google-cloud-security_center-v1 0.29.1 → 0.30.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 34e2cfc3bf563534534e0fdf2939155f3c37b8d0c3f076127f7548e1d59e3f74
-  data.tar.gz: 980feb28952c929e94f2c8808f3c63fcd2045d8d15c8858485d84f1e32e77c89
+  metadata.gz: f280aa261383e0c8e3cbb2ef8ab6408ab34eb1d4f3f23e7ae6429aae5225ade5
+  data.tar.gz: 6ae917f3d90c3fd37e2733e3ad9080141454fa97ff89bf7b52439e3669e5d4c1
 SHA512:
-  metadata.gz: 1d14c12dc3921f1bcf86586e413b80c21f3263f23008acc276007446dfce6159fd870d19b21055e7507f2a6367bff2016bf01b8c3221db8b3d99dfde30f54b31
-  data.tar.gz: 9bf3f84c9dd117645d2e819b6e77e77f3c9881d75c9d73704fcb75d5b1b6d01360be4d72538ef79cb7b4e80e0cb8cf85873e7b19af95140e5108de8d0275d650
+  metadata.gz: 161fe0c139f2cd33a4544a83d0fec61f5897b20111d226ff364590bd7534e7c6be3b0edfba346af8f586afa68ac27b85db5e23d6618106abe19994b1322c56a2
+  data.tar.gz: c06dd2cf03d23f61e0eff887925486be45b63491c12ed8c324578aa1b14c7ac8db3f81042ac530ce907b3fc64406aaf5e977ab802e90197c2475e59027977610

data/lib/google/cloud/security_center/v1/security_center/client.rb

@@ -692,9 +692,9 @@ module Google
             #     Required. The mute config being created.
             #   @param mute_config_id [::String]
             #     Required. Unique identifier provided by the client within the parent scope.
-            #     It must consist of lower case letters, numbers, and hyphen, with the first
-            #     character a letter, the last a letter or a number, and a 63 character
-            #     maximum.
+            #     It must consist of only lowercase letters, numbers, and hyphens, must start
+            #     with a letter, must end with either a letter or a number, and must be 63
+            #     characters or less.
             #
             # @yield [response, operation] Access the result along with the RPC operation
             # @yieldparam response [::Google::Cloud::SecurityCenter::V1::MuteConfig]
@@ -4540,9 +4540,9 @@ module Google
             #     Required. The BigQuery export being created.
             #   @param big_query_export_id [::String]
             #     Required. Unique identifier provided by the client within the parent scope.
-            #     It must consist of lower case letters, numbers, and hyphen, with the first
-            #     character a letter, the last a letter or a number, and a 63 character
-            #     maximum.
+            #     It must consist of only lowercase letters, numbers, and hyphens, must start
+            #     with a letter, must end with either a letter or a number, and must be 63
+            #     characters or less.
             #
             # @yield [response, operation] Access the result along with the RPC operation
             # @yieldparam response [::Google::Cloud::SecurityCenter::V1::BigQueryExport]

data/lib/google/cloud/security_center/v1/security_center/rest/client.rb

@@ -584,9 +584,9 @@ module Google
               #     Required. The mute config being created.
               #   @param mute_config_id [::String]
               #     Required. Unique identifier provided by the client within the parent scope.
-              #     It must consist of lower case letters, numbers, and hyphen, with the first
-              #     character a letter, the last a letter or a number, and a 63 character
-              #     maximum.
+              #     It must consist of only lowercase letters, numbers, and hyphens, must start
+              #     with a letter, must end with either a letter or a number, and must be 63
+              #     characters or less.
               # @yield [result, operation] Access the result along with the TransportOperation object
               # @yieldparam result [::Google::Cloud::SecurityCenter::V1::MuteConfig]
               # @yieldparam operation [::Gapic::Rest::TransportOperation]
@@ -3557,9 +3557,9 @@ module Google
               #     Required. The BigQuery export being created.
               #   @param big_query_export_id [::String]
               #     Required. Unique identifier provided by the client within the parent scope.
-              #     It must consist of lower case letters, numbers, and hyphen, with the first
-              #     character a letter, the last a letter or a number, and a 63 character
-              #     maximum.
+              #     It must consist of only lowercase letters, numbers, and hyphens, must start
+              #     with a letter, must end with either a letter or a number, and must be 63
+              #     characters or less.
               # @yield [result, operation] Access the result along with the TransportOperation object
               # @yieldparam result [::Google::Cloud::SecurityCenter::V1::BigQueryExport]
               # @yieldparam operation [::Gapic::Rest::TransportOperation]

data/lib/google/cloud/security_center/v1/version.rb

@@ -21,7 +21,7 @@ module Google
   module Cloud
     module SecurityCenter
       module V1
-        VERSION = "0.29.1"
+        VERSION = "0.30.0"
       end
     end
   end

data/lib/google/cloud/securitycenter/v1/access_pb.rb

@@ -5,7 +5,7 @@
 require 'google/protobuf'
 
 
-descriptor_data = "\n+google/cloud/securitycenter/v1/access.proto\x12\x1egoogle.cloud.securitycenter.v1\"\xf5\x02\n\x06\x41\x63\x63\x65ss\x12\x17\n\x0fprincipal_email\x18\x01 \x01(\t\x12\x11\n\tcaller_ip\x18\x02 \x01(\t\x12\x42\n\rcaller_ip_geo\x18\x03 \x01(\x0b\x32+.google.cloud.securitycenter.v1.Geolocation\x12\x19\n\x11user_agent_family\x18\x04 \x01(\t\x12\x14\n\x0cservice_name\x18\x05 \x01(\t\x12\x13\n\x0bmethod_name\x18\x06 \x01(\t\x12\x19\n\x11principal_subject\x18\x07 \x01(\t\x12 \n\x18service_account_key_name\x18\x08 \x01(\t\x12\x65\n\x1fservice_account_delegation_info\x18\t \x03(\x0b\x32<.google.cloud.securitycenter.v1.ServiceAccountDelegationInfo\x12\x11\n\tuser_name\x18\x0b \x01(\t\"R\n\x1cServiceAccountDelegationInfo\x12\x17\n\x0fprincipal_email\x18\x01 \x01(\t\x12\x19\n\x11principal_subject\x18\x02 \x01(\t\"\"\n\x0bGeolocation\x12\x13\n\x0bregion_code\x18\x01 \x01(\tB\xe5\x01\n\"com.google.cloud.securitycenter.v1B\x0b\x41\x63\x63\x65ssProtoP\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3"
+descriptor_data = "\n+google/cloud/securitycenter/v1/access.proto\x12\x1egoogle.cloud.securitycenter.v1\"\x89\x03\n\x06\x41\x63\x63\x65ss\x12\x17\n\x0fprincipal_email\x18\x01 \x01(\t\x12\x11\n\tcaller_ip\x18\x02 \x01(\t\x12\x42\n\rcaller_ip_geo\x18\x03 \x01(\x0b\x32+.google.cloud.securitycenter.v1.Geolocation\x12\x19\n\x11user_agent_family\x18\x04 \x01(\t\x12\x12\n\nuser_agent\x18\x0c \x01(\t\x12\x14\n\x0cservice_name\x18\x05 \x01(\t\x12\x13\n\x0bmethod_name\x18\x06 \x01(\t\x12\x19\n\x11principal_subject\x18\x07 \x01(\t\x12 \n\x18service_account_key_name\x18\x08 \x01(\t\x12\x65\n\x1fservice_account_delegation_info\x18\t \x03(\x0b\x32<.google.cloud.securitycenter.v1.ServiceAccountDelegationInfo\x12\x11\n\tuser_name\x18\x0b \x01(\t\"R\n\x1cServiceAccountDelegationInfo\x12\x17\n\x0fprincipal_email\x18\x01 \x01(\t\x12\x19\n\x11principal_subject\x18\x02 \x01(\t\"\"\n\x0bGeolocation\x12\x13\n\x0bregion_code\x18\x01 \x01(\tB\xe5\x01\n\"com.google.cloud.securitycenter.v1B\x0b\x41\x63\x63\x65ssProtoP\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1b\x06proto3"
 
 pool = Google::Protobuf::DescriptorPool.generated_pool
 

data/lib/google/cloud/securitycenter/v1/cloud_dlp_data_profile_pb.rb

@@ -7,7 +7,7 @@ require 'google/protobuf'
 require 'google/api/resource_pb'
 
 
-descriptor_data = "\n;google/cloud/securitycenter/v1/cloud_dlp_data_profile.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a\x19google/api/resource.proto\"U\n\x13\x43loudDlpDataProfile\x12>\n\x0c\x64\x61ta_profile\x18\x01 \x01(\tB(\xfa\x41%\n#dlp.googleapis.com/TableDataProfileB\x94\x03\n\"com.google.cloud.securitycenter.v1B\x18\x43loudDlpDataProfileProtoP\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1\xea\x41\x9e\x01\n#dlp.googleapis.com/TableDataProfile\x12\x30projects/{project}/tableProfiles/{table_profile}\x12\x45projects/{project}/locations/{location}/tableProfiles/{table_profile}b\x06proto3"
+descriptor_data = "\n;google/cloud/securitycenter/v1/cloud_dlp_data_profile.proto\x12\x1egoogle.cloud.securitycenter.v1\x1a\x19google/api/resource.proto\"\xf4\x01\n\x13\x43loudDlpDataProfile\x12>\n\x0c\x64\x61ta_profile\x18\x01 \x01(\tB(\xfa\x41%\n#dlp.googleapis.com/TableDataProfile\x12S\n\x0bparent_type\x18\x02 \x01(\x0e\x32>.google.cloud.securitycenter.v1.CloudDlpDataProfile.ParentType\"H\n\nParentType\x12\x1b\n\x17PARENT_TYPE_UNSPECIFIED\x10\x00\x12\x10\n\x0cORGANIZATION\x10\x01\x12\x0b\n\x07PROJECT\x10\x02\x42\x94\x03\n\"com.google.cloud.securitycenter.v1B\x18\x43loudDlpDataProfileProtoP\x01ZJcloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb\xaa\x02\x1eGoogle.Cloud.SecurityCenter.V1\xca\x02\x1eGoogle\\Cloud\\SecurityCenter\\V1\xea\x02!Google::Cloud::SecurityCenter::V1\xea\x41\x9e\x01\n#dlp.googleapis.com/TableDataProfile\x12\x30projects/{project}/tableProfiles/{table_profile}\x12\x45projects/{project}/locations/{location}/tableProfiles/{table_profile}b\x06proto3"
 
 pool = Google::Protobuf::DescriptorPool.generated_pool
 
@@ -38,6 +38,7 @@ module Google
     module SecurityCenter
       module V1
         CloudDlpDataProfile = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.CloudDlpDataProfile").msgclass
+        CloudDlpDataProfile::ParentType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1.CloudDlpDataProfile.ParentType").enummodule
       end
     end
   end

data/proto_docs/google/cloud/securitycenter/v1/access.rb

@@ -42,6 +42,9 @@ module Google
         #   @return [::String]
         #     Type of user agent associated with the finding. For example, an operating
         #     system shell or an embedded or standalone application.
+        # @!attribute [rw] user_agent
+        #   @return [::String]
+        #     The caller's user agent string associated with the finding.
         # @!attribute [rw] service_name
         #   @return [::String]
         #     This is the API service that the service account made a call to, e.g.

data/proto_docs/google/cloud/securitycenter/v1/cloud_dlp_data_profile.rb

@@ -27,9 +27,24 @@ module Google
         #   @return [::String]
         #     Name of the data profile, for example,
         #     `projects/123/locations/europe/tableProfiles/8383929`.
+        # @!attribute [rw] parent_type
+        #   @return [::Google::Cloud::SecurityCenter::V1::CloudDlpDataProfile::ParentType]
+        #     The resource hierarchy level at which the data profile was generated.
         class CloudDlpDataProfile
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # Parents for configurations that produce data profile findings.
+          module ParentType
+            # Unspecified parent type.
+            PARENT_TYPE_UNSPECIFIED = 0
+
+            # Organization-level configurations.
+            ORGANIZATION = 1
+
+            # Project-level configurations.
+            PROJECT = 2
+          end
         end
       end
     end

data/proto_docs/google/cloud/securitycenter/v1/cloud_dlp_inspection.rb

@@ -30,8 +30,8 @@ module Google
         #     `projects/123/locations/europe/dlpJobs/i-8383929`.
         # @!attribute [rw] info_type
         #   @return [::String]
-        #     The [type of
-        #     information](https://cloud.google.com/dlp/docs/infotypes-reference) found,
+        #     The type of information (or
+        #     *[infoType](https://cloud.google.com/dlp/docs/infotypes-reference)*) found,
         #     for example, `EMAIL_ADDRESS` or `STREET_ADDRESS`.
         # @!attribute [rw] info_type_count
         #   @return [::Integer]

data/proto_docs/google/cloud/securitycenter/v1/compliance.rb

@@ -25,14 +25,14 @@ module Google
         # recommendations.
         # @!attribute [rw] standard
         #   @return [::String]
-        #     Refers to industry wide standards or benchmarks e.g. "cis", "pci", "owasp",
-        #     etc.
+        #     Industry-wide compliance standards or benchmarks, such as CIS, PCI, and
+        #     OWASP.
         # @!attribute [rw] version
         #   @return [::String]
-        #     Version of the standard/benchmark e.g. 1.1
+        #     Version of the standard or benchmark, for example, 1.1
         # @!attribute [rw] ids
         #   @return [::Array<::String>]
-        #     Policies within the standard/benchmark e.g. A.12.4.1
+        #     Policies within the standard or benchmark, for example, A.12.4.1
         class Compliance
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/cloud/securitycenter/v1/contact_details.rb

@@ -21,7 +21,7 @@ module Google
   module Cloud
     module SecurityCenter
       module V1
-        # The details pertaining to specific contacts
+        # Details about specific contacts
         # @!attribute [rw] contacts
         #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Contact>]
         #     A list of contacts

data/proto_docs/google/cloud/securitycenter/v1/container.rb

@@ -24,16 +24,15 @@ module Google
         # Container associated with the finding.
         # @!attribute [rw] name
         #   @return [::String]
-        #     Container name.
+        #     Name of the container.
         # @!attribute [rw] uri
         #   @return [::String]
-        #     Container image URI provided when configuring a pod/container.
-        #     May identify a container image version using mutable tags.
+        #     Container image URI provided when configuring a pod or container. This
+        #     string can identify a container image version using mutable tags.
         # @!attribute [rw] image_id
         #   @return [::String]
-        #     Optional container image id, when provided by the container runtime.
-        #     Uniquely identifies the container image launched using a container image
-        #     digest.
+        #     Optional container image ID, if provided by the container runtime. Uniquely
+        #     identifies the container image launched using a container image digest.
         # @!attribute [rw] labels
         #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Label>]
         #     Container labels, as provided by the container runtime.

data/proto_docs/google/cloud/securitycenter/v1/database.rb

@@ -21,31 +21,37 @@ module Google
   module Cloud
     module SecurityCenter
       module V1
-        # Represents database access information, such as queries.
-        # A database may be a sub-resource of an instance (as in the case of CloudSQL
-        # instances or Cloud Spanner instances), or the database instance itself.
-        # Some database resources may not have the full resource name populated
-        # because these resource types are not yet supported by Cloud Asset Inventory
-        # (e.g. CloudSQL databases). In these cases only the display name will be
+        # Represents database access information, such as queries. A database may be a
+        # sub-resource of an instance (as in the case of Cloud SQL instances or Cloud
+        # Spanner instances), or the database instance itself. Some database resources
+        # might not have the [full resource
+        # name](https://google.aip.dev/122#full-resource-names) populated because these
+        # resource types, such as Cloud SQL databases, are not yet supported by Cloud
+        # Asset Inventory. In these cases only the display name is provided.
+        # Some database resources may not have the [full resource
+        # name](https://google.aip.dev/122#full-resource-names) populated because
+        # these resource types are not yet supported by Cloud Asset Inventory (e.g.
+        # Cloud SQL databases). In these cases only the display name will be
         # provided.
         # @!attribute [rw] name
         #   @return [::String]
-        #     The full resource name of the database the user connected to, if it is
-        #     supported by CAI. (https://google.aip.dev/122#full-resource-names)
+        #     The [full resource name](https://google.aip.dev/122#full-resource-names) of
+        #     the database that the user connected to, if it is supported by Cloud Asset
+        #     Inventory.
         # @!attribute [rw] display_name
         #   @return [::String]
-        #     The human readable name of the database the user connected to.
+        #     The human-readable name of the database that the user connected to.
         # @!attribute [rw] user_name
         #   @return [::String]
-        #     The username used to connect to the DB. This may not necessarily be an IAM
-        #     principal, and has no required format.
+        #     The username used to connect to the database. The username might not be an
+        #     IAM principal and does not have a set format.
         # @!attribute [rw] query
         #   @return [::String]
-        #     The SQL statement associated with the relevant access.
+        #     The SQL statement that is associated with the database access.
         # @!attribute [rw] grantees
         #   @return [::Array<::String>]
-        #     The target usernames/roles/groups of a SQL privilege grant (not an IAM
-        #     policy change).
+        #     The target usernames, roles, or groups of an SQL privilege grant, which is
+        #     not an IAM policy change.
         class Database
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/cloud/securitycenter/v1/exfiltration.rb

@@ -21,10 +21,10 @@ module Google
   module Cloud
     module SecurityCenter
       module V1
-        # Exfiltration represents a data exfiltration attempt of one or more
-        # sources to one or more targets. Sources represent the source
-        # of data that is exfiltrated, and Targets represents the destination the
-        # data was copied to.
+        # Exfiltration represents a data exfiltration attempt from one or more sources
+        # to one or more targets. The `sources` attribute lists the sources of the
+        # exfiltrated data. The `targets` attribute lists the destinations the data was
+        # copied to.
         # @!attribute [rw] sources
         #   @return [::Array<::Google::Cloud::SecurityCenter::V1::ExfilResource>]
         #     If there are multiple sources, then the data is considered "joined" between
@@ -39,16 +39,18 @@ module Google
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
 
-        # Resource that has been exfiltrated or exfiltrated_to.
+        # Resource where data was exfiltrated from or exfiltrated to.
         # @!attribute [rw] name
         #   @return [::String]
-        #     Resource's URI (https://google.aip.dev/122#full-resource-names)
+        #     The resource's [full resource
+        #     name](https://cloud.google.com/apis/design/resource_names#full_resource_name).
         # @!attribute [rw] components
         #   @return [::Array<::String>]
-        #     Subcomponents of the asset that is exfiltrated - these could be
-        #     URIs used during exfiltration, table names, databases, filenames, etc.
-        #     For example, multiple tables may be exfiltrated from the same CloudSQL
-        #     instance, or multiple files from the same Cloud Storage bucket.
+        #     Subcomponents of the asset that was exfiltrated, like URIs used during
+        #     exfiltration, table names, databases, and filenames. For example, multiple
+        #     tables might have been exfiltrated from the same Cloud SQL instance, or
+        #     multiple files might have been exfiltrated from the same Cloud Storage
+        #     bucket.
         class ExfilResource
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/cloud/securitycenter/v1/file.rb

@@ -44,8 +44,7 @@ module Google
         #     True when the hash covers only a prefix of the file.
         # @!attribute [rw] contents
         #   @return [::String]
-        #     Prefix of the file contents as a JSON encoded string.
-        #     (Currently only populated for Malicious Script Executed findings.)
+        #     Prefix of the file contents as a JSON-encoded string.
         class File
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/cloud/securitycenter/v1/iam_binding.rb

@@ -32,8 +32,8 @@ module Google
         #     For example, "roles/viewer", "roles/editor", or "roles/owner".
         # @!attribute [rw] member
         #   @return [::String]
-        #     A single identity requesting access for a Cloud Platform resource,
-        #     e.g. "foo@google.com".
+        #     A single identity requesting access for a Cloud Platform resource, for
+        #     example, "foo@google.com".
         class IamBinding
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/cloud/securitycenter/v1/kernel_rootkit.rb

@@ -24,37 +24,37 @@ module Google
         # Kernel mode rootkit signatures.
         # @!attribute [rw] name
         #   @return [::String]
-        #     Rootkit name when available.
+        #     Rootkit name, when available.
         # @!attribute [rw] unexpected_code_modification
         #   @return [::Boolean]
-        #     True when unexpected modifications of kernel code memory are present.
+        #     True if unexpected modifications of kernel code memory are present.
         # @!attribute [rw] unexpected_read_only_data_modification
         #   @return [::Boolean]
-        #     True when unexpected modifications of kernel read-only data memory are
+        #     True if unexpected modifications of kernel read-only data memory are
         #     present.
         # @!attribute [rw] unexpected_ftrace_handler
         #   @return [::Boolean]
-        #     True when `ftrace` points are present with callbacks pointing to regions
+        #     True if `ftrace` points are present with callbacks pointing to regions
         #     that are not in the expected kernel or module code range.
         # @!attribute [rw] unexpected_kprobe_handler
         #   @return [::Boolean]
-        #     True when `kprobe` points are present with callbacks pointing to regions
+        #     True if `kprobe` points are present with callbacks pointing to regions
         #     that are not in the expected kernel or module code range.
         # @!attribute [rw] unexpected_kernel_code_pages
         #   @return [::Boolean]
-        #     True when kernel code pages that are not in the expected kernel or module
+        #     True if kernel code pages that are not in the expected kernel or module
         #     code regions are present.
         # @!attribute [rw] unexpected_system_call_handler
         #   @return [::Boolean]
-        #     True when system call handlers that are are not in the expected kernel or
+        #     True if system call handlers that are are not in the expected kernel or
         #     module code regions are present.
         # @!attribute [rw] unexpected_interrupt_handler
         #   @return [::Boolean]
-        #     True when interrupt handlers that are are not in the expected kernel or
+        #     True if interrupt handlers that are are not in the expected kernel or
         #     module code regions are present.
         # @!attribute [rw] unexpected_processes_in_runqueue
         #   @return [::Boolean]
-        #     True when unexpected processes in the scheduler run queue are present. Such
+        #     True if unexpected processes in the scheduler run queue are present. Such
         #     processes are in the run queue, but not in the process task list.
         class KernelRootkit
           include ::Google::Protobuf::MessageExts

data/proto_docs/google/cloud/securitycenter/v1/kubernetes.rb

@@ -24,32 +24,39 @@ module Google
         # Kubernetes-related attributes.
         # @!attribute [rw] pods
         #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Pod>]
-        #     Kubernetes Pods associated with the finding. This field will contain Pod
-        #     records for each container that is owned by a Pod.
+        #     Kubernetes
+        #     [Pods](https://cloud.google.com/kubernetes-engine/docs/concepts/pod)
+        #     associated with the finding. This field contains Pod records for each
+        #     container that is owned by a Pod.
         # @!attribute [rw] nodes
         #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Node>]
-        #     Provides Kubernetes Node information.
+        #     Provides Kubernetes
+        #     [node](https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-architecture#nodes)
+        #     information.
         # @!attribute [rw] node_pools
         #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::NodePool>]
-        #     GKE Node Pools associated with the finding. This field will
-        #     contain NodePool information for each Node, when it is available.
+        #     GKE [node
+        #     pools](https://cloud.google.com/kubernetes-engine/docs/concepts/node-pools)
+        #     associated with the finding. This field contains node pool information for
+        #     each node, when it is available.
         # @!attribute [rw] roles
         #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Role>]
-        #     Provides Kubernetes role information for findings that involve
-        #     Roles or ClusterRoles.
+        #     Provides Kubernetes role information for findings that involve [Roles or
+        #     ClusterRoles](https://cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control).
         # @!attribute [rw] bindings
         #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Binding>]
         #     Provides Kubernetes role binding information for findings that involve
-        #     RoleBindings or ClusterRoleBindings.
+        #     [RoleBindings or
+        #     ClusterRoleBindings](https://cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control).
         # @!attribute [rw] access_reviews
         #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::AccessReview>]
-        #     Provides information on any Kubernetes access reviews (i.e. privilege
-        #     checks) relevant to the finding.
+        #     Provides information on any Kubernetes access reviews (privilege checks)
+        #     relevant to the finding.
         class Kubernetes
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
 
-          # Kubernetes Pod.
+          # A Kubernetes Pod.
           # @!attribute [rw] ns
           #   @return [::String]
           #     Kubernetes Pod namespace.
@@ -68,20 +75,20 @@ module Google
             extend ::Google::Protobuf::MessageExts::ClassMethods
           end
 
-          # Kubernetes Nodes associated with the finding.
+          # Kubernetes nodes associated with the finding.
           # @!attribute [rw] name
           #   @return [::String]
-          #     Full Resource name of the Compute Engine VM running the
-          #     cluster node.
+          #     [Full resource name](https://google.aip.dev/122#full-resource-names) of
+          #     the Compute Engine VM running the cluster node.
           class Node
             include ::Google::Protobuf::MessageExts
             extend ::Google::Protobuf::MessageExts::ClassMethods
           end
 
-          # Provides GKE Node Pool information.
+          # Provides GKE node pool information.
           # @!attribute [rw] name
           #   @return [::String]
-          #     Kubernetes Node pool name.
+          #     Kubernetes node pool name.
           # @!attribute [rw] nodes
           #   @return [::Array<::Google::Cloud::SecurityCenter::V1::Kubernetes::Node>]
           #     Nodes associated with the finding.
@@ -120,10 +127,10 @@ module Google
           # Represents a Kubernetes RoleBinding or ClusterRoleBinding.
           # @!attribute [rw] ns
           #   @return [::String]
-          #     Namespace for binding.
+          #     Namespace for the binding.
           # @!attribute [rw] name
           #   @return [::String]
-          #     Name for binding.
+          #     Name for the binding.
           # @!attribute [rw] role
           #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes::Role]
           #     The Role or ClusterRole referenced by the binding.
@@ -136,21 +143,21 @@ module Google
             extend ::Google::Protobuf::MessageExts::ClassMethods
           end
 
-          # Represents a Kubernetes Subject.
+          # Represents a Kubernetes subject.
           # @!attribute [rw] kind
           #   @return [::Google::Cloud::SecurityCenter::V1::Kubernetes::Subject::AuthType]
-          #     Authentication type for subject.
+          #     Authentication type for the subject.
           # @!attribute [rw] ns
           #   @return [::String]
-          #     Namespace for subject.
+          #     Namespace for the subject.
           # @!attribute [rw] name
           #   @return [::String]
-          #     Name for subject.
+          #     Name for the subject.
           class Subject
             include ::Google::Protobuf::MessageExts
             extend ::Google::Protobuf::MessageExts::ClassMethods
 
-            # Auth types that can be used for Subject's kind field.
+            # Auth types that can be used for the subject's kind field.
             module AuthType
               # Authentication is not specified.
               AUTH_TYPE_UNSPECIFIED = 0
@@ -158,7 +165,7 @@ module Google
               # User with valid certificate.
               USER = 1
 
-              # Users managed by Kubernetes API with credentials stored as Secrets.
+              # Users managed by Kubernetes API with credentials stored as secrets.
               SERVICEACCOUNT = 2
 
               # Collection of users.
@@ -166,11 +173,13 @@ module Google
             end
           end
 
-          # Conveys information about a Kubernetes access review (e.g. kubectl auth
-          # can-i ...) that was involved in a finding.
+          # Conveys information about a Kubernetes access review (such as one returned
+          # by a [`kubectl auth
+          # can-i`](https://kubernetes.io/docs/reference/access-authn-authz/authorization/#checking-api-access)
+          # command) that was involved in a finding.
           # @!attribute [rw] group
           #   @return [::String]
-          #     Group is the API Group of the Resource. "*" means all.
+          #     The API group of the resource. "*" means all.
           # @!attribute [rw] ns
           #   @return [::String]
           #     Namespace of the action being requested. Currently, there is no
@@ -178,20 +187,20 @@ module Google
           #     are represented by "" (empty).
           # @!attribute [rw] name
           #   @return [::String]
-          #     Name is the name of the resource being requested. Empty means all.
+          #     The name of the resource being requested. Empty means all.
           # @!attribute [rw] resource
           #   @return [::String]
-          #     Resource is the optional resource type requested. "*" means all.
+          #     The optional resource type requested. "*" means all.
           # @!attribute [rw] subresource
           #   @return [::String]
-          #     Subresource is the optional subresource type.
+          #     The optional subresource type.
           # @!attribute [rw] verb
           #   @return [::String]
-          #     Verb is a Kubernetes resource API verb, like: get, list, watch, create,
-          #     update, delete, proxy. "*" means all.
+          #     A Kubernetes resource API verb, like get, list, watch, create, update,
+          #     delete, proxy. "*" means all.
           # @!attribute [rw] version
           #   @return [::String]
-          #     Version is the API Version of the Resource. "*" means all.
+          #     The API version of the resource. "*" means all.
           class AccessReview
             include ::Google::Protobuf::MessageExts
             extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/cloud/securitycenter/v1/label.rb

@@ -21,14 +21,16 @@ module Google
   module Cloud
     module SecurityCenter
       module V1
-        # Label represents a generic name=value label. Label has separate name and
-        # value fields to support filtering with contains().
+        # Represents a generic name-value label. A label has separate name and value
+        # fields to support filtering with the `contains()` function. For more
+        # information, see [Filtering on array-type
+        # fields](https://cloud.google.com/security-command-center/docs/how-to-api-list-findings#array-contains-filtering).
         # @!attribute [rw] name
         #   @return [::String]
-        #     Label name.
+        #     Name of the label.
         # @!attribute [rw] value
         #   @return [::String]
-        #     Label value.
+        #     Value that corresponds to the label's name.
         class Label
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/cloud/securitycenter/v1/organization_settings.rb

@@ -32,9 +32,9 @@ module Google
         # @!attribute [rw] enable_asset_discovery
         #   @return [::Boolean]
         #     A flag that indicates if Asset Discovery should be enabled. If the flag is
-        #     set to `true`, then discovery of assets will occur. If it is set to `false,
-        #     all historical assets will remain, but discovery of future assets will not
-        #     occur.
+        #     set to `true`, then discovery of assets will occur. If it is set to
+        #     `false`, all historical assets will remain, but discovery of future assets
+        #     will not occur.
         # @!attribute [rw] asset_discovery_config
         #   @return [::Google::Cloud::SecurityCenter::V1::OrganizationSettings::AssetDiscoveryConfig]
         #     The configuration used for Asset Discovery runs.

data/proto_docs/google/cloud/securitycenter/v1/process.rb

@@ -24,8 +24,9 @@ module Google
         # Represents an operating system process.
         # @!attribute [rw] name
         #   @return [::String]
-        #     The process name visible in utilities like `top` and `ps`; it can
-        #     be accessed via `/proc/[pid]/comm` and changed with `prctl(PR_SET_NAME)`.
+        #     The process name, as displayed in utilities like `top` and `ps`. This name
+        #     can be accessed through `/proc/[pid]/comm` and changed with
+        #     `prctl(PR_SET_NAME)`.
         # @!attribute [rw] binary
         #   @return [::Google::Cloud::SecurityCenter::V1::File]
         #     File information for the process executable.
@@ -34,10 +35,9 @@ module Google
         #     File information for libraries loaded by the process.
         # @!attribute [rw] script
         #   @return [::Google::Cloud::SecurityCenter::V1::File]
-        #     When the process represents the invocation of a script,
-        #     `binary` provides information about the interpreter while `script`
-        #     provides information about the script file provided to the
-        #     interpreter.
+        #     When the process represents the invocation of a script, `binary` provides
+        #     information about the interpreter, while `script` provides information
+        #     about the script file provided to the interpreter.
         # @!attribute [rw] args
         #   @return [::Array<::String>]
         #     Process arguments as JSON encoded strings.
@@ -52,17 +52,17 @@ module Google
         #     True if `env_variables` is incomplete.
         # @!attribute [rw] pid
         #   @return [::Integer]
-        #     The process id.
+        #     The process ID.
         # @!attribute [rw] parent_pid
         #   @return [::Integer]
-        #     The parent process id.
+        #     The parent process ID.
         class Process
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
 
-        # EnvironmentVariable is a name-value pair to store environment variables for
-        # Process.
+        # A name-value pair representing an environment variable used in an operating
+        # system process.
         # @!attribute [rw] name
         #   @return [::String]
         #     Environment variable name as a JSON encoded string.

data/proto_docs/google/cloud/securitycenter/v1/securitycenter_service.rb

@@ -100,9 +100,9 @@ module Google
         # @!attribute [rw] mute_config_id
         #   @return [::String]
         #     Required. Unique identifier provided by the client within the parent scope.
-        #     It must consist of lower case letters, numbers, and hyphen, with the first
-        #     character a letter, the last a letter or a number, and a 63 character
-        #     maximum.
+        #     It must consist of only lowercase letters, numbers, and hyphens, must start
+        #     with a letter, must end with either a letter or a number, and must be 63
+        #     characters or less.
         class CreateMuteConfigRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -1456,9 +1456,9 @@ module Google
         # @!attribute [rw] big_query_export_id
         #   @return [::String]
         #     Required. Unique identifier provided by the client within the parent scope.
-        #     It must consist of lower case letters, numbers, and hyphen, with the first
-        #     character a letter, the last a letter or a number, and a 63 character
-        #     maximum.
+        #     It must consist of only lowercase letters, numbers, and hyphens, must start
+        #     with a letter, must end with either a letter or a number, and must be 63
+        #     characters or less.
         class CreateBigQueryExportRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-security_center-v1
 version: !ruby/object:Gem::Version
-  version: 0.29.1
+  version: 0.30.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-06-06 00:00:00.000000000 Z
+date: 2023-06-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gapic-common