googleapis
diff --git a/‎discovery/securitycenter-v1.json
Lines changed: 279 additions & 5 deletions b/‎discovery/securitycenter-v1.json
Lines changed: 279 additions & 5 deletions
@@ -4344,6 +4344,56 @@
               }
             }
           }
+        },
+        "valuedResources": {
+          "methods": {
+            "list": {
+              "description": "Lists the valued resources for a set of simulation results and filter.",
+              "flatPath": "v1/organizations/{organizationsId}/valuedResources",
+              "httpMethod": "GET",
+              "id": "securitycenter.organizations.valuedResources.list",
+              "parameterOrder": [
+                "parent"
+              ],
+              "parameters": {
+                "filter": {
+                  "description": "The filter expression that filters the valued resources in the response. Supported fields: * `resource_value` supports = * `resource_type` supports =",
+                  "location": "query",
+                  "type": "string"
+                },
+                "orderBy": {
+                  "description": "Optional. The fields by which to order the valued resources response. Supported fields: * `exposed_score` * `resource_value` * `resource_type` * `resource` * `display_name` Values should be a comma separated list of fields. For example: `exposed_score,resource_value`. The default sorting order is descending. To specify ascending or descending order for a field, append a ` ASC` or a ` DESC` suffix, respectively; for example: `exposed_score DESC`.",
+                  "location": "query",
+                  "type": "string"
+                },
+                "pageSize": {
+                  "description": "The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.",
+                  "format": "int32",
+                  "location": "query",
+                  "type": "integer"
+                },
+                "pageToken": {
+                  "description": "The value returned by the last `ListValuedResourcesResponse`; indicates that this is a continuation of a prior `ListValuedResources` call, and that the system should return the next page of data.",
+                  "location": "query",
+                  "type": "string"
+                },
+                "parent": {
+                  "description": "Required. Name of parent to list valued resources. Valid formats: `organizations/{organization}`, `organizations/{organization}/simulations/{simulation}` `organizations/{organization}/simulations/{simulation}/attackExposureResults/{attack_exposure_result_v2}`",
+                  "location": "path",
+                  "pattern": "^organizations/[^/]+$",
+                  "required": true,
+                  "type": "string"
+                }
+              },
+              "path": "v1/{+parent}/valuedResources",
+              "response": {
+                "$ref": "ListValuedResourcesResponse"
+              },
+              "scopes": [
+                "https://www.googleapis.com/auth/cloud-platform"
+              ]
+            }
+          }
         }
       }
     },
@@ -6034,7 +6084,7 @@
       }
     }
   },
-  "revision": "20240809",
+  "revision": "20240827",
   "rootUrl": "https://securitycenter.googleapis.com/",
   "schemas": {
     "Access": {
@@ -6568,6 +6618,10 @@
         "subscription": {
           "$ref": "AzureSubscription",
           "description": "The Azure subscription associated with the resource."
+        },
+        "tenant": {
+          "$ref": "AzureTenant",
+          "description": "The Azure Entra tenant associated with the resource."
         }
       },
       "type": "object"
@@ -6598,6 +6652,17 @@
       },
       "type": "object"
     },
+    "AzureTenant": {
+      "description": "Represents a Microsoft Entra tenant.",
+      "id": "AzureTenant",
+      "properties": {
+        "id": {
+          "description": "The ID of the Microsoft Entra tenant, for example, \"a11aaa11-aa11-1aa1-11aa-1aaa11a\".",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "BackupDisasterRecovery": {
       "description": "Information related to Google Cloud Backup and DR Service findings.",
       "id": "BackupDisasterRecovery",
@@ -7100,6 +7165,11 @@
           ],
           "type": "string"
         },
+        "firstExploitationDate": {
+          "description": "Date of the earliest known exploitation.",
+          "format": "google-datetime",
+          "type": "string"
+        },
         "id": {
           "description": "The unique identifier for the vulnerability. e.g. CVE-2021-34527",
           "type": "string"
@@ -7280,6 +7350,82 @@
       },
       "type": "object"
     },
+    "DataAccessEvent": {
+      "description": "Details about a data access attempt made by a principal not authorized under applicable data security policy.",
+      "id": "DataAccessEvent",
+      "properties": {
+        "eventId": {
+          "description": "Unique identifier for data access event.",
+          "type": "string"
+        },
+        "eventTime": {
+          "description": "Timestamp of data access event.",
+          "format": "google-datetime",
+          "type": "string"
+        },
+        "operation": {
+          "description": "The operation performed by the principal to access the data.",
+          "enum": [
+            "OPERATION_UNSPECIFIED",
+            "READ",
+            "MOVE",
+            "COPY"
+          ],
+          "enumDescriptions": [
+            "The operation is unspecified.",
+            "Represents a read operation.",
+            "Represents a move operation.",
+            "Represents a copy operation."
+          ],
+          "type": "string"
+        },
+        "principalEmail": {
+          "description": "The email address of the principal that accessed the data. The principal could be a user account, service account, Google group, or other.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "DataFlowEvent": {
+      "description": "Details about a data flow event, in which either the data is moved to or is accessed from a non-compliant geo-location, as defined in the applicable data security policy.",
+      "id": "DataFlowEvent",
+      "properties": {
+        "eventId": {
+          "description": "Unique identifier for data flow event.",
+          "type": "string"
+        },
+        "eventTime": {
+          "description": "Timestamp of data flow event.",
+          "format": "google-datetime",
+          "type": "string"
+        },
+        "operation": {
+          "description": "The operation performed by the principal for the data flow event.",
+          "enum": [
+            "OPERATION_UNSPECIFIED",
+            "READ",
+            "MOVE",
+            "COPY"
+          ],
+          "enumDescriptions": [
+            "The operation is unspecified.",
+            "Represents a read operation.",
+            "Represents a move operation.",
+            "Represents a copy operation."
+          ],
+          "type": "string"
+        },
+        "principalEmail": {
+          "description": "The email address of the principal that initiated the data flow event. The principal could be a user account, service account, Google group, or other.",
+          "type": "string"
+        },
+        "violatedLocation": {
+          "description": "Non-compliant location of the principal or the data destination.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "Database": {
       "description": "Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided.",
       "id": "Database",
@@ -7674,6 +7820,20 @@
           "format": "google-datetime",
           "type": "string"
         },
+        "dataAccessEvents": {
+          "description": "Data access events associated with the finding.",
+          "items": {
+            "$ref": "DataAccessEvent"
+          },
+          "type": "array"
+        },
+        "dataFlowEvents": {
+          "description": "Data flow events associated with the finding.",
+          "items": {
+            "$ref": "DataFlowEvent"
+          },
+          "type": "array"
+        },
         "database": {
           "$ref": "Database",
           "description": "Database associated with the finding."
@@ -7720,7 +7880,8 @@
             "OBSERVATION",
             "SCC_ERROR",
             "POSTURE_VIOLATION",
-            "TOXIC_COMBINATION"
+            "TOXIC_COMBINATION",
+            "SENSITIVE_DATA_RISK"
           ],
           "enumDescriptions": [
             "Unspecified finding class.",
@@ -7730,7 +7891,8 @@
             "Describes a security observation that is for informational purposes.",
             "Describes an error that prevents some SCC functionality.",
             "Describes a potential security risk due to a change in the security posture.",
-            "Describes a group of security issues that, when the issues occur together, represent a greater risk than when the issues occur independently. A group of such issues is referred to as a toxic combination."
+            "Describes a group of security issues that, when the issues occur together, represent a greater risk than when the issues occur independently. A group of such issues is referred to as a toxic combination.",
+            "Describes a potential security risk to data assets that contain sensitive data."
           ],
           "type": "string"
         },
@@ -9146,6 +9308,10 @@
         "subscription": {
           "$ref": "GoogleCloudSecuritycenterV2AzureSubscription",
           "description": "The Azure subscription associated with the resource."
+        },
+        "tenant": {
+          "$ref": "GoogleCloudSecuritycenterV2AzureTenant",
+          "description": "The Azure Entra tenant associated with the resource."
         }
       },
       "type": "object"
@@ -9176,6 +9342,17 @@
       },
       "type": "object"
     },
+    "GoogleCloudSecuritycenterV2AzureTenant": {
+      "description": "Represents a Microsoft Entra tenant.",
+      "id": "GoogleCloudSecuritycenterV2AzureTenant",
+      "properties": {
+        "id": {
+          "description": "The ID of the Microsoft Entra tenant, for example, \"a11aaa11-aa11-1aa1-11aa-1aaa11a\".",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "GoogleCloudSecuritycenterV2BackupDisasterRecovery": {
       "description": "Information related to Google Cloud Backup and DR Service findings.",
       "id": "GoogleCloudSecuritycenterV2BackupDisasterRecovery",
@@ -9571,6 +9748,11 @@
           ],
           "type": "string"
         },
+        "firstExploitationDate": {
+          "description": "Date of the earliest known exploitation.",
+          "format": "google-datetime",
+          "type": "string"
+        },
         "id": {
           "description": "The unique identifier for the vulnerability. e.g. CVE-2021-34527",
           "type": "string"
@@ -9751,6 +9933,82 @@
       },
       "type": "object"
     },
+    "GoogleCloudSecuritycenterV2DataAccessEvent": {
+      "description": "Details about a data access attempt made by a principal not authorized under applicable data security policy.",
+      "id": "GoogleCloudSecuritycenterV2DataAccessEvent",
+      "properties": {
+        "eventId": {
+          "description": "Unique identifier for data access event.",
+          "type": "string"
+        },
+        "eventTime": {
+          "description": "Timestamp of data access event.",
+          "format": "google-datetime",
+          "type": "string"
+        },
+        "operation": {
+          "description": "The operation performed by the principal to access the data.",
+          "enum": [
+            "OPERATION_UNSPECIFIED",
+            "READ",
+            "MOVE",
+            "COPY"
+          ],
+          "enumDescriptions": [
+            "The operation is unspecified.",
+            "Represents a read operation.",
+            "Represents a move operation.",
+            "Represents a copy operation."
+          ],
+          "type": "string"
+        },
+        "principalEmail": {
+          "description": "The email address of the principal that accessed the data. The principal could be a user account, service account, Google group, or other.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
+    "GoogleCloudSecuritycenterV2DataFlowEvent": {
+      "description": "Details about a data flow event, in which either the data is moved to or is accessed from a non-compliant geo-location, as defined in the applicable data security policy.",
+      "id": "GoogleCloudSecuritycenterV2DataFlowEvent",
+      "properties": {
+        "eventId": {
+          "description": "Unique identifier for data flow event.",
+          "type": "string"
+        },
+        "eventTime": {
+          "description": "Timestamp of data flow event.",
+          "format": "google-datetime",
+          "type": "string"
+        },
+        "operation": {
+          "description": "The operation performed by the principal for the data flow event.",
+          "enum": [
+            "OPERATION_UNSPECIFIED",
+            "READ",
+            "MOVE",
+            "COPY"
+          ],
+          "enumDescriptions": [
+            "The operation is unspecified.",
+            "Represents a read operation.",
+            "Represents a move operation.",
+            "Represents a copy operation."
+          ],
+          "type": "string"
+        },
+        "principalEmail": {
+          "description": "The email address of the principal that initiated the data flow event. The principal could be a user account, service account, Google group, or other.",
+          "type": "string"
+        },
+        "violatedLocation": {
+          "description": "Non-compliant location of the principal or the data destination.",
+          "type": "string"
+        }
+      },
+      "type": "object"
+    },
     "GoogleCloudSecuritycenterV2Database": {
       "description": "Represents database access information, such as queries. A database may be a sub-resource of an instance (as in the case of Cloud SQL instances or Cloud Spanner instances), or the database instance itself. Some database resources might not have the [full resource name](https://google.aip.dev/122#full-resource-names) populated because these resource types, such as Cloud SQL databases, are not yet supported by Cloud Asset Inventory. In these cases only the display name is provided.",
       "id": "GoogleCloudSecuritycenterV2Database",
@@ -10062,6 +10320,20 @@
           "readOnly": true,
           "type": "string"
         },
+        "dataAccessEvents": {
+          "description": "Data access events associated with the finding.",
+          "items": {
+            "$ref": "GoogleCloudSecuritycenterV2DataAccessEvent"
+          },
+          "type": "array"
+        },
+        "dataFlowEvents": {
+          "description": "Data flow events associated with the finding.",
+          "items": {
+            "$ref": "GoogleCloudSecuritycenterV2DataFlowEvent"
+          },
+          "type": "array"
+        },
         "database": {
           "$ref": "GoogleCloudSecuritycenterV2Database",
           "description": "Database associated with the finding."
@@ -10108,7 +10380,8 @@
             "OBSERVATION",
             "SCC_ERROR",
             "POSTURE_VIOLATION",
-            "TOXIC_COMBINATION"
+            "TOXIC_COMBINATION",
+            "SENSITIVE_DATA_RISK"
           ],
           "enumDescriptions": [
             "Unspecified finding class.",
@@ -10118,7 +10391,8 @@
             "Describes a security observation that is for informational purposes.",
             "Describes an error that prevents some SCC functionality.",
             "Describes a potential security risk due to a change in the security posture.",
-            "Describes a combination of security issues that represent a more severe security problem when taken together."
+            "Describes a combination of security issues that represent a more severe security problem when taken together.",
+            "Describes a potential security risk to data assets that contain sensitive data."
           ],
           "type": "string"
         },