google-cloud-security_center-v1 0.12.0 → 0.14.0

data/proto_docs/google/cloud/securitycenter/v1/finding.rb

@@ -99,8 +99,9 @@ module Google
         #     finding.
         # @!attribute [rw] mute
         #   @return [::Google::Cloud::SecurityCenter::V1::Finding::Mute]
-        #     Indicates the mute state of a finding (either unspecified, muted, unmuted
-        #     or undefined).
+        #     Indicates the mute state of a finding (either muted, unmuted
+        #     or undefined). Unlike other attributes of a finding, a finding provider
+        #     shouldn't set the value of mute.
         # @!attribute [rw] finding_class
         #   @return [::Google::Cloud::SecurityCenter::V1::Finding::FindingClass]
         #     The class of the finding.
@@ -123,6 +124,10 @@ module Google
         #   @return [::Google::Protobuf::Map{::String => ::Google::Cloud::SecurityCenter::V1::ExternalSystem}]
         #     Output only. Third party SIEM/SOAR fields within SCC, contains external system
         #     information and external system finding fields.
+        # @!attribute [rw] mitre_attack
+        #   @return [::Google::Cloud::SecurityCenter::V1::MitreAttack]
+        #     MITRE ATT&CK tactics and techniques related to this finding.
+        #     See: https://attack.mitre.org
         # @!attribute [rw] access
         #   @return [::Google::Cloud::SecurityCenter::V1::Access]
         #     Access details associated to the Finding, such as more information on the
@@ -131,7 +136,14 @@ module Google
         #   @return [::String]
         #     First known as mute_annotation. Records additional information about the
         #     mute operation e.g. mute config that muted the finding, user who muted the
-        #     finding, etc.
+        #     finding, etc. Unlike other attributes of a finding, a finding provider
+        #     shouldn't set the value of mute.
+        # @!attribute [rw] iam_bindings
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::IamBinding>]
+        #     Represents IAM bindings associated with the Finding.
+        # @!attribute [rw] next_steps
+        #   @return [::String]
+        #     Next steps associate to the finding.
         class Finding
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -215,7 +227,7 @@ module Google
             MEDIUM = 3
 
             # Vulnerability:
-            # A low risk vulnerability hampers a security organization’s ability to
+            # A low risk vulnerability hampers a security organization's ability to
             # detect vulnerabilities or active threats in their deployment, or prevents
             # the root cause investigation of security issues. An example is monitoring
             # and logs being disabled for resource configurations and access.
@@ -259,6 +271,9 @@ module Google
 
             # Describes a security observation that is for informational purposes.
             OBSERVATION = 4
+
+            # Describes an error that prevents some SCC functionality.
+            SCC_ERROR = 5
           end
         end
       end

data/proto_docs/google/cloud/securitycenter/v1/iam_binding.rb

@@ -0,0 +1,56 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # Represents a particular IAM binding, which captures a member's role addition,
+        # removal, or state.
+        # @!attribute [rw] action
+        #   @return [::Google::Cloud::SecurityCenter::V1::IamBinding::Action]
+        #     The action that was performed on a Binding.
+        # @!attribute [rw] role
+        #   @return [::String]
+        #     Role that is assigned to "members".
+        #     For example, "roles/viewer", "roles/editor", or "roles/owner".
+        # @!attribute [rw] member
+        #   @return [::String]
+        #     A single identity requesting access for a Cloud Platform resource,
+        #     e.g. "foo@google.com".
+        class IamBinding
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # The type of action performed on a Binding in a policy.
+          module Action
+            # Unspecified.
+            ACTION_UNSPECIFIED = 0
+
+            # Addition of a Binding.
+            ADD = 1
+
+            # Removal of a Binding.
+            REMOVE = 2
+          end
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1/mitre_attack.rb

@@ -0,0 +1,201 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # MITRE ATT&CK tactics and techniques related to this finding.
+        # See: https://attack.mitre.org
+        # @!attribute [rw] primary_tactic
+        #   @return [::Google::Cloud::SecurityCenter::V1::MitreAttack::Tactic]
+        #     The MITRE ATT&CK tactic most closely represented by this finding, if any.
+        # @!attribute [rw] primary_techniques
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::MitreAttack::Technique>]
+        #     The MITRE ATT&CK technique most closely represented by this finding, if
+        #     any. primary_techniques is a repeated field because there are multiple
+        #     levels of MITRE ATT&CK techniques.  If the technique most closely
+        #     represented by this finding is a sub-technique (e.g. `SCANNING_IP_BLOCKS`),
+        #     both the sub-technique and its parent technique(s) will be listed (e.g.
+        #     `SCANNING_IP_BLOCKS`, `ACTIVE_SCANNING`).
+        # @!attribute [rw] additional_tactics
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::MitreAttack::Tactic>]
+        #     Additional MITRE ATT&CK tactics related to this finding, if any.
+        # @!attribute [rw] additional_techniques
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::MitreAttack::Technique>]
+        #     Additional MITRE ATT&CK techniques related to this finding, if any, along
+        #     with any of their respective parent techniques.
+        # @!attribute [rw] version
+        #   @return [::String]
+        #     The MITRE ATT&CK version referenced by the above fields. E.g. "8".
+        class MitreAttack
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # MITRE ATT&CK tactics that can be referenced by SCC findings.
+          # See: https://attack.mitre.org/tactics/enterprise/
+          module Tactic
+            # Unspecified value.
+            TACTIC_UNSPECIFIED = 0
+
+            # TA0043
+            RECONNAISSANCE = 1
+
+            # TA0042
+            RESOURCE_DEVELOPMENT = 2
+
+            # TA0001
+            INITIAL_ACCESS = 5
+
+            # TA0002
+            EXECUTION = 3
+
+            # TA0003
+            PERSISTENCE = 6
+
+            # TA0004
+            PRIVILEGE_ESCALATION = 8
+
+            # TA0005
+            DEFENSE_EVASION = 7
+
+            # TA0006
+            CREDENTIAL_ACCESS = 9
+
+            # TA0007
+            DISCOVERY = 10
+
+            # TA0008
+            LATERAL_MOVEMENT = 11
+
+            # TA0009
+            COLLECTION = 12
+
+            # TA0011
+            COMMAND_AND_CONTROL = 4
+
+            # TA0010
+            EXFILTRATION = 13
+
+            # TA0040
+            IMPACT = 14
+          end
+
+          # MITRE ATT&CK techniques that can be referenced by SCC findings.
+          # See: https://attack.mitre.org/techniques/enterprise/
+          # Next ID: 31
+          module Technique
+            # Unspecified value.
+            TECHNIQUE_UNSPECIFIED = 0
+
+            # T1595
+            ACTIVE_SCANNING = 1
+
+            # T1595.001
+            SCANNING_IP_BLOCKS = 2
+
+            # T1105
+            INGRESS_TOOL_TRANSFER = 3
+
+            # T1106
+            NATIVE_API = 4
+
+            # T1129
+            SHARED_MODULES = 5
+
+            # T1059
+            COMMAND_AND_SCRIPTING_INTERPRETER = 6
+
+            # T1059.004
+            UNIX_SHELL = 7
+
+            # T1496
+            RESOURCE_HIJACKING = 8
+
+            # T1090
+            PROXY = 9
+
+            # T1090.002
+            EXTERNAL_PROXY = 10
+
+            # T1090.003
+            MULTI_HOP_PROXY = 11
+
+            # T1568
+            DYNAMIC_RESOLUTION = 12
+
+            # T1552
+            UNSECURED_CREDENTIALS = 13
+
+            # T1078
+            VALID_ACCOUNTS = 14
+
+            # T1078.003
+            LOCAL_ACCOUNTS = 15
+
+            # T1078.004
+            CLOUD_ACCOUNTS = 16
+
+            # T1498
+            NETWORK_DENIAL_OF_SERVICE = 17
+
+            # T1069
+            PERMISSION_GROUPS_DISCOVERY = 18
+
+            # T1069.003
+            CLOUD_GROUPS = 19
+
+            # T1567
+            EXFILTRATION_OVER_WEB_SERVICE = 20
+
+            # T1567.002
+            EXFILTRATION_TO_CLOUD_STORAGE = 21
+
+            # T1098
+            ACCOUNT_MANIPULATION = 22
+
+            # T1098.004
+            SSH_AUTHORIZED_KEYS = 23
+
+            # T1543
+            CREATE_OR_MODIFY_SYSTEM_PROCESS = 24
+
+            # T1539
+            STEAL_WEB_SESSION_COOKIE = 25
+
+            # T1578
+            MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE = 26
+
+            # T1190
+            EXPLOIT_PUBLIC_FACING_APPLICATION = 27
+
+            # T1556
+            MODIFY_AUTHENTICATION_PROCESS = 28
+
+            # T1485
+            DATA_DESTRUCTION = 29
+
+            # T1484
+            DOMAIN_POLICY_MODIFICATION = 30
+          end
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1/resource.rb

@@ -26,29 +26,29 @@ module Google
         #   @return [::String]
         #     The full resource name of the resource. See:
         #     https://cloud.google.com/apis/design/resource_names#full_resource_name
+        # @!attribute [rw] display_name
+        #   @return [::String]
+        #     The human readable name of the resource.
+        # @!attribute [rw] type
+        #   @return [::String]
+        #     The full resource type of the resource.
         # @!attribute [rw] project
         #   @return [::String]
         #     The full resource name of project that the resource belongs to.
         # @!attribute [rw] project_display_name
         #   @return [::String]
-        #     The human readable name of project that the resource belongs to.
+        #     The project ID that the resource belongs to.
         # @!attribute [rw] parent
         #   @return [::String]
         #     The full resource name of resource's parent.
         # @!attribute [rw] parent_display_name
         #   @return [::String]
         #     The human readable name of resource's parent.
-        # @!attribute [rw] type
-        #   @return [::String]
-        #     The full resource type of the resource.
         # @!attribute [r] folders
         #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Folder>]
         #     Output only. Contains a Folder message for each folder in the assets ancestry.
         #     The first folder is the deepest nested folder, and the last folder is the
         #     folder directly under the Organization.
-        # @!attribute [rw] display_name
-        #   @return [::String]
-        #     The human readable name of the resource.
         class Resource
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/cloud/securitycenter/v1/securitycenter_service.rb

@@ -29,8 +29,8 @@ module Google
         # 2. Once a bulk operation is started, there is no way to stop it.
         # @!attribute [rw] parent
         #   @return [::String]
-        #     Required. The parent, at which bulk action needs to be applied. Its format is
-        #     "organizations/[organization_id]", "folders/[folder_id]",
+        #     Required. The parent, at which bulk action needs to be applied. Its format
+        #     is "organizations/[organization_id]", "folders/[folder_id]",
         #     "projects/[project_id]".
         # @!attribute [rw] filter
         #   @return [::String]
@@ -81,8 +81,8 @@ module Google
         #     greater than 0 characters in length.
         # @!attribute [rw] finding
         #   @return [::Google::Cloud::SecurityCenter::V1::Finding]
-        #     Required. The Finding being created. The name and security_marks will be ignored as
-        #     they are both output only fields on this resource.
+        #     Required. The Finding being created. The name and security_marks will be
+        #     ignored as they are both output only fields on this resource.
         class CreateFindingRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -111,8 +111,8 @@ module Google
         # Request message for creating a notification config.
         # @!attribute [rw] parent
         #   @return [::String]
-        #     Required. Resource name of the new notification config's parent. Its format is
-        #     "organizations/[organization_id]".
+        #     Required. Resource name of the new notification config's parent. Its format
+        #     is "organizations/[organization_id]".
         # @!attribute [rw] config_id
         #   @return [::String]
         #     Required.
@@ -121,8 +121,9 @@ module Google
         #     characters, underscores or hyphens only.
         # @!attribute [rw] notification_config
         #   @return [::Google::Cloud::SecurityCenter::V1::NotificationConfig]
-        #     Required. The notification config being created. The name and the service account
-        #     will be ignored as they are both output only fields on this resource.
+        #     Required. The notification config being created. The name and the service
+        #     account will be ignored as they are both output only fields on this
+        #     resource.
         class CreateNotificationConfigRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -135,8 +136,8 @@ module Google
         #     "organizations/[organization_id]".
         # @!attribute [rw] source
         #   @return [::Google::Cloud::SecurityCenter::V1::Source]
-        #     Required. The Source being created, only the display_name and description will be
-        #     used. All other fields will be ignored.
+        #     Required. The Source being created, only the display_name and description
+        #     will be used. All other fields will be ignored.
         class CreateSourceRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -164,6 +165,18 @@ module Google
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
 
+        # Request message for retrieving a big query export.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. Name of the big query export to retrieve. Its format is
+        #     organizations/\\{organization}/bigQueryExports/\\{export_id},
+        #     folders/\\{folder}/bigQueryExports/\\{export_id}, or
+        #     projects/\\{project}/bigQueryExports/\\{export_id}
+        class GetBigQueryExportRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
         # Request message for retrieving a mute config.
         # @!attribute [rw] name
         #   @return [::String]
@@ -189,8 +202,8 @@ module Google
         # Request message for getting organization settings.
         # @!attribute [rw] name
         #   @return [::String]
-        #     Required. Name of the organization to get organization settings for. Its format is
-        #     "organizations/[organization_id]/organizationSettings".
+        #     Required. Name of the organization to get organization settings for. Its
+        #     format is "organizations/[organization_id]/organizationSettings".
         class GetOrganizationSettingsRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -278,9 +291,9 @@ module Google
         #     property not existing: `-resource_properties.my_property : ""`
         # @!attribute [rw] group_by
         #   @return [::String]
-        #     Required. Expression that defines what assets fields to use for grouping. The string
-        #     value should follow SQL syntax: comma separated list of fields. For
-        #     example:
+        #     Required. Expression that defines what assets fields to use for grouping.
+        #     The string value should follow SQL syntax: comma separated list of fields.
+        #     For example:
         #     "security_center_properties.resource_project,security_center_properties.project".
         #
         #     The following fields are supported when compare_duration is not set:
@@ -439,9 +452,9 @@ module Google
         #       * resource.type: `=`, `:`
         # @!attribute [rw] group_by
         #   @return [::String]
-        #     Required. Expression that defines what assets fields to use for grouping (including
-        #     `state_change`). The string value should follow SQL syntax: comma separated
-        #     list of fields. For example: "parent,resource_name".
+        #     Required. Expression that defines what assets fields to use for grouping
+        #     (including `state_change`). The string value should follow SQL syntax:
+        #     comma separated list of fields. For example: "parent,resource_name".
         #
         #     The following fields are supported:
         #
@@ -554,8 +567,8 @@ module Google
         # folder or project.
         # @!attribute [rw] parent
         #   @return [::String]
-        #     Required. The parent, which owns the collection of mute configs. Its format is
-        #     "organizations/[organization_id]", "folders/[folder_id]",
+        #     Required. The parent, which owns the collection of mute configs. Its format
+        #     is "organizations/[organization_id]", "folders/[folder_id]",
         #     "projects/[project_id]".
         # @!attribute [rw] page_size
         #   @return [::Integer]
@@ -623,8 +636,8 @@ module Google
         # Request message for listing sources.
         # @!attribute [rw] parent
         #   @return [::String]
-        #     Required. Resource name of the parent of sources to list. Its format should be
-        #     "organizations/[organization_id], folders/[folder_id], or
+        #     Required. Resource name of the parent of sources to list. Its format should
+        #     be "organizations/[organization_id], folders/[folder_id], or
         #     projects/[project_id]".
         # @!attribute [rw] page_token
         #   @return [::String]
@@ -1035,29 +1048,29 @@ module Google
             #   @return [::String]
             #     The full resource name of the resource. See:
             #     https://cloud.google.com/apis/design/resource_names#full_resource_name
+            # @!attribute [rw] display_name
+            #   @return [::String]
+            #     The human readable name of the resource.
+            # @!attribute [rw] type
+            #   @return [::String]
+            #     The full resource type of the resource.
             # @!attribute [rw] project_name
             #   @return [::String]
             #     The full resource name of project that the resource belongs to.
             # @!attribute [rw] project_display_name
             #   @return [::String]
-            #     The human readable name of project that the resource belongs to.
+            #     The project ID that the resource belongs to.
             # @!attribute [rw] parent_name
             #   @return [::String]
             #     The full resource name of resource's parent.
             # @!attribute [rw] parent_display_name
             #   @return [::String]
             #     The human readable name of resource's parent.
-            # @!attribute [rw] type
-            #   @return [::String]
-            #     The full resource type of the resource.
             # @!attribute [rw] folders
             #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Folder>]
             #     Contains a Folder message for each folder in the assets ancestry.
             #     The first folder is the deepest nested folder, and the last folder is
             #     the folder directly under the Organization.
-            # @!attribute [rw] display_name
-            #   @return [::String]
-            #     The human readable name of the resource.
             class Resource
               include ::Google::Protobuf::MessageExts
               extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -1131,8 +1144,8 @@ module Google
         # Request message for running asset discovery for an organization.
         # @!attribute [rw] parent
         #   @return [::String]
-        #     Required. Name of the organization to run asset discovery for. Its format is
-        #     "organizations/[organization_id]".
+        #     Required. Name of the organization to run asset discovery for. Its format
+        #     is "organizations/[organization_id]".
         class RunAssetDiscoveryRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -1155,8 +1168,8 @@ module Google
         # Request message for updating or creating a finding.
         # @!attribute [rw] finding
         #   @return [::Google::Cloud::SecurityCenter::V1::Finding]
-        #     Required. The finding resource to update or create if it does not already exist.
-        #     parent, security_marks, and update_time will be ignored.
+        #     Required. The finding resource to update or create if it does not already
+        #     exist. parent, security_marks, and update_time will be ignored.
         #
         #     In the case of creation, the finding id portion of the name must be
         #     alphanumeric and less than or equal to 32 characters and greater than 0
@@ -1246,11 +1259,93 @@ module Google
         #     The time at which the updated SecurityMarks take effect.
         #     If not set uses current server time.  Updates will be applied to the
         #     SecurityMarks that are active immediately preceding this time. Must be
-        #     smaller or equal to the server time.
+        #     earlier or equal to the server time.
         class UpdateSecurityMarksRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
+
+        # Request message for creating a big query export.
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. Resource name of the new big query export's parent. Its format is
+        #     "organizations/[organization_id]", "folders/[folder_id]", or
+        #     "projects/[project_id]".
+        # @!attribute [rw] big_query_export
+        #   @return [::Google::Cloud::SecurityCenter::V1::BigQueryExport]
+        #     Required. The big query export being created.
+        # @!attribute [rw] big_query_export_id
+        #   @return [::String]
+        #     Required. Unique identifier provided by the client within the parent scope.
+        #     It must consist of lower case letters, numbers, and hyphen, with the first
+        #     character a letter, the last a letter or a number, and a 63 character
+        #     maximum.
+        class CreateBigQueryExportRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request message for updating a BigQuery export.
+        # @!attribute [rw] big_query_export
+        #   @return [::Google::Cloud::SecurityCenter::V1::BigQueryExport]
+        #     Required. The BigQuery export being updated.
+        # @!attribute [rw] update_mask
+        #   @return [::Google::Protobuf::FieldMask]
+        #     The list of fields to be updated.
+        #     If empty all mutable fields will be updated.
+        class UpdateBigQueryExportRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request message for listing  BigQuery exports at a given scope e.g.
+        # organization, folder or project.
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. The parent, which owns the collection of BigQuery exports. Its
+        #     format is "organizations/[organization_id]", "folders/[folder_id]",
+        #     "projects/[project_id]".
+        # @!attribute [rw] page_size
+        #   @return [::Integer]
+        #     The maximum number of configs to return. The service may return fewer than
+        #     this value.
+        #     If unspecified, at most 10 configs will be returned.
+        #     The maximum value is 1000; values above 1000 will be coerced to 1000.
+        # @!attribute [rw] page_token
+        #   @return [::String]
+        #     A page token, received from a previous `ListBigQueryExports` call.
+        #     Provide this to retrieve the subsequent page.
+        #     When paginating, all other parameters provided to `ListBigQueryExports`
+        #     must match the call that provided the page token.
+        class ListBigQueryExportsRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Response message for listing BigQuery exports.
+        # @!attribute [rw] big_query_exports
+        #   @return [::Array<::Google::Cloud::SecurityCenter::V1::BigQueryExport>]
+        #     The BigQuery exports from the specified parent.
+        # @!attribute [rw] next_page_token
+        #   @return [::String]
+        #     A token, which can be sent as `page_token` to retrieve the next page.
+        #     If this field is omitted, there are no subsequent pages.
+        class ListBigQueryExportsResponse
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request message for deleting a big query export.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. Name of the big query export to delete. Its format is
+        #     organizations/\\{organization}/bigQueryExports/\\{export_id},
+        #     folders/\\{folder}/bigQueryExports/\\{export_id}, or
+        #     projects/\\{project}/bigQueryExports/\\{export_id}
+        class DeleteBigQueryExportRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
       end
     end
   end

data/proto_docs/google/cloud/securitycenter/v1/vulnerability.rb

@@ -44,6 +44,9 @@ module Google
         #   @return [::Google::Cloud::SecurityCenter::V1::Cvssv3]
         #     Describe Common Vulnerability Scoring System specified at
         #     https://www.first.org/cvss/v3.1/specification-document
+        # @!attribute [rw] upstream_fix_available
+        #   @return [::Boolean]
+        #     Whether upstream fix is available for the CVE.
         class Cve
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/iam/v1/iam_policy.rb

@@ -31,6 +31,13 @@ module Google
       #     the policy is limited to a few 10s of KB. An empty policy is a
       #     valid policy but certain Cloud Platform services (such as Projects)
       #     might reject them.
+      # @!attribute [rw] update_mask
+      #   @return [::Google::Protobuf::FieldMask]
+      #     OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
+      #     the fields in the mask will be modified. If no mask is provided, the
+      #     following default mask is used:
+      #
+      #     `paths: "bindings, etag"`
       class SetIamPolicyRequest
         include ::Google::Protobuf::MessageExts
         extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -44,7 +51,7 @@ module Google
       # @!attribute [rw] options
       #   @return [::Google::Iam::V1::GetPolicyOptions]
       #     OPTIONAL: A `GetPolicyOptions` object for specifying options to
-      #     `GetIamPolicy`. This field is only used by Cloud IAM.
+      #     `GetIamPolicy`.
       class GetIamPolicyRequest
         include ::Google::Protobuf::MessageExts
         extend ::Google::Protobuf::MessageExts::ClassMethods