Skip to content

Commit

Permalink
Fetch all roles
Browse files Browse the repository at this point in the history
bgeesaman committed Jul 31, 2024
1 parent 6a2a3f5 commit d52db3e
Showing 2 changed files with 2 additions and 12 deletions.
2 changes: 1 addition & 1 deletion gcp_roles_cai.json
Original file line number Diff line number Diff line change
@@ -271,7 +271,7 @@
{"description":"Grants readonly access to Chronicle API resources without global data access scope.","etag":"AA==","includedPermissions":["chronicle.ais.createFeedback","chronicle.ais.translateUdmQuery","chronicle.ais.translateYlRule","chronicle.dashboardCharts.get","chronicle.dashboardCharts.list","chronicle.dashboardQueries.execute","chronicle.dashboardQueries.get","chronicle.dashboardQueries.list","chronicle.dataAccessScopes.list","chronicle.entities.find","chronicle.entities.findRelatedEntities","chronicle.entities.get","chronicle.entities.list","chronicle.entities.searchEntities","chronicle.entities.summarize","chronicle.entities.summarizeFromQuery","chronicle.events.batchGet","chronicle.events.findUdmFieldValues","chronicle.events.get","chronicle.events.queryProductSourceStats","chronicle.events.searchRawLogs","chronicle.events.udmSearch","chronicle.events.validateQuery","chronicle.findingsGraphs.exploreNode","chronicle.findingsGraphs.initializeGraph","chronicle.instances.generateCollectionAgentAuth","chronicle.instances.generateSoarAuthJwt","chronicle.instances.get","chronicle.instances.report","chronicle.legacies.legacyBatchGetCases","chronicle.legacies.legacyCalculateAlertStats","chronicle.legacies.legacyFetchAlertsView","chronicle.legacies.legacyFetchUdmSearchCsv","chronicle.legacies.legacyFetchUdmSearchView","chronicle.legacies.legacyFindAssetEvents","chronicle.legacies.legacyFindRawLogs","chronicle.legacies.legacyFindUdmEvents","chronicle.legacies.legacyGetAlert","chronicle.legacies.legacyGetFinding","chronicle.legacies.legacyGetRuleCounts","chronicle.legacies.legacyGetRulesTrends","chronicle.legacies.legacyRunTestRule","chronicle.legacies.legacySearchArtifactEvents","chronicle.legacies.legacySearchArtifactIoCDetails","chronicle.legacies.legacySearchAssetEvents","chronicle.legacies.legacySearchCustomerStats","chronicle.legacies.legacySearchDomainsRecentlyRegistered","chronicle.legacies.legacySearchDomainsTimingStats","chronicle.legacies.legacySearchFindings","chronicle.legacies.legacySearchIngestionStats","chronicle.legacies.legacySearchIoCInsights","chronicle.legacies.legacySearchRawLogs","chronicle.legacies.legacySearchRuleDetectionCountBuckets","chronicle.legacies.legacySearchRuleDetectionEvents","chronicle.legacies.legacySearchRuleResults","chronicle.legacies.legacySearchRulesAlerts","chronicle.legacies.legacySearchUserEvents","chronicle.logs.get","chronicle.logs.list","chronicle.multitenantDirectories.get","chronicle.nativeDashboards.get","chronicle.nativeDashboards.list","chronicle.operations.get","chronicle.operations.list","chronicle.operations.streamSearch","chronicle.operations.wait","chronicle.referenceLists.get","chronicle.referenceLists.list","chronicle.referenceLists.verifyReferenceList","chronicle.retrohunts.get","chronicle.retrohunts.list","chronicle.ruleDeployments.get","chronicle.ruleDeployments.list","chronicle.ruleExecutionErrors.list","chronicle.rules.get","chronicle.rules.list","chronicle.rules.listRevisions","chronicle.rules.verifyRuleText","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/chronicle.restrictedDataAccessViewer","stage":"BETA","title":"Chronicle API Restricted Data Access Viewer","asset_type":"iam.googleapis.com/ExportedIAMRole"}
{"description":"Grants Chronicle scoped access to customer project","etag":"AA==","includedPermissions":["bigquery.connections.create","bigquery.connections.delegate","bigquery.connections.delete","bigquery.connections.get","bigquery.connections.getIamPolicy","bigquery.connections.list","bigquery.connections.update","bigquery.connections.updateTag","bigquery.connections.use","bigquery.datasets.create","bigquery.jobs.create","bigquery.jobs.get","bigquery.tables.create","bigquery.tables.delete","bigquery.tables.get","bigquery.tables.update","bigquery.tables.updateData","chronicle.instances.get","monitoring.alertPolicies.create","monitoring.alertPolicies.delete","monitoring.alertPolicies.get","monitoring.alertPolicies.list","monitoring.alertPolicies.update","serviceusage.quotas.get","serviceusage.services.enable","serviceusage.services.get","serviceusage.services.list","storage.buckets.create","storage.buckets.get","storage.buckets.getIamPolicy","storage.buckets.setIamPolicy","storage.objects.create","storage.objects.delete","storage.objects.get"],"name":"roles/chronicle.serviceAgent","stage":"GA","title":"Chronicle Service Agent","asset_type":"iam.googleapis.com/ExportedIAMRole"}
{"description":"Grants admin access to Chronicle SOAR.","etag":"AA==","includedPermissions":["chronicle.instances.soarAdmin","cloudasset.assets.exportResource","cloudasset.assets.queryAccessPolicy","cloudasset.assets.queryIamPolicy","cloudasset.assets.queryOSInventories","cloudasset.assets.queryResource","cloudasset.assets.searchAllIamPolicies","cloudasset.assets.searchAllResources","cloudasset.assets.searchEnrichmentResourceOwners","resourcemanager.organizations.get","resourcemanager.projects.get","resourcemanager.projects.list","securitycenter.attackpaths.list","securitycenter.exposurepathexplan.get","securitycenter.findings.bulkMuteUpdate","securitycenter.findings.group","securitycenter.findings.list","securitycenter.findings.listFindingPropertyNames","securitycenter.findings.setMute","securitycenter.findings.setState","securitycenter.findings.update","securitycenter.findingsecuritymarks.update","securitycenter.simulations.get","securitycenter.userinterfacemetadata.get","securitycenter.valuedresources.list"],"name":"roles/chronicle.soarAdmin","stage":"BETA","title":"Chronicle SOAR Admin","asset_type":"iam.googleapis.com/ExportedIAMRole"}
{"description":"Gives Chronicle SOAR the ability to perform remediation on Cloud Platform resources.","etag":"AA==","includedPermissions":["cloudasset.assets.analyzeIamPolicy","cloudasset.assets.searchAllIamPolicies","cloudasset.assets.searchAllResources","compute.firewalls.get","compute.firewalls.update","compute.instances.deleteAccessConfig","compute.instances.get","compute.instances.list","compute.instances.stop","compute.instances.updateNetworkInterface","compute.networks.updatePolicy","compute.zones.list","iam.serviceAccounts.disable","iam.serviceAccounts.list","recommender.iamPolicyRecommendations.get","recommender.iamPolicyRecommendations.list","recommender.iamPolicyRecommendations.update","resourcemanager.organizations.getIamPolicy","securitycenter.findingexternalsystems.update","securitycenter.findings.list","securitycenter.findings.setMute","securitycenter.findings.setState","securitycenter.findings.update","securitycenter.notificationconfig.create","securitycenter.notificationconfig.delete","securitycenter.notificationconfig.get","securitycenter.notificationconfig.update","securitycenter.sources.list","storage.buckets.get","storage.buckets.getIamPolicy","storage.buckets.list","storage.buckets.update"],"name":"roles/chronicle.soarServiceAgent","stage":"GA","title":"Chronicle SOAR Service Agent","asset_type":"iam.googleapis.com/ExportedIAMRole"}
{"description":"Gives Chronicle SOAR the ability to perform remediation on Cloud Platform resources.","etag":"AA==","includedPermissions":["cloudasset.assets.analyzeIamPolicy","cloudasset.assets.searchAllIamPolicies","cloudasset.assets.searchAllResources","compute.instances.get","compute.instances.list","compute.instances.stop","compute.zones.list","iam.serviceAccounts.disable","iam.serviceAccounts.list","recommender.iamPolicyRecommendations.get","recommender.iamPolicyRecommendations.list","recommender.iamPolicyRecommendations.update","resourcemanager.organizations.getIamPolicy","securitycenter.findingexternalsystems.update","securitycenter.findings.list","securitycenter.findings.setMute","securitycenter.findings.setState","securitycenter.findings.update","securitycenter.notificationconfig.create","securitycenter.notificationconfig.get","securitycenter.notificationconfig.update","securitycenter.sources.list"],"name":"roles/chronicle.soarServiceAgent","stage":"GA","title":"Chronicle SOAR Service Agent","asset_type":"iam.googleapis.com/ExportedIAMRole"}
{"description":"Grants threat manager access to Chronicle SOAR.","etag":"AA==","includedPermissions":["chronicle.instances.soarThreatManager","cloudasset.assets.exportResource","cloudasset.assets.queryAccessPolicy","cloudasset.assets.queryIamPolicy","cloudasset.assets.queryOSInventories","cloudasset.assets.queryResource","cloudasset.assets.searchAllIamPolicies","cloudasset.assets.searchAllResources","cloudasset.assets.searchEnrichmentResourceOwners","resourcemanager.organizations.get","resourcemanager.projects.get","resourcemanager.projects.list","securitycenter.attackpaths.list","securitycenter.exposurepathexplan.get","securitycenter.findings.bulkMuteUpdate","securitycenter.findings.group","securitycenter.findings.list","securitycenter.findings.listFindingPropertyNames","securitycenter.findings.setMute","securitycenter.findings.setState","securitycenter.findings.update","securitycenter.findingsecuritymarks.update","securitycenter.simulations.get","securitycenter.userinterfacemetadata.get","securitycenter.valuedresources.list"],"name":"roles/chronicle.soarThreatManager","stage":"BETA","title":"Chronicle SOAR Threat Manager","asset_type":"iam.googleapis.com/ExportedIAMRole"}
{"description":"Grants vulnerability manager access to Chronicle SOAR.","etag":"AA==","includedPermissions":["chronicle.instances.soarVulnerabilityManager","cloudasset.assets.exportResource","cloudasset.assets.queryAccessPolicy","cloudasset.assets.queryIamPolicy","cloudasset.assets.queryOSInventories","cloudasset.assets.queryResource","cloudasset.assets.searchAllIamPolicies","cloudasset.assets.searchAllResources","cloudasset.assets.searchEnrichmentResourceOwners","resourcemanager.organizations.get","resourcemanager.projects.get","resourcemanager.projects.list","securitycenter.attackpaths.list","securitycenter.exposurepathexplan.get","securitycenter.findings.bulkMuteUpdate","securitycenter.findings.group","securitycenter.findings.list","securitycenter.findings.listFindingPropertyNames","securitycenter.findings.setMute","securitycenter.findings.setState","securitycenter.findings.update","securitycenter.findingsecuritymarks.update","securitycenter.simulations.get","securitycenter.userinterfacemetadata.get","securitycenter.valuedresources.list"],"name":"roles/chronicle.soarVulnerabilityManager","stage":"BETA","title":"Chronicle SOAR Vulnerability Manager","asset_type":"iam.googleapis.com/ExportedIAMRole"}
{"description":"Readonly access to the Chronicle API resources.","etag":"AA==","includedPermissions":["chronicle.ais.createFeedback","chronicle.ais.translateUdmQuery","chronicle.ais.translateYlRule","chronicle.analyticValues.list","chronicle.analytics.list","chronicle.cases.countPriorities","chronicle.collectors.get","chronicle.collectors.list","chronicle.conversations.get","chronicle.conversations.list","chronicle.curatedRuleSetCategories.countAllCuratedRuleSetDetections","chronicle.curatedRuleSetCategories.get","chronicle.curatedRuleSetCategories.list","chronicle.curatedRuleSetDeployments.get","chronicle.curatedRuleSetDeployments.list","chronicle.curatedRuleSets.countCuratedRuleSetDetections","chronicle.curatedRuleSets.get","chronicle.curatedRuleSets.list","chronicle.curatedRules.get","chronicle.curatedRules.list","chronicle.dashboardCharts.get","chronicle.dashboardCharts.list","chronicle.dashboardQueries.execute","chronicle.dashboardQueries.get","chronicle.dashboardQueries.list","chronicle.dashboards.get","chronicle.dashboards.list","chronicle.dashboards.schedule","chronicle.dataAccessScopes.list","chronicle.dataExports.fetchLogTypesAvailableForExport","chronicle.dataExports.get","chronicle.dataTableRows.get","chronicle.dataTableRows.list","chronicle.dataTables.get","chronicle.dataTables.list","chronicle.dataTaps.get","chronicle.dataTaps.list","chronicle.entities.find","chronicle.entities.findRelatedEntities","chronicle.entities.get","chronicle.entities.list","chronicle.entities.queryEntityRiskScoreModifications","chronicle.entities.searchEntities","chronicle.entities.summarize","chronicle.entities.summarizeFromQuery","chronicle.entityRiskScores.queryEntityRiskScores","chronicle.errorNotificationConfigs.get","chronicle.errorNotificationConfigs.list","chronicle.events.batchGet","chronicle.events.findUdmFieldValues","chronicle.events.get","chronicle.events.queryProductSourceStats","chronicle.events.searchRawLogs","chronicle.events.udmSearch","chronicle.events.validateQuery","chronicle.findingsGraphs.exploreNode","chronicle.findingsGraphs.initializeGraph","chronicle.findingsRefinementDeployments.get","chronicle.findingsRefinementDeployments.list","chronicle.findingsRefinements.computeActivity","chronicle.findingsRefinements.computeAllActivities","chronicle.findingsRefinements.get","chronicle.findingsRefinements.list","chronicle.findingsRefinements.test","chronicle.forwarders.generate","chronicle.forwarders.get","chronicle.forwarders.list","chronicle.globalDataAccessScopes.permit","chronicle.ingestionLogLabels.get","chronicle.ingestionLogLabels.list","chronicle.ingestionLogNamespaces.get","chronicle.ingestionLogNamespaces.list","chronicle.instances.generateCollectionAgentAuth","chronicle.instances.generateSoarAuthJwt","chronicle.instances.get","chronicle.instances.logTypeClassifier","chronicle.instances.report","chronicle.iocMatches.get","chronicle.iocMatches.list","chronicle.iocState.get","chronicle.iocs.batchGet","chronicle.iocs.findFirstAndLastSeen","chronicle.iocs.get","chronicle.iocs.searchCuratedDetectionsForIoc","chronicle.legacies.legacyBatchGetCases","chronicle.legacies.legacyCalculateAlertStats","chronicle.legacies.legacyFetchAlertsView","chronicle.legacies.legacyFetchUdmSearchCsv","chronicle.legacies.legacyFetchUdmSearchView","chronicle.legacies.legacyFindAssetEvents","chronicle.legacies.legacyFindRawLogs","chronicle.legacies.legacyFindUdmEvents","chronicle.legacies.legacyGetAlert","chronicle.legacies.legacyGetCuratedRulesTrends","chronicle.legacies.legacyGetDetection","chronicle.legacies.legacyGetEventForDetection","chronicle.legacies.legacyGetFinding","chronicle.legacies.legacyGetRuleCounts","chronicle.legacies.legacyGetRulesTrends","chronicle.legacies.legacyRunTestRule","chronicle.legacies.legacySearchAlerts","chronicle.legacies.legacySearchArtifactEvents","chronicle.legacies.legacySearchArtifactIoCDetails","chronicle.legacies.legacySearchAssetEvents","chronicle.legacies.legacySearchCuratedDetections","chronicle.legacies.legacySearchCustomerStats","chronicle.legacies.legacySearchDetections","chronicle.legacies.legacySearchDomainsRecentlyRegistered","chronicle.legacies.legacySearchDomainsTimingStats","chronicle.legacies.legacySearchEnterpriseWideAlerts","chronicle.legacies.legacySearchEnterpriseWideIoCs","chronicle.legacies.legacySearchFindings","chronicle.legacies.legacySearchIngestionStats","chronicle.legacies.legacySearchIoCInsights","chronicle.legacies.legacySearchRawLogs","chronicle.legacies.legacySearchRuleDetectionCountBuckets","chronicle.legacies.legacySearchRuleDetectionEvents","chronicle.legacies.legacySearchRuleResults","chronicle.legacies.legacySearchRulesAlerts","chronicle.legacies.legacySearchUserEvents","chronicle.legacies.legacyStreamDetectionAlerts","chronicle.legacies.legacyTestRuleStreaming","chronicle.logTypeSchemas.list","chronicle.logs.export","chronicle.logs.get","chronicle.logs.list","chronicle.messages.get","chronicle.messages.list","chronicle.multitenantDirectories.get","chronicle.nativeDashboards.get","chronicle.nativeDashboards.list","chronicle.operations.get","chronicle.operations.list","chronicle.operations.streamSearch","chronicle.operations.wait","chronicle.preferenceSets.get","chronicle.preferenceSets.update","chronicle.referenceLists.get","chronicle.referenceLists.list","chronicle.referenceLists.verifyReferenceList","chronicle.retrohunts.get","chronicle.retrohunts.list","chronicle.riskConfigs.get","chronicle.ruleDeployments.get","chronicle.ruleDeployments.list","chronicle.ruleExecutionErrors.list","chronicle.rules.get","chronicle.rules.list","chronicle.rules.listRevisions","chronicle.rules.verifyRuleText","chronicle.searchQueries.create","chronicle.searchQueries.delete","chronicle.searchQueries.get","chronicle.searchQueries.list","chronicle.searchQueries.update","chronicle.watchlists.get","chronicle.watchlists.list","resourcemanager.projects.get","resourcemanager.projects.list"],"name":"roles/chronicle.viewer","stage":"GA","title":"Chronicle API Viewer","asset_type":"iam.googleapis.com/ExportedIAMRole"}
12 changes: 1 addition & 11 deletions roles/chronicle.soarServiceAgent
Original file line number Diff line number Diff line change
@@ -5,14 +5,9 @@
"cloudasset.assets.analyzeIamPolicy",
"cloudasset.assets.searchAllIamPolicies",
"cloudasset.assets.searchAllResources",
"compute.firewalls.get",
"compute.firewalls.update",
"compute.instances.deleteAccessConfig",
"compute.instances.get",
"compute.instances.list",
"compute.instances.stop",
"compute.instances.updateNetworkInterface",
"compute.networks.updatePolicy",
"compute.zones.list",
"iam.serviceAccounts.disable",
"iam.serviceAccounts.list",
@@ -26,14 +21,9 @@
"securitycenter.findings.setState",
"securitycenter.findings.update",
"securitycenter.notificationconfig.create",
"securitycenter.notificationconfig.delete",
"securitycenter.notificationconfig.get",
"securitycenter.notificationconfig.update",
"securitycenter.sources.list",
"storage.buckets.get",
"storage.buckets.getIamPolicy",
"storage.buckets.list",
"storage.buckets.update"
"securitycenter.sources.list"
],
"name": "roles/chronicle.soarServiceAgent",
"stage": "GA",

0 comments on commit d52db3e

Please sign in to comment.