feat(securitycenter): update the api

#### securitycenter:v1

The following keys were added:
- schemas.DataRetentionDeletionEvent (Total Keys: 9)
- schemas.Finding.properties.dataRetentionDeletionEvents (Total Keys: 2)
- schemas.GoogleCloudSecuritycenterV2DataRetentionDeletionEvent (Total Keys: 9)
- schemas.GoogleCloudSecuritycenterV2Finding.properties.dataRetentionDeletionEvents (Total Keys: 2)

#### securitycenter:v1beta1

The following keys were added:
- schemas.DataRetentionDeletionEvent (Total Keys: 9)
- schemas.Finding.properties.dataRetentionDeletionEvents (Total Keys: 2)
- schemas.GoogleCloudSecuritycenterV2DataRetentionDeletionEvent (Total Keys: 9)
- schemas.GoogleCloudSecuritycenterV2Finding.properties.dataRetentionDeletionEvents (Total Keys: 2)

#### securitycenter:v1beta2

The following keys were added:
- schemas.DataRetentionDeletionEvent (Total Keys: 9)
- schemas.Finding.properties.dataRetentionDeletionEvents (Total Keys: 2)
- schemas.GoogleCloudSecuritycenterV2DataRetentionDeletionEvent (Total Keys: 9)
- schemas.GoogleCloudSecuritycenterV2Finding.properties.dataRetentionDeletionEvents (Total Keys: 2)

docs/dyn/securitycenter_v1.folders.securityHealthAnalyticsSettings.customModules.html

@@ -768,6 +768,14 @@ <h3>Method Details</h3>
           &quot;violatedLocation&quot;: &quot;A String&quot;, # Non-compliant location of the principal or the data destination.
         },
       ],
+      &quot;dataRetentionDeletionEvents&quot;: [ # Data retention deletion events associated with the finding.
+        { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+          &quot;dataObjectCount&quot;: &quot;A String&quot;, # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+          &quot;eventDetectionTime&quot;: &quot;A String&quot;, # Timestamp indicating when the event was detected.
+          &quot;eventType&quot;: &quot;A String&quot;, # Type of the DRD event.
+          &quot;maxRetentionAllowed&quot;: &quot;A String&quot;, # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+        },
+      ],
       &quot;database&quot;: { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
         &quot;displayName&quot;: &quot;A String&quot;, # The human-readable name of the database that the user connected to.
         &quot;grantees&quot;: [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.

docs/dyn/securitycenter_v1.folders.sources.findings.html

@@ -337,6 +337,14 @@ <h3>Method Details</h3>
             &quot;violatedLocation&quot;: &quot;A String&quot;, # Non-compliant location of the principal or the data destination.
           },
         ],
+        &quot;dataRetentionDeletionEvents&quot;: [ # Data retention deletion events associated with the finding.
+          { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+            &quot;dataObjectCount&quot;: &quot;A String&quot;, # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+            &quot;eventDetectionTime&quot;: &quot;A String&quot;, # Timestamp indicating when the event was detected.
+            &quot;eventType&quot;: &quot;A String&quot;, # Type of the DRD event.
+            &quot;maxRetentionAllowed&quot;: &quot;A String&quot;, # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+          },
+        ],
         &quot;database&quot;: { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
           &quot;displayName&quot;: &quot;A String&quot;, # The human-readable name of the database that the user connected to.
           &quot;grantees&quot;: [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.
@@ -1003,6 +1011,14 @@ <h3>Method Details</h3>
       &quot;violatedLocation&quot;: &quot;A String&quot;, # Non-compliant location of the principal or the data destination.
     },
   ],
+  &quot;dataRetentionDeletionEvents&quot;: [ # Data retention deletion events associated with the finding.
+    { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+      &quot;dataObjectCount&quot;: &quot;A String&quot;, # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+      &quot;eventDetectionTime&quot;: &quot;A String&quot;, # Timestamp indicating when the event was detected.
+      &quot;eventType&quot;: &quot;A String&quot;, # Type of the DRD event.
+      &quot;maxRetentionAllowed&quot;: &quot;A String&quot;, # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+    },
+  ],
   &quot;database&quot;: { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
     &quot;displayName&quot;: &quot;A String&quot;, # The human-readable name of the database that the user connected to.
     &quot;grantees&quot;: [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.
@@ -1583,6 +1599,14 @@ <h3>Method Details</h3>
       &quot;violatedLocation&quot;: &quot;A String&quot;, # Non-compliant location of the principal or the data destination.
     },
   ],
+  &quot;dataRetentionDeletionEvents&quot;: [ # Data retention deletion events associated with the finding.
+    { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+      &quot;dataObjectCount&quot;: &quot;A String&quot;, # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+      &quot;eventDetectionTime&quot;: &quot;A String&quot;, # Timestamp indicating when the event was detected.
+      &quot;eventType&quot;: &quot;A String&quot;, # Type of the DRD event.
+      &quot;maxRetentionAllowed&quot;: &quot;A String&quot;, # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+    },
+  ],
   &quot;database&quot;: { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
     &quot;displayName&quot;: &quot;A String&quot;, # The human-readable name of the database that the user connected to.
     &quot;grantees&quot;: [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.
@@ -2176,6 +2200,14 @@ <h3>Method Details</h3>
       &quot;violatedLocation&quot;: &quot;A String&quot;, # Non-compliant location of the principal or the data destination.
     },
   ],
+  &quot;dataRetentionDeletionEvents&quot;: [ # Data retention deletion events associated with the finding.
+    { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+      &quot;dataObjectCount&quot;: &quot;A String&quot;, # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+      &quot;eventDetectionTime&quot;: &quot;A String&quot;, # Timestamp indicating when the event was detected.
+      &quot;eventType&quot;: &quot;A String&quot;, # Type of the DRD event.
+      &quot;maxRetentionAllowed&quot;: &quot;A String&quot;, # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+    },
+  ],
   &quot;database&quot;: { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
     &quot;displayName&quot;: &quot;A String&quot;, # The human-readable name of the database that the user connected to.
     &quot;grantees&quot;: [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.
@@ -2770,6 +2802,14 @@ <h3>Method Details</h3>
       &quot;violatedLocation&quot;: &quot;A String&quot;, # Non-compliant location of the principal or the data destination.
     },
   ],
+  &quot;dataRetentionDeletionEvents&quot;: [ # Data retention deletion events associated with the finding.
+    { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+      &quot;dataObjectCount&quot;: &quot;A String&quot;, # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+      &quot;eventDetectionTime&quot;: &quot;A String&quot;, # Timestamp indicating when the event was detected.
+      &quot;eventType&quot;: &quot;A String&quot;, # Type of the DRD event.
+      &quot;maxRetentionAllowed&quot;: &quot;A String&quot;, # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+    },
+  ],
   &quot;database&quot;: { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
     &quot;displayName&quot;: &quot;A String&quot;, # The human-readable name of the database that the user connected to.
     &quot;grantees&quot;: [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.

docs/dyn/securitycenter_v1.organizations.securityHealthAnalyticsSettings.customModules.html

@@ -768,6 +768,14 @@ <h3>Method Details</h3>
           &quot;violatedLocation&quot;: &quot;A String&quot;, # Non-compliant location of the principal or the data destination.
         },
       ],
+      &quot;dataRetentionDeletionEvents&quot;: [ # Data retention deletion events associated with the finding.
+        { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+          &quot;dataObjectCount&quot;: &quot;A String&quot;, # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+          &quot;eventDetectionTime&quot;: &quot;A String&quot;, # Timestamp indicating when the event was detected.
+          &quot;eventType&quot;: &quot;A String&quot;, # Type of the DRD event.
+          &quot;maxRetentionAllowed&quot;: &quot;A String&quot;, # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+        },
+      ],
       &quot;database&quot;: { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
         &quot;displayName&quot;: &quot;A String&quot;, # The human-readable name of the database that the user connected to.
         &quot;grantees&quot;: [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.