Documentation
¶
Index ¶
- Variables
- type Finding
- func (*Finding) Descriptor() ([]byte, []int)deprecated
- func (m *Finding) GetDetails() isFinding_Details
- func (x *Finding) GetEventTime() *timestamppb.Timestamp
- func (x *Finding) GetFinding() string
- func (x *Finding) GetResourceName() string
- func (x *Finding) GetSeverity() Severity
- func (x *Finding) GetState() Finding_State
- func (x *Finding) GetType() FindingType
- func (x *Finding) GetVulnerability() *Vulnerability
- func (*Finding) ProtoMessage()
- func (x *Finding) ProtoReflect() protoreflect.Message
- func (x *Finding) Reset()
- func (x *Finding) String() string
- type FindingType
- func (FindingType) Descriptor() protoreflect.EnumDescriptor
- func (x FindingType) Enum() *FindingType
- func (FindingType) EnumDescriptor() ([]byte, []int)deprecated
- func (x FindingType) Number() protoreflect.EnumNumber
- func (x FindingType) String() string
- func (FindingType) Type() protoreflect.EnumType
- type Finding_State
- func (Finding_State) Descriptor() protoreflect.EnumDescriptor
- func (x Finding_State) Enum() *Finding_State
- func (Finding_State) EnumDescriptor() ([]byte, []int)deprecated
- func (x Finding_State) Number() protoreflect.EnumNumber
- func (x Finding_State) String() string
- func (Finding_State) Type() protoreflect.EnumType
- type Finding_Vulnerability
- type Severity
- type Vulnerability
- func (*Vulnerability) Descriptor() ([]byte, []int)deprecated
- func (x *Vulnerability) GetAffectedImages() []string
- func (x *Vulnerability) GetAffectedPackageVersion() string
- func (x *Vulnerability) GetCpeUri() string
- func (x *Vulnerability) GetCveId() string
- func (x *Vulnerability) GetCvssScore() float32
- func (x *Vulnerability) GetCvssVector() string
- func (x *Vulnerability) GetDescription() string
- func (x *Vulnerability) GetFixedCpeUri() string
- func (x *Vulnerability) GetFixedPackage() string
- func (x *Vulnerability) GetFixedPackageVersion() string
- func (x *Vulnerability) GetPackageName() string
- func (x *Vulnerability) GetPackageType() string
- func (x *Vulnerability) GetRelatedUrls() []string
- func (x *Vulnerability) GetSeverity() Severity
- func (*Vulnerability) ProtoMessage()
- func (x *Vulnerability) ProtoReflect() protoreflect.Message
- func (x *Vulnerability) Reset()
- func (x *Vulnerability) String() string
Constants ¶
This section is empty.
Variables ¶
View Source
var ( FindingType_name = map[int32]string{ 0: "FINDING_TYPE_UNSPECIFIED", 1: "FINDING_TYPE_MISCONFIG", 2: "FINDING_TYPE_VULNERABILITY", } FindingType_value = map[string]int32{ "FINDING_TYPE_UNSPECIFIED": 0, "FINDING_TYPE_MISCONFIG": 1, "FINDING_TYPE_VULNERABILITY": 2, } )
Enum value maps for FindingType.
View Source
var ( Severity_name = map[int32]string{ 0: "SEVERITY_UNSPECIFIED", 1: "SEVERITY_CRITICAL", 2: "SEVERITY_HIGH", 3: "SEVERITY_MEDIUM", 4: "SEVERITY_LOW", } Severity_value = map[string]int32{ "SEVERITY_UNSPECIFIED": 0, "SEVERITY_CRITICAL": 1, "SEVERITY_HIGH": 2, "SEVERITY_MEDIUM": 3, "SEVERITY_LOW": 4, } )
Enum value maps for Severity.
View Source
var ( Finding_State_name = map[int32]string{ 0: "STATE_UNSPECIFIED", 1: "ACTIVE", 2: "REMEDIATED", } Finding_State_value = map[string]int32{ "STATE_UNSPECIFIED": 0, "ACTIVE": 1, "REMEDIATED": 2, } )
Enum value maps for Finding_State.
View Source
var File_google_cloud_kubernetes_security_containersecurity_logging_logging_proto protoreflect.FileDescriptor
Functions ¶
This section is empty.
Types ¶
type Finding ¶
type Finding struct {
// Fully qualified resource name of the k8s resource, e.g.:
// {api}/{version}/namespaces/{namespace}/{kind}/{workload name}
ResourceName string `protobuf:"bytes,1,opt,name=resource_name,json=resourceName,proto3" json:"resource_name,omitempty"`
// The type of security finding this is.
Type FindingType `` /* 131-byte string literal not displayed */
// State determines whether the finding still exists or has been resolved.
State Finding_State `` /* 135-byte string literal not displayed */
// The human readable representation of the specific security finding.
// e.g. RUN_AS_NONROOT, CVE_ID_0 etc depending on the type.
Finding string `protobuf:"bytes,4,opt,name=finding,proto3" json:"finding,omitempty"`
// Severity determines the recommended actions for this finding.
Severity Severity `` /* 136-byte string literal not displayed */
// The time this finding was found/remediated.
EventTime *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=event_time,json=eventTime,proto3" json:"event_time,omitempty"`
// Specific details about the security finding if there are any.
//
// Types that are assignable to Details:
//
// *Finding_Vulnerability
Details isFinding_Details `protobuf_oneof:"details"`
// contains filtered or unexported fields
}
A security concern for an asset(i.e cluster, workload, etc). Each finding corresponds to a type of security concern. A finding is created during the scan of an asset by any one of the GKE Security Posture features that are enabled.
func (*Finding) Descriptor
deprecated
func (*Finding) GetDetails ¶
func (m *Finding) GetDetails() isFinding_Details
func (*Finding) GetEventTime ¶
func (x *Finding) GetEventTime() *timestamppb.Timestamp
func (*Finding) GetFinding ¶
func (*Finding) GetResourceName ¶
func (*Finding) GetSeverity ¶
func (*Finding) GetState ¶
func (x *Finding) GetState() Finding_State
func (*Finding) GetType ¶
func (x *Finding) GetType() FindingType
func (*Finding) GetVulnerability ¶
func (x *Finding) GetVulnerability() *Vulnerability
func (*Finding) ProtoMessage ¶
func (*Finding) ProtoMessage()
func (*Finding) ProtoReflect ¶
func (x *Finding) ProtoReflect() protoreflect.Message
type FindingType ¶
type FindingType int32
FindingType is an enumeration of all possible finding types in GKE Security Posture.
const ( // Default value, unspecified. FindingType_FINDING_TYPE_UNSPECIFIED FindingType = 0 // Workload misconfiguration policy audit. FindingType_FINDING_TYPE_MISCONFIG FindingType = 1 // Workload vulnerabilities scanning. FindingType_FINDING_TYPE_VULNERABILITY FindingType = 2 )
func (FindingType) Descriptor ¶
func (FindingType) Descriptor() protoreflect.EnumDescriptor
func (FindingType) Enum ¶
func (x FindingType) Enum() *FindingType
func (FindingType) EnumDescriptor
deprecated
func (FindingType) EnumDescriptor() ([]byte, []int)
Deprecated: Use FindingType.Descriptor instead.
func (FindingType) Number ¶
func (x FindingType) Number() protoreflect.EnumNumber
func (FindingType) String ¶
func (x FindingType) String() string
func (FindingType) Type ¶
func (FindingType) Type() protoreflect.EnumType
type Finding_State ¶
type Finding_State int32
The current state of the finding(e.g still active, has been fixed etc).
const ( // Default value, only used to determine that nothing was specified. Finding_STATE_UNSPECIFIED Finding_State = 0 // Active state means that the finding exists on the asset. Finding_ACTIVE Finding_State = 1 // Remediated means that the finding has been fixed on the asset. Finding_REMEDIATED Finding_State = 2 )
func (Finding_State) Descriptor ¶
func (Finding_State) Descriptor() protoreflect.EnumDescriptor
func (Finding_State) Enum ¶
func (x Finding_State) Enum() *Finding_State
func (Finding_State) EnumDescriptor
deprecated
func (Finding_State) EnumDescriptor() ([]byte, []int)
Deprecated: Use Finding_State.Descriptor instead.
func (Finding_State) Number ¶
func (x Finding_State) Number() protoreflect.EnumNumber
func (Finding_State) String ¶
func (x Finding_State) String() string
func (Finding_State) Type ¶
func (Finding_State) Type() protoreflect.EnumType
type Finding_Vulnerability ¶
type Finding_Vulnerability struct {
Vulnerability *Vulnerability `protobuf:"bytes,7,opt,name=vulnerability,proto3,oneof"`
}
type Severity ¶
type Severity int32
Severity is an enumeration of all the possible severities of a violation.
const ( // Default value, only used to determine that nothing was specified. Severity_SEVERITY_UNSPECIFIED Severity = 0 // SEVERITY_CRITICAL recommends taking action immediately. Severity_SEVERITY_CRITICAL Severity = 1 // SEVERITY_HIGH recommends taking action if possible. Severity_SEVERITY_HIGH Severity = 2 // SEVERITY_MEDIUM recommends investigation. Severity_SEVERITY_MEDIUM Severity = 3 // SEVERITY_LOW recommends being aware of the problem. Severity_SEVERITY_LOW Severity = 4 )
func (Severity) Descriptor ¶
func (Severity) Descriptor() protoreflect.EnumDescriptor
func (Severity) EnumDescriptor
deprecated
func (Severity) Number ¶
func (x Severity) Number() protoreflect.EnumNumber
func (Severity) Type ¶
func (Severity) Type() protoreflect.EnumType
type Vulnerability ¶
type Vulnerability struct {
// package name where vulnerability detected
PackageName string `protobuf:"bytes,1,opt,name=package_name,json=packageName,proto3" json:"package_name,omitempty"`
// affected package version
AffectedPackageVersion string `` /* 129-byte string literal not displayed */
// title of vulnerability assigned by CVE
CveId string `protobuf:"bytes,3,opt,name=cve_id,json=cveId,proto3" json:"cve_id,omitempty"`
// cpe_uri where vulnerability detected
CpeUri string `protobuf:"bytes,4,opt,name=cpe_uri,json=cpeUri,proto3" json:"cpe_uri,omitempty"`
// assigned severity for vulnerability
Severity Severity `` /* 136-byte string literal not displayed */
// overall CVSS score
CvssScore float32 `protobuf:"fixed32,6,opt,name=cvss_score,json=cvssScore,proto3" json:"cvss_score,omitempty"`
// detailed CVSS score, format `CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N`
CvssVector string `protobuf:"bytes,7,opt,name=cvss_vector,json=cvssVector,proto3" json:"cvss_vector,omitempty"`
// cpe_uri where vulnerability is fixed
FixedCpeUri string `protobuf:"bytes,8,opt,name=fixed_cpe_uri,json=fixedCpeUri,proto3" json:"fixed_cpe_uri,omitempty"`
// type of package (os, maven, go)
PackageType string `protobuf:"bytes,9,opt,name=package_type,json=packageType,proto3" json:"package_type,omitempty"`
// package name where vulnerability is fixed
FixedPackage string `protobuf:"bytes,10,opt,name=fixed_package,json=fixedPackage,proto3" json:"fixed_package,omitempty"`
// fixed package version
FixedPackageVersion string `protobuf:"bytes,11,opt,name=fixed_package_version,json=fixedPackageVersion,proto3" json:"fixed_package_version,omitempty"`
// detailed description
Description string `protobuf:"bytes,12,opt,name=description,proto3" json:"description,omitempty"`
// reference URL for source CVE database
RelatedUrls []string `protobuf:"bytes,13,rep,name=related_urls,json=relatedUrls,proto3" json:"related_urls,omitempty"`
// affected images
AffectedImages []string `protobuf:"bytes,14,rep,name=affected_images,json=affectedImages,proto3" json:"affected_images,omitempty"`
// contains filtered or unexported fields
}
Identifies a package vulnerability found within a workload.
func (*Vulnerability) Descriptor
deprecated
func (*Vulnerability) Descriptor() ([]byte, []int)
Deprecated: Use Vulnerability.ProtoReflect.Descriptor instead.
func (*Vulnerability) GetAffectedImages ¶
func (x *Vulnerability) GetAffectedImages() []string
func (*Vulnerability) GetAffectedPackageVersion ¶
func (x *Vulnerability) GetAffectedPackageVersion() string
func (*Vulnerability) GetCpeUri ¶
func (x *Vulnerability) GetCpeUri() string
func (*Vulnerability) GetCveId ¶
func (x *Vulnerability) GetCveId() string
func (*Vulnerability) GetCvssScore ¶
func (x *Vulnerability) GetCvssScore() float32
func (*Vulnerability) GetCvssVector ¶
func (x *Vulnerability) GetCvssVector() string
func (*Vulnerability) GetDescription ¶
func (x *Vulnerability) GetDescription() string
func (*Vulnerability) GetFixedCpeUri ¶
func (x *Vulnerability) GetFixedCpeUri() string
func (*Vulnerability) GetFixedPackage ¶
func (x *Vulnerability) GetFixedPackage() string
func (*Vulnerability) GetFixedPackageVersion ¶
func (x *Vulnerability) GetFixedPackageVersion() string
func (*Vulnerability) GetPackageName ¶
func (x *Vulnerability) GetPackageName() string
func (*Vulnerability) GetPackageType ¶
func (x *Vulnerability) GetPackageType() string
func (*Vulnerability) GetRelatedUrls ¶
func (x *Vulnerability) GetRelatedUrls() []string
func (*Vulnerability) GetSeverity ¶
func (x *Vulnerability) GetSeverity() Severity
func (*Vulnerability) ProtoMessage ¶
func (*Vulnerability) ProtoMessage()
func (*Vulnerability) ProtoReflect ¶
func (x *Vulnerability) ProtoReflect() protoreflect.Message
func (*Vulnerability) Reset ¶
func (x *Vulnerability) Reset()
func (*Vulnerability) String ¶
func (x *Vulnerability) String() string
Source Files
Click to show internal directories.
Click to hide internal directories.