RubyGems - google-apis-securitycenter_v1beta2 - Versions diffs - 0.56.0 → 0.58.0 - Mend

google-apis-securitycenter_v1beta2 0.56.0 → 0.58.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +8 -0
data/lib/google/apis/securitycenter_v1beta2/classes.rb +2728 -63
data/lib/google/apis/securitycenter_v1beta2/gem_version.rb +2 -2
data/lib/google/apis/securitycenter_v1beta2/representations.rb +1342 -335
metadata +3 -3

data/lib/google/apis/securitycenter_v1beta2/classes.rb CHANGED Viewed

@@ -318,6 +318,48 @@ module Google
         end
       end
+      # Metadata taken from a [Cloud Logging LogEntry](https://cloud.google.com/
+      # logging/docs/reference/v2/rest/v2/LogEntry)
+      class CloudLoggingEntry
+        include Google::Apis::Core::Hashable
+        # A unique identifier for the log entry.
+        # Corresponds to the JSON property `insertId`
+        # @return [String]
+        attr_accessor :insert_id
+        # The type of the log (part of `log_name`. `log_name` is the resource name of
+        # the log to which this log entry belongs). For example: `cloudresourcemanager.
+        # googleapis.com/activity`. Note that this field is not URL-encoded, unlike the `
+        # LOG_ID` field in `LogEntry`.
+        # Corresponds to the JSON property `logId`
+        # @return [String]
+        attr_accessor :log_id
+        # The organization, folder, or project of the monitored resource that produced
+        # this log entry.
+        # Corresponds to the JSON property `resourceContainer`
+        # @return [String]
+        attr_accessor :resource_container
+        # The time the event described by the log entry occurred.
+        # Corresponds to the JSON property `timestamp`
+        # @return [String]
+        attr_accessor :timestamp
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @insert_id = args[:insert_id] if args.key?(:insert_id)
+          @log_id = args[:log_id] if args.key?(:log_id)
+          @resource_container = args[:resource_container] if args.key?(:resource_container)
+          @timestamp = args[:timestamp] if args.key?(:timestamp)
+        end
+      end
       # Contains compliance information about a security standard indicating unmet
       # recommendations.
       class Compliance
@@ -350,6 +392,68 @@ module Google
         end
       end
+      # Result containing the properties and count of a ComplianceSnapshot request.
+      class ComplianceSnapshot
+        include Google::Apis::Core::Hashable
+        # The category of Findings matching.
+        # Corresponds to the JSON property `category`
+        # @return [String]
+        attr_accessor :category
+        # The compliance standard (ie CIS).
+        # Corresponds to the JSON property `complianceStandard`
+        # @return [String]
+        attr_accessor :compliance_standard
+        # The compliance version (ie 1.3) in CIS 1.3.
+        # Corresponds to the JSON property `complianceVersion`
+        # @return [String]
+        attr_accessor :compliance_version
+        # Total count of findings for the given properties.
+        # Corresponds to the JSON property `count`
+        # @return [Fixnum]
+        attr_accessor :count
+        # The leaf container resource name that is closest to the snapshot.
+        # Corresponds to the JSON property `leafContainerResource`
+        # @return [String]
+        attr_accessor :leaf_container_resource
+        # The compliance snapshot name. Format: //sources//complianceSnapshots/
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        # The CRM resource display name that is closest to the snapshot the Findings
+        # belong to.
+        # Corresponds to the JSON property `projectDisplayName`
+        # @return [String]
+        attr_accessor :project_display_name
+        # The snapshot time of the snapshot.
+        # Corresponds to the JSON property `snapshotTime`
+        # @return [String]
+        attr_accessor :snapshot_time
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @category = args[:category] if args.key?(:category)
+          @compliance_standard = args[:compliance_standard] if args.key?(:compliance_standard)
+          @compliance_version = args[:compliance_version] if args.key?(:compliance_version)
+          @count = args[:count] if args.key?(:count)
+          @leaf_container_resource = args[:leaf_container_resource] if args.key?(:leaf_container_resource)
+          @name = args[:name] if args.key?(:name)
+          @project_display_name = args[:project_display_name] if args.key?(:project_display_name)
+          @snapshot_time = args[:snapshot_time] if args.key?(:snapshot_time)
+        end
+      end
       # Configuration of a module.
       class Config
         include Google::Apis::Core::Hashable
@@ -1196,6 +1300,11 @@ module Google
         # @return [Array<Google::Apis::SecuritycenterV1beta2::LoadBalancer>]
         attr_accessor :load_balancers
+        # Log entries that are relevant to the finding.
+        # Corresponds to the JSON property `logEntries`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::LogEntry>]
+        attr_accessor :log_entries
         # MITRE ATT&CK tactics and techniques related to this finding. See: https://
         # attack.mitre.org
         # Corresponds to the JSON property `mitreAttack`
@@ -1241,6 +1350,11 @@ module Google
         # @return [String]
         attr_accessor :next_steps
+        # Contains information about the org policies associated with the finding.
+        # Corresponds to the JSON property `orgPolicies`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::OrgPolicy>]
+        attr_accessor :org_policies
         # The relative resource name of the source the finding belongs to. See: https://
         # cloud.google.com/apis/design/resource_names#relative_resource_name This field
         # is immutable after creation time. For example: "organizations/`organization_id`
@@ -1339,6 +1453,7 @@ module Google
           @kernel_rootkit = args[:kernel_rootkit] if args.key?(:kernel_rootkit)
           @kubernetes = args[:kubernetes] if args.key?(:kubernetes)
           @load_balancers = args[:load_balancers] if args.key?(:load_balancers)
+          @log_entries = args[:log_entries] if args.key?(:log_entries)
           @mitre_attack = args[:mitre_attack] if args.key?(:mitre_attack)
           @module_name = args[:module_name] if args.key?(:module_name)
           @mute = args[:mute] if args.key?(:mute)
@@ -1346,6 +1461,7 @@ module Google
           @mute_update_time = args[:mute_update_time] if args.key?(:mute_update_time)
           @name = args[:name] if args.key?(:name)
           @next_steps = args[:next_steps] if args.key?(:next_steps)
+          @org_policies = args[:org_policies] if args.key?(:org_policies)
           @parent = args[:parent] if args.key?(:parent)
           @parent_display_name = args[:parent_display_name] if args.key?(:parent_display_name)
           @processes = args[:processes] if args.key?(:processes)
@@ -1780,7 +1896,10 @@ module Google
         # This field will be ignored if provided on config creation. Format "
         # organizations/`organization`/muteConfigs/`mute_config`" "folders/`folder`/
-        # muteConfigs/`mute_config`" "projects/`project`/muteConfigs/`mute_config`"
+        # muteConfigs/`mute_config`" "projects/`project`/muteConfigs/`mute_config`" "
+        # organizations/`organization`/locations/global/muteConfigs/`mute_config`" "
+        # folders/`folder`/locations/global/muteConfigs/`mute_config`" "projects/`
+        # project`/locations/global/muteConfigs/`mute_config`"
         # Corresponds to the JSON property `name`
         # @return [String]
         attr_accessor :name
@@ -2467,27 +2586,89 @@ module Google
         end
       end
-      # Represents a particular IAM binding, which captures a member's role addition,
-      # removal, or state.
-      class IamBinding
+      # Represents an access event.
+      class GoogleCloudSecuritycenterV2Access
         include Google::Apis::Core::Hashable
-        # The action that was performed on a Binding.
-        # Corresponds to the JSON property `action`
+        # Caller's IP address, such as "1.1.1.1".
+        # Corresponds to the JSON property `callerIp`
         # @return [String]
-        attr_accessor :action
+        attr_accessor :caller_ip
-        # A single identity requesting access for a Cloud Platform resource, for example,
-        # "foo@google.com".
-        # Corresponds to the JSON property `member`
+        # Represents a geographical location for a given access.
+        # Corresponds to the JSON property `callerIpGeo`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Geolocation]
+        attr_accessor :caller_ip_geo
+        # The method that the service account called, e.g. "SetIamPolicy".
+        # Corresponds to the JSON property `methodName`
         # @return [String]
-        attr_accessor :member
+        attr_accessor :method_name
-        # Role that is assigned to "members". For example, "roles/viewer", "roles/editor"
-        # , or "roles/owner".
-        # Corresponds to the JSON property `role`
+        # Associated email, such as "foo@google.com". The email address of the
+        # authenticated user or a service account acting on behalf of a third party
+        # principal making the request. For third party identity callers, the `
+        # principal_subject` field is populated instead of this field. For privacy
+        # reasons, the principal email address is sometimes redacted. For more
+        # information, see [Caller identities in audit logs](https://cloud.google.com/
+        # logging/docs/audit#user-id).
+        # Corresponds to the JSON property `principalEmail`
         # @return [String]
-        attr_accessor :role
+        attr_accessor :principal_email
+        # A string that represents the principal_subject that is associated with the
+        # identity. Unlike `principal_email`, `principal_subject` supports principals
+        # that aren't associated with email addresses, such as third party principals.
+        # For most identities, the format is `principal://iam.googleapis.com/`identity
+        # pool name`/subject/`subject``. Some GKE identities, such as GKE_WORKLOAD,
+        # FREEFORM, and GKE_HUB_WORKLOAD, still use the legacy format `serviceAccount:`
+        # identity pool name`[`subject`]`.
+        # Corresponds to the JSON property `principalSubject`
+        # @return [String]
+        attr_accessor :principal_subject
+        # The identity delegation history of an authenticated service account that made
+        # the request. The `serviceAccountDelegationInfo[]` object contains information
+        # about the real authorities that try to access Google Cloud resources by
+        # delegating on a service account. When multiple authorities are present, they
+        # are guaranteed to be sorted based on the original ordering of the identity
+        # delegation events.
+        # Corresponds to the JSON property `serviceAccountDelegationInfo`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2ServiceAccountDelegationInfo>]
+        attr_accessor :service_account_delegation_info
+        # The name of the service account key that was used to create or exchange
+        # credentials when authenticating the service account that made the request.
+        # This is a scheme-less URI full resource name. For example: "//iam.googleapis.
+        # com/projects/`PROJECT_ID`/serviceAccounts/`ACCOUNT`/keys/`key`".
+        # Corresponds to the JSON property `serviceAccountKeyName`
+        # @return [String]
+        attr_accessor :service_account_key_name
+        # This is the API service that the service account made a call to, e.g. "iam.
+        # googleapis.com"
+        # Corresponds to the JSON property `serviceName`
+        # @return [String]
+        attr_accessor :service_name
+        # The caller's user agent string associated with the finding.
+        # Corresponds to the JSON property `userAgent`
+        # @return [String]
+        attr_accessor :user_agent
+        # Type of user agent associated with the finding. For example, an operating
+        # system shell or an embedded or standalone application.
+        # Corresponds to the JSON property `userAgentFamily`
+        # @return [String]
+        attr_accessor :user_agent_family
+        # A string that represents a username. The username provided depends on the type
+        # of the finding and is likely not an IAM principal. For example, this can be a
+        # system username if the finding is related to a virtual machine, or it can be
+        # an application login username.
+        # Corresponds to the JSON property `userName`
+        # @return [String]
+        attr_accessor :user_name
         def initialize(**args)
            update!(**args)
@@ -2495,40 +2676,63 @@ module Google
         # Update properties of this object
         def update!(**args)
-          @action = args[:action] if args.key?(:action)
-          @member = args[:member] if args.key?(:member)
-          @role = args[:role] if args.key?(:role)
+          @caller_ip = args[:caller_ip] if args.key?(:caller_ip)
+          @caller_ip_geo = args[:caller_ip_geo] if args.key?(:caller_ip_geo)
+          @method_name = args[:method_name] if args.key?(:method_name)
+          @principal_email = args[:principal_email] if args.key?(:principal_email)
+          @principal_subject = args[:principal_subject] if args.key?(:principal_subject)
+          @service_account_delegation_info = args[:service_account_delegation_info] if args.key?(:service_account_delegation_info)
+          @service_account_key_name = args[:service_account_key_name] if args.key?(:service_account_key_name)
+          @service_name = args[:service_name] if args.key?(:service_name)
+          @user_agent = args[:user_agent] if args.key?(:user_agent)
+          @user_agent_family = args[:user_agent_family] if args.key?(:user_agent_family)
+          @user_name = args[:user_name] if args.key?(:user_name)
         end
       end
-      # Represents what's commonly known as an _indicator of compromise_ (IoC) in
-      # computer forensics. This is an artifact observed on a network or in an
-      # operating system that, with high confidence, indicates a computer intrusion.
-      # For more information, see [Indicator of compromise](https://en.wikipedia.org/
-      # wiki/Indicator_of_compromise).
-      class Indicator
+      # Conveys information about a Kubernetes access review (such as one returned by
+      # a [`kubectl auth can-i`](https://kubernetes.io/docs/reference/access-authn-
+      # authz/authorization/#checking-api-access) command) that was involved in a
+      # finding.
+      class GoogleCloudSecuritycenterV2AccessReview
         include Google::Apis::Core::Hashable
-        # List of domains associated to the Finding.
-        # Corresponds to the JSON property `domains`
-        # @return [Array<String>]
-        attr_accessor :domains
+        # The API group of the resource. "*" means all.
+        # Corresponds to the JSON property `group`
+        # @return [String]
+        attr_accessor :group
-        # The list of IP addresses that are associated with the finding.
-        # Corresponds to the JSON property `ipAddresses`
-        # @return [Array<String>]
-        attr_accessor :ip_addresses
+        # The name of the resource being requested. Empty means all.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
-        # The list of matched signatures indicating that the given process is present in
-        # the environment.
-        # Corresponds to the JSON property `signatures`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::ProcessSignature>]
-        attr_accessor :signatures
+        # Namespace of the action being requested. Currently, there is no distinction
+        # between no namespace and all namespaces. Both are represented by "" (empty).
+        # Corresponds to the JSON property `ns`
+        # @return [String]
+        attr_accessor :ns
-        # The list of URIs associated to the Findings.
-        # Corresponds to the JSON property `uris`
-        # @return [Array<String>]
-        attr_accessor :uris
+        # The optional resource type requested. "*" means all.
+        # Corresponds to the JSON property `resource`
+        # @return [String]
+        attr_accessor :resource
+        # The optional subresource type.
+        # Corresponds to the JSON property `subresource`
+        # @return [String]
+        attr_accessor :subresource
+        # A Kubernetes resource API verb, like get, list, watch, create, update, delete,
+        # proxy. "*" means all.
+        # Corresponds to the JSON property `verb`
+        # @return [String]
+        attr_accessor :verb
+        # The API version of the resource. "*" means all.
+        # Corresponds to the JSON property `version`
+        # @return [String]
+        attr_accessor :version
         def initialize(**args)
            update!(**args)
@@ -2536,34 +2740,2449 @@ module Google
         # Update properties of this object
         def update!(**args)
-          @domains = args[:domains] if args.key?(:domains)
-          @ip_addresses = args[:ip_addresses] if args.key?(:ip_addresses)
-          @signatures = args[:signatures] if args.key?(:signatures)
-          @uris = args[:uris] if args.key?(:uris)
+          @group = args[:group] if args.key?(:group)
+          @name = args[:name] if args.key?(:name)
+          @ns = args[:ns] if args.key?(:ns)
+          @resource = args[:resource] if args.key?(:resource)
+          @subresource = args[:subresource] if args.key?(:subresource)
+          @verb = args[:verb] if args.key?(:verb)
+          @version = args[:version] if args.key?(:version)
         end
       end
-      # Kernel mode rootkit signatures.
-      class KernelRootkit
+      # An attack exposure contains the results of an attack path simulation run.
+      class GoogleCloudSecuritycenterV2AttackExposure
         include Google::Apis::Core::Hashable
-        # Rootkit name, when available.
-        # Corresponds to the JSON property `name`
+        # The resource name of the attack path simulation result that contains the
+        # details regarding this attack exposure score. Example: organizations/123/
+        # attackExposureResults/456
+        # Corresponds to the JSON property `attackExposureResult`
         # @return [String]
-        attr_accessor :name
+        attr_accessor :attack_exposure_result
-        # True if unexpected modifications of kernel code memory are present.
-        # Corresponds to the JSON property `unexpectedCodeModification`
-        # @return [Boolean]
-        attr_accessor :unexpected_code_modification
-        alias_method :unexpected_code_modification?, :unexpected_code_modification
+        # The number of high value resources that are exposed as a result of this
+        # finding.
+        # Corresponds to the JSON property `exposedHighValueResourcesCount`
+        # @return [Fixnum]
+        attr_accessor :exposed_high_value_resources_count
-        # True if `ftrace` points are present with callbacks pointing to regions that
-        # are not in the expected kernel or module code range.
-        # Corresponds to the JSON property `unexpectedFtraceHandler`
-        # @return [Boolean]
-        attr_accessor :unexpected_ftrace_handler
-        alias_method :unexpected_ftrace_handler?, :unexpected_ftrace_handler
+        # The number of high value resources that are exposed as a result of this
+        # finding.
+        # Corresponds to the JSON property `exposedLowValueResourcesCount`
+        # @return [Fixnum]
+        attr_accessor :exposed_low_value_resources_count
+        # The number of medium value resources that are exposed as a result of this
+        # finding.
+        # Corresponds to the JSON property `exposedMediumValueResourcesCount`
+        # @return [Fixnum]
+        attr_accessor :exposed_medium_value_resources_count
+        # The most recent time the attack exposure was updated on this finding.
+        # Corresponds to the JSON property `latestCalculationTime`
+        # @return [String]
+        attr_accessor :latest_calculation_time
+        # A number between 0 (inclusive) and infinity that represents how important this
+        # finding is to remediate. The higher the score, the more important it is to
+        # remediate.
+        # Corresponds to the JSON property `score`
+        # @return [Float]
+        attr_accessor :score
+        # Output only. What state this AttackExposure is in. This captures whether or
+        # not an attack exposure has been calculated or not.
+        # Corresponds to the JSON property `state`
+        # @return [String]
+        attr_accessor :state
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @attack_exposure_result = args[:attack_exposure_result] if args.key?(:attack_exposure_result)
+          @exposed_high_value_resources_count = args[:exposed_high_value_resources_count] if args.key?(:exposed_high_value_resources_count)
+          @exposed_low_value_resources_count = args[:exposed_low_value_resources_count] if args.key?(:exposed_low_value_resources_count)
+          @exposed_medium_value_resources_count = args[:exposed_medium_value_resources_count] if args.key?(:exposed_medium_value_resources_count)
+          @latest_calculation_time = args[:latest_calculation_time] if args.key?(:latest_calculation_time)
+          @score = args[:score] if args.key?(:score)
+          @state = args[:state] if args.key?(:state)
+        end
+      end
+      # Configures how to deliver Findings to BigQuery Instance.
+      class GoogleCloudSecuritycenterV2BigQueryExport
+        include Google::Apis::Core::Hashable
+        # Output only. The time at which the BigQuery export was created. This field is
+        # set by the server and will be ignored if provided on export on creation.
+        # Corresponds to the JSON property `createTime`
+        # @return [String]
+        attr_accessor :create_time
+        # The dataset to write findings' updates to. Its format is "projects/[project_id]
+        # /datasets/[bigquery_dataset_id]". BigQuery Dataset unique ID must contain only
+        # letters (a-z, A-Z), numbers (0-9), or underscores (_).
+        # Corresponds to the JSON property `dataset`
+        # @return [String]
+        attr_accessor :dataset
+        # The description of the export (max of 1024 characters).
+        # Corresponds to the JSON property `description`
+        # @return [String]
+        attr_accessor :description
+        # Expression that defines the filter to apply across create/update events of
+        # findings. The expression is a list of zero or more restrictions combined via
+        # logical operators `AND` and `OR`. Parentheses are supported, and `OR` has
+        # higher precedence than `AND`. Restrictions have the form ` ` and may have a `-`
+        # character in front of them to indicate negation. The fields map to those
+        # defined in the corresponding resource. The supported operators are: * `=` for
+        # all value types. * `>`, `<`, `>=`, `<=` for integer values. * `:`, meaning
+        # substring matching, for strings. The supported value types are: * string
+        # literals in quotes. * integer literals without quotes. * boolean literals `
+        # true` and `false` without quotes.
+        # Corresponds to the JSON property `filter`
+        # @return [String]
+        attr_accessor :filter
+        # Output only. Email address of the user who last edited the BigQuery export.
+        # This field is set by the server and will be ignored if provided on export
+        # creation or update.
+        # Corresponds to the JSON property `mostRecentEditor`
+        # @return [String]
+        attr_accessor :most_recent_editor
+        # The relative resource name of this export. See: https://cloud.google.com/apis/
+        # design/resource_names#relative_resource_name. The following list shows some
+        # examples: + `organizations/`organization_id`/locations/`location_id`/
+        # bigQueryExports/`export_id`` + `folders/`folder_id`/locations/`location_id`/
+        # bigQueryExports/`export_id`` + `projects/`project_id`/locations/`location_id`/
+        # bigQueryExports/`export_id`` This field is provided in responses, and is
+        # ignored when provided in create requests.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        # Output only. The service account that needs permission to create table and
+        # upload data to the BigQuery dataset.
+        # Corresponds to the JSON property `principal`
+        # @return [String]
+        attr_accessor :principal
+        # Output only. The most recent time at which the BigQuery export was updated.
+        # This field is set by the server and will be ignored if provided on export
+        # creation or update.
+        # Corresponds to the JSON property `updateTime`
+        # @return [String]
+        attr_accessor :update_time
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @create_time = args[:create_time] if args.key?(:create_time)
+          @dataset = args[:dataset] if args.key?(:dataset)
+          @description = args[:description] if args.key?(:description)
+          @filter = args[:filter] if args.key?(:filter)
+          @most_recent_editor = args[:most_recent_editor] if args.key?(:most_recent_editor)
+          @name = args[:name] if args.key?(:name)
+          @principal = args[:principal] if args.key?(:principal)
+          @update_time = args[:update_time] if args.key?(:update_time)
+        end
+      end
+      # Represents a Kubernetes RoleBinding or ClusterRoleBinding.
+      class GoogleCloudSecuritycenterV2Binding
+        include Google::Apis::Core::Hashable
+        # Name for the binding.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        # Namespace for the binding.
+        # Corresponds to the JSON property `ns`
+        # @return [String]
+        attr_accessor :ns
+        # Kubernetes Role or ClusterRole.
+        # Corresponds to the JSON property `role`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Role]
+        attr_accessor :role
+        # Represents one or more subjects that are bound to the role. Not always
+        # available for PATCH requests.
+        # Corresponds to the JSON property `subjects`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Subject>]
+        attr_accessor :subjects
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @name = args[:name] if args.key?(:name)
+          @ns = args[:ns] if args.key?(:ns)
+          @role = args[:role] if args.key?(:role)
+          @subjects = args[:subjects] if args.key?(:subjects)
+        end
+      end
+      # The response to a BulkMute request. Contains the LRO information.
+      class GoogleCloudSecuritycenterV2BulkMuteFindingsResponse
+        include Google::Apis::Core::Hashable
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+        end
+      end
+      # The [data profile](https://cloud.google.com/dlp/docs/data-profiles) associated
+      # with the finding.
+      class GoogleCloudSecuritycenterV2CloudDlpDataProfile
+        include Google::Apis::Core::Hashable
+        # Name of the data profile, for example, `projects/123/locations/europe/
+        # tableProfiles/8383929`.
+        # Corresponds to the JSON property `dataProfile`
+        # @return [String]
+        attr_accessor :data_profile
+        # The resource hierarchy level at which the data profile was generated.
+        # Corresponds to the JSON property `parentType`
+        # @return [String]
+        attr_accessor :parent_type
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @data_profile = args[:data_profile] if args.key?(:data_profile)
+          @parent_type = args[:parent_type] if args.key?(:parent_type)
+        end
+      end
+      # Details about the Cloud Data Loss Prevention (Cloud DLP) [inspection job](
+      # https://cloud.google.com/dlp/docs/concepts-job-triggers) that produced the
+      # finding.
+      class GoogleCloudSecuritycenterV2CloudDlpInspection
+        include Google::Apis::Core::Hashable
+        # Whether Cloud DLP scanned the complete resource or a sampled subset.
+        # Corresponds to the JSON property `fullScan`
+        # @return [Boolean]
+        attr_accessor :full_scan
+        alias_method :full_scan?, :full_scan
+        # The type of information (or *[infoType](https://cloud.google.com/dlp/docs/
+        # infotypes-reference)*) found, for example, `EMAIL_ADDRESS` or `STREET_ADDRESS`.
+        # Corresponds to the JSON property `infoType`
+        # @return [String]
+        attr_accessor :info_type
+        # The number of times Cloud DLP found this infoType within this job and resource.
+        # Corresponds to the JSON property `infoTypeCount`
+        # @return [Fixnum]
+        attr_accessor :info_type_count
+        # Name of the inspection job, for example, `projects/123/locations/europe/
+        # dlpJobs/i-8383929`.
+        # Corresponds to the JSON property `inspectJob`
+        # @return [String]
+        attr_accessor :inspect_job
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @full_scan = args[:full_scan] if args.key?(:full_scan)
+          @info_type = args[:info_type] if args.key?(:info_type)
+          @info_type_count = args[:info_type_count] if args.key?(:info_type_count)
+          @inspect_job = args[:inspect_job] if args.key?(:inspect_job)
+        end
+      end
+      # Metadata taken from a [Cloud Logging LogEntry](https://cloud.google.com/
+      # logging/docs/reference/v2/rest/v2/LogEntry)
+      class GoogleCloudSecuritycenterV2CloudLoggingEntry
+        include Google::Apis::Core::Hashable
+        # A unique identifier for the log entry.
+        # Corresponds to the JSON property `insertId`
+        # @return [String]
+        attr_accessor :insert_id
+        # The type of the log (part of `log_name`. `log_name` is the resource name of
+        # the log to which this log entry belongs). For example: `cloudresourcemanager.
+        # googleapis.com/activity` Note that this field is not URL-encoded, unlike in `
+        # LogEntry`.
+        # Corresponds to the JSON property `logId`
+        # @return [String]
+        attr_accessor :log_id
+        # The organization, folder, or project of the monitored resource that produced
+        # this log entry.
+        # Corresponds to the JSON property `resourceContainer`
+        # @return [String]
+        attr_accessor :resource_container
+        # The time the event described by the log entry occurred.
+        # Corresponds to the JSON property `timestamp`
+        # @return [String]
+        attr_accessor :timestamp
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @insert_id = args[:insert_id] if args.key?(:insert_id)
+          @log_id = args[:log_id] if args.key?(:log_id)
+          @resource_container = args[:resource_container] if args.key?(:resource_container)
+          @timestamp = args[:timestamp] if args.key?(:timestamp)
+        end
+      end
+      # Contains compliance information about a security standard indicating unmet
+      # recommendations.
+      class GoogleCloudSecuritycenterV2Compliance
+        include Google::Apis::Core::Hashable
+        # Policies within the standard or benchmark, for example, A.12.4.1
+        # Corresponds to the JSON property `ids`
+        # @return [Array<String>]
+        attr_accessor :ids
+        # Industry-wide compliance standards or benchmarks, such as CIS, PCI, and OWASP.
+        # Corresponds to the JSON property `standard`
+        # @return [String]
+        attr_accessor :standard
+        # Version of the standard or benchmark, for example, 1.1
+        # Corresponds to the JSON property `version`
+        # @return [String]
+        attr_accessor :version
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @ids = args[:ids] if args.key?(:ids)
+          @standard = args[:standard] if args.key?(:standard)
+          @version = args[:version] if args.key?(:version)
+        end
+      end
+      # Contains information about the IP connection associated with the finding.
+      class GoogleCloudSecuritycenterV2Connection
+        include Google::Apis::Core::Hashable
+        # Destination IP address. Not present for sockets that are listening and not
+        # connected.
+        # Corresponds to the JSON property `destinationIp`
+        # @return [String]
+        attr_accessor :destination_ip
+        # Destination port. Not present for sockets that are listening and not connected.
+        # Corresponds to the JSON property `destinationPort`
+        # @return [Fixnum]
+        attr_accessor :destination_port
+        # IANA Internet Protocol Number such as TCP(6) and UDP(17).
+        # Corresponds to the JSON property `protocol`
+        # @return [String]
+        attr_accessor :protocol
+        # Source IP address.
+        # Corresponds to the JSON property `sourceIp`
+        # @return [String]
+        attr_accessor :source_ip
+        # Source port.
+        # Corresponds to the JSON property `sourcePort`
+        # @return [Fixnum]
+        attr_accessor :source_port
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @destination_ip = args[:destination_ip] if args.key?(:destination_ip)
+          @destination_port = args[:destination_port] if args.key?(:destination_port)
+          @protocol = args[:protocol] if args.key?(:protocol)
+          @source_ip = args[:source_ip] if args.key?(:source_ip)
+          @source_port = args[:source_port] if args.key?(:source_port)
+        end
+      end
+      # The email address of a contact.
+      class GoogleCloudSecuritycenterV2Contact
+        include Google::Apis::Core::Hashable
+        # An email address. For example, "`person123@company.com`".
+        # Corresponds to the JSON property `email`
+        # @return [String]
+        attr_accessor :email
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @email = args[:email] if args.key?(:email)
+        end
+      end
+      # Details about specific contacts
+      class GoogleCloudSecuritycenterV2ContactDetails
+        include Google::Apis::Core::Hashable
+        # A list of contacts
+        # Corresponds to the JSON property `contacts`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Contact>]
+        attr_accessor :contacts
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @contacts = args[:contacts] if args.key?(:contacts)
+        end
+      end
+      # Container associated with the finding.
+      class GoogleCloudSecuritycenterV2Container
+        include Google::Apis::Core::Hashable
+        # The time that the container was created.
+        # Corresponds to the JSON property `createTime`
+        # @return [String]
+        attr_accessor :create_time
+        # Optional container image ID, if provided by the container runtime. Uniquely
+        # identifies the container image launched using a container image digest.
+        # Corresponds to the JSON property `imageId`
+        # @return [String]
+        attr_accessor :image_id
+        # Container labels, as provided by the container runtime.
+        # Corresponds to the JSON property `labels`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Label>]
+        attr_accessor :labels
+        # Name of the container.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        # Container image URI provided when configuring a pod or container. This string
+        # can identify a container image version using mutable tags.
+        # Corresponds to the JSON property `uri`
+        # @return [String]
+        attr_accessor :uri
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @create_time = args[:create_time] if args.key?(:create_time)
+          @image_id = args[:image_id] if args.key?(:image_id)
+          @labels = args[:labels] if args.key?(:labels)
+          @name = args[:name] if args.key?(:name)
+          @uri = args[:uri] if args.key?(:uri)
+        end
+      end
+      # CVE stands for Common Vulnerabilities and Exposures. More information: https://
+      # cve.mitre.org
+      class GoogleCloudSecuritycenterV2Cve
+        include Google::Apis::Core::Hashable
+        # Common Vulnerability Scoring System version 3.
+        # Corresponds to the JSON property `cvssv3`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Cvssv3]
+        attr_accessor :cvssv3
+        # The unique identifier for the vulnerability. e.g. CVE-2021-34527
+        # Corresponds to the JSON property `id`
+        # @return [String]
+        attr_accessor :id
+        # Additional information about the CVE. e.g. https://cve.mitre.org/cgi-bin/
+        # cvename.cgi?name=CVE-2021-34527
+        # Corresponds to the JSON property `references`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Reference>]
+        attr_accessor :references
+        # Whether upstream fix is available for the CVE.
+        # Corresponds to the JSON property `upstreamFixAvailable`
+        # @return [Boolean]
+        attr_accessor :upstream_fix_available
+        alias_method :upstream_fix_available?, :upstream_fix_available
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @cvssv3 = args[:cvssv3] if args.key?(:cvssv3)
+          @id = args[:id] if args.key?(:id)
+          @references = args[:references] if args.key?(:references)
+          @upstream_fix_available = args[:upstream_fix_available] if args.key?(:upstream_fix_available)
+        end
+      end
+      # Common Vulnerability Scoring System version 3.
+      class GoogleCloudSecuritycenterV2Cvssv3
+        include Google::Apis::Core::Hashable
+        # This metric describes the conditions beyond the attacker's control that must
+        # exist in order to exploit the vulnerability.
+        # Corresponds to the JSON property `attackComplexity`
+        # @return [String]
+        attr_accessor :attack_complexity
+        # Base Metrics Represents the intrinsic characteristics of a vulnerability that
+        # are constant over time and across user environments. This metric reflects the
+        # context by which vulnerability exploitation is possible.
+        # Corresponds to the JSON property `attackVector`
+        # @return [String]
+        attr_accessor :attack_vector
+        # This metric measures the impact to the availability of the impacted component
+        # resulting from a successfully exploited vulnerability.
+        # Corresponds to the JSON property `availabilityImpact`
+        # @return [String]
+        attr_accessor :availability_impact
+        # The base score is a function of the base metric scores.
+        # Corresponds to the JSON property `baseScore`
+        # @return [Float]
+        attr_accessor :base_score
+        # This metric measures the impact to the confidentiality of the information
+        # resources managed by a software component due to a successfully exploited
+        # vulnerability.
+        # Corresponds to the JSON property `confidentialityImpact`
+        # @return [String]
+        attr_accessor :confidentiality_impact
+        # This metric measures the impact to integrity of a successfully exploited
+        # vulnerability.
+        # Corresponds to the JSON property `integrityImpact`
+        # @return [String]
+        attr_accessor :integrity_impact
+        # This metric describes the level of privileges an attacker must possess before
+        # successfully exploiting the vulnerability.
+        # Corresponds to the JSON property `privilegesRequired`
+        # @return [String]
+        attr_accessor :privileges_required
+        # The Scope metric captures whether a vulnerability in one vulnerable component
+        # impacts resources in components beyond its security scope.
+        # Corresponds to the JSON property `scope`
+        # @return [String]
+        attr_accessor :scope
+        # This metric captures the requirement for a human user, other than the attacker,
+        # to participate in the successful compromise of the vulnerable component.
+        # Corresponds to the JSON property `userInteraction`
+        # @return [String]
+        attr_accessor :user_interaction
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @attack_complexity = args[:attack_complexity] if args.key?(:attack_complexity)
+          @attack_vector = args[:attack_vector] if args.key?(:attack_vector)
+          @availability_impact = args[:availability_impact] if args.key?(:availability_impact)
+          @base_score = args[:base_score] if args.key?(:base_score)
+          @confidentiality_impact = args[:confidentiality_impact] if args.key?(:confidentiality_impact)
+          @integrity_impact = args[:integrity_impact] if args.key?(:integrity_impact)
+          @privileges_required = args[:privileges_required] if args.key?(:privileges_required)
+          @scope = args[:scope] if args.key?(:scope)
+          @user_interaction = args[:user_interaction] if args.key?(:user_interaction)
+        end
+      end
+      # Represents database access information, such as queries. A database may be a
+      # sub-resource of an instance (as in the case of Cloud SQL instances or Cloud
+      # Spanner instances), or the database instance itself. Some database resources
+      # might not have the [full resource name](https://google.aip.dev/122#full-
+      # resource-names) populated because these resource types, such as Cloud SQL
+      # databases, are not yet supported by Cloud Asset Inventory. In these cases only
+      # the display name is provided.
+      class GoogleCloudSecuritycenterV2Database
+        include Google::Apis::Core::Hashable
+        # The human-readable name of the database that the user connected to.
+        # Corresponds to the JSON property `displayName`
+        # @return [String]
+        attr_accessor :display_name
+        # The target usernames, roles, or groups of an SQL privilege grant, which is not
+        # an IAM policy change.
+        # Corresponds to the JSON property `grantees`
+        # @return [Array<String>]
+        attr_accessor :grantees
+        # Some database resources may not have the [full resource name](https://google.
+        # aip.dev/122#full-resource-names) populated because these resource types are
+        # not yet supported by Cloud Asset Inventory (e.g. Cloud SQL databases). In
+        # these cases only the display name will be provided. The [full resource name](
+        # https://google.aip.dev/122#full-resource-names) of the database that the user
+        # connected to, if it is supported by Cloud Asset Inventory.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        # The SQL statement that is associated with the database access.
+        # Corresponds to the JSON property `query`
+        # @return [String]
+        attr_accessor :query
+        # The username used to connect to the database. The username might not be an IAM
+        # principal and does not have a set format.
+        # Corresponds to the JSON property `userName`
+        # @return [String]
+        attr_accessor :user_name
+        # The version of the database, for example, POSTGRES_14. See [the complete list](
+        # https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1/SqlDatabaseVersion).
+        # Corresponds to the JSON property `version`
+        # @return [String]
+        attr_accessor :version
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @display_name = args[:display_name] if args.key?(:display_name)
+          @grantees = args[:grantees] if args.key?(:grantees)
+          @name = args[:name] if args.key?(:name)
+          @query = args[:query] if args.key?(:query)
+          @user_name = args[:user_name] if args.key?(:user_name)
+          @version = args[:version] if args.key?(:version)
+        end
+      end
+      # Memory hash detection contributing to the binary family match.
+      class GoogleCloudSecuritycenterV2Detection
+        include Google::Apis::Core::Hashable
+        # The name of the binary associated with the memory hash signature detection.
+        # Corresponds to the JSON property `binary`
+        # @return [String]
+        attr_accessor :binary
+        # The percentage of memory page hashes in the signature that were matched.
+        # Corresponds to the JSON property `percentPagesMatched`
+        # @return [Float]
+        attr_accessor :percent_pages_matched
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @binary = args[:binary] if args.key?(:binary)
+          @percent_pages_matched = args[:percent_pages_matched] if args.key?(:percent_pages_matched)
+        end
+      end
+      # A name-value pair representing an environment variable used in an operating
+      # system process.
+      class GoogleCloudSecuritycenterV2EnvironmentVariable
+        include Google::Apis::Core::Hashable
+        # Environment variable name as a JSON encoded string.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        # Environment variable value as a JSON encoded string.
+        # Corresponds to the JSON property `val`
+        # @return [String]
+        attr_accessor :val
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @name = args[:name] if args.key?(:name)
+          @val = args[:val] if args.key?(:val)
+        end
+      end
+      # Resource where data was exfiltrated from or exfiltrated to.
+      class GoogleCloudSecuritycenterV2ExfilResource
+        include Google::Apis::Core::Hashable
+        # Subcomponents of the asset that was exfiltrated, like URIs used during
+        # exfiltration, table names, databases, and filenames. For example, multiple
+        # tables might have been exfiltrated from the same Cloud SQL instance, or
+        # multiple files might have been exfiltrated from the same Cloud Storage bucket.
+        # Corresponds to the JSON property `components`
+        # @return [Array<String>]
+        attr_accessor :components
+        # The resource's [full resource name](https://cloud.google.com/apis/design/
+        # resource_names#full_resource_name).
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @components = args[:components] if args.key?(:components)
+          @name = args[:name] if args.key?(:name)
+        end
+      end
+      # Exfiltration represents a data exfiltration attempt from one or more sources
+      # to one or more targets. The `sources` attribute lists the sources of the
+      # exfiltrated data. The `targets` attribute lists the destinations the data was
+      # copied to.
+      class GoogleCloudSecuritycenterV2Exfiltration
+        include Google::Apis::Core::Hashable
+        # If there are multiple sources, then the data is considered "joined" between
+        # them. For instance, BigQuery can join multiple tables, and each table would be
+        # considered a source.
+        # Corresponds to the JSON property `sources`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2ExfilResource>]
+        attr_accessor :sources
+        # If there are multiple targets, each target would get a complete copy of the "
+        # joined" source data.
+        # Corresponds to the JSON property `targets`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2ExfilResource>]
+        attr_accessor :targets
+        # Total exfiltrated bytes processed for the entire job.
+        # Corresponds to the JSON property `totalExfiltratedBytes`
+        # @return [Fixnum]
+        attr_accessor :total_exfiltrated_bytes
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @sources = args[:sources] if args.key?(:sources)
+          @targets = args[:targets] if args.key?(:targets)
+          @total_exfiltrated_bytes = args[:total_exfiltrated_bytes] if args.key?(:total_exfiltrated_bytes)
+        end
+      end
+      # Representation of third party SIEM/SOAR fields within SCC.
+      class GoogleCloudSecuritycenterV2ExternalSystem
+        include Google::Apis::Core::Hashable
+        # References primary/secondary etc assignees in the external system.
+        # Corresponds to the JSON property `assignees`
+        # @return [Array<String>]
+        attr_accessor :assignees
+        # The time when the case was last updated, as reported by the external system.
+        # Corresponds to the JSON property `externalSystemUpdateTime`
+        # @return [String]
+        attr_accessor :external_system_update_time
+        # The identifier that's used to track the finding's corresponding case in the
+        # external system.
+        # Corresponds to the JSON property `externalUid`
+        # @return [String]
+        attr_accessor :external_uid
+        # Full resource name of the external system. The following list shows some
+        # examples: + `organizations/1234/sources/5678/findings/123456/externalSystems/
+        # jira` + `organizations/1234/sources/5678/locations/us/findings/123456/
+        # externalSystems/jira` + `folders/1234/sources/5678/findings/123456/
+        # externalSystems/jira` + `folders/1234/sources/5678/locations/us/findings/
+        # 123456/externalSystems/jira` + `projects/1234/sources/5678/findings/123456/
+        # externalSystems/jira` + `projects/1234/sources/5678/locations/us/findings/
+        # 123456/externalSystems/jira`
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        # The most recent status of the finding's corresponding case, as reported by the
+        # external system.
+        # Corresponds to the JSON property `status`
+        # @return [String]
+        attr_accessor :status
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @assignees = args[:assignees] if args.key?(:assignees)
+          @external_system_update_time = args[:external_system_update_time] if args.key?(:external_system_update_time)
+          @external_uid = args[:external_uid] if args.key?(:external_uid)
+          @name = args[:name] if args.key?(:name)
+          @status = args[:status] if args.key?(:status)
+        end
+      end
+      # File information about the related binary/library used by an executable, or
+      # the script used by a script interpreter
+      class GoogleCloudSecuritycenterV2File
+        include Google::Apis::Core::Hashable
+        # Prefix of the file contents as a JSON-encoded string.
+        # Corresponds to the JSON property `contents`
+        # @return [String]
+        attr_accessor :contents
+        # The length in bytes of the file prefix that was hashed. If hashed_size == size,
+        # any hashes reported represent the entire file.
+        # Corresponds to the JSON property `hashedSize`
+        # @return [Fixnum]
+        attr_accessor :hashed_size
+        # True when the hash covers only a prefix of the file.
+        # Corresponds to the JSON property `partiallyHashed`
+        # @return [Boolean]
+        attr_accessor :partially_hashed
+        alias_method :partially_hashed?, :partially_hashed
+        # Absolute path of the file as a JSON encoded string.
+        # Corresponds to the JSON property `path`
+        # @return [String]
+        attr_accessor :path
+        # SHA256 hash of the first hashed_size bytes of the file encoded as a hex string.
+        # If hashed_size == size, sha256 represents the SHA256 hash of the entire file.
+        # Corresponds to the JSON property `sha256`
+        # @return [String]
+        attr_accessor :sha256
+        # Size of the file in bytes.
+        # Corresponds to the JSON property `size`
+        # @return [Fixnum]
+        attr_accessor :size
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @contents = args[:contents] if args.key?(:contents)
+          @hashed_size = args[:hashed_size] if args.key?(:hashed_size)
+          @partially_hashed = args[:partially_hashed] if args.key?(:partially_hashed)
+          @path = args[:path] if args.key?(:path)
+          @sha256 = args[:sha256] if args.key?(:sha256)
+          @size = args[:size] if args.key?(:size)
+        end
+      end
+      # Security Command Center finding. A finding is a record of assessment data like
+      # security, risk, health, or privacy, that is ingested into Security Command
+      # Center for presentation, notification, analysis, policy testing, and
+      # enforcement. For example, a cross-site scripting (XSS) vulnerability in an App
+      # Engine application is a finding.
+      class GoogleCloudSecuritycenterV2Finding
+        include Google::Apis::Core::Hashable
+        # Represents an access event.
+        # Corresponds to the JSON property `access`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Access]
+        attr_accessor :access
+        # An attack exposure contains the results of an attack path simulation run.
+        # Corresponds to the JSON property `attackExposure`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2AttackExposure]
+        attr_accessor :attack_exposure
+        # Output only. The canonical name of the finding. The following list shows some
+        # examples: + `organizations/`organization_id`/sources/`source_id`/findings/`
+        # finding_id`` + `organizations/`organization_id`/sources/`source_id`/locations/`
+        # location_id`/findings/`finding_id`` + `folders/`folder_id`/sources/`source_id`/
+        # findings/`finding_id`` + `folders/`folder_id`/sources/`source_id`/locations/`
+        # location_id`/findings/`finding_id`` + `projects/`project_id`/sources/`
+        # source_id`/findings/`finding_id`` + `projects/`project_id`/sources/`source_id`/
+        # locations/`location_id`/findings/`finding_id`` The prefix is the closest CRM
+        # ancestor of the resource associated with the finding.
+        # Corresponds to the JSON property `canonicalName`
+        # @return [String]
+        attr_accessor :canonical_name
+        # Immutable. The additional taxonomy group within findings from a given source.
+        # Example: "XSS_FLASH_INJECTION"
+        # Corresponds to the JSON property `category`
+        # @return [String]
+        attr_accessor :category
+        # The [data profile](https://cloud.google.com/dlp/docs/data-profiles) associated
+        # with the finding.
+        # Corresponds to the JSON property `cloudDlpDataProfile`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2CloudDlpDataProfile]
+        attr_accessor :cloud_dlp_data_profile
+        # Details about the Cloud Data Loss Prevention (Cloud DLP) [inspection job](
+        # https://cloud.google.com/dlp/docs/concepts-job-triggers) that produced the
+        # finding.
+        # Corresponds to the JSON property `cloudDlpInspection`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2CloudDlpInspection]
+        attr_accessor :cloud_dlp_inspection
+        # Contains compliance information for security standards associated to the
+        # finding.
+        # Corresponds to the JSON property `compliances`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Compliance>]
+        attr_accessor :compliances
+        # Contains information about the IP connection associated with the finding.
+        # Corresponds to the JSON property `connections`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Connection>]
+        attr_accessor :connections
+        # Output only. Map containing the points of contact for the given finding. The
+        # key represents the type of contact, while the value contains a list of all the
+        # contacts that pertain. Please refer to: https://cloud.google.com/resource-
+        # manager/docs/managing-notification-contacts#notification-categories ` "
+        # security": ` "contacts": [ ` "email": "person1@company.com" `, ` "email": "
+        # person2@company.com" ` ] ` `
+        # Corresponds to the JSON property `contacts`
+        # @return [Hash<String,Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2ContactDetails>]
+        attr_accessor :contacts
+        # Containers associated with the finding. This field provides information for
+        # both Kubernetes and non-Kubernetes containers.
+        # Corresponds to the JSON property `containers`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Container>]
+        attr_accessor :containers
+        # Output only. The time at which the finding was created in Security Command
+        # Center.
+        # Corresponds to the JSON property `createTime`
+        # @return [String]
+        attr_accessor :create_time
+        # Represents database access information, such as queries. A database may be a
+        # sub-resource of an instance (as in the case of Cloud SQL instances or Cloud
+        # Spanner instances), or the database instance itself. Some database resources
+        # might not have the [full resource name](https://google.aip.dev/122#full-
+        # resource-names) populated because these resource types, such as Cloud SQL
+        # databases, are not yet supported by Cloud Asset Inventory. In these cases only
+        # the display name is provided.
+        # Corresponds to the JSON property `database`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Database]
+        attr_accessor :database
+        # Contains more details about the finding.
+        # Corresponds to the JSON property `description`
+        # @return [String]
+        attr_accessor :description
+        # The time the finding was first detected. If an existing finding is updated,
+        # then this is the time the update occurred. For example, if the finding
+        # represents an open firewall, this property captures the time the detector
+        # believes the firewall became open. The accuracy is determined by the detector.
+        # If the finding is later resolved, then this time reflects when the finding was
+        # resolved. This must not be set to a value greater than the current timestamp.
+        # Corresponds to the JSON property `eventTime`
+        # @return [String]
+        attr_accessor :event_time
+        # Exfiltration represents a data exfiltration attempt from one or more sources
+        # to one or more targets. The `sources` attribute lists the sources of the
+        # exfiltrated data. The `targets` attribute lists the destinations the data was
+        # copied to.
+        # Corresponds to the JSON property `exfiltration`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Exfiltration]
+        attr_accessor :exfiltration
+        # Output only. Third party SIEM/SOAR fields within SCC, contains external system
+        # information and external system finding fields.
+        # Corresponds to the JSON property `externalSystems`
+        # @return [Hash<String,Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2ExternalSystem>]
+        attr_accessor :external_systems
+        # The URI that, if available, points to a web page outside of Security Command
+        # Center where additional information about the finding can be found. This field
+        # is guaranteed to be either empty or a well formed URL.
+        # Corresponds to the JSON property `externalUri`
+        # @return [String]
+        attr_accessor :external_uri
+        # File associated with the finding.
+        # Corresponds to the JSON property `files`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2File>]
+        attr_accessor :files
+        # The class of the finding.
+        # Corresponds to the JSON property `findingClass`
+        # @return [String]
+        attr_accessor :finding_class
+        # Represents IAM bindings associated with the finding.
+        # Corresponds to the JSON property `iamBindings`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2IamBinding>]
+        attr_accessor :iam_bindings
+        # Represents what's commonly known as an _indicator of compromise_ (IoC) in
+        # computer forensics. This is an artifact observed on a network or in an
+        # operating system that, with high confidence, indicates a computer intrusion.
+        # For more information, see [Indicator of compromise](https://en.wikipedia.org/
+        # wiki/Indicator_of_compromise).
+        # Corresponds to the JSON property `indicator`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Indicator]
+        attr_accessor :indicator
+        # Kernel mode rootkit signatures.
+        # Corresponds to the JSON property `kernelRootkit`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2KernelRootkit]
+        attr_accessor :kernel_rootkit
+        # Kubernetes-related attributes.
+        # Corresponds to the JSON property `kubernetes`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Kubernetes]
+        attr_accessor :kubernetes
+        # The load balancers associated with the finding.
+        # Corresponds to the JSON property `loadBalancers`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2LoadBalancer>]
+        attr_accessor :load_balancers
+        # Log entries that are relevant to the finding.
+        # Corresponds to the JSON property `logEntries`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2LogEntry>]
+        attr_accessor :log_entries
+        # MITRE ATT&CK tactics and techniques related to this finding. See: https://
+        # attack.mitre.org
+        # Corresponds to the JSON property `mitreAttack`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2MitreAttack]
+        attr_accessor :mitre_attack
+        # Unique identifier of the module which generated the finding. Example: folders/
+        # 598186756061/securityHealthAnalyticsSettings/customModules/56799441161885
+        # Corresponds to the JSON property `moduleName`
+        # @return [String]
+        attr_accessor :module_name
+        # Indicates the mute state of a finding (either muted, unmuted or undefined).
+        # Unlike other attributes of a finding, a finding provider shouldn't set the
+        # value of mute.
+        # Corresponds to the JSON property `mute`
+        # @return [String]
+        attr_accessor :mute
+        # Records additional information about the mute operation, for example, the [
+        # mute configuration](https://cloud.google.com/security-command-center/docs/how-
+        # to-mute-findings) that muted the finding and the user who muted the finding.
+        # Corresponds to the JSON property `muteInitiator`
+        # @return [String]
+        attr_accessor :mute_initiator
+        # Output only. The most recent time this finding was muted or unmuted.
+        # Corresponds to the JSON property `muteUpdateTime`
+        # @return [String]
+        attr_accessor :mute_update_time
+        # The [relative resource name](https://cloud.google.com/apis/design/
+        # resource_names#relative_resource_name) of the finding. The following list
+        # shows some examples: + `organizations/`organization_id`/sources/`source_id`/
+        # findings/`finding_id`` + `organizations/`organization_id`/sources/`source_id`/
+        # locations/`location_id`/findings/`finding_id`` + `folders/`folder_id`/sources/`
+        # source_id`/findings/`finding_id`` + `folders/`folder_id`/sources/`source_id`/
+        # locations/`location_id`/findings/`finding_id`` + `projects/`project_id`/
+        # sources/`source_id`/findings/`finding_id`` + `projects/`project_id`/sources/`
+        # source_id`/locations/`location_id`/findings/`finding_id``
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        # Steps to address the finding.
+        # Corresponds to the JSON property `nextSteps`
+        # @return [String]
+        attr_accessor :next_steps
+        # Contains information about the org policies associated with the finding.
+        # Corresponds to the JSON property `orgPolicies`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2OrgPolicy>]
+        attr_accessor :org_policies
+        # The relative resource name of the source and location the finding belongs to.
+        # See: https://cloud.google.com/apis/design/resource_names#
+        # relative_resource_name This field is immutable after creation time. The
+        # following list shows some examples: + `organizations/`organization_id`/sources/
+        # `source_id`` + `folders/`folders_id`/sources/`source_id`` + `projects/`
+        # projects_id`/sources/`source_id`` + `organizations/`organization_id`/sources/`
+        # source_id`/locations/`location_id`` + `folders/`folders_id`/sources/`source_id`
+        # /locations/`location_id`` + `projects/`projects_id`/sources/`source_id`/
+        # locations/`location_id``
+        # Corresponds to the JSON property `parent`
+        # @return [String]
+        attr_accessor :parent
+        # Output only. The human readable display name of the finding source such as "
+        # Event Threat Detection" or "Security Health Analytics".
+        # Corresponds to the JSON property `parentDisplayName`
+        # @return [String]
+        attr_accessor :parent_display_name
+        # Represents operating system processes associated with the Finding.
+        # Corresponds to the JSON property `processes`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Process>]
+        attr_accessor :processes
+        # Immutable. For findings on Google Cloud resources, the full resource name of
+        # the Google Cloud resource this finding is for. See: https://cloud.google.com/
+        # apis/design/resource_names#full_resource_name When the finding is for a non-
+        # Google Cloud resource, the resourceName can be a customer or partner defined
+        # string.
+        # Corresponds to the JSON property `resourceName`
+        # @return [String]
+        attr_accessor :resource_name
+        # User specified security marks that are attached to the parent Security Command
+        # Center resource. Security marks are scoped within a Security Command Center
+        # organization -- they can be modified and viewed by all users who have proper
+        # permissions on the organization.
+        # Corresponds to the JSON property `securityMarks`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2SecurityMarks]
+        attr_accessor :security_marks
+        # Represents a posture that is deployed on Google Cloud by the Security Command
+        # Center Posture Management service. A posture contains one or more policy sets.
+        # A policy set is a group of policies that enforce a set of security rules on
+        # Google Cloud.
+        # Corresponds to the JSON property `securityPosture`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2SecurityPosture]
+        attr_accessor :security_posture
+        # The severity of the finding. This field is managed by the source that writes
+        # the finding.
+        # Corresponds to the JSON property `severity`
+        # @return [String]
+        attr_accessor :severity
+        # Source specific properties. These properties are managed by the source that
+        # writes the finding. The key names in the source_properties map must be between
+        # 1 and 255 characters, and must start with a letter and contain alphanumeric
+        # characters or underscores only.
+        # Corresponds to the JSON property `sourceProperties`
+        # @return [Hash<String,Object>]
+        attr_accessor :source_properties
+        # Output only. The state of the finding.
+        # Corresponds to the JSON property `state`
+        # @return [String]
+        attr_accessor :state
+        # Refers to common vulnerability fields e.g. cve, cvss, cwe etc.
+        # Corresponds to the JSON property `vulnerability`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Vulnerability]
+        attr_accessor :vulnerability
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @access = args[:access] if args.key?(:access)
+          @attack_exposure = args[:attack_exposure] if args.key?(:attack_exposure)
+          @canonical_name = args[:canonical_name] if args.key?(:canonical_name)
+          @category = args[:category] if args.key?(:category)
+          @cloud_dlp_data_profile = args[:cloud_dlp_data_profile] if args.key?(:cloud_dlp_data_profile)
+          @cloud_dlp_inspection = args[:cloud_dlp_inspection] if args.key?(:cloud_dlp_inspection)
+          @compliances = args[:compliances] if args.key?(:compliances)
+          @connections = args[:connections] if args.key?(:connections)
+          @contacts = args[:contacts] if args.key?(:contacts)
+          @containers = args[:containers] if args.key?(:containers)
+          @create_time = args[:create_time] if args.key?(:create_time)
+          @database = args[:database] if args.key?(:database)
+          @description = args[:description] if args.key?(:description)
+          @event_time = args[:event_time] if args.key?(:event_time)
+          @exfiltration = args[:exfiltration] if args.key?(:exfiltration)
+          @external_systems = args[:external_systems] if args.key?(:external_systems)
+          @external_uri = args[:external_uri] if args.key?(:external_uri)
+          @files = args[:files] if args.key?(:files)
+          @finding_class = args[:finding_class] if args.key?(:finding_class)
+          @iam_bindings = args[:iam_bindings] if args.key?(:iam_bindings)
+          @indicator = args[:indicator] if args.key?(:indicator)
+          @kernel_rootkit = args[:kernel_rootkit] if args.key?(:kernel_rootkit)
+          @kubernetes = args[:kubernetes] if args.key?(:kubernetes)
+          @load_balancers = args[:load_balancers] if args.key?(:load_balancers)
+          @log_entries = args[:log_entries] if args.key?(:log_entries)
+          @mitre_attack = args[:mitre_attack] if args.key?(:mitre_attack)
+          @module_name = args[:module_name] if args.key?(:module_name)
+          @mute = args[:mute] if args.key?(:mute)
+          @mute_initiator = args[:mute_initiator] if args.key?(:mute_initiator)
+          @mute_update_time = args[:mute_update_time] if args.key?(:mute_update_time)
+          @name = args[:name] if args.key?(:name)
+          @next_steps = args[:next_steps] if args.key?(:next_steps)
+          @org_policies = args[:org_policies] if args.key?(:org_policies)
+          @parent = args[:parent] if args.key?(:parent)
+          @parent_display_name = args[:parent_display_name] if args.key?(:parent_display_name)
+          @processes = args[:processes] if args.key?(:processes)
+          @resource_name = args[:resource_name] if args.key?(:resource_name)
+          @security_marks = args[:security_marks] if args.key?(:security_marks)
+          @security_posture = args[:security_posture] if args.key?(:security_posture)
+          @severity = args[:severity] if args.key?(:severity)
+          @source_properties = args[:source_properties] if args.key?(:source_properties)
+          @state = args[:state] if args.key?(:state)
+          @vulnerability = args[:vulnerability] if args.key?(:vulnerability)
+        end
+      end
+      # Represents a geographical location for a given access.
+      class GoogleCloudSecuritycenterV2Geolocation
+        include Google::Apis::Core::Hashable
+        # A CLDR.
+        # Corresponds to the JSON property `regionCode`
+        # @return [String]
+        attr_accessor :region_code
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @region_code = args[:region_code] if args.key?(:region_code)
+        end
+      end
+      # Represents a particular IAM binding, which captures a member's role addition,
+      # removal, or state.
+      class GoogleCloudSecuritycenterV2IamBinding
+        include Google::Apis::Core::Hashable
+        # The action that was performed on a Binding.
+        # Corresponds to the JSON property `action`
+        # @return [String]
+        attr_accessor :action
+        # A single identity requesting access for a Cloud Platform resource, for example,
+        # "foo@google.com".
+        # Corresponds to the JSON property `member`
+        # @return [String]
+        attr_accessor :member
+        # Role that is assigned to "members". For example, "roles/viewer", "roles/editor"
+        # , or "roles/owner".
+        # Corresponds to the JSON property `role`
+        # @return [String]
+        attr_accessor :role
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @action = args[:action] if args.key?(:action)
+          @member = args[:member] if args.key?(:member)
+          @role = args[:role] if args.key?(:role)
+        end
+      end
+      # Represents what's commonly known as an _indicator of compromise_ (IoC) in
+      # computer forensics. This is an artifact observed on a network or in an
+      # operating system that, with high confidence, indicates a computer intrusion.
+      # For more information, see [Indicator of compromise](https://en.wikipedia.org/
+      # wiki/Indicator_of_compromise).
+      class GoogleCloudSecuritycenterV2Indicator
+        include Google::Apis::Core::Hashable
+        # List of domains associated to the Finding.
+        # Corresponds to the JSON property `domains`
+        # @return [Array<String>]
+        attr_accessor :domains
+        # The list of IP addresses that are associated with the finding.
+        # Corresponds to the JSON property `ipAddresses`
+        # @return [Array<String>]
+        attr_accessor :ip_addresses
+        # The list of matched signatures indicating that the given process is present in
+        # the environment.
+        # Corresponds to the JSON property `signatures`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2ProcessSignature>]
+        attr_accessor :signatures
+        # The list of URIs associated to the Findings.
+        # Corresponds to the JSON property `uris`
+        # @return [Array<String>]
+        attr_accessor :uris
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @domains = args[:domains] if args.key?(:domains)
+          @ip_addresses = args[:ip_addresses] if args.key?(:ip_addresses)
+          @signatures = args[:signatures] if args.key?(:signatures)
+          @uris = args[:uris] if args.key?(:uris)
+        end
+      end
+      # Kernel mode rootkit signatures.
+      class GoogleCloudSecuritycenterV2KernelRootkit
+        include Google::Apis::Core::Hashable
+        # Rootkit name, when available.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        # True if unexpected modifications of kernel code memory are present.
+        # Corresponds to the JSON property `unexpectedCodeModification`
+        # @return [Boolean]
+        attr_accessor :unexpected_code_modification
+        alias_method :unexpected_code_modification?, :unexpected_code_modification
+        # True if `ftrace` points are present with callbacks pointing to regions that
+        # are not in the expected kernel or module code range.
+        # Corresponds to the JSON property `unexpectedFtraceHandler`
+        # @return [Boolean]
+        attr_accessor :unexpected_ftrace_handler
+        alias_method :unexpected_ftrace_handler?, :unexpected_ftrace_handler
+        # True if interrupt handlers that are are not in the expected kernel or module
+        # code regions are present.
+        # Corresponds to the JSON property `unexpectedInterruptHandler`
+        # @return [Boolean]
+        attr_accessor :unexpected_interrupt_handler
+        alias_method :unexpected_interrupt_handler?, :unexpected_interrupt_handler
+        # True if kernel code pages that are not in the expected kernel or module code
+        # regions are present.
+        # Corresponds to the JSON property `unexpectedKernelCodePages`
+        # @return [Boolean]
+        attr_accessor :unexpected_kernel_code_pages
+        alias_method :unexpected_kernel_code_pages?, :unexpected_kernel_code_pages
+        # True if `kprobe` points are present with callbacks pointing to regions that
+        # are not in the expected kernel or module code range.
+        # Corresponds to the JSON property `unexpectedKprobeHandler`
+        # @return [Boolean]
+        attr_accessor :unexpected_kprobe_handler
+        alias_method :unexpected_kprobe_handler?, :unexpected_kprobe_handler
+        # True if unexpected processes in the scheduler run queue are present. Such
+        # processes are in the run queue, but not in the process task list.
+        # Corresponds to the JSON property `unexpectedProcessesInRunqueue`
+        # @return [Boolean]
+        attr_accessor :unexpected_processes_in_runqueue
+        alias_method :unexpected_processes_in_runqueue?, :unexpected_processes_in_runqueue
+        # True if unexpected modifications of kernel read-only data memory are present.
+        # Corresponds to the JSON property `unexpectedReadOnlyDataModification`
+        # @return [Boolean]
+        attr_accessor :unexpected_read_only_data_modification
+        alias_method :unexpected_read_only_data_modification?, :unexpected_read_only_data_modification
+        # True if system call handlers that are are not in the expected kernel or module
+        # code regions are present.
+        # Corresponds to the JSON property `unexpectedSystemCallHandler`
+        # @return [Boolean]
+        attr_accessor :unexpected_system_call_handler
+        alias_method :unexpected_system_call_handler?, :unexpected_system_call_handler
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @name = args[:name] if args.key?(:name)
+          @unexpected_code_modification = args[:unexpected_code_modification] if args.key?(:unexpected_code_modification)
+          @unexpected_ftrace_handler = args[:unexpected_ftrace_handler] if args.key?(:unexpected_ftrace_handler)
+          @unexpected_interrupt_handler = args[:unexpected_interrupt_handler] if args.key?(:unexpected_interrupt_handler)
+          @unexpected_kernel_code_pages = args[:unexpected_kernel_code_pages] if args.key?(:unexpected_kernel_code_pages)
+          @unexpected_kprobe_handler = args[:unexpected_kprobe_handler] if args.key?(:unexpected_kprobe_handler)
+          @unexpected_processes_in_runqueue = args[:unexpected_processes_in_runqueue] if args.key?(:unexpected_processes_in_runqueue)
+          @unexpected_read_only_data_modification = args[:unexpected_read_only_data_modification] if args.key?(:unexpected_read_only_data_modification)
+          @unexpected_system_call_handler = args[:unexpected_system_call_handler] if args.key?(:unexpected_system_call_handler)
+        end
+      end
+      # Kubernetes-related attributes.
+      class GoogleCloudSecuritycenterV2Kubernetes
+        include Google::Apis::Core::Hashable
+        # Provides information on any Kubernetes access reviews (privilege checks)
+        # relevant to the finding.
+        # Corresponds to the JSON property `accessReviews`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2AccessReview>]
+        attr_accessor :access_reviews
+        # Provides Kubernetes role binding information for findings that involve [
+        # RoleBindings or ClusterRoleBindings](https://cloud.google.com/kubernetes-
+        # engine/docs/how-to/role-based-access-control).
+        # Corresponds to the JSON property `bindings`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Binding>]
+        attr_accessor :bindings
+        # GKE [node pools](https://cloud.google.com/kubernetes-engine/docs/concepts/node-
+        # pools) associated with the finding. This field contains node pool information
+        # for each node, when it is available.
+        # Corresponds to the JSON property `nodePools`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2NodePool>]
+        attr_accessor :node_pools
+        # Provides Kubernetes [node](https://cloud.google.com/kubernetes-engine/docs/
+        # concepts/cluster-architecture#nodes) information.
+        # Corresponds to the JSON property `nodes`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Node>]
+        attr_accessor :nodes
+        # Kubernetes objects related to the finding.
+        # Corresponds to the JSON property `objects`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Object>]
+        attr_accessor :objects
+        # Kubernetes [Pods](https://cloud.google.com/kubernetes-engine/docs/concepts/pod)
+        # associated with the finding. This field contains Pod records for each
+        # container that is owned by a Pod.
+        # Corresponds to the JSON property `pods`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Pod>]
+        attr_accessor :pods
+        # Provides Kubernetes role information for findings that involve [Roles or
+        # ClusterRoles](https://cloud.google.com/kubernetes-engine/docs/how-to/role-
+        # based-access-control).
+        # Corresponds to the JSON property `roles`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Role>]
+        attr_accessor :roles
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @access_reviews = args[:access_reviews] if args.key?(:access_reviews)
+          @bindings = args[:bindings] if args.key?(:bindings)
+          @node_pools = args[:node_pools] if args.key?(:node_pools)
+          @nodes = args[:nodes] if args.key?(:nodes)
+          @objects = args[:objects] if args.key?(:objects)
+          @pods = args[:pods] if args.key?(:pods)
+          @roles = args[:roles] if args.key?(:roles)
+        end
+      end
+      # Represents a generic name-value label. A label has separate name and value
+      # fields to support filtering with the `contains()` function. For more
+      # information, see [Filtering on array-type fields](https://cloud.google.com/
+      # security-command-center/docs/how-to-api-list-findings#array-contains-filtering)
+      # .
+      class GoogleCloudSecuritycenterV2Label
+        include Google::Apis::Core::Hashable
+        # Name of the label.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        # Value that corresponds to the label's name.
+        # Corresponds to the JSON property `value`
+        # @return [String]
+        attr_accessor :value
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @name = args[:name] if args.key?(:name)
+          @value = args[:value] if args.key?(:value)
+        end
+      end
+      # Contains information related to the load balancer associated with the finding.
+      class GoogleCloudSecuritycenterV2LoadBalancer
+        include Google::Apis::Core::Hashable
+        # The name of the load balancer associated with the finding.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @name = args[:name] if args.key?(:name)
+        end
+      end
+      # An individual entry in a log.
+      class GoogleCloudSecuritycenterV2LogEntry
+        include Google::Apis::Core::Hashable
+        # Metadata taken from a [Cloud Logging LogEntry](https://cloud.google.com/
+        # logging/docs/reference/v2/rest/v2/LogEntry)
+        # Corresponds to the JSON property `cloudLoggingEntry`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2CloudLoggingEntry]
+        attr_accessor :cloud_logging_entry
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @cloud_logging_entry = args[:cloud_logging_entry] if args.key?(:cloud_logging_entry)
+        end
+      end
+      # A signature corresponding to memory page hashes.
+      class GoogleCloudSecuritycenterV2MemoryHashSignature
+        include Google::Apis::Core::Hashable
+        # The binary family.
+        # Corresponds to the JSON property `binaryFamily`
+        # @return [String]
+        attr_accessor :binary_family
+        # The list of memory hash detections contributing to the binary family match.
+        # Corresponds to the JSON property `detections`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Detection>]
+        attr_accessor :detections
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @binary_family = args[:binary_family] if args.key?(:binary_family)
+          @detections = args[:detections] if args.key?(:detections)
+        end
+      end
+      # MITRE ATT&CK tactics and techniques related to this finding. See: https://
+      # attack.mitre.org
+      class GoogleCloudSecuritycenterV2MitreAttack
+        include Google::Apis::Core::Hashable
+        # Additional MITRE ATT&CK tactics related to this finding, if any.
+        # Corresponds to the JSON property `additionalTactics`
+        # @return [Array<String>]
+        attr_accessor :additional_tactics
+        # Additional MITRE ATT&CK techniques related to this finding, if any, along with
+        # any of their respective parent techniques.
+        # Corresponds to the JSON property `additionalTechniques`
+        # @return [Array<String>]
+        attr_accessor :additional_techniques
+        # The MITRE ATT&CK tactic most closely represented by this finding, if any.
+        # Corresponds to the JSON property `primaryTactic`
+        # @return [String]
+        attr_accessor :primary_tactic
+        # The MITRE ATT&CK technique most closely represented by this finding, if any.
+        # primary_techniques is a repeated field because there are multiple levels of
+        # MITRE ATT&CK techniques. If the technique most closely represented by this
+        # finding is a sub-technique (e.g. `SCANNING_IP_BLOCKS`), both the sub-technique
+        # and its parent technique(s) will be listed (e.g. `SCANNING_IP_BLOCKS`, `
+        # ACTIVE_SCANNING`).
+        # Corresponds to the JSON property `primaryTechniques`
+        # @return [Array<String>]
+        attr_accessor :primary_techniques
+        # The MITRE ATT&CK version referenced by the above fields. E.g. "8".
+        # Corresponds to the JSON property `version`
+        # @return [String]
+        attr_accessor :version
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @additional_tactics = args[:additional_tactics] if args.key?(:additional_tactics)
+          @additional_techniques = args[:additional_techniques] if args.key?(:additional_techniques)
+          @primary_tactic = args[:primary_tactic] if args.key?(:primary_tactic)
+          @primary_techniques = args[:primary_techniques] if args.key?(:primary_techniques)
+          @version = args[:version] if args.key?(:version)
+        end
+      end
+      # A mute config is a Cloud SCC resource that contains the configuration to mute
+      # create/update events of findings.
+      class GoogleCloudSecuritycenterV2MuteConfig
+        include Google::Apis::Core::Hashable
+        # Output only. The time at which the mute config was created. This field is set
+        # by the server and will be ignored if provided on config creation.
+        # Corresponds to the JSON property `createTime`
+        # @return [String]
+        attr_accessor :create_time
+        # A description of the mute config.
+        # Corresponds to the JSON property `description`
+        # @return [String]
+        attr_accessor :description
+        # Required. An expression that defines the filter to apply across create/update
+        # events of findings. While creating a filter string, be mindful of the scope in
+        # which the mute configuration is being created. E.g., If a filter contains
+        # project = X but is created under the project = Y scope, it might not match any
+        # findings. The following field and operator combinations are supported: *
+        # severity: `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * resource.
+        # project_name: `=`, `:` * resource.project_display_name: `=`, `:` * resource.
+        # folders.resource_folder: `=`, `:` * resource.parent_name: `=`, `:` * resource.
+        # parent_display_name: `=`, `:` * resource.type: `=`, `:` * finding_class: `=`, `
+        # :` * indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:`
+        # Corresponds to the JSON property `filter`
+        # @return [String]
+        attr_accessor :filter
+        # Output only. Email address of the user who last edited the mute config. This
+        # field is set by the server and will be ignored if provided on config creation
+        # or update.
+        # Corresponds to the JSON property `mostRecentEditor`
+        # @return [String]
+        attr_accessor :most_recent_editor
+        # This field will be ignored if provided on config creation. The following list
+        # shows some examples of the format: + `organizations/`organization`/muteConfigs/
+        # `mute_config`` + `organizations/`organization`locations/`location`//
+        # muteConfigs/`mute_config`` + `folders/`folder`/muteConfigs/`mute_config`` + `
+        # folders/`folder`/locations/`location`/muteConfigs/`mute_config`` + `projects/`
+        # project`/muteConfigs/`mute_config`` + `projects/`project`/locations/`location`/
+        # muteConfigs/`mute_config``
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        # Output only. The most recent time at which the mute config was updated. This
+        # field is set by the server and will be ignored if provided on config creation
+        # or update.
+        # Corresponds to the JSON property `updateTime`
+        # @return [String]
+        attr_accessor :update_time
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @create_time = args[:create_time] if args.key?(:create_time)
+          @description = args[:description] if args.key?(:description)
+          @filter = args[:filter] if args.key?(:filter)
+          @most_recent_editor = args[:most_recent_editor] if args.key?(:most_recent_editor)
+          @name = args[:name] if args.key?(:name)
+          @update_time = args[:update_time] if args.key?(:update_time)
+        end
+      end
+      # Kubernetes nodes associated with the finding.
+      class GoogleCloudSecuritycenterV2Node
+        include Google::Apis::Core::Hashable
+        # [Full resource name](https://google.aip.dev/122#full-resource-names) of the
+        # Compute Engine VM running the cluster node.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @name = args[:name] if args.key?(:name)
+        end
+      end
+      # Provides GKE node pool information.
+      class GoogleCloudSecuritycenterV2NodePool
+        include Google::Apis::Core::Hashable
+        # Kubernetes node pool name.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        # Nodes associated with the finding.
+        # Corresponds to the JSON property `nodes`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Node>]
+        attr_accessor :nodes
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @name = args[:name] if args.key?(:name)
+          @nodes = args[:nodes] if args.key?(:nodes)
+        end
+      end
+      # Cloud SCC's Notification
+      class GoogleCloudSecuritycenterV2NotificationMessage
+        include Google::Apis::Core::Hashable
+        # Security Command Center finding. A finding is a record of assessment data like
+        # security, risk, health, or privacy, that is ingested into Security Command
+        # Center for presentation, notification, analysis, policy testing, and
+        # enforcement. For example, a cross-site scripting (XSS) vulnerability in an App
+        # Engine application is a finding.
+        # Corresponds to the JSON property `finding`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Finding]
+        attr_accessor :finding
+        # Name of the notification config that generated current notification.
+        # Corresponds to the JSON property `notificationConfigName`
+        # @return [String]
+        attr_accessor :notification_config_name
+        # Information related to the Google Cloud resource.
+        # Corresponds to the JSON property `resource`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Resource]
+        attr_accessor :resource
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @finding = args[:finding] if args.key?(:finding)
+          @notification_config_name = args[:notification_config_name] if args.key?(:notification_config_name)
+          @resource = args[:resource] if args.key?(:resource)
+        end
+      end
+      # Kubernetes object related to the finding, uniquely identified by GKNN. Used if
+      # the object Kind is not one of Pod, Node, NodePool, Binding, or AccessReview.
+      class GoogleCloudSecuritycenterV2Object
+        include Google::Apis::Core::Hashable
+        # Pod containers associated with this finding, if any.
+        # Corresponds to the JSON property `containers`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Container>]
+        attr_accessor :containers
+        # Kubernetes object group, such as "policy.k8s.io/v1".
+        # Corresponds to the JSON property `group`
+        # @return [String]
+        attr_accessor :group
+        # Kubernetes object kind, such as "Namespace".
+        # Corresponds to the JSON property `kind`
+        # @return [String]
+        attr_accessor :kind
+        # Kubernetes object name. For details see https://kubernetes.io/docs/concepts/
+        # overview/working-with-objects/names/.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        # Kubernetes object namespace. Must be a valid DNS label. Named "ns" to avoid
+        # collision with C++ namespace keyword. For details see https://kubernetes.io/
+        # docs/tasks/administer-cluster/namespaces/.
+        # Corresponds to the JSON property `ns`
+        # @return [String]
+        attr_accessor :ns
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @containers = args[:containers] if args.key?(:containers)
+          @group = args[:group] if args.key?(:group)
+          @kind = args[:kind] if args.key?(:kind)
+          @name = args[:name] if args.key?(:name)
+          @ns = args[:ns] if args.key?(:ns)
+        end
+      end
+      # Contains information about the org policies associated with the finding.
+      class GoogleCloudSecuritycenterV2OrgPolicy
+        include Google::Apis::Core::Hashable
+        # The resource name of the org policy. Example: "organizations/`organization_id`/
+        # policies/`constraint_name`"
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @name = args[:name] if args.key?(:name)
+        end
+      end
+      # A Kubernetes Pod.
+      class GoogleCloudSecuritycenterV2Pod
+        include Google::Apis::Core::Hashable
+        # Pod containers associated with this finding, if any.
+        # Corresponds to the JSON property `containers`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Container>]
+        attr_accessor :containers
+        # Pod labels. For Kubernetes containers, these are applied to the container.
+        # Corresponds to the JSON property `labels`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Label>]
+        attr_accessor :labels
+        # Kubernetes Pod name.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        # Kubernetes Pod namespace.
+        # Corresponds to the JSON property `ns`
+        # @return [String]
+        attr_accessor :ns
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @containers = args[:containers] if args.key?(:containers)
+          @labels = args[:labels] if args.key?(:labels)
+          @name = args[:name] if args.key?(:name)
+          @ns = args[:ns] if args.key?(:ns)
+        end
+      end
+      # Represents an operating system process.
+      class GoogleCloudSecuritycenterV2Process
+        include Google::Apis::Core::Hashable
+        # Process arguments as JSON encoded strings.
+        # Corresponds to the JSON property `args`
+        # @return [Array<String>]
+        attr_accessor :args
+        # True if `args` is incomplete.
+        # Corresponds to the JSON property `argumentsTruncated`
+        # @return [Boolean]
+        attr_accessor :arguments_truncated
+        alias_method :arguments_truncated?, :arguments_truncated
+        # File information about the related binary/library used by an executable, or
+        # the script used by a script interpreter
+        # Corresponds to the JSON property `binary`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2File]
+        attr_accessor :binary
+        # Process environment variables.
+        # Corresponds to the JSON property `envVariables`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2EnvironmentVariable>]
+        attr_accessor :env_variables
+        # True if `env_variables` is incomplete.
+        # Corresponds to the JSON property `envVariablesTruncated`
+        # @return [Boolean]
+        attr_accessor :env_variables_truncated
+        alias_method :env_variables_truncated?, :env_variables_truncated
+        # File information for libraries loaded by the process.
+        # Corresponds to the JSON property `libraries`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2File>]
+        attr_accessor :libraries
+        # The process name, as displayed in utilities like `top` and `ps`. This name can
+        # be accessed through `/proc/[pid]/comm` and changed with `prctl(PR_SET_NAME)`.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        # The parent process ID.
+        # Corresponds to the JSON property `parentPid`
+        # @return [Fixnum]
+        attr_accessor :parent_pid
+        # The process ID.
+        # Corresponds to the JSON property `pid`
+        # @return [Fixnum]
+        attr_accessor :pid
+        # File information about the related binary/library used by an executable, or
+        # the script used by a script interpreter
+        # Corresponds to the JSON property `script`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2File]
+        attr_accessor :script
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @args = args[:args] if args.key?(:args)
+          @arguments_truncated = args[:arguments_truncated] if args.key?(:arguments_truncated)
+          @binary = args[:binary] if args.key?(:binary)
+          @env_variables = args[:env_variables] if args.key?(:env_variables)
+          @env_variables_truncated = args[:env_variables_truncated] if args.key?(:env_variables_truncated)
+          @libraries = args[:libraries] if args.key?(:libraries)
+          @name = args[:name] if args.key?(:name)
+          @parent_pid = args[:parent_pid] if args.key?(:parent_pid)
+          @pid = args[:pid] if args.key?(:pid)
+          @script = args[:script] if args.key?(:script)
+        end
+      end
+      # Indicates what signature matched this process.
+      class GoogleCloudSecuritycenterV2ProcessSignature
+        include Google::Apis::Core::Hashable
+        # A signature corresponding to memory page hashes.
+        # Corresponds to the JSON property `memoryHashSignature`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2MemoryHashSignature]
+        attr_accessor :memory_hash_signature
+        # A signature corresponding to a YARA rule.
+        # Corresponds to the JSON property `yaraRuleSignature`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2YaraRuleSignature]
+        attr_accessor :yara_rule_signature
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @memory_hash_signature = args[:memory_hash_signature] if args.key?(:memory_hash_signature)
+          @yara_rule_signature = args[:yara_rule_signature] if args.key?(:yara_rule_signature)
+        end
+      end
+      # Additional Links
+      class GoogleCloudSecuritycenterV2Reference
+        include Google::Apis::Core::Hashable
+        # Source of the reference e.g. NVD
+        # Corresponds to the JSON property `source`
+        # @return [String]
+        attr_accessor :source
+        # Uri for the mentioned source e.g. https://cve.mitre.org/cgi-bin/cvename.cgi?
+        # name=CVE-2021-34527.
+        # Corresponds to the JSON property `uri`
+        # @return [String]
+        attr_accessor :uri
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @source = args[:source] if args.key?(:source)
+          @uri = args[:uri] if args.key?(:uri)
+        end
+      end
+      # Information related to the Google Cloud resource.
+      class GoogleCloudSecuritycenterV2Resource
+        include Google::Apis::Core::Hashable
+        # The human readable name of the resource.
+        # Corresponds to the JSON property `displayName`
+        # @return [String]
+        attr_accessor :display_name
+        # The full resource name of the resource. See: https://cloud.google.com/apis/
+        # design/resource_names#full_resource_name
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        # The full resource type of the resource.
+        # Corresponds to the JSON property `type`
+        # @return [String]
+        attr_accessor :type
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @display_name = args[:display_name] if args.key?(:display_name)
+          @name = args[:name] if args.key?(:name)
+          @type = args[:type] if args.key?(:type)
+        end
+      end
+      # A resource value config (RVC) is a mapping configuration of user's resources
+      # to resource values. Used in Attack path simulations.
+      class GoogleCloudSecuritycenterV2ResourceValueConfig
+        include Google::Apis::Core::Hashable
+        # Output only. Timestamp this resource value config was created.
+        # Corresponds to the JSON property `createTime`
+        # @return [String]
+        attr_accessor :create_time
+        # Description of the resource value config.
+        # Corresponds to the JSON property `description`
+        # @return [String]
+        attr_accessor :description
+        # Name for the resource value config
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        # List of resource labels to search for, evaluated with AND. E.g. "
+        # resource_labels_selector": `"key": "value", "env": "prod"` will match
+        # resources with labels "key": "value" AND "env": "prod" https://cloud.google.
+        # com/resource-manager/docs/creating-managing-labels
+        # Corresponds to the JSON property `resourceLabelsSelector`
+        # @return [Hash<String,String>]
+        attr_accessor :resource_labels_selector
+        # Apply resource_value only to resources that match resource_type. resource_type
+        # will be checked with "AND" of other resources. E.g. "storage.googleapis.com/
+        # Bucket" with resource_value "HIGH" will apply "HIGH" value only to "storage.
+        # googleapis.com/Bucket" resources.
+        # Corresponds to the JSON property `resourceType`
+        # @return [String]
+        attr_accessor :resource_type
+        # Required. Resource value level this expression represents
+        # Corresponds to the JSON property `resourceValue`
+        # @return [String]
+        attr_accessor :resource_value
+        # Project or folder to scope this config to. For example, "project/456" would
+        # apply this config only to resources in "project/456" scope will be checked
+        # with "AND" of other resources.
+        # Corresponds to the JSON property `scope`
+        # @return [String]
+        attr_accessor :scope
+        # Required. Tag values combined with AND to check against. Values in the form "
+        # tagValues/123" E.g. [ "tagValues/123", "tagValues/456", "tagValues/789" ]
+        # https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing
+        # Corresponds to the JSON property `tagValues`
+        # @return [Array<String>]
+        attr_accessor :tag_values
+        # Output only. Timestamp this resource value config was last updated.
+        # Corresponds to the JSON property `updateTime`
+        # @return [String]
+        attr_accessor :update_time
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @create_time = args[:create_time] if args.key?(:create_time)
+          @description = args[:description] if args.key?(:description)
+          @name = args[:name] if args.key?(:name)
+          @resource_labels_selector = args[:resource_labels_selector] if args.key?(:resource_labels_selector)
+          @resource_type = args[:resource_type] if args.key?(:resource_type)
+          @resource_value = args[:resource_value] if args.key?(:resource_value)
+          @scope = args[:scope] if args.key?(:scope)
+          @tag_values = args[:tag_values] if args.key?(:tag_values)
+          @update_time = args[:update_time] if args.key?(:update_time)
+        end
+      end
+      # Kubernetes Role or ClusterRole.
+      class GoogleCloudSecuritycenterV2Role
+        include Google::Apis::Core::Hashable
+        # Role type.
+        # Corresponds to the JSON property `kind`
+        # @return [String]
+        attr_accessor :kind
+        # Role name.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        # Role namespace.
+        # Corresponds to the JSON property `ns`
+        # @return [String]
+        attr_accessor :ns
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @kind = args[:kind] if args.key?(:kind)
+          @name = args[:name] if args.key?(:name)
+          @ns = args[:ns] if args.key?(:ns)
+        end
+      end
+      # User specified security marks that are attached to the parent Security Command
+      # Center resource. Security marks are scoped within a Security Command Center
+      # organization -- they can be modified and viewed by all users who have proper
+      # permissions on the organization.
+      class GoogleCloudSecuritycenterV2SecurityMarks
+        include Google::Apis::Core::Hashable
+        # The canonical name of the marks. The following list shows some examples: + `
+        # organizations/`organization_id`/assets/`asset_id`/securityMarks" + `
+        # organizations/`organization_id`/sources/`source_id`/findings/`finding_id`/
+        # securityMarks" + `organizations/`organization_id`/sources/`source_id`/
+        # locations/`location`/findings/`finding_id`/securityMarks" + `folders/`
+        # folder_id`/assets/`asset_id`/securityMarks" + `folders/`folder_id`/sources/`
+        # source_id`/findings/`finding_id`/securityMarks" + `folders/`folder_id`/sources/
+        # `source_id`/locations/`location`/findings/`finding_id`/securityMarks" + `
+        # projects/`project_number`/assets/`asset_id`/securityMarks" + `projects/`
+        # project_number`/sources/`source_id`/findings/`finding_id`/securityMarks" + `
+        # projects/`project_number`/sources/`source_id`/locations/`location`/findings/`
+        # finding_id`/securityMarks"
+        # Corresponds to the JSON property `canonicalName`
+        # @return [String]
+        attr_accessor :canonical_name
+        # Mutable user specified security marks belonging to the parent resource.
+        # Constraints are as follows: * Keys and values are treated as case insensitive *
+        # Keys must be between 1 - 256 characters (inclusive) * Keys must be letters,
+        # numbers, underscores, or dashes * Values have leading and trailing whitespace
+        # trimmed, remaining characters must be between 1 - 4096 characters (inclusive)
+        # Corresponds to the JSON property `marks`
+        # @return [Hash<String,String>]
+        attr_accessor :marks
+        # The relative resource name of the SecurityMarks. See: https://cloud.google.com/
+        # apis/design/resource_names#relative_resource_name The following list shows
+        # some examples: + `organizations/`organization_id`/assets/`asset_id`/
+        # securityMarks` + `organizations/`organization_id`/sources/`source_id`/findings/
+        # `finding_id`/securityMarks` + `organizations/`organization_id`/sources/`
+        # source_id`/locations/`location`/findings/`finding_id`/securityMarks`
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @canonical_name = args[:canonical_name] if args.key?(:canonical_name)
+          @marks = args[:marks] if args.key?(:marks)
+          @name = args[:name] if args.key?(:name)
+        end
+      end
+      # Represents a posture that is deployed on Google Cloud by the Security Command
+      # Center Posture Management service. A posture contains one or more policy sets.
+      # A policy set is a group of policies that enforce a set of security rules on
+      # Google Cloud.
+      class GoogleCloudSecuritycenterV2SecurityPosture
+        include Google::Apis::Core::Hashable
+        # The name of the policy that has been updated, for example, `projects/`
+        # project_id`/policies/`constraint_name``.
+        # Corresponds to the JSON property `changedPolicy`
+        # @return [String]
+        attr_accessor :changed_policy
+        # Name of the posture, for example, `organizations/`org_id`/locations/`location`/
+        # postures/`posture_name``.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        # The name of the posture deployment, for example, `projects/`project_id`/
+        # posturedeployments/`posture_deployment_id``.
+        # Corresponds to the JSON property `postureDeployment`
+        # @return [String]
+        attr_accessor :posture_deployment
+        # The project, folder, or organization on which the posture is deployed, for
+        # example, `projects/`project_id``.
+        # Corresponds to the JSON property `postureDeploymentResource`
+        # @return [String]
+        attr_accessor :posture_deployment_resource
+        # The version of the posture, for example, `c7cfa2a8`.
+        # Corresponds to the JSON property `revisionId`
+        # @return [String]
+        attr_accessor :revision_id
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @changed_policy = args[:changed_policy] if args.key?(:changed_policy)
+          @name = args[:name] if args.key?(:name)
+          @posture_deployment = args[:posture_deployment] if args.key?(:posture_deployment)
+          @posture_deployment_resource = args[:posture_deployment_resource] if args.key?(:posture_deployment_resource)
+          @revision_id = args[:revision_id] if args.key?(:revision_id)
+        end
+      end
+      # Identity delegation history of an authenticated service account.
+      class GoogleCloudSecuritycenterV2ServiceAccountDelegationInfo
+        include Google::Apis::Core::Hashable
+        # The email address of a Google account.
+        # Corresponds to the JSON property `principalEmail`
+        # @return [String]
+        attr_accessor :principal_email
+        # A string representing the principal_subject associated with the identity. As
+        # compared to `principal_email`, supports principals that aren't associated with
+        # email addresses, such as third party principals. For most identities, the
+        # format will be `principal://iam.googleapis.com/`identity pool name`/subjects/`
+        # subject`` except for some GKE identities (GKE_WORKLOAD, FREEFORM,
+        # GKE_HUB_WORKLOAD) that are still in the legacy format `serviceAccount:`
+        # identity pool name`[`subject`]`
+        # Corresponds to the JSON property `principalSubject`
+        # @return [String]
+        attr_accessor :principal_subject
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @principal_email = args[:principal_email] if args.key?(:principal_email)
+          @principal_subject = args[:principal_subject] if args.key?(:principal_subject)
+        end
+      end
+      # Represents a Kubernetes subject.
+      class GoogleCloudSecuritycenterV2Subject
+        include Google::Apis::Core::Hashable
+        # Authentication type for the subject.
+        # Corresponds to the JSON property `kind`
+        # @return [String]
+        attr_accessor :kind
+        # Name for the subject.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        # Namespace for the subject.
+        # Corresponds to the JSON property `ns`
+        # @return [String]
+        attr_accessor :ns
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @kind = args[:kind] if args.key?(:kind)
+          @name = args[:name] if args.key?(:name)
+          @ns = args[:ns] if args.key?(:ns)
+        end
+      end
+      # Refers to common vulnerability fields e.g. cve, cvss, cwe etc.
+      class GoogleCloudSecuritycenterV2Vulnerability
+        include Google::Apis::Core::Hashable
+        # CVE stands for Common Vulnerabilities and Exposures. More information: https://
+        # cve.mitre.org
+        # Corresponds to the JSON property `cve`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Cve]
+        attr_accessor :cve
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @cve = args[:cve] if args.key?(:cve)
+        end
+      end
+      # A signature corresponding to a YARA rule.
+      class GoogleCloudSecuritycenterV2YaraRuleSignature
+        include Google::Apis::Core::Hashable
+        # The name of the YARA rule.
+        # Corresponds to the JSON property `yaraRule`
+        # @return [String]
+        attr_accessor :yara_rule
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @yara_rule = args[:yara_rule] if args.key?(:yara_rule)
+        end
+      end
+      # Represents a particular IAM binding, which captures a member's role addition,
+      # removal, or state.
+      class IamBinding
+        include Google::Apis::Core::Hashable
+        # The action that was performed on a Binding.
+        # Corresponds to the JSON property `action`
+        # @return [String]
+        attr_accessor :action
+        # A single identity requesting access for a Cloud Platform resource, for example,
+        # "foo@google.com".
+        # Corresponds to the JSON property `member`
+        # @return [String]
+        attr_accessor :member
+        # Role that is assigned to "members". For example, "roles/viewer", "roles/editor"
+        # , or "roles/owner".
+        # Corresponds to the JSON property `role`
+        # @return [String]
+        attr_accessor :role
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @action = args[:action] if args.key?(:action)
+          @member = args[:member] if args.key?(:member)
+          @role = args[:role] if args.key?(:role)
+        end
+      end
+      # Represents what's commonly known as an _indicator of compromise_ (IoC) in
+      # computer forensics. This is an artifact observed on a network or in an
+      # operating system that, with high confidence, indicates a computer intrusion.
+      # For more information, see [Indicator of compromise](https://en.wikipedia.org/
+      # wiki/Indicator_of_compromise).
+      class Indicator
+        include Google::Apis::Core::Hashable
+        # List of domains associated to the Finding.
+        # Corresponds to the JSON property `domains`
+        # @return [Array<String>]
+        attr_accessor :domains
+        # The list of IP addresses that are associated with the finding.
+        # Corresponds to the JSON property `ipAddresses`
+        # @return [Array<String>]
+        attr_accessor :ip_addresses
+        # The list of matched signatures indicating that the given process is present in
+        # the environment.
+        # Corresponds to the JSON property `signatures`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::ProcessSignature>]
+        attr_accessor :signatures
+        # The list of URIs associated to the Findings.
+        # Corresponds to the JSON property `uris`
+        # @return [Array<String>]
+        attr_accessor :uris
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @domains = args[:domains] if args.key?(:domains)
+          @ip_addresses = args[:ip_addresses] if args.key?(:ip_addresses)
+          @signatures = args[:signatures] if args.key?(:signatures)
+          @uris = args[:uris] if args.key?(:uris)
+        end
+      end
+      # Kernel mode rootkit signatures.
+      class KernelRootkit
+        include Google::Apis::Core::Hashable
+        # Rootkit name, when available.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        # True if unexpected modifications of kernel code memory are present.
+        # Corresponds to the JSON property `unexpectedCodeModification`
+        # @return [Boolean]
+        attr_accessor :unexpected_code_modification
+        alias_method :unexpected_code_modification?, :unexpected_code_modification
+        # True if `ftrace` points are present with callbacks pointing to regions that
+        # are not in the expected kernel or module code range.
+        # Corresponds to the JSON property `unexpectedFtraceHandler`
+        # @return [Boolean]
+        attr_accessor :unexpected_ftrace_handler
+        alias_method :unexpected_ftrace_handler?, :unexpected_ftrace_handler
         # True if interrupt handlers that are are not in the expected kernel or module
         # code regions are present.
@@ -2737,6 +5356,26 @@ module Google
         end
       end
+      # An individual entry in a log.
+      class LogEntry
+        include Google::Apis::Core::Hashable
+        # Metadata taken from a [Cloud Logging LogEntry](https://cloud.google.com/
+        # logging/docs/reference/v2/rest/v2/LogEntry)
+        # Corresponds to the JSON property `cloudLoggingEntry`
+        # @return [Google::Apis::SecuritycenterV1beta2::CloudLoggingEntry]
+        attr_accessor :cloud_logging_entry
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @cloud_logging_entry = args[:cloud_logging_entry] if args.key?(:cloud_logging_entry)
+        end
+      end
       # A signature corresponding to memory page hashes.
       class MemoryHashSignature
         include Google::Apis::Core::Hashable
@@ -2862,12 +5501,17 @@ module Google
       class Object
         include Google::Apis::Core::Hashable
+        # Pod containers associated with this finding, if any.
+        # Corresponds to the JSON property `containers`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::Container>]
+        attr_accessor :containers
         # Kubernetes object group, such as "policy.k8s.io/v1".
         # Corresponds to the JSON property `group`
         # @return [String]
         attr_accessor :group
-        # Kubernetes object kind, such as “Namespace”.
+        # Kubernetes object kind, such as "Namespace".
         # Corresponds to the JSON property `kind`
         # @return [String]
         attr_accessor :kind
@@ -2891,6 +5535,7 @@ module Google
         # Update properties of this object
         def update!(**args)
+          @containers = args[:containers] if args.key?(:containers)
           @group = args[:group] if args.key?(:group)
           @kind = args[:kind] if args.key?(:kind)
           @name = args[:name] if args.key?(:name)
@@ -2898,6 +5543,26 @@ module Google
         end
       end
+      # Contains information about the org policies associated with the finding.
+      class OrgPolicy
+        include Google::Apis::Core::Hashable
+        # The resource name of the org policy. Example: "organizations/`organization_id`/
+        # policies/`constraint_name`"
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @name = args[:name] if args.key?(:name)
+        end
+      end
       # A Kubernetes Pod.
       class Pod
         include Google::Apis::Core::Hashable
@@ -3138,7 +5803,7 @@ module Google
         end
       end
-      # Resource capturing the settings for Security Center.
+      # Resource capturing the settings for Security Center. Next ID: 12
       class SecurityCenterSettings
         include Google::Apis::Core::Hashable