google-cloud-security_center-v1p1beta1 0.3.4 → 0.6.0

data/lib/google/cloud/security_center/v1p1beta1/security_center/paths.rb

@@ -111,7 +111,7 @@ module Google
             # @return [::String]
             def security_marks_path **args
               resources = {
-                "asset:organization"          => (proc do |organization:, asset:|
+                "asset:organization" => (proc do |organization:, asset:|
                   raise ::ArgumentError, "organization cannot contain /" if organization.to_s.include? "/"
 
                   "organizations/#{organization}/assets/#{asset}/securityMarks"

data/lib/google/cloud/security_center/v1p1beta1/version.rb

@@ -21,7 +21,7 @@ module Google
   module Cloud
     module SecurityCenter
       module V1p1beta1
-        VERSION = "0.3.4"
+        VERSION = "0.6.0"
       end
     end
   end

data/lib/google/cloud/securitycenter/v1p1beta1/finding_pb.rb

@@ -22,12 +22,20 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :security_marks, :message, 8, "google.cloud.securitycenter.v1p1beta1.SecurityMarks"
       optional :event_time, :message, 9, "google.protobuf.Timestamp"
       optional :create_time, :message, 10, "google.protobuf.Timestamp"
+      optional :severity, :enum, 13, "google.cloud.securitycenter.v1p1beta1.Finding.Severity"
     end
     add_enum "google.cloud.securitycenter.v1p1beta1.Finding.State" do
       value :STATE_UNSPECIFIED, 0
       value :ACTIVE, 1
       value :INACTIVE, 2
     end
+    add_enum "google.cloud.securitycenter.v1p1beta1.Finding.Severity" do
+      value :SEVERITY_UNSPECIFIED, 0
+      value :CRITICAL, 1
+      value :HIGH, 2
+      value :MEDIUM, 3
+      value :LOW, 4
+    end
   end
 end
 
@@ -37,6 +45,7 @@ module Google
       module V1p1beta1
         Finding = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1p1beta1.Finding").msgclass
         Finding::State = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1p1beta1.Finding.State").enummodule
+        Finding::Severity = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.securitycenter.v1p1beta1.Finding.Severity").enummodule
       end
     end
   end

data/lib/google/cloud/securitycenter/v1p1beta1/securitycenter_service_pb.rb

@@ -3,6 +3,7 @@
 
 require 'google/protobuf'
 
+require 'google/cloud/securitycenter/v1p1beta1/notification_message_pb'
 require 'google/cloud/securitycenter/v1p1beta1/run_asset_discovery_response_pb'
 require 'google/api/annotations_pb'
 require 'google/api/client_pb'

data/lib/google/cloud/securitycenter/v1p1beta1/securitycenter_service_services_pb.rb

@@ -34,69 +34,67 @@ module Google
             self.service_name = 'google.cloud.securitycenter.v1p1beta1.SecurityCenter'
 
             # Creates a source.
-            rpc :CreateSource, Google::Cloud::SecurityCenter::V1p1beta1::CreateSourceRequest, Google::Cloud::SecurityCenter::V1p1beta1::Source
-            #
+            rpc :CreateSource, ::Google::Cloud::SecurityCenter::V1p1beta1::CreateSourceRequest, ::Google::Cloud::SecurityCenter::V1p1beta1::Source
             # Creates a finding. The corresponding source must exist for finding
             # creation to succeed.
-            rpc :CreateFinding, Google::Cloud::SecurityCenter::V1p1beta1::CreateFindingRequest, Google::Cloud::SecurityCenter::V1p1beta1::Finding
+            rpc :CreateFinding, ::Google::Cloud::SecurityCenter::V1p1beta1::CreateFindingRequest, ::Google::Cloud::SecurityCenter::V1p1beta1::Finding
             # Creates a notification config.
-            rpc :CreateNotificationConfig, Google::Cloud::SecurityCenter::V1p1beta1::CreateNotificationConfigRequest, Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig
+            rpc :CreateNotificationConfig, ::Google::Cloud::SecurityCenter::V1p1beta1::CreateNotificationConfigRequest, ::Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig
             # Deletes a notification config.
-            rpc :DeleteNotificationConfig, Google::Cloud::SecurityCenter::V1p1beta1::DeleteNotificationConfigRequest, Google::Protobuf::Empty
+            rpc :DeleteNotificationConfig, ::Google::Cloud::SecurityCenter::V1p1beta1::DeleteNotificationConfigRequest, ::Google::Protobuf::Empty
             # Gets the access control policy on the specified Source.
-            rpc :GetIamPolicy, Google::Iam::V1::GetIamPolicyRequest, Google::Iam::V1::Policy
+            rpc :GetIamPolicy, ::Google::Iam::V1::GetIamPolicyRequest, ::Google::Iam::V1::Policy
             # Gets a notification config.
-            rpc :GetNotificationConfig, Google::Cloud::SecurityCenter::V1p1beta1::GetNotificationConfigRequest, Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig
+            rpc :GetNotificationConfig, ::Google::Cloud::SecurityCenter::V1p1beta1::GetNotificationConfigRequest, ::Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig
             # Gets the settings for an organization.
-            rpc :GetOrganizationSettings, Google::Cloud::SecurityCenter::V1p1beta1::GetOrganizationSettingsRequest, Google::Cloud::SecurityCenter::V1p1beta1::OrganizationSettings
+            rpc :GetOrganizationSettings, ::Google::Cloud::SecurityCenter::V1p1beta1::GetOrganizationSettingsRequest, ::Google::Cloud::SecurityCenter::V1p1beta1::OrganizationSettings
             # Gets a source.
-            rpc :GetSource, Google::Cloud::SecurityCenter::V1p1beta1::GetSourceRequest, Google::Cloud::SecurityCenter::V1p1beta1::Source
+            rpc :GetSource, ::Google::Cloud::SecurityCenter::V1p1beta1::GetSourceRequest, ::Google::Cloud::SecurityCenter::V1p1beta1::Source
             # Filters an organization's assets and  groups them by their specified
             # properties.
-            rpc :GroupAssets, Google::Cloud::SecurityCenter::V1p1beta1::GroupAssetsRequest, Google::Cloud::SecurityCenter::V1p1beta1::GroupAssetsResponse
+            rpc :GroupAssets, ::Google::Cloud::SecurityCenter::V1p1beta1::GroupAssetsRequest, ::Google::Cloud::SecurityCenter::V1p1beta1::GroupAssetsResponse
             # Filters an organization or source's findings and  groups them by their
             # specified properties.
             #
             # To group across all sources provide a `-` as the source id.
             # Example: /v1p1beta1/organizations/{organization_id}/sources/-/findings
-            rpc :GroupFindings, Google::Cloud::SecurityCenter::V1p1beta1::GroupFindingsRequest, Google::Cloud::SecurityCenter::V1p1beta1::GroupFindingsResponse
+            rpc :GroupFindings, ::Google::Cloud::SecurityCenter::V1p1beta1::GroupFindingsRequest, ::Google::Cloud::SecurityCenter::V1p1beta1::GroupFindingsResponse
             # Lists an organization's assets.
-            rpc :ListAssets, Google::Cloud::SecurityCenter::V1p1beta1::ListAssetsRequest, Google::Cloud::SecurityCenter::V1p1beta1::ListAssetsResponse
+            rpc :ListAssets, ::Google::Cloud::SecurityCenter::V1p1beta1::ListAssetsRequest, ::Google::Cloud::SecurityCenter::V1p1beta1::ListAssetsResponse
             # Lists an organization or source's findings.
             #
             # To list across all sources provide a `-` as the source id.
             # Example: /v1p1beta1/organizations/{organization_id}/sources/-/findings
-            rpc :ListFindings, Google::Cloud::SecurityCenter::V1p1beta1::ListFindingsRequest, Google::Cloud::SecurityCenter::V1p1beta1::ListFindingsResponse
+            rpc :ListFindings, ::Google::Cloud::SecurityCenter::V1p1beta1::ListFindingsRequest, ::Google::Cloud::SecurityCenter::V1p1beta1::ListFindingsResponse
             # Lists notification configs.
-            rpc :ListNotificationConfigs, Google::Cloud::SecurityCenter::V1p1beta1::ListNotificationConfigsRequest, Google::Cloud::SecurityCenter::V1p1beta1::ListNotificationConfigsResponse
+            rpc :ListNotificationConfigs, ::Google::Cloud::SecurityCenter::V1p1beta1::ListNotificationConfigsRequest, ::Google::Cloud::SecurityCenter::V1p1beta1::ListNotificationConfigsResponse
             # Lists all sources belonging to an organization.
-            rpc :ListSources, Google::Cloud::SecurityCenter::V1p1beta1::ListSourcesRequest, Google::Cloud::SecurityCenter::V1p1beta1::ListSourcesResponse
+            rpc :ListSources, ::Google::Cloud::SecurityCenter::V1p1beta1::ListSourcesRequest, ::Google::Cloud::SecurityCenter::V1p1beta1::ListSourcesResponse
             # Runs asset discovery. The discovery is tracked with a long-running
             # operation.
             #
             # This API can only be called with limited frequency for an organization. If
             # it is called too frequently the caller will receive a TOO_MANY_REQUESTS
             # error.
-            rpc :RunAssetDiscovery, Google::Cloud::SecurityCenter::V1p1beta1::RunAssetDiscoveryRequest, Google::Longrunning::Operation
-            #
+            rpc :RunAssetDiscovery, ::Google::Cloud::SecurityCenter::V1p1beta1::RunAssetDiscoveryRequest, ::Google::Longrunning::Operation
             # Updates the state of a finding.
-            rpc :SetFindingState, Google::Cloud::SecurityCenter::V1p1beta1::SetFindingStateRequest, Google::Cloud::SecurityCenter::V1p1beta1::Finding
+            rpc :SetFindingState, ::Google::Cloud::SecurityCenter::V1p1beta1::SetFindingStateRequest, ::Google::Cloud::SecurityCenter::V1p1beta1::Finding
             # Sets the access control policy on the specified Source.
-            rpc :SetIamPolicy, Google::Iam::V1::SetIamPolicyRequest, Google::Iam::V1::Policy
+            rpc :SetIamPolicy, ::Google::Iam::V1::SetIamPolicyRequest, ::Google::Iam::V1::Policy
             # Returns the permissions that a caller has on the specified source.
-            rpc :TestIamPermissions, Google::Iam::V1::TestIamPermissionsRequest, Google::Iam::V1::TestIamPermissionsResponse
+            rpc :TestIamPermissions, ::Google::Iam::V1::TestIamPermissionsRequest, ::Google::Iam::V1::TestIamPermissionsResponse
             # Creates or updates a finding. The corresponding source must exist for a
             # finding creation to succeed.
-            rpc :UpdateFinding, Google::Cloud::SecurityCenter::V1p1beta1::UpdateFindingRequest, Google::Cloud::SecurityCenter::V1p1beta1::Finding
+            rpc :UpdateFinding, ::Google::Cloud::SecurityCenter::V1p1beta1::UpdateFindingRequest, ::Google::Cloud::SecurityCenter::V1p1beta1::Finding
             # Updates a notification config. The following update
             # fields are allowed: description, pubsub_topic, streaming_config.filter
-            rpc :UpdateNotificationConfig, Google::Cloud::SecurityCenter::V1p1beta1::UpdateNotificationConfigRequest, Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig
+            rpc :UpdateNotificationConfig, ::Google::Cloud::SecurityCenter::V1p1beta1::UpdateNotificationConfigRequest, ::Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig
             # Updates an organization's settings.
-            rpc :UpdateOrganizationSettings, Google::Cloud::SecurityCenter::V1p1beta1::UpdateOrganizationSettingsRequest, Google::Cloud::SecurityCenter::V1p1beta1::OrganizationSettings
+            rpc :UpdateOrganizationSettings, ::Google::Cloud::SecurityCenter::V1p1beta1::UpdateOrganizationSettingsRequest, ::Google::Cloud::SecurityCenter::V1p1beta1::OrganizationSettings
             # Updates a source.
-            rpc :UpdateSource, Google::Cloud::SecurityCenter::V1p1beta1::UpdateSourceRequest, Google::Cloud::SecurityCenter::V1p1beta1::Source
+            rpc :UpdateSource, ::Google::Cloud::SecurityCenter::V1p1beta1::UpdateSourceRequest, ::Google::Cloud::SecurityCenter::V1p1beta1::Source
             # Updates security marks.
-            rpc :UpdateSecurityMarks, Google::Cloud::SecurityCenter::V1p1beta1::UpdateSecurityMarksRequest, Google::Cloud::SecurityCenter::V1p1beta1::SecurityMarks
+            rpc :UpdateSecurityMarks, ::Google::Cloud::SecurityCenter::V1p1beta1::UpdateSecurityMarksRequest, ::Google::Cloud::SecurityCenter::V1p1beta1::SecurityMarks
           end
 
           Stub = Service.rpc_stub_class

data/proto_docs/google/api/field_behavior.rb

@@ -54,6 +54,12 @@ module Google
       # This indicates that the field may be set once in a request to create a
       # resource, but may not be changed thereafter.
       IMMUTABLE = 5
+
+      # Denotes that a (repeated) field is an unordered list.
+      # This indicates that the service may provide the elements of the list
+      # in any arbitrary order, rather than the order the user originally
+      # provided. Additionally, the list's order may or may not be stable.
+      UNORDERED_LIST = 6
     end
   end
 end

data/proto_docs/google/api/resource.rb

@@ -43,12 +43,12 @@ module Google
     #
     # The ResourceDescriptor Yaml config will look like:
     #
-    #    resources:
-    #    - type: "pubsub.googleapis.com/Topic"
-    #      name_descriptor:
-    #        - pattern: "projects/\\{project}/topics/\\{topic}"
-    #          parent_type: "cloudresourcemanager.googleapis.com/Project"
-    #          parent_name_extractor: "projects/\\{project}"
+    #     resources:
+    #     - type: "pubsub.googleapis.com/Topic"
+    #       name_descriptor:
+    #         - pattern: "projects/{project}/topics/{topic}"
+    #           parent_type: "cloudresourcemanager.googleapis.com/Project"
+    #           parent_name_extractor: "projects/{project}"
     #
     # Sometimes, resources have multiple patterns, typically because they can
     # live under multiple parents.
@@ -183,15 +183,24 @@ module Google
     #         }
     # @!attribute [rw] plural
     #   @return [::String]
-    #     The plural name used in the resource name, such as 'projects' for
-    #     the name of 'projects/\\{project}'. It is the same concept of the `plural`
-    #     field in k8s CRD spec
+    #     The plural name used in the resource name and permission names, such as
+    #     'projects' for the resource name of 'projects/\\{project}' and the permission
+    #     name of 'cloudresourcemanager.googleapis.com/projects.get'. It is the same
+    #     concept of the `plural` field in k8s CRD spec
     #     https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
+    #
+    #     Note: The plural form is required even for singleton resources. See
+    #     https://aip.dev/156
     # @!attribute [rw] singular
     #   @return [::String]
     #     The same concept of the `singular` field in k8s CRD spec
     #     https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
     #     Such as "project" for the `resourcemanager.googleapis.com/Project` type.
+    # @!attribute [rw] style
+    #   @return [::Array<::Google::Api::ResourceDescriptor::Style>]
+    #     Style flag(s) for this resource.
+    #     These indicate that a resource is expected to conform to a given
+    #     style. See the specific style flags for additional information.
     class ResourceDescriptor
       include ::Google::Protobuf::MessageExts
       extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -211,6 +220,22 @@ module Google
         # that from being necessary once there are multiple patterns.)
         FUTURE_MULTI_PATTERN = 2
       end
+
+      # A flag representing a specific style that a resource claims to conform to.
+      module Style
+        # The unspecified value. Do not use.
+        STYLE_UNSPECIFIED = 0
+
+        # This resource is intended to be "declarative-friendly".
+        #
+        # Declarative-friendly resources must be more strictly consistent, and
+        # setting this to true communicates to tools that this resource should
+        # adhere to declarative-friendly expectations.
+        #
+        # Note: This is used by the API linter (linter.aip.dev) to enable
+        # additional checks.
+        DECLARATIVE_FRIENDLY = 1
+      end
     end
 
     # Defines a proto annotation that describes a string field that refers to
@@ -226,6 +251,17 @@ module Google
     #             type: "pubsub.googleapis.com/Topic"
     #           }];
     #         }
+    #
+    #     Occasionally, a field may reference an arbitrary resource. In this case,
+    #     APIs use the special value * in their resource reference.
+    #
+    #     Example:
+    #
+    #         message GetIamPolicyRequest {
+    #           string resource = 2 [(google.api.resource_reference) = {
+    #             type: "*"
+    #           }];
+    #         }
     # @!attribute [rw] child_type
     #   @return [::String]
     #     The resource type of a child collection that the annotated field
@@ -234,11 +270,11 @@ module Google
     #
     #     Example:
     #
-    #       message ListLogEntriesRequest {
-    #         string parent = 1 [(google.api.resource_reference) = {
-    #           child_type: "logging.googleapis.com/LogEntry"
-    #         };
-    #       }
+    #         message ListLogEntriesRequest {
+    #           string parent = 1 [(google.api.resource_reference) = {
+    #             child_type: "logging.googleapis.com/LogEntry"
+    #           };
+    #         }
     class ResourceReference
       include ::Google::Protobuf::MessageExts
       extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/google/cloud/securitycenter/v1p1beta1/finding.rb

@@ -74,12 +74,18 @@ module Google
         #     to the finding.
         # @!attribute [rw] event_time
         #   @return [::Google::Protobuf::Timestamp]
-        #     The time at which the event took place. For example, if the finding
-        #     represents an open firewall it would capture the time the detector believes
-        #     the firewall became open. The accuracy is determined by the detector.
+        #     The time at which the event took place, or when an update to the finding
+        #     occurred. For example, if the finding represents an open firewall it would
+        #     capture the time the detector believes the firewall became open. The
+        #     accuracy is determined by the detector. If the finding were to be resolved
+        #     afterward, this time would reflect when the finding was resolved.
         # @!attribute [rw] create_time
         #   @return [::Google::Protobuf::Timestamp]
         #     The time at which the finding was created in Security Command Center.
+        # @!attribute [rw] severity
+        #   @return [::Google::Cloud::SecurityCenter::V1p1beta1::Finding::Severity]
+        #     The severity of the finding. This field is managed by the source that
+        #     writes the finding.
         class Finding
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -105,6 +111,25 @@ module Google
             # and is no longer active.
             INACTIVE = 2
           end
+
+          # The severity of the finding. This field is managed by the source that
+          # writes the finding.
+          module Severity
+            # No severity specified. The default value.
+            SEVERITY_UNSPECIFIED = 0
+
+            # Critical severity.
+            CRITICAL = 1
+
+            # High severity.
+            HIGH = 2
+
+            # Medium severity.
+            MEDIUM = 3
+
+            # Low severity.
+            LOW = 4
+          end
         end
       end
     end

data/proto_docs/google/cloud/securitycenter/v1p1beta1/securitycenter_service.rb

@@ -29,12 +29,10 @@ module Google
         # @!attribute [rw] finding_id
         #   @return [::String]
         #     Required. Unique identifier provided by the client within the parent scope.
-        #     It must be alphanumeric and less than or equal to 32 characters and
-        #     greater than 0 characters in length.
         # @!attribute [rw] finding
         #   @return [::Google::Cloud::SecurityCenter::V1p1beta1::Finding]
-        #     Required. The Finding being created. The name and security_marks will be
-        #     ignored as they are both output only fields on this resource.
+        #     Required. The Finding being created. The name and security_marks will be ignored as
+        #     they are both output only fields on this resource.
         class CreateFindingRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -43,19 +41,17 @@ module Google
         # Request message for creating a notification config.
         # @!attribute [rw] parent
         #   @return [::String]
-        #     Required. Resource name of the new notification config's parent. Its format
-        #     is "organizations/[organization_id]".
+        #     Required. Resource name of the new notification config's parent. Its format is
+        #     "organizations/[organization_id]".
         # @!attribute [rw] config_id
         #   @return [::String]
-        #     Required.
-        #     Unique identifier provided by the client within the parent scope.
+        #     Required. Unique identifier provided by the client within the parent scope.
         #     It must be between 1 and 128 characters, and contains alphanumeric
         #     characters, underscores or hyphens only.
         # @!attribute [rw] notification_config
         #   @return [::Google::Cloud::SecurityCenter::V1p1beta1::NotificationConfig]
-        #     Required. The notification config being created. The name and the service
-        #     account will be ignored as they are both output only fields on this
-        #     resource.
+        #     Required. The notification config being created. The name and the service account
+        #     will be ignored as they are both output only fields on this resource.
         class CreateNotificationConfigRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -68,8 +64,8 @@ module Google
         #     "organizations/[organization_id]".
         # @!attribute [rw] source
         #   @return [::Google::Cloud::SecurityCenter::V1p1beta1::Source]
-        #     Required. The Source being created, only the display_name and description
-        #     will be used. All other fields will be ignored.
+        #     Required. The Source being created, only the display_name and description will be
+        #     used. All other fields will be ignored.
         class CreateSourceRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -98,8 +94,8 @@ module Google
         # Request message for getting organization settings.
         # @!attribute [rw] name
         #   @return [::String]
-        #     Required. Name of the organization to get organization settings for. Its
-        #     format is "organizations/[organization_id]/organizationSettings".
+        #     Required. Name of the organization to get organization settings for. Its format is
+        #     "organizations/[organization_id]/organizationSettings".
         class GetOrganizationSettingsRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -186,9 +182,9 @@ module Google
         #     property not existing: `-resource_properties.my_property : ""`
         # @!attribute [rw] group_by
         #   @return [::String]
-        #     Required. Expression that defines what assets fields to use for grouping.
-        #     The string value should follow SQL syntax: comma separated list of fields.
-        #     For example:
+        #     Required. Expression that defines what assets fields to use for grouping. The string
+        #     value should follow SQL syntax: comma separated list of fields. For
+        #     example:
         #     "security_center_properties.resource_project,security_center_properties.project".
         #
         #     The following fields are supported when compare_duration is not set:
@@ -316,6 +312,7 @@ module Google
         #     * category: `=`, `:`
         #     * external_uri: `=`, `:`
         #     * event_time: `=`, `>`, `<`, `>=`, `<=`
+        #     * severity: `=`, `:`
         #
         #       Usage: This should be milliseconds since epoch or an RFC3339 string.
         #       Examples:
@@ -334,9 +331,9 @@ module Google
         #     property not existing: `-source_properties.my_property : ""`
         # @!attribute [rw] group_by
         #   @return [::String]
-        #     Required. Expression that defines what assets fields to use for grouping
-        #     (including `state_change`). The string value should follow SQL syntax:
-        #     comma separated list of fields. For example: "parent,resource_name".
+        #     Required. Expression that defines what assets fields to use for grouping (including
+        #     `state_change`). The string value should follow SQL syntax: comma separated
+        #     list of fields. For example: "parent,resource_name".
         #
         #     The following fields are supported:
         #
@@ -344,6 +341,7 @@ module Google
         #     * category
         #     * state
         #     * parent
+        #     * severity
         #
         #     The following fields are supported when compare_duration is set:
         #
@@ -479,8 +477,8 @@ module Google
         # Request message for listing sources.
         # @!attribute [rw] parent
         #   @return [::String]
-        #     Required. Resource name of the parent of sources to list. Its format should
-        #     be "organizations/[organization_id]".
+        #     Required. Resource name of the parent of sources to list. Its format should be
+        #     "organizations/[organization_id]".
         # @!attribute [rw] page_token
         #   @return [::String]
         #     The value returned by the last `ListSourcesResponse`; indicates
@@ -634,7 +632,6 @@ module Google
         #     read_time.
         # @!attribute [rw] field_mask
         #   @return [::Google::Protobuf::FieldMask]
-        #     Optional.
         #     A field mask to specify the ListAssetsResult fields to be listed in the
         #     response.
         #     An empty field mask will list all fields.
@@ -738,13 +735,14 @@ module Google
         #
         #     The following field and operator combinations are supported:
         #
-        #     name: `=`
-        #     parent: `=`, `:`
-        #     resource_name: `=`, `:`
-        #     state: `=`, `:`
-        #     category: `=`, `:`
-        #     external_uri: `=`, `:`
-        #     event_time: `=`, `>`, `<`, `>=`, `<=`
+        #     * name: `=`
+        #     * parent: `=`, `:`
+        #     * resource_name: `=`, `:`
+        #     * state: `=`, `:`
+        #     * category: `=`, `:`
+        #     * external_uri: `=`, `:`
+        #     * event_time: `=`, `>`, `<`, `>=`, `<=`
+        #     * severity: `=`, `:`
         #
         #       Usage: This should be milliseconds since epoch or an RFC3339 string.
         #       Examples:
@@ -821,7 +819,6 @@ module Google
         #     read_time.
         # @!attribute [rw] field_mask
         #   @return [::Google::Protobuf::FieldMask]
-        #     Optional.
         #     A field mask to specify the Finding fields to be listed in the response.
         #     An empty field mask will list all fields.
         # @!attribute [rw] page_token
@@ -863,7 +860,7 @@ module Google
           # @!attribute [rw] state_change
           #   @return [::Google::Cloud::SecurityCenter::V1p1beta1::ListFindingsResponse::ListFindingsResult::StateChange]
           #     State change of the finding between the points in time.
-          # @!attribute [rw] resource
+          # @!attribute [r] resource
           #   @return [::Google::Cloud::SecurityCenter::V1p1beta1::ListFindingsResponse::ListFindingsResult::Resource]
           #     Output only. Resource that is associated with this finding.
           class ListFindingsResult
@@ -944,8 +941,8 @@ module Google
         # Request message for running asset discovery for an organization.
         # @!attribute [rw] parent
         #   @return [::String]
-        #     Required. Name of the organization to run asset discovery for. Its format
-        #     is "organizations/[organization_id]".
+        #     Required. Name of the organization to run asset discovery for. Its format is
+        #     "organizations/[organization_id]".
         class RunAssetDiscoveryRequest
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -954,8 +951,8 @@ module Google
         # Request message for updating or creating a finding.
         # @!attribute [rw] finding
         #   @return [::Google::Cloud::SecurityCenter::V1p1beta1::Finding]
-        #     Required. The finding resource to update or create if it does not already
-        #     exist. parent, security_marks, and update_time will be ignored.
+        #     Required. The finding resource to update or create if it does not already exist.
+        #     parent, security_marks, and update_time will be ignored.
         #
         #     In the case of creation, the finding id portion of the name must be
         #     alphanumeric and less than or equal to 32 characters and greater than 0