RubyGems - google-apis-securitycenter_v1beta2 - Versions diffs - 0.58.0 → 0.60.0 - Mend

google-apis-securitycenter_v1beta2 0.58.0 → 0.60.0

Files changed (6) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +8 -0
data/lib/google/apis/securitycenter_v1beta2/classes.rb +324 -2622
data/lib/google/apis/securitycenter_v1beta2/gem_version.rb +2 -2
data/lib/google/apis/securitycenter_v1beta2/representations.rb +409 -1273
metadata +3 -3

data/lib/google/apis/securitycenter_v1beta2/classes.rb CHANGED Viewed

@@ -186,6 +186,35 @@ module Google
         end
       end
+      # Represents an application associated with a finding.
+      class Application
+        include Google::Apis::Core::Hashable
+        # The base URI that identifies the network location of the application in which
+        # the vulnerability was detected. Examples: http://11.22.33.44, http://foo.com,
+        # http://11.22.33.44:8080
+        # Corresponds to the JSON property `baseUri`
+        # @return [String]
+        attr_accessor :base_uri
+        # The full URI with payload that can be used to reproduce the vulnerability.
+        # Example: http://11.22.33.44/reflected/parameter/attribute/singlequoted/js?p=
+        # aMmYgI6H
+        # Corresponds to the JSON property `fullUri`
+        # @return [String]
+        attr_accessor :full_uri
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @base_uri = args[:base_uri] if args.key?(:base_uri)
+          @full_uri = args[:full_uri] if args.key?(:full_uri)
+        end
+      end
       # An attack exposure contains the results of an attack path simulation run.
       class AttackExposure
         include Google::Apis::Core::Hashable
@@ -249,6 +278,103 @@ module Google
         end
       end
+      # Information related to Google Cloud Backup and DR Service findings.
+      class BackupDisasterRecovery
+        include Google::Apis::Core::Hashable
+        # The name of the Backup and DR appliance that captures, moves, and manages the
+        # lifecycle of backup data. For example, “backup-server-57137”.
+        # Corresponds to the JSON property `appliance`
+        # @return [String]
+        attr_accessor :appliance
+        # The names of Backup and DR applications. An application is a VM, database, or
+        # file system on a managed host monitored by a backup and recovery appliance.
+        # For example, “centos7-01-vol00”, “centos7-01-vol01”, “centos7-01-vol02”.
+        # Corresponds to the JSON property `applications`
+        # @return [Array<String>]
+        attr_accessor :applications
+        # The timestamp at which the Backup and DR backup was created.
+        # Corresponds to the JSON property `backupCreateTime`
+        # @return [String]
+        attr_accessor :backup_create_time
+        # The name of a Backup and DR template which comprises one or more backup
+        # policies. See the [Backup and DR documentation](https://cloud.google.com/
+        # backup-disaster-recovery/docs/concepts/backup-plan#temp) for more information.
+        # For example, “snap-ov”.
+        # Corresponds to the JSON property `backupTemplate`
+        # @return [String]
+        attr_accessor :backup_template
+        # The backup type of the Backup and DR image. For example, “Snapshot”, “Remote
+        # Snapshot”, “OnVault”.
+        # Corresponds to the JSON property `backupType`
+        # @return [String]
+        attr_accessor :backup_type
+        # The name of a Backup and DR host, which is managed by the backup and recovery
+        # appliance and known to the management console. The host can be of type Generic
+        # (for example, Compute Engine, SQL Server, Oracle DB, SMB file system, etc.),
+        # vCenter, or an ESX server. See the [Backup and DR documentation on hosts](
+        # https://cloud.google.com/backup-disaster-recovery/docs/configuration/manage-
+        # hosts-and-their-applications) for more information. For example, “centos7-01”.
+        # Corresponds to the JSON property `host`
+        # @return [String]
+        attr_accessor :host
+        # The names of Backup and DR policies that are associated with a template and
+        # that define when to run a backup, how frequently to run a backup, and how long
+        # to retain the backup image. For example, “onvaults”.
+        # Corresponds to the JSON property `policies`
+        # @return [Array<String>]
+        attr_accessor :policies
+        # The names of Backup and DR advanced policy options of a policy applying to an
+        # application. See the [Backup and DR documentation on policy options](https://
+        # cloud.google.com/backup-disaster-recovery/docs/create-plan/policy-settings).
+        # For example, “skipofflineappsincongrp, nounmap”.
+        # Corresponds to the JSON property `policyOptions`
+        # @return [Array<String>]
+        attr_accessor :policy_options
+        # The name of the Backup and DR resource profile that specifies the storage
+        # media for backups of application and VM data. See the [Backup and DR
+        # documentation on profiles](https://cloud.google.com/backup-disaster-recovery/
+        # docs/concepts/backup-plan#profile). For example, “GCP”.
+        # Corresponds to the JSON property `profile`
+        # @return [String]
+        attr_accessor :profile
+        # The name of the Backup and DR storage pool that the backup and recovery
+        # appliance is storing data in. The storage pool could be of type Cloud, Primary,
+        # Snapshot, or OnVault. See the [Backup and DR documentation on storage pools](
+        # https://cloud.google.com/backup-disaster-recovery/docs/concepts/storage-pools).
+        # For example, “DiskPoolOne”.
+        # Corresponds to the JSON property `storagePool`
+        # @return [String]
+        attr_accessor :storage_pool
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @appliance = args[:appliance] if args.key?(:appliance)
+          @applications = args[:applications] if args.key?(:applications)
+          @backup_create_time = args[:backup_create_time] if args.key?(:backup_create_time)
+          @backup_template = args[:backup_template] if args.key?(:backup_template)
+          @backup_type = args[:backup_type] if args.key?(:backup_type)
+          @host = args[:host] if args.key?(:host)
+          @policies = args[:policies] if args.key?(:policies)
+          @policy_options = args[:policy_options] if args.key?(:policy_options)
+          @profile = args[:profile] if args.key?(:profile)
+          @storage_pool = args[:storage_pool] if args.key?(:storage_pool)
+        end
+      end
       # The [data profile](https://cloud.google.com/dlp/docs/data-profiles) associated
       # with the finding.
       class CloudDlpDataProfile
@@ -392,68 +518,6 @@ module Google
         end
       end
-      # Result containing the properties and count of a ComplianceSnapshot request.
-      class ComplianceSnapshot
-        include Google::Apis::Core::Hashable
-        # The category of Findings matching.
-        # Corresponds to the JSON property `category`
-        # @return [String]
-        attr_accessor :category
-        # The compliance standard (ie CIS).
-        # Corresponds to the JSON property `complianceStandard`
-        # @return [String]
-        attr_accessor :compliance_standard
-        # The compliance version (ie 1.3) in CIS 1.3.
-        # Corresponds to the JSON property `complianceVersion`
-        # @return [String]
-        attr_accessor :compliance_version
-        # Total count of findings for the given properties.
-        # Corresponds to the JSON property `count`
-        # @return [Fixnum]
-        attr_accessor :count
-        # The leaf container resource name that is closest to the snapshot.
-        # Corresponds to the JSON property `leafContainerResource`
-        # @return [String]
-        attr_accessor :leaf_container_resource
-        # The compliance snapshot name. Format: //sources//complianceSnapshots/
-        # Corresponds to the JSON property `name`
-        # @return [String]
-        attr_accessor :name
-        # The CRM resource display name that is closest to the snapshot the Findings
-        # belong to.
-        # Corresponds to the JSON property `projectDisplayName`
-        # @return [String]
-        attr_accessor :project_display_name
-        # The snapshot time of the snapshot.
-        # Corresponds to the JSON property `snapshotTime`
-        # @return [String]
-        attr_accessor :snapshot_time
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @category = args[:category] if args.key?(:category)
-          @compliance_standard = args[:compliance_standard] if args.key?(:compliance_standard)
-          @compliance_version = args[:compliance_version] if args.key?(:compliance_version)
-          @count = args[:count] if args.key?(:count)
-          @leaf_container_resource = args[:leaf_container_resource] if args.key?(:leaf_container_resource)
-          @name = args[:name] if args.key?(:name)
-          @project_display_name = args[:project_display_name] if args.key?(:project_display_name)
-          @snapshot_time = args[:snapshot_time] if args.key?(:snapshot_time)
-        end
-      end
       # Configuration of a module.
       class Config
         include Google::Apis::Core::Hashable
@@ -895,6 +959,33 @@ module Google
         end
       end
+      # Path of the file in terms of underlying disk/partition identifiers.
+      class DiskPath
+        include Google::Apis::Core::Hashable
+        # UUID of the partition (format https://wiki.archlinux.org/title/
+        # persistent_block_device_naming#by-uuid)
+        # Corresponds to the JSON property `partitionUuid`
+        # @return [String]
+        attr_accessor :partition_uuid
+        # Relative path of the file in the partition as a JSON encoded string. Example: /
+        # home/user1/executable_file.sh
+        # Corresponds to the JSON property `relativePath`
+        # @return [String]
+        attr_accessor :relative_path
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @partition_uuid = args[:partition_uuid] if args.key?(:partition_uuid)
+          @relative_path = args[:relative_path] if args.key?(:relative_path)
+        end
+      end
       # A name-value pair representing an environment variable used in an operating
       # system process.
       class EnvironmentVariable
@@ -1093,6 +1184,11 @@ module Google
         # @return [String]
         attr_accessor :contents
+        # Path of the file in terms of underlying disk/partition identifiers.
+        # Corresponds to the JSON property `diskPath`
+        # @return [Google::Apis::SecuritycenterV1beta2::DiskPath]
+        attr_accessor :disk_path
         # The length in bytes of the file prefix that was hashed. If hashed_size == size,
         # any hashes reported represent the entire file.
         # Corresponds to the JSON property `hashedSize`
@@ -1128,6 +1224,7 @@ module Google
         # Update properties of this object
         def update!(**args)
           @contents = args[:contents] if args.key?(:contents)
+          @disk_path = args[:disk_path] if args.key?(:disk_path)
           @hashed_size = args[:hashed_size] if args.key?(:hashed_size)
           @partially_hashed = args[:partially_hashed] if args.key?(:partially_hashed)
           @path = args[:path] if args.key?(:path)
@@ -1149,11 +1246,21 @@ module Google
         # @return [Google::Apis::SecuritycenterV1beta2::Access]
         attr_accessor :access
+        # Represents an application associated with a finding.
+        # Corresponds to the JSON property `application`
+        # @return [Google::Apis::SecuritycenterV1beta2::Application]
+        attr_accessor :application
         # An attack exposure contains the results of an attack path simulation run.
         # Corresponds to the JSON property `attackExposure`
         # @return [Google::Apis::SecuritycenterV1beta2::AttackExposure]
         attr_accessor :attack_exposure
+        # Information related to Google Cloud Backup and DR Service findings.
+        # Corresponds to the JSON property `backupDisasterRecovery`
+        # @return [Google::Apis::SecuritycenterV1beta2::BackupDisasterRecovery]
+        attr_accessor :backup_disaster_recovery
         # The canonical name of the finding. It's either "organizations/`organization_id`
         # /sources/`source_id`/findings/`finding_id`", "folders/`folder_id`/sources/`
         # source_id`/findings/`finding_id`" or "projects/`project_number`/sources/`
@@ -1430,7 +1537,9 @@ module Google
         # Update properties of this object
         def update!(**args)
           @access = args[:access] if args.key?(:access)
+          @application = args[:application] if args.key?(:application)
           @attack_exposure = args[:attack_exposure] if args.key?(:attack_exposure)
+          @backup_disaster_recovery = args[:backup_disaster_recovery] if args.key?(:backup_disaster_recovery)
           @canonical_name = args[:canonical_name] if args.key?(:canonical_name)
           @category = args[:category] if args.key?(:category)
           @cloud_dlp_data_profile = args[:cloud_dlp_data_profile] if args.key?(:cloud_dlp_data_profile)
@@ -2586,89 +2695,68 @@ module Google
         end
       end
-      # Represents an access event.
-      class GoogleCloudSecuritycenterV2Access
+      # Represents a particular IAM binding, which captures a member's role addition,
+      # removal, or state.
+      class IamBinding
         include Google::Apis::Core::Hashable
-        # Caller's IP address, such as "1.1.1.1".
-        # Corresponds to the JSON property `callerIp`
+        # The action that was performed on a Binding.
+        # Corresponds to the JSON property `action`
         # @return [String]
-        attr_accessor :caller_ip
-        # Represents a geographical location for a given access.
-        # Corresponds to the JSON property `callerIpGeo`
-        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Geolocation]
-        attr_accessor :caller_ip_geo
+        attr_accessor :action
-        # The method that the service account called, e.g. "SetIamPolicy".
-        # Corresponds to the JSON property `methodName`
+        # A single identity requesting access for a Cloud Platform resource, for example,
+        # "foo@google.com".
+        # Corresponds to the JSON property `member`
         # @return [String]
-        attr_accessor :method_name
+        attr_accessor :member
-        # Associated email, such as "foo@google.com". The email address of the
-        # authenticated user or a service account acting on behalf of a third party
-        # principal making the request. For third party identity callers, the `
-        # principal_subject` field is populated instead of this field. For privacy
-        # reasons, the principal email address is sometimes redacted. For more
-        # information, see [Caller identities in audit logs](https://cloud.google.com/
-        # logging/docs/audit#user-id).
-        # Corresponds to the JSON property `principalEmail`
+        # Role that is assigned to "members". For example, "roles/viewer", "roles/editor"
+        # , or "roles/owner".
+        # Corresponds to the JSON property `role`
         # @return [String]
-        attr_accessor :principal_email
+        attr_accessor :role
-        # A string that represents the principal_subject that is associated with the
-        # identity. Unlike `principal_email`, `principal_subject` supports principals
-        # that aren't associated with email addresses, such as third party principals.
-        # For most identities, the format is `principal://iam.googleapis.com/`identity
-        # pool name`/subject/`subject``. Some GKE identities, such as GKE_WORKLOAD,
-        # FREEFORM, and GKE_HUB_WORKLOAD, still use the legacy format `serviceAccount:`
-        # identity pool name`[`subject`]`.
-        # Corresponds to the JSON property `principalSubject`
-        # @return [String]
-        attr_accessor :principal_subject
+        def initialize(**args)
+           update!(**args)
+        end
-        # The identity delegation history of an authenticated service account that made
-        # the request. The `serviceAccountDelegationInfo[]` object contains information
-        # about the real authorities that try to access Google Cloud resources by
-        # delegating on a service account. When multiple authorities are present, they
-        # are guaranteed to be sorted based on the original ordering of the identity
-        # delegation events.
-        # Corresponds to the JSON property `serviceAccountDelegationInfo`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2ServiceAccountDelegationInfo>]
-        attr_accessor :service_account_delegation_info
+        # Update properties of this object
+        def update!(**args)
+          @action = args[:action] if args.key?(:action)
+          @member = args[:member] if args.key?(:member)
+          @role = args[:role] if args.key?(:role)
+        end
+      end
-        # The name of the service account key that was used to create or exchange
-        # credentials when authenticating the service account that made the request.
-        # This is a scheme-less URI full resource name. For example: "//iam.googleapis.
-        # com/projects/`PROJECT_ID`/serviceAccounts/`ACCOUNT`/keys/`key`".
-        # Corresponds to the JSON property `serviceAccountKeyName`
-        # @return [String]
-        attr_accessor :service_account_key_name
+      # Represents what's commonly known as an _indicator of compromise_ (IoC) in
+      # computer forensics. This is an artifact observed on a network or in an
+      # operating system that, with high confidence, indicates a computer intrusion.
+      # For more information, see [Indicator of compromise](https://en.wikipedia.org/
+      # wiki/Indicator_of_compromise).
+      class Indicator
+        include Google::Apis::Core::Hashable
-        # This is the API service that the service account made a call to, e.g. "iam.
-        # googleapis.com"
-        # Corresponds to the JSON property `serviceName`
-        # @return [String]
-        attr_accessor :service_name
+        # List of domains associated to the Finding.
+        # Corresponds to the JSON property `domains`
+        # @return [Array<String>]
+        attr_accessor :domains
-        # The caller's user agent string associated with the finding.
-        # Corresponds to the JSON property `userAgent`
-        # @return [String]
-        attr_accessor :user_agent
+        # The list of IP addresses that are associated with the finding.
+        # Corresponds to the JSON property `ipAddresses`
+        # @return [Array<String>]
+        attr_accessor :ip_addresses
-        # Type of user agent associated with the finding. For example, an operating
-        # system shell or an embedded or standalone application.
-        # Corresponds to the JSON property `userAgentFamily`
-        # @return [String]
-        attr_accessor :user_agent_family
+        # The list of matched signatures indicating that the given process is present in
+        # the environment.
+        # Corresponds to the JSON property `signatures`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::ProcessSignature>]
+        attr_accessor :signatures
-        # A string that represents a username. The username provided depends on the type
-        # of the finding and is likely not an IAM principal. For example, this can be a
-        # system username if the finding is related to a virtual machine, or it can be
-        # an application login username.
-        # Corresponds to the JSON property `userName`
-        # @return [String]
-        attr_accessor :user_name
+        # The list of URIs associated to the Findings.
+        # Corresponds to the JSON property `uris`
+        # @return [Array<String>]
+        attr_accessor :uris
         def initialize(**args)
            update!(**args)
@@ -2676,2506 +2764,27 @@ module Google
         # Update properties of this object
         def update!(**args)
-          @caller_ip = args[:caller_ip] if args.key?(:caller_ip)
-          @caller_ip_geo = args[:caller_ip_geo] if args.key?(:caller_ip_geo)
-          @method_name = args[:method_name] if args.key?(:method_name)
-          @principal_email = args[:principal_email] if args.key?(:principal_email)
-          @principal_subject = args[:principal_subject] if args.key?(:principal_subject)
-          @service_account_delegation_info = args[:service_account_delegation_info] if args.key?(:service_account_delegation_info)
-          @service_account_key_name = args[:service_account_key_name] if args.key?(:service_account_key_name)
-          @service_name = args[:service_name] if args.key?(:service_name)
-          @user_agent = args[:user_agent] if args.key?(:user_agent)
-          @user_agent_family = args[:user_agent_family] if args.key?(:user_agent_family)
-          @user_name = args[:user_name] if args.key?(:user_name)
+          @domains = args[:domains] if args.key?(:domains)
+          @ip_addresses = args[:ip_addresses] if args.key?(:ip_addresses)
+          @signatures = args[:signatures] if args.key?(:signatures)
+          @uris = args[:uris] if args.key?(:uris)
         end
       end
-      # Conveys information about a Kubernetes access review (such as one returned by
-      # a [`kubectl auth can-i`](https://kubernetes.io/docs/reference/access-authn-
-      # authz/authorization/#checking-api-access) command) that was involved in a
-      # finding.
-      class GoogleCloudSecuritycenterV2AccessReview
+      # Kernel mode rootkit signatures.
+      class KernelRootkit
         include Google::Apis::Core::Hashable
-        # The API group of the resource. "*" means all.
-        # Corresponds to the JSON property `group`
-        # @return [String]
-        attr_accessor :group
-        # The name of the resource being requested. Empty means all.
+        # Rootkit name, when available.
         # Corresponds to the JSON property `name`
         # @return [String]
         attr_accessor :name
-        # Namespace of the action being requested. Currently, there is no distinction
-        # between no namespace and all namespaces. Both are represented by "" (empty).
-        # Corresponds to the JSON property `ns`
-        # @return [String]
-        attr_accessor :ns
-        # The optional resource type requested. "*" means all.
-        # Corresponds to the JSON property `resource`
-        # @return [String]
-        attr_accessor :resource
-        # The optional subresource type.
-        # Corresponds to the JSON property `subresource`
-        # @return [String]
-        attr_accessor :subresource
-        # A Kubernetes resource API verb, like get, list, watch, create, update, delete,
-        # proxy. "*" means all.
-        # Corresponds to the JSON property `verb`
-        # @return [String]
-        attr_accessor :verb
-        # The API version of the resource. "*" means all.
-        # Corresponds to the JSON property `version`
-        # @return [String]
-        attr_accessor :version
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @group = args[:group] if args.key?(:group)
-          @name = args[:name] if args.key?(:name)
-          @ns = args[:ns] if args.key?(:ns)
-          @resource = args[:resource] if args.key?(:resource)
-          @subresource = args[:subresource] if args.key?(:subresource)
-          @verb = args[:verb] if args.key?(:verb)
-          @version = args[:version] if args.key?(:version)
-        end
-      end
-      # An attack exposure contains the results of an attack path simulation run.
-      class GoogleCloudSecuritycenterV2AttackExposure
-        include Google::Apis::Core::Hashable
-        # The resource name of the attack path simulation result that contains the
-        # details regarding this attack exposure score. Example: organizations/123/
-        # attackExposureResults/456
-        # Corresponds to the JSON property `attackExposureResult`
-        # @return [String]
-        attr_accessor :attack_exposure_result
-        # The number of high value resources that are exposed as a result of this
-        # finding.
-        # Corresponds to the JSON property `exposedHighValueResourcesCount`
-        # @return [Fixnum]
-        attr_accessor :exposed_high_value_resources_count
-        # The number of high value resources that are exposed as a result of this
-        # finding.
-        # Corresponds to the JSON property `exposedLowValueResourcesCount`
-        # @return [Fixnum]
-        attr_accessor :exposed_low_value_resources_count
-        # The number of medium value resources that are exposed as a result of this
-        # finding.
-        # Corresponds to the JSON property `exposedMediumValueResourcesCount`
-        # @return [Fixnum]
-        attr_accessor :exposed_medium_value_resources_count
-        # The most recent time the attack exposure was updated on this finding.
-        # Corresponds to the JSON property `latestCalculationTime`
-        # @return [String]
-        attr_accessor :latest_calculation_time
-        # A number between 0 (inclusive) and infinity that represents how important this
-        # finding is to remediate. The higher the score, the more important it is to
-        # remediate.
-        # Corresponds to the JSON property `score`
-        # @return [Float]
-        attr_accessor :score
-        # Output only. What state this AttackExposure is in. This captures whether or
-        # not an attack exposure has been calculated or not.
-        # Corresponds to the JSON property `state`
-        # @return [String]
-        attr_accessor :state
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @attack_exposure_result = args[:attack_exposure_result] if args.key?(:attack_exposure_result)
-          @exposed_high_value_resources_count = args[:exposed_high_value_resources_count] if args.key?(:exposed_high_value_resources_count)
-          @exposed_low_value_resources_count = args[:exposed_low_value_resources_count] if args.key?(:exposed_low_value_resources_count)
-          @exposed_medium_value_resources_count = args[:exposed_medium_value_resources_count] if args.key?(:exposed_medium_value_resources_count)
-          @latest_calculation_time = args[:latest_calculation_time] if args.key?(:latest_calculation_time)
-          @score = args[:score] if args.key?(:score)
-          @state = args[:state] if args.key?(:state)
-        end
-      end
-      # Configures how to deliver Findings to BigQuery Instance.
-      class GoogleCloudSecuritycenterV2BigQueryExport
-        include Google::Apis::Core::Hashable
-        # Output only. The time at which the BigQuery export was created. This field is
-        # set by the server and will be ignored if provided on export on creation.
-        # Corresponds to the JSON property `createTime`
-        # @return [String]
-        attr_accessor :create_time
-        # The dataset to write findings' updates to. Its format is "projects/[project_id]
-        # /datasets/[bigquery_dataset_id]". BigQuery Dataset unique ID must contain only
-        # letters (a-z, A-Z), numbers (0-9), or underscores (_).
-        # Corresponds to the JSON property `dataset`
-        # @return [String]
-        attr_accessor :dataset
-        # The description of the export (max of 1024 characters).
-        # Corresponds to the JSON property `description`
-        # @return [String]
-        attr_accessor :description
-        # Expression that defines the filter to apply across create/update events of
-        # findings. The expression is a list of zero or more restrictions combined via
-        # logical operators `AND` and `OR`. Parentheses are supported, and `OR` has
-        # higher precedence than `AND`. Restrictions have the form ` ` and may have a `-`
-        # character in front of them to indicate negation. The fields map to those
-        # defined in the corresponding resource. The supported operators are: * `=` for
-        # all value types. * `>`, `<`, `>=`, `<=` for integer values. * `:`, meaning
-        # substring matching, for strings. The supported value types are: * string
-        # literals in quotes. * integer literals without quotes. * boolean literals `
-        # true` and `false` without quotes.
-        # Corresponds to the JSON property `filter`
-        # @return [String]
-        attr_accessor :filter
-        # Output only. Email address of the user who last edited the BigQuery export.
-        # This field is set by the server and will be ignored if provided on export
-        # creation or update.
-        # Corresponds to the JSON property `mostRecentEditor`
-        # @return [String]
-        attr_accessor :most_recent_editor
-        # The relative resource name of this export. See: https://cloud.google.com/apis/
-        # design/resource_names#relative_resource_name. The following list shows some
-        # examples: + `organizations/`organization_id`/locations/`location_id`/
-        # bigQueryExports/`export_id`` + `folders/`folder_id`/locations/`location_id`/
-        # bigQueryExports/`export_id`` + `projects/`project_id`/locations/`location_id`/
-        # bigQueryExports/`export_id`` This field is provided in responses, and is
-        # ignored when provided in create requests.
-        # Corresponds to the JSON property `name`
-        # @return [String]
-        attr_accessor :name
-        # Output only. The service account that needs permission to create table and
-        # upload data to the BigQuery dataset.
-        # Corresponds to the JSON property `principal`
-        # @return [String]
-        attr_accessor :principal
-        # Output only. The most recent time at which the BigQuery export was updated.
-        # This field is set by the server and will be ignored if provided on export
-        # creation or update.
-        # Corresponds to the JSON property `updateTime`
-        # @return [String]
-        attr_accessor :update_time
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @create_time = args[:create_time] if args.key?(:create_time)
-          @dataset = args[:dataset] if args.key?(:dataset)
-          @description = args[:description] if args.key?(:description)
-          @filter = args[:filter] if args.key?(:filter)
-          @most_recent_editor = args[:most_recent_editor] if args.key?(:most_recent_editor)
-          @name = args[:name] if args.key?(:name)
-          @principal = args[:principal] if args.key?(:principal)
-          @update_time = args[:update_time] if args.key?(:update_time)
-        end
-      end
-      # Represents a Kubernetes RoleBinding or ClusterRoleBinding.
-      class GoogleCloudSecuritycenterV2Binding
-        include Google::Apis::Core::Hashable
-        # Name for the binding.
-        # Corresponds to the JSON property `name`
-        # @return [String]
-        attr_accessor :name
-        # Namespace for the binding.
-        # Corresponds to the JSON property `ns`
-        # @return [String]
-        attr_accessor :ns
-        # Kubernetes Role or ClusterRole.
-        # Corresponds to the JSON property `role`
-        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Role]
-        attr_accessor :role
-        # Represents one or more subjects that are bound to the role. Not always
-        # available for PATCH requests.
-        # Corresponds to the JSON property `subjects`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Subject>]
-        attr_accessor :subjects
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @name = args[:name] if args.key?(:name)
-          @ns = args[:ns] if args.key?(:ns)
-          @role = args[:role] if args.key?(:role)
-          @subjects = args[:subjects] if args.key?(:subjects)
-        end
-      end
-      # The response to a BulkMute request. Contains the LRO information.
-      class GoogleCloudSecuritycenterV2BulkMuteFindingsResponse
-        include Google::Apis::Core::Hashable
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-        end
-      end
-      # The [data profile](https://cloud.google.com/dlp/docs/data-profiles) associated
-      # with the finding.
-      class GoogleCloudSecuritycenterV2CloudDlpDataProfile
-        include Google::Apis::Core::Hashable
-        # Name of the data profile, for example, `projects/123/locations/europe/
-        # tableProfiles/8383929`.
-        # Corresponds to the JSON property `dataProfile`
-        # @return [String]
-        attr_accessor :data_profile
-        # The resource hierarchy level at which the data profile was generated.
-        # Corresponds to the JSON property `parentType`
-        # @return [String]
-        attr_accessor :parent_type
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @data_profile = args[:data_profile] if args.key?(:data_profile)
-          @parent_type = args[:parent_type] if args.key?(:parent_type)
-        end
-      end
-      # Details about the Cloud Data Loss Prevention (Cloud DLP) [inspection job](
-      # https://cloud.google.com/dlp/docs/concepts-job-triggers) that produced the
-      # finding.
-      class GoogleCloudSecuritycenterV2CloudDlpInspection
-        include Google::Apis::Core::Hashable
-        # Whether Cloud DLP scanned the complete resource or a sampled subset.
-        # Corresponds to the JSON property `fullScan`
-        # @return [Boolean]
-        attr_accessor :full_scan
-        alias_method :full_scan?, :full_scan
-        # The type of information (or *[infoType](https://cloud.google.com/dlp/docs/
-        # infotypes-reference)*) found, for example, `EMAIL_ADDRESS` or `STREET_ADDRESS`.
-        # Corresponds to the JSON property `infoType`
-        # @return [String]
-        attr_accessor :info_type
-        # The number of times Cloud DLP found this infoType within this job and resource.
-        # Corresponds to the JSON property `infoTypeCount`
-        # @return [Fixnum]
-        attr_accessor :info_type_count
-        # Name of the inspection job, for example, `projects/123/locations/europe/
-        # dlpJobs/i-8383929`.
-        # Corresponds to the JSON property `inspectJob`
-        # @return [String]
-        attr_accessor :inspect_job
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @full_scan = args[:full_scan] if args.key?(:full_scan)
-          @info_type = args[:info_type] if args.key?(:info_type)
-          @info_type_count = args[:info_type_count] if args.key?(:info_type_count)
-          @inspect_job = args[:inspect_job] if args.key?(:inspect_job)
-        end
-      end
-      # Metadata taken from a [Cloud Logging LogEntry](https://cloud.google.com/
-      # logging/docs/reference/v2/rest/v2/LogEntry)
-      class GoogleCloudSecuritycenterV2CloudLoggingEntry
-        include Google::Apis::Core::Hashable
-        # A unique identifier for the log entry.
-        # Corresponds to the JSON property `insertId`
-        # @return [String]
-        attr_accessor :insert_id
-        # The type of the log (part of `log_name`. `log_name` is the resource name of
-        # the log to which this log entry belongs). For example: `cloudresourcemanager.
-        # googleapis.com/activity` Note that this field is not URL-encoded, unlike in `
-        # LogEntry`.
-        # Corresponds to the JSON property `logId`
-        # @return [String]
-        attr_accessor :log_id
-        # The organization, folder, or project of the monitored resource that produced
-        # this log entry.
-        # Corresponds to the JSON property `resourceContainer`
-        # @return [String]
-        attr_accessor :resource_container
-        # The time the event described by the log entry occurred.
-        # Corresponds to the JSON property `timestamp`
-        # @return [String]
-        attr_accessor :timestamp
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @insert_id = args[:insert_id] if args.key?(:insert_id)
-          @log_id = args[:log_id] if args.key?(:log_id)
-          @resource_container = args[:resource_container] if args.key?(:resource_container)
-          @timestamp = args[:timestamp] if args.key?(:timestamp)
-        end
-      end
-      # Contains compliance information about a security standard indicating unmet
-      # recommendations.
-      class GoogleCloudSecuritycenterV2Compliance
-        include Google::Apis::Core::Hashable
-        # Policies within the standard or benchmark, for example, A.12.4.1
-        # Corresponds to the JSON property `ids`
-        # @return [Array<String>]
-        attr_accessor :ids
-        # Industry-wide compliance standards or benchmarks, such as CIS, PCI, and OWASP.
-        # Corresponds to the JSON property `standard`
-        # @return [String]
-        attr_accessor :standard
-        # Version of the standard or benchmark, for example, 1.1
-        # Corresponds to the JSON property `version`
-        # @return [String]
-        attr_accessor :version
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @ids = args[:ids] if args.key?(:ids)
-          @standard = args[:standard] if args.key?(:standard)
-          @version = args[:version] if args.key?(:version)
-        end
-      end
-      # Contains information about the IP connection associated with the finding.
-      class GoogleCloudSecuritycenterV2Connection
-        include Google::Apis::Core::Hashable
-        # Destination IP address. Not present for sockets that are listening and not
-        # connected.
-        # Corresponds to the JSON property `destinationIp`
-        # @return [String]
-        attr_accessor :destination_ip
-        # Destination port. Not present for sockets that are listening and not connected.
-        # Corresponds to the JSON property `destinationPort`
-        # @return [Fixnum]
-        attr_accessor :destination_port
-        # IANA Internet Protocol Number such as TCP(6) and UDP(17).
-        # Corresponds to the JSON property `protocol`
-        # @return [String]
-        attr_accessor :protocol
-        # Source IP address.
-        # Corresponds to the JSON property `sourceIp`
-        # @return [String]
-        attr_accessor :source_ip
-        # Source port.
-        # Corresponds to the JSON property `sourcePort`
-        # @return [Fixnum]
-        attr_accessor :source_port
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @destination_ip = args[:destination_ip] if args.key?(:destination_ip)
-          @destination_port = args[:destination_port] if args.key?(:destination_port)
-          @protocol = args[:protocol] if args.key?(:protocol)
-          @source_ip = args[:source_ip] if args.key?(:source_ip)
-          @source_port = args[:source_port] if args.key?(:source_port)
-        end
-      end
-      # The email address of a contact.
-      class GoogleCloudSecuritycenterV2Contact
-        include Google::Apis::Core::Hashable
-        # An email address. For example, "`person123@company.com`".
-        # Corresponds to the JSON property `email`
-        # @return [String]
-        attr_accessor :email
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @email = args[:email] if args.key?(:email)
-        end
-      end
-      # Details about specific contacts
-      class GoogleCloudSecuritycenterV2ContactDetails
-        include Google::Apis::Core::Hashable
-        # A list of contacts
-        # Corresponds to the JSON property `contacts`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Contact>]
-        attr_accessor :contacts
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @contacts = args[:contacts] if args.key?(:contacts)
-        end
-      end
-      # Container associated with the finding.
-      class GoogleCloudSecuritycenterV2Container
-        include Google::Apis::Core::Hashable
-        # The time that the container was created.
-        # Corresponds to the JSON property `createTime`
-        # @return [String]
-        attr_accessor :create_time
-        # Optional container image ID, if provided by the container runtime. Uniquely
-        # identifies the container image launched using a container image digest.
-        # Corresponds to the JSON property `imageId`
-        # @return [String]
-        attr_accessor :image_id
-        # Container labels, as provided by the container runtime.
-        # Corresponds to the JSON property `labels`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Label>]
-        attr_accessor :labels
-        # Name of the container.
-        # Corresponds to the JSON property `name`
-        # @return [String]
-        attr_accessor :name
-        # Container image URI provided when configuring a pod or container. This string
-        # can identify a container image version using mutable tags.
-        # Corresponds to the JSON property `uri`
-        # @return [String]
-        attr_accessor :uri
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @create_time = args[:create_time] if args.key?(:create_time)
-          @image_id = args[:image_id] if args.key?(:image_id)
-          @labels = args[:labels] if args.key?(:labels)
-          @name = args[:name] if args.key?(:name)
-          @uri = args[:uri] if args.key?(:uri)
-        end
-      end
-      # CVE stands for Common Vulnerabilities and Exposures. More information: https://
-      # cve.mitre.org
-      class GoogleCloudSecuritycenterV2Cve
-        include Google::Apis::Core::Hashable
-        # Common Vulnerability Scoring System version 3.
-        # Corresponds to the JSON property `cvssv3`
-        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Cvssv3]
-        attr_accessor :cvssv3
-        # The unique identifier for the vulnerability. e.g. CVE-2021-34527
-        # Corresponds to the JSON property `id`
-        # @return [String]
-        attr_accessor :id
-        # Additional information about the CVE. e.g. https://cve.mitre.org/cgi-bin/
-        # cvename.cgi?name=CVE-2021-34527
-        # Corresponds to the JSON property `references`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Reference>]
-        attr_accessor :references
-        # Whether upstream fix is available for the CVE.
-        # Corresponds to the JSON property `upstreamFixAvailable`
-        # @return [Boolean]
-        attr_accessor :upstream_fix_available
-        alias_method :upstream_fix_available?, :upstream_fix_available
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @cvssv3 = args[:cvssv3] if args.key?(:cvssv3)
-          @id = args[:id] if args.key?(:id)
-          @references = args[:references] if args.key?(:references)
-          @upstream_fix_available = args[:upstream_fix_available] if args.key?(:upstream_fix_available)
-        end
-      end
-      # Common Vulnerability Scoring System version 3.
-      class GoogleCloudSecuritycenterV2Cvssv3
-        include Google::Apis::Core::Hashable
-        # This metric describes the conditions beyond the attacker's control that must
-        # exist in order to exploit the vulnerability.
-        # Corresponds to the JSON property `attackComplexity`
-        # @return [String]
-        attr_accessor :attack_complexity
-        # Base Metrics Represents the intrinsic characteristics of a vulnerability that
-        # are constant over time and across user environments. This metric reflects the
-        # context by which vulnerability exploitation is possible.
-        # Corresponds to the JSON property `attackVector`
-        # @return [String]
-        attr_accessor :attack_vector
-        # This metric measures the impact to the availability of the impacted component
-        # resulting from a successfully exploited vulnerability.
-        # Corresponds to the JSON property `availabilityImpact`
-        # @return [String]
-        attr_accessor :availability_impact
-        # The base score is a function of the base metric scores.
-        # Corresponds to the JSON property `baseScore`
-        # @return [Float]
-        attr_accessor :base_score
-        # This metric measures the impact to the confidentiality of the information
-        # resources managed by a software component due to a successfully exploited
-        # vulnerability.
-        # Corresponds to the JSON property `confidentialityImpact`
-        # @return [String]
-        attr_accessor :confidentiality_impact
-        # This metric measures the impact to integrity of a successfully exploited
-        # vulnerability.
-        # Corresponds to the JSON property `integrityImpact`
-        # @return [String]
-        attr_accessor :integrity_impact
-        # This metric describes the level of privileges an attacker must possess before
-        # successfully exploiting the vulnerability.
-        # Corresponds to the JSON property `privilegesRequired`
-        # @return [String]
-        attr_accessor :privileges_required
-        # The Scope metric captures whether a vulnerability in one vulnerable component
-        # impacts resources in components beyond its security scope.
-        # Corresponds to the JSON property `scope`
-        # @return [String]
-        attr_accessor :scope
-        # This metric captures the requirement for a human user, other than the attacker,
-        # to participate in the successful compromise of the vulnerable component.
-        # Corresponds to the JSON property `userInteraction`
-        # @return [String]
-        attr_accessor :user_interaction
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @attack_complexity = args[:attack_complexity] if args.key?(:attack_complexity)
-          @attack_vector = args[:attack_vector] if args.key?(:attack_vector)
-          @availability_impact = args[:availability_impact] if args.key?(:availability_impact)
-          @base_score = args[:base_score] if args.key?(:base_score)
-          @confidentiality_impact = args[:confidentiality_impact] if args.key?(:confidentiality_impact)
-          @integrity_impact = args[:integrity_impact] if args.key?(:integrity_impact)
-          @privileges_required = args[:privileges_required] if args.key?(:privileges_required)
-          @scope = args[:scope] if args.key?(:scope)
-          @user_interaction = args[:user_interaction] if args.key?(:user_interaction)
-        end
-      end
-      # Represents database access information, such as queries. A database may be a
-      # sub-resource of an instance (as in the case of Cloud SQL instances or Cloud
-      # Spanner instances), or the database instance itself. Some database resources
-      # might not have the [full resource name](https://google.aip.dev/122#full-
-      # resource-names) populated because these resource types, such as Cloud SQL
-      # databases, are not yet supported by Cloud Asset Inventory. In these cases only
-      # the display name is provided.
-      class GoogleCloudSecuritycenterV2Database
-        include Google::Apis::Core::Hashable
-        # The human-readable name of the database that the user connected to.
-        # Corresponds to the JSON property `displayName`
-        # @return [String]
-        attr_accessor :display_name
-        # The target usernames, roles, or groups of an SQL privilege grant, which is not
-        # an IAM policy change.
-        # Corresponds to the JSON property `grantees`
-        # @return [Array<String>]
-        attr_accessor :grantees
-        # Some database resources may not have the [full resource name](https://google.
-        # aip.dev/122#full-resource-names) populated because these resource types are
-        # not yet supported by Cloud Asset Inventory (e.g. Cloud SQL databases). In
-        # these cases only the display name will be provided. The [full resource name](
-        # https://google.aip.dev/122#full-resource-names) of the database that the user
-        # connected to, if it is supported by Cloud Asset Inventory.
-        # Corresponds to the JSON property `name`
-        # @return [String]
-        attr_accessor :name
-        # The SQL statement that is associated with the database access.
-        # Corresponds to the JSON property `query`
-        # @return [String]
-        attr_accessor :query
-        # The username used to connect to the database. The username might not be an IAM
-        # principal and does not have a set format.
-        # Corresponds to the JSON property `userName`
-        # @return [String]
-        attr_accessor :user_name
-        # The version of the database, for example, POSTGRES_14. See [the complete list](
-        # https://cloud.google.com/sql/docs/mysql/admin-api/rest/v1/SqlDatabaseVersion).
-        # Corresponds to the JSON property `version`
-        # @return [String]
-        attr_accessor :version
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @display_name = args[:display_name] if args.key?(:display_name)
-          @grantees = args[:grantees] if args.key?(:grantees)
-          @name = args[:name] if args.key?(:name)
-          @query = args[:query] if args.key?(:query)
-          @user_name = args[:user_name] if args.key?(:user_name)
-          @version = args[:version] if args.key?(:version)
-        end
-      end
-      # Memory hash detection contributing to the binary family match.
-      class GoogleCloudSecuritycenterV2Detection
-        include Google::Apis::Core::Hashable
-        # The name of the binary associated with the memory hash signature detection.
-        # Corresponds to the JSON property `binary`
-        # @return [String]
-        attr_accessor :binary
-        # The percentage of memory page hashes in the signature that were matched.
-        # Corresponds to the JSON property `percentPagesMatched`
-        # @return [Float]
-        attr_accessor :percent_pages_matched
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @binary = args[:binary] if args.key?(:binary)
-          @percent_pages_matched = args[:percent_pages_matched] if args.key?(:percent_pages_matched)
-        end
-      end
-      # A name-value pair representing an environment variable used in an operating
-      # system process.
-      class GoogleCloudSecuritycenterV2EnvironmentVariable
-        include Google::Apis::Core::Hashable
-        # Environment variable name as a JSON encoded string.
-        # Corresponds to the JSON property `name`
-        # @return [String]
-        attr_accessor :name
-        # Environment variable value as a JSON encoded string.
-        # Corresponds to the JSON property `val`
-        # @return [String]
-        attr_accessor :val
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @name = args[:name] if args.key?(:name)
-          @val = args[:val] if args.key?(:val)
-        end
-      end
-      # Resource where data was exfiltrated from or exfiltrated to.
-      class GoogleCloudSecuritycenterV2ExfilResource
-        include Google::Apis::Core::Hashable
-        # Subcomponents of the asset that was exfiltrated, like URIs used during
-        # exfiltration, table names, databases, and filenames. For example, multiple
-        # tables might have been exfiltrated from the same Cloud SQL instance, or
-        # multiple files might have been exfiltrated from the same Cloud Storage bucket.
-        # Corresponds to the JSON property `components`
-        # @return [Array<String>]
-        attr_accessor :components
-        # The resource's [full resource name](https://cloud.google.com/apis/design/
-        # resource_names#full_resource_name).
-        # Corresponds to the JSON property `name`
-        # @return [String]
-        attr_accessor :name
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @components = args[:components] if args.key?(:components)
-          @name = args[:name] if args.key?(:name)
-        end
-      end
-      # Exfiltration represents a data exfiltration attempt from one or more sources
-      # to one or more targets. The `sources` attribute lists the sources of the
-      # exfiltrated data. The `targets` attribute lists the destinations the data was
-      # copied to.
-      class GoogleCloudSecuritycenterV2Exfiltration
-        include Google::Apis::Core::Hashable
-        # If there are multiple sources, then the data is considered "joined" between
-        # them. For instance, BigQuery can join multiple tables, and each table would be
-        # considered a source.
-        # Corresponds to the JSON property `sources`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2ExfilResource>]
-        attr_accessor :sources
-        # If there are multiple targets, each target would get a complete copy of the "
-        # joined" source data.
-        # Corresponds to the JSON property `targets`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2ExfilResource>]
-        attr_accessor :targets
-        # Total exfiltrated bytes processed for the entire job.
-        # Corresponds to the JSON property `totalExfiltratedBytes`
-        # @return [Fixnum]
-        attr_accessor :total_exfiltrated_bytes
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @sources = args[:sources] if args.key?(:sources)
-          @targets = args[:targets] if args.key?(:targets)
-          @total_exfiltrated_bytes = args[:total_exfiltrated_bytes] if args.key?(:total_exfiltrated_bytes)
-        end
-      end
-      # Representation of third party SIEM/SOAR fields within SCC.
-      class GoogleCloudSecuritycenterV2ExternalSystem
-        include Google::Apis::Core::Hashable
-        # References primary/secondary etc assignees in the external system.
-        # Corresponds to the JSON property `assignees`
-        # @return [Array<String>]
-        attr_accessor :assignees
-        # The time when the case was last updated, as reported by the external system.
-        # Corresponds to the JSON property `externalSystemUpdateTime`
-        # @return [String]
-        attr_accessor :external_system_update_time
-        # The identifier that's used to track the finding's corresponding case in the
-        # external system.
-        # Corresponds to the JSON property `externalUid`
-        # @return [String]
-        attr_accessor :external_uid
-        # Full resource name of the external system. The following list shows some
-        # examples: + `organizations/1234/sources/5678/findings/123456/externalSystems/
-        # jira` + `organizations/1234/sources/5678/locations/us/findings/123456/
-        # externalSystems/jira` + `folders/1234/sources/5678/findings/123456/
-        # externalSystems/jira` + `folders/1234/sources/5678/locations/us/findings/
-        # 123456/externalSystems/jira` + `projects/1234/sources/5678/findings/123456/
-        # externalSystems/jira` + `projects/1234/sources/5678/locations/us/findings/
-        # 123456/externalSystems/jira`
-        # Corresponds to the JSON property `name`
-        # @return [String]
-        attr_accessor :name
-        # The most recent status of the finding's corresponding case, as reported by the
-        # external system.
-        # Corresponds to the JSON property `status`
-        # @return [String]
-        attr_accessor :status
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @assignees = args[:assignees] if args.key?(:assignees)
-          @external_system_update_time = args[:external_system_update_time] if args.key?(:external_system_update_time)
-          @external_uid = args[:external_uid] if args.key?(:external_uid)
-          @name = args[:name] if args.key?(:name)
-          @status = args[:status] if args.key?(:status)
-        end
-      end
-      # File information about the related binary/library used by an executable, or
-      # the script used by a script interpreter
-      class GoogleCloudSecuritycenterV2File
-        include Google::Apis::Core::Hashable
-        # Prefix of the file contents as a JSON-encoded string.
-        # Corresponds to the JSON property `contents`
-        # @return [String]
-        attr_accessor :contents
-        # The length in bytes of the file prefix that was hashed. If hashed_size == size,
-        # any hashes reported represent the entire file.
-        # Corresponds to the JSON property `hashedSize`
-        # @return [Fixnum]
-        attr_accessor :hashed_size
-        # True when the hash covers only a prefix of the file.
-        # Corresponds to the JSON property `partiallyHashed`
-        # @return [Boolean]
-        attr_accessor :partially_hashed
-        alias_method :partially_hashed?, :partially_hashed
-        # Absolute path of the file as a JSON encoded string.
-        # Corresponds to the JSON property `path`
-        # @return [String]
-        attr_accessor :path
-        # SHA256 hash of the first hashed_size bytes of the file encoded as a hex string.
-        # If hashed_size == size, sha256 represents the SHA256 hash of the entire file.
-        # Corresponds to the JSON property `sha256`
-        # @return [String]
-        attr_accessor :sha256
-        # Size of the file in bytes.
-        # Corresponds to the JSON property `size`
-        # @return [Fixnum]
-        attr_accessor :size
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @contents = args[:contents] if args.key?(:contents)
-          @hashed_size = args[:hashed_size] if args.key?(:hashed_size)
-          @partially_hashed = args[:partially_hashed] if args.key?(:partially_hashed)
-          @path = args[:path] if args.key?(:path)
-          @sha256 = args[:sha256] if args.key?(:sha256)
-          @size = args[:size] if args.key?(:size)
-        end
-      end
-      # Security Command Center finding. A finding is a record of assessment data like
-      # security, risk, health, or privacy, that is ingested into Security Command
-      # Center for presentation, notification, analysis, policy testing, and
-      # enforcement. For example, a cross-site scripting (XSS) vulnerability in an App
-      # Engine application is a finding.
-      class GoogleCloudSecuritycenterV2Finding
-        include Google::Apis::Core::Hashable
-        # Represents an access event.
-        # Corresponds to the JSON property `access`
-        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Access]
-        attr_accessor :access
-        # An attack exposure contains the results of an attack path simulation run.
-        # Corresponds to the JSON property `attackExposure`
-        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2AttackExposure]
-        attr_accessor :attack_exposure
-        # Output only. The canonical name of the finding. The following list shows some
-        # examples: + `organizations/`organization_id`/sources/`source_id`/findings/`
-        # finding_id`` + `organizations/`organization_id`/sources/`source_id`/locations/`
-        # location_id`/findings/`finding_id`` + `folders/`folder_id`/sources/`source_id`/
-        # findings/`finding_id`` + `folders/`folder_id`/sources/`source_id`/locations/`
-        # location_id`/findings/`finding_id`` + `projects/`project_id`/sources/`
-        # source_id`/findings/`finding_id`` + `projects/`project_id`/sources/`source_id`/
-        # locations/`location_id`/findings/`finding_id`` The prefix is the closest CRM
-        # ancestor of the resource associated with the finding.
-        # Corresponds to the JSON property `canonicalName`
-        # @return [String]
-        attr_accessor :canonical_name
-        # Immutable. The additional taxonomy group within findings from a given source.
-        # Example: "XSS_FLASH_INJECTION"
-        # Corresponds to the JSON property `category`
-        # @return [String]
-        attr_accessor :category
-        # The [data profile](https://cloud.google.com/dlp/docs/data-profiles) associated
-        # with the finding.
-        # Corresponds to the JSON property `cloudDlpDataProfile`
-        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2CloudDlpDataProfile]
-        attr_accessor :cloud_dlp_data_profile
-        # Details about the Cloud Data Loss Prevention (Cloud DLP) [inspection job](
-        # https://cloud.google.com/dlp/docs/concepts-job-triggers) that produced the
-        # finding.
-        # Corresponds to the JSON property `cloudDlpInspection`
-        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2CloudDlpInspection]
-        attr_accessor :cloud_dlp_inspection
-        # Contains compliance information for security standards associated to the
-        # finding.
-        # Corresponds to the JSON property `compliances`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Compliance>]
-        attr_accessor :compliances
-        # Contains information about the IP connection associated with the finding.
-        # Corresponds to the JSON property `connections`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Connection>]
-        attr_accessor :connections
-        # Output only. Map containing the points of contact for the given finding. The
-        # key represents the type of contact, while the value contains a list of all the
-        # contacts that pertain. Please refer to: https://cloud.google.com/resource-
-        # manager/docs/managing-notification-contacts#notification-categories ` "
-        # security": ` "contacts": [ ` "email": "person1@company.com" `, ` "email": "
-        # person2@company.com" ` ] ` `
-        # Corresponds to the JSON property `contacts`
-        # @return [Hash<String,Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2ContactDetails>]
-        attr_accessor :contacts
-        # Containers associated with the finding. This field provides information for
-        # both Kubernetes and non-Kubernetes containers.
-        # Corresponds to the JSON property `containers`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Container>]
-        attr_accessor :containers
-        # Output only. The time at which the finding was created in Security Command
-        # Center.
-        # Corresponds to the JSON property `createTime`
-        # @return [String]
-        attr_accessor :create_time
-        # Represents database access information, such as queries. A database may be a
-        # sub-resource of an instance (as in the case of Cloud SQL instances or Cloud
-        # Spanner instances), or the database instance itself. Some database resources
-        # might not have the [full resource name](https://google.aip.dev/122#full-
-        # resource-names) populated because these resource types, such as Cloud SQL
-        # databases, are not yet supported by Cloud Asset Inventory. In these cases only
-        # the display name is provided.
-        # Corresponds to the JSON property `database`
-        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Database]
-        attr_accessor :database
-        # Contains more details about the finding.
-        # Corresponds to the JSON property `description`
-        # @return [String]
-        attr_accessor :description
-        # The time the finding was first detected. If an existing finding is updated,
-        # then this is the time the update occurred. For example, if the finding
-        # represents an open firewall, this property captures the time the detector
-        # believes the firewall became open. The accuracy is determined by the detector.
-        # If the finding is later resolved, then this time reflects when the finding was
-        # resolved. This must not be set to a value greater than the current timestamp.
-        # Corresponds to the JSON property `eventTime`
-        # @return [String]
-        attr_accessor :event_time
-        # Exfiltration represents a data exfiltration attempt from one or more sources
-        # to one or more targets. The `sources` attribute lists the sources of the
-        # exfiltrated data. The `targets` attribute lists the destinations the data was
-        # copied to.
-        # Corresponds to the JSON property `exfiltration`
-        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Exfiltration]
-        attr_accessor :exfiltration
-        # Output only. Third party SIEM/SOAR fields within SCC, contains external system
-        # information and external system finding fields.
-        # Corresponds to the JSON property `externalSystems`
-        # @return [Hash<String,Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2ExternalSystem>]
-        attr_accessor :external_systems
-        # The URI that, if available, points to a web page outside of Security Command
-        # Center where additional information about the finding can be found. This field
-        # is guaranteed to be either empty or a well formed URL.
-        # Corresponds to the JSON property `externalUri`
-        # @return [String]
-        attr_accessor :external_uri
-        # File associated with the finding.
-        # Corresponds to the JSON property `files`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2File>]
-        attr_accessor :files
-        # The class of the finding.
-        # Corresponds to the JSON property `findingClass`
-        # @return [String]
-        attr_accessor :finding_class
-        # Represents IAM bindings associated with the finding.
-        # Corresponds to the JSON property `iamBindings`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2IamBinding>]
-        attr_accessor :iam_bindings
-        # Represents what's commonly known as an _indicator of compromise_ (IoC) in
-        # computer forensics. This is an artifact observed on a network or in an
-        # operating system that, with high confidence, indicates a computer intrusion.
-        # For more information, see [Indicator of compromise](https://en.wikipedia.org/
-        # wiki/Indicator_of_compromise).
-        # Corresponds to the JSON property `indicator`
-        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Indicator]
-        attr_accessor :indicator
-        # Kernel mode rootkit signatures.
-        # Corresponds to the JSON property `kernelRootkit`
-        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2KernelRootkit]
-        attr_accessor :kernel_rootkit
-        # Kubernetes-related attributes.
-        # Corresponds to the JSON property `kubernetes`
-        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Kubernetes]
-        attr_accessor :kubernetes
-        # The load balancers associated with the finding.
-        # Corresponds to the JSON property `loadBalancers`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2LoadBalancer>]
-        attr_accessor :load_balancers
-        # Log entries that are relevant to the finding.
-        # Corresponds to the JSON property `logEntries`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2LogEntry>]
-        attr_accessor :log_entries
-        # MITRE ATT&CK tactics and techniques related to this finding. See: https://
-        # attack.mitre.org
-        # Corresponds to the JSON property `mitreAttack`
-        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2MitreAttack]
-        attr_accessor :mitre_attack
-        # Unique identifier of the module which generated the finding. Example: folders/
-        # 598186756061/securityHealthAnalyticsSettings/customModules/56799441161885
-        # Corresponds to the JSON property `moduleName`
-        # @return [String]
-        attr_accessor :module_name
-        # Indicates the mute state of a finding (either muted, unmuted or undefined).
-        # Unlike other attributes of a finding, a finding provider shouldn't set the
-        # value of mute.
-        # Corresponds to the JSON property `mute`
-        # @return [String]
-        attr_accessor :mute
-        # Records additional information about the mute operation, for example, the [
-        # mute configuration](https://cloud.google.com/security-command-center/docs/how-
-        # to-mute-findings) that muted the finding and the user who muted the finding.
-        # Corresponds to the JSON property `muteInitiator`
-        # @return [String]
-        attr_accessor :mute_initiator
-        # Output only. The most recent time this finding was muted or unmuted.
-        # Corresponds to the JSON property `muteUpdateTime`
-        # @return [String]
-        attr_accessor :mute_update_time
-        # The [relative resource name](https://cloud.google.com/apis/design/
-        # resource_names#relative_resource_name) of the finding. The following list
-        # shows some examples: + `organizations/`organization_id`/sources/`source_id`/
-        # findings/`finding_id`` + `organizations/`organization_id`/sources/`source_id`/
-        # locations/`location_id`/findings/`finding_id`` + `folders/`folder_id`/sources/`
-        # source_id`/findings/`finding_id`` + `folders/`folder_id`/sources/`source_id`/
-        # locations/`location_id`/findings/`finding_id`` + `projects/`project_id`/
-        # sources/`source_id`/findings/`finding_id`` + `projects/`project_id`/sources/`
-        # source_id`/locations/`location_id`/findings/`finding_id``
-        # Corresponds to the JSON property `name`
-        # @return [String]
-        attr_accessor :name
-        # Steps to address the finding.
-        # Corresponds to the JSON property `nextSteps`
-        # @return [String]
-        attr_accessor :next_steps
-        # Contains information about the org policies associated with the finding.
-        # Corresponds to the JSON property `orgPolicies`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2OrgPolicy>]
-        attr_accessor :org_policies
-        # The relative resource name of the source and location the finding belongs to.
-        # See: https://cloud.google.com/apis/design/resource_names#
-        # relative_resource_name This field is immutable after creation time. The
-        # following list shows some examples: + `organizations/`organization_id`/sources/
-        # `source_id`` + `folders/`folders_id`/sources/`source_id`` + `projects/`
-        # projects_id`/sources/`source_id`` + `organizations/`organization_id`/sources/`
-        # source_id`/locations/`location_id`` + `folders/`folders_id`/sources/`source_id`
-        # /locations/`location_id`` + `projects/`projects_id`/sources/`source_id`/
-        # locations/`location_id``
-        # Corresponds to the JSON property `parent`
-        # @return [String]
-        attr_accessor :parent
-        # Output only. The human readable display name of the finding source such as "
-        # Event Threat Detection" or "Security Health Analytics".
-        # Corresponds to the JSON property `parentDisplayName`
-        # @return [String]
-        attr_accessor :parent_display_name
-        # Represents operating system processes associated with the Finding.
-        # Corresponds to the JSON property `processes`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Process>]
-        attr_accessor :processes
-        # Immutable. For findings on Google Cloud resources, the full resource name of
-        # the Google Cloud resource this finding is for. See: https://cloud.google.com/
-        # apis/design/resource_names#full_resource_name When the finding is for a non-
-        # Google Cloud resource, the resourceName can be a customer or partner defined
-        # string.
-        # Corresponds to the JSON property `resourceName`
-        # @return [String]
-        attr_accessor :resource_name
-        # User specified security marks that are attached to the parent Security Command
-        # Center resource. Security marks are scoped within a Security Command Center
-        # organization -- they can be modified and viewed by all users who have proper
-        # permissions on the organization.
-        # Corresponds to the JSON property `securityMarks`
-        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2SecurityMarks]
-        attr_accessor :security_marks
-        # Represents a posture that is deployed on Google Cloud by the Security Command
-        # Center Posture Management service. A posture contains one or more policy sets.
-        # A policy set is a group of policies that enforce a set of security rules on
-        # Google Cloud.
-        # Corresponds to the JSON property `securityPosture`
-        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2SecurityPosture]
-        attr_accessor :security_posture
-        # The severity of the finding. This field is managed by the source that writes
-        # the finding.
-        # Corresponds to the JSON property `severity`
-        # @return [String]
-        attr_accessor :severity
-        # Source specific properties. These properties are managed by the source that
-        # writes the finding. The key names in the source_properties map must be between
-        # 1 and 255 characters, and must start with a letter and contain alphanumeric
-        # characters or underscores only.
-        # Corresponds to the JSON property `sourceProperties`
-        # @return [Hash<String,Object>]
-        attr_accessor :source_properties
-        # Output only. The state of the finding.
-        # Corresponds to the JSON property `state`
-        # @return [String]
-        attr_accessor :state
-        # Refers to common vulnerability fields e.g. cve, cvss, cwe etc.
-        # Corresponds to the JSON property `vulnerability`
-        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Vulnerability]
-        attr_accessor :vulnerability
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @access = args[:access] if args.key?(:access)
-          @attack_exposure = args[:attack_exposure] if args.key?(:attack_exposure)
-          @canonical_name = args[:canonical_name] if args.key?(:canonical_name)
-          @category = args[:category] if args.key?(:category)
-          @cloud_dlp_data_profile = args[:cloud_dlp_data_profile] if args.key?(:cloud_dlp_data_profile)
-          @cloud_dlp_inspection = args[:cloud_dlp_inspection] if args.key?(:cloud_dlp_inspection)
-          @compliances = args[:compliances] if args.key?(:compliances)
-          @connections = args[:connections] if args.key?(:connections)
-          @contacts = args[:contacts] if args.key?(:contacts)
-          @containers = args[:containers] if args.key?(:containers)
-          @create_time = args[:create_time] if args.key?(:create_time)
-          @database = args[:database] if args.key?(:database)
-          @description = args[:description] if args.key?(:description)
-          @event_time = args[:event_time] if args.key?(:event_time)
-          @exfiltration = args[:exfiltration] if args.key?(:exfiltration)
-          @external_systems = args[:external_systems] if args.key?(:external_systems)
-          @external_uri = args[:external_uri] if args.key?(:external_uri)
-          @files = args[:files] if args.key?(:files)
-          @finding_class = args[:finding_class] if args.key?(:finding_class)
-          @iam_bindings = args[:iam_bindings] if args.key?(:iam_bindings)
-          @indicator = args[:indicator] if args.key?(:indicator)
-          @kernel_rootkit = args[:kernel_rootkit] if args.key?(:kernel_rootkit)
-          @kubernetes = args[:kubernetes] if args.key?(:kubernetes)
-          @load_balancers = args[:load_balancers] if args.key?(:load_balancers)
-          @log_entries = args[:log_entries] if args.key?(:log_entries)
-          @mitre_attack = args[:mitre_attack] if args.key?(:mitre_attack)
-          @module_name = args[:module_name] if args.key?(:module_name)
-          @mute = args[:mute] if args.key?(:mute)
-          @mute_initiator = args[:mute_initiator] if args.key?(:mute_initiator)
-          @mute_update_time = args[:mute_update_time] if args.key?(:mute_update_time)
-          @name = args[:name] if args.key?(:name)
-          @next_steps = args[:next_steps] if args.key?(:next_steps)
-          @org_policies = args[:org_policies] if args.key?(:org_policies)
-          @parent = args[:parent] if args.key?(:parent)
-          @parent_display_name = args[:parent_display_name] if args.key?(:parent_display_name)
-          @processes = args[:processes] if args.key?(:processes)
-          @resource_name = args[:resource_name] if args.key?(:resource_name)
-          @security_marks = args[:security_marks] if args.key?(:security_marks)
-          @security_posture = args[:security_posture] if args.key?(:security_posture)
-          @severity = args[:severity] if args.key?(:severity)
-          @source_properties = args[:source_properties] if args.key?(:source_properties)
-          @state = args[:state] if args.key?(:state)
-          @vulnerability = args[:vulnerability] if args.key?(:vulnerability)
-        end
-      end
-      # Represents a geographical location for a given access.
-      class GoogleCloudSecuritycenterV2Geolocation
-        include Google::Apis::Core::Hashable
-        # A CLDR.
-        # Corresponds to the JSON property `regionCode`
-        # @return [String]
-        attr_accessor :region_code
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @region_code = args[:region_code] if args.key?(:region_code)
-        end
-      end
-      # Represents a particular IAM binding, which captures a member's role addition,
-      # removal, or state.
-      class GoogleCloudSecuritycenterV2IamBinding
-        include Google::Apis::Core::Hashable
-        # The action that was performed on a Binding.
-        # Corresponds to the JSON property `action`
-        # @return [String]
-        attr_accessor :action
-        # A single identity requesting access for a Cloud Platform resource, for example,
-        # "foo@google.com".
-        # Corresponds to the JSON property `member`
-        # @return [String]
-        attr_accessor :member
-        # Role that is assigned to "members". For example, "roles/viewer", "roles/editor"
-        # , or "roles/owner".
-        # Corresponds to the JSON property `role`
-        # @return [String]
-        attr_accessor :role
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @action = args[:action] if args.key?(:action)
-          @member = args[:member] if args.key?(:member)
-          @role = args[:role] if args.key?(:role)
-        end
-      end
-      # Represents what's commonly known as an _indicator of compromise_ (IoC) in
-      # computer forensics. This is an artifact observed on a network or in an
-      # operating system that, with high confidence, indicates a computer intrusion.
-      # For more information, see [Indicator of compromise](https://en.wikipedia.org/
-      # wiki/Indicator_of_compromise).
-      class GoogleCloudSecuritycenterV2Indicator
-        include Google::Apis::Core::Hashable
-        # List of domains associated to the Finding.
-        # Corresponds to the JSON property `domains`
-        # @return [Array<String>]
-        attr_accessor :domains
-        # The list of IP addresses that are associated with the finding.
-        # Corresponds to the JSON property `ipAddresses`
-        # @return [Array<String>]
-        attr_accessor :ip_addresses
-        # The list of matched signatures indicating that the given process is present in
-        # the environment.
-        # Corresponds to the JSON property `signatures`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2ProcessSignature>]
-        attr_accessor :signatures
-        # The list of URIs associated to the Findings.
-        # Corresponds to the JSON property `uris`
-        # @return [Array<String>]
-        attr_accessor :uris
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @domains = args[:domains] if args.key?(:domains)
-          @ip_addresses = args[:ip_addresses] if args.key?(:ip_addresses)
-          @signatures = args[:signatures] if args.key?(:signatures)
-          @uris = args[:uris] if args.key?(:uris)
-        end
-      end
-      # Kernel mode rootkit signatures.
-      class GoogleCloudSecuritycenterV2KernelRootkit
-        include Google::Apis::Core::Hashable
-        # Rootkit name, when available.
-        # Corresponds to the JSON property `name`
-        # @return [String]
-        attr_accessor :name
-        # True if unexpected modifications of kernel code memory are present.
-        # Corresponds to the JSON property `unexpectedCodeModification`
-        # @return [Boolean]
-        attr_accessor :unexpected_code_modification
-        alias_method :unexpected_code_modification?, :unexpected_code_modification
-        # True if `ftrace` points are present with callbacks pointing to regions that
-        # are not in the expected kernel or module code range.
-        # Corresponds to the JSON property `unexpectedFtraceHandler`
-        # @return [Boolean]
-        attr_accessor :unexpected_ftrace_handler
-        alias_method :unexpected_ftrace_handler?, :unexpected_ftrace_handler
-        # True if interrupt handlers that are are not in the expected kernel or module
-        # code regions are present.
-        # Corresponds to the JSON property `unexpectedInterruptHandler`
-        # @return [Boolean]
-        attr_accessor :unexpected_interrupt_handler
-        alias_method :unexpected_interrupt_handler?, :unexpected_interrupt_handler
-        # True if kernel code pages that are not in the expected kernel or module code
-        # regions are present.
-        # Corresponds to the JSON property `unexpectedKernelCodePages`
-        # @return [Boolean]
-        attr_accessor :unexpected_kernel_code_pages
-        alias_method :unexpected_kernel_code_pages?, :unexpected_kernel_code_pages
-        # True if `kprobe` points are present with callbacks pointing to regions that
-        # are not in the expected kernel or module code range.
-        # Corresponds to the JSON property `unexpectedKprobeHandler`
-        # @return [Boolean]
-        attr_accessor :unexpected_kprobe_handler
-        alias_method :unexpected_kprobe_handler?, :unexpected_kprobe_handler
-        # True if unexpected processes in the scheduler run queue are present. Such
-        # processes are in the run queue, but not in the process task list.
-        # Corresponds to the JSON property `unexpectedProcessesInRunqueue`
-        # @return [Boolean]
-        attr_accessor :unexpected_processes_in_runqueue
-        alias_method :unexpected_processes_in_runqueue?, :unexpected_processes_in_runqueue
-        # True if unexpected modifications of kernel read-only data memory are present.
-        # Corresponds to the JSON property `unexpectedReadOnlyDataModification`
-        # @return [Boolean]
-        attr_accessor :unexpected_read_only_data_modification
-        alias_method :unexpected_read_only_data_modification?, :unexpected_read_only_data_modification
-        # True if system call handlers that are are not in the expected kernel or module
-        # code regions are present.
-        # Corresponds to the JSON property `unexpectedSystemCallHandler`
-        # @return [Boolean]
-        attr_accessor :unexpected_system_call_handler
-        alias_method :unexpected_system_call_handler?, :unexpected_system_call_handler
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @name = args[:name] if args.key?(:name)
-          @unexpected_code_modification = args[:unexpected_code_modification] if args.key?(:unexpected_code_modification)
-          @unexpected_ftrace_handler = args[:unexpected_ftrace_handler] if args.key?(:unexpected_ftrace_handler)
-          @unexpected_interrupt_handler = args[:unexpected_interrupt_handler] if args.key?(:unexpected_interrupt_handler)
-          @unexpected_kernel_code_pages = args[:unexpected_kernel_code_pages] if args.key?(:unexpected_kernel_code_pages)
-          @unexpected_kprobe_handler = args[:unexpected_kprobe_handler] if args.key?(:unexpected_kprobe_handler)
-          @unexpected_processes_in_runqueue = args[:unexpected_processes_in_runqueue] if args.key?(:unexpected_processes_in_runqueue)
-          @unexpected_read_only_data_modification = args[:unexpected_read_only_data_modification] if args.key?(:unexpected_read_only_data_modification)
-          @unexpected_system_call_handler = args[:unexpected_system_call_handler] if args.key?(:unexpected_system_call_handler)
-        end
-      end
-      # Kubernetes-related attributes.
-      class GoogleCloudSecuritycenterV2Kubernetes
-        include Google::Apis::Core::Hashable
-        # Provides information on any Kubernetes access reviews (privilege checks)
-        # relevant to the finding.
-        # Corresponds to the JSON property `accessReviews`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2AccessReview>]
-        attr_accessor :access_reviews
-        # Provides Kubernetes role binding information for findings that involve [
-        # RoleBindings or ClusterRoleBindings](https://cloud.google.com/kubernetes-
-        # engine/docs/how-to/role-based-access-control).
-        # Corresponds to the JSON property `bindings`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Binding>]
-        attr_accessor :bindings
-        # GKE [node pools](https://cloud.google.com/kubernetes-engine/docs/concepts/node-
-        # pools) associated with the finding. This field contains node pool information
-        # for each node, when it is available.
-        # Corresponds to the JSON property `nodePools`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2NodePool>]
-        attr_accessor :node_pools
-        # Provides Kubernetes [node](https://cloud.google.com/kubernetes-engine/docs/
-        # concepts/cluster-architecture#nodes) information.
-        # Corresponds to the JSON property `nodes`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Node>]
-        attr_accessor :nodes
-        # Kubernetes objects related to the finding.
-        # Corresponds to the JSON property `objects`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Object>]
-        attr_accessor :objects
-        # Kubernetes [Pods](https://cloud.google.com/kubernetes-engine/docs/concepts/pod)
-        # associated with the finding. This field contains Pod records for each
-        # container that is owned by a Pod.
-        # Corresponds to the JSON property `pods`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Pod>]
-        attr_accessor :pods
-        # Provides Kubernetes role information for findings that involve [Roles or
-        # ClusterRoles](https://cloud.google.com/kubernetes-engine/docs/how-to/role-
-        # based-access-control).
-        # Corresponds to the JSON property `roles`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Role>]
-        attr_accessor :roles
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @access_reviews = args[:access_reviews] if args.key?(:access_reviews)
-          @bindings = args[:bindings] if args.key?(:bindings)
-          @node_pools = args[:node_pools] if args.key?(:node_pools)
-          @nodes = args[:nodes] if args.key?(:nodes)
-          @objects = args[:objects] if args.key?(:objects)
-          @pods = args[:pods] if args.key?(:pods)
-          @roles = args[:roles] if args.key?(:roles)
-        end
-      end
-      # Represents a generic name-value label. A label has separate name and value
-      # fields to support filtering with the `contains()` function. For more
-      # information, see [Filtering on array-type fields](https://cloud.google.com/
-      # security-command-center/docs/how-to-api-list-findings#array-contains-filtering)
-      # .
-      class GoogleCloudSecuritycenterV2Label
-        include Google::Apis::Core::Hashable
-        # Name of the label.
-        # Corresponds to the JSON property `name`
-        # @return [String]
-        attr_accessor :name
-        # Value that corresponds to the label's name.
-        # Corresponds to the JSON property `value`
-        # @return [String]
-        attr_accessor :value
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @name = args[:name] if args.key?(:name)
-          @value = args[:value] if args.key?(:value)
-        end
-      end
-      # Contains information related to the load balancer associated with the finding.
-      class GoogleCloudSecuritycenterV2LoadBalancer
-        include Google::Apis::Core::Hashable
-        # The name of the load balancer associated with the finding.
-        # Corresponds to the JSON property `name`
-        # @return [String]
-        attr_accessor :name
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @name = args[:name] if args.key?(:name)
-        end
-      end
-      # An individual entry in a log.
-      class GoogleCloudSecuritycenterV2LogEntry
-        include Google::Apis::Core::Hashable
-        # Metadata taken from a [Cloud Logging LogEntry](https://cloud.google.com/
-        # logging/docs/reference/v2/rest/v2/LogEntry)
-        # Corresponds to the JSON property `cloudLoggingEntry`
-        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2CloudLoggingEntry]
-        attr_accessor :cloud_logging_entry
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @cloud_logging_entry = args[:cloud_logging_entry] if args.key?(:cloud_logging_entry)
-        end
-      end
-      # A signature corresponding to memory page hashes.
-      class GoogleCloudSecuritycenterV2MemoryHashSignature
-        include Google::Apis::Core::Hashable
-        # The binary family.
-        # Corresponds to the JSON property `binaryFamily`
-        # @return [String]
-        attr_accessor :binary_family
-        # The list of memory hash detections contributing to the binary family match.
-        # Corresponds to the JSON property `detections`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Detection>]
-        attr_accessor :detections
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @binary_family = args[:binary_family] if args.key?(:binary_family)
-          @detections = args[:detections] if args.key?(:detections)
-        end
-      end
-      # MITRE ATT&CK tactics and techniques related to this finding. See: https://
-      # attack.mitre.org
-      class GoogleCloudSecuritycenterV2MitreAttack
-        include Google::Apis::Core::Hashable
-        # Additional MITRE ATT&CK tactics related to this finding, if any.
-        # Corresponds to the JSON property `additionalTactics`
-        # @return [Array<String>]
-        attr_accessor :additional_tactics
-        # Additional MITRE ATT&CK techniques related to this finding, if any, along with
-        # any of their respective parent techniques.
-        # Corresponds to the JSON property `additionalTechniques`
-        # @return [Array<String>]
-        attr_accessor :additional_techniques
-        # The MITRE ATT&CK tactic most closely represented by this finding, if any.
-        # Corresponds to the JSON property `primaryTactic`
-        # @return [String]
-        attr_accessor :primary_tactic
-        # The MITRE ATT&CK technique most closely represented by this finding, if any.
-        # primary_techniques is a repeated field because there are multiple levels of
-        # MITRE ATT&CK techniques. If the technique most closely represented by this
-        # finding is a sub-technique (e.g. `SCANNING_IP_BLOCKS`), both the sub-technique
-        # and its parent technique(s) will be listed (e.g. `SCANNING_IP_BLOCKS`, `
-        # ACTIVE_SCANNING`).
-        # Corresponds to the JSON property `primaryTechniques`
-        # @return [Array<String>]
-        attr_accessor :primary_techniques
-        # The MITRE ATT&CK version referenced by the above fields. E.g. "8".
-        # Corresponds to the JSON property `version`
-        # @return [String]
-        attr_accessor :version
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @additional_tactics = args[:additional_tactics] if args.key?(:additional_tactics)
-          @additional_techniques = args[:additional_techniques] if args.key?(:additional_techniques)
-          @primary_tactic = args[:primary_tactic] if args.key?(:primary_tactic)
-          @primary_techniques = args[:primary_techniques] if args.key?(:primary_techniques)
-          @version = args[:version] if args.key?(:version)
-        end
-      end
-      # A mute config is a Cloud SCC resource that contains the configuration to mute
-      # create/update events of findings.
-      class GoogleCloudSecuritycenterV2MuteConfig
-        include Google::Apis::Core::Hashable
-        # Output only. The time at which the mute config was created. This field is set
-        # by the server and will be ignored if provided on config creation.
-        # Corresponds to the JSON property `createTime`
-        # @return [String]
-        attr_accessor :create_time
-        # A description of the mute config.
-        # Corresponds to the JSON property `description`
-        # @return [String]
-        attr_accessor :description
-        # Required. An expression that defines the filter to apply across create/update
-        # events of findings. While creating a filter string, be mindful of the scope in
-        # which the mute configuration is being created. E.g., If a filter contains
-        # project = X but is created under the project = Y scope, it might not match any
-        # findings. The following field and operator combinations are supported: *
-        # severity: `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * resource.
-        # project_name: `=`, `:` * resource.project_display_name: `=`, `:` * resource.
-        # folders.resource_folder: `=`, `:` * resource.parent_name: `=`, `:` * resource.
-        # parent_display_name: `=`, `:` * resource.type: `=`, `:` * finding_class: `=`, `
-        # :` * indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:`
-        # Corresponds to the JSON property `filter`
-        # @return [String]
-        attr_accessor :filter
-        # Output only. Email address of the user who last edited the mute config. This
-        # field is set by the server and will be ignored if provided on config creation
-        # or update.
-        # Corresponds to the JSON property `mostRecentEditor`
-        # @return [String]
-        attr_accessor :most_recent_editor
-        # This field will be ignored if provided on config creation. The following list
-        # shows some examples of the format: + `organizations/`organization`/muteConfigs/
-        # `mute_config`` + `organizations/`organization`locations/`location`//
-        # muteConfigs/`mute_config`` + `folders/`folder`/muteConfigs/`mute_config`` + `
-        # folders/`folder`/locations/`location`/muteConfigs/`mute_config`` + `projects/`
-        # project`/muteConfigs/`mute_config`` + `projects/`project`/locations/`location`/
-        # muteConfigs/`mute_config``
-        # Corresponds to the JSON property `name`
-        # @return [String]
-        attr_accessor :name
-        # Output only. The most recent time at which the mute config was updated. This
-        # field is set by the server and will be ignored if provided on config creation
-        # or update.
-        # Corresponds to the JSON property `updateTime`
-        # @return [String]
-        attr_accessor :update_time
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @create_time = args[:create_time] if args.key?(:create_time)
-          @description = args[:description] if args.key?(:description)
-          @filter = args[:filter] if args.key?(:filter)
-          @most_recent_editor = args[:most_recent_editor] if args.key?(:most_recent_editor)
-          @name = args[:name] if args.key?(:name)
-          @update_time = args[:update_time] if args.key?(:update_time)
-        end
-      end
-      # Kubernetes nodes associated with the finding.
-      class GoogleCloudSecuritycenterV2Node
-        include Google::Apis::Core::Hashable
-        # [Full resource name](https://google.aip.dev/122#full-resource-names) of the
-        # Compute Engine VM running the cluster node.
-        # Corresponds to the JSON property `name`
-        # @return [String]
-        attr_accessor :name
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @name = args[:name] if args.key?(:name)
-        end
-      end
-      # Provides GKE node pool information.
-      class GoogleCloudSecuritycenterV2NodePool
-        include Google::Apis::Core::Hashable
-        # Kubernetes node pool name.
-        # Corresponds to the JSON property `name`
-        # @return [String]
-        attr_accessor :name
-        # Nodes associated with the finding.
-        # Corresponds to the JSON property `nodes`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Node>]
-        attr_accessor :nodes
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @name = args[:name] if args.key?(:name)
-          @nodes = args[:nodes] if args.key?(:nodes)
-        end
-      end
-      # Cloud SCC's Notification
-      class GoogleCloudSecuritycenterV2NotificationMessage
-        include Google::Apis::Core::Hashable
-        # Security Command Center finding. A finding is a record of assessment data like
-        # security, risk, health, or privacy, that is ingested into Security Command
-        # Center for presentation, notification, analysis, policy testing, and
-        # enforcement. For example, a cross-site scripting (XSS) vulnerability in an App
-        # Engine application is a finding.
-        # Corresponds to the JSON property `finding`
-        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Finding]
-        attr_accessor :finding
-        # Name of the notification config that generated current notification.
-        # Corresponds to the JSON property `notificationConfigName`
-        # @return [String]
-        attr_accessor :notification_config_name
-        # Information related to the Google Cloud resource.
-        # Corresponds to the JSON property `resource`
-        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Resource]
-        attr_accessor :resource
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @finding = args[:finding] if args.key?(:finding)
-          @notification_config_name = args[:notification_config_name] if args.key?(:notification_config_name)
-          @resource = args[:resource] if args.key?(:resource)
-        end
-      end
-      # Kubernetes object related to the finding, uniquely identified by GKNN. Used if
-      # the object Kind is not one of Pod, Node, NodePool, Binding, or AccessReview.
-      class GoogleCloudSecuritycenterV2Object
-        include Google::Apis::Core::Hashable
-        # Pod containers associated with this finding, if any.
-        # Corresponds to the JSON property `containers`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Container>]
-        attr_accessor :containers
-        # Kubernetes object group, such as "policy.k8s.io/v1".
-        # Corresponds to the JSON property `group`
-        # @return [String]
-        attr_accessor :group
-        # Kubernetes object kind, such as "Namespace".
-        # Corresponds to the JSON property `kind`
-        # @return [String]
-        attr_accessor :kind
-        # Kubernetes object name. For details see https://kubernetes.io/docs/concepts/
-        # overview/working-with-objects/names/.
-        # Corresponds to the JSON property `name`
-        # @return [String]
-        attr_accessor :name
-        # Kubernetes object namespace. Must be a valid DNS label. Named "ns" to avoid
-        # collision with C++ namespace keyword. For details see https://kubernetes.io/
-        # docs/tasks/administer-cluster/namespaces/.
-        # Corresponds to the JSON property `ns`
-        # @return [String]
-        attr_accessor :ns
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @containers = args[:containers] if args.key?(:containers)
-          @group = args[:group] if args.key?(:group)
-          @kind = args[:kind] if args.key?(:kind)
-          @name = args[:name] if args.key?(:name)
-          @ns = args[:ns] if args.key?(:ns)
-        end
-      end
-      # Contains information about the org policies associated with the finding.
-      class GoogleCloudSecuritycenterV2OrgPolicy
-        include Google::Apis::Core::Hashable
-        # The resource name of the org policy. Example: "organizations/`organization_id`/
-        # policies/`constraint_name`"
-        # Corresponds to the JSON property `name`
-        # @return [String]
-        attr_accessor :name
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @name = args[:name] if args.key?(:name)
-        end
-      end
-      # A Kubernetes Pod.
-      class GoogleCloudSecuritycenterV2Pod
-        include Google::Apis::Core::Hashable
-        # Pod containers associated with this finding, if any.
-        # Corresponds to the JSON property `containers`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Container>]
-        attr_accessor :containers
-        # Pod labels. For Kubernetes containers, these are applied to the container.
-        # Corresponds to the JSON property `labels`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Label>]
-        attr_accessor :labels
-        # Kubernetes Pod name.
-        # Corresponds to the JSON property `name`
-        # @return [String]
-        attr_accessor :name
-        # Kubernetes Pod namespace.
-        # Corresponds to the JSON property `ns`
-        # @return [String]
-        attr_accessor :ns
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @containers = args[:containers] if args.key?(:containers)
-          @labels = args[:labels] if args.key?(:labels)
-          @name = args[:name] if args.key?(:name)
-          @ns = args[:ns] if args.key?(:ns)
-        end
-      end
-      # Represents an operating system process.
-      class GoogleCloudSecuritycenterV2Process
-        include Google::Apis::Core::Hashable
-        # Process arguments as JSON encoded strings.
-        # Corresponds to the JSON property `args`
-        # @return [Array<String>]
-        attr_accessor :args
-        # True if `args` is incomplete.
-        # Corresponds to the JSON property `argumentsTruncated`
-        # @return [Boolean]
-        attr_accessor :arguments_truncated
-        alias_method :arguments_truncated?, :arguments_truncated
-        # File information about the related binary/library used by an executable, or
-        # the script used by a script interpreter
-        # Corresponds to the JSON property `binary`
-        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2File]
-        attr_accessor :binary
-        # Process environment variables.
-        # Corresponds to the JSON property `envVariables`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2EnvironmentVariable>]
-        attr_accessor :env_variables
-        # True if `env_variables` is incomplete.
-        # Corresponds to the JSON property `envVariablesTruncated`
-        # @return [Boolean]
-        attr_accessor :env_variables_truncated
-        alias_method :env_variables_truncated?, :env_variables_truncated
-        # File information for libraries loaded by the process.
-        # Corresponds to the JSON property `libraries`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2File>]
-        attr_accessor :libraries
-        # The process name, as displayed in utilities like `top` and `ps`. This name can
-        # be accessed through `/proc/[pid]/comm` and changed with `prctl(PR_SET_NAME)`.
-        # Corresponds to the JSON property `name`
-        # @return [String]
-        attr_accessor :name
-        # The parent process ID.
-        # Corresponds to the JSON property `parentPid`
-        # @return [Fixnum]
-        attr_accessor :parent_pid
-        # The process ID.
-        # Corresponds to the JSON property `pid`
-        # @return [Fixnum]
-        attr_accessor :pid
-        # File information about the related binary/library used by an executable, or
-        # the script used by a script interpreter
-        # Corresponds to the JSON property `script`
-        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2File]
-        attr_accessor :script
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @args = args[:args] if args.key?(:args)
-          @arguments_truncated = args[:arguments_truncated] if args.key?(:arguments_truncated)
-          @binary = args[:binary] if args.key?(:binary)
-          @env_variables = args[:env_variables] if args.key?(:env_variables)
-          @env_variables_truncated = args[:env_variables_truncated] if args.key?(:env_variables_truncated)
-          @libraries = args[:libraries] if args.key?(:libraries)
-          @name = args[:name] if args.key?(:name)
-          @parent_pid = args[:parent_pid] if args.key?(:parent_pid)
-          @pid = args[:pid] if args.key?(:pid)
-          @script = args[:script] if args.key?(:script)
-        end
-      end
-      # Indicates what signature matched this process.
-      class GoogleCloudSecuritycenterV2ProcessSignature
-        include Google::Apis::Core::Hashable
-        # A signature corresponding to memory page hashes.
-        # Corresponds to the JSON property `memoryHashSignature`
-        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2MemoryHashSignature]
-        attr_accessor :memory_hash_signature
-        # A signature corresponding to a YARA rule.
-        # Corresponds to the JSON property `yaraRuleSignature`
-        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2YaraRuleSignature]
-        attr_accessor :yara_rule_signature
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @memory_hash_signature = args[:memory_hash_signature] if args.key?(:memory_hash_signature)
-          @yara_rule_signature = args[:yara_rule_signature] if args.key?(:yara_rule_signature)
-        end
-      end
-      # Additional Links
-      class GoogleCloudSecuritycenterV2Reference
-        include Google::Apis::Core::Hashable
-        # Source of the reference e.g. NVD
-        # Corresponds to the JSON property `source`
-        # @return [String]
-        attr_accessor :source
-        # Uri for the mentioned source e.g. https://cve.mitre.org/cgi-bin/cvename.cgi?
-        # name=CVE-2021-34527.
-        # Corresponds to the JSON property `uri`
-        # @return [String]
-        attr_accessor :uri
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @source = args[:source] if args.key?(:source)
-          @uri = args[:uri] if args.key?(:uri)
-        end
-      end
-      # Information related to the Google Cloud resource.
-      class GoogleCloudSecuritycenterV2Resource
-        include Google::Apis::Core::Hashable
-        # The human readable name of the resource.
-        # Corresponds to the JSON property `displayName`
-        # @return [String]
-        attr_accessor :display_name
-        # The full resource name of the resource. See: https://cloud.google.com/apis/
-        # design/resource_names#full_resource_name
-        # Corresponds to the JSON property `name`
-        # @return [String]
-        attr_accessor :name
-        # The full resource type of the resource.
-        # Corresponds to the JSON property `type`
-        # @return [String]
-        attr_accessor :type
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @display_name = args[:display_name] if args.key?(:display_name)
-          @name = args[:name] if args.key?(:name)
-          @type = args[:type] if args.key?(:type)
-        end
-      end
-      # A resource value config (RVC) is a mapping configuration of user's resources
-      # to resource values. Used in Attack path simulations.
-      class GoogleCloudSecuritycenterV2ResourceValueConfig
-        include Google::Apis::Core::Hashable
-        # Output only. Timestamp this resource value config was created.
-        # Corresponds to the JSON property `createTime`
-        # @return [String]
-        attr_accessor :create_time
-        # Description of the resource value config.
-        # Corresponds to the JSON property `description`
-        # @return [String]
-        attr_accessor :description
-        # Name for the resource value config
-        # Corresponds to the JSON property `name`
-        # @return [String]
-        attr_accessor :name
-        # List of resource labels to search for, evaluated with AND. E.g. "
-        # resource_labels_selector": `"key": "value", "env": "prod"` will match
-        # resources with labels "key": "value" AND "env": "prod" https://cloud.google.
-        # com/resource-manager/docs/creating-managing-labels
-        # Corresponds to the JSON property `resourceLabelsSelector`
-        # @return [Hash<String,String>]
-        attr_accessor :resource_labels_selector
-        # Apply resource_value only to resources that match resource_type. resource_type
-        # will be checked with "AND" of other resources. E.g. "storage.googleapis.com/
-        # Bucket" with resource_value "HIGH" will apply "HIGH" value only to "storage.
-        # googleapis.com/Bucket" resources.
-        # Corresponds to the JSON property `resourceType`
-        # @return [String]
-        attr_accessor :resource_type
-        # Required. Resource value level this expression represents
-        # Corresponds to the JSON property `resourceValue`
-        # @return [String]
-        attr_accessor :resource_value
-        # Project or folder to scope this config to. For example, "project/456" would
-        # apply this config only to resources in "project/456" scope will be checked
-        # with "AND" of other resources.
-        # Corresponds to the JSON property `scope`
-        # @return [String]
-        attr_accessor :scope
-        # Required. Tag values combined with AND to check against. Values in the form "
-        # tagValues/123" E.g. [ "tagValues/123", "tagValues/456", "tagValues/789" ]
-        # https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing
-        # Corresponds to the JSON property `tagValues`
-        # @return [Array<String>]
-        attr_accessor :tag_values
-        # Output only. Timestamp this resource value config was last updated.
-        # Corresponds to the JSON property `updateTime`
-        # @return [String]
-        attr_accessor :update_time
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @create_time = args[:create_time] if args.key?(:create_time)
-          @description = args[:description] if args.key?(:description)
-          @name = args[:name] if args.key?(:name)
-          @resource_labels_selector = args[:resource_labels_selector] if args.key?(:resource_labels_selector)
-          @resource_type = args[:resource_type] if args.key?(:resource_type)
-          @resource_value = args[:resource_value] if args.key?(:resource_value)
-          @scope = args[:scope] if args.key?(:scope)
-          @tag_values = args[:tag_values] if args.key?(:tag_values)
-          @update_time = args[:update_time] if args.key?(:update_time)
-        end
-      end
-      # Kubernetes Role or ClusterRole.
-      class GoogleCloudSecuritycenterV2Role
-        include Google::Apis::Core::Hashable
-        # Role type.
-        # Corresponds to the JSON property `kind`
-        # @return [String]
-        attr_accessor :kind
-        # Role name.
-        # Corresponds to the JSON property `name`
-        # @return [String]
-        attr_accessor :name
-        # Role namespace.
-        # Corresponds to the JSON property `ns`
-        # @return [String]
-        attr_accessor :ns
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @kind = args[:kind] if args.key?(:kind)
-          @name = args[:name] if args.key?(:name)
-          @ns = args[:ns] if args.key?(:ns)
-        end
-      end
-      # User specified security marks that are attached to the parent Security Command
-      # Center resource. Security marks are scoped within a Security Command Center
-      # organization -- they can be modified and viewed by all users who have proper
-      # permissions on the organization.
-      class GoogleCloudSecuritycenterV2SecurityMarks
-        include Google::Apis::Core::Hashable
-        # The canonical name of the marks. The following list shows some examples: + `
-        # organizations/`organization_id`/assets/`asset_id`/securityMarks" + `
-        # organizations/`organization_id`/sources/`source_id`/findings/`finding_id`/
-        # securityMarks" + `organizations/`organization_id`/sources/`source_id`/
-        # locations/`location`/findings/`finding_id`/securityMarks" + `folders/`
-        # folder_id`/assets/`asset_id`/securityMarks" + `folders/`folder_id`/sources/`
-        # source_id`/findings/`finding_id`/securityMarks" + `folders/`folder_id`/sources/
-        # `source_id`/locations/`location`/findings/`finding_id`/securityMarks" + `
-        # projects/`project_number`/assets/`asset_id`/securityMarks" + `projects/`
-        # project_number`/sources/`source_id`/findings/`finding_id`/securityMarks" + `
-        # projects/`project_number`/sources/`source_id`/locations/`location`/findings/`
-        # finding_id`/securityMarks"
-        # Corresponds to the JSON property `canonicalName`
-        # @return [String]
-        attr_accessor :canonical_name
-        # Mutable user specified security marks belonging to the parent resource.
-        # Constraints are as follows: * Keys and values are treated as case insensitive *
-        # Keys must be between 1 - 256 characters (inclusive) * Keys must be letters,
-        # numbers, underscores, or dashes * Values have leading and trailing whitespace
-        # trimmed, remaining characters must be between 1 - 4096 characters (inclusive)
-        # Corresponds to the JSON property `marks`
-        # @return [Hash<String,String>]
-        attr_accessor :marks
-        # The relative resource name of the SecurityMarks. See: https://cloud.google.com/
-        # apis/design/resource_names#relative_resource_name The following list shows
-        # some examples: + `organizations/`organization_id`/assets/`asset_id`/
-        # securityMarks` + `organizations/`organization_id`/sources/`source_id`/findings/
-        # `finding_id`/securityMarks` + `organizations/`organization_id`/sources/`
-        # source_id`/locations/`location`/findings/`finding_id`/securityMarks`
-        # Corresponds to the JSON property `name`
-        # @return [String]
-        attr_accessor :name
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @canonical_name = args[:canonical_name] if args.key?(:canonical_name)
-          @marks = args[:marks] if args.key?(:marks)
-          @name = args[:name] if args.key?(:name)
-        end
-      end
-      # Represents a posture that is deployed on Google Cloud by the Security Command
-      # Center Posture Management service. A posture contains one or more policy sets.
-      # A policy set is a group of policies that enforce a set of security rules on
-      # Google Cloud.
-      class GoogleCloudSecuritycenterV2SecurityPosture
-        include Google::Apis::Core::Hashable
-        # The name of the policy that has been updated, for example, `projects/`
-        # project_id`/policies/`constraint_name``.
-        # Corresponds to the JSON property `changedPolicy`
-        # @return [String]
-        attr_accessor :changed_policy
-        # Name of the posture, for example, `organizations/`org_id`/locations/`location`/
-        # postures/`posture_name``.
-        # Corresponds to the JSON property `name`
-        # @return [String]
-        attr_accessor :name
-        # The name of the posture deployment, for example, `projects/`project_id`/
-        # posturedeployments/`posture_deployment_id``.
-        # Corresponds to the JSON property `postureDeployment`
-        # @return [String]
-        attr_accessor :posture_deployment
-        # The project, folder, or organization on which the posture is deployed, for
-        # example, `projects/`project_id``.
-        # Corresponds to the JSON property `postureDeploymentResource`
-        # @return [String]
-        attr_accessor :posture_deployment_resource
-        # The version of the posture, for example, `c7cfa2a8`.
-        # Corresponds to the JSON property `revisionId`
-        # @return [String]
-        attr_accessor :revision_id
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @changed_policy = args[:changed_policy] if args.key?(:changed_policy)
-          @name = args[:name] if args.key?(:name)
-          @posture_deployment = args[:posture_deployment] if args.key?(:posture_deployment)
-          @posture_deployment_resource = args[:posture_deployment_resource] if args.key?(:posture_deployment_resource)
-          @revision_id = args[:revision_id] if args.key?(:revision_id)
-        end
-      end
-      # Identity delegation history of an authenticated service account.
-      class GoogleCloudSecuritycenterV2ServiceAccountDelegationInfo
-        include Google::Apis::Core::Hashable
-        # The email address of a Google account.
-        # Corresponds to the JSON property `principalEmail`
-        # @return [String]
-        attr_accessor :principal_email
-        # A string representing the principal_subject associated with the identity. As
-        # compared to `principal_email`, supports principals that aren't associated with
-        # email addresses, such as third party principals. For most identities, the
-        # format will be `principal://iam.googleapis.com/`identity pool name`/subjects/`
-        # subject`` except for some GKE identities (GKE_WORKLOAD, FREEFORM,
-        # GKE_HUB_WORKLOAD) that are still in the legacy format `serviceAccount:`
-        # identity pool name`[`subject`]`
-        # Corresponds to the JSON property `principalSubject`
-        # @return [String]
-        attr_accessor :principal_subject
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @principal_email = args[:principal_email] if args.key?(:principal_email)
-          @principal_subject = args[:principal_subject] if args.key?(:principal_subject)
-        end
-      end
-      # Represents a Kubernetes subject.
-      class GoogleCloudSecuritycenterV2Subject
-        include Google::Apis::Core::Hashable
-        # Authentication type for the subject.
-        # Corresponds to the JSON property `kind`
-        # @return [String]
-        attr_accessor :kind
-        # Name for the subject.
-        # Corresponds to the JSON property `name`
-        # @return [String]
-        attr_accessor :name
-        # Namespace for the subject.
-        # Corresponds to the JSON property `ns`
-        # @return [String]
-        attr_accessor :ns
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @kind = args[:kind] if args.key?(:kind)
-          @name = args[:name] if args.key?(:name)
-          @ns = args[:ns] if args.key?(:ns)
-        end
-      end
-      # Refers to common vulnerability fields e.g. cve, cvss, cwe etc.
-      class GoogleCloudSecuritycenterV2Vulnerability
-        include Google::Apis::Core::Hashable
-        # CVE stands for Common Vulnerabilities and Exposures. More information: https://
-        # cve.mitre.org
-        # Corresponds to the JSON property `cve`
-        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Cve]
-        attr_accessor :cve
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @cve = args[:cve] if args.key?(:cve)
-        end
-      end
-      # A signature corresponding to a YARA rule.
-      class GoogleCloudSecuritycenterV2YaraRuleSignature
-        include Google::Apis::Core::Hashable
-        # The name of the YARA rule.
-        # Corresponds to the JSON property `yaraRule`
-        # @return [String]
-        attr_accessor :yara_rule
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @yara_rule = args[:yara_rule] if args.key?(:yara_rule)
-        end
-      end
-      # Represents a particular IAM binding, which captures a member's role addition,
-      # removal, or state.
-      class IamBinding
-        include Google::Apis::Core::Hashable
-        # The action that was performed on a Binding.
-        # Corresponds to the JSON property `action`
-        # @return [String]
-        attr_accessor :action
-        # A single identity requesting access for a Cloud Platform resource, for example,
-        # "foo@google.com".
-        # Corresponds to the JSON property `member`
-        # @return [String]
-        attr_accessor :member
-        # Role that is assigned to "members". For example, "roles/viewer", "roles/editor"
-        # , or "roles/owner".
-        # Corresponds to the JSON property `role`
-        # @return [String]
-        attr_accessor :role
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @action = args[:action] if args.key?(:action)
-          @member = args[:member] if args.key?(:member)
-          @role = args[:role] if args.key?(:role)
-        end
-      end
-      # Represents what's commonly known as an _indicator of compromise_ (IoC) in
-      # computer forensics. This is an artifact observed on a network or in an
-      # operating system that, with high confidence, indicates a computer intrusion.
-      # For more information, see [Indicator of compromise](https://en.wikipedia.org/
-      # wiki/Indicator_of_compromise).
-      class Indicator
-        include Google::Apis::Core::Hashable
-        # List of domains associated to the Finding.
-        # Corresponds to the JSON property `domains`
-        # @return [Array<String>]
-        attr_accessor :domains
-        # The list of IP addresses that are associated with the finding.
-        # Corresponds to the JSON property `ipAddresses`
-        # @return [Array<String>]
-        attr_accessor :ip_addresses
-        # The list of matched signatures indicating that the given process is present in
-        # the environment.
-        # Corresponds to the JSON property `signatures`
-        # @return [Array<Google::Apis::SecuritycenterV1beta2::ProcessSignature>]
-        attr_accessor :signatures
-        # The list of URIs associated to the Findings.
-        # Corresponds to the JSON property `uris`
-        # @return [Array<String>]
-        attr_accessor :uris
-        def initialize(**args)
-           update!(**args)
-        end
-        # Update properties of this object
-        def update!(**args)
-          @domains = args[:domains] if args.key?(:domains)
-          @ip_addresses = args[:ip_addresses] if args.key?(:ip_addresses)
-          @signatures = args[:signatures] if args.key?(:signatures)
-          @uris = args[:uris] if args.key?(:uris)
-        end
-      end
-      # Kernel mode rootkit signatures.
-      class KernelRootkit
-        include Google::Apis::Core::Hashable
-        # Rootkit name, when available.
-        # Corresponds to the JSON property `name`
-        # @return [String]
-        attr_accessor :name
-        # True if unexpected modifications of kernel code memory are present.
-        # Corresponds to the JSON property `unexpectedCodeModification`
-        # @return [Boolean]
-        attr_accessor :unexpected_code_modification
-        alias_method :unexpected_code_modification?, :unexpected_code_modification
+        # True if unexpected modifications of kernel code memory are present.
+        # Corresponds to the JSON property `unexpectedCodeModification`
+        # @return [Boolean]
+        attr_accessor :unexpected_code_modification
+        alias_method :unexpected_code_modification?, :unexpected_code_modification
         # True if `ftrace` points are present with callbacks pointing to regions that
         # are not in the expected kernel or module code range.
@@ -5563,6 +3172,43 @@ module Google
         end
       end
+      # Package is a generic definition of a package.
+      class Package
+        include Google::Apis::Core::Hashable
+        # The CPE URI where the vulnerability was detected.
+        # Corresponds to the JSON property `cpeUri`
+        # @return [String]
+        attr_accessor :cpe_uri
+        # The name of the package where the vulnerability was detected.
+        # Corresponds to the JSON property `packageName`
+        # @return [String]
+        attr_accessor :package_name
+        # Type of package, for example, os, maven, or go.
+        # Corresponds to the JSON property `packageType`
+        # @return [String]
+        attr_accessor :package_type
+        # The version of the package.
+        # Corresponds to the JSON property `packageVersion`
+        # @return [String]
+        attr_accessor :package_version
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @cpe_uri = args[:cpe_uri] if args.key?(:cpe_uri)
+          @package_name = args[:package_name] if args.key?(:package_name)
+          @package_type = args[:package_type] if args.key?(:package_type)
+          @package_version = args[:package_version] if args.key?(:package_version)
+        end
+      end
       # A Kubernetes Pod.
       class Pod
         include Google::Apis::Core::Hashable
@@ -5687,6 +3333,11 @@ module Google
         # @return [Google::Apis::SecuritycenterV1beta2::MemoryHashSignature]
         attr_accessor :memory_hash_signature
+        # Describes the type of resource associated with the signature.
+        # Corresponds to the JSON property `signatureType`
+        # @return [String]
+        attr_accessor :signature_type
         # A signature corresponding to a YARA rule.
         # Corresponds to the JSON property `yaraRuleSignature`
         # @return [Google::Apis::SecuritycenterV1beta2::YaraRuleSignature]
@@ -5699,6 +3350,7 @@ module Google
         # Update properties of this object
         def update!(**args)
           @memory_hash_signature = args[:memory_hash_signature] if args.key?(:memory_hash_signature)
+          @signature_type = args[:signature_type] if args.key?(:signature_type)
           @yara_rule_signature = args[:yara_rule_signature] if args.key?(:yara_rule_signature)
         end
       end
@@ -5803,6 +3455,38 @@ module Google
         end
       end
+      # SecurityBulletin are notifications of vulnerabilities of Google products.
+      class SecurityBulletin
+        include Google::Apis::Core::Hashable
+        # ID of the bulletin corresponding to the vulnerability.
+        # Corresponds to the JSON property `bulletinId`
+        # @return [String]
+        attr_accessor :bulletin_id
+        # Submission time of this Security Bulletin.
+        # Corresponds to the JSON property `submissionTime`
+        # @return [String]
+        attr_accessor :submission_time
+        # This represents a version that the cluster receiving this notification should
+        # be upgraded to, based on its current version. For example, 1.15.0
+        # Corresponds to the JSON property `suggestedUpgradeVersion`
+        # @return [String]
+        attr_accessor :suggested_upgrade_version
+        def initialize(**args)
+           update!(**args)
+        end
+        # Update properties of this object
+        def update!(**args)
+          @bulletin_id = args[:bulletin_id] if args.key?(:bulletin_id)
+          @submission_time = args[:submission_time] if args.key?(:submission_time)
+          @suggested_upgrade_version = args[:suggested_upgrade_version] if args.key?(:suggested_upgrade_version)
+        end
+      end
       # Resource capturing the settings for Security Center. Next ID: 12
       class SecurityCenterSettings
         include Google::Apis::Core::Hashable
@@ -6149,6 +3833,21 @@ module Google
         # @return [Google::Apis::SecuritycenterV1beta2::Cve]
         attr_accessor :cve
+        # Package is a generic definition of a package.
+        # Corresponds to the JSON property `fixedPackage`
+        # @return [Google::Apis::SecuritycenterV1beta2::Package]
+        attr_accessor :fixed_package
+        # Package is a generic definition of a package.
+        # Corresponds to the JSON property `offendingPackage`
+        # @return [Google::Apis::SecuritycenterV1beta2::Package]
+        attr_accessor :offending_package
+        # SecurityBulletin are notifications of vulnerabilities of Google products.
+        # Corresponds to the JSON property `securityBulletin`
+        # @return [Google::Apis::SecuritycenterV1beta2::SecurityBulletin]
+        attr_accessor :security_bulletin
         def initialize(**args)
            update!(**args)
         end
@@ -6156,6 +3855,9 @@ module Google
         # Update properties of this object
         def update!(**args)
           @cve = args[:cve] if args.key?(:cve)
+          @fixed_package = args[:fixed_package] if args.key?(:fixed_package)
+          @offending_package = args[:offending_package] if args.key?(:offending_package)
+          @security_bulletin = args[:security_bulletin] if args.key?(:security_bulletin)
         end
       end