diff --git a/docs/dyn/securitycenter_v1.folders.securityHealthAnalyticsSettings.customModules.html b/docs/dyn/securitycenter_v1.folders.securityHealthAnalyticsSettings.customModules.html
index 6a847a271b..083db9cafa 100644
--- a/docs/dyn/securitycenter_v1.folders.securityHealthAnalyticsSettings.customModules.html
+++ b/docs/dyn/securitycenter_v1.folders.securityHealthAnalyticsSettings.customModules.html
@@ -768,6 +768,14 @@ Method Details
"violatedLocation": "A String", # Non-compliant location of the principal or the data destination.
},
],
+ "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding.
+ { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+ "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+ "eventDetectionTime": "A String", # Timestamp indicating when the event was detected.
+ "eventType": "A String", # Type of the DRD event.
+ "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+ },
+ ],
"database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
"displayName": "A String", # The human-readable name of the database that the user connected to.
"grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.
diff --git a/docs/dyn/securitycenter_v1.folders.sources.findings.html b/docs/dyn/securitycenter_v1.folders.sources.findings.html
index 3a487c6dc1..6bc865f618 100644
--- a/docs/dyn/securitycenter_v1.folders.sources.findings.html
+++ b/docs/dyn/securitycenter_v1.folders.sources.findings.html
@@ -337,6 +337,14 @@ Method Details
"violatedLocation": "A String", # Non-compliant location of the principal or the data destination.
},
],
+ "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding.
+ { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+ "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+ "eventDetectionTime": "A String", # Timestamp indicating when the event was detected.
+ "eventType": "A String", # Type of the DRD event.
+ "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+ },
+ ],
"database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
"displayName": "A String", # The human-readable name of the database that the user connected to.
"grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.
@@ -1003,6 +1011,14 @@ Method Details
"violatedLocation": "A String", # Non-compliant location of the principal or the data destination.
},
],
+ "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding.
+ { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+ "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+ "eventDetectionTime": "A String", # Timestamp indicating when the event was detected.
+ "eventType": "A String", # Type of the DRD event.
+ "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+ },
+ ],
"database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
"displayName": "A String", # The human-readable name of the database that the user connected to.
"grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.
@@ -1583,6 +1599,14 @@ Method Details
"violatedLocation": "A String", # Non-compliant location of the principal or the data destination.
},
],
+ "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding.
+ { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+ "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+ "eventDetectionTime": "A String", # Timestamp indicating when the event was detected.
+ "eventType": "A String", # Type of the DRD event.
+ "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+ },
+ ],
"database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
"displayName": "A String", # The human-readable name of the database that the user connected to.
"grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.
@@ -2176,6 +2200,14 @@ Method Details
"violatedLocation": "A String", # Non-compliant location of the principal or the data destination.
},
],
+ "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding.
+ { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+ "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+ "eventDetectionTime": "A String", # Timestamp indicating when the event was detected.
+ "eventType": "A String", # Type of the DRD event.
+ "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+ },
+ ],
"database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
"displayName": "A String", # The human-readable name of the database that the user connected to.
"grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.
@@ -2770,6 +2802,14 @@ Method Details
"violatedLocation": "A String", # Non-compliant location of the principal or the data destination.
},
],
+ "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding.
+ { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+ "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+ "eventDetectionTime": "A String", # Timestamp indicating when the event was detected.
+ "eventType": "A String", # Type of the DRD event.
+ "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+ },
+ ],
"database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
"displayName": "A String", # The human-readable name of the database that the user connected to.
"grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.
diff --git a/docs/dyn/securitycenter_v1.organizations.securityHealthAnalyticsSettings.customModules.html b/docs/dyn/securitycenter_v1.organizations.securityHealthAnalyticsSettings.customModules.html
index 7617b778d3..d3affd699d 100644
--- a/docs/dyn/securitycenter_v1.organizations.securityHealthAnalyticsSettings.customModules.html
+++ b/docs/dyn/securitycenter_v1.organizations.securityHealthAnalyticsSettings.customModules.html
@@ -768,6 +768,14 @@ Method Details
"violatedLocation": "A String", # Non-compliant location of the principal or the data destination.
},
],
+ "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding.
+ { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+ "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+ "eventDetectionTime": "A String", # Timestamp indicating when the event was detected.
+ "eventType": "A String", # Type of the DRD event.
+ "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+ },
+ ],
"database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
"displayName": "A String", # The human-readable name of the database that the user connected to.
"grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.
diff --git a/docs/dyn/securitycenter_v1.organizations.sources.findings.html b/docs/dyn/securitycenter_v1.organizations.sources.findings.html
index 4ef9a8bf3d..8447df3dbe 100644
--- a/docs/dyn/securitycenter_v1.organizations.sources.findings.html
+++ b/docs/dyn/securitycenter_v1.organizations.sources.findings.html
@@ -270,6 +270,14 @@ Method Details
"violatedLocation": "A String", # Non-compliant location of the principal or the data destination.
},
],
+ "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding.
+ { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+ "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+ "eventDetectionTime": "A String", # Timestamp indicating when the event was detected.
+ "eventType": "A String", # Type of the DRD event.
+ "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+ },
+ ],
"database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
"displayName": "A String", # The human-readable name of the database that the user connected to.
"grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.
@@ -850,6 +858,14 @@ Method Details
"violatedLocation": "A String", # Non-compliant location of the principal or the data destination.
},
],
+ "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding.
+ { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+ "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+ "eventDetectionTime": "A String", # Timestamp indicating when the event was detected.
+ "eventType": "A String", # Type of the DRD event.
+ "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+ },
+ ],
"database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
"displayName": "A String", # The human-readable name of the database that the user connected to.
"grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.
@@ -1501,6 +1517,14 @@ Method Details
"violatedLocation": "A String", # Non-compliant location of the principal or the data destination.
},
],
+ "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding.
+ { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+ "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+ "eventDetectionTime": "A String", # Timestamp indicating when the event was detected.
+ "eventType": "A String", # Type of the DRD event.
+ "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+ },
+ ],
"database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
"displayName": "A String", # The human-readable name of the database that the user connected to.
"grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.
@@ -2167,6 +2191,14 @@ Method Details
"violatedLocation": "A String", # Non-compliant location of the principal or the data destination.
},
],
+ "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding.
+ { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+ "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+ "eventDetectionTime": "A String", # Timestamp indicating when the event was detected.
+ "eventType": "A String", # Type of the DRD event.
+ "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+ },
+ ],
"database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
"displayName": "A String", # The human-readable name of the database that the user connected to.
"grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.
@@ -2747,6 +2779,14 @@ Method Details
"violatedLocation": "A String", # Non-compliant location of the principal or the data destination.
},
],
+ "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding.
+ { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+ "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+ "eventDetectionTime": "A String", # Timestamp indicating when the event was detected.
+ "eventType": "A String", # Type of the DRD event.
+ "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+ },
+ ],
"database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
"displayName": "A String", # The human-readable name of the database that the user connected to.
"grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.
@@ -3340,6 +3380,14 @@ Method Details
"violatedLocation": "A String", # Non-compliant location of the principal or the data destination.
},
],
+ "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding.
+ { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+ "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+ "eventDetectionTime": "A String", # Timestamp indicating when the event was detected.
+ "eventType": "A String", # Type of the DRD event.
+ "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+ },
+ ],
"database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
"displayName": "A String", # The human-readable name of the database that the user connected to.
"grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.
@@ -3934,6 +3982,14 @@ Method Details
"violatedLocation": "A String", # Non-compliant location of the principal or the data destination.
},
],
+ "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding.
+ { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+ "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+ "eventDetectionTime": "A String", # Timestamp indicating when the event was detected.
+ "eventType": "A String", # Type of the DRD event.
+ "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+ },
+ ],
"database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
"displayName": "A String", # The human-readable name of the database that the user connected to.
"grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.
diff --git a/docs/dyn/securitycenter_v1.projects.securityHealthAnalyticsSettings.customModules.html b/docs/dyn/securitycenter_v1.projects.securityHealthAnalyticsSettings.customModules.html
index 84dc5672d6..8407e3a534 100644
--- a/docs/dyn/securitycenter_v1.projects.securityHealthAnalyticsSettings.customModules.html
+++ b/docs/dyn/securitycenter_v1.projects.securityHealthAnalyticsSettings.customModules.html
@@ -768,6 +768,14 @@ Method Details
"violatedLocation": "A String", # Non-compliant location of the principal or the data destination.
},
],
+ "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding.
+ { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+ "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+ "eventDetectionTime": "A String", # Timestamp indicating when the event was detected.
+ "eventType": "A String", # Type of the DRD event.
+ "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+ },
+ ],
"database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
"displayName": "A String", # The human-readable name of the database that the user connected to.
"grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.
diff --git a/docs/dyn/securitycenter_v1.projects.sources.findings.html b/docs/dyn/securitycenter_v1.projects.sources.findings.html
index 76f233af13..00f6275c6a 100644
--- a/docs/dyn/securitycenter_v1.projects.sources.findings.html
+++ b/docs/dyn/securitycenter_v1.projects.sources.findings.html
@@ -337,6 +337,14 @@ Method Details
"violatedLocation": "A String", # Non-compliant location of the principal or the data destination.
},
],
+ "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding.
+ { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+ "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+ "eventDetectionTime": "A String", # Timestamp indicating when the event was detected.
+ "eventType": "A String", # Type of the DRD event.
+ "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+ },
+ ],
"database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
"displayName": "A String", # The human-readable name of the database that the user connected to.
"grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.
@@ -1003,6 +1011,14 @@ Method Details
"violatedLocation": "A String", # Non-compliant location of the principal or the data destination.
},
],
+ "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding.
+ { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+ "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+ "eventDetectionTime": "A String", # Timestamp indicating when the event was detected.
+ "eventType": "A String", # Type of the DRD event.
+ "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+ },
+ ],
"database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
"displayName": "A String", # The human-readable name of the database that the user connected to.
"grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.
@@ -1583,6 +1599,14 @@ Method Details
"violatedLocation": "A String", # Non-compliant location of the principal or the data destination.
},
],
+ "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding.
+ { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+ "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+ "eventDetectionTime": "A String", # Timestamp indicating when the event was detected.
+ "eventType": "A String", # Type of the DRD event.
+ "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+ },
+ ],
"database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
"displayName": "A String", # The human-readable name of the database that the user connected to.
"grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.
@@ -2176,6 +2200,14 @@ Method Details
"violatedLocation": "A String", # Non-compliant location of the principal or the data destination.
},
],
+ "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding.
+ { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+ "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+ "eventDetectionTime": "A String", # Timestamp indicating when the event was detected.
+ "eventType": "A String", # Type of the DRD event.
+ "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+ },
+ ],
"database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
"displayName": "A String", # The human-readable name of the database that the user connected to.
"grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.
@@ -2770,6 +2802,14 @@ Method Details
"violatedLocation": "A String", # Non-compliant location of the principal or the data destination.
},
],
+ "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding.
+ { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.
+ "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.
+ "eventDetectionTime": "A String", # Timestamp indicating when the event was detected.
+ "eventType": "A String", # Type of the DRD event.
+ "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.
+ },
+ ],
"database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding.
"displayName": "A String", # The human-readable name of the database that the user connected to.
"grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change.
diff --git a/googleapiclient/discovery_cache/documents/securitycenter.v1.json b/googleapiclient/discovery_cache/documents/securitycenter.v1.json
index 5d1a25db43..b360a03fc5 100644
--- a/googleapiclient/discovery_cache/documents/securitycenter.v1.json
+++ b/googleapiclient/discovery_cache/documents/securitycenter.v1.json
@@ -5938,7 +5938,7 @@
}
}
},
-"revision": "20241205",
+"revision": "20241206",
"rootUrl": "https://securitycenter.googleapis.com/",
"schemas": {
"Access": {
@@ -7288,6 +7288,40 @@
},
"type": "object"
},
+"DataRetentionDeletionEvent": {
+"description": "Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.",
+"id": "DataRetentionDeletionEvent",
+"properties": {
+"dataObjectCount": {
+"description": "Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.",
+"format": "int64",
+"type": "string"
+},
+"eventDetectionTime": {
+"description": "Timestamp indicating when the event was detected.",
+"format": "google-datetime",
+"type": "string"
+},
+"eventType": {
+"description": "Type of the DRD event.",
+"enum": [
+"EVENT_TYPE_UNSPECIFIED",
+"EVENT_TYPE_MAX_TTL_EXCEEDED"
+],
+"enumDescriptions": [
+"Unspecified event type.",
+"The maximum retention time has been exceeded."
+],
+"type": "string"
+},
+"maxRetentionAllowed": {
+"description": "Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.",
+"format": "google-duration",
+"type": "string"
+}
+},
+"type": "object"
+},
"Database": {
"description": "Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided.",
"id": "Database",
@@ -7739,6 +7773,13 @@
},
"type": "array"
},
+"dataRetentionDeletionEvents": {
+"description": "Data retention deletion events associated with the finding.",
+"items": {
+"$ref": "DataRetentionDeletionEvent"
+},
+"type": "array"
+},
"database": {
"$ref": "Database",
"description": "Database associated with the finding."
@@ -9958,6 +9999,40 @@
},
"type": "object"
},
+"GoogleCloudSecuritycenterV2DataRetentionDeletionEvent": {
+"description": "Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.",
+"id": "GoogleCloudSecuritycenterV2DataRetentionDeletionEvent",
+"properties": {
+"dataObjectCount": {
+"description": "Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.",
+"format": "int64",
+"type": "string"
+},
+"eventDetectionTime": {
+"description": "Timestamp indicating when the event was detected.",
+"format": "google-datetime",
+"type": "string"
+},
+"eventType": {
+"description": "Type of the DRD event.",
+"enum": [
+"EVENT_TYPE_UNSPECIFIED",
+"EVENT_TYPE_MAX_TTL_EXCEEDED"
+],
+"enumDescriptions": [
+"Unspecified event type.",
+"The maximum retention time has been exceeded."
+],
+"type": "string"
+},
+"maxRetentionAllowed": {
+"description": "Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.",
+"format": "google-duration",
+"type": "string"
+}
+},
+"type": "object"
+},
"GoogleCloudSecuritycenterV2Database": {
"description": "Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided.",
"id": "GoogleCloudSecuritycenterV2Database",
@@ -10294,6 +10369,13 @@
},
"type": "array"
},
+"dataRetentionDeletionEvents": {
+"description": "Data retention deletion events associated with the finding.",
+"items": {
+"$ref": "GoogleCloudSecuritycenterV2DataRetentionDeletionEvent"
+},
+"type": "array"
+},
"database": {
"$ref": "GoogleCloudSecuritycenterV2Database",
"description": "Database associated with the finding."
diff --git a/googleapiclient/discovery_cache/documents/securitycenter.v1beta1.json b/googleapiclient/discovery_cache/documents/securitycenter.v1beta1.json
index 312d38a10c..e31139e117 100644
--- a/googleapiclient/discovery_cache/documents/securitycenter.v1beta1.json
+++ b/googleapiclient/discovery_cache/documents/securitycenter.v1beta1.json
@@ -913,7 +913,7 @@
}
}
},
-"revision": "20241205",
+"revision": "20241206",
"rootUrl": "https://securitycenter.googleapis.com/",
"schemas": {
"Access": {
@@ -2024,6 +2024,40 @@
},
"type": "object"
},
+"DataRetentionDeletionEvent": {
+"description": "Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.",
+"id": "DataRetentionDeletionEvent",
+"properties": {
+"dataObjectCount": {
+"description": "Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.",
+"format": "int64",
+"type": "string"
+},
+"eventDetectionTime": {
+"description": "Timestamp indicating when the event was detected.",
+"format": "google-datetime",
+"type": "string"
+},
+"eventType": {
+"description": "Type of the DRD event.",
+"enum": [
+"EVENT_TYPE_UNSPECIFIED",
+"EVENT_TYPE_MAX_TTL_EXCEEDED"
+],
+"enumDescriptions": [
+"Unspecified event type.",
+"The maximum retention time has been exceeded."
+],
+"type": "string"
+},
+"maxRetentionAllowed": {
+"description": "Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.",
+"format": "google-duration",
+"type": "string"
+}
+},
+"type": "object"
+},
"Database": {
"description": "Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided.",
"id": "Database",
@@ -2329,6 +2363,13 @@
},
"type": "array"
},
+"dataRetentionDeletionEvents": {
+"description": "Data retention deletion events associated with the finding.",
+"items": {
+"$ref": "DataRetentionDeletionEvent"
+},
+"type": "array"
+},
"database": {
"$ref": "Database",
"description": "Database associated with the finding."
@@ -4629,6 +4670,40 @@
},
"type": "object"
},
+"GoogleCloudSecuritycenterV2DataRetentionDeletionEvent": {
+"description": "Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.",
+"id": "GoogleCloudSecuritycenterV2DataRetentionDeletionEvent",
+"properties": {
+"dataObjectCount": {
+"description": "Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.",
+"format": "int64",
+"type": "string"
+},
+"eventDetectionTime": {
+"description": "Timestamp indicating when the event was detected.",
+"format": "google-datetime",
+"type": "string"
+},
+"eventType": {
+"description": "Type of the DRD event.",
+"enum": [
+"EVENT_TYPE_UNSPECIFIED",
+"EVENT_TYPE_MAX_TTL_EXCEEDED"
+],
+"enumDescriptions": [
+"Unspecified event type.",
+"The maximum retention time has been exceeded."
+],
+"type": "string"
+},
+"maxRetentionAllowed": {
+"description": "Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.",
+"format": "google-duration",
+"type": "string"
+}
+},
+"type": "object"
+},
"GoogleCloudSecuritycenterV2Database": {
"description": "Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided.",
"id": "GoogleCloudSecuritycenterV2Database",
@@ -4965,6 +5040,13 @@
},
"type": "array"
},
+"dataRetentionDeletionEvents": {
+"description": "Data retention deletion events associated with the finding.",
+"items": {
+"$ref": "GoogleCloudSecuritycenterV2DataRetentionDeletionEvent"
+},
+"type": "array"
+},
"database": {
"$ref": "GoogleCloudSecuritycenterV2Database",
"description": "Database associated with the finding."
diff --git a/googleapiclient/discovery_cache/documents/securitycenter.v1beta2.json b/googleapiclient/discovery_cache/documents/securitycenter.v1beta2.json
index 852f7e2622..06796e7997 100644
--- a/googleapiclient/discovery_cache/documents/securitycenter.v1beta2.json
+++ b/googleapiclient/discovery_cache/documents/securitycenter.v1beta2.json
@@ -2003,7 +2003,7 @@
}
}
},
-"revision": "20241205",
+"revision": "20241206",
"rootUrl": "https://securitycenter.googleapis.com/",
"schemas": {
"Access": {
@@ -3050,6 +3050,40 @@
},
"type": "object"
},
+"DataRetentionDeletionEvent": {
+"description": "Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.",
+"id": "DataRetentionDeletionEvent",
+"properties": {
+"dataObjectCount": {
+"description": "Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.",
+"format": "int64",
+"type": "string"
+},
+"eventDetectionTime": {
+"description": "Timestamp indicating when the event was detected.",
+"format": "google-datetime",
+"type": "string"
+},
+"eventType": {
+"description": "Type of the DRD event.",
+"enum": [
+"EVENT_TYPE_UNSPECIFIED",
+"EVENT_TYPE_MAX_TTL_EXCEEDED"
+],
+"enumDescriptions": [
+"Unspecified event type.",
+"The maximum retention time has been exceeded."
+],
+"type": "string"
+},
+"maxRetentionAllowed": {
+"description": "Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.",
+"format": "google-duration",
+"type": "string"
+}
+},
+"type": "object"
+},
"Database": {
"description": "Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided.",
"id": "Database",
@@ -3426,6 +3460,13 @@
},
"type": "array"
},
+"dataRetentionDeletionEvents": {
+"description": "Data retention deletion events associated with the finding.",
+"items": {
+"$ref": "DataRetentionDeletionEvent"
+},
+"type": "array"
+},
"database": {
"$ref": "Database",
"description": "Database associated with the finding."
@@ -5622,6 +5663,40 @@
},
"type": "object"
},
+"GoogleCloudSecuritycenterV2DataRetentionDeletionEvent": {
+"description": "Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.",
+"id": "GoogleCloudSecuritycenterV2DataRetentionDeletionEvent",
+"properties": {
+"dataObjectCount": {
+"description": "Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.",
+"format": "int64",
+"type": "string"
+},
+"eventDetectionTime": {
+"description": "Timestamp indicating when the event was detected.",
+"format": "google-datetime",
+"type": "string"
+},
+"eventType": {
+"description": "Type of the DRD event.",
+"enum": [
+"EVENT_TYPE_UNSPECIFIED",
+"EVENT_TYPE_MAX_TTL_EXCEEDED"
+],
+"enumDescriptions": [
+"Unspecified event type.",
+"The maximum retention time has been exceeded."
+],
+"type": "string"
+},
+"maxRetentionAllowed": {
+"description": "Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.",
+"format": "google-duration",
+"type": "string"
+}
+},
+"type": "object"
+},
"GoogleCloudSecuritycenterV2Database": {
"description": "Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided.",
"id": "GoogleCloudSecuritycenterV2Database",
@@ -5958,6 +6033,13 @@
},
"type": "array"
},
+"dataRetentionDeletionEvents": {
+"description": "Data retention deletion events associated with the finding.",
+"items": {
+"$ref": "GoogleCloudSecuritycenterV2DataRetentionDeletionEvent"
+},
+"type": "array"
+},
"database": {
"$ref": "GoogleCloudSecuritycenterV2Database",
"description": "Database associated with the finding."