google-api-python-client 2.134.0__py2.py3-none-any.whl → 2.136.0__py2.py3-none-any.whl

googleapiclient/discovery_cache/documents/securitycenter.v1beta2.json

@@ -1906,7 +1906,7 @@
 }
 }
 },
-"revision": "20240531",
+"revision": "20240628",
 "rootUrl": "https://securitycenter.googleapis.com/",
 "schemas": {
 "Access": {
@@ -2051,7 +2051,7 @@
 "id": "AttackExposure",
 "properties": {
 "attackExposureResult": {
-"description": "The resource name of the attack path simulation result that contains the details regarding this attack exposure score. Example: organizations/123/simulations/456/attackExposureResults/789",
+"description": "The resource name of the attack path simulation result that contains the details regarding this attack exposure score. Example: `organizations/123/simulations/456/attackExposureResults/789`",
 "type": "string"
 },
 "exposedHighValueResourcesCount": {
@@ -2159,6 +2159,69 @@
 },
 "type": "object"
 },
+"AzureManagementGroup": {
+"description": "Represents an Azure management group.",
+"id": "AzureManagementGroup",
+"properties": {
+"displayName": {
+"description": "The display name of the Azure management group.",
+"type": "string"
+},
+"id": {
+"description": "The UUID of the Azure management group, for example, `20000000-0001-0000-0000-000000000000`.",
+"type": "string"
+}
+},
+"type": "object"
+},
+"AzureMetadata": {
+"description": "Azure metadata associated with the resource, only applicable if the finding's cloud provider is Microsoft Azure.",
+"id": "AzureMetadata",
+"properties": {
+"managementGroups": {
+"description": "A list of Azure management groups associated with the resource, ordered from lowest level (closest to the subscription) to highest level.",
+"items": {
+"$ref": "AzureManagementGroup"
+},
+"type": "array"
+},
+"resourceGroup": {
+"$ref": "AzureResourceGroup",
+"description": "The Azure resource group associated with the resource."
+},
+"subscription": {
+"$ref": "AzureSubscription",
+"description": "The Azure subscription associated with the resource."
+}
+},
+"type": "object"
+},
+"AzureResourceGroup": {
+"description": "Represents an Azure resource group.",
+"id": "AzureResourceGroup",
+"properties": {
+"name": {
+"description": "The name of the Azure resource group. This is not a UUID.",
+"type": "string"
+}
+},
+"type": "object"
+},
+"AzureSubscription": {
+"description": "Represents an Azure subscription.",
+"id": "AzureSubscription",
+"properties": {
+"displayName": {
+"description": "The display name of the Azure subscription.",
+"type": "string"
+},
+"id": {
+"description": "The UUID of the Azure subscription, for example, `291bba3f-e0a5-47bc-a099-3bdcb2a50a05`.",
+"type": "string"
+}
+},
+"type": "object"
+},
 "BackupDisasterRecovery": {
 "description": "Information related to Google Cloud Backup and DR Service findings.",
 "id": "BackupDisasterRecovery",
@@ -3161,7 +3224,8 @@
 "MISCONFIGURATION",
 "OBSERVATION",
 "SCC_ERROR",
-"POSTURE_VIOLATION"
+"POSTURE_VIOLATION",
+"TOXIC_COMBINATION"
 ],
 "enumDescriptions": [
 "Unspecified finding class.",
@@ -3170,10 +3234,18 @@
 "Describes a potential weakness in cloud resource/asset configuration that increases risk.",
 "Describes a security observation that is for informational purposes.",
 "Describes an error that prevents some SCC functionality.",
-"Describes a potential security risk due to a change in the security posture."
+"Describes a potential security risk due to a change in the security posture.",
+"Describes a group of security issues that, when the issues occur together, represent a greater risk than when the issues occur independently. A group of such issues is referred to as a toxic combination."
 ],
 "type": "string"
 },
+"groupMemberships": {
+"description": "Contains details about groups of which this finding is a member. A group is a collection of findings that are related in some way. This field cannot be updated. Its value is ignored in all update requests.",
+"items": {
+"$ref": "GroupMembership"
+},
+"type": "array"
+},
 "iamBindings": {
 "description": "Represents IAM bindings associated with the finding.",
 "items": {
@@ -3328,6 +3400,10 @@
 ],
 "type": "string"
 },
+"toxicCombination": {
+"$ref": "ToxicCombination",
+"description": "Contains details about a group of security issues that, when the issues occur together, represent a greater risk than when the issues occur independently. A group of such issues is referred to as a toxic combination. This field cannot be updated. Its value is ignored in all update requests."
+},
 "vulnerability": {
 "$ref": "Vulnerability",
 "description": "Represents vulnerability-specific fields like CVE and CVSS scores. CVE stands for Common Vulnerabilities and Exposures (https://cve.mitre.org/about/)"
@@ -3656,7 +3732,7 @@
 "type": "string"
 },
 "name": {
-"description": "This field will be ignored if provided on config creation. Format \"organizations/{organization}/muteConfigs/{mute_config}\" \"folders/{folder}/muteConfigs/{mute_config}\" \"projects/{project}/muteConfigs/{mute_config}\" \"organizations/{organization}/locations/global/muteConfigs/{mute_config}\" \"folders/{folder}/locations/global/muteConfigs/{mute_config}\" \"projects/{project}/locations/global/muteConfigs/{mute_config}\"",
+"description": "This field will be ignored if provided on config creation. Format `organizations/{organization}/muteConfigs/{mute_config}` `folders/{folder}/muteConfigs/{mute_config}` `projects/{project}/muteConfigs/{mute_config}` `organizations/{organization}/locations/global/muteConfigs/{mute_config}` `folders/{folder}/locations/global/muteConfigs/{mute_config}` `projects/{project}/locations/global/muteConfigs/{mute_config}`",
 "type": "string"
 },
 "updateTime": {
@@ -3710,6 +3786,10 @@
 "$ref": "AwsMetadata",
 "description": "The AWS metadata associated with the finding."
 },
+"azureMetadata": {
+"$ref": "AzureMetadata",
+"description": "The Azure metadata associated with the finding."
+},
 "cloudProvider": {
 "description": "Indicates which cloud provider the resource resides in.",
 "enum": [
@@ -3771,7 +3851,7 @@
 "description": "Provides the path to the resource within the resource hierarchy."
 },
 "resourcePathString": {
-"description": "A string representation of the resource path. For Google Cloud, it has the format of organizations/{organization_id}/folders/{folder_id}/folders/{folder_id}/projects/{project_id} where there can be any number of folders. For AWS, it has the format of org/{organization_id}/ou/{organizational_unit_id}/ou/{organizational_unit_id}/account/{account_id} where there can be any number of organizational units. For Azure, it has the format of mg/{management_group_id}/mg/{management_group_id}/subscription/{subscription_id}/rg/{resource_group_name} where there can be any number of management groups.",
+"description": "A string representation of the resource path. For Google Cloud, it has the format of `organizations/{organization_id}/folders/{folder_id}/folders/{folder_id}/projects/{project_id}` where there can be any number of folders. For AWS, it has the format of `org/{organization_id}/ou/{organizational_unit_id}/ou/{organizational_unit_id}/account/{account_id}` where there can be any number of organizational units. For Azure, it has the format of `mg/{management_group_id}/mg/{management_group_id}/subscription/{subscription_id}/rg/{resource_group_name}` where there can be any number of management groups.",
 "type": "string"
 },
 "service": {
@@ -3837,11 +3917,11 @@
 "additionalProperties": {
 "type": "string"
 },
-"description": "List of resource labels to search for, evaluated with AND. For example, \"resource_labels_selector\": {\"key\": \"value\", \"env\": \"prod\"} will match resources with labels \"key\": \"value\" AND \"env\": \"prod\" https://cloud.google.com/resource-manager/docs/creating-managing-labels",
+"description": "List of resource labels to search for, evaluated with `AND`. For example, `\"resource_labels_selector\": {\"key\": \"value\", \"env\": \"prod\"}` will match resources with labels \"key\": \"value\" `AND` \"env\": \"prod\" https://cloud.google.com/resource-manager/docs/creating-managing-labels",
 "type": "object"
 },
 "resourceType": {
-"description": "Apply resource_value only to resources that match resource_type. resource_type will be checked with AND of other resources. For example, \"storage.googleapis.com/Bucket\" with resource_value \"HIGH\" will apply \"HIGH\" value only to \"storage.googleapis.com/Bucket\" resources.",
+"description": "Apply resource_value only to resources that match resource_type. resource_type will be checked with `AND` of other resources. For example, \"storage.googleapis.com/Bucket\" with resource_value \"HIGH\" will apply \"HIGH\" value only to \"storage.googleapis.com/Bucket\" resources.",
 "type": "string"
 },
 "resourceValue": {
@@ -3863,7 +3943,7 @@
 "type": "string"
 },
 "scope": {
-"description": "Project or folder to scope this configuration to. For example, \"project/456\" would apply this configuration only to resources in \"project/456\" scope will be checked with AND of other resources.",
+"description": "Project or folder to scope this configuration to. For example, \"project/456\" would apply this configuration only to resources in \"project/456\" scope will be checked with `AND` of other resources.",
 "type": "string"
 },
 "sensitiveDataProtectionMapping": {
@@ -3871,7 +3951,7 @@
 "description": "A mapping of the sensitivity on Sensitive Data Protection finding to resource values. This mapping can only be used in combination with a resource_type that is related to BigQuery, e.g. \"bigquery.googleapis.com/Dataset\"."
 },
 "tagValues": {
-"description": "Required. Tag values combined with AND to check against. Values in the form \"tagValues/123\" Example: [ \"tagValues/123\", \"tagValues/456\", \"tagValues/789\" ] https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing",
+"description": "Required. Tag values combined with `AND` to check against. Values in the form \"tagValues/123\" Example: `[ \"tagValues/123\", \"tagValues/456\", \"tagValues/789\" ]` https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing",
 "items": {
 "type": "string"
 },
@@ -4382,7 +4462,7 @@
 "id": "GoogleCloudSecuritycenterV2AttackExposure",
 "properties": {
 "attackExposureResult": {
-"description": "The resource name of the attack path simulation result that contains the details regarding this attack exposure score. Example: organizations/123/simulations/456/attackExposureResults/789",
+"description": "The resource name of the attack path simulation result that contains the details regarding this attack exposure score. Example: `organizations/123/simulations/456/attackExposureResults/789`",
 "type": "string"
 },
 "exposedHighValueResourcesCount": {
@@ -4491,6 +4571,69 @@
 },
 "type": "object"
 },
+"GoogleCloudSecuritycenterV2AzureManagementGroup": {
+"description": "Represents an Azure management group.",
+"id": "GoogleCloudSecuritycenterV2AzureManagementGroup",
+"properties": {
+"displayName": {
+"description": "The display name of the Azure management group.",
+"type": "string"
+},
+"id": {
+"description": "The UUID of the Azure management group, for example, `20000000-0001-0000-0000-000000000000`.",
+"type": "string"
+}
+},
+"type": "object"
+},
+"GoogleCloudSecuritycenterV2AzureMetadata": {
+"description": "Azure metadata associated with the resource, only applicable if the finding's cloud provider is Microsoft Azure.",
+"id": "GoogleCloudSecuritycenterV2AzureMetadata",
+"properties": {
+"managementGroups": {
+"description": "A list of Azure management groups associated with the resource, ordered from lowest level (closest to the subscription) to highest level.",
+"items": {
+"$ref": "GoogleCloudSecuritycenterV2AzureManagementGroup"
+},
+"type": "array"
+},
+"resourceGroup": {
+"$ref": "GoogleCloudSecuritycenterV2AzureResourceGroup",
+"description": "The Azure resource group associated with the resource."
+},
+"subscription": {
+"$ref": "GoogleCloudSecuritycenterV2AzureSubscription",
+"description": "The Azure subscription associated with the resource."
+}
+},
+"type": "object"
+},
+"GoogleCloudSecuritycenterV2AzureResourceGroup": {
+"description": "Represents an Azure resource group.",
+"id": "GoogleCloudSecuritycenterV2AzureResourceGroup",
+"properties": {
+"name": {
+"description": "The name of the Azure resource group. This is not a UUID.",
+"type": "string"
+}
+},
+"type": "object"
+},
+"GoogleCloudSecuritycenterV2AzureSubscription": {
+"description": "Represents an Azure subscription.",
+"id": "GoogleCloudSecuritycenterV2AzureSubscription",
+"properties": {
+"displayName": {
+"description": "The display name of the Azure subscription.",
+"type": "string"
+},
+"id": {
+"description": "The UUID of the Azure subscription, for example, `291bba3f-e0a5-47bc-a099-3bdcb2a50a05`.",
+"type": "string"
+}
+},
+"type": "object"
+},
 "GoogleCloudSecuritycenterV2BackupDisasterRecovery": {
 "description": "Information related to Google Cloud Backup and DR Service findings.",
 "id": "GoogleCloudSecuritycenterV2BackupDisasterRecovery",
@@ -5401,7 +5544,8 @@
 "MISCONFIGURATION",
 "OBSERVATION",
 "SCC_ERROR",
-"POSTURE_VIOLATION"
+"POSTURE_VIOLATION",
+"TOXIC_COMBINATION"
 ],
 "enumDescriptions": [
 "Unspecified finding class.",
@@ -5410,10 +5554,18 @@
 "Describes a potential weakness in cloud resource/asset configuration that increases risk.",
 "Describes a security observation that is for informational purposes.",
 "Describes an error that prevents some SCC functionality.",
-"Describes a potential security risk due to a change in the security posture."
+"Describes a potential security risk due to a change in the security posture.",
+"Describes a combination of security issues that represent a more severe security problem when taken together."
 ],
 "type": "string"
 },
+"groupMemberships": {
+"description": "Contains details about groups of which this finding is a member. A group is a collection of findings that are related in some way. This field cannot be updated. Its value is ignored in all update requests.",
+"items": {
+"$ref": "GoogleCloudSecuritycenterV2GroupMembership"
+},
+"type": "array"
+},
 "iamBindings": {
 "description": "Represents IAM bindings associated with the finding.",
 "items": {
@@ -5569,6 +5721,10 @@
 "readOnly": true,
 "type": "string"
 },
+"toxicCombination": {
+"$ref": "GoogleCloudSecuritycenterV2ToxicCombination",
+"description": "Contains details about a group of security issues that, when the issues occur together, represent a greater risk than when the issues occur independently. A group of such issues is referred to as a toxic combination. This field cannot be updated. Its value is ignored in all update requests."
+},
 "vulnerability": {
 "$ref": "GoogleCloudSecuritycenterV2Vulnerability",
 "description": "Represents vulnerability-specific fields like CVE and CVSS scores. CVE stands for Common Vulnerabilities and Exposures (https://cve.mitre.org/about/)"
@@ -5602,6 +5758,29 @@
 },
 "type": "object"
 },
+"GoogleCloudSecuritycenterV2GroupMembership": {
+"description": "Contains details about groups of which this finding is a member. A group is a collection of findings that are related in some way.",
+"id": "GoogleCloudSecuritycenterV2GroupMembership",
+"properties": {
+"groupId": {
+"description": "ID of the group.",
+"type": "string"
+},
+"groupType": {
+"description": "Type of group.",
+"enum": [
+"GROUP_TYPE_UNSPECIFIED",
+"GROUP_TYPE_TOXIC_COMBINATION"
+],
+"enumDescriptions": [
+"Default value.",
+"Group represents a toxic combination."
+],
+"type": "string"
+}
+},
+"type": "object"
+},
 "GoogleCloudSecuritycenterV2IamBinding": {
 "description": "Represents a particular IAM binding, which captures a member's role addition, removal, or state.",
 "id": "GoogleCloudSecuritycenterV2IamBinding",
@@ -5928,7 +6107,10 @@
 "OBTAIN_CAPABILITIES",
 "ACTIVE_SCANNING",
 "SCANNING_IP_BLOCKS",
-"CONTAINER_AND_RESOURCE_DISCOVERY"
+"CONTAINER_ADMINISTRATION_COMMAND",
+"ESCAPE_TO_HOST",
+"CONTAINER_AND_RESOURCE_DISCOVERY",
+"STEAL_OR_FORGE_AUTHENTICATION_CERTIFICATES"
 ],
 "enumDescriptions": [
 "Unspecified value.",
@@ -5990,7 +6172,10 @@
 "T1588",
 "T1595",
 "T1595.001",
-"T1613"
+"T1613",
+"T1611",
+"T1613",
+"T1649"
 ],
 "type": "string"
 },
@@ -6097,7 +6282,10 @@
 "OBTAIN_CAPABILITIES",
 "ACTIVE_SCANNING",
 "SCANNING_IP_BLOCKS",
-"CONTAINER_AND_RESOURCE_DISCOVERY"
+"CONTAINER_ADMINISTRATION_COMMAND",
+"ESCAPE_TO_HOST",
+"CONTAINER_AND_RESOURCE_DISCOVERY",
+"STEAL_OR_FORGE_AUTHENTICATION_CERTIFICATES"
 ],
 "enumDescriptions": [
 "Unspecified value.",
@@ -6159,7 +6347,10 @@
 "T1588",
 "T1595",
 "T1595.001",
-"T1613"
+"T1613",
+"T1611",
+"T1613",
+"T1649"
 ],
 "type": "string"
 },
@@ -6541,6 +6732,10 @@
 "$ref": "GoogleCloudSecuritycenterV2AwsMetadata",
 "description": "The AWS metadata associated with the finding."
 },
+"azureMetadata": {
+"$ref": "GoogleCloudSecuritycenterV2AzureMetadata",
+"description": "The Azure metadata associated with the finding."
+},
 "cloudProvider": {
 "description": "Indicates which cloud provider the finding is from.",
 "enum": [
@@ -6578,7 +6773,7 @@
 "description": "Provides the path to the resource within the resource hierarchy."
 },
 "resourcePathString": {
-"description": "A string representation of the resource path. For Google Cloud, it has the format of organizations/{organization_id}/folders/{folder_id}/folders/{folder_id}/projects/{project_id} where there can be any number of folders. For AWS, it has the format of org/{organization_id}/ou/{organizational_unit_id}/ou/{organizational_unit_id}/account/{account_id} where there can be any number of organizational units. For Azure, it has the format of mg/{management_group_id}/mg/{management_group_id}/subscription/{subscription_id}/rg/{resource_group_name} where there can be any number of management groups.",
+"description": "A string representation of the resource path. For Google Cloud, it has the format of `organizations/{organization_id}/folders/{folder_id}/folders/{folder_id}/projects/{project_id}` where there can be any number of folders. For AWS, it has the format of `org/{organization_id}/ou/{organizational_unit_id}/ou/{organizational_unit_id}/account/{account_id}` where there can be any number of organizational units. For Azure, it has the format of `mg/{management_group_id}/mg/{management_group_id}/subscription/{subscription_id}/rg/{resource_group_name}` where there can be any number of management groups.",
 "type": "string"
 },
 "service": {
@@ -6687,11 +6882,11 @@
 "additionalProperties": {
 "type": "string"
 },
-"description": "List of resource labels to search for, evaluated with AND. For example, \"resource_labels_selector\": {\"key\": \"value\", \"env\": \"prod\"} will match resources with labels \"key\": \"value\" AND \"env\": \"prod\" https://cloud.google.com/resource-manager/docs/creating-managing-labels",
+"description": "List of resource labels to search for, evaluated with `AND`. For example, \"resource_labels_selector\": {\"key\": \"value\", \"env\": \"prod\"} will match resources with labels \"key\": \"value\" `AND` \"env\": \"prod\" https://cloud.google.com/resource-manager/docs/creating-managing-labels",
 "type": "object"
 },
 "resourceType": {
-"description": "Apply resource_value only to resources that match resource_type. resource_type will be checked with AND of other resources. For example, \"storage.googleapis.com/Bucket\" with resource_value \"HIGH\" will apply \"HIGH\" value only to \"storage.googleapis.com/Bucket\" resources.",
+"description": "Apply resource_value only to resources that match resource_type. resource_type will be checked with `AND` of other resources. For example, \"storage.googleapis.com/Bucket\" with resource_value \"HIGH\" will apply \"HIGH\" value only to \"storage.googleapis.com/Bucket\" resources.",
 "type": "string"
 },
 "resourceValue": {
@@ -6713,7 +6908,7 @@
 "type": "string"
 },
 "scope": {
-"description": "Project or folder to scope this configuration to. For example, \"project/456\" would apply this configuration only to resources in \"project/456\" scope will be checked with AND of other resources.",
+"description": "Project or folder to scope this configuration to. For example, \"project/456\" would apply this configuration only to resources in \"project/456\" scope will be checked with `AND` of other resources.",
 "type": "string"
 },
 "sensitiveDataProtectionMapping": {
@@ -6721,7 +6916,7 @@
 "description": "A mapping of the sensitivity on Sensitive Data Protection finding to resource values. This mapping can only be used in combination with a resource_type that is related to BigQuery, e.g. \"bigquery.googleapis.com/Dataset\"."
 },
 "tagValues": {
-"description": "Required. Tag values combined with AND to check against. Values in the form \"tagValues/123\" Example: [ \"tagValues/123\", \"tagValues/456\", \"tagValues/789\" ] https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing",
+"description": "Required. Tag values combined with `AND` to check against. Values in the form \"tagValues/123\" Example: `[ \"tagValues/123\", \"tagValues/456\", \"tagValues/789\" ]` https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing",
 "items": {
 "type": "string"
 },
@@ -6989,6 +7184,25 @@
 },
 "type": "object"
 },
+"GoogleCloudSecuritycenterV2ToxicCombination": {
+"description": "Contains details about a group of security issues that, when the issues occur together, represent a greater risk than when the issues occur independently. A group of such issues is referred to as a toxic combination.",
+"id": "GoogleCloudSecuritycenterV2ToxicCombination",
+"properties": {
+"attackExposureScore": {
+"description": "The [Attack exposure score](https://cloud.google.com/security-command-center/docs/attack-exposure-learn#attack_exposure_scores) of this toxic combination. The score is a measure of how much this toxic combination exposes one or more high-value resources to potential attack.",
+"format": "double",
+"type": "number"
+},
+"relatedFindings": {
+"description": "List of resource names of findings associated with this toxic combination. For example, `organizations/123/sources/456/findings/789`.",
+"items": {
+"type": "string"
+},
+"type": "array"
+}
+},
+"type": "object"
+},
 "GoogleCloudSecuritycenterV2Vulnerability": {
 "description": "Refers to common vulnerability fields e.g. cve, cvss, cwe etc.",
 "id": "GoogleCloudSecuritycenterV2Vulnerability",
@@ -7023,6 +7237,29 @@
 },
 "type": "object"
 },
+"GroupMembership": {
+"description": "Contains details about groups of which this finding is a member. A group is a collection of findings that are related in some way.",
+"id": "GroupMembership",
+"properties": {
+"groupId": {
+"description": "ID of the group.",
+"type": "string"
+},
+"groupType": {
+"description": "Type of group.",
+"enum": [
+"GROUP_TYPE_UNSPECIFIED",
+"GROUP_TYPE_TOXIC_COMBINATION"
+],
+"enumDescriptions": [
+"Default value.",
+"Group represents a toxic combination."
+],
+"type": "string"
+}
+},
+"type": "object"
+},
 "IamBinding": {
 "description": "Represents a particular IAM binding, which captures a member's role addition, removal, or state.",
 "id": "IamBinding",
@@ -7349,7 +7586,10 @@
 "OBTAIN_CAPABILITIES",
 "ACTIVE_SCANNING",
 "SCANNING_IP_BLOCKS",
-"CONTAINER_AND_RESOURCE_DISCOVERY"
+"CONTAINER_ADMINISTRATION_COMMAND",
+"ESCAPE_TO_HOST",
+"CONTAINER_AND_RESOURCE_DISCOVERY",
+"STEAL_OR_FORGE_AUTHENTICATION_CERTIFICATES"
 ],
 "enumDescriptions": [
 "Unspecified value.",
@@ -7411,7 +7651,10 @@
 "T1588",
 "T1595",
 "T1595.001",
-"T1613"
+"T1609",
+"T1611",
+"T1613",
+"T1649"
 ],
 "type": "string"
 },
@@ -7518,7 +7761,10 @@
 "OBTAIN_CAPABILITIES",
 "ACTIVE_SCANNING",
 "SCANNING_IP_BLOCKS",
-"CONTAINER_AND_RESOURCE_DISCOVERY"
+"CONTAINER_ADMINISTRATION_COMMAND",
+"ESCAPE_TO_HOST",
+"CONTAINER_AND_RESOURCE_DISCOVERY",
+"STEAL_OR_FORGE_AUTHENTICATION_CERTIFICATES"
 ],
 "enumDescriptions": [
 "Unspecified value.",
@@ -7580,7 +7826,10 @@
 "T1588",
 "T1595",
 "T1595.001",
-"T1613"
+"T1609",
+"T1611",
+"T1613",
+"T1649"
 ],
 "type": "string"
 },
@@ -8298,6 +8547,25 @@
 },
 "type": "object"
 },
+"ToxicCombination": {
+"description": "Contains details about a group of security issues that, when the issues occur together, represent a greater risk than when the issues occur independently. A group of such issues is referred to as a toxic combination.",
+"id": "ToxicCombination",
+"properties": {
+"attackExposureScore": {
+"description": "The [Attack exposure score](https://cloud.google.com/security-command-center/docs/attack-exposure-learn#attack_exposure_scores) of this toxic combination. The score is a measure of how much this toxic combination exposes one or more high-value resources to potential attack.",
+"format": "double",
+"type": "number"
+},
+"relatedFindings": {
+"description": "List of resource names of findings associated with this toxic combination. For example, `organizations/123/sources/456/findings/789`.",
+"items": {
+"type": "string"
+},
+"type": "array"
+}
+},
+"type": "object"
+},
 "VirtualMachineThreatDetectionSettings": {
 "description": "Resource capturing the settings for the Virtual Machine Threat Detection service.",
 "id": "VirtualMachineThreatDetectionSettings",

googleapiclient/discovery_cache/documents/serviceconsumermanagement.v1.json

@@ -542,7 +542,7 @@
 }
 }
 },
-"revision": "20240617",
+"revision": "20240623",
 "rootUrl": "https://serviceconsumermanagement.googleapis.com/",
 "schemas": {
 "AddTenantProjectRequest": {

googleapiclient/discovery_cache/documents/serviceconsumermanagement.v1beta1.json

@@ -715,7 +715,7 @@
 }
 }
 },
-"revision": "20240617",
+"revision": "20240623",
 "rootUrl": "https://serviceconsumermanagement.googleapis.com/",
 "schemas": {
 "Api": {

googleapiclient/discovery_cache/documents/servicecontrol.v1.json

@@ -197,7 +197,7 @@
 }
 }
 },
-"revision": "20240607",
+"revision": "20240628",
 "rootUrl": "https://servicecontrol.googleapis.com/",
 "schemas": {
 "AllocateInfo": {

googleapiclient/discovery_cache/documents/servicecontrol.v2.json

@@ -169,7 +169,7 @@
 }
 }
 },
-"revision": "20240607",
+"revision": "20240621",
 "rootUrl": "https://servicecontrol.googleapis.com/",
 "schemas": {
 "Api": {

googleapiclient/discovery_cache/documents/servicedirectory.v1.json

@@ -883,7 +883,7 @@
 }
 }
 },
-"revision": "20240609",
+"revision": "20240621",
 "rootUrl": "https://servicedirectory.googleapis.com/",
 "schemas": {
 "Binding": {

googleapiclient/discovery_cache/documents/servicedirectory.v1beta1.json

@@ -971,7 +971,7 @@
 }
 }
 },
-"revision": "20240609",
+"revision": "20240621",
 "rootUrl": "https://servicedirectory.googleapis.com/",
 "schemas": {
 "Binding": {

googleapiclient/discovery_cache/documents/servicemanagement.v1.json

@@ -830,7 +830,7 @@
 }
 }
 },
-"revision": "20240607",
+"revision": "20240621",
 "rootUrl": "https://servicemanagement.googleapis.com/",
 "schemas": {
 "Advice": {

googleapiclient/discovery_cache/documents/servicenetworking.v1.json

@@ -1029,7 +1029,7 @@
 }
 }
 },
-"revision": "20240616",
+"revision": "20240630",
 "rootUrl": "https://servicenetworking.googleapis.com/",
 "schemas": {
 "AddDnsRecordSetMetadata": {
@@ -1957,7 +1957,7 @@
 "type": "object"
 },
 "Documentation": {
-"description": "`Documentation` provides the information for describing a service. Example: documentation: summary: > The Google Calendar API gives access to most calendar features. pages: - name: Overview content: (== include google/foo/overview.md ==) - name: Tutorial content: (== include google/foo/tutorial.md ==) subpages: - name: Java content: (== include google/foo/tutorial_java.md ==) rules: - selector: google.calendar.Calendar.Get description: > ... - selector: google.calendar.Calendar.Put description: > ... Documentation is provided in markdown syntax. In addition to standard markdown features, definition lists, tables and fenced code blocks are supported. Section headers can be provided and are interpreted relative to the section nesting of the context where a documentation fragment is embedded. Documentation from the IDL is merged with documentation defined via the config at normalization time, where documentation provided by config rules overrides IDL provided. A number of constructs specific to the API platform are supported in documentation text. In order to reference a proto element, the following notation can be used: [fully.qualified.proto.name][] To override the display text used for the link, this can be used: [display text][fully.qualified.proto.name] Text can be excluded from doc using the following notation: (-- internal comment --) A few directives are available in documentation. Note that directives must appear on a single line to be properly identified. The `include` directive includes a markdown file from an external source: (== include path/to/file ==) The `resource_for` directive marks a message to be the resource of a collection in REST view. If it is not specified, tools attempt to infer the resource from the operations in a collection: (== resource_for v1.shelves.books ==) The directive `suppress_warning` does not directly affect documentation and is documented together with service config validation.",
+"description": "`Documentation` provides the information for describing a service. Example: documentation: summary: > The Google Calendar API gives access to most calendar features. pages: - name: Overview content: (== include google/foo/overview.md ==) - name: Tutorial content: (== include google/foo/tutorial.md ==) subpages: - name: Java content: (== include google/foo/tutorial_java.md ==) rules: - selector: google.calendar.Calendar.Get description: > ... - selector: google.calendar.Calendar.Put description: > ... code_snippet_rules: - selector: google.calendar.Calendar.Delete code_snippets: - includes: - github_include: region_tag: calendar_delete code_language: JAVA account: GoogleCloudPlatform project: java-docs-samples file: calendar/delete.java Documentation is provided in markdown syntax. In addition to standard markdown features, definition lists, tables and fenced code blocks are supported. Section headers can be provided and are interpreted relative to the section nesting of the context where a documentation fragment is embedded. Documentation from the IDL is merged with documentation defined via the config at normalization time, where documentation provided by config rules overrides IDL provided. A number of constructs specific to the API platform are supported in documentation text. In order to reference a proto element, the following notation can be used: [fully.qualified.proto.name][] To override the display text used for the link, this can be used: [display text][fully.qualified.proto.name] Text can be excluded from doc using the following notation: (-- internal comment --) A few directives are available in documentation. Note that directives must appear on a single line to be properly identified. The `include` directive includes a markdown file from an external source: (== include path/to/file ==) The `resource_for` directive marks a message to be the resource of a collection in REST view. If it is not specified, tools attempt to infer the resource from the operations in a collection: (== resource_for v1.shelves.books ==) The directive `suppress_warning` does not directly affect documentation and is documented together with service config validation.",
 "id": "Documentation",
 "properties": {
 "documentationRootUrl": {