From 0a137f331109f6ec34c3f52f9f305dd0d7ddd75a Mon Sep 17 00:00:00 2001 From: Yoshi Automation Date: Tue, 17 Dec 2024 07:10:21 +0000 Subject: [PATCH] feat(securitycenter): update the api #### securitycenter:v1 The following keys were added: - schemas.DataRetentionDeletionEvent (Total Keys: 9) - schemas.Finding.properties.dataRetentionDeletionEvents (Total Keys: 2) - schemas.GoogleCloudSecuritycenterV2DataRetentionDeletionEvent (Total Keys: 9) - schemas.GoogleCloudSecuritycenterV2Finding.properties.dataRetentionDeletionEvents (Total Keys: 2) #### securitycenter:v1beta1 The following keys were added: - schemas.DataRetentionDeletionEvent (Total Keys: 9) - schemas.Finding.properties.dataRetentionDeletionEvents (Total Keys: 2) - schemas.GoogleCloudSecuritycenterV2DataRetentionDeletionEvent (Total Keys: 9) - schemas.GoogleCloudSecuritycenterV2Finding.properties.dataRetentionDeletionEvents (Total Keys: 2) #### securitycenter:v1beta2 The following keys were added: - schemas.DataRetentionDeletionEvent (Total Keys: 9) - schemas.Finding.properties.dataRetentionDeletionEvents (Total Keys: 2) - schemas.GoogleCloudSecuritycenterV2DataRetentionDeletionEvent (Total Keys: 9) - schemas.GoogleCloudSecuritycenterV2Finding.properties.dataRetentionDeletionEvents (Total Keys: 2) --- ...HealthAnalyticsSettings.customModules.html | 8 ++ ...itycenter_v1.folders.sources.findings.html | 40 +++++++++ ...HealthAnalyticsSettings.customModules.html | 8 ++ ...ter_v1.organizations.sources.findings.html | 56 +++++++++++++ ...HealthAnalyticsSettings.customModules.html | 8 ++ ...tycenter_v1.projects.sources.findings.html | 40 +++++++++ .../documents/securitycenter.v1.json | 84 ++++++++++++++++++- .../documents/securitycenter.v1beta1.json | 84 ++++++++++++++++++- .../documents/securitycenter.v1beta2.json | 84 ++++++++++++++++++- 9 files changed, 409 insertions(+), 3 deletions(-) diff --git a/docs/dyn/securitycenter_v1.folders.securityHealthAnalyticsSettings.customModules.html b/docs/dyn/securitycenter_v1.folders.securityHealthAnalyticsSettings.customModules.html index 6a847a271b..083db9cafa 100644 --- a/docs/dyn/securitycenter_v1.folders.securityHealthAnalyticsSettings.customModules.html +++ b/docs/dyn/securitycenter_v1.folders.securityHealthAnalyticsSettings.customModules.html @@ -768,6 +768,14 @@

Method Details

"violatedLocation": "A String", # Non-compliant location of the principal or the data destination. }, ], + "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding. + { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments. + "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000. + "eventDetectionTime": "A String", # Timestamp indicating when the event was detected. + "eventType": "A String", # Type of the DRD event. + "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days. + }, + ], "database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding. "displayName": "A String", # The human-readable name of the database that the user connected to. "grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change. diff --git a/docs/dyn/securitycenter_v1.folders.sources.findings.html b/docs/dyn/securitycenter_v1.folders.sources.findings.html index 3a487c6dc1..6bc865f618 100644 --- a/docs/dyn/securitycenter_v1.folders.sources.findings.html +++ b/docs/dyn/securitycenter_v1.folders.sources.findings.html @@ -337,6 +337,14 @@

Method Details

"violatedLocation": "A String", # Non-compliant location of the principal or the data destination. }, ], + "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding. + { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments. + "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000. + "eventDetectionTime": "A String", # Timestamp indicating when the event was detected. + "eventType": "A String", # Type of the DRD event. + "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days. + }, + ], "database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding. "displayName": "A String", # The human-readable name of the database that the user connected to. "grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change. @@ -1003,6 +1011,14 @@

Method Details

"violatedLocation": "A String", # Non-compliant location of the principal or the data destination. }, ], + "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding. + { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments. + "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000. + "eventDetectionTime": "A String", # Timestamp indicating when the event was detected. + "eventType": "A String", # Type of the DRD event. + "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days. + }, + ], "database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding. "displayName": "A String", # The human-readable name of the database that the user connected to. "grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change. @@ -1583,6 +1599,14 @@

Method Details

"violatedLocation": "A String", # Non-compliant location of the principal or the data destination. }, ], + "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding. + { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments. + "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000. + "eventDetectionTime": "A String", # Timestamp indicating when the event was detected. + "eventType": "A String", # Type of the DRD event. + "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days. + }, + ], "database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding. "displayName": "A String", # The human-readable name of the database that the user connected to. "grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change. @@ -2176,6 +2200,14 @@

Method Details

"violatedLocation": "A String", # Non-compliant location of the principal or the data destination. }, ], + "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding. + { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments. + "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000. + "eventDetectionTime": "A String", # Timestamp indicating when the event was detected. + "eventType": "A String", # Type of the DRD event. + "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days. + }, + ], "database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding. "displayName": "A String", # The human-readable name of the database that the user connected to. "grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change. @@ -2770,6 +2802,14 @@

Method Details

"violatedLocation": "A String", # Non-compliant location of the principal or the data destination. }, ], + "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding. + { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments. + "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000. + "eventDetectionTime": "A String", # Timestamp indicating when the event was detected. + "eventType": "A String", # Type of the DRD event. + "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days. + }, + ], "database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding. "displayName": "A String", # The human-readable name of the database that the user connected to. "grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change. diff --git a/docs/dyn/securitycenter_v1.organizations.securityHealthAnalyticsSettings.customModules.html b/docs/dyn/securitycenter_v1.organizations.securityHealthAnalyticsSettings.customModules.html index 7617b778d3..d3affd699d 100644 --- a/docs/dyn/securitycenter_v1.organizations.securityHealthAnalyticsSettings.customModules.html +++ b/docs/dyn/securitycenter_v1.organizations.securityHealthAnalyticsSettings.customModules.html @@ -768,6 +768,14 @@

Method Details

"violatedLocation": "A String", # Non-compliant location of the principal or the data destination. }, ], + "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding. + { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments. + "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000. + "eventDetectionTime": "A String", # Timestamp indicating when the event was detected. + "eventType": "A String", # Type of the DRD event. + "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days. + }, + ], "database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding. "displayName": "A String", # The human-readable name of the database that the user connected to. "grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change. diff --git a/docs/dyn/securitycenter_v1.organizations.sources.findings.html b/docs/dyn/securitycenter_v1.organizations.sources.findings.html index 4ef9a8bf3d..8447df3dbe 100644 --- a/docs/dyn/securitycenter_v1.organizations.sources.findings.html +++ b/docs/dyn/securitycenter_v1.organizations.sources.findings.html @@ -270,6 +270,14 @@

Method Details

"violatedLocation": "A String", # Non-compliant location of the principal or the data destination. }, ], + "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding. + { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments. + "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000. + "eventDetectionTime": "A String", # Timestamp indicating when the event was detected. + "eventType": "A String", # Type of the DRD event. + "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days. + }, + ], "database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding. "displayName": "A String", # The human-readable name of the database that the user connected to. "grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change. @@ -850,6 +858,14 @@

Method Details

"violatedLocation": "A String", # Non-compliant location of the principal or the data destination. }, ], + "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding. + { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments. + "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000. + "eventDetectionTime": "A String", # Timestamp indicating when the event was detected. + "eventType": "A String", # Type of the DRD event. + "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days. + }, + ], "database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding. "displayName": "A String", # The human-readable name of the database that the user connected to. "grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change. @@ -1501,6 +1517,14 @@

Method Details

"violatedLocation": "A String", # Non-compliant location of the principal or the data destination. }, ], + "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding. + { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments. + "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000. + "eventDetectionTime": "A String", # Timestamp indicating when the event was detected. + "eventType": "A String", # Type of the DRD event. + "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days. + }, + ], "database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding. "displayName": "A String", # The human-readable name of the database that the user connected to. "grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change. @@ -2167,6 +2191,14 @@

Method Details

"violatedLocation": "A String", # Non-compliant location of the principal or the data destination. }, ], + "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding. + { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments. + "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000. + "eventDetectionTime": "A String", # Timestamp indicating when the event was detected. + "eventType": "A String", # Type of the DRD event. + "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days. + }, + ], "database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding. "displayName": "A String", # The human-readable name of the database that the user connected to. "grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change. @@ -2747,6 +2779,14 @@

Method Details

"violatedLocation": "A String", # Non-compliant location of the principal or the data destination. }, ], + "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding. + { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments. + "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000. + "eventDetectionTime": "A String", # Timestamp indicating when the event was detected. + "eventType": "A String", # Type of the DRD event. + "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days. + }, + ], "database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding. "displayName": "A String", # The human-readable name of the database that the user connected to. "grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change. @@ -3340,6 +3380,14 @@

Method Details

"violatedLocation": "A String", # Non-compliant location of the principal or the data destination. }, ], + "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding. + { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments. + "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000. + "eventDetectionTime": "A String", # Timestamp indicating when the event was detected. + "eventType": "A String", # Type of the DRD event. + "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days. + }, + ], "database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding. "displayName": "A String", # The human-readable name of the database that the user connected to. "grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change. @@ -3934,6 +3982,14 @@

Method Details

"violatedLocation": "A String", # Non-compliant location of the principal or the data destination. }, ], + "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding. + { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments. + "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000. + "eventDetectionTime": "A String", # Timestamp indicating when the event was detected. + "eventType": "A String", # Type of the DRD event. + "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days. + }, + ], "database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding. "displayName": "A String", # The human-readable name of the database that the user connected to. "grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change. diff --git a/docs/dyn/securitycenter_v1.projects.securityHealthAnalyticsSettings.customModules.html b/docs/dyn/securitycenter_v1.projects.securityHealthAnalyticsSettings.customModules.html index 84dc5672d6..8407e3a534 100644 --- a/docs/dyn/securitycenter_v1.projects.securityHealthAnalyticsSettings.customModules.html +++ b/docs/dyn/securitycenter_v1.projects.securityHealthAnalyticsSettings.customModules.html @@ -768,6 +768,14 @@

Method Details

"violatedLocation": "A String", # Non-compliant location of the principal or the data destination. }, ], + "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding. + { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments. + "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000. + "eventDetectionTime": "A String", # Timestamp indicating when the event was detected. + "eventType": "A String", # Type of the DRD event. + "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days. + }, + ], "database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding. "displayName": "A String", # The human-readable name of the database that the user connected to. "grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change. diff --git a/docs/dyn/securitycenter_v1.projects.sources.findings.html b/docs/dyn/securitycenter_v1.projects.sources.findings.html index 76f233af13..00f6275c6a 100644 --- a/docs/dyn/securitycenter_v1.projects.sources.findings.html +++ b/docs/dyn/securitycenter_v1.projects.sources.findings.html @@ -337,6 +337,14 @@

Method Details

"violatedLocation": "A String", # Non-compliant location of the principal or the data destination. }, ], + "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding. + { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments. + "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000. + "eventDetectionTime": "A String", # Timestamp indicating when the event was detected. + "eventType": "A String", # Type of the DRD event. + "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days. + }, + ], "database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding. "displayName": "A String", # The human-readable name of the database that the user connected to. "grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change. @@ -1003,6 +1011,14 @@

Method Details

"violatedLocation": "A String", # Non-compliant location of the principal or the data destination. }, ], + "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding. + { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments. + "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000. + "eventDetectionTime": "A String", # Timestamp indicating when the event was detected. + "eventType": "A String", # Type of the DRD event. + "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days. + }, + ], "database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding. "displayName": "A String", # The human-readable name of the database that the user connected to. "grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change. @@ -1583,6 +1599,14 @@

Method Details

"violatedLocation": "A String", # Non-compliant location of the principal or the data destination. }, ], + "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding. + { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments. + "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000. + "eventDetectionTime": "A String", # Timestamp indicating when the event was detected. + "eventType": "A String", # Type of the DRD event. + "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days. + }, + ], "database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding. "displayName": "A String", # The human-readable name of the database that the user connected to. "grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change. @@ -2176,6 +2200,14 @@

Method Details

"violatedLocation": "A String", # Non-compliant location of the principal or the data destination. }, ], + "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding. + { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments. + "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000. + "eventDetectionTime": "A String", # Timestamp indicating when the event was detected. + "eventType": "A String", # Type of the DRD event. + "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days. + }, + ], "database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding. "displayName": "A String", # The human-readable name of the database that the user connected to. "grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change. @@ -2770,6 +2802,14 @@

Method Details

"violatedLocation": "A String", # Non-compliant location of the principal or the data destination. }, ], + "dataRetentionDeletionEvents": [ # Data retention deletion events associated with the finding. + { # Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments. + "dataObjectCount": "A String", # Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000. + "eventDetectionTime": "A String", # Timestamp indicating when the event was detected. + "eventType": "A String", # Type of the DRD event. + "maxRetentionAllowed": "A String", # Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days. + }, + ], "database": { # Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided. # Database associated with the finding. "displayName": "A String", # The human-readable name of the database that the user connected to. "grantees": [ # The target usernames, roles, or groups of an SQL privilege grant, which is not an IAM policy change. diff --git a/googleapiclient/discovery_cache/documents/securitycenter.v1.json b/googleapiclient/discovery_cache/documents/securitycenter.v1.json index 5d1a25db43..b360a03fc5 100644 --- a/googleapiclient/discovery_cache/documents/securitycenter.v1.json +++ b/googleapiclient/discovery_cache/documents/securitycenter.v1.json @@ -5938,7 +5938,7 @@ } } }, -"revision": "20241205", +"revision": "20241206", "rootUrl": "https://securitycenter.googleapis.com/", "schemas": { "Access": { @@ -7288,6 +7288,40 @@ }, "type": "object" }, +"DataRetentionDeletionEvent": { +"description": "Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.", +"id": "DataRetentionDeletionEvent", +"properties": { +"dataObjectCount": { +"description": "Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.", +"format": "int64", +"type": "string" +}, +"eventDetectionTime": { +"description": "Timestamp indicating when the event was detected.", +"format": "google-datetime", +"type": "string" +}, +"eventType": { +"description": "Type of the DRD event.", +"enum": [ +"EVENT_TYPE_UNSPECIFIED", +"EVENT_TYPE_MAX_TTL_EXCEEDED" +], +"enumDescriptions": [ +"Unspecified event type.", +"The maximum retention time has been exceeded." +], +"type": "string" +}, +"maxRetentionAllowed": { +"description": "Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.", +"format": "google-duration", +"type": "string" +} +}, +"type": "object" +}, "Database": { "description": "Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided.", "id": "Database", @@ -7739,6 +7773,13 @@ }, "type": "array" }, +"dataRetentionDeletionEvents": { +"description": "Data retention deletion events associated with the finding.", +"items": { +"$ref": "DataRetentionDeletionEvent" +}, +"type": "array" +}, "database": { "$ref": "Database", "description": "Database associated with the finding." @@ -9958,6 +9999,40 @@ }, "type": "object" }, +"GoogleCloudSecuritycenterV2DataRetentionDeletionEvent": { +"description": "Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.", +"id": "GoogleCloudSecuritycenterV2DataRetentionDeletionEvent", +"properties": { +"dataObjectCount": { +"description": "Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.", +"format": "int64", +"type": "string" +}, +"eventDetectionTime": { +"description": "Timestamp indicating when the event was detected.", +"format": "google-datetime", +"type": "string" +}, +"eventType": { +"description": "Type of the DRD event.", +"enum": [ +"EVENT_TYPE_UNSPECIFIED", +"EVENT_TYPE_MAX_TTL_EXCEEDED" +], +"enumDescriptions": [ +"Unspecified event type.", +"The maximum retention time has been exceeded." +], +"type": "string" +}, +"maxRetentionAllowed": { +"description": "Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.", +"format": "google-duration", +"type": "string" +} +}, +"type": "object" +}, "GoogleCloudSecuritycenterV2Database": { "description": "Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided.", "id": "GoogleCloudSecuritycenterV2Database", @@ -10294,6 +10369,13 @@ }, "type": "array" }, +"dataRetentionDeletionEvents": { +"description": "Data retention deletion events associated with the finding.", +"items": { +"$ref": "GoogleCloudSecuritycenterV2DataRetentionDeletionEvent" +}, +"type": "array" +}, "database": { "$ref": "GoogleCloudSecuritycenterV2Database", "description": "Database associated with the finding." diff --git a/googleapiclient/discovery_cache/documents/securitycenter.v1beta1.json b/googleapiclient/discovery_cache/documents/securitycenter.v1beta1.json index 312d38a10c..e31139e117 100644 --- a/googleapiclient/discovery_cache/documents/securitycenter.v1beta1.json +++ b/googleapiclient/discovery_cache/documents/securitycenter.v1beta1.json @@ -913,7 +913,7 @@ } } }, -"revision": "20241205", +"revision": "20241206", "rootUrl": "https://securitycenter.googleapis.com/", "schemas": { "Access": { @@ -2024,6 +2024,40 @@ }, "type": "object" }, +"DataRetentionDeletionEvent": { +"description": "Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.", +"id": "DataRetentionDeletionEvent", +"properties": { +"dataObjectCount": { +"description": "Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.", +"format": "int64", +"type": "string" +}, +"eventDetectionTime": { +"description": "Timestamp indicating when the event was detected.", +"format": "google-datetime", +"type": "string" +}, +"eventType": { +"description": "Type of the DRD event.", +"enum": [ +"EVENT_TYPE_UNSPECIFIED", +"EVENT_TYPE_MAX_TTL_EXCEEDED" +], +"enumDescriptions": [ +"Unspecified event type.", +"The maximum retention time has been exceeded." +], +"type": "string" +}, +"maxRetentionAllowed": { +"description": "Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.", +"format": "google-duration", +"type": "string" +} +}, +"type": "object" +}, "Database": { "description": "Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided.", "id": "Database", @@ -2329,6 +2363,13 @@ }, "type": "array" }, +"dataRetentionDeletionEvents": { +"description": "Data retention deletion events associated with the finding.", +"items": { +"$ref": "DataRetentionDeletionEvent" +}, +"type": "array" +}, "database": { "$ref": "Database", "description": "Database associated with the finding." @@ -4629,6 +4670,40 @@ }, "type": "object" }, +"GoogleCloudSecuritycenterV2DataRetentionDeletionEvent": { +"description": "Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.", +"id": "GoogleCloudSecuritycenterV2DataRetentionDeletionEvent", +"properties": { +"dataObjectCount": { +"description": "Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.", +"format": "int64", +"type": "string" +}, +"eventDetectionTime": { +"description": "Timestamp indicating when the event was detected.", +"format": "google-datetime", +"type": "string" +}, +"eventType": { +"description": "Type of the DRD event.", +"enum": [ +"EVENT_TYPE_UNSPECIFIED", +"EVENT_TYPE_MAX_TTL_EXCEEDED" +], +"enumDescriptions": [ +"Unspecified event type.", +"The maximum retention time has been exceeded." +], +"type": "string" +}, +"maxRetentionAllowed": { +"description": "Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.", +"format": "google-duration", +"type": "string" +} +}, +"type": "object" +}, "GoogleCloudSecuritycenterV2Database": { "description": "Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided.", "id": "GoogleCloudSecuritycenterV2Database", @@ -4965,6 +5040,13 @@ }, "type": "array" }, +"dataRetentionDeletionEvents": { +"description": "Data retention deletion events associated with the finding.", +"items": { +"$ref": "GoogleCloudSecuritycenterV2DataRetentionDeletionEvent" +}, +"type": "array" +}, "database": { "$ref": "GoogleCloudSecuritycenterV2Database", "description": "Database associated with the finding." diff --git a/googleapiclient/discovery_cache/documents/securitycenter.v1beta2.json b/googleapiclient/discovery_cache/documents/securitycenter.v1beta2.json index 852f7e2622..06796e7997 100644 --- a/googleapiclient/discovery_cache/documents/securitycenter.v1beta2.json +++ b/googleapiclient/discovery_cache/documents/securitycenter.v1beta2.json @@ -2003,7 +2003,7 @@ } } }, -"revision": "20241205", +"revision": "20241206", "rootUrl": "https://securitycenter.googleapis.com/", "schemas": { "Access": { @@ -3050,6 +3050,40 @@ }, "type": "object" }, +"DataRetentionDeletionEvent": { +"description": "Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.", +"id": "DataRetentionDeletionEvent", +"properties": { +"dataObjectCount": { +"description": "Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.", +"format": "int64", +"type": "string" +}, +"eventDetectionTime": { +"description": "Timestamp indicating when the event was detected.", +"format": "google-datetime", +"type": "string" +}, +"eventType": { +"description": "Type of the DRD event.", +"enum": [ +"EVENT_TYPE_UNSPECIFIED", +"EVENT_TYPE_MAX_TTL_EXCEEDED" +], +"enumDescriptions": [ +"Unspecified event type.", +"The maximum retention time has been exceeded." +], +"type": "string" +}, +"maxRetentionAllowed": { +"description": "Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.", +"format": "google-duration", +"type": "string" +} +}, +"type": "object" +}, "Database": { "description": "Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided.", "id": "Database", @@ -3426,6 +3460,13 @@ }, "type": "array" }, +"dataRetentionDeletionEvents": { +"description": "Data retention deletion events associated with the finding.", +"items": { +"$ref": "DataRetentionDeletionEvent" +}, +"type": "array" +}, "database": { "$ref": "Database", "description": "Database associated with the finding." @@ -5622,6 +5663,40 @@ }, "type": "object" }, +"GoogleCloudSecuritycenterV2DataRetentionDeletionEvent": { +"description": "Details about data retention deletion violations, in which the data is non-compliant based on their retention or deletion time, as defined in the applicable data security policy. The Data Retention Deletion (DRD) control is a control of the DSPM (Data Security Posture Management) suite that enables organizations to manage data retention and deletion policies in compliance with regulations, such as GDPR and CRPA. DRD supports two primary policy types: maximum storage length (max TTL) and minimum storage length (min TTL). Both are aimed at helping organizations meet regulatory and data management commitments.", +"id": "GoogleCloudSecuritycenterV2DataRetentionDeletionEvent", +"properties": { +"dataObjectCount": { +"description": "Number of objects that violated the policy for this resource. If the number is less than 1,000, then the value of this field is the exact number. If the number of objects that violated the policy is greater than or equal to 1,000, then the value of this field is 1000.", +"format": "int64", +"type": "string" +}, +"eventDetectionTime": { +"description": "Timestamp indicating when the event was detected.", +"format": "google-datetime", +"type": "string" +}, +"eventType": { +"description": "Type of the DRD event.", +"enum": [ +"EVENT_TYPE_UNSPECIFIED", +"EVENT_TYPE_MAX_TTL_EXCEEDED" +], +"enumDescriptions": [ +"Unspecified event type.", +"The maximum retention time has been exceeded." +], +"type": "string" +}, +"maxRetentionAllowed": { +"description": "Maximum duration of retention allowed from the DRD control. This comes from the DRD control where users set a max TTL for their data. For example, suppose that a user set the max TTL for a Cloud Storage bucket to 90 days. However, an object in that bucket is 100 days old. In this case, a DataRetentionDeletionEvent will be generated for that Cloud Storage bucket, and the max_retention_allowed is 90 days.", +"format": "google-duration", +"type": "string" +} +}, +"type": "object" +}, "GoogleCloudSecuritycenterV2Database": { "description": "Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided.", "id": "GoogleCloudSecuritycenterV2Database", @@ -5958,6 +6033,13 @@ }, "type": "array" }, +"dataRetentionDeletionEvents": { +"description": "Data retention deletion events associated with the finding.", +"items": { +"$ref": "GoogleCloudSecuritycenterV2DataRetentionDeletionEvent" +}, +"type": "array" +}, "database": { "$ref": "GoogleCloudSecuritycenterV2Database", "description": "Database associated with the finding."