feat(securitycenter): update the api

#### securitycenter:v1

The following keys were deleted:
- schemas.CelPolicySpec (Total Keys: 3)
- schemas.GoogleCloudSecuritycenterV1CustomConfig.properties.celPolicy.$ref (Total Keys: 1)

The following keys were changed:
- endpoints (Total Keys: 1)

#### securitycenter:v1beta1

The following keys were deleted:
- schemas.CelPolicySpec (Total Keys: 3)
- schemas.GoogleCloudSecuritycenterV1CustomConfig.properties.celPolicy.$ref (Total Keys: 1)

The following keys were changed:
- endpoints (Total Keys: 1)

#### securitycenter:v1beta2

The following keys were deleted:
- schemas.CelPolicySpec (Total Keys: 3)
- schemas.GoogleCloudSecuritycenterV1CustomConfig.properties.celPolicy.$ref (Total Keys: 1)

The following keys were changed:
- endpoints (Total Keys: 1)

Author: yoshi-automation

docs/dyn/securitycenter_v1.folders.securityHealthAnalyticsSettings.customModules.html

@@ -108,9 +108,6 @@ <h3>Method Details</h3>
 
     { # An EffectiveSecurityHealthAnalyticsCustomModule is the representation of a Security Health Analytics custom module at a specified level of the resource hierarchy: organization, folder, or project. If a custom module is inherited from a parent organization or folder, the value of the `enablementState` property in EffectiveSecurityHealthAnalyticsCustomModule is set to the value that is effective in the parent, instead of `INHERITED`. For example, if the module is enabled in a parent organization or folder, the effective enablement_state for the module in all child folders or projects is also `enabled`. EffectiveSecurityHealthAnalyticsCustomModule is read-only.
   &quot;customConfig&quot;: { # Defines the properties in a custom module configuration for Security Health Analytics. Use the custom module configuration to create custom detectors that generate custom findings for resources that you specify. # Output only. The user-specified configuration for the module.
-    &quot;celPolicy&quot;: { # YAML-based rule that uses CEL, which supports the declaration of variables and a filtering predicate. A vulnerable resource is emitted if the evaluation is false. Given: 1) the resource types as: - resource_types: &quot;compute.googleapis.com/Instance&quot; - resource_types: &quot;compute.googleapis.com/Firewall&quot; 2) the CEL policy spec as: name: bad_instance resource_filters: - name: instance resource_type: compute.googleapis.com/Instance filter: &gt; instance.status == &#x27;RUNNING&#x27; &amp;&amp; &#x27;public&#x27; in instance.tags.items - name: firewall resource_type: compute.googleapis.com/Firewall filter: &gt; firewall.direction == &#x27;INGRESS&#x27; &amp;&amp; !firewall.disabled &amp;&amp; firewall.allowed.exists(rule, rule.IPProtocol.upperAscii() in [&#x27;TCP&#x27;, &#x27;ALL&#x27;] &amp;&amp; rule.ports.exists(port, network.portsInRange(port, &#x27;11-256&#x27;))) rule: match: - predicate: &gt; instance.networkInterfaces.exists(net, firewall.network == net.network) output: &gt; {&#x27;message&#x27;: &#x27;Compute instance with publicly accessible ports&#x27;, &#x27;instance&#x27;: instance.name} Users are able to join resource types together using the exact format as Kubernetes Validating Admission policies. # The CEL policy spec attached to the custom module.
-      &quot;spec&quot;: &quot;A String&quot;, # The CEL policy to evaluate to produce findings. A finding is generated when the policy validation evaluates to false.
-    },
     &quot;customOutput&quot;: { # A set of optional name-value pairs that define custom source properties to return with each finding that is generated by the custom module. The custom source properties that are defined here are included in the finding JSON under `sourceProperties`. # Custom output properties.
       &quot;properties&quot;: [ # A list of custom output properties to add to the finding.
         { # An individual name-value pair that defines a custom source property.
@@ -165,9 +162,6 @@ <h3>Method Details</h3>
   &quot;effectiveSecurityHealthAnalyticsCustomModules&quot;: [ # Effective custom modules belonging to the requested parent.
     { # An EffectiveSecurityHealthAnalyticsCustomModule is the representation of a Security Health Analytics custom module at a specified level of the resource hierarchy: organization, folder, or project. If a custom module is inherited from a parent organization or folder, the value of the `enablementState` property in EffectiveSecurityHealthAnalyticsCustomModule is set to the value that is effective in the parent, instead of `INHERITED`. For example, if the module is enabled in a parent organization or folder, the effective enablement_state for the module in all child folders or projects is also `enabled`. EffectiveSecurityHealthAnalyticsCustomModule is read-only.
       &quot;customConfig&quot;: { # Defines the properties in a custom module configuration for Security Health Analytics. Use the custom module configuration to create custom detectors that generate custom findings for resources that you specify. # Output only. The user-specified configuration for the module.
-        &quot;celPolicy&quot;: { # YAML-based rule that uses CEL, which supports the declaration of variables and a filtering predicate. A vulnerable resource is emitted if the evaluation is false. Given: 1) the resource types as: - resource_types: &quot;compute.googleapis.com/Instance&quot; - resource_types: &quot;compute.googleapis.com/Firewall&quot; 2) the CEL policy spec as: name: bad_instance resource_filters: - name: instance resource_type: compute.googleapis.com/Instance filter: &gt; instance.status == &#x27;RUNNING&#x27; &amp;&amp; &#x27;public&#x27; in instance.tags.items - name: firewall resource_type: compute.googleapis.com/Firewall filter: &gt; firewall.direction == &#x27;INGRESS&#x27; &amp;&amp; !firewall.disabled &amp;&amp; firewall.allowed.exists(rule, rule.IPProtocol.upperAscii() in [&#x27;TCP&#x27;, &#x27;ALL&#x27;] &amp;&amp; rule.ports.exists(port, network.portsInRange(port, &#x27;11-256&#x27;))) rule: match: - predicate: &gt; instance.networkInterfaces.exists(net, firewall.network == net.network) output: &gt; {&#x27;message&#x27;: &#x27;Compute instance with publicly accessible ports&#x27;, &#x27;instance&#x27;: instance.name} Users are able to join resource types together using the exact format as Kubernetes Validating Admission policies. # The CEL policy spec attached to the custom module.
-          &quot;spec&quot;: &quot;A String&quot;, # The CEL policy to evaluate to produce findings. A finding is generated when the policy validation evaluates to false.
-        },
         &quot;customOutput&quot;: { # A set of optional name-value pairs that define custom source properties to return with each finding that is generated by the custom module. The custom source properties that are defined here are included in the finding JSON under `sourceProperties`. # Custom output properties.
           &quot;properties&quot;: [ # A list of custom output properties to add to the finding.
             { # An individual name-value pair that defines a custom source property.

docs/dyn/securitycenter_v1.folders.securityHealthAnalyticsSettings.effectiveCustomModules.html

@@ -2600,7 +2600,7 @@ <h3>Method Details</h3>
     The object takes the form of:
 
 { # Request message for updating a finding&#x27;s state.
-  &quot;startTime&quot;: &quot;A String&quot;, # Required. The time at which the updated state takes effect.
+  &quot;startTime&quot;: &quot;A String&quot;, # Optional. The time at which the updated state takes effect. If unset, defaults to the request time.
   &quot;state&quot;: &quot;A String&quot;, # Required. The desired State of the finding.
 }