// Copyright 2025 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

syntax = "proto3";

package google.cloud.securitycenter.v2;

import "google/protobuf/timestamp.proto";

option csharp_namespace = "Google.Cloud.SecurityCenter.V2";
option go_package = "cloud.google.com/go/securitycenter/apiv2/securitycenterpb;securitycenterpb";
option java_multiple_files = true;
option java_outer_classname = "DataAccessEventProto";
option java_package = "com.google.cloud.securitycenter.v2";
option php_namespace = "Google\\Cloud\\SecurityCenter\\V2";
option ruby_package = "Google::Cloud::SecurityCenter::V2";

// Details about a data access attempt made by a principal not authorized under
// applicable data security policy.
message DataAccessEvent {
  // The operation of a data access event.
  enum Operation {
    // The operation is unspecified.
    OPERATION_UNSPECIFIED = 0;

    // Represents a read operation.
    READ = 1;

    // Represents a move operation.
    MOVE = 2;

    // Represents a copy operation.
    COPY = 3;
  }

  // Unique identifier for data access event.
  string event_id = 1;

  // The email address of the principal that accessed the data. The principal
  // could be a user account, service account, Google group, or other.
  string principal_email = 2;

  // The operation performed by the principal to access the data.
  Operation operation = 3;

  // Timestamp of data access event.
  google.protobuf.Timestamp event_time = 4;
}