RubyGems - google-cloud-security_center-v1 - Versions diffs - 0.26.0 → 0.28.0 - Mend

google-cloud-security_center-v1 0.26.0 → 0.28.0

Files changed (37) hide show

data/proto_docs/google/cloud/securitycenter/v1/bigquery_export.rb CHANGED Viewed

@@ -65,23 +65,23 @@ module Google
         #     (0-9), or underscores (_).
         # @!attribute [r] create_time
         #   @return [::Google::Protobuf::Timestamp]
-        #     Output only. The time at which the big query export was created.
+        #     Output only. The time at which the BigQuery export was created.
         #     This field is set by the server and will be ignored if provided on export
         #     on creation.
         # @!attribute [r] update_time
         #   @return [::Google::Protobuf::Timestamp]
-        #     Output only. The most recent time at which the big export was updated.
+        #     Output only. The most recent time at which the BigQuery export was updated.
         #     This field is set by the server and will be ignored if provided on export
         #     creation or update.
         # @!attribute [r] most_recent_editor
         #   @return [::String]
-        #     Output only. Email address of the user who last edited the big query export.
+        #     Output only. Email address of the user who last edited the BigQuery export.
         #     This field is set by the server and will be ignored if provided on export
         #     creation or update.
         # @!attribute [r] principal
         #   @return [::String]
-        #     Output only. The service account that needs permission to create table, upload data to
-        #     the big query dataset.
+        #     Output only. The service account that needs permission to create table and
+        #     upload data to the BigQuery dataset.
         class BigQueryExport
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/cloud/securitycenter/v1/cloud_dlp_data_profile.rb ADDED Viewed

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # The [data profile](https://cloud.google.com/dlp/docs/data-profiles)
+        # associated with the finding.
+        # @!attribute [rw] data_profile
+        #   @return [::String]
+        #     Name of the data profile, for example,
+        #     `projects/123/locations/europe/tableProfiles/8383929`.
+        class CloudDlpDataProfile
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1/cloud_dlp_inspection.rb ADDED Viewed

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # Details about the Cloud Data Loss Prevention (Cloud DLP) [inspection
+        # job](https://cloud.google.com/dlp/docs/concepts-job-triggers) that produced
+        # the finding.
+        # @!attribute [rw] inspect_job
+        #   @return [::String]
+        #     Name of the inspection job, for example,
+        #     `projects/123/locations/europe/dlpJobs/i-8383929`.
+        # @!attribute [rw] info_type
+        #   @return [::String]
+        #     The [type of
+        #     information](https://cloud.google.com/dlp/docs/infotypes-reference) found,
+        #     for example, `EMAIL_ADDRESS` or `STREET_ADDRESS`.
+        # @!attribute [rw] info_type_count
+        #   @return [::Integer]
+        #     The number of times Cloud DLP found this infoType within this job
+        #     and resource.
+        # @!attribute [rw] full_scan
+        #   @return [::Boolean]
+        #     Whether Cloud DLP scanned the complete resource or a sampled subset.
+        class CloudDlpInspection
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1/contact_details.rb CHANGED Viewed

@@ -30,10 +30,10 @@ module Google
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
-        # Representa a single contact's email address
+        # The email address of a contact.
         # @!attribute [rw] email
         #   @return [::String]
-        #     An email address e.g. "person123@company.com"
+        #     An email address. For example, "`person123@company.com`".
         class Contact
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/cloud/securitycenter/v1/database.rb CHANGED Viewed

@@ -26,7 +26,7 @@ module Google
         # instances or Cloud Spanner instances), or the database instance itself.
         # Some database resources may not have the full resource name populated
         # because these resource types are not yet supported by Cloud Asset Inventory
-        # (e.g. CloudSQL databases).  In these cases only the display name will be
+        # (e.g. CloudSQL databases). In these cases only the display name will be
         # provided.
         # @!attribute [rw] name
         #   @return [::String]

data/proto_docs/google/cloud/securitycenter/v1/effective_security_health_analytics_custom_module.rb ADDED Viewed

@@ -0,0 +1,73 @@
+# frozen_string_literal: true
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # An EffectiveSecurityHealthAnalyticsCustomModule is the representation of
+        # a Security Health Analytics custom module at a specified level of the
+        # resource hierarchy: organization, folder, or project. If a custom module is
+        # inherited from a parent organization or folder, the value of the
+        # `enablementState` property in EffectiveSecurityHealthAnalyticsCustomModule is
+        # set to the value that is effective in the parent, instead of  `INHERITED`.
+        # For example, if the module is enabled in a parent organization or folder, the
+        # effective enablement_state for the module in all child folders or projects is
+        # also `enabled`. EffectiveSecurityHealthAnalyticsCustomModule is read-only.
+        # @!attribute [r] name
+        #   @return [::String]
+        #     Output only. The resource name of the custom module.
+        #     Its format is
+        #     "organizations/\\{organization}/securityHealthAnalyticsSettings/effectiveCustomModules/\\{customModule}",
+        #     or
+        #     "folders/\\{folder}/securityHealthAnalyticsSettings/effectiveCustomModules/\\{customModule}",
+        #     or
+        #     "projects/\\{project}/securityHealthAnalyticsSettings/effectiveCustomModules/\\{customModule}"
+        # @!attribute [r] custom_config
+        #   @return [::Google::Cloud::SecurityCenter::V1::CustomConfig]
+        #     Output only. The user-specified configuration for the module.
+        # @!attribute [r] enablement_state
+        #   @return [::Google::Cloud::SecurityCenter::V1::EffectiveSecurityHealthAnalyticsCustomModule::EnablementState]
+        #     Output only. The effective state of enablement for the module at the given
+        #     level of the hierarchy.
+        # @!attribute [r] display_name
+        #   @return [::String]
+        #     Output only. The display name for the custom module. The name must be
+        #     between 1 and 128 characters, start with a lowercase letter, and contain
+        #     alphanumeric characters or underscores only.
+        class EffectiveSecurityHealthAnalyticsCustomModule
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+          # The enablement state of the module.
+          module EnablementState
+            # Unspecified enablement state.
+            ENABLEMENT_STATE_UNSPECIFIED = 0
+            # The module is enabled at the given level.
+            ENABLED = 1
+            # The module is disabled at the given level.
+            DISABLED = 2
+          end
+        end
+      end
+    end
+  end
+end

data/proto_docs/google/cloud/securitycenter/v1/exfiltration.rb CHANGED Viewed

@@ -22,7 +22,7 @@ module Google
     module SecurityCenter
       module V1
         # Exfiltration represents a data exfiltration attempt of one or more
-        # sources to one or more targets.  Sources represent the source
+        # sources to one or more targets. Sources represent the source
         # of data that is exfiltrated, and Targets represents the destination the
         # data was copied to.
         # @!attribute [rw] sources

data/proto_docs/google/cloud/securitycenter/v1/finding.rb CHANGED Viewed

@@ -30,10 +30,12 @@ module Google
         # finding.
         # @!attribute [rw] name
         #   @return [::String]
-        #     The relative resource name of this finding. See:
-        #     https://cloud.google.com/apis/design/resource_names#relative_resource_name
-        #     Example:
-        #     "organizations/\\{organization_id}/sources/\\{source_id}/findings/\\{finding_id}"
+        #     The [relative resource
+        #     name](https://cloud.google.com/apis/design/resource_names#relative_resource_name)
+        #     of the finding. Example:
+        #     "organizations/\\{organization_id}/sources/\\{source_id}/findings/\\{finding_id}",
+        #     "folders/\\{folder_id}/sources/\\{source_id}/findings/\\{finding_id}",
+        #     "projects/\\{project_id}/sources/\\{source_id}/findings/\\{finding_id}".
         # @!attribute [rw] parent
         #   @return [::String]
         #     The relative resource name of the source the finding belongs to. See:
@@ -107,14 +109,14 @@ module Google
         #     The class of the finding.
         # @!attribute [rw] indicator
         #   @return [::Google::Cloud::SecurityCenter::V1::Indicator]
-        #     Represents what's commonly known as an Indicator of compromise (IoC) in
+        #     Represents what's commonly known as an *indicator of compromise* (IoC) in
         #     computer forensics. This is an artifact observed on a network or in an
         #     operating system that, with high confidence, indicates a computer
-        #     intrusion.
-        #     Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
+        #     intrusion. For more information, see [Indicator of
+        #     compromise](https://en.wikipedia.org/wiki/Indicator_of_compromise).
         # @!attribute [rw] vulnerability
         #   @return [::Google::Cloud::SecurityCenter::V1::Vulnerability]
-        #     Represents vulnerability-specific fields like CVE and CVS scores.
+        #     Represents vulnerability-specific fields like CVE and CVSS scores.
         #     CVE stands for Common Vulnerabilities and Exposures
         #     (https://cve.mitre.org/about/)
         # @!attribute [r] mute_update_time
@@ -122,33 +124,32 @@ module Google
         #     Output only. The most recent time this finding was muted or unmuted.
         # @!attribute [r] external_systems
         #   @return [::Google::Protobuf::Map{::String => ::Google::Cloud::SecurityCenter::V1::ExternalSystem}]
-        #     Output only. Third party SIEM/SOAR fields within SCC, contains external system
-        #     information and external system finding fields.
+        #     Output only. Third party SIEM/SOAR fields within SCC, contains external
+        #     system information and external system finding fields.
         # @!attribute [rw] mitre_attack
         #   @return [::Google::Cloud::SecurityCenter::V1::MitreAttack]
         #     MITRE ATT&CK tactics and techniques related to this finding.
         #     See: https://attack.mitre.org
         # @!attribute [rw] access
         #   @return [::Google::Cloud::SecurityCenter::V1::Access]
-        #     Access details associated to the Finding, such as more information on the
-        #     caller, which method was accessed, from where, etc.
+        #     Access details associated with the finding, such as more information on the
+        #     caller, which method was accessed, and from where.
         # @!attribute [rw] connections
         #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Connection>]
         #     Contains information about the IP connection associated with the finding.
         # @!attribute [rw] mute_initiator
         #   @return [::String]
-        #     First known as mute_annotation. Records additional information about the
-        #     mute operation e.g. mute config that muted the finding, user who muted the
-        #     finding, etc. Unlike other attributes of a finding, a finding provider
-        #     shouldn't set the value of mute.
+        #     Records additional information about the mute operation, for example, the
+        #     [mute configuration](/security-command-center/docs/how-to-mute-findings)
+        #     that muted the finding and the user who muted the finding.
         # @!attribute [rw] processes
         #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Process>]
         #     Represents operating system processes associated with the Finding.
         # @!attribute [r] contacts
         #   @return [::Google::Protobuf::Map{::String => ::Google::Cloud::SecurityCenter::V1::ContactDetails}]
-        #     Output only. Map containing the points of contact for the given finding. The key
-        #     represents the type of contact, while the value contains a list of all the
-        #     contacts that pertain. Please refer to:
+        #     Output only. Map containing the points of contact for the given finding.
+        #     The key represents the type of contact, while the value contains a list of
+        #     all the contacts that pertain. Please refer to:
         #     https://cloud.google.com/resource-manager/docs/managing-notification-contacts#notification-categories
         #
         #         {
@@ -173,20 +174,25 @@ module Google
         #     "Event Threat Detection" or "Security Health Analytics".
         # @!attribute [rw] description
         #   @return [::String]
-        #     Contains more detail about the finding.
+        #     Contains more details about the finding.
         # @!attribute [rw] exfiltration
         #   @return [::Google::Cloud::SecurityCenter::V1::Exfiltration]
-        #     Represents exfiltration associated with the Finding.
+        #     Represents exfiltrations associated with the finding.
         # @!attribute [rw] iam_bindings
         #   @return [::Array<::Google::Cloud::SecurityCenter::V1::IamBinding>]
-        #     Represents IAM bindings associated with the Finding.
+        #     Represents IAM bindings associated with the finding.
         # @!attribute [rw] next_steps
         #   @return [::String]
-        #     Next steps associate to the finding.
+        #     Steps to address the finding.
+        # @!attribute [rw] module_name
+        #   @return [::String]
+        #     Unique identifier of the module which generated the finding.
+        #     Example:
+        #     folders/598186756061/securityHealthAnalyticsSettings/customModules/56799441161885
         # @!attribute [rw] containers
         #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Container>]
-        #     Containers associated with the finding. containers provides information
-        #     for both Kubernetes and non-Kubernetes containers.
+        #     Containers associated with the finding. This field provides information for
+        #     both Kubernetes and non-Kubernetes containers.
         # @!attribute [rw] kubernetes
         #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes]
         #     Kubernetes resources associated with the finding.
@@ -196,9 +202,16 @@ module Google
         # @!attribute [rw] files
         #   @return [::Array<::Google::Cloud::SecurityCenter::V1::File>]
         #     File associated with the finding.
+        # @!attribute [rw] cloud_dlp_inspection
+        #   @return [::Google::Cloud::SecurityCenter::V1::CloudDlpInspection]
+        #     Cloud Data Loss Prevention (Cloud DLP) inspection results that are
+        #     associated with the finding.
+        # @!attribute [rw] cloud_dlp_data_profile
+        #   @return [::Google::Cloud::SecurityCenter::V1::CloudDlpDataProfile]
+        #     Cloud DLP data profile that is associated with the finding.
         # @!attribute [rw] kernel_rootkit
         #   @return [::Google::Cloud::SecurityCenter::V1::KernelRootkit]
-        #     Kernel Rootkit signature.
+        #     Signature of the kernel rootkit.
         class Finding
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -254,7 +267,8 @@ module Google
             # exploitable, and results in the direct ability to execute arbitrary code,
             # exfiltrate data, and otherwise gain additional access and privileges to
             # cloud resources and workloads. Examples include publicly accessible
-            # unprotected user data, public SSH access with weak or no passwords, etc.
+            # unprotected user data and public SSH access with weak or no
+            # passwords.
             #
             # Threat:
             # Indicates a threat that is able to access, modify, or delete data or

data/proto_docs/google/cloud/securitycenter/v1/indicator.rb CHANGED Viewed

@@ -21,13 +21,14 @@ module Google
   module Cloud
     module SecurityCenter
       module V1
-        # Represents what's commonly known as an Indicator of compromise (IoC) in
+        # Represents what's commonly known as an _indicator of compromise_ (IoC) in
         # computer forensics. This is an artifact observed on a network or in an
         # operating system that, with high confidence, indicates a computer intrusion.
-        # Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
+        # For more information, see [Indicator of
+        # compromise](https://en.wikipedia.org/wiki/Indicator_of_compromise).
         # @!attribute [rw] ip_addresses
         #   @return [::Array<::String>]
-        #     List of ip addresses associated to the Finding.
+        #     The list of IP addresses that are associated with the finding.
         # @!attribute [rw] domains
         #   @return [::Array<::String>]
         #     List of domains associated to the Finding.

data/proto_docs/google/cloud/securitycenter/v1/kernel_rootkit.rb CHANGED Viewed

@@ -27,34 +27,34 @@ module Google
         #     Rootkit name when available.
         # @!attribute [rw] unexpected_code_modification
         #   @return [::Boolean]
-        #     True if unexpected modifications of kernel code memory are present.
+        #     True when unexpected modifications of kernel code memory are present.
         # @!attribute [rw] unexpected_read_only_data_modification
         #   @return [::Boolean]
-        #     True if unexpected modifications of kernel read-only data memory are
+        #     True when unexpected modifications of kernel read-only data memory are
         #     present.
         # @!attribute [rw] unexpected_ftrace_handler
         #   @return [::Boolean]
-        #     True if `ftrace` points are present with callbacks pointing to regions
+        #     True when `ftrace` points are present with callbacks pointing to regions
         #     that are not in the expected kernel or module code range.
         # @!attribute [rw] unexpected_kprobe_handler
         #   @return [::Boolean]
-        #     True if `kprobe` points are present with callbacks pointing to regions
+        #     True when `kprobe` points are present with callbacks pointing to regions
         #     that are not in the expected kernel or module code range.
         # @!attribute [rw] unexpected_kernel_code_pages
         #   @return [::Boolean]
-        #     True if kernel code pages that are not in the expected kernel or module
+        #     True when kernel code pages that are not in the expected kernel or module
         #     code regions are present.
         # @!attribute [rw] unexpected_system_call_handler
         #   @return [::Boolean]
-        #     True if system call handlers that are are not in the expected kernel or
+        #     True when system call handlers that are are not in the expected kernel or
         #     module code regions are present.
         # @!attribute [rw] unexpected_interrupt_handler
         #   @return [::Boolean]
-        #     True if interrupt handlers that are are not in the expected kernel or
+        #     True when interrupt handlers that are are not in the expected kernel or
         #     module code regions are present.
         # @!attribute [rw] unexpected_processes_in_runqueue
         #   @return [::Boolean]
-        #     True if unexpected processes in the scheduler run queue are present. Such
+        #     True when unexpected processes in the scheduler run queue are present. Such
         #     processes are in the run queue, but not in the process task list.
         class KernelRootkit
           include ::Google::Protobuf::MessageExts

data/proto_docs/google/cloud/securitycenter/v1/kubernetes.rb CHANGED Viewed

@@ -21,7 +21,7 @@ module Google
   module Cloud
     module SecurityCenter
       module V1
-        # Kubernetes related attributes.
+        # Kubernetes-related attributes.
         # @!attribute [rw] pods
         #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Pod>]
         #     Kubernetes Pods associated with the finding. This field will contain Pod
@@ -129,8 +129,8 @@ module Google
           #     The Role or ClusterRole referenced by the binding.
           # @!attribute [rw] subjects
           #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Subject>]
-          #     Represents the subjects(s) bound to the role. Not always available
-          #     for PATCH requests.
+          #     Represents one or more subjects that are bound to the role. Not always
+          #     available for PATCH requests.
           class Binding
             include ::Google::Protobuf::MessageExts
             extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/cloud/securitycenter/v1/mute_config.rb CHANGED Viewed

@@ -37,11 +37,11 @@ module Google
         #     A description of the mute config.
         # @!attribute [rw] filter
         #   @return [::String]
-        #     Required. An expression that defines the filter to apply across create/update events
-        #     of findings. While creating a filter string, be mindful of the
-        #     scope in which the mute configuration is being created. E.g., If a filter
-        #     contains project = X but is created under the project = Y scope, it might
-        #     not match any findings.
+        #     Required. An expression that defines the filter to apply across
+        #     create/update events of findings. While creating a filter string, be
+        #     mindful of the scope in which the mute configuration is being created.
+        #     E.g., If a filter contains project = X but is created under the project = Y
+        #     scope, it might not match any findings.
         #
         #     The following field and operator combinations are supported:
         #

data/proto_docs/google/cloud/securitycenter/v1/resource.rb CHANGED Viewed

@@ -46,9 +46,9 @@ module Google
         #     The human readable name of resource's parent.
         # @!attribute [r] folders
         #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Folder>]
-        #     Output only. Contains a Folder message for each folder in the assets ancestry.
-        #     The first folder is the deepest nested folder, and the last folder is the
-        #     folder directly under the Organization.
+        #     Output only. Contains a Folder message for each folder in the assets
+        #     ancestry. The first folder is the deepest nested folder, and the last
+        #     folder is the folder directly under the Organization.
         class Resource
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/cloud/securitycenter/v1/security_health_analytics_custom_config.rb ADDED Viewed

@@ -0,0 +1,112 @@
+# frozen_string_literal: true
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+module Google
+  module Cloud
+    module SecurityCenter
+      module V1
+        # Defines the properties in a custom module configuration for Security
+        # Health Analytics. Use the custom module configuration to create custom
+        # detectors that generate custom findings for resources that you specify.
+        # @!attribute [rw] predicate
+        #   @return [::Google::Type::Expr]
+        #     The CEL expression to evaluate to produce findings. When the expression
+        #     evaluates to true against a resource, a finding is generated.
+        # @!attribute [rw] custom_output
+        #   @return [::Google::Cloud::SecurityCenter::V1::CustomConfig::CustomOutputSpec]
+        #     Custom output properties.
+        # @!attribute [rw] resource_selector
+        #   @return [::Google::Cloud::SecurityCenter::V1::CustomConfig::ResourceSelector]
+        #     The resource types that the custom module operates on. Each custom module
+        #     can specify up to 5 resource types.
+        # @!attribute [rw] severity
+        #   @return [::Google::Cloud::SecurityCenter::V1::CustomConfig::Severity]
+        #     The severity to assign to findings generated by the module.
+        # @!attribute [rw] description
+        #   @return [::String]
+        #     Text that describes the vulnerability or misconfiguration that the custom
+        #     module detects. This explanation is returned with each finding instance to
+        #     help investigators understand the detected issue. The text must be enclosed
+        #     in quotation marks.
+        # @!attribute [rw] recommendation
+        #   @return [::String]
+        #     An explanation of the recommended steps that security teams can take to
+        #     resolve the detected issue. This explanation is returned with each finding
+        #     generated by this module in the `nextSteps` property of the finding JSON.
+        class CustomConfig
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+          # A set of optional name-value pairs that define custom source properties to
+          # return with each finding that is generated by the custom module. The custom
+          # source properties that are defined here are included in the finding JSON
+          # under `sourceProperties`.
+          # @!attribute [rw] properties
+          #   @return [::Array<::Google::Cloud::SecurityCenter::V1::CustomConfig::CustomOutputSpec::Property>]
+          #     A list of custom output properties to add to the finding.
+          class CustomOutputSpec
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+            # An individual name-value pair that defines a custom source property.
+            # @!attribute [rw] name
+            #   @return [::String]
+            #     Name of the property for the custom output.
+            # @!attribute [rw] value_expression
+            #   @return [::Google::Type::Expr]
+            #     The CEL expression for the custom output. A resource property can be
+            #     specified to return the value of the property or a text string enclosed
+            #     in quotation marks.
+            class Property
+              include ::Google::Protobuf::MessageExts
+              extend ::Google::Protobuf::MessageExts::ClassMethods
+            end
+          end
+          # Resource for selecting resource type.
+          # @!attribute [rw] resource_types
+          #   @return [::Array<::String>]
+          #     The resource types to run the detector on.
+          class ResourceSelector
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+          # Defines the valid value options for the severity of a finding.
+          module Severity
+            # Unspecified severity.
+            SEVERITY_UNSPECIFIED = 0
+            # Critical severity.
+            CRITICAL = 1
+            # High severity.
+            HIGH = 2
+            # Medium severity.
+            MEDIUM = 3
+            # Low severity.
+            LOW = 4
+          end
+        end
+      end
+    end
+  end
+end