websecurityscanner

package
v0.210.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 4, 2024 License: BSD-3-Clause Imports: 16 Imported by: 0

Documentation

Overview

Package websecurityscanner provides access to the Web Security Scanner API.

For product documentation, see: https://cloud.google.com/security-command-center/docs/concepts-web-security-scanner-overview/

Library status

These client libraries are officially supported by Google. However, this library is considered complete and is in maintenance mode. This means that we will address critical bugs and security issues but will not add any new features.

When possible, we recommend using our newer [Cloud Client Libraries for Go](https://pkg.go.dev/cloud.google.com/go) that are still actively being worked and iterated on.

Creating a client

Usage example:

import "google.golang.org/api/websecurityscanner/v1beta"
...
ctx := context.Background()
websecurityscannerService, err := websecurityscanner.NewService(ctx)

In this example, Google Application Default Credentials are used for authentication. For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials.

Other authentication options

To use an API key for authentication (note: some APIs do not support API keys), use google.golang.org/api/option.WithAPIKey:

websecurityscannerService, err := websecurityscanner.NewService(ctx, option.WithAPIKey("AIza..."))

To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow, use google.golang.org/api/option.WithTokenSource:

config := &oauth2.Config{...}
// ...
token, err := config.Exchange(ctx, ...)
websecurityscannerService, err := websecurityscanner.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token)))

See google.golang.org/api/option.ClientOption for details on options.

Index

Constants

View Source
const (
	// See, edit, configure, and delete your Google Cloud data and see the email
	// address for your Google Account.
	CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform"
)

OAuth2 scopes used by this API.

Variables

This section is empty.

Functions

This section is empty.

Types

type Authentication

type Authentication struct {
	// CustomAccount: Authentication using a custom account.
	CustomAccount *CustomAccount `json:"customAccount,omitempty"`
	// GoogleAccount: Authentication using a Google account.
	GoogleAccount *GoogleAccount `json:"googleAccount,omitempty"`
	// IapCredential: Authentication using Identity-Aware-Proxy (IAP).
	IapCredential *IapCredential `json:"iapCredential,omitempty"`
	// ForceSendFields is a list of field names (e.g. "CustomAccount") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "CustomAccount") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

Authentication: Scan authentication configuration.

func (Authentication) MarshalJSON

func (s Authentication) MarshalJSON() ([]byte, error)

type CrawledUrl

type CrawledUrl struct {
	// Body: The body of the request that was used to visit the URL.
	Body string `json:"body,omitempty"`
	// HttpMethod: The http method of the request that was used to visit the URL,
	// in uppercase.
	HttpMethod string `json:"httpMethod,omitempty"`
	// Url: The URL that was crawled.
	Url string `json:"url,omitempty"`
	// ForceSendFields is a list of field names (e.g. "Body") to unconditionally
	// include in API requests. By default, fields with empty or default values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Body") to include in API requests
	// with the JSON null value. By default, fields with empty values are omitted
	// from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

CrawledUrl: A CrawledUrl resource represents a URL that was crawled during a ScanRun. Web Security Scanner Service crawls the web applications, following all links within the scope of sites, to find the URLs to test against.

func (CrawledUrl) MarshalJSON

func (s CrawledUrl) MarshalJSON() ([]byte, error)

type CustomAccount

type CustomAccount struct {
	// LoginUrl: Required. The login form URL of the website.
	LoginUrl string `json:"loginUrl,omitempty"`
	// Password: Required. Input only. The password of the custom account. The
	// credential is stored encrypted and not returned in any response nor included
	// in audit logs.
	Password string `json:"password,omitempty"`
	// Username: Required. The user name of the custom account.
	Username string `json:"username,omitempty"`
	// ForceSendFields is a list of field names (e.g. "LoginUrl") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "LoginUrl") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

CustomAccount: Describes authentication configuration that uses a custom account.

func (CustomAccount) MarshalJSON

func (s CustomAccount) MarshalJSON() ([]byte, error)

type Empty

type Empty struct {
	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
}

Empty: A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }

type Finding

type Finding struct {
	// Body: The body of the request that triggered the vulnerability.
	Body string `json:"body,omitempty"`
	// Description: The description of the vulnerability.
	Description string `json:"description,omitempty"`
	// FinalUrl: The URL where the browser lands when the vulnerability is
	// detected.
	FinalUrl string `json:"finalUrl,omitempty"`
	// FindingType: The type of the Finding. Detailed and up-to-date information on
	// findings can be found here:
	// https://cloud.google.com/security-command-center/docs/how-to-remediate-web-security-scanner
	FindingType string `json:"findingType,omitempty"`
	// Form: An addon containing information reported for a vulnerability with an
	// HTML form, if any.
	Form *Form `json:"form,omitempty"`
	// FrameUrl: If the vulnerability was originated from nested IFrame, the
	// immediate parent IFrame is reported.
	FrameUrl string `json:"frameUrl,omitempty"`
	// FuzzedUrl: The URL produced by the server-side fuzzer and used in the
	// request that triggered the vulnerability.
	FuzzedUrl string `json:"fuzzedUrl,omitempty"`
	// HttpMethod: The http method of the request that triggered the vulnerability,
	// in uppercase.
	HttpMethod string `json:"httpMethod,omitempty"`
	// Name: The resource name of the Finding. The name follows the format of
	// 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/finding
	// s/{findingId}'. The finding IDs are generated by the system.
	Name string `json:"name,omitempty"`
	// OutdatedLibrary: An addon containing information about outdated libraries.
	OutdatedLibrary *OutdatedLibrary `json:"outdatedLibrary,omitempty"`
	// ReproductionUrl: The URL containing human-readable payload that user can
	// leverage to reproduce the vulnerability.
	ReproductionUrl string `json:"reproductionUrl,omitempty"`
	// Severity: The severity level of the reported vulnerability.
	//
	// Possible values:
	//   "SEVERITY_UNSPECIFIED" - No severity specified. The default value.
	//   "CRITICAL" - Critical severity.
	//   "HIGH" - High severity.
	//   "MEDIUM" - Medium severity.
	//   "LOW" - Low severity.
	Severity string `json:"severity,omitempty"`
	// TrackingId: The tracking ID uniquely identifies a vulnerability instance
	// across multiple ScanRuns.
	TrackingId string `json:"trackingId,omitempty"`
	// ViolatingResource: An addon containing detailed information regarding any
	// resource causing the vulnerability such as JavaScript sources, image, audio
	// files, etc.
	ViolatingResource *ViolatingResource `json:"violatingResource,omitempty"`
	// VulnerableHeaders: An addon containing information about vulnerable or
	// missing HTTP headers.
	VulnerableHeaders *VulnerableHeaders `json:"vulnerableHeaders,omitempty"`
	// VulnerableParameters: An addon containing information about request
	// parameters which were found to be vulnerable.
	VulnerableParameters *VulnerableParameters `json:"vulnerableParameters,omitempty"`
	// Xss: An addon containing information reported for an XSS, if any.
	Xss *Xss `json:"xss,omitempty"`
	// Xxe: An addon containing information reported for an XXE, if any.
	Xxe *Xxe `json:"xxe,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
	// ForceSendFields is a list of field names (e.g. "Body") to unconditionally
	// include in API requests. By default, fields with empty or default values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Body") to include in API requests
	// with the JSON null value. By default, fields with empty values are omitted
	// from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

Finding: A Finding resource represents a vulnerability instance identified during a ScanRun.

func (Finding) MarshalJSON

func (s Finding) MarshalJSON() ([]byte, error)

type FindingTypeStats

type FindingTypeStats struct {
	// FindingCount: The count of findings belonging to this finding type.
	FindingCount int64 `json:"findingCount,omitempty"`
	// FindingType: The finding type associated with the stats.
	FindingType string `json:"findingType,omitempty"`
	// ForceSendFields is a list of field names (e.g. "FindingCount") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "FindingCount") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

FindingTypeStats: A FindingTypeStats resource represents stats regarding a specific FindingType of Findings under a given ScanRun.

func (FindingTypeStats) MarshalJSON

func (s FindingTypeStats) MarshalJSON() ([]byte, error)

type Form

type Form struct {
	// ActionUri: ! The URI where to send the form when it's submitted.
	ActionUri string `json:"actionUri,omitempty"`
	// Fields: ! The names of form fields related to the vulnerability.
	Fields []string `json:"fields,omitempty"`
	// ForceSendFields is a list of field names (e.g. "ActionUri") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "ActionUri") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

Form: ! Information about a vulnerability with an HTML.

func (Form) MarshalJSON

func (s Form) MarshalJSON() ([]byte, error)

type GoogleAccount

type GoogleAccount struct {
	// Password: Required. Input only. The password of the Google account. The
	// credential is stored encrypted and not returned in any response nor included
	// in audit logs.
	Password string `json:"password,omitempty"`
	// Username: Required. The user name of the Google account.
	Username string `json:"username,omitempty"`
	// ForceSendFields is a list of field names (e.g. "Password") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Password") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

GoogleAccount: Describes authentication configuration that uses a Google account.

func (GoogleAccount) MarshalJSON

func (s GoogleAccount) MarshalJSON() ([]byte, error)
type Header struct {
	// Name: Header name.
	Name string `json:"name,omitempty"`
	// Value: Header value.
	Value string `json:"value,omitempty"`
	// ForceSendFields is a list of field names (e.g. "Name") to unconditionally
	// include in API requests. By default, fields with empty or default values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Name") to include in API requests
	// with the JSON null value. By default, fields with empty values are omitted
	// from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

Header: Describes a HTTP Header.

func (Header) MarshalJSON

func (s Header) MarshalJSON() ([]byte, error)

type IapCredential added in v0.16.0

type IapCredential struct {
	// IapTestServiceAccountInfo: Authentication configuration when
	// Web-Security-Scanner service account is added in Identity-Aware-Proxy (IAP)
	// access policies.
	IapTestServiceAccountInfo *IapTestServiceAccountInfo `json:"iapTestServiceAccountInfo,omitempty"`
	// ForceSendFields is a list of field names (e.g. "IapTestServiceAccountInfo")
	// to unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "IapTestServiceAccountInfo") to
	// include in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

IapCredential: Describes authentication configuration for Identity-Aware-Proxy (IAP).

func (IapCredential) MarshalJSON added in v0.16.0

func (s IapCredential) MarshalJSON() ([]byte, error)

type IapTestServiceAccountInfo added in v0.16.0

type IapTestServiceAccountInfo struct {
	// TargetAudienceClientId: Required. Describes OAuth2 Client ID of resources
	// protected by Identity-Aware-Proxy(IAP).
	TargetAudienceClientId string `json:"targetAudienceClientId,omitempty"`
	// ForceSendFields is a list of field names (e.g. "TargetAudienceClientId") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "TargetAudienceClientId") to
	// include in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

IapTestServiceAccountInfo: Describes authentication configuration when Web-Security-Scanner service account is added in Identity-Aware-Proxy (IAP) access policies.

func (IapTestServiceAccountInfo) MarshalJSON added in v0.16.0

func (s IapTestServiceAccountInfo) MarshalJSON() ([]byte, error)

type ListCrawledUrlsResponse

type ListCrawledUrlsResponse struct {
	// CrawledUrls: The list of CrawledUrls returned.
	CrawledUrls []*CrawledUrl `json:"crawledUrls,omitempty"`
	// NextPageToken: Token to retrieve the next page of results, or empty if there
	// are no more results in the list.
	NextPageToken string `json:"nextPageToken,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
	// ForceSendFields is a list of field names (e.g. "CrawledUrls") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "CrawledUrls") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ListCrawledUrlsResponse: Response for the `ListCrawledUrls` method.

func (ListCrawledUrlsResponse) MarshalJSON

func (s ListCrawledUrlsResponse) MarshalJSON() ([]byte, error)

type ListFindingTypeStatsResponse

type ListFindingTypeStatsResponse struct {
	// FindingTypeStats: The list of FindingTypeStats returned.
	FindingTypeStats []*FindingTypeStats `json:"findingTypeStats,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
	// ForceSendFields is a list of field names (e.g. "FindingTypeStats") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "FindingTypeStats") to include in
	// API requests with the JSON null value. By default, fields with empty values
	// are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ListFindingTypeStatsResponse: Response for the `ListFindingTypeStats` method.

func (ListFindingTypeStatsResponse) MarshalJSON

func (s ListFindingTypeStatsResponse) MarshalJSON() ([]byte, error)

type ListFindingsResponse

type ListFindingsResponse struct {
	// Findings: The list of Findings returned.
	Findings []*Finding `json:"findings,omitempty"`
	// NextPageToken: Token to retrieve the next page of results, or empty if there
	// are no more results in the list.
	NextPageToken string `json:"nextPageToken,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
	// ForceSendFields is a list of field names (e.g. "Findings") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Findings") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ListFindingsResponse: Response for the `ListFindings` method.

func (ListFindingsResponse) MarshalJSON

func (s ListFindingsResponse) MarshalJSON() ([]byte, error)

type ListScanConfigsResponse

type ListScanConfigsResponse struct {
	// NextPageToken: Token to retrieve the next page of results, or empty if there
	// are no more results in the list.
	NextPageToken string `json:"nextPageToken,omitempty"`
	// ScanConfigs: The list of ScanConfigs returned.
	ScanConfigs []*ScanConfig `json:"scanConfigs,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "NextPageToken") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ListScanConfigsResponse: Response for the `ListScanConfigs` method.

func (ListScanConfigsResponse) MarshalJSON

func (s ListScanConfigsResponse) MarshalJSON() ([]byte, error)

type ListScanRunsResponse

type ListScanRunsResponse struct {
	// NextPageToken: Token to retrieve the next page of results, or empty if there
	// are no more results in the list.
	NextPageToken string `json:"nextPageToken,omitempty"`
	// ScanRuns: The list of ScanRuns returned.
	ScanRuns []*ScanRun `json:"scanRuns,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "NextPageToken") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ListScanRunsResponse: Response for the `ListScanRuns` method.

func (ListScanRunsResponse) MarshalJSON

func (s ListScanRunsResponse) MarshalJSON() ([]byte, error)

type OutdatedLibrary

type OutdatedLibrary struct {
	// LearnMoreUrls: URLs to learn more information about the vulnerabilities in
	// the library.
	LearnMoreUrls []string `json:"learnMoreUrls,omitempty"`
	// LibraryName: The name of the outdated library.
	LibraryName string `json:"libraryName,omitempty"`
	// Version: The version number.
	Version string `json:"version,omitempty"`
	// ForceSendFields is a list of field names (e.g. "LearnMoreUrls") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "LearnMoreUrls") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

OutdatedLibrary: Information reported for an outdated library.

func (OutdatedLibrary) MarshalJSON

func (s OutdatedLibrary) MarshalJSON() ([]byte, error)

type ProjectsScanConfigsCreateCall

type ProjectsScanConfigsCreateCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsCreateCall) Context

Context sets the context to be used in this call's Do method.

func (*ProjectsScanConfigsCreateCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.create" call. Any non-2xx status code is an error. Response headers are in either *ScanConfig.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsCreateCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ProjectsScanConfigsCreateCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

type ProjectsScanConfigsDeleteCall

type ProjectsScanConfigsDeleteCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsDeleteCall) Context

Context sets the context to be used in this call's Do method.

func (*ProjectsScanConfigsDeleteCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.delete" call. Any non-2xx status code is an error. Response headers are in either *Empty.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsDeleteCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ProjectsScanConfigsDeleteCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

type ProjectsScanConfigsGetCall

type ProjectsScanConfigsGetCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsGetCall) Context

Context sets the context to be used in this call's Do method.

func (*ProjectsScanConfigsGetCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.get" call. Any non-2xx status code is an error. Response headers are in either *ScanConfig.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsGetCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ProjectsScanConfigsGetCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

func (*ProjectsScanConfigsGetCall) IfNoneMatch

IfNoneMatch sets an optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request.

type ProjectsScanConfigsListCall

type ProjectsScanConfigsListCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsListCall) Context

Context sets the context to be used in this call's Do method.

func (*ProjectsScanConfigsListCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.list" call. Any non-2xx status code is an error. Response headers are in either *ListScanConfigsResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ProjectsScanConfigsListCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

func (*ProjectsScanConfigsListCall) IfNoneMatch

IfNoneMatch sets an optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request.

func (*ProjectsScanConfigsListCall) PageSize

PageSize sets the optional parameter "pageSize": The maximum number of ScanConfigs to return, can be limited by server. If not specified or not positive, the implementation will select a reasonable value.

func (*ProjectsScanConfigsListCall) PageToken

PageToken sets the optional parameter "pageToken": A token identifying a page of results to be returned. This should be a `next_page_token` value returned from a previous List request. If unspecified, the first page of results is returned.

func (*ProjectsScanConfigsListCall) Pages

Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration. The provided context supersedes any context provided to the Context method.

type ProjectsScanConfigsPatchCall

type ProjectsScanConfigsPatchCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsPatchCall) Context

Context sets the context to be used in this call's Do method.

func (*ProjectsScanConfigsPatchCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.patch" call. Any non-2xx status code is an error. Response headers are in either *ScanConfig.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsPatchCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ProjectsScanConfigsPatchCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

func (*ProjectsScanConfigsPatchCall) UpdateMask

UpdateMask sets the optional parameter "updateMask": Required. The update mask applies to the resource. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask

type ProjectsScanConfigsScanRunsCrawledUrlsListCall

type ProjectsScanConfigsScanRunsCrawledUrlsListCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) Context

Context sets the context to be used in this call's Do method.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.crawledUrls.list" call. Any non-2xx status code is an error. Response headers are in either *ListCrawledUrlsResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) IfNoneMatch

IfNoneMatch sets an optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) PageSize

PageSize sets the optional parameter "pageSize": The maximum number of CrawledUrls to return, can be limited by server. If not specified or not positive, the implementation will select a reasonable value.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) PageToken

PageToken sets the optional parameter "pageToken": A token identifying a page of results to be returned. This should be a `next_page_token` value returned from a previous List request. If unspecified, the first page of results is returned.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) Pages

Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration. The provided context supersedes any context provided to the Context method.

type ProjectsScanConfigsScanRunsCrawledUrlsService

type ProjectsScanConfigsScanRunsCrawledUrlsService struct {
	// contains filtered or unexported fields
}

func NewProjectsScanConfigsScanRunsCrawledUrlsService

func NewProjectsScanConfigsScanRunsCrawledUrlsService(s *Service) *ProjectsScanConfigsScanRunsCrawledUrlsService

func (*ProjectsScanConfigsScanRunsCrawledUrlsService) List

List: List CrawledUrls under a given ScanRun.

  • parent: The parent resource name, which should be a scan run resource name in the format 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'.

type ProjectsScanConfigsScanRunsFindingTypeStatsListCall

type ProjectsScanConfigsScanRunsFindingTypeStatsListCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsFindingTypeStatsListCall) Context

Context sets the context to be used in this call's Do method.

func (*ProjectsScanConfigsScanRunsFindingTypeStatsListCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.findingTypeStats.list" call. Any non-2xx status code is an error. Response headers are in either *ListFindingTypeStatsResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsFindingTypeStatsListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ProjectsScanConfigsScanRunsFindingTypeStatsListCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

func (*ProjectsScanConfigsScanRunsFindingTypeStatsListCall) IfNoneMatch

IfNoneMatch sets an optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request.

type ProjectsScanConfigsScanRunsFindingTypeStatsService

type ProjectsScanConfigsScanRunsFindingTypeStatsService struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsFindingTypeStatsService) List

List: List all FindingTypeStats under a given ScanRun.

  • parent: The parent resource name, which should be a scan run resource name in the format 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'.

type ProjectsScanConfigsScanRunsFindingsGetCall

type ProjectsScanConfigsScanRunsFindingsGetCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsFindingsGetCall) Context

Context sets the context to be used in this call's Do method.

func (*ProjectsScanConfigsScanRunsFindingsGetCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.findings.get" call. Any non-2xx status code is an error. Response headers are in either *Finding.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsFindingsGetCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ProjectsScanConfigsScanRunsFindingsGetCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

func (*ProjectsScanConfigsScanRunsFindingsGetCall) IfNoneMatch

IfNoneMatch sets an optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request.

type ProjectsScanConfigsScanRunsFindingsListCall

type ProjectsScanConfigsScanRunsFindingsListCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsFindingsListCall) Context

Context sets the context to be used in this call's Do method.

func (*ProjectsScanConfigsScanRunsFindingsListCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.findings.list" call. Any non-2xx status code is an error. Response headers are in either *ListFindingsResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsFindingsListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ProjectsScanConfigsScanRunsFindingsListCall) Filter

Filter sets the optional parameter "filter": Required. The filter expression. The expression must be in the format: . Supported field: 'finding_type'. Supported operator: '='.

func (*ProjectsScanConfigsScanRunsFindingsListCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

func (*ProjectsScanConfigsScanRunsFindingsListCall) IfNoneMatch

IfNoneMatch sets an optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request.

func (*ProjectsScanConfigsScanRunsFindingsListCall) PageSize

PageSize sets the optional parameter "pageSize": The maximum number of Findings to return, can be limited by server. If not specified or not positive, the implementation will select a reasonable value.

func (*ProjectsScanConfigsScanRunsFindingsListCall) PageToken

PageToken sets the optional parameter "pageToken": A token identifying a page of results to be returned. This should be a `next_page_token` value returned from a previous List request. If unspecified, the first page of results is returned.

func (*ProjectsScanConfigsScanRunsFindingsListCall) Pages

Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration. The provided context supersedes any context provided to the Context method.

type ProjectsScanConfigsScanRunsFindingsService

type ProjectsScanConfigsScanRunsFindingsService struct {
	// contains filtered or unexported fields
}

func NewProjectsScanConfigsScanRunsFindingsService

func NewProjectsScanConfigsScanRunsFindingsService(s *Service) *ProjectsScanConfigsScanRunsFindingsService

func (*ProjectsScanConfigsScanRunsFindingsService) Get

Get: Gets a Finding.

  • name: The resource name of the Finding to be returned. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}/findi ngs/{findingId}'.

func (*ProjectsScanConfigsScanRunsFindingsService) List

List: List Findings under a given ScanRun.

  • parent: The parent resource name, which should be a scan run resource name in the format 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'.

type ProjectsScanConfigsScanRunsGetCall

type ProjectsScanConfigsScanRunsGetCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsGetCall) Context

Context sets the context to be used in this call's Do method.

func (*ProjectsScanConfigsScanRunsGetCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.get" call. Any non-2xx status code is an error. Response headers are in either *ScanRun.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsGetCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ProjectsScanConfigsScanRunsGetCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

func (*ProjectsScanConfigsScanRunsGetCall) IfNoneMatch

IfNoneMatch sets an optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request.

type ProjectsScanConfigsScanRunsListCall

type ProjectsScanConfigsScanRunsListCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsListCall) Context

Context sets the context to be used in this call's Do method.

func (*ProjectsScanConfigsScanRunsListCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.list" call. Any non-2xx status code is an error. Response headers are in either *ListScanRunsResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ProjectsScanConfigsScanRunsListCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

func (*ProjectsScanConfigsScanRunsListCall) IfNoneMatch

IfNoneMatch sets an optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request.

func (*ProjectsScanConfigsScanRunsListCall) PageSize

PageSize sets the optional parameter "pageSize": The maximum number of ScanRuns to return, can be limited by server. If not specified or not positive, the implementation will select a reasonable value.

func (*ProjectsScanConfigsScanRunsListCall) PageToken

PageToken sets the optional parameter "pageToken": A token identifying a page of results to be returned. This should be a `next_page_token` value returned from a previous List request. If unspecified, the first page of results is returned.

func (*ProjectsScanConfigsScanRunsListCall) Pages

Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration. The provided context supersedes any context provided to the Context method.

type ProjectsScanConfigsScanRunsService

type ProjectsScanConfigsScanRunsService struct {
	CrawledUrls *ProjectsScanConfigsScanRunsCrawledUrlsService

	FindingTypeStats *ProjectsScanConfigsScanRunsFindingTypeStatsService

	Findings *ProjectsScanConfigsScanRunsFindingsService
	// contains filtered or unexported fields
}

func NewProjectsScanConfigsScanRunsService

func NewProjectsScanConfigsScanRunsService(s *Service) *ProjectsScanConfigsScanRunsService

func (*ProjectsScanConfigsScanRunsService) Get

Get: Gets a ScanRun.

  • name: The resource name of the ScanRun to be returned. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'.

func (*ProjectsScanConfigsScanRunsService) List

List: Lists ScanRuns under a given ScanConfig, in descending order of ScanRun stop time.

  • parent: The parent resource name, which should be a scan resource name in the format 'projects/{projectId}/scanConfigs/{scanConfigId}'.

func (*ProjectsScanConfigsScanRunsService) Stop

Stop: Stops a ScanRun. The stopped ScanRun is returned.

  • name: The resource name of the ScanRun to be stopped. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'.

type ProjectsScanConfigsScanRunsStopCall

type ProjectsScanConfigsScanRunsStopCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsStopCall) Context

Context sets the context to be used in this call's Do method.

func (*ProjectsScanConfigsScanRunsStopCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.stop" call. Any non-2xx status code is an error. Response headers are in either *ScanRun.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsStopCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ProjectsScanConfigsScanRunsStopCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

type ProjectsScanConfigsService

type ProjectsScanConfigsService struct {
	ScanRuns *ProjectsScanConfigsScanRunsService
	// contains filtered or unexported fields
}

func NewProjectsScanConfigsService

func NewProjectsScanConfigsService(s *Service) *ProjectsScanConfigsService

func (*ProjectsScanConfigsService) Create

Create: Creates a new ScanConfig.

  • parent: The parent resource name where the scan is created, which should be a project resource name in the format 'projects/{projectId}'.

func (*ProjectsScanConfigsService) Delete

Delete: Deletes an existing ScanConfig and its child resources.

  • name: The resource name of the ScanConfig to be deleted. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}'.

func (*ProjectsScanConfigsService) Get

Get: Gets a ScanConfig.

  • name: The resource name of the ScanConfig to be returned. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}'.

func (*ProjectsScanConfigsService) List

List: Lists ScanConfigs under a given project.

  • parent: The parent resource name, which should be a project resource name in the format 'projects/{projectId}'.

func (*ProjectsScanConfigsService) Patch

Patch: Updates a ScanConfig. This method support partial update of a ScanConfig.

  • name: The resource name of the ScanConfig. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}'. The ScanConfig IDs are generated by the system.

func (*ProjectsScanConfigsService) Start

Start: Start a ScanRun according to the given ScanConfig.

  • name: The resource name of the ScanConfig to be used. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}'.

type ProjectsScanConfigsStartCall

type ProjectsScanConfigsStartCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsStartCall) Context

Context sets the context to be used in this call's Do method.

func (*ProjectsScanConfigsStartCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.start" call. Any non-2xx status code is an error. Response headers are in either *ScanRun.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsStartCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more details.

func (*ProjectsScanConfigsStartCall) Header

Header returns a http.Header that can be modified by the caller to add headers to the request.

type ProjectsService

type ProjectsService struct {
	ScanConfigs *ProjectsScanConfigsService
	// contains filtered or unexported fields
}

func NewProjectsService

func NewProjectsService(s *Service) *ProjectsService

type ScanConfig

type ScanConfig struct {
	// Authentication: The authentication configuration. If specified, service will
	// use the authentication configuration during scanning.
	Authentication *Authentication `json:"authentication,omitempty"`
	// BlacklistPatterns: The excluded URL patterns as described in
	// https://cloud.google.com/security-command-center/docs/how-to-use-web-security-scanner#excluding_urls
	BlacklistPatterns []string `json:"blacklistPatterns,omitempty"`
	// DisplayName: Required. The user provided display name of the ScanConfig.
	DisplayName string `json:"displayName,omitempty"`
	// ExportToSecurityCommandCenter: Controls export of scan configurations and
	// results to Security Command Center.
	//
	// Possible values:
	//   "EXPORT_TO_SECURITY_COMMAND_CENTER_UNSPECIFIED" - Use default, which is
	// ENABLED.
	//   "ENABLED" - Export results of this scan to Security Command Center.
	//   "DISABLED" - Do not export results of this scan to Security Command
	// Center.
	ExportToSecurityCommandCenter string `json:"exportToSecurityCommandCenter,omitempty"`
	// IgnoreHttpStatusErrors: Whether to keep scanning even if most requests
	// return HTTP error codes.
	IgnoreHttpStatusErrors bool `json:"ignoreHttpStatusErrors,omitempty"`
	// LatestRun: Latest ScanRun if available.
	LatestRun *ScanRun `json:"latestRun,omitempty"`
	// ManagedScan: Whether the scan config is managed by Web Security Scanner,
	// output only.
	ManagedScan bool `json:"managedScan,omitempty"`
	// MaxQps: The maximum QPS during scanning. A valid value ranges from 5 to 20
	// inclusively. If the field is unspecified or its value is set 0, server will
	// default to 15. Other values outside of [5, 20] range will be rejected with
	// INVALID_ARGUMENT error.
	MaxQps int64 `json:"maxQps,omitempty"`
	// Name: The resource name of the ScanConfig. The name follows the format of
	// 'projects/{projectId}/scanConfigs/{scanConfigId}'. The ScanConfig IDs are
	// generated by the system.
	Name string `json:"name,omitempty"`
	// RiskLevel: The risk level selected for the scan
	//
	// Possible values:
	//   "RISK_LEVEL_UNSPECIFIED" - Use default, which is NORMAL.
	//   "NORMAL" - Normal scanning (Recommended)
	//   "LOW" - Lower impact scanning
	RiskLevel string `json:"riskLevel,omitempty"`
	// Schedule: The schedule of the ScanConfig.
	Schedule *Schedule `json:"schedule,omitempty"`
	// StartingUrls: Required. The starting URLs from which the scanner finds site
	// pages.
	StartingUrls []string `json:"startingUrls,omitempty"`
	// StaticIpScan: Whether the scan configuration has enabled static IP address
	// scan feature. If enabled, the scanner will access applications from static
	// IP addresses.
	StaticIpScan bool `json:"staticIpScan,omitempty"`
	// TargetPlatforms: Set of Google Cloud platforms targeted by the scan. If
	// empty, APP_ENGINE will be used as a default.
	//
	// Possible values:
	//   "TARGET_PLATFORM_UNSPECIFIED" - The target platform is unknown. Requests
	// with this enum value will be rejected with INVALID_ARGUMENT error.
	//   "APP_ENGINE" - Google App Engine service.
	//   "COMPUTE" - Google Compute Engine service.
	//   "CLOUD_RUN" - Google Cloud Run service.
	//   "CLOUD_FUNCTIONS" - Google Cloud Function service.
	TargetPlatforms []string `json:"targetPlatforms,omitempty"`
	// UserAgent: The user agent used during scanning.
	//
	// Possible values:
	//   "USER_AGENT_UNSPECIFIED" - The user agent is unknown. Service will default
	// to CHROME_LINUX.
	//   "CHROME_LINUX" - Chrome on Linux. This is the service default if
	// unspecified.
	//   "CHROME_ANDROID" - Chrome on Android.
	//   "SAFARI_IPHONE" - Safari on IPhone.
	UserAgent string `json:"userAgent,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
	// ForceSendFields is a list of field names (e.g. "Authentication") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Authentication") to include in
	// API requests with the JSON null value. By default, fields with empty values
	// are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ScanConfig: A ScanConfig resource contains the configurations to launch a scan.

func (ScanConfig) MarshalJSON

func (s ScanConfig) MarshalJSON() ([]byte, error)

type ScanConfigError

type ScanConfigError struct {
	// Code: Indicates the reason code for a configuration failure.
	//
	// Possible values:
	//   "CODE_UNSPECIFIED" - There is no error.
	//   "OK" - There is no error.
	//   "INTERNAL_ERROR" - Indicates an internal server error. Please DO NOT USE
	// THIS ERROR CODE unless the root cause is truly unknown.
	//   "APPENGINE_API_BACKEND_ERROR" - One of the seed URLs is an App Engine URL
	// but we cannot validate the scan settings due to an App Engine API backend
	// error.
	//   "APPENGINE_API_NOT_ACCESSIBLE" - One of the seed URLs is an App Engine URL
	// but we cannot access the App Engine API to validate scan settings.
	//   "APPENGINE_DEFAULT_HOST_MISSING" - One of the seed URLs is an App Engine
	// URL but the Default Host of the App Engine is not set.
	//   "CANNOT_USE_GOOGLE_COM_ACCOUNT" - Google corporate accounts can not be
	// used for scanning.
	//   "CANNOT_USE_OWNER_ACCOUNT" - The account of the scan creator can not be
	// used for scanning.
	//   "COMPUTE_API_BACKEND_ERROR" - This scan targets Compute Engine, but we
	// cannot validate scan settings due to a Compute Engine API backend error.
	//   "COMPUTE_API_NOT_ACCESSIBLE" - This scan targets Compute Engine, but we
	// cannot access the Compute Engine API to validate the scan settings.
	//   "CUSTOM_LOGIN_URL_DOES_NOT_BELONG_TO_CURRENT_PROJECT" - The Custom Login
	// URL does not belong to the current project.
	//   "CUSTOM_LOGIN_URL_MALFORMED" - The Custom Login URL is malformed (can not
	// be parsed).
	//   "CUSTOM_LOGIN_URL_MAPPED_TO_NON_ROUTABLE_ADDRESS" - The Custom Login URL
	// is mapped to a non-routable IP address in DNS.
	//   "CUSTOM_LOGIN_URL_MAPPED_TO_UNRESERVED_ADDRESS" - The Custom Login URL is
	// mapped to an IP address which is not reserved for the current project.
	//   "CUSTOM_LOGIN_URL_HAS_NON_ROUTABLE_IP_ADDRESS" - The Custom Login URL has
	// a non-routable IP address.
	//   "CUSTOM_LOGIN_URL_HAS_UNRESERVED_IP_ADDRESS" - The Custom Login URL has an
	// IP address which is not reserved for the current project.
	//   "DUPLICATE_SCAN_NAME" - Another scan with the same name (case-sensitive)
	// already exists.
	//   "INVALID_FIELD_VALUE" - A field is set to an invalid value.
	//   "FAILED_TO_AUTHENTICATE_TO_TARGET" - There was an error trying to
	// authenticate to the scan target.
	//   "FINDING_TYPE_UNSPECIFIED" - Finding type value is not specified in the
	// list findings request.
	//   "FORBIDDEN_TO_SCAN_COMPUTE" - Scan targets Compute Engine, yet current
	// project was not whitelisted for Google Compute Engine Scanning Alpha access.
	//   "FORBIDDEN_UPDATE_TO_MANAGED_SCAN" - User tries to update managed scan
	//   "MALFORMED_FILTER" - The supplied filter is malformed. For example, it can
	// not be parsed, does not have a filter type in expression, or the same filter
	// type appears more than once.
	//   "MALFORMED_RESOURCE_NAME" - The supplied resource name is malformed (can
	// not be parsed).
	//   "PROJECT_INACTIVE" - The current project is not in an active state.
	//   "REQUIRED_FIELD" - A required field is not set.
	//   "RESOURCE_NAME_INCONSISTENT" - Project id, scanconfig id, scanrun id, or
	// finding id are not consistent with each other in resource name.
	//   "SCAN_ALREADY_RUNNING" - The scan being requested to start is already
	// running.
	//   "SCAN_NOT_RUNNING" - The scan that was requested to be stopped is not
	// running.
	//   "SEED_URL_DOES_NOT_BELONG_TO_CURRENT_PROJECT" - One of the seed URLs does
	// not belong to the current project.
	//   "SEED_URL_MALFORMED" - One of the seed URLs is malformed (can not be
	// parsed).
	//   "SEED_URL_MAPPED_TO_NON_ROUTABLE_ADDRESS" - One of the seed URLs is mapped
	// to a non-routable IP address in DNS.
	//   "SEED_URL_MAPPED_TO_UNRESERVED_ADDRESS" - One of the seed URLs is mapped
	// to an IP address which is not reserved for the current project.
	//   "SEED_URL_HAS_NON_ROUTABLE_IP_ADDRESS" - One of the seed URLs has
	// on-routable IP address.
	//   "SEED_URL_HAS_UNRESERVED_IP_ADDRESS" - One of the seed URLs has an IP
	// address that is not reserved for the current project.
	//   "SERVICE_ACCOUNT_NOT_CONFIGURED" - The Web Security Scanner service
	// account is not configured under the project.
	//   "TOO_MANY_SCANS" - A project has reached the maximum number of scans.
	//   "UNABLE_TO_RESOLVE_PROJECT_INFO" - Resolving the details of the current
	// project fails.
	//   "UNSUPPORTED_BLACKLIST_PATTERN_FORMAT" - One or more blacklist patterns
	// were in the wrong format.
	//   "UNSUPPORTED_FILTER" - The supplied filter is not supported.
	//   "UNSUPPORTED_FINDING_TYPE" - The supplied finding type is not supported.
	// For example, we do not provide findings of the given finding type.
	//   "UNSUPPORTED_URL_SCHEME" - The URL scheme of one or more of the supplied
	// URLs is not supported.
	//   "CLOUD_ASSET_INVENTORY_ASSET_NOT_FOUND" - CAI is not able to list assets.
	Code string `json:"code,omitempty"`
	// FieldName: Indicates the full name of the ScanConfig field that triggers
	// this error, for example "scan_config.max_qps". This field is provided for
	// troubleshooting purposes only and its actual value can change in the future.
	FieldName string `json:"fieldName,omitempty"`
	// ForceSendFields is a list of field names (e.g. "Code") to unconditionally
	// include in API requests. By default, fields with empty or default values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Code") to include in API requests
	// with the JSON null value. By default, fields with empty values are omitted
	// from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ScanConfigError: Defines a custom error message used by CreateScanConfig and UpdateScanConfig APIs when scan configuration validation fails. It is also reported as part of a ScanRunErrorTrace message if scan validation fails due to a scan configuration error.

func (ScanConfigError) MarshalJSON

func (s ScanConfigError) MarshalJSON() ([]byte, error)

type ScanRun

type ScanRun struct {
	// EndTime: The time at which the ScanRun reached termination state - that the
	// ScanRun is either finished or stopped by user.
	EndTime string `json:"endTime,omitempty"`
	// ErrorTrace: If result_state is an ERROR, this field provides the primary
	// reason for scan's termination and more details, if such are available.
	ErrorTrace *ScanRunErrorTrace `json:"errorTrace,omitempty"`
	// ExecutionState: The execution state of the ScanRun.
	//
	// Possible values:
	//   "EXECUTION_STATE_UNSPECIFIED" - Represents an invalid state caused by
	// internal server error. This value should never be returned.
	//   "QUEUED" - The scan is waiting in the queue.
	//   "SCANNING" - The scan is in progress.
	//   "FINISHED" - The scan is either finished or stopped by user.
	ExecutionState string `json:"executionState,omitempty"`
	// HasVulnerabilities: Whether the scan run has found any vulnerabilities.
	HasVulnerabilities bool `json:"hasVulnerabilities,omitempty"`
	// Name: The resource name of the ScanRun. The name follows the format of
	// 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'. The
	// ScanRun IDs are generated by the system.
	Name string `json:"name,omitempty"`
	// ProgressPercent: The percentage of total completion ranging from 0 to 100.
	// If the scan is in queue, the value is 0. If the scan is running, the value
	// ranges from 0 to 100. If the scan is finished, the value is 100.
	ProgressPercent int64 `json:"progressPercent,omitempty"`
	// ResultState: The result state of the ScanRun. This field is only available
	// after the execution state reaches "FINISHED".
	//
	// Possible values:
	//   "RESULT_STATE_UNSPECIFIED" - Default value. This value is returned when
	// the ScanRun is not yet finished.
	//   "SUCCESS" - The scan finished without errors.
	//   "ERROR" - The scan finished with errors.
	//   "KILLED" - The scan was terminated by user.
	ResultState string `json:"resultState,omitempty"`
	// StartTime: The time at which the ScanRun started.
	StartTime string `json:"startTime,omitempty"`
	// UrlsCrawledCount: The number of URLs crawled during this ScanRun. If the
	// scan is in progress, the value represents the number of URLs crawled up to
	// now.
	UrlsCrawledCount int64 `json:"urlsCrawledCount,omitempty,string"`
	// UrlsTestedCount: The number of URLs tested during this ScanRun. If the scan
	// is in progress, the value represents the number of URLs tested up to now.
	// The number of URLs tested is usually larger than the number URLS crawled
	// because typically a crawled URL is tested with multiple test payloads.
	UrlsTestedCount int64 `json:"urlsTestedCount,omitempty,string"`
	// WarningTraces: A list of warnings, if such are encountered during this scan
	// run.
	WarningTraces []*ScanRunWarningTrace `json:"warningTraces,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the server.
	googleapi.ServerResponse `json:"-"`
	// ForceSendFields is a list of field names (e.g. "EndTime") to unconditionally
	// include in API requests. By default, fields with empty or default values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "EndTime") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ScanRun: A ScanRun is a output-only resource representing an actual run of the scan. Next id: 12

func (ScanRun) MarshalJSON

func (s ScanRun) MarshalJSON() ([]byte, error)

type ScanRunErrorTrace

type ScanRunErrorTrace struct {
	// Code: Indicates the error reason code.
	//
	// Possible values:
	//   "CODE_UNSPECIFIED" - Default value is never used.
	//   "INTERNAL_ERROR" - Indicates that the scan run failed due to an internal
	// server error.
	//   "SCAN_CONFIG_ISSUE" - Indicates a scan configuration error, usually due to
	// outdated ScanConfig settings, such as starting_urls or the DNS
	// configuration.
	//   "AUTHENTICATION_CONFIG_ISSUE" - Indicates an authentication error, usually
	// due to outdated ScanConfig authentication settings.
	//   "TIMED_OUT_WHILE_SCANNING" - Indicates a scan operation timeout, usually
	// caused by a very large site.
	//   "TOO_MANY_REDIRECTS" - Indicates that a scan encountered excessive
	// redirects, either to authentication or some other page outside of the scan
	// scope.
	//   "TOO_MANY_HTTP_ERRORS" - Indicates that a scan encountered numerous errors
	// from the web site pages. When available, most_common_http_error_code field
	// indicates the most common HTTP error code encountered during the scan.
	//   "STARTING_URLS_CRAWL_HTTP_ERRORS" - Indicates that some of the starting
	// web urls returned HTTP errors during the scan.
	Code string `json:"code,omitempty"`
	// MostCommonHttpErrorCode: If the scan encounters TOO_MANY_HTTP_ERRORS, this
	// field indicates the most common HTTP error code, if such is available. For
	// example, if this code is 404, the scan has encountered too many NOT_FOUND
	// responses.
	MostCommonHttpErrorCode int64 `json:"mostCommonHttpErrorCode,omitempty"`
	// ScanConfigError: If the scan encounters SCAN_CONFIG_ISSUE error, this field
	// has the error message encountered during scan configuration validation that
	// is performed before each scan run.
	ScanConfigError *ScanConfigError `json:"scanConfigError,omitempty"`
	// ForceSendFields is a list of field names (e.g. "Code") to unconditionally
	// include in API requests. By default, fields with empty or default values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Code") to include in API requests
	// with the JSON null value. By default, fields with empty values are omitted
	// from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ScanRunErrorTrace: Output only. Defines an error trace message for a ScanRun.

func (ScanRunErrorTrace) MarshalJSON

func (s ScanRunErrorTrace) MarshalJSON() ([]byte, error)

type ScanRunWarningTrace

type ScanRunWarningTrace struct {
	// Code: Indicates the warning code.
	//
	// Possible values:
	//   "CODE_UNSPECIFIED" - Default value is never used.
	//   "INSUFFICIENT_CRAWL_RESULTS" - Indicates that a scan discovered an
	// unexpectedly low number of URLs. This is sometimes caused by complex
	// navigation features or by using a single URL for numerous pages.
	//   "TOO_MANY_CRAWL_RESULTS" - Indicates that a scan discovered too many URLs
	// to test, or excessive redundant URLs.
	//   "TOO_MANY_FUZZ_TASKS" - Indicates that too many tests have been generated
	// for the scan. Customer should try reducing the number of starting URLs,
	// increasing the QPS rate, or narrowing down the scope of the scan using the
	// excluded patterns.
	//   "BLOCKED_BY_IAP" - Indicates that a scan is blocked by IAP.
	//   "NO_STARTING_URL_FOUND_FOR_MANAGED_SCAN" - Indicates that no seed is found
	// for a scan
	Code string `json:"code,omitempty"`
	// ForceSendFields is a list of field names (e.g. "Code") to unconditionally
	// include in API requests. By default, fields with empty or default values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Code") to include in API requests
	// with the JSON null value. By default, fields with empty values are omitted
	// from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ScanRunWarningTrace: Output only. Defines a warning trace message for ScanRun. Warning traces provide customers with useful information that helps make the scanning process more effective.

func (ScanRunWarningTrace) MarshalJSON

func (s ScanRunWarningTrace) MarshalJSON() ([]byte, error)

type Schedule

type Schedule struct {
	// IntervalDurationDays: Required. The duration of time between executions in
	// days.
	IntervalDurationDays int64 `json:"intervalDurationDays,omitempty"`
	// ScheduleTime: A timestamp indicates when the next run will be scheduled. The
	// value is refreshed by the server after each run. If unspecified, it will
	// default to current server time, which means the scan will be scheduled to
	// start immediately.
	ScheduleTime string `json:"scheduleTime,omitempty"`
	// ForceSendFields is a list of field names (e.g. "IntervalDurationDays") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "IntervalDurationDays") to include
	// in API requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

Schedule: Scan schedule configuration.

func (Schedule) MarshalJSON

func (s Schedule) MarshalJSON() ([]byte, error)

type Service

type Service struct {
	BasePath  string // API endpoint base URL
	UserAgent string // optional additional User-Agent fragment

	Projects *ProjectsService
	// contains filtered or unexported fields
}

func New deprecated

func New(client *http.Client) (*Service, error)

New creates a new Service. It uses the provided http.Client for requests.

Deprecated: please use NewService instead. To provide a custom HTTP client, use option.WithHTTPClient. If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead.

func NewService

func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error)

NewService creates a new Service.

type StartScanRunRequest

type StartScanRunRequest struct {
}

StartScanRunRequest: Request for the `StartScanRun` method.

type StopScanRunRequest

type StopScanRunRequest struct {
}

StopScanRunRequest: Request for the `StopScanRun` method.

type ViolatingResource

type ViolatingResource struct {
	// ContentType: The MIME type of this resource.
	ContentType string `json:"contentType,omitempty"`
	// ResourceUrl: URL of this violating resource.
	ResourceUrl string `json:"resourceUrl,omitempty"`
	// ForceSendFields is a list of field names (e.g. "ContentType") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "ContentType") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

ViolatingResource: Information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.

func (ViolatingResource) MarshalJSON

func (s ViolatingResource) MarshalJSON() ([]byte, error)

type VulnerableHeaders

type VulnerableHeaders struct {
	// Headers: List of vulnerable headers.
	Headers []*Header `json:"headers,omitempty"`
	// MissingHeaders: List of missing headers.
	MissingHeaders []*Header `json:"missingHeaders,omitempty"`
	// ForceSendFields is a list of field names (e.g. "Headers") to unconditionally
	// include in API requests. By default, fields with empty or default values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "Headers") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

VulnerableHeaders: Information about vulnerable or missing HTTP Headers.

func (VulnerableHeaders) MarshalJSON

func (s VulnerableHeaders) MarshalJSON() ([]byte, error)

type VulnerableParameters

type VulnerableParameters struct {
	// ParameterNames: The vulnerable parameter names.
	ParameterNames []string `json:"parameterNames,omitempty"`
	// ForceSendFields is a list of field names (e.g. "ParameterNames") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "ParameterNames") to include in
	// API requests with the JSON null value. By default, fields with empty values
	// are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

VulnerableParameters: Information about vulnerable request parameters.

func (VulnerableParameters) MarshalJSON

func (s VulnerableParameters) MarshalJSON() ([]byte, error)

type Xss

type Xss struct {
	// ErrorMessage: An error message generated by a javascript breakage.
	ErrorMessage string `json:"errorMessage,omitempty"`
	// StackTraces: Stack traces leading to the point where the XSS occurred.
	StackTraces []string `json:"stackTraces,omitempty"`
	// ForceSendFields is a list of field names (e.g. "ErrorMessage") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "ErrorMessage") to include in API
	// requests with the JSON null value. By default, fields with empty values are
	// omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

Xss: Information reported for an XSS.

func (Xss) MarshalJSON

func (s Xss) MarshalJSON() ([]byte, error)

type Xxe added in v0.63.0

type Xxe struct {
	// PayloadLocation: Location within the request where the payload was placed.
	//
	// Possible values:
	//   "LOCATION_UNSPECIFIED" - Unknown Location.
	//   "COMPLETE_REQUEST_BODY" - The XML payload replaced the complete request
	// body.
	PayloadLocation string `json:"payloadLocation,omitempty"`
	// PayloadValue: The XML string that triggered the XXE vulnerability.
	// Non-payload values might be redacted.
	PayloadValue string `json:"payloadValue,omitempty"`
	// ForceSendFields is a list of field names (e.g. "PayloadLocation") to
	// unconditionally include in API requests. By default, fields with empty or
	// default values are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-ForceSendFields for more
	// details.
	ForceSendFields []string `json:"-"`
	// NullFields is a list of field names (e.g. "PayloadLocation") to include in
	// API requests with the JSON null value. By default, fields with empty values
	// are omitted from API requests. See
	// https://pkg.go.dev/google.golang.org/api#hdr-NullFields for more details.
	NullFields []string `json:"-"`
}

Xxe: Information reported for an XXE.

func (Xxe) MarshalJSON added in v0.63.0

func (s Xxe) MarshalJSON() ([]byte, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL