google-apis-securitycenter_v1beta2 0.71.0 → 0.72.0

data/lib/google/apis/securitycenter_v1beta2/classes.rb

@@ -493,6 +493,11 @@ module Google
         # @return [Google::Apis::SecuritycenterV1beta2::AzureSubscription]
         attr_accessor :subscription
       
+        # Represents a Microsoft Entra tenant.
+        # Corresponds to the JSON property `tenant`
+        # @return [Google::Apis::SecuritycenterV1beta2::AzureTenant]
+        attr_accessor :tenant
+      
         def initialize(**args)
            update!(**args)
         end
@@ -502,6 +507,7 @@ module Google
           @management_groups = args[:management_groups] if args.key?(:management_groups)
           @resource_group = args[:resource_group] if args.key?(:resource_group)
           @subscription = args[:subscription] if args.key?(:subscription)
+          @tenant = args[:tenant] if args.key?(:tenant)
         end
       end
       
@@ -509,6 +515,11 @@ module Google
       class AzureResourceGroup
         include Google::Apis::Core::Hashable
       
+        # The ID of the Azure resource group.
+        # Corresponds to the JSON property `id`
+        # @return [String]
+        attr_accessor :id
+      
         # The name of the Azure resource group. This is not a UUID.
         # Corresponds to the JSON property `name`
         # @return [String]
@@ -520,6 +531,7 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @id = args[:id] if args.key?(:id)
           @name = args[:name] if args.key?(:name)
         end
       end
@@ -550,6 +562,32 @@ module Google
         end
       end
       
+      # Represents a Microsoft Entra tenant.
+      class AzureTenant
+        include Google::Apis::Core::Hashable
+      
+        # The display name of the Azure tenant.
+        # Corresponds to the JSON property `displayName`
+        # @return [String]
+        attr_accessor :display_name
+      
+        # The ID of the Microsoft Entra tenant, for example, "a11aaa11-aa11-1aa1-11aa-
+        # 1aaa11a".
+        # Corresponds to the JSON property `id`
+        # @return [String]
+        attr_accessor :id
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @display_name = args[:display_name] if args.key?(:display_name)
+          @id = args[:id] if args.key?(:id)
+        end
+      end
+      
       # Information related to Google Cloud Backup and DR Service findings.
       class BackupDisasterRecovery
         include Google::Apis::Core::Hashable
@@ -1122,11 +1160,21 @@ module Google
         # @return [Google::Apis::SecuritycenterV1beta2::Cvssv3]
         attr_accessor :cvssv3
       
+        # Date the first publicly available exploit or PoC was released.
+        # Corresponds to the JSON property `exploitReleaseDate`
+        # @return [String]
+        attr_accessor :exploit_release_date
+      
         # The exploitation activity of the vulnerability in the wild.
         # Corresponds to the JSON property `exploitationActivity`
         # @return [String]
         attr_accessor :exploitation_activity
       
+        # Date of the earliest known exploitation.
+        # Corresponds to the JSON property `firstExploitationDate`
+        # @return [String]
+        attr_accessor :first_exploitation_date
+      
         # The unique identifier for the vulnerability. e.g. CVE-2021-34527
         # Corresponds to the JSON property `id`
         # @return [String]
@@ -1168,7 +1216,9 @@ module Google
         # Update properties of this object
         def update!(**args)
           @cvssv3 = args[:cvssv3] if args.key?(:cvssv3)
+          @exploit_release_date = args[:exploit_release_date] if args.key?(:exploit_release_date)
           @exploitation_activity = args[:exploitation_activity] if args.key?(:exploitation_activity)
+          @first_exploitation_date = args[:first_exploitation_date] if args.key?(:first_exploitation_date)
           @id = args[:id] if args.key?(:id)
           @impact = args[:impact] if args.key?(:impact)
           @observed_in_the_wild = args[:observed_in_the_wild] if args.key?(:observed_in_the_wild)
@@ -1255,6 +1305,91 @@ module Google
         end
       end
       
+      # Details about a data access attempt made by a principal not authorized under
+      # applicable data security policy.
+      class DataAccessEvent
+        include Google::Apis::Core::Hashable
+      
+        # Unique identifier for data access event.
+        # Corresponds to the JSON property `eventId`
+        # @return [String]
+        attr_accessor :event_id
+      
+        # Timestamp of data access event.
+        # Corresponds to the JSON property `eventTime`
+        # @return [String]
+        attr_accessor :event_time
+      
+        # The operation performed by the principal to access the data.
+        # Corresponds to the JSON property `operation`
+        # @return [String]
+        attr_accessor :operation
+      
+        # The email address of the principal that accessed the data. The principal could
+        # be a user account, service account, Google group, or other.
+        # Corresponds to the JSON property `principalEmail`
+        # @return [String]
+        attr_accessor :principal_email
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @event_id = args[:event_id] if args.key?(:event_id)
+          @event_time = args[:event_time] if args.key?(:event_time)
+          @operation = args[:operation] if args.key?(:operation)
+          @principal_email = args[:principal_email] if args.key?(:principal_email)
+        end
+      end
+      
+      # Details about a data flow event, in which either the data is moved to or is
+      # accessed from a non-compliant geo-location, as defined in the applicable data
+      # security policy.
+      class DataFlowEvent
+        include Google::Apis::Core::Hashable
+      
+        # Unique identifier for data flow event.
+        # Corresponds to the JSON property `eventId`
+        # @return [String]
+        attr_accessor :event_id
+      
+        # Timestamp of data flow event.
+        # Corresponds to the JSON property `eventTime`
+        # @return [String]
+        attr_accessor :event_time
+      
+        # The operation performed by the principal for the data flow event.
+        # Corresponds to the JSON property `operation`
+        # @return [String]
+        attr_accessor :operation
+      
+        # The email address of the principal that initiated the data flow event. The
+        # principal could be a user account, service account, Google group, or other.
+        # Corresponds to the JSON property `principalEmail`
+        # @return [String]
+        attr_accessor :principal_email
+      
+        # Non-compliant location of the principal or the data destination.
+        # Corresponds to the JSON property `violatedLocation`
+        # @return [String]
+        attr_accessor :violated_location
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @event_id = args[:event_id] if args.key?(:event_id)
+          @event_time = args[:event_time] if args.key?(:event_time)
+          @operation = args[:operation] if args.key?(:operation)
+          @principal_email = args[:principal_email] if args.key?(:principal_email)
+          @violated_location = args[:violated_location] if args.key?(:violated_location)
+        end
+      end
+      
       # Represents database access information, such as queries. A database may be a
       # sub-resource of an instance (as in the case of Cloud SQL instances or Cloud
       # Spanner instances), or the database instance itself. Some database resources
@@ -1374,6 +1509,26 @@ module Google
         end
       end
       
+      # Contains information about the disk associated with the finding.
+      class Disk
+        include Google::Apis::Core::Hashable
+      
+        # The name of the disk, for example, "https://www.googleapis.com/compute/v1/
+        # projects/project-id/zones/zone-id/disks/disk-id".
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @name = args[:name] if args.key?(:name)
+        end
+      end
+      
       # Path of the file in terms of underlying disk/partition identifiers.
       class DiskPath
         include Google::Apis::Core::Hashable
@@ -1401,6 +1556,33 @@ module Google
         end
       end
       
+      # The record of a dynamic mute rule that matches the finding.
+      class DynamicMuteRecord
+        include Google::Apis::Core::Hashable
+      
+        # When the dynamic mute rule first matched the finding.
+        # Corresponds to the JSON property `matchTime`
+        # @return [String]
+        attr_accessor :match_time
+      
+        # The relative resource name of the mute rule, represented by a mute config,
+        # that created this record, for example `organizations/123/muteConfigs/
+        # mymuteconfig` or `organizations/123/locations/global/muteConfigs/mymuteconfig`.
+        # Corresponds to the JSON property `muteConfig`
+        # @return [String]
+        attr_accessor :mute_config
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @match_time = args[:match_time] if args.key?(:match_time)
+          @mute_config = args[:mute_config] if args.key?(:mute_config)
+        end
+      end
+      
       # A name-value pair representing an environment variable used in an operating
       # system process.
       class EnvironmentVariable
@@ -1741,6 +1923,16 @@ module Google
         # @return [String]
         attr_accessor :create_time
       
+        # Data access events associated with the finding.
+        # Corresponds to the JSON property `dataAccessEvents`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::DataAccessEvent>]
+        attr_accessor :data_access_events
+      
+        # Data flow events associated with the finding.
+        # Corresponds to the JSON property `dataFlowEvents`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::DataFlowEvent>]
+        attr_accessor :data_flow_events
+      
         # Represents database access information, such as queries. A database may be a
         # sub-resource of an instance (as in the case of Cloud SQL instances or Cloud
         # Spanner instances), or the database instance itself. Some database resources
@@ -1757,6 +1949,11 @@ module Google
         # @return [String]
         attr_accessor :description
       
+        # Contains information about the disk associated with the finding.
+        # Corresponds to the JSON property `disk`
+        # @return [Google::Apis::SecuritycenterV1beta2::Disk]
+        attr_accessor :disk
+      
         # The time the finding was first detected. If an existing finding is updated,
         # then this is the time the update occurred. For example, if the finding
         # represents an open firewall, this property captures the time the detector
@@ -1858,6 +2055,12 @@ module Google
         # @return [String]
         attr_accessor :mute
       
+        # Mute information about the finding, including whether the finding has a static
+        # mute or any matching dynamic mute rules.
+        # Corresponds to the JSON property `muteInfo`
+        # @return [Google::Apis::SecuritycenterV1beta2::MuteInfo]
+        attr_accessor :mute_info
+      
         # Records additional information about the mute operation, for example, the [
         # mute configuration](/security-command-center/docs/how-to-mute-findings) that
         # muted the finding and the user who muted the finding.
@@ -1991,8 +2194,11 @@ module Google
           @contacts = args[:contacts] if args.key?(:contacts)
           @containers = args[:containers] if args.key?(:containers)
           @create_time = args[:create_time] if args.key?(:create_time)
+          @data_access_events = args[:data_access_events] if args.key?(:data_access_events)
+          @data_flow_events = args[:data_flow_events] if args.key?(:data_flow_events)
           @database = args[:database] if args.key?(:database)
           @description = args[:description] if args.key?(:description)
+          @disk = args[:disk] if args.key?(:disk)
           @event_time = args[:event_time] if args.key?(:event_time)
           @exfiltration = args[:exfiltration] if args.key?(:exfiltration)
           @external_systems = args[:external_systems] if args.key?(:external_systems)
@@ -2009,6 +2215,7 @@ module Google
           @mitre_attack = args[:mitre_attack] if args.key?(:mitre_attack)
           @module_name = args[:module_name] if args.key?(:module_name)
           @mute = args[:mute] if args.key?(:mute)
+          @mute_info = args[:mute_info] if args.key?(:mute_info)
           @mute_initiator = args[:mute_initiator] if args.key?(:mute_initiator)
           @mute_update_time = args[:mute_update_time] if args.key?(:mute_update_time)
           @name = args[:name] if args.key?(:name)
@@ -2367,6 +2574,11 @@ module Google
       class GoogleCloudSecuritycenterV1EffectiveSecurityHealthAnalyticsCustomModule
         include Google::Apis::Core::Hashable
       
+        # The cloud provider of the custom module.
+        # Corresponds to the JSON property `cloudProvider`
+        # @return [String]
+        attr_accessor :cloud_provider
+      
         # Defines the properties in a custom module configuration for Security Health
         # Analytics. Use the custom module configuration to create custom detectors that
         # generate custom findings for resources that you specify.
@@ -2403,6 +2615,7 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @cloud_provider = args[:cloud_provider] if args.key?(:cloud_provider)
           @custom_config = args[:custom_config] if args.key?(:custom_config)
           @display_name = args[:display_name] if args.key?(:display_name)
           @enablement_state = args[:enablement_state] if args.key?(:enablement_state)
@@ -2516,6 +2729,12 @@ module Google
         # @return [String]
         attr_accessor :display_name
       
+        # Optional. The expiry of the mute config. Only applicable for dynamic configs.
+        # If the expiry is set, when the config expires, it is removed from all findings.
+        # Corresponds to the JSON property `expiryTime`
+        # @return [String]
+        attr_accessor :expiry_time
+      
         # Required. An expression that defines the filter to apply across create/update
         # events of findings. While creating a filter string, be mindful of the scope in
         # which the mute configuration is being created. E.g., If a filter contains
@@ -2547,6 +2766,14 @@ module Google
         # @return [String]
         attr_accessor :name
       
+        # Optional. The type of the mute config, which determines what type of mute
+        # state the config affects. The static mute state takes precedence over the
+        # dynamic mute state. Immutable after creation. STATIC by default if not set
+        # during creation.
+        # Corresponds to the JSON property `type`
+        # @return [String]
+        attr_accessor :type
+      
         # Output only. The most recent time at which the mute config was updated. This
         # field is set by the server and will be ignored if provided on config creation
         # or update.
@@ -2563,9 +2790,11 @@ module Google
           @create_time = args[:create_time] if args.key?(:create_time)
           @description = args[:description] if args.key?(:description)
           @display_name = args[:display_name] if args.key?(:display_name)
+          @expiry_time = args[:expiry_time] if args.key?(:expiry_time)
           @filter = args[:filter] if args.key?(:filter)
           @most_recent_editor = args[:most_recent_editor] if args.key?(:most_recent_editor)
           @name = args[:name] if args.key?(:name)
+          @type = args[:type] if args.key?(:type)
           @update_time = args[:update_time] if args.key?(:update_time)
         end
       end
@@ -2848,10 +3077,10 @@ module Google
         # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV1SensitiveDataProtectionMapping]
         attr_accessor :sensitive_data_protection_mapping
       
-        # Required. Tag values combined with `AND` to check against. Values in the form "
-        # tagValues/123" Example: `[ "tagValues/123", "tagValues/456", "tagValues/789" ]`
-        # https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-
-        # managing
+        # Required. Tag values combined with `AND` to check against. For Google Cloud
+        # resources, they are tag value IDs in the form of "tagValues/123". Example: `[ "
+        # tagValues/123", "tagValues/456", "tagValues/789" ]` https://cloud.google.com/
+        # resource-manager/docs/tags/tags-creating-and-managing
         # Corresponds to the JSON property `tagValues`
         # @return [Array<String>]
         attr_accessor :tag_values
@@ -2922,6 +3151,11 @@ module Google
         # @return [String]
         attr_accessor :ancestor_module
       
+        # The cloud provider of the custom module.
+        # Corresponds to the JSON property `cloudProvider`
+        # @return [String]
+        attr_accessor :cloud_provider
+      
         # Defines the properties in a custom module configuration for Security Health
         # Analytics. Use the custom module configuration to create custom detectors that
         # generate custom findings for resources that you specify.
@@ -2971,6 +3205,7 @@ module Google
         # Update properties of this object
         def update!(**args)
           @ancestor_module = args[:ancestor_module] if args.key?(:ancestor_module)
+          @cloud_provider = args[:cloud_provider] if args.key?(:cloud_provider)
           @custom_config = args[:custom_config] if args.key?(:custom_config)
           @display_name = args[:display_name] if args.key?(:display_name)
           @enablement_state = args[:enablement_state] if args.key?(:enablement_state)
@@ -3804,6 +4039,11 @@ module Google
         # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2AzureSubscription]
         attr_accessor :subscription
       
+        # Represents a Microsoft Entra tenant.
+        # Corresponds to the JSON property `tenant`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2AzureTenant]
+        attr_accessor :tenant
+      
         def initialize(**args)
            update!(**args)
         end
@@ -3813,6 +4053,7 @@ module Google
           @management_groups = args[:management_groups] if args.key?(:management_groups)
           @resource_group = args[:resource_group] if args.key?(:resource_group)
           @subscription = args[:subscription] if args.key?(:subscription)
+          @tenant = args[:tenant] if args.key?(:tenant)
         end
       end
       
@@ -3820,6 +4061,11 @@ module Google
       class GoogleCloudSecuritycenterV2AzureResourceGroup
         include Google::Apis::Core::Hashable
       
+        # The ID of the Azure resource group.
+        # Corresponds to the JSON property `id`
+        # @return [String]
+        attr_accessor :id
+      
         # The name of the Azure resource group. This is not a UUID.
         # Corresponds to the JSON property `name`
         # @return [String]
@@ -3831,6 +4077,7 @@ module Google
       
         # Update properties of this object
         def update!(**args)
+          @id = args[:id] if args.key?(:id)
           @name = args[:name] if args.key?(:name)
         end
       end
@@ -3861,6 +4108,32 @@ module Google
         end
       end
       
+      # Represents a Microsoft Entra tenant.
+      class GoogleCloudSecuritycenterV2AzureTenant
+        include Google::Apis::Core::Hashable
+      
+        # The display name of the Azure tenant.
+        # Corresponds to the JSON property `displayName`
+        # @return [String]
+        attr_accessor :display_name
+      
+        # The ID of the Microsoft Entra tenant, for example, "a11aaa11-aa11-1aa1-11aa-
+        # 1aaa11a".
+        # Corresponds to the JSON property `id`
+        # @return [String]
+        attr_accessor :id
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @display_name = args[:display_name] if args.key?(:display_name)
+          @id = args[:id] if args.key?(:id)
+        end
+      end
+      
       # Information related to Google Cloud Backup and DR Service findings.
       class GoogleCloudSecuritycenterV2BackupDisasterRecovery
         include Google::Apis::Core::Hashable
@@ -4429,11 +4702,21 @@ module Google
         # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Cvssv3]
         attr_accessor :cvssv3
       
+        # Date the first publicly available exploit or PoC was released.
+        # Corresponds to the JSON property `exploitReleaseDate`
+        # @return [String]
+        attr_accessor :exploit_release_date
+      
         # The exploitation activity of the vulnerability in the wild.
         # Corresponds to the JSON property `exploitationActivity`
         # @return [String]
         attr_accessor :exploitation_activity
       
+        # Date of the earliest known exploitation.
+        # Corresponds to the JSON property `firstExploitationDate`
+        # @return [String]
+        attr_accessor :first_exploitation_date
+      
         # The unique identifier for the vulnerability. e.g. CVE-2021-34527
         # Corresponds to the JSON property `id`
         # @return [String]
@@ -4475,7 +4758,9 @@ module Google
         # Update properties of this object
         def update!(**args)
           @cvssv3 = args[:cvssv3] if args.key?(:cvssv3)
+          @exploit_release_date = args[:exploit_release_date] if args.key?(:exploit_release_date)
           @exploitation_activity = args[:exploitation_activity] if args.key?(:exploitation_activity)
+          @first_exploitation_date = args[:first_exploitation_date] if args.key?(:first_exploitation_date)
           @id = args[:id] if args.key?(:id)
           @impact = args[:impact] if args.key?(:impact)
           @observed_in_the_wild = args[:observed_in_the_wild] if args.key?(:observed_in_the_wild)
@@ -4562,6 +4847,91 @@ module Google
         end
       end
       
+      # Details about a data access attempt made by a principal not authorized under
+      # applicable data security policy.
+      class GoogleCloudSecuritycenterV2DataAccessEvent
+        include Google::Apis::Core::Hashable
+      
+        # Unique identifier for data access event.
+        # Corresponds to the JSON property `eventId`
+        # @return [String]
+        attr_accessor :event_id
+      
+        # Timestamp of data access event.
+        # Corresponds to the JSON property `eventTime`
+        # @return [String]
+        attr_accessor :event_time
+      
+        # The operation performed by the principal to access the data.
+        # Corresponds to the JSON property `operation`
+        # @return [String]
+        attr_accessor :operation
+      
+        # The email address of the principal that accessed the data. The principal could
+        # be a user account, service account, Google group, or other.
+        # Corresponds to the JSON property `principalEmail`
+        # @return [String]
+        attr_accessor :principal_email
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @event_id = args[:event_id] if args.key?(:event_id)
+          @event_time = args[:event_time] if args.key?(:event_time)
+          @operation = args[:operation] if args.key?(:operation)
+          @principal_email = args[:principal_email] if args.key?(:principal_email)
+        end
+      end
+      
+      # Details about a data flow event, in which either the data is moved to or is
+      # accessed from a non-compliant geo-location, as defined in the applicable data
+      # security policy.
+      class GoogleCloudSecuritycenterV2DataFlowEvent
+        include Google::Apis::Core::Hashable
+      
+        # Unique identifier for data flow event.
+        # Corresponds to the JSON property `eventId`
+        # @return [String]
+        attr_accessor :event_id
+      
+        # Timestamp of data flow event.
+        # Corresponds to the JSON property `eventTime`
+        # @return [String]
+        attr_accessor :event_time
+      
+        # The operation performed by the principal for the data flow event.
+        # Corresponds to the JSON property `operation`
+        # @return [String]
+        attr_accessor :operation
+      
+        # The email address of the principal that initiated the data flow event. The
+        # principal could be a user account, service account, Google group, or other.
+        # Corresponds to the JSON property `principalEmail`
+        # @return [String]
+        attr_accessor :principal_email
+      
+        # Non-compliant location of the principal or the data destination.
+        # Corresponds to the JSON property `violatedLocation`
+        # @return [String]
+        attr_accessor :violated_location
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @event_id = args[:event_id] if args.key?(:event_id)
+          @event_time = args[:event_time] if args.key?(:event_time)
+          @operation = args[:operation] if args.key?(:operation)
+          @principal_email = args[:principal_email] if args.key?(:principal_email)
+          @violated_location = args[:violated_location] if args.key?(:violated_location)
+        end
+      end
+      
       # Represents database access information, such as queries. A database may be a
       # sub-resource of an instance (as in the case of Cloud SQL instances or Cloud
       # Spanner instances), or the database instance itself. Some database resources
@@ -4650,6 +5020,26 @@ module Google
         end
       end
       
+      # Contains information about the disk associated with the finding.
+      class GoogleCloudSecuritycenterV2Disk
+        include Google::Apis::Core::Hashable
+      
+        # The name of the disk, for example, "https://www.googleapis.com/compute/v1/
+        # projects/project-id/zones/zone-id/disks/disk-id".
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @name = args[:name] if args.key?(:name)
+        end
+      end
+      
       # Path of the file in terms of underlying disk/partition identifiers.
       class GoogleCloudSecuritycenterV2DiskPath
         include Google::Apis::Core::Hashable
@@ -4677,6 +5067,33 @@ module Google
         end
       end
       
+      # The record of a dynamic mute rule that matches the finding.
+      class GoogleCloudSecuritycenterV2DynamicMuteRecord
+        include Google::Apis::Core::Hashable
+      
+        # When the dynamic mute rule first matched the finding.
+        # Corresponds to the JSON property `matchTime`
+        # @return [String]
+        attr_accessor :match_time
+      
+        # The relative resource name of the mute rule, represented by a mute config,
+        # that created this record, for example `organizations/123/muteConfigs/
+        # mymuteconfig` or `organizations/123/locations/global/muteConfigs/mymuteconfig`.
+        # Corresponds to the JSON property `muteConfig`
+        # @return [String]
+        attr_accessor :mute_config
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @match_time = args[:match_time] if args.key?(:match_time)
+          @mute_config = args[:mute_config] if args.key?(:mute_config)
+        end
+      end
+      
       # A name-value pair representing an environment variable used in an operating
       # system process.
       class GoogleCloudSecuritycenterV2EnvironmentVariable
@@ -5015,6 +5432,16 @@ module Google
         # @return [String]
         attr_accessor :create_time
       
+        # Data access events associated with the finding.
+        # Corresponds to the JSON property `dataAccessEvents`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2DataAccessEvent>]
+        attr_accessor :data_access_events
+      
+        # Data flow events associated with the finding.
+        # Corresponds to the JSON property `dataFlowEvents`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2DataFlowEvent>]
+        attr_accessor :data_flow_events
+      
         # Represents database access information, such as queries. A database may be a
         # sub-resource of an instance (as in the case of Cloud SQL instances or Cloud
         # Spanner instances), or the database instance itself. Some database resources
@@ -5031,6 +5458,11 @@ module Google
         # @return [String]
         attr_accessor :description
       
+        # Contains information about the disk associated with the finding.
+        # Corresponds to the JSON property `disk`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2Disk]
+        attr_accessor :disk
+      
         # The time the finding was first detected. If an existing finding is updated,
         # then this is the time the update occurred. For example, if the finding
         # represents an open firewall, this property captures the time the detector
@@ -5132,6 +5564,12 @@ module Google
         # @return [String]
         attr_accessor :mute
       
+        # Mute information about the finding, including whether the finding has a static
+        # mute or any matching dynamic mute rules.
+        # Corresponds to the JSON property `muteInfo`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2MuteInfo]
+        attr_accessor :mute_info
+      
         # Records additional information about the mute operation, for example, the [
         # mute configuration](https://cloud.google.com/security-command-center/docs/how-
         # to-mute-findings) that muted the finding and the user who muted the finding.
@@ -5274,8 +5712,11 @@ module Google
           @contacts = args[:contacts] if args.key?(:contacts)
           @containers = args[:containers] if args.key?(:containers)
           @create_time = args[:create_time] if args.key?(:create_time)
+          @data_access_events = args[:data_access_events] if args.key?(:data_access_events)
+          @data_flow_events = args[:data_flow_events] if args.key?(:data_flow_events)
           @database = args[:database] if args.key?(:database)
           @description = args[:description] if args.key?(:description)
+          @disk = args[:disk] if args.key?(:disk)
           @event_time = args[:event_time] if args.key?(:event_time)
           @exfiltration = args[:exfiltration] if args.key?(:exfiltration)
           @external_systems = args[:external_systems] if args.key?(:external_systems)
@@ -5292,6 +5733,7 @@ module Google
           @mitre_attack = args[:mitre_attack] if args.key?(:mitre_attack)
           @module_name = args[:module_name] if args.key?(:module_name)
           @mute = args[:mute] if args.key?(:mute)
+          @mute_info = args[:mute_info] if args.key?(:mute_info)
           @mute_initiator = args[:mute_initiator] if args.key?(:mute_initiator)
           @mute_update_time = args[:mute_update_time] if args.key?(:mute_update_time)
           @name = args[:name] if args.key?(:name)
@@ -5764,6 +6206,12 @@ module Google
         # @return [String]
         attr_accessor :description
       
+        # Optional. The expiry of the mute config. Only applicable for dynamic configs.
+        # If the expiry is set, when the config expires, it is removed from all findings.
+        # Corresponds to the JSON property `expiryTime`
+        # @return [String]
+        attr_accessor :expiry_time
+      
         # Required. An expression that defines the filter to apply across create/update
         # events of findings. While creating a filter string, be mindful of the scope in
         # which the mute configuration is being created. E.g., If a filter contains
@@ -5817,6 +6265,7 @@ module Google
         def update!(**args)
           @create_time = args[:create_time] if args.key?(:create_time)
           @description = args[:description] if args.key?(:description)
+          @expiry_time = args[:expiry_time] if args.key?(:expiry_time)
           @filter = args[:filter] if args.key?(:filter)
           @most_recent_editor = args[:most_recent_editor] if args.key?(:most_recent_editor)
           @name = args[:name] if args.key?(:name)
@@ -5825,6 +6274,34 @@ module Google
         end
       end
       
+      # Mute information about the finding, including whether the finding has a static
+      # mute or any matching dynamic mute rules.
+      class GoogleCloudSecuritycenterV2MuteInfo
+        include Google::Apis::Core::Hashable
+      
+        # The list of dynamic mute rules that currently match the finding.
+        # Corresponds to the JSON property `dynamicMuteRecords`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2DynamicMuteRecord>]
+        attr_accessor :dynamic_mute_records
+      
+        # Information about the static mute state. A static mute state overrides any
+        # dynamic mute rules that apply to this finding. The static mute state can be
+        # set by a static mute rule or by muting the finding directly.
+        # Corresponds to the JSON property `staticMute`
+        # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2StaticMute]
+        attr_accessor :static_mute
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @dynamic_mute_records = args[:dynamic_mute_records] if args.key?(:dynamic_mute_records)
+          @static_mute = args[:static_mute] if args.key?(:static_mute)
+        end
+      end
+      
       # Kubernetes nodes associated with the finding.
       class GoogleCloudSecuritycenterV2Node
         include Google::Apis::Core::Hashable
@@ -6500,9 +6977,10 @@ module Google
         # @return [Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV2SensitiveDataProtectionMapping]
         attr_accessor :sensitive_data_protection_mapping
       
-        # Tag values combined with `AND` to check against. Values in the form "tagValues/
-        # 123" Example: `[ "tagValues/123", "tagValues/456", "tagValues/789" ]` https://
-        # cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing
+        # Tag values combined with `AND` to check against. For Google Cloud resources,
+        # they are tag value IDs in the form of "tagValues/123". Example: `[ "tagValues/
+        # 123", "tagValues/456", "tagValues/789" ]` https://cloud.google.com/resource-
+        # manager/docs/tags/tags-creating-and-managing
         # Corresponds to the JSON property `tagValues`
         # @return [Array<String>]
         attr_accessor :tag_values
@@ -6812,6 +7290,34 @@ module Google
         end
       end
       
+      # Information about the static mute state. A static mute state overrides any
+      # dynamic mute rules that apply to this finding. The static mute state can be
+      # set by a static mute rule or by muting the finding directly.
+      class GoogleCloudSecuritycenterV2StaticMute
+        include Google::Apis::Core::Hashable
+      
+        # When the static mute was applied.
+        # Corresponds to the JSON property `applyTime`
+        # @return [String]
+        attr_accessor :apply_time
+      
+        # The static mute state. If the value is `MUTED` or `UNMUTED`, then the finding'
+        # s overall mute state will have the same value.
+        # Corresponds to the JSON property `state`
+        # @return [String]
+        attr_accessor :state
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @apply_time = args[:apply_time] if args.key?(:apply_time)
+          @state = args[:state] if args.key?(:state)
+        end
+      end
+      
       # Represents a Kubernetes subject.
       class GoogleCloudSecuritycenterV2Subject
         include Google::Apis::Core::Hashable
@@ -7373,6 +7879,34 @@ module Google
         end
       end
       
+      # Mute information about the finding, including whether the finding has a static
+      # mute or any matching dynamic mute rules.
+      class MuteInfo
+        include Google::Apis::Core::Hashable
+      
+        # The list of dynamic mute rules that currently match the finding.
+        # Corresponds to the JSON property `dynamicMuteRecords`
+        # @return [Array<Google::Apis::SecuritycenterV1beta2::DynamicMuteRecord>]
+        attr_accessor :dynamic_mute_records
+      
+        # Information about the static mute state. A static mute state overrides any
+        # dynamic mute rules that apply to this finding. The static mute state can be
+        # set by a static mute rule or by muting the finding directly.
+        # Corresponds to the JSON property `staticMute`
+        # @return [Google::Apis::SecuritycenterV1beta2::StaticMute]
+        attr_accessor :static_mute
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @dynamic_mute_records = args[:dynamic_mute_records] if args.key?(:dynamic_mute_records)
+          @static_mute = args[:static_mute] if args.key?(:static_mute)
+        end
+      end
+      
       # Kubernetes nodes associated with the finding.
       class Node
         include Google::Apis::Core::Hashable
@@ -8242,6 +8776,34 @@ module Google
         end
       end
       
+      # Information about the static mute state. A static mute state overrides any
+      # dynamic mute rules that apply to this finding. The static mute state can be
+      # set by a static mute rule or by muting the finding directly.
+      class StaticMute
+        include Google::Apis::Core::Hashable
+      
+        # When the static mute was applied.
+        # Corresponds to the JSON property `applyTime`
+        # @return [String]
+        attr_accessor :apply_time
+      
+        # The static mute state. If the value is `MUTED` or `UNMUTED`, then the finding'
+        # s overall mute state will have the same value.
+        # Corresponds to the JSON property `state`
+        # @return [String]
+        attr_accessor :state
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @apply_time = args[:apply_time] if args.key?(:apply_time)
+          @state = args[:state] if args.key?(:state)
+        end
+      end
+      
       # Represents a Kubernetes subject.
       class Subject
         include Google::Apis::Core::Hashable