google-cloud-security_center-v1 0.26.0 → 0.28.0

data/lib/google/cloud/security_center/v1/version.rb

@@ -21,7 +21,7 @@ module Google
   module Cloud
     module SecurityCenter
       module V1
-        VERSION = "0.26.0"
+        VERSION = "0.28.0"
       end
     end
   end

data/lib/google/cloud/securitycenter/v1/cloud_dlp_data_profile_pb.rb

@@ -0,0 +1,24 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# source: google/cloud/securitycenter/v1/cloud_dlp_data_profile.proto
+
+require 'google/protobuf'
+
+require 'google/api/resource_pb'
+
+Google::Protobuf::DescriptorPool.generated_pool.build do
+  add_file("google/cloud/securitycenter/v1/cloud_dlp_data_profile.proto", :syntax => :proto3) do
+    add_message "google.cloud.securitycenter.v1.CloudDlpDataProfile" do
+      optional :data_profile, :string, 1
+    end
+  end
+end
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        CloudDlpDataProfile = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.CloudDlpDataProfile").msgclass
+      end
+    end
+  end
+end

data/lib/google/cloud/securitycenter/v1/cloud_dlp_inspection_pb.rb

@@ -0,0 +1,27 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# source: google/cloud/securitycenter/v1/cloud_dlp_inspection.proto
+
+require 'google/protobuf'
+
+require 'google/api/resource_pb'
+
+Google::Protobuf::DescriptorPool.generated_pool.build do
+  add_file("google/cloud/securitycenter/v1/cloud_dlp_inspection.proto", :syntax => :proto3) do
+    add_message "google.cloud.securitycenter.v1.CloudDlpInspection" do
+      optional :inspect_job, :string, 1
+      optional :info_type, :string, 2
+      optional :info_type_count, :int64, 3
+      optional :full_scan, :bool, 4
+    end
+  end
+end
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        CloudDlpInspection = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.CloudDlpInspection").msgclass
+      end
+    end
+  end
+end

data/lib/google/cloud/securitycenter/v1/effective_security_health_analytics_custom_module_pb.rb

@@ -0,0 +1,35 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# source: google/cloud/securitycenter/v1/effective_security_health_analytics_custom_module.proto
+
+require 'google/protobuf'
+
+require 'google/api/field_behavior_pb'
+require 'google/api/resource_pb'
+require 'google/cloud/securitycenter/v1/security_health_analytics_custom_config_pb'
+
+Google::Protobuf::DescriptorPool.generated_pool.build do
+  add_file("google/cloud/securitycenter/v1/effective_security_health_analytics_custom_module.proto", :syntax => :proto3) do
+    add_message "google.cloud.securitycenter.v1.EffectiveSecurityHealthAnalyticsCustomModule" do
+      optional :name, :string, 1
+      optional :custom_config, :message, 2, "google.cloud.securitycenter.v1.CustomConfig"
+      optional :enablement_state, :enum, 3, "google.cloud.securitycenter.v1.EffectiveSecurityHealthAnalyticsCustomModule.EnablementState"
+      optional :display_name, :string, 4
+    end
+    add_enum "google.cloud.securitycenter.v1.EffectiveSecurityHealthAnalyticsCustomModule.EnablementState" do
+      value :ENABLEMENT_STATE_UNSPECIFIED, 0
+      value :ENABLED, 1
+      value :DISABLED, 2
+    end
+  end
+end
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        EffectiveSecurityHealthAnalyticsCustomModule = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.EffectiveSecurityHealthAnalyticsCustomModule").msgclass
+        EffectiveSecurityHealthAnalyticsCustomModule::EnablementState = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.EffectiveSecurityHealthAnalyticsCustomModule.EnablementState").enummodule
+      end
+    end
+  end
+end

data/lib/google/cloud/securitycenter/v1/finding_pb.rb

@@ -6,6 +6,8 @@ require 'google/protobuf'
 require 'google/api/field_behavior_pb'
 require 'google/api/resource_pb'
 require 'google/cloud/securitycenter/v1/access_pb'
+require 'google/cloud/securitycenter/v1/cloud_dlp_data_profile_pb'
+require 'google/cloud/securitycenter/v1/cloud_dlp_inspection_pb'
 require 'google/cloud/securitycenter/v1/compliance_pb'
 require 'google/cloud/securitycenter/v1/connection_pb'
 require 'google/cloud/securitycenter/v1/contact_details_pb'
@@ -58,10 +60,13 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :exfiltration, :message, 38, "google.cloud.securitycenter.v1.Exfiltration"
       repeated :iam_bindings, :message, 39, "google.cloud.securitycenter.v1.IamBinding"
       optional :next_steps, :string, 40
+      optional :module_name, :string, 41
       repeated :containers, :message, 42, "google.cloud.securitycenter.v1.Container"
       optional :kubernetes, :message, 43, "google.cloud.securitycenter.v1.Kubernetes"
       optional :database, :message, 44, "google.cloud.securitycenter.v1.Database"
       repeated :files, :message, 46, "google.cloud.securitycenter.v1.File"
+      optional :cloud_dlp_inspection, :message, 48, "google.cloud.securitycenter.v1.CloudDlpInspection"
+      optional :cloud_dlp_data_profile, :message, 49, "google.cloud.securitycenter.v1.CloudDlpDataProfile"
       optional :kernel_rootkit, :message, 50, "google.cloud.securitycenter.v1.KernelRootkit"
     end
     add_enum "google.cloud.securitycenter.v1.Finding.State" do

data/lib/google/cloud/securitycenter/v1/security_health_analytics_custom_config_pb.rb

@@ -0,0 +1,50 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# source: google/cloud/securitycenter/v1/security_health_analytics_custom_config.proto
+
+require 'google/protobuf'
+
+require 'google/type/expr_pb'
+
+Google::Protobuf::DescriptorPool.generated_pool.build do
+  add_file("google/cloud/securitycenter/v1/security_health_analytics_custom_config.proto", :syntax => :proto3) do
+    add_message "google.cloud.securitycenter.v1.CustomConfig" do
+      optional :predicate, :message, 1, "google.type.Expr"
+      optional :custom_output, :message, 2, "google.cloud.securitycenter.v1.CustomConfig.CustomOutputSpec"
+      optional :resource_selector, :message, 3, "google.cloud.securitycenter.v1.CustomConfig.ResourceSelector"
+      optional :severity, :enum, 4, "google.cloud.securitycenter.v1.CustomConfig.Severity"
+      optional :description, :string, 5
+      optional :recommendation, :string, 6
+    end
+    add_message "google.cloud.securitycenter.v1.CustomConfig.CustomOutputSpec" do
+      repeated :properties, :message, 1, "google.cloud.securitycenter.v1.CustomConfig.CustomOutputSpec.Property"
+    end
+    add_message "google.cloud.securitycenter.v1.CustomConfig.CustomOutputSpec.Property" do
+      optional :name, :string, 1
+      optional :value_expression, :message, 2, "google.type.Expr"
+    end
+    add_message "google.cloud.securitycenter.v1.CustomConfig.ResourceSelector" do
+      repeated :resource_types, :string, 1
+    end
+    add_enum "google.cloud.securitycenter.v1.CustomConfig.Severity" do
+      value :SEVERITY_UNSPECIFIED, 0
+      value :CRITICAL, 1
+      value :HIGH, 2
+      value :MEDIUM, 3
+      value :LOW, 4
+    end
+  end
+end
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        CustomConfig = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.CustomConfig").msgclass
+        CustomConfig::CustomOutputSpec = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.CustomConfig.CustomOutputSpec").msgclass
+        CustomConfig::CustomOutputSpec::Property = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.CustomConfig.CustomOutputSpec.Property").msgclass
+        CustomConfig::ResourceSelector = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.CustomConfig.ResourceSelector").msgclass
+        CustomConfig::Severity = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.CustomConfig.Severity").enummodule
+      end
+    end
+  end
+end

data/lib/google/cloud/securitycenter/v1/security_health_analytics_custom_module_pb.rb

@@ -0,0 +1,40 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# source: google/cloud/securitycenter/v1/security_health_analytics_custom_module.proto
+
+require 'google/protobuf'
+
+require 'google/api/field_behavior_pb'
+require 'google/api/resource_pb'
+require 'google/cloud/securitycenter/v1/security_health_analytics_custom_config_pb'
+require 'google/protobuf/timestamp_pb'
+
+Google::Protobuf::DescriptorPool.generated_pool.build do
+  add_file("google/cloud/securitycenter/v1/security_health_analytics_custom_module.proto", :syntax => :proto3) do
+    add_message "google.cloud.securitycenter.v1.SecurityHealthAnalyticsCustomModule" do
+      optional :name, :string, 1
+      optional :display_name, :string, 2
+      optional :enablement_state, :enum, 4, "google.cloud.securitycenter.v1.SecurityHealthAnalyticsCustomModule.EnablementState"
+      optional :update_time, :message, 5, "google.protobuf.Timestamp"
+      optional :last_editor, :string, 6
+      optional :ancestor_module, :string, 7
+      optional :custom_config, :message, 8, "google.cloud.securitycenter.v1.CustomConfig"
+    end
+    add_enum "google.cloud.securitycenter.v1.SecurityHealthAnalyticsCustomModule.EnablementState" do
+      value :ENABLEMENT_STATE_UNSPECIFIED, 0
+      value :ENABLED, 1
+      value :DISABLED, 2
+      value :INHERITED, 3
+    end
+  end
+end
+
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        SecurityHealthAnalyticsCustomModule = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.SecurityHealthAnalyticsCustomModule").msgclass
+        SecurityHealthAnalyticsCustomModule::EnablementState = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.SecurityHealthAnalyticsCustomModule.EnablementState").enummodule
+      end
+    end
+  end
+end

data/lib/google/cloud/securitycenter/v1/securitycenter_service_pb.rb

@@ -3,19 +3,21 @@
 
 require 'google/protobuf'
 
-require 'google/cloud/securitycenter/v1/run_asset_discovery_response_pb'
 require 'google/api/annotations_pb'
 require 'google/api/client_pb'
 require 'google/api/field_behavior_pb'
 require 'google/api/resource_pb'
 require 'google/cloud/securitycenter/v1/asset_pb'
 require 'google/cloud/securitycenter/v1/bigquery_export_pb'
+require 'google/cloud/securitycenter/v1/effective_security_health_analytics_custom_module_pb'
 require 'google/cloud/securitycenter/v1/external_system_pb'
 require 'google/cloud/securitycenter/v1/finding_pb'
 require 'google/cloud/securitycenter/v1/folder_pb'
 require 'google/cloud/securitycenter/v1/mute_config_pb'
 require 'google/cloud/securitycenter/v1/notification_config_pb'
 require 'google/cloud/securitycenter/v1/organization_settings_pb'
+require 'google/cloud/securitycenter/v1/run_asset_discovery_response_pb'
+require 'google/cloud/securitycenter/v1/security_health_analytics_custom_module_pb'
 require 'google/cloud/securitycenter/v1/security_marks_pb'
 require 'google/cloud/securitycenter/v1/source_pb'
 require 'google/iam/v1/iam_policy_pb'
@@ -51,6 +53,10 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :config_id, :string, 2
       optional :notification_config, :message, 3, "google.cloud.securitycenter.v1.NotificationConfig"
     end
+    add_message "google.cloud.securitycenter.v1.CreateSecurityHealthAnalyticsCustomModuleRequest" do
+      optional :parent, :string, 1
+      optional :security_health_analytics_custom_module, :message, 2, "google.cloud.securitycenter.v1.SecurityHealthAnalyticsCustomModule"
+    end
     add_message "google.cloud.securitycenter.v1.CreateSourceRequest" do
       optional :parent, :string, 1
       optional :source, :message, 2, "google.cloud.securitycenter.v1.Source"
@@ -61,6 +67,9 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
     add_message "google.cloud.securitycenter.v1.DeleteNotificationConfigRequest" do
       optional :name, :string, 1
     end
+    add_message "google.cloud.securitycenter.v1.DeleteSecurityHealthAnalyticsCustomModuleRequest" do
+      optional :name, :string, 1
+    end
     add_message "google.cloud.securitycenter.v1.GetBigQueryExportRequest" do
       optional :name, :string, 1
     end
@@ -73,6 +82,12 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
     add_message "google.cloud.securitycenter.v1.GetOrganizationSettingsRequest" do
       optional :name, :string, 1
     end
+    add_message "google.cloud.securitycenter.v1.GetEffectiveSecurityHealthAnalyticsCustomModuleRequest" do
+      optional :name, :string, 1
+    end
+    add_message "google.cloud.securitycenter.v1.GetSecurityHealthAnalyticsCustomModuleRequest" do
+      optional :name, :string, 1
+    end
     add_message "google.cloud.securitycenter.v1.GetSourceRequest" do
       optional :name, :string, 1
     end
@@ -110,6 +125,15 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       map :properties, :string, :message, 1, "google.protobuf.Value"
       optional :count, :int64, 2
     end
+    add_message "google.cloud.securitycenter.v1.ListDescendantSecurityHealthAnalyticsCustomModulesRequest" do
+      optional :parent, :string, 1
+      optional :page_size, :int32, 2
+      optional :page_token, :string, 3
+    end
+    add_message "google.cloud.securitycenter.v1.ListDescendantSecurityHealthAnalyticsCustomModulesResponse" do
+      repeated :security_health_analytics_custom_modules, :message, 1, "google.cloud.securitycenter.v1.SecurityHealthAnalyticsCustomModule"
+      optional :next_page_token, :string, 2
+    end
     add_message "google.cloud.securitycenter.v1.ListMuteConfigsRequest" do
       optional :parent, :string, 1
       optional :page_size, :int32, 2
@@ -128,6 +152,24 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       repeated :notification_configs, :message, 1, "google.cloud.securitycenter.v1.NotificationConfig"
       optional :next_page_token, :string, 2
     end
+    add_message "google.cloud.securitycenter.v1.ListEffectiveSecurityHealthAnalyticsCustomModulesRequest" do
+      optional :parent, :string, 1
+      optional :page_size, :int32, 2
+      optional :page_token, :string, 3
+    end
+    add_message "google.cloud.securitycenter.v1.ListEffectiveSecurityHealthAnalyticsCustomModulesResponse" do
+      repeated :effective_security_health_analytics_custom_modules, :message, 1, "google.cloud.securitycenter.v1.EffectiveSecurityHealthAnalyticsCustomModule"
+      optional :next_page_token, :string, 2
+    end
+    add_message "google.cloud.securitycenter.v1.ListSecurityHealthAnalyticsCustomModulesRequest" do
+      optional :parent, :string, 1
+      optional :page_size, :int32, 2
+      optional :page_token, :string, 3
+    end
+    add_message "google.cloud.securitycenter.v1.ListSecurityHealthAnalyticsCustomModulesResponse" do
+      repeated :security_health_analytics_custom_modules, :message, 1, "google.cloud.securitycenter.v1.SecurityHealthAnalyticsCustomModule"
+      optional :next_page_token, :string, 2
+    end
     add_message "google.cloud.securitycenter.v1.ListSourcesRequest" do
       optional :parent, :string, 1
       optional :page_token, :string, 2
@@ -233,6 +275,10 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :organization_settings, :message, 1, "google.cloud.securitycenter.v1.OrganizationSettings"
       optional :update_mask, :message, 2, "google.protobuf.FieldMask"
     end
+    add_message "google.cloud.securitycenter.v1.UpdateSecurityHealthAnalyticsCustomModuleRequest" do
+      optional :security_health_analytics_custom_module, :message, 1, "google.cloud.securitycenter.v1.SecurityHealthAnalyticsCustomModule"
+      optional :update_mask, :message, 2, "google.protobuf.FieldMask"
+    end
     add_message "google.cloud.securitycenter.v1.UpdateSourceRequest" do
       optional :source, :message, 1, "google.cloud.securitycenter.v1.Source"
       optional :update_mask, :message, 2, "google.protobuf.FieldMask"
@@ -275,23 +321,33 @@ module Google
         CreateFindingRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.CreateFindingRequest").msgclass
         CreateMuteConfigRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.CreateMuteConfigRequest").msgclass
         CreateNotificationConfigRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.CreateNotificationConfigRequest").msgclass
+        CreateSecurityHealthAnalyticsCustomModuleRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.CreateSecurityHealthAnalyticsCustomModuleRequest").msgclass
         CreateSourceRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.CreateSourceRequest").msgclass
         DeleteMuteConfigRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.DeleteMuteConfigRequest").msgclass
         DeleteNotificationConfigRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.DeleteNotificationConfigRequest").msgclass
+        DeleteSecurityHealthAnalyticsCustomModuleRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.DeleteSecurityHealthAnalyticsCustomModuleRequest").msgclass
         GetBigQueryExportRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.GetBigQueryExportRequest").msgclass
         GetMuteConfigRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.GetMuteConfigRequest").msgclass
         GetNotificationConfigRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.GetNotificationConfigRequest").msgclass
         GetOrganizationSettingsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.GetOrganizationSettingsRequest").msgclass
+        GetEffectiveSecurityHealthAnalyticsCustomModuleRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.GetEffectiveSecurityHealthAnalyticsCustomModuleRequest").msgclass
+        GetSecurityHealthAnalyticsCustomModuleRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.GetSecurityHealthAnalyticsCustomModuleRequest").msgclass
         GetSourceRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.GetSourceRequest").msgclass
         GroupAssetsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.GroupAssetsRequest").msgclass
         GroupAssetsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.GroupAssetsResponse").msgclass
         GroupFindingsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.GroupFindingsRequest").msgclass
         GroupFindingsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.GroupFindingsResponse").msgclass
         GroupResult = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.GroupResult").msgclass
+        ListDescendantSecurityHealthAnalyticsCustomModulesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.ListDescendantSecurityHealthAnalyticsCustomModulesRequest").msgclass
+        ListDescendantSecurityHealthAnalyticsCustomModulesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.ListDescendantSecurityHealthAnalyticsCustomModulesResponse").msgclass
         ListMuteConfigsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.ListMuteConfigsRequest").msgclass
         ListMuteConfigsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.ListMuteConfigsResponse").msgclass
         ListNotificationConfigsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.ListNotificationConfigsRequest").msgclass
         ListNotificationConfigsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.ListNotificationConfigsResponse").msgclass
+        ListEffectiveSecurityHealthAnalyticsCustomModulesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.ListEffectiveSecurityHealthAnalyticsCustomModulesRequest").msgclass
+        ListEffectiveSecurityHealthAnalyticsCustomModulesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.ListEffectiveSecurityHealthAnalyticsCustomModulesResponse").msgclass
+        ListSecurityHealthAnalyticsCustomModulesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.ListSecurityHealthAnalyticsCustomModulesRequest").msgclass
+        ListSecurityHealthAnalyticsCustomModulesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.ListSecurityHealthAnalyticsCustomModulesResponse").msgclass
         ListSourcesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.ListSourcesRequest").msgclass
         ListSourcesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.ListSourcesResponse").msgclass
         ListAssetsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.ListAssetsRequest").msgclass
@@ -311,6 +367,7 @@ module Google
         UpdateMuteConfigRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.UpdateMuteConfigRequest").msgclass
         UpdateNotificationConfigRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.UpdateNotificationConfigRequest").msgclass
         UpdateOrganizationSettingsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.UpdateOrganizationSettingsRequest").msgclass
+        UpdateSecurityHealthAnalyticsCustomModuleRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.UpdateSecurityHealthAnalyticsCustomModuleRequest").msgclass
         UpdateSourceRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.UpdateSourceRequest").msgclass
         UpdateSecurityMarksRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.UpdateSecurityMarksRequest").msgclass
         CreateBigQueryExportRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.CreateBigQueryExportRequest").msgclass

data/lib/google/cloud/securitycenter/v1/securitycenter_service_services_pb.rb

@@ -37,6 +37,11 @@ module Google
             # parent can be either an organization, folder or project. The findings
             # matched by the filter will be muted after the LRO is done.
             rpc :BulkMuteFindings, ::Google::Cloud::SecurityCenter::V1::BulkMuteFindingsRequest, ::Google::Longrunning::Operation
+            # Creates a resident SecurityHealthAnalyticsCustomModule at the scope of the
+            # given CRM parent, and also creates inherited
+            # SecurityHealthAnalyticsCustomModules for all CRM descendants of the given
+            # parent. These modules are enabled by default.
+            rpc :CreateSecurityHealthAnalyticsCustomModule, ::Google::Cloud::SecurityCenter::V1::CreateSecurityHealthAnalyticsCustomModuleRequest, ::Google::Cloud::SecurityCenter::V1::SecurityHealthAnalyticsCustomModule
             # Creates a source.
             rpc :CreateSource, ::Google::Cloud::SecurityCenter::V1::CreateSourceRequest, ::Google::Cloud::SecurityCenter::V1::Source
             # Creates a finding. The corresponding source must exist for finding creation
@@ -50,6 +55,10 @@ module Google
             rpc :DeleteMuteConfig, ::Google::Cloud::SecurityCenter::V1::DeleteMuteConfigRequest, ::Google::Protobuf::Empty
             # Deletes a notification config.
             rpc :DeleteNotificationConfig, ::Google::Cloud::SecurityCenter::V1::DeleteNotificationConfigRequest, ::Google::Protobuf::Empty
+            # Deletes the specified SecurityHealthAnalyticsCustomModule and all of its
+            # descendants in the CRM hierarchy. This method is only supported for
+            # resident custom modules.
+            rpc :DeleteSecurityHealthAnalyticsCustomModule, ::Google::Cloud::SecurityCenter::V1::DeleteSecurityHealthAnalyticsCustomModuleRequest, ::Google::Protobuf::Empty
             # Gets a BigQuery export.
             rpc :GetBigQueryExport, ::Google::Cloud::SecurityCenter::V1::GetBigQueryExportRequest, ::Google::Cloud::SecurityCenter::V1::BigQueryExport
             # Gets the access control policy on the specified Source.
@@ -60,6 +69,10 @@ module Google
             rpc :GetNotificationConfig, ::Google::Cloud::SecurityCenter::V1::GetNotificationConfigRequest, ::Google::Cloud::SecurityCenter::V1::NotificationConfig
             # Gets the settings for an organization.
             rpc :GetOrganizationSettings, ::Google::Cloud::SecurityCenter::V1::GetOrganizationSettingsRequest, ::Google::Cloud::SecurityCenter::V1::OrganizationSettings
+            # Retrieves an EffectiveSecurityHealthAnalyticsCustomModule.
+            rpc :GetEffectiveSecurityHealthAnalyticsCustomModule, ::Google::Cloud::SecurityCenter::V1::GetEffectiveSecurityHealthAnalyticsCustomModuleRequest, ::Google::Cloud::SecurityCenter::V1::EffectiveSecurityHealthAnalyticsCustomModule
+            # Retrieves a SecurityHealthAnalyticsCustomModule.
+            rpc :GetSecurityHealthAnalyticsCustomModule, ::Google::Cloud::SecurityCenter::V1::GetSecurityHealthAnalyticsCustomModuleRequest, ::Google::Cloud::SecurityCenter::V1::SecurityHealthAnalyticsCustomModule
             # Gets a source.
             rpc :GetSource, ::Google::Cloud::SecurityCenter::V1::GetSourceRequest, ::Google::Cloud::SecurityCenter::V1::Source
             # Filters an organization's assets and  groups them by their specified
@@ -75,6 +88,9 @@ module Google
             rpc :GroupFindings, ::Google::Cloud::SecurityCenter::V1::GroupFindingsRequest, ::Google::Cloud::SecurityCenter::V1::GroupFindingsResponse
             # Lists an organization's assets.
             rpc :ListAssets, ::Google::Cloud::SecurityCenter::V1::ListAssetsRequest, ::Google::Cloud::SecurityCenter::V1::ListAssetsResponse
+            # Returns a list of all resident SecurityHealthAnalyticsCustomModules under
+            # the given CRM parent and all of the parent’s CRM descendants.
+            rpc :ListDescendantSecurityHealthAnalyticsCustomModules, ::Google::Cloud::SecurityCenter::V1::ListDescendantSecurityHealthAnalyticsCustomModulesRequest, ::Google::Cloud::SecurityCenter::V1::ListDescendantSecurityHealthAnalyticsCustomModulesResponse
             # Lists an organization or source's findings.
             #
             # To list across all sources provide a `-` as the source id.
@@ -84,6 +100,14 @@ module Google
             rpc :ListMuteConfigs, ::Google::Cloud::SecurityCenter::V1::ListMuteConfigsRequest, ::Google::Cloud::SecurityCenter::V1::ListMuteConfigsResponse
             # Lists notification configs.
             rpc :ListNotificationConfigs, ::Google::Cloud::SecurityCenter::V1::ListNotificationConfigsRequest, ::Google::Cloud::SecurityCenter::V1::ListNotificationConfigsResponse
+            # Returns a list of all EffectiveSecurityHealthAnalyticsCustomModules for the
+            # given parent. This includes resident modules defined at the scope of the
+            # parent, and inherited modules, inherited from CRM ancestors.
+            rpc :ListEffectiveSecurityHealthAnalyticsCustomModules, ::Google::Cloud::SecurityCenter::V1::ListEffectiveSecurityHealthAnalyticsCustomModulesRequest, ::Google::Cloud::SecurityCenter::V1::ListEffectiveSecurityHealthAnalyticsCustomModulesResponse
+            # Returns a list of all SecurityHealthAnalyticsCustomModules for the given
+            # parent. This includes resident modules defined at the scope of the parent,
+            # and inherited modules, inherited from CRM ancestors.
+            rpc :ListSecurityHealthAnalyticsCustomModules, ::Google::Cloud::SecurityCenter::V1::ListSecurityHealthAnalyticsCustomModulesRequest, ::Google::Cloud::SecurityCenter::V1::ListSecurityHealthAnalyticsCustomModulesResponse
             # Lists all sources belonging to an organization.
             rpc :ListSources, ::Google::Cloud::SecurityCenter::V1::ListSourcesRequest, ::Google::Cloud::SecurityCenter::V1::ListSourcesResponse
             # Runs asset discovery. The discovery is tracked with a long-running
@@ -114,6 +138,12 @@ module Google
             rpc :UpdateNotificationConfig, ::Google::Cloud::SecurityCenter::V1::UpdateNotificationConfigRequest, ::Google::Cloud::SecurityCenter::V1::NotificationConfig
             # Updates an organization's settings.
             rpc :UpdateOrganizationSettings, ::Google::Cloud::SecurityCenter::V1::UpdateOrganizationSettingsRequest, ::Google::Cloud::SecurityCenter::V1::OrganizationSettings
+            # Updates the SecurityHealthAnalyticsCustomModule under the given name based
+            # on the given update mask. Updating the enablement state is supported on
+            # both resident and inherited modules (though resident modules cannot have an
+            # enablement state of "inherited"). Updating the display name and custom
+            # config of a module is supported on resident modules only.
+            rpc :UpdateSecurityHealthAnalyticsCustomModule, ::Google::Cloud::SecurityCenter::V1::UpdateSecurityHealthAnalyticsCustomModuleRequest, ::Google::Cloud::SecurityCenter::V1::SecurityHealthAnalyticsCustomModule
             # Updates a source.
             rpc :UpdateSource, ::Google::Cloud::SecurityCenter::V1::UpdateSourceRequest, ::Google::Cloud::SecurityCenter::V1::Source
             # Updates security marks.

data/proto_docs/google/api/client.rb

@@ -35,7 +35,9 @@ module Google
     # Details about how and where to publish client libraries.
     # @!attribute [rw] version
     #   @return [::String]
-    #     Version of the API to apply these settings to.
+    #     Version of the API to apply these settings to. This is the full protobuf
+    #     package for the API, ending in the version element.
+    #     Examples: "google.cloud.speech.v1" and "google.spanner.admin.database.v1".
     # @!attribute [rw] launch_stage
     #   @return [::Google::Api::LaunchStage]
     #     Launch stage of this version of the API.
@@ -111,6 +113,10 @@ module Google
     #     Client library settings.  If the same version string appears multiple
     #     times in this list, then the last one wins.  Settings from earlier
     #     settings with the same version string are discarded.
+    # @!attribute [rw] proto_reference_documentation_uri
+    #   @return [::String]
+    #     Optional link to proto reference documentation.  Example:
+    #     https://cloud.google.com/pubsub/lite/docs/reference/rpc
     class Publishing
       include ::Google::Protobuf::MessageExts
       extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -203,9 +209,57 @@ module Google
     # @!attribute [rw] common
     #   @return [::Google::Api::CommonLanguageSettings]
     #     Some settings.
+    # @!attribute [rw] renamed_services
+    #   @return [::Google::Protobuf::Map{::String => ::String}]
+    #     Map from original service names to renamed versions.
+    #     This is used when the default generated types
+    #     would cause a naming conflict. (Neither name is
+    #     fully-qualified.)
+    #     Example: Subscriber to SubscriberServiceApi.
+    # @!attribute [rw] renamed_resources
+    #   @return [::Google::Protobuf::Map{::String => ::String}]
+    #     Map from full resource types to the effective short name
+    #     for the resource. This is used when otherwise resource
+    #     named from different services would cause naming collisions.
+    #     Example entry:
+    #     "datalabeling.googleapis.com/Dataset": "DataLabelingDataset"
+    # @!attribute [rw] ignored_resources
+    #   @return [::Array<::String>]
+    #     List of full resource types to ignore during generation.
+    #     This is typically used for API-specific Location resources,
+    #     which should be handled by the generator as if they were actually
+    #     the common Location resources.
+    #     Example entry: "documentai.googleapis.com/Location"
+    # @!attribute [rw] forced_namespace_aliases
+    #   @return [::Array<::String>]
+    #     Namespaces which must be aliased in snippets due to
+    #     a known (but non-generator-predictable) naming collision
+    # @!attribute [rw] handwritten_signatures
+    #   @return [::Array<::String>]
+    #     Method signatures (in the form "service.method(signature)")
+    #     which are provided separately, so shouldn't be generated.
+    #     Snippets *calling* these methods are still generated, however.
     class DotnetSettings
       include ::Google::Protobuf::MessageExts
       extend ::Google::Protobuf::MessageExts::ClassMethods
+
+      # @!attribute [rw] key
+      #   @return [::String]
+      # @!attribute [rw] value
+      #   @return [::String]
+      class RenamedServicesEntry
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # @!attribute [rw] key
+      #   @return [::String]
+      # @!attribute [rw] value
+      #   @return [::String]
+      class RenamedResourcesEntry
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
     end
 
     # Settings for Ruby client libraries.
@@ -240,8 +294,8 @@ module Google
     #     Example of a YAML configuration::
     #
     #      publishing:
-    #        method_behavior:
-    #          - selector: CreateAdDomain
+    #        method_settings:
+    #          - selector: google.cloud.speech.v2.Speech.BatchRecognize
     #            long_running:
     #              initial_poll_delay:
     #                seconds: 60 # 1 minute

data/proto_docs/google/cloud/securitycenter/v1/access.rb

@@ -26,11 +26,11 @@ module Google
         #   @return [::String]
         #     Associated email, such as "foo@google.com".
         #
-        #     The email address of the authenticated user (or service account on behalf
-        #     of third party principal) making the request. For third party identity
-        #     callers, the `principal_subject` field is populated instead of this field.
-        #     For privacy reasons, the principal email address is sometimes redacted.
-        #     For more information, see [Caller identities in audit
+        #     The email address of the authenticated user or a service account acting on
+        #     behalf of a third party principal making the request. For third party
+        #     identity callers, the `principal_subject` field is populated instead of
+        #     this field. For privacy reasons, the principal email address is sometimes
+        #     redacted. For more information, see [Caller identities in audit
         #     logs](https://cloud.google.com/logging/docs/audit#user-id).
         # @!attribute [rw] caller_ip
         #   @return [::String]
@@ -40,8 +40,8 @@ module Google
         #     The caller IP's geolocation, which identifies where the call came from.
         # @!attribute [rw] user_agent_family
         #   @return [::String]
-        #     What kind of user agent is associated, for example operating system shells,
-        #     embedded or stand-alone applications, etc.
+        #     Type of user agent associated with the finding. For example, an operating
+        #     system shell or an embedded or standalone application.
         # @!attribute [rw] service_name
         #   @return [::String]
         #     This is the API service that the service account made a call to, e.g.
@@ -51,36 +51,35 @@ module Google
         #     The method that the service account called, e.g. "SetIamPolicy".
         # @!attribute [rw] principal_subject
         #   @return [::String]
-        #     A string representing the principal_subject associated with the identity.
-        #     As compared to `principal_email`, supports principals that aren't
-        #     associated with email addresses, such as third party principals. For most
-        #     identities, the format will be `principal://iam.googleapis.com/{identity
-        #     pool name}/subjects/\\{subject}` except for some GKE identities
-        #     (GKE_WORKLOAD, FREEFORM, GKE_HUB_WORKLOAD) that are still in the legacy
-        #     format `serviceAccount:{identity pool name}[{subject}]`
+        #     A string that represents the principal_subject that is associated with the
+        #     identity. Unlike `principal_email`, `principal_subject` supports principals
+        #     that aren't associated with email addresses, such as third party
+        #     principals. For most identities, the format is
+        #     `principal://iam.googleapis.com/{identity pool name}/subject/{subject}`.
+        #     Some GKE identities, such as GKE_WORKLOAD, FREEFORM, and GKE_HUB_WORKLOAD,
+        #     still use the legacy format `serviceAccount:{identity pool
+        #     name}[\\{subject}]`.
         # @!attribute [rw] service_account_key_name
         #   @return [::String]
-        #     The name of the service account key used to create or exchange
-        #     credentials for authenticating the service account making the request.
+        #     The name of the service account key that was used to create or exchange
+        #     credentials when authenticating the service account that made the request.
         #     This is a scheme-less URI full resource name. For example:
         #
-        #     "//iam.googleapis.com/projects/\\{PROJECT_ID}/serviceAccounts/\\{ACCOUNT}/keys/\\{key}"
+        #     "//iam.googleapis.com/projects/\\{PROJECT_ID}/serviceAccounts/\\{ACCOUNT}/keys/\\{key}".
         # @!attribute [rw] service_account_delegation_info
         #   @return [::Array<::Google::Cloud::SecurityCenter::V1::ServiceAccountDelegationInfo>]
-        #     Identity delegation history of an authenticated service account that makes
-        #     the request. It contains information on the real authorities that try to
-        #     access GCP resources by delegating on a service account. When multiple
-        #     authorities are present, they are guaranteed to be sorted based on the
-        #     original ordering of the identity delegation events.
+        #     The identity delegation history of an authenticated service account that
+        #     made the request. The `serviceAccountDelegationInfo[]` object contains
+        #     information about the real authorities that try to access Google Cloud
+        #     resources by delegating on a service account. When multiple authorities are
+        #     present, they are guaranteed to be sorted based on the original ordering of
+        #     the identity delegation events.
         # @!attribute [rw] user_name
         #   @return [::String]
-        #     A string that represents the username of a user, user account, or other
-        #     entity involved in the access event. What the entity is and what its role
-        #     in the access event is depends on the finding that this field appears in.
-        #     The entity is likely not an IAM principal, but could be a user that is
-        #     logged into an operating system, if the finding is VM-related, or a user
-        #     that is logged into some type of application that is involved in the
-        #     access event.
+        #     A string that represents a username. The username provided depends on the
+        #     type of the finding and is likely not an IAM principal. For example, this
+        #     can be a system username if the finding is related to a virtual machine, or
+        #     it can be an application login username.
         class Access
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods