feat: [securitycentermanagement] add an INGEST_ONLY EnablementState (#…

…5445)

- [ ] Regenerate this pull request now.

PiperOrigin-RevId: 642657570

Source-Link: https://togithub.com/googleapis/googleapis/commit/df979cfd29c6526ba260b426c6a03d34af38f128

Source-Link: https://togithub.com/googleapis/googleapis-gen/commit/1d5696b7751c6c6780fbb5fa570edd20fe65f230
Copy-Tag: eyJwIjoicGFja2FnZXMvZ29vZ2xlLWNsb3VkLXNlY3VyaXR5Y2VudGVybWFuYWdlbWVudC8uT3dsQm90LnlhbWwiLCJoIjoiMWQ1Njk2Yjc3NTFjNmM2NzgwZmJiNWZhNTcwZWRkMjBmZTY1ZjIzMCJ9

BEGIN_NESTED_COMMIT
docs: [securitycentermanagement] minor docs formatting in `UpdateSecurityCenterServiceRequest.validate_only`
PiperOrigin-RevId: 640989637

Source-Link: https://togithub.com/googleapis/googleapis/commit/26b136f724bf60e12dc21b26e1c48fb8a78fbf0f

Source-Link: https://togithub.com/googleapis/googleapis-gen/commit/221ee6a542f88aa07a4a1e80a70aadce23cfa32b
Copy-Tag: eyJwIjoicGFja2FnZXMvZ29vZ2xlLWNsb3VkLXNlY3VyaXR5Y2VudGVybWFuYWdlbWVudC8uT3dsQm90LnlhbWwiLCJoIjoiMjIxZWU2YTU0MmY4OGFhMDdhNGExZTgwYTcwYWFkY2UyM2NmYTMyYiJ9
END_NESTED_COMMIT

packages/google-cloud-securitycentermanagement/protos/google/cloud/securitycentermanagement/v1/security_center_management.proto

@@ -493,6 +493,11 @@ message SecurityCenterService {
 
     // State is disabled.
     DISABLED = 3;
+
+    // SCC is configured to ingest findings from this service but not enable
+    // this service. Not a valid intended_enablement_state (that is, this is a
+    // readonly state).
+    INGEST_ONLY = 4;
   }
 
   // Identifier. The name of the service.
@@ -1667,12 +1672,12 @@ message UpdateSecurityCenterServiceRequest {
   google.protobuf.FieldMask update_mask = 2
       [(google.api.field_behavior) = REQUIRED];
 
-  // Optional. When set to true, only validations (including IAM checks) will
+  // Optional. When set to true, only validations (including IAM checks) will be
   // done for the request (service will not be updated). An OK response
-  // indicates the request is valid while an error response indicates the
-  // request is invalid. Note that a subsequent request to actually update the
-  // service could still fail because 1. the state could have changed (e.g. IAM
-  // permission lost) or
-  // 2. A failure occurred while trying to delete the module.
+  // indicates that the request is valid, while an error response indicates that
+  // the request is invalid. Note that a subsequent request to actually update
+  // the service could still fail for one of the following reasons:
+  // - The state could have changed (e.g. IAM permission lost).
+  // - A failure occurred while trying to delete the module.
   bool validate_only = 3 [(google.api.field_behavior) = OPTIONAL];
 }

packages/google-cloud-securitycentermanagement/samples/generated/v1/security_center_management.update_security_center_service.js

@@ -39,13 +39,13 @@ function main(securityCenterService, updateMask) {
    */
   // const updateMask = {}
   /**
-   *  Optional. When set to true, only validations (including IAM checks) will
+   *  Optional. When set to true, only validations (including IAM checks) will be
    *  done for the request (service will not be updated). An OK response
-   *  indicates the request is valid while an error response indicates the
-   *  request is invalid. Note that a subsequent request to actually update the
-   *  service could still fail because 1. the state could have changed (e.g. IAM
-   *  permission lost) or
-   *  2. A failure occurred while trying to delete the module.
+   *  indicates that the request is valid, while an error response indicates that
+   *  the request is invalid. Note that a subsequent request to actually update
+   *  the service could still fail for one of the following reasons:
+   *  - The state could have changed (e.g. IAM permission lost).
+   *  - A failure occurred while trying to delete the module.
    */
   // const validateOnly = true
 

packages/google-cloud-securitycentermanagement/src/v1/security_center_management_client.ts

@@ -1994,13 +1994,13 @@ export class SecurityCenterManagementClient {
    *     * "intended_enablement_state"
    *     * "modules"
    * @param {boolean} [request.validateOnly]
-   *   Optional. When set to true, only validations (including IAM checks) will
+   *   Optional. When set to true, only validations (including IAM checks) will be
    *   done for the request (service will not be updated). An OK response
-   *   indicates the request is valid while an error response indicates the
-   *   request is invalid. Note that a subsequent request to actually update the
-   *   service could still fail because 1. the state could have changed (e.g. IAM
-   *   permission lost) or
-   *   2. A failure occurred while trying to delete the module.
+   *   indicates that the request is valid, while an error response indicates that
+   *   the request is invalid. Note that a subsequent request to actually update
+   *   the service could still fail for one of the following reasons:
+   *   - The state could have changed (e.g. IAM permission lost).
+   *   - A failure occurred while trying to delete the module.
    * @param {object} [options]
    *   Call options. See {@link https://googleapis.dev/nodejs/google-gax/latest/interfaces/CallOptions.html|CallOptions} for more details.
    * @returns {Promise} - The promise which resolves to an array.