google-cloud-security_center_management-v1 0.a → 0.1.0

data/proto_docs/google/cloud/securitycentermanagement/v1/security_center_management.rb

@@ -0,0 +1,1055 @@
+# frozen_string_literal: true
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module SecurityCenterManagement
+      module V1
+        # An EffectiveSecurityHealthAnalyticsCustomModule is the representation of
+        # a Security Health Analytics custom module at a specified level of the
+        # resource hierarchy: organization, folder, or project. If a custom module is
+        # inherited from a parent organization or folder, the value of the
+        # `enablementState` property in EffectiveSecurityHealthAnalyticsCustomModule is
+        # set to the value that is effective in the parent, instead of  `INHERITED`.
+        # For example, if the module is enabled in a parent organization or folder, the
+        # effective enablement_state for the module in all child folders or projects is
+        # also `enabled`. EffectiveSecurityHealthAnalyticsCustomModule is read-only.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Identifier. The resource name of the custom module.
+        #     Its format is
+        #     "organizations/\\{organization}/locations/\\{location}/effectiveSecurityHealthAnalyticsCustomModules/\\{effective_security_health_analytics_custom_module}",
+        #     or
+        #     "folders/\\{folder}/locations/\\{location}/effectiveSecurityHealthAnalyticsCustomModules/\\{effective_security_health_analytics_custom_module}",
+        #     or
+        #     "projects/\\{project}/locations/\\{location}/effectiveSecurityHealthAnalyticsCustomModules/\\{effective_security_health_analytics_custom_module}"
+        # @!attribute [r] custom_config
+        #   @return [::Google::Cloud::SecurityCenterManagement::V1::CustomConfig]
+        #     Output only. The user-specified configuration for the module.
+        # @!attribute [r] enablement_state
+        #   @return [::Google::Cloud::SecurityCenterManagement::V1::EffectiveSecurityHealthAnalyticsCustomModule::EnablementState]
+        #     Output only. The effective state of enablement for the module at the given
+        #     level of the hierarchy.
+        # @!attribute [r] display_name
+        #   @return [::String]
+        #     Output only. The display name for the custom module. The name must be
+        #     between 1 and 128 characters, start with a lowercase letter, and contain
+        #     alphanumeric characters or underscores only.
+        class EffectiveSecurityHealthAnalyticsCustomModule
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # The enablement state of the module.
+          module EnablementState
+            # Unspecified enablement state.
+            ENABLEMENT_STATE_UNSPECIFIED = 0
+
+            # The module is enabled at the given level.
+            ENABLED = 1
+
+            # The module is disabled at the given level.
+            DISABLED = 2
+          end
+        end
+
+        # Request message for listing effective Security Health Analytics custom
+        # modules.
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. Name of parent to list effective custom modules. Its format is
+        #     "organizations/\\{organization}/locations/\\{location}",
+        #     "folders/\\{folder}/locations/\\{location}",
+        #     or
+        #     "projects/\\{project}/locations/\\{location}"
+        # @!attribute [rw] page_size
+        #   @return [::Integer]
+        #     Optional. The maximum number of results to return in a single response.
+        #     Default is 10, minimum is 1, maximum is 1000.
+        # @!attribute [rw] page_token
+        #   @return [::String]
+        #     Optional. The value returned by the last call indicating a continuation.
+        class ListEffectiveSecurityHealthAnalyticsCustomModulesRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Response message for listing effective Security Health Analytics custom
+        # modules.
+        # @!attribute [rw] effective_security_health_analytics_custom_modules
+        #   @return [::Array<::Google::Cloud::SecurityCenterManagement::V1::EffectiveSecurityHealthAnalyticsCustomModule>]
+        #     The list of EffectiveSecurityHealthAnalyticsCustomModule
+        # @!attribute [rw] next_page_token
+        #   @return [::String]
+        #     A token identifying a page of results the server should return.
+        class ListEffectiveSecurityHealthAnalyticsCustomModulesResponse
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Message for getting a EffectiveSecurityHealthAnalyticsCustomModule
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. The resource name of the SHA custom module.
+        #
+        #     Its format is:
+        #
+        #       * "organizations/\\{organization}/locations/\\{location}/effectiveSecurityHealthAnalyticsCustomModules/\\{module_id}".
+        #       * "folders/\\{folder}/locations/\\{location}/effectiveSecurityHealthAnalyticsCustomModules/\\{module_id}".
+        #       * "projects/\\{project}/locations/\\{location}/effectiveSecurityHealthAnalyticsCustomModules/\\{module_id}".
+        class GetEffectiveSecurityHealthAnalyticsCustomModuleRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Represents an instance of a Security Health Analytics custom module,
+        # including its full module name, display name, enablement state, and last
+        # updated time. You can create a custom module at the organization, folder, or
+        # project level. Custom modules that you create at the organization or folder
+        # level are inherited by the child folders and projects.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Identifier. The resource name of the custom module.
+        #     Its format is
+        #     "organizations/\\{organization}/locations/\\{location}/securityHealthAnalyticsCustomModules/\\{security_health_analytics_custom_module}",
+        #     or
+        #     "folders/\\{folder}/locations/\\{location}/securityHealthAnalyticsCustomModules/\\{security_health_analytics_custom_module}",
+        #     or
+        #     "projects/\\{project}/locations/\\{location}/securityHealthAnalyticsCustomModules/\\{security_health_analytics_custom_module}"
+        #
+        #     The id \\{customModule} is server-generated and is not user settable.
+        #     It will be a numeric id containing 1-20 digits.
+        # @!attribute [rw] display_name
+        #   @return [::String]
+        #     Optional. The display name of the Security Health Analytics custom module.
+        #     This display name becomes the finding category for all findings that are
+        #     returned by this custom module. The display name must be between 1 and
+        #     128 characters, start with a lowercase letter, and contain alphanumeric
+        #     characters or underscores only.
+        # @!attribute [rw] enablement_state
+        #   @return [::Google::Cloud::SecurityCenterManagement::V1::SecurityHealthAnalyticsCustomModule::EnablementState]
+        #     Optional. The enablement state of the custom module.
+        # @!attribute [r] update_time
+        #   @return [::Google::Protobuf::Timestamp]
+        #     Output only. The time at which the custom module was last updated.
+        # @!attribute [r] last_editor
+        #   @return [::String]
+        #     Output only. The editor that last updated the custom module.
+        # @!attribute [r] ancestor_module
+        #   @return [::String]
+        #     Output only. Specifies the organization or folder from which the custom
+        #     module is inherited. If empty, indicates that the custom module was created
+        #     in the organization, folder, or project in which you are viewing the custom
+        #     module.
+        # @!attribute [rw] custom_config
+        #   @return [::Google::Cloud::SecurityCenterManagement::V1::CustomConfig]
+        #     Optional. The user specified custom configuration for the module.
+        class SecurityHealthAnalyticsCustomModule
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # Possible enablement states of a custom module.
+          module EnablementState
+            # Unspecified enablement state.
+            ENABLEMENT_STATE_UNSPECIFIED = 0
+
+            # The module is enabled at the given CRM resource.
+            ENABLED = 1
+
+            # The module is disabled at the given CRM resource.
+            DISABLED = 2
+
+            # State is inherited from an ancestor module. The module will either
+            # be effectively ENABLED or DISABLED based on its closest non-inherited
+            # ancestor module in the CRM hierarchy. Attempting to set a top level
+            # module (module with no parent) to the INHERITED state will result in an
+            # INVALID_ARGUMENT error.
+            INHERITED = 3
+          end
+        end
+
+        # Defines the properties in a custom module configuration for Security
+        # Health Analytics. Use the custom module configuration to create custom
+        # detectors that generate custom findings for resources that you specify.
+        # @!attribute [rw] predicate
+        #   @return [::Google::Type::Expr]
+        #     Optional. The CEL expression to evaluate to produce findings. When the
+        #     expression evaluates to true against a resource, a finding is generated.
+        # @!attribute [rw] custom_output
+        #   @return [::Google::Cloud::SecurityCenterManagement::V1::CustomConfig::CustomOutputSpec]
+        #     Optional. Custom output properties.
+        # @!attribute [rw] resource_selector
+        #   @return [::Google::Cloud::SecurityCenterManagement::V1::CustomConfig::ResourceSelector]
+        #     Optional. The Cloud Asset Inventory resource types that the custom module
+        #     operates on. For information about resource types, see [Supported asset
+        #     types](https://cloud.google.com/asset-inventory/docs/supported-asset-types).
+        #     Each custom module can specify up to 5 resource types.
+        # @!attribute [rw] severity
+        #   @return [::Google::Cloud::SecurityCenterManagement::V1::CustomConfig::Severity]
+        #     Optional. The severity to assign to findings generated by the module.
+        # @!attribute [rw] description
+        #   @return [::String]
+        #     Optional. Text that describes the vulnerability or misconfiguration that
+        #     the custom module detects. This explanation is returned with each finding
+        #     instance to help investigators understand the detected issue. The text must
+        #     be enclosed in quotation marks.
+        # @!attribute [rw] recommendation
+        #   @return [::String]
+        #     Optional. An explanation of the recommended steps that security teams can
+        #     take to resolve the detected issue. This explanation is returned with each
+        #     finding generated by this module in the `nextSteps` property of the finding
+        #     JSON.
+        class CustomConfig
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # A set of optional name-value pairs that define custom source properties to
+          # return with each finding that is generated by the custom module. The custom
+          # source properties that are defined here are included in the finding JSON
+          # under `sourceProperties`.
+          # @!attribute [rw] properties
+          #   @return [::Array<::Google::Cloud::SecurityCenterManagement::V1::CustomConfig::CustomOutputSpec::Property>]
+          #     Optional. A list of custom output properties to add to the finding.
+          class CustomOutputSpec
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+
+            # An individual name-value pair that defines a custom source property.
+            # @!attribute [rw] name
+            #   @return [::String]
+            #     Optional. Name of the property for the custom output.
+            # @!attribute [rw] value_expression
+            #   @return [::Google::Type::Expr]
+            #     Optional. The CEL expression for the custom output. A resource property
+            #     can be specified to return the value of the property or a text string
+            #     enclosed in quotation marks.
+            class Property
+              include ::Google::Protobuf::MessageExts
+              extend ::Google::Protobuf::MessageExts::ClassMethods
+            end
+          end
+
+          # Resource for selecting resource type.
+          # @!attribute [rw] resource_types
+          #   @return [::Array<::String>]
+          #     Optional. The resource types to run the detector on.
+          class ResourceSelector
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+
+          # Defines the valid value options for the severity of a finding.
+          module Severity
+            # Unspecified severity.
+            SEVERITY_UNSPECIFIED = 0
+
+            # Critical severity.
+            CRITICAL = 1
+
+            # High severity.
+            HIGH = 2
+
+            # Medium severity.
+            MEDIUM = 3
+
+            # Low severity.
+            LOW = 4
+          end
+        end
+
+        # Request message for listing Security Health Analytics custom modules.
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. Name of parent to list custom modules. Its format is
+        #     "organizations/\\{organization}/locations/\\{location}",
+        #     "folders/\\{folder}/locations/\\{location}",
+        #     or
+        #     "projects/\\{project}/locations/\\{location}"
+        # @!attribute [rw] page_size
+        #   @return [::Integer]
+        #     Optional. The maximum number of results to return in a single response.
+        #     Default is 10, minimum is 1, maximum is 1000.
+        # @!attribute [rw] page_token
+        #   @return [::String]
+        #     Optional. A token identifying a page of results the server should return.
+        class ListSecurityHealthAnalyticsCustomModulesRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Response message for listing Security Health Analytics custom modules.
+        # @!attribute [rw] security_health_analytics_custom_modules
+        #   @return [::Array<::Google::Cloud::SecurityCenterManagement::V1::SecurityHealthAnalyticsCustomModule>]
+        #     The list of SecurityHealthAnalyticsCustomModules
+        # @!attribute [rw] next_page_token
+        #   @return [::String]
+        #     A token identifying a page of results the server should return.
+        class ListSecurityHealthAnalyticsCustomModulesResponse
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request message for listing descendant Security Health Analytics custom
+        # modules.
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. Name of parent to list custom modules. Its format is
+        #     "organizations/\\{organization}/locations/\\{location}",
+        #     "folders/\\{folder}/locations/\\{location}",
+        #     or
+        #     "projects/\\{project}/locations/\\{location}"
+        # @!attribute [rw] page_size
+        #   @return [::Integer]
+        #     Optional. The maximum number of results to return in a single response.
+        #     Default is 10, minimum is 1, maximum is 1000.
+        # @!attribute [rw] page_token
+        #   @return [::String]
+        #     Optional. A token identifying a page of results the server should return.
+        class ListDescendantSecurityHealthAnalyticsCustomModulesRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Response message for listing descendant Security Health Analytics custom
+        # modules.
+        # @!attribute [rw] security_health_analytics_custom_modules
+        #   @return [::Array<::Google::Cloud::SecurityCenterManagement::V1::SecurityHealthAnalyticsCustomModule>]
+        #     The list of SecurityHealthAnalyticsCustomModules
+        # @!attribute [rw] next_page_token
+        #   @return [::String]
+        #     A token identifying a page of results the server should return.
+        class ListDescendantSecurityHealthAnalyticsCustomModulesResponse
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Message for getting a SecurityHealthAnalyticsCustomModule
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. Name of the resource
+        class GetSecurityHealthAnalyticsCustomModuleRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Message for creating a SecurityHealthAnalyticsCustomModule
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. Name of the parent for the module. Its format is
+        #     "organizations/\\{organization}/locations/\\{location}",
+        #     "folders/\\{folder}/locations/\\{location}",
+        #     or
+        #     "projects/\\{project}/locations/\\{location}"
+        # @!attribute [rw] security_health_analytics_custom_module
+        #   @return [::Google::Cloud::SecurityCenterManagement::V1::SecurityHealthAnalyticsCustomModule]
+        #     Required. The resource being created
+        # @!attribute [rw] validate_only
+        #   @return [::Boolean]
+        #     Optional. When set to true, only validations (including IAM checks) will
+        #     done for the request (no module will be created). An OK response indicates
+        #     the request is valid while an error response indicates the request is
+        #     invalid. Note that a subsequent request to actually create the module could
+        #     still fail because:
+        #      1. the state could have changed (e.g. IAM permission lost) or
+        #      2. A failure occurred during creation of the module.
+        #     Defaults to false.
+        class CreateSecurityHealthAnalyticsCustomModuleRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Message for updating a SecurityHealthAnalyticsCustomModule
+        # @!attribute [rw] update_mask
+        #   @return [::Google::Protobuf::FieldMask]
+        #     Required. The list of fields to be updated. The only fields that can be
+        #     updated are `enablement_state` and `custom_config`. If empty or set to the
+        #     wildcard value `*`, both `enablement_state` and `custom_config` are
+        #     updated.
+        # @!attribute [rw] security_health_analytics_custom_module
+        #   @return [::Google::Cloud::SecurityCenterManagement::V1::SecurityHealthAnalyticsCustomModule]
+        #     Required. The resource being updated
+        # @!attribute [rw] validate_only
+        #   @return [::Boolean]
+        #     Optional. When set to true, only validations (including IAM checks) will
+        #     done for the request (module will not be updated). An OK response indicates
+        #     the request is valid while an error response indicates the request is
+        #     invalid. Note that a subsequent request to actually update the module could
+        #     still fail because 1. the state could have changed (e.g. IAM permission
+        #     lost) or
+        #     2. A failure occurred while trying to update the module.
+        class UpdateSecurityHealthAnalyticsCustomModuleRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Message for deleting a SecurityHealthAnalyticsCustomModule
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. The resource name of the SHA custom module.
+        #
+        #     Its format is:
+        #
+        #       * "organizations/\\{organization}/locations/\\{location}/securityHealthAnalyticsCustomModules/\\{security_health_analytics_custom_module}".
+        #       * "folders/\\{folder}/locations/\\{location}/securityHealthAnalyticsCustomModules/\\{security_health_analytics_custom_module}".
+        #       * "projects/\\{project}/locations/\\{location}/securityHealthAnalyticsCustomModules/\\{security_health_analytics_custom_module}".
+        # @!attribute [rw] validate_only
+        #   @return [::Boolean]
+        #     Optional. When set to true, only validations (including IAM checks) will
+        #     done for the request (module will not be deleted). An OK response indicates
+        #     the request is valid while an error response indicates the request is
+        #     invalid. Note that a subsequent request to actually delete the module could
+        #     still fail because 1. the state could have changed (e.g. IAM permission
+        #     lost) or
+        #     2. A failure occurred while trying to delete the module.
+        class DeleteSecurityHealthAnalyticsCustomModuleRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request message to simulate a CustomConfig against a given test resource.
+        # Maximum size of the request is 4 MB by default.
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. The relative resource name of the organization, project, or
+        #     folder. For more information about relative resource names, see [Relative
+        #     Resource
+        #     Name](https://cloud.google.com/apis/design/resource_names#relative_resource_name)
+        #     Example: `organizations/{organization_id}`.
+        # @!attribute [rw] custom_config
+        #   @return [::Google::Cloud::SecurityCenterManagement::V1::CustomConfig]
+        #     Required. The custom configuration that you need to test.
+        # @!attribute [rw] resource
+        #   @return [::Google::Cloud::SecurityCenterManagement::V1::SimulateSecurityHealthAnalyticsCustomModuleRequest::SimulatedResource]
+        #     Required. Resource data to simulate custom module against.
+        class SimulateSecurityHealthAnalyticsCustomModuleRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # Manually constructed resource name. If the custom module evaluates against
+          # only the resource data, you can omit the `iam_policy_data` field. If it
+          # evaluates only the `iam_policy_data` field, you can omit the resource data.
+          # @!attribute [rw] resource_type
+          #   @return [::String]
+          #     Required. The type of the resource, for example,
+          #     `compute.googleapis.com/Disk`.
+          # @!attribute [rw] resource_data
+          #   @return [::Google::Protobuf::Struct]
+          #     Optional. A representation of the Google Cloud resource. Should match the
+          #     Google Cloud resource JSON format.
+          # @!attribute [rw] iam_policy_data
+          #   @return [::Google::Iam::V1::Policy]
+          #     Optional. A representation of the IAM policy.
+          class SimulatedResource
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+        end
+
+        # A subset of the fields of the Security Center Finding proto. The minimum set
+        # of fields needed to represent a simulated finding from a SHA custom module.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Identifier. The [relative resource
+        #     name](https://cloud.google.com/apis/design/resource_names#relative_resource_name)
+        #     of the finding. Example:
+        #     "organizations/\\{organization_id}/sources/\\{source_id}/findings/\\{finding_id}",
+        #     "folders/\\{folder_id}/sources/\\{source_id}/findings/\\{finding_id}",
+        #     "projects/\\{project_id}/sources/\\{source_id}/findings/\\{finding_id}".
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     The relative resource name of the source the finding belongs to. See:
+        #     https://cloud.google.com/apis/design/resource_names#relative_resource_name
+        #     This field is immutable after creation time.
+        #     For example:
+        #     "organizations/\\{organization_id}/sources/\\{source_id}"
+        # @!attribute [rw] resource_name
+        #   @return [::String]
+        #     For findings on Google Cloud resources, the full resource
+        #     name of the Google Cloud resource this finding is for. See:
+        #     https://cloud.google.com/apis/design/resource_names#full_resource_name
+        #     When the finding is for a non-Google Cloud resource, the resourceName can
+        #     be a customer or partner defined string. This field is immutable after
+        #     creation time.
+        # @!attribute [rw] category
+        #   @return [::String]
+        #     The additional taxonomy group within findings from a given source.
+        #     This field is immutable after creation time.
+        #     Example: "XSS_FLASH_INJECTION"
+        # @!attribute [r] state
+        #   @return [::Google::Cloud::SecurityCenterManagement::V1::SimulatedFinding::State]
+        #     Output only. The state of the finding.
+        # @!attribute [rw] source_properties
+        #   @return [::Google::Protobuf::Map{::String => ::Google::Protobuf::Value}]
+        #     Source specific properties. These properties are managed by the source
+        #     that writes the finding. The key names in the source_properties map must be
+        #     between 1 and 255 characters, and must start with a letter and contain
+        #     alphanumeric characters or underscores only.
+        # @!attribute [rw] event_time
+        #   @return [::Google::Protobuf::Timestamp]
+        #     The time the finding was first detected. If an existing finding is updated,
+        #     then this is the time the update occurred.
+        #     For example, if the finding represents an open firewall, this property
+        #     captures the time the detector believes the firewall became open. The
+        #     accuracy is determined by the detector. If the finding is later resolved,
+        #     then this time reflects when the finding was resolved. This must not
+        #     be set to a value greater than the current timestamp.
+        # @!attribute [rw] severity
+        #   @return [::Google::Cloud::SecurityCenterManagement::V1::SimulatedFinding::Severity]
+        #     The severity of the finding. This field is managed by the source that
+        #     writes the finding.
+        # @!attribute [rw] finding_class
+        #   @return [::Google::Cloud::SecurityCenterManagement::V1::SimulatedFinding::FindingClass]
+        #     The class of the finding.
+        class SimulatedFinding
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # @!attribute [rw] key
+          #   @return [::String]
+          # @!attribute [rw] value
+          #   @return [::Google::Protobuf::Value]
+          class SourcePropertiesEntry
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+
+          # The state of the finding.
+          module State
+            # Unspecified state.
+            STATE_UNSPECIFIED = 0
+
+            # The finding requires attention and has not been addressed yet.
+            ACTIVE = 1
+
+            # The finding has been fixed, triaged as a non-issue or otherwise addressed
+            # and is no longer active.
+            INACTIVE = 2
+          end
+
+          # The severity of the finding.
+          module Severity
+            # This value is used for findings when a source doesn't write a severity
+            # value.
+            SEVERITY_UNSPECIFIED = 0
+
+            # Vulnerability:
+            # A critical vulnerability is easily discoverable by an external actor,
+            # exploitable, and results in the direct ability to execute arbitrary code,
+            # exfiltrate data, and otherwise gain additional access and privileges to
+            # cloud resources and workloads. Examples include publicly accessible
+            # unprotected user data and public SSH access with weak or no
+            # passwords.
+            #
+            # Threat:
+            # Indicates a threat that is able to access, modify, or delete data or
+            # execute unauthorized code within existing resources.
+            CRITICAL = 1
+
+            # Vulnerability:
+            # A high risk vulnerability can be easily discovered and exploited in
+            # combination with other vulnerabilities in order to gain direct access and
+            # the ability to execute arbitrary code, exfiltrate data, and otherwise
+            # gain additional access and privileges to cloud resources and workloads.
+            # An example is a database with weak or no passwords that is only
+            # accessible internally. This database could easily be compromised by an
+            # actor that had access to the internal network.
+            #
+            # Threat:
+            # Indicates a threat that is able to create new computational resources in
+            # an environment but not able to access data or execute code in existing
+            # resources.
+            HIGH = 2
+
+            # Vulnerability:
+            # A medium risk vulnerability could be used by an actor to gain access to
+            # resources or privileges that enable them to eventually (through multiple
+            # steps or a complex exploit) gain access and the ability to execute
+            # arbitrary code or exfiltrate data. An example is a service account with
+            # access to more projects than it should have. If an actor gains access to
+            # the service account, they could potentially use that access to manipulate
+            # a project the service account was not intended to.
+            #
+            # Threat:
+            # Indicates a threat that is able to cause operational impact but may not
+            # access data or execute unauthorized code.
+            MEDIUM = 3
+
+            # Vulnerability:
+            # A low risk vulnerability hampers a security organization's ability to
+            # detect vulnerabilities or active threats in their deployment, or prevents
+            # the root cause investigation of security issues. An example is monitoring
+            # and logs being disabled for resource configurations and access.
+            #
+            # Threat:
+            # Indicates a threat that has obtained minimal access to an environment but
+            # is not able to access data, execute code, or create resources.
+            LOW = 4
+          end
+
+          # Represents what kind of Finding it is.
+          module FindingClass
+            # Unspecified finding class.
+            FINDING_CLASS_UNSPECIFIED = 0
+
+            # Describes unwanted or malicious activity.
+            THREAT = 1
+
+            # Describes a potential weakness in software that increases risk to
+            # Confidentiality & Integrity & Availability.
+            VULNERABILITY = 2
+
+            # Describes a potential weakness in cloud resource/asset configuration that
+            # increases risk.
+            MISCONFIGURATION = 3
+
+            # Describes a security observation that is for informational purposes.
+            OBSERVATION = 4
+
+            # Describes an error that prevents some SCC functionality.
+            SCC_ERROR = 5
+
+            # Describes a potential security risk due to a change in the security
+            # posture.
+            POSTURE_VIOLATION = 6
+          end
+        end
+
+        # Response message for simulating a `SecurityHealthAnalyticsCustomModule`
+        # against a given resource.
+        # @!attribute [rw] result
+        #   @return [::Google::Cloud::SecurityCenterManagement::V1::SimulateSecurityHealthAnalyticsCustomModuleResponse::SimulatedResult]
+        #     Result for test case in the corresponding request.
+        class SimulateSecurityHealthAnalyticsCustomModuleResponse
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # Possible test result.
+          # @!attribute [rw] finding
+          #   @return [::Google::Cloud::SecurityCenterManagement::V1::SimulatedFinding]
+          #     Finding that would be published for the test case,
+          #     if a violation is detected.
+          # @!attribute [rw] no_violation
+          #   @return [::Google::Protobuf::Empty]
+          #     Indicates that the test case does not trigger any violation.
+          # @!attribute [rw] error
+          #   @return [::Google::Rpc::Status]
+          #     Error encountered during the test.
+          class SimulatedResult
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+        end
+
+        # An EffectiveEventThreatDetectionCustomModule is the representation of
+        # EventThreatDetectionCustomModule at a given level taking hierarchy into
+        # account and resolving various fields accordingly. e.g. if the module is
+        # enabled at the ancestor level, effective modules at all descendant levels
+        # will have enablement_state set to ENABLED. Similarly, if module.inherited is
+        # set, then effective module's config will contain the ancestor's config
+        # details. EffectiveEventThreatDetectionCustomModule is read-only.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Identifier. The resource name of the ETD custom module.
+        #
+        #     Its format is:
+        #
+        #       * "organizations/\\{organization}/locations/\\{location}/effectiveEventThreatDetectionCustomModules/\\{effective_event_threat_detection_custom_module}".
+        #       * "folders/\\{folder}/locations/\\{location}/effectiveEventThreatDetectionCustomModules/\\{effective_event_threat_detection_custom_module}".
+        #       * "projects/\\{project}/locations/\\{location}/effectiveEventThreatDetectionCustomModules/\\{effective_event_threat_detection_custom_module}".
+        # @!attribute [r] config
+        #   @return [::Google::Protobuf::Struct]
+        #     Output only. Config for the effective module.
+        # @!attribute [r] enablement_state
+        #   @return [::Google::Cloud::SecurityCenterManagement::V1::EffectiveEventThreatDetectionCustomModule::EnablementState]
+        #     Output only. The effective state of enablement for the module at the given
+        #     level of the hierarchy.
+        # @!attribute [r] type
+        #   @return [::String]
+        #     Output only. Type for the module. e.g. CONFIGURABLE_BAD_IP.
+        # @!attribute [r] display_name
+        #   @return [::String]
+        #     Output only. The human readable name to be displayed for the module.
+        # @!attribute [r] description
+        #   @return [::String]
+        #     Output only. The description for the module.
+        class EffectiveEventThreatDetectionCustomModule
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # The enablement state of the module.
+          module EnablementState
+            # Unspecified enablement state.
+            ENABLEMENT_STATE_UNSPECIFIED = 0
+
+            # The module is enabled at the given level.
+            ENABLED = 1
+
+            # The module is disabled at the given level.
+            DISABLED = 2
+          end
+        end
+
+        # Request message for listing effective Event Threat Detection custom
+        # modules.
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. Name of parent to list effective custom modules. Its format is
+        #     "organizations/\\{organization}/locations/\\{location}",
+        #     "folders/\\{folder}/locations/\\{location}",
+        #     or
+        #     "projects/\\{project}/locations/\\{location}"
+        # @!attribute [rw] page_size
+        #   @return [::Integer]
+        #     Optional. The maximum number of results to return in a single response.
+        #     Default is 10, minimum is 1, maximum is 1000.
+        # @!attribute [rw] page_token
+        #   @return [::String]
+        #     Optional. The value returned by the last call indicating a continuation
+        class ListEffectiveEventThreatDetectionCustomModulesRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Response message for listing effective Event Threat Detection custom
+        # modules.
+        # @!attribute [rw] effective_event_threat_detection_custom_modules
+        #   @return [::Array<::Google::Cloud::SecurityCenterManagement::V1::EffectiveEventThreatDetectionCustomModule>]
+        #     The list of EffectiveEventThreatDetectionCustomModules
+        # @!attribute [rw] next_page_token
+        #   @return [::String]
+        #     A token identifying a page of results the server should return.
+        class ListEffectiveEventThreatDetectionCustomModulesResponse
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Message for getting a EffectiveEventThreatDetectionCustomModule
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. The resource name of the ETD custom module.
+        #
+        #     Its format is:
+        #
+        #       * "organizations/\\{organization}/locations/\\{location}/effectiveEventThreatDetectionCustomModules/\\{effective_event_threat_detection_custom_module}".
+        #       * "folders/\\{folder}/locations/\\{location}/effectiveEventThreatDetectionCustomModules/\\{effective_event_threat_detection_custom_module}".
+        #       * "projects/\\{project}/locations/\\{location}/effectiveEventThreatDetectionCustomModules/\\{effective_event_threat_detection_custom_module}".
+        class GetEffectiveEventThreatDetectionCustomModuleRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # An event threat detection custom module is a Cloud SCC resource that contains
+        # the configuration and enablement state of a custom module, which enables ETD
+        # to write certain findings to Cloud SCC.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Identifier. The resource name of the ETD custom module.
+        #
+        #     Its format is:
+        #
+        #       * "organizations/\\{organization}/locations/\\{location}/eventThreatDetectionCustomModules/\\{event_threat_detection_custom_module}".
+        #       * "folders/\\{folder}/locations/\\{location}/eventThreatDetectionCustomModules/\\{event_threat_detection_custom_module}".
+        #       * "projects/\\{project}/locations/\\{location}/eventThreatDetectionCustomModules/\\{event_threat_detection_custom_module}".
+        # @!attribute [rw] config
+        #   @return [::Google::Protobuf::Struct]
+        #     Optional. Config for the module. For the resident module, its config value
+        #     is defined at this level. For the inherited module, its config value is
+        #     inherited from the ancestor module.
+        # @!attribute [r] ancestor_module
+        #   @return [::String]
+        #     Output only. The closest ancestor module that this module inherits the
+        #     enablement state from. If empty, indicates that the custom module was
+        #     created in the requesting parent organization, folder, or project. The
+        #     format is the same as the EventThreatDetectionCustomModule resource name.
+        # @!attribute [rw] enablement_state
+        #   @return [::Google::Cloud::SecurityCenterManagement::V1::EventThreatDetectionCustomModule::EnablementState]
+        #     Optional. The state of enablement for the module at the given level of the
+        #     hierarchy.
+        # @!attribute [rw] type
+        #   @return [::String]
+        #     Optional. Type for the module. e.g. CONFIGURABLE_BAD_IP.
+        # @!attribute [rw] display_name
+        #   @return [::String]
+        #     Optional. The human readable name to be displayed for the module.
+        # @!attribute [rw] description
+        #   @return [::String]
+        #     Optional. The description for the module.
+        # @!attribute [r] update_time
+        #   @return [::Google::Protobuf::Timestamp]
+        #     Output only. The time the module was last updated.
+        # @!attribute [r] last_editor
+        #   @return [::String]
+        #     Output only. The editor the module was last updated by.
+        class EventThreatDetectionCustomModule
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # The enablement state of the module.
+          module EnablementState
+            # Unspecified enablement state.
+            ENABLEMENT_STATE_UNSPECIFIED = 0
+
+            # The module is enabled at the given level.
+            ENABLED = 1
+
+            # The module is disabled at the given level.
+            DISABLED = 2
+
+            # State is inherited from an ancestor module. The module will either
+            # be effectively ENABLED or DISABLED based on its closest non-inherited
+            # ancestor module in the CRM hierarchy. Attempting to set a top level
+            # module (module with no parent) to the INHERITED state will result in an
+            # error.
+            INHERITED = 3
+          end
+        end
+
+        # Request message for listing Event Threat Detection custom modules.
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. Name of parent to list custom modules. Its format is
+        #     "organizations/\\{organization}/locations/\\{location}",
+        #     "folders/\\{folder}/locations/\\{location}",
+        #     or
+        #     "projects/\\{project}/locations/\\{location}"
+        # @!attribute [rw] page_size
+        #   @return [::Integer]
+        #     Optional. The maximum number of modules to return. The service may return
+        #     fewer than this value. If unspecified, at most 10 configs will be returned.
+        #     The maximum value is 1000; values above 1000 will be coerced to 1000.
+        # @!attribute [rw] page_token
+        #   @return [::String]
+        #     Optional. A page token, received from a previous
+        #     `ListEventThreatDetectionCustomModules` call. Provide this to retrieve the
+        #     subsequent page.
+        #
+        #     When paginating, all other parameters provided to
+        #     `ListEventThreatDetectionCustomModules` must match the call that provided
+        #     the page token.
+        class ListEventThreatDetectionCustomModulesRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Response message for listing Event Threat Detection custom modules.
+        # @!attribute [rw] event_threat_detection_custom_modules
+        #   @return [::Array<::Google::Cloud::SecurityCenterManagement::V1::EventThreatDetectionCustomModule>]
+        #     The list of EventThreatDetectionCustomModules
+        # @!attribute [rw] next_page_token
+        #   @return [::String]
+        #     A token identifying a page of results the server should return.
+        class ListEventThreatDetectionCustomModulesResponse
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request message for listing descendant Event Threat Detection custom
+        # modules.
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. Name of parent to list custom modules. Its format is
+        #     "organizations/\\{organization}/locations/\\{location}",
+        #     "folders/\\{folder}/locations/\\{location}",
+        #     or
+        #     "projects/\\{project}/locations/\\{location}"
+        # @!attribute [rw] page_size
+        #   @return [::Integer]
+        #     Optional. The maximum number of modules to return. The service may return
+        #     fewer than this value. If unspecified, at most 10 configs will be returned.
+        #     The maximum value is 1000; values above 1000 will be coerced to 1000.
+        # @!attribute [rw] page_token
+        #   @return [::String]
+        #     Optional. A token identifying a page of results the server should return.
+        class ListDescendantEventThreatDetectionCustomModulesRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Response message for listing descendant Event Threat Detection custom
+        # modules.
+        # @!attribute [rw] event_threat_detection_custom_modules
+        #   @return [::Array<::Google::Cloud::SecurityCenterManagement::V1::EventThreatDetectionCustomModule>]
+        #     The list of EventThreatDetectionCustomModules
+        # @!attribute [rw] next_page_token
+        #   @return [::String]
+        #     A token identifying a page of results the server should return.
+        class ListDescendantEventThreatDetectionCustomModulesResponse
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Message for getting a EventThreatDetectionCustomModule
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. The resource name of the ETD custom module.
+        #
+        #     Its format is:
+        #
+        #       * "organizations/\\{organization}/locations/\\{location}/eventThreatDetectionCustomModules/\\{event_threat_detection_custom_module}".
+        #       * "folders/\\{folder}/locations/\\{location}/eventThreatDetectionCustomModules/\\{event_threat_detection_custom_module}".
+        #       * "projects/\\{project}/locations/\\{location}/eventThreatDetectionCustomModules/\\{event_threat_detection_custom_module}".
+        class GetEventThreatDetectionCustomModuleRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Message for creating a EventThreatDetectionCustomModule
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. Name of parent for the module. Its format is
+        #     "organizations/\\{organization}/locations/\\{location}",
+        #     "folders/\\{folder}/locations/\\{location}",
+        #     or
+        #     "projects/\\{project}/locations/\\{location}"
+        # @!attribute [rw] event_threat_detection_custom_module
+        #   @return [::Google::Cloud::SecurityCenterManagement::V1::EventThreatDetectionCustomModule]
+        #     Required. The module to create. The
+        #     event_threat_detection_custom_module.name will be ignored and server
+        #     generated.
+        # @!attribute [rw] validate_only
+        #   @return [::Boolean]
+        #     Optional. When set to true, only validations (including IAM checks) will
+        #     done for the request (no module will be created). An OK response indicates
+        #     the request is valid while an error response indicates the request is
+        #     invalid. Note that a subsequent request to actually create the module could
+        #     still fail because 1. the state could have changed (e.g. IAM permission
+        #     lost) or
+        #     2. A failure occurred during creation of the module.
+        class CreateEventThreatDetectionCustomModuleRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Message for updating a EventThreatDetectionCustomModule
+        # @!attribute [rw] update_mask
+        #   @return [::Google::Protobuf::FieldMask]
+        #     Required. Field mask is used to specify the fields to be overwritten in the
+        #     EventThreatDetectionCustomModule resource by the update.
+        #     The fields specified in the update_mask are relative to the resource, not
+        #     the full request. A field will be overwritten if it is in the mask. If the
+        #     user does not provide a mask then all fields will be overwritten.
+        # @!attribute [rw] event_threat_detection_custom_module
+        #   @return [::Google::Cloud::SecurityCenterManagement::V1::EventThreatDetectionCustomModule]
+        #     Required. The module being updated
+        # @!attribute [rw] validate_only
+        #   @return [::Boolean]
+        #     Optional. When set to true, only validations (including IAM checks) will
+        #     done for the request (module will not be updated). An OK response indicates
+        #     the request is valid while an error response indicates the request is
+        #     invalid. Note that a subsequent request to actually update the module could
+        #     still fail because 1. the state could have changed (e.g. IAM permission
+        #     lost) or
+        #     2. A failure occurred while trying to update the module.
+        class UpdateEventThreatDetectionCustomModuleRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Message for deleting a EventThreatDetectionCustomModule
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. The resource name of the ETD custom module.
+        #
+        #     Its format is:
+        #
+        #       * "organizations/\\{organization}/locations/\\{location}/eventThreatDetectionCustomModules/\\{event_threat_detection_custom_module}".
+        #       * "folders/\\{folder}/locations/\\{location}/eventThreatDetectionCustomModules/\\{event_threat_detection_custom_module}".
+        #       * "projects/\\{project}/locations/\\{location}/eventThreatDetectionCustomModules/\\{event_threat_detection_custom_module}".
+        # @!attribute [rw] validate_only
+        #   @return [::Boolean]
+        #     Optional. When set to true, only validations (including IAM checks) will
+        #     done for the request (module will not be deleted). An OK response indicates
+        #     the request is valid while an error response indicates the request is
+        #     invalid. Note that a subsequent request to actually delete the module could
+        #     still fail because 1. the state could have changed (e.g. IAM permission
+        #     lost) or
+        #     2. A failure occurred while trying to delete the module.
+        class DeleteEventThreatDetectionCustomModuleRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request to validate an Event Threat Detection custom module.
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. Resource name of the parent to validate the Custom Module under.
+        #
+        #     Its format is:
+        #
+        #       * "organizations/\\{organization}/locations/\\{location}".
+        # @!attribute [rw] raw_text
+        #   @return [::String]
+        #     Required. The raw text of the module's contents. Used to generate error
+        #     messages.
+        # @!attribute [rw] type
+        #   @return [::String]
+        #     Required. The type of the module (e.g. CONFIGURABLE_BAD_IP).
+        class ValidateEventThreatDetectionCustomModuleRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Response to validating an Event Threat Detection custom module.
+        # @!attribute [rw] errors
+        #   @return [::Array<::Google::Cloud::SecurityCenterManagement::V1::ValidateEventThreatDetectionCustomModuleResponse::CustomModuleValidationError>]
+        #     A list of errors returned by the validator. If the list is empty, there
+        #     were no errors.
+        class ValidateEventThreatDetectionCustomModuleResponse
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # An error encountered while validating the uploaded configuration of an
+          # Event Threat Detection Custom Module.
+          # @!attribute [rw] description
+          #   @return [::String]
+          #     A description of the error, suitable for human consumption. Required.
+          # @!attribute [rw] field_path
+          #   @return [::String]
+          #     The path, in RFC 8901 JSON Pointer format, to the field that failed
+          #     validation. This may be left empty if no specific field is affected.
+          # @!attribute [rw] start
+          #   @return [::Google::Cloud::SecurityCenterManagement::V1::ValidateEventThreatDetectionCustomModuleResponse::Position]
+          #     The initial position of the error in the uploaded text version of the
+          #     module. This field may be omitted if no specific position applies, or if
+          #     one could not be computed.
+          # @!attribute [rw] end
+          #   @return [::Google::Cloud::SecurityCenterManagement::V1::ValidateEventThreatDetectionCustomModuleResponse::Position]
+          #     The end position of the error in the uploaded text version of the
+          #     module. This field may be omitted if no specific position applies, or if
+          #     one could not be computed..
+          class CustomModuleValidationError
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+
+          # A position in the uploaded text version of a module.
+          # @!attribute [rw] line_number
+          #   @return [::Integer]
+          #     The line position in the text
+          # @!attribute [rw] column_number
+          #   @return [::Integer]
+          #     The column position in the line
+          class Position
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+        end
+      end
+    end
+  end
+end