feat: [securitycenter] released securitycenter/v1 SHA custom modules …

…cloud libraries: Create, Get, List, Update, Delete (#4164)

* feat: released securitycenter/v1 SHA custom modules cloud libraries: Create, Get, List, Update, Delete

The Security Health Analytics (SHA) custom modules API is now released for general availability track. Create, Get, GetEffective, List, ListEffective, ListDescendant, Update, and Delete are available in the cloud client library.

PiperOrigin-RevId: 523462834

Source-Link: googleapis/googleapis@b7b3dfd

Source-Link: googleapis/googleapis-gen@9b679ec
Copy-Tag: eyJwIjoicGFja2FnZXMvZ29vZ2xlLWNsb3VkLXNlY3VyaXR5Y2VudGVyLy5Pd2xCb3QueWFtbCIsImgiOiI5YjY3OWVjMDJhN2UxNmRmOWYwZTdmNjZlMDc3ZTM3OWVmZDI1YWQ0In0=

* 🦉 Updates from OwlBot post-processor

See https://github.com/googleapis/repo-automation-bots/blob/main/packages/owl-bot/README.md

---------

Co-authored-by: Owl Bot <gcf-owl-bot[bot]@users.noreply.github.com>

packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/access.proto

@@ -1,4 +1,4 @@
-// Copyright 2022 Google LLC
+// Copyright 2023 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -106,4 +106,4 @@ message ServiceAccountDelegationInfo {
 message Geolocation {
   // A CLDR.
   string region_code = 1;
-}
+}

packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/asset.proto

@@ -1,4 +1,4 @@
-// Copyright 2022 Google LLC
+// Copyright 2023 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.

packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/bigquery_export.proto

@@ -1,4 +1,4 @@
-// Copyright 2022 Google LLC
+// Copyright 2023 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -78,22 +78,24 @@ message BigQueryExport {
   // (0-9), or underscores (_).
   string dataset = 4;
 
-  // Output only. The time at which the big query export was created.
+  // Output only. The time at which the BigQuery export was created.
   // This field is set by the server and will be ignored if provided on export
   // on creation.
-  google.protobuf.Timestamp create_time = 5 [(google.api.field_behavior) = OUTPUT_ONLY];
+  google.protobuf.Timestamp create_time = 5
+      [(google.api.field_behavior) = OUTPUT_ONLY];
 
-  // Output only. The most recent time at which the big export was updated.
+  // Output only. The most recent time at which the BigQuery export was updated.
   // This field is set by the server and will be ignored if provided on export
   // creation or update.
-  google.protobuf.Timestamp update_time = 6 [(google.api.field_behavior) = OUTPUT_ONLY];
+  google.protobuf.Timestamp update_time = 6
+      [(google.api.field_behavior) = OUTPUT_ONLY];
 
-  // Output only. Email address of the user who last edited the big query export.
+  // Output only. Email address of the user who last edited the BigQuery export.
   // This field is set by the server and will be ignored if provided on export
   // creation or update.
   string most_recent_editor = 7 [(google.api.field_behavior) = OUTPUT_ONLY];
 
-  // Output only. The service account that needs permission to create table, upload data to
-  // the big query dataset.
+  // Output only. The service account that needs permission to create table and
+  // upload data to the BigQuery dataset.
   string principal = 8 [(google.api.field_behavior) = OUTPUT_ONLY];
 }

packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/compliance.proto

@@ -1,4 +1,4 @@
-// Copyright 2022 Google LLC
+// Copyright 2023 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.

packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/connection.proto

@@ -1,4 +1,4 @@
-// Copyright 2022 Google LLC
+// Copyright 2023 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.

packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/contact_details.proto

@@ -1,4 +1,4 @@
-// Copyright 2022 Google LLC
+// Copyright 2023 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -30,8 +30,8 @@ message ContactDetails {
   repeated Contact contacts = 1;
 }
 
-// Representa a single contact's email address
+// The email address of a contact.
 message Contact {
-  // An email address e.g. "person123@company.com"
+  // An email address. For example, "`person123@company.com`".
   string email = 1;
 }

packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/container.proto

@@ -1,4 +1,4 @@
-// Copyright 2022 Google LLC
+// Copyright 2023 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.

packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/database.proto

@@ -1,4 +1,4 @@
-// Copyright 2022 Google LLC
+// Copyright 2023 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -29,7 +29,7 @@ option ruby_package = "Google::Cloud::SecurityCenter::V1";
 // instances or Cloud Spanner instances), or the database instance itself.
 // Some database resources may not have the full resource name populated
 // because these resource types are not yet supported by Cloud Asset Inventory
-// (e.g. CloudSQL databases).  In these cases only the display name will be
+// (e.g. CloudSQL databases). In these cases only the display name will be
 // provided.
 message Database {
   // The full resource name of the database the user connected to, if it is

packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/effective_security_health_analytics_custom_module.proto

@@ -0,0 +1,81 @@
+// Copyright 2023 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package google.cloud.securitycenter.v1;
+
+import "google/api/field_behavior.proto";
+import "google/api/resource.proto";
+import "google/cloud/securitycenter/v1/security_health_analytics_custom_config.proto";
+
+option csharp_namespace = "Google.Cloud.SecurityCenter.V1";
+option go_package = "cloud.google.com/go/securitycenter/apiv1/securitycenterpb;securitycenterpb";
+option java_multiple_files = true;
+option java_outer_classname = "EffectiveSecurityHealthAnalyticsCustomModuleProto";
+option java_package = "com.google.cloud.securitycenter.v1";
+option php_namespace = "Google\\Cloud\\SecurityCenter\\V1";
+option ruby_package = "Google::Cloud::SecurityCenter::V1";
+
+// An EffectiveSecurityHealthAnalyticsCustomModule is the representation of
+// a Security Health Analytics custom module at a specified level of the
+// resource hierarchy: organization, folder, or project. If a custom module is
+// inherited from a parent organization or folder, the value of the
+// `enablementState` property in EffectiveSecurityHealthAnalyticsCustomModule is
+// set to the value that is effective in the parent, instead of  `INHERITED`.
+// For example, if the module is enabled in a parent organization or folder, the
+// effective enablement_state for the module in all child folders or projects is
+// also `enabled`. EffectiveSecurityHealthAnalyticsCustomModule is read-only.
+message EffectiveSecurityHealthAnalyticsCustomModule {
+  option (google.api.resource) = {
+    type: "securitycenter.googleapis.com/EffectiveSecurityHealthAnalyticsCustomModule"
+    pattern: "organizations/{organization}/securityHealthAnalyticsSettings/effectiveCustomModules/{effective_custom_module}"
+    pattern: "folders/{folder}/securityHealthAnalyticsSettings/effectiveCustomModules/{effective_custom_module}"
+    pattern: "projects/{project}/securityHealthAnalyticsSettings/effectiveCustomModules/{effective_custom_module}"
+  };
+
+  // The enablement state of the module.
+  enum EnablementState {
+    // Unspecified enablement state.
+    ENABLEMENT_STATE_UNSPECIFIED = 0;
+
+    // The module is enabled at the given level.
+    ENABLED = 1;
+
+    // The module is disabled at the given level.
+    DISABLED = 2;
+  }
+
+  // Output only. The resource name of the custom module.
+  // Its format is
+  // "organizations/{organization}/securityHealthAnalyticsSettings/effectiveCustomModules/{customModule}",
+  // or
+  // "folders/{folder}/securityHealthAnalyticsSettings/effectiveCustomModules/{customModule}",
+  // or
+  // "projects/{project}/securityHealthAnalyticsSettings/effectiveCustomModules/{customModule}"
+  string name = 1 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+  // Output only. The user-specified configuration for the module.
+  CustomConfig custom_config = 2 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+  // Output only. The effective state of enablement for the module at the given
+  // level of the hierarchy.
+  EnablementState enablement_state = 3
+      [(google.api.field_behavior) = OUTPUT_ONLY];
+
+  // Output only. The display name for the custom module. The name must be
+  // between 1 and 128 characters, start with a lowercase letter, and contain
+  // alphanumeric characters or underscores only.
+  string display_name = 4 [(google.api.field_behavior) = OUTPUT_ONLY];
+}

packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/exfiltration.proto

@@ -1,4 +1,4 @@
-// Copyright 2022 Google LLC
+// Copyright 2023 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -25,7 +25,7 @@ option php_namespace = "Google\\Cloud\\SecurityCenter\\V1";
 option ruby_package = "Google::Cloud::SecurityCenter::V1";
 
 // Exfiltration represents a data exfiltration attempt of one or more
-// sources to one or more targets.  Sources represent the source
+// sources to one or more targets. Sources represent the source
 // of data that is exfiltrated, and Targets represents the destination the
 // data was copied to.
 message Exfiltration {

packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/external_system.proto

@@ -1,4 +1,4 @@
-// Copyright 2022 Google LLC
+// Copyright 2023 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.

packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/file.proto

@@ -1,4 +1,4 @@
-// Copyright 2022 Google LLC
+// Copyright 2023 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.

packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/finding.proto

@@ -1,4 +1,4 @@
-// Copyright 2022 Google LLC
+// Copyright 2023 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -254,17 +254,19 @@ message Finding {
   // Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
   Indicator indicator = 18;
 
-  // Represents vulnerability-specific fields like CVE and CVS scores.
+  // Represents vulnerability-specific fields like CVE and CVSS scores.
   // CVE stands for Common Vulnerabilities and Exposures
   // (https://cve.mitre.org/about/)
   Vulnerability vulnerability = 20;
 
   // Output only. The most recent time this finding was muted or unmuted.
-  google.protobuf.Timestamp mute_update_time = 21 [(google.api.field_behavior) = OUTPUT_ONLY];
+  google.protobuf.Timestamp mute_update_time = 21
+      [(google.api.field_behavior) = OUTPUT_ONLY];
 
-  // Output only. Third party SIEM/SOAR fields within SCC, contains external system
-  // information and external system finding fields.
-  map<string, ExternalSystem> external_systems = 22 [(google.api.field_behavior) = OUTPUT_ONLY];
+  // Output only. Third party SIEM/SOAR fields within SCC, contains external
+  // system information and external system finding fields.
+  map<string, ExternalSystem> external_systems = 22
+      [(google.api.field_behavior) = OUTPUT_ONLY];
 
   // MITRE ATT&CK tactics and techniques related to this finding.
   // See: https://attack.mitre.org
@@ -286,9 +288,9 @@ message Finding {
   // Represents operating system processes associated with the Finding.
   repeated Process processes = 30;
 
-  // Output only. Map containing the points of contact for the given finding. The key
-  // represents the type of contact, while the value contains a list of all the
-  // contacts that pertain. Please refer to:
+  // Output only. Map containing the points of contact for the given finding.
+  // The key represents the type of contact, while the value contains a list of
+  // all the contacts that pertain. Please refer to:
   // https://cloud.google.com/resource-manager/docs/managing-notification-contacts#notification-categories
   //
   //     {
@@ -303,7 +305,8 @@ message Finding {
   //         ]
   //       }
   //     }
-  map<string, ContactDetails> contacts = 33 [(google.api.field_behavior) = OUTPUT_ONLY];
+  map<string, ContactDetails> contacts = 33
+      [(google.api.field_behavior) = OUTPUT_ONLY];
 
   // Contains compliance information for security standards associated to the
   // finding.
@@ -325,6 +328,11 @@ message Finding {
   // Next steps associate to the finding.
   string next_steps = 40;
 
+  // Unique identifier of the module which generated the finding.
+  // Example:
+  // folders/598186756061/securityHealthAnalyticsSettings/customModules/56799441161885
+  string module_name = 41;
+
   // Containers associated with the finding. containers provides information
   // for both Kubernetes and non-Kubernetes containers.
   repeated Container containers = 42;

packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/folder.proto

@@ -1,4 +1,4 @@
-// Copyright 2022 Google LLC
+// Copyright 2023 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.

packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/iam_binding.proto

@@ -1,4 +1,4 @@
-// Copyright 2022 Google LLC
+// Copyright 2023 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.

packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/indicator.proto

@@ -1,4 +1,4 @@
-// Copyright 2022 Google LLC
+// Copyright 2023 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -24,10 +24,11 @@ option java_package = "com.google.cloud.securitycenter.v1";
 option php_namespace = "Google\\Cloud\\SecurityCenter\\V1";
 option ruby_package = "Google::Cloud::SecurityCenter::V1";
 
-// Represents what's commonly known as an Indicator of compromise (IoC) in
+// Represents what's commonly known as an _indicator of compromise_ (IoC) in
 // computer forensics. This is an artifact observed on a network or in an
 // operating system that, with high confidence, indicates a computer intrusion.
-// Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
+// For more information, see [Indicator of
+// compromise](https://en.wikipedia.org/wiki/Indicator_of_compromise).
 message Indicator {
   // Indicates what signature matched this process.
   message ProcessSignature {
@@ -67,7 +68,7 @@ message Indicator {
     }
   }
 
-  // List of ip addresses associated to the Finding.
+  // The list of IP addresses that are associated with the finding.
   repeated string ip_addresses = 1;
 
   // List of domains associated to the Finding.

packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/kernel_rootkit.proto

@@ -1,4 +1,4 @@
-// Copyright 2022 Google LLC
+// Copyright 2023 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -29,34 +29,34 @@ message KernelRootkit {
   // Rootkit name when available.
   string name = 1;
 
-  // True if unexpected modifications of kernel code memory are present.
+  // True when unexpected modifications of kernel code memory are present.
   bool unexpected_code_modification = 2;
 
-  // True if unexpected modifications of kernel read-only data memory are
+  // True when unexpected modifications of kernel read-only data memory are
   // present.
   bool unexpected_read_only_data_modification = 3;
 
-  // True if `ftrace` points are present with callbacks pointing to regions
+  // True when `ftrace` points are present with callbacks pointing to regions
   // that are not in the expected kernel or module code range.
   bool unexpected_ftrace_handler = 4;
 
-  // True if `kprobe` points are present with callbacks pointing to regions
+  // True when `kprobe` points are present with callbacks pointing to regions
   // that are not in the expected kernel or module code range.
   bool unexpected_kprobe_handler = 5;
 
-  // True if kernel code pages that are not in the expected kernel or module
+  // True when kernel code pages that are not in the expected kernel or module
   // code regions are present.
   bool unexpected_kernel_code_pages = 6;
 
-  // True if system call handlers that are are not in the expected kernel or
+  // True when system call handlers that are are not in the expected kernel or
   // module code regions are present.
   bool unexpected_system_call_handler = 7;
 
-  // True if interrupt handlers that are are not in the expected kernel or
+  // True when interrupt handlers that are are not in the expected kernel or
   // module code regions are present.
   bool unexpected_interrupt_handler = 8;
 
-  // True if unexpected processes in the scheduler run queue are present. Such
+  // True when unexpected processes in the scheduler run queue are present. Such
   // processes are in the run queue, but not in the process task list.
   bool unexpected_processes_in_runqueue = 9;
 }

packages/google-cloud-securitycenter/protos/google/cloud/securitycenter/v1/kubernetes.proto

@@ -1,4 +1,4 @@
-// Copyright 2022 Google LLC
+// Copyright 2023 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -27,7 +27,7 @@ option java_package = "com.google.cloud.securitycenter.v1";
 option php_namespace = "Google\\Cloud\\SecurityCenter\\V1";
 option ruby_package = "Google::Cloud::SecurityCenter::V1";
 
-// Kubernetes related attributes.
+// Kubernetes-related attributes.
 message Kubernetes {
   // Kubernetes Pod.
   message Pod {
@@ -96,8 +96,8 @@ message Kubernetes {
     // The Role or ClusterRole referenced by the binding.
     Role role = 3;
 
-    // Represents the subjects(s) bound to the role. Not always available
-    // for PATCH requests.
+    // Represents one or more subjects that are bound to the role. Not always
+    // available for PATCH requests.
     repeated Subject subjects = 4;
   }