns" to avoid collision with C++ namespace keyword. For details see
  #     https://kubernetes.io/docs/tasks/administer-cluster/namespaces/.
  # @!attribute [rw] name
  #   @return [::String]
  #     Kubernetes object name. For details see
  #     https://kubernetes.io/docs/concepts/overview/working-with-objects/names/.
  # @!attribute [rw] containers
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Container>]
  #     Pod containers associated with this finding, if any.
  class Object
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#roles ⇒ ::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Role>

Returns Provides Kubernetes role information for findings that involve Roles or ClusterRoles.

Returns:

• (::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Role>) —

  Provides Kubernetes role information for findings that involve Roles or ClusterRoles.

# File 'proto_docs/google/cloud/securitycenter/v1/kubernetes.rb', line 58

class Kubernetes
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # A Kubernetes Pod.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Kubernetes Pod namespace.
  # @!attribute [rw] name
  #   @return [::String]
  #     Kubernetes Pod name.
  # @!attribute [rw] labels
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Label>]
  #     Pod labels.  For Kubernetes containers, these are applied to the
  #     container.
  # @!attribute [rw] containers
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Container>]
  #     Pod containers associated with this finding, if any.
  class Pod
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Kubernetes nodes associated with the finding.
  # @!attribute [rw] name
  #   @return [::String]
  #     [Full resource name](https://google.aip.dev/122#full-resource-names) of
  #     the Compute Engine VM running the cluster node.
  class Node
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Provides GKE node pool information.
  # @!attribute [rw] name
  #   @return [::String]
  #     Kubernetes node pool name.
  # @!attribute [rw] nodes
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Node>]
  #     Nodes associated with the finding.
  class NodePool
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Kubernetes Role or ClusterRole.
  # @!attribute [rw] kind
  #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes::Role::Kind]
  #     Role type.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Role namespace.
  # @!attribute [rw] name
  #   @return [::String]
  #     Role name.
  class Role
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Types of Kubernetes roles.
    module Kind
      # Role type is not specified.
      KIND_UNSPECIFIED = 0

      # Kubernetes Role.
      ROLE = 1

      # Kubernetes ClusterRole.
      CLUSTER_ROLE = 2
    end
  end

  # Represents a Kubernetes RoleBinding or ClusterRoleBinding.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Namespace for the binding.
  # @!attribute [rw] name
  #   @return [::String]
  #     Name for the binding.
  # @!attribute [rw] role
  #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes::Role]
  #     The Role or ClusterRole referenced by the binding.
  # @!attribute [rw] subjects
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Subject>]
  #     Represents one or more subjects that are bound to the role. Not always
  #     available for PATCH requests.
  class Binding
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Represents a Kubernetes subject.
  # @!attribute [rw] kind
  #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes::Subject::AuthType]
  #     Authentication type for the subject.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Namespace for the subject.
  # @!attribute [rw] name
  #   @return [::String]
  #     Name for the subject.
  class Subject
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Auth types that can be used for the subject's kind field.
    module AuthType
      # Authentication is not specified.
      AUTH_TYPE_UNSPECIFIED = 0

      # User with valid certificate.
      USER = 1

      # Users managed by Kubernetes API with credentials stored as secrets.
      SERVICEACCOUNT = 2

      # Collection of users.
      GROUP = 3
    end
  end

  # Conveys information about a Kubernetes access review (such as one returned
  # by a [`kubectl auth
  # can-i`](https://kubernetes.io/docs/reference/access-authn-authz/authorization/#checking-api-access)
  # command) that was involved in a finding.
  # @!attribute [rw] group
  #   @return [::String]
  #     The API group of the resource. "*" means all.
  # @!attribute [rw] ns
  #   @return [::String]
  #     Namespace of the action being requested. Currently, there is no
  #     distinction between no namespace and all namespaces.  Both
  #     are represented by "" (empty).
  # @!attribute [rw] name
  #   @return [::String]
  #     The name of the resource being requested. Empty means all.
  # @!attribute [rw] resource
  #   @return [::String]
  #     The optional resource type requested. "*" means all.
  # @!attribute [rw] subresource
  #   @return [::String]
  #     The optional subresource type.
  # @!attribute [rw] verb
  #   @return [::String]
  #     A Kubernetes resource API verb, like get, list, watch, create, update,
  #     delete, proxy. "*" means all.
  # @!attribute [rw] version
  #   @return [::String]
  #     The API version of the resource. "*" means all.
  class AccessReview
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Kubernetes object related to the finding, uniquely identified by GKNN.
  # Used if the object Kind is not one of Pod, Node, NodePool, Binding, or
  # AccessReview.
  # @!attribute [rw] group
  #   @return [::String]
  #     Kubernetes object group, such as "policy.k8s.io/v1".
  # @!attribute [rw] kind
  #   @return [::String]
  #     Kubernetes object kind, such as "Namespace".
  # @!attribute [rw] ns
  #   @return [::String]
  #     Kubernetes object namespace. Must be a valid DNS label. Named
  #     "ns" to avoid collision with C++ namespace keyword. For details see
  #     https://kubernetes.io/docs/tasks/administer-cluster/namespaces/.
  # @!attribute [rw] name
  #   @return [::String]
  #     Kubernetes object name. For details see
  #     https://kubernetes.io/docs/concepts/overview/working-with-objects/names/.
  # @!attribute [rw] containers
  #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Container>]
  #     Pod containers associated with this finding, if any.
  class Object
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end