Synchronize new proto/yaml changes.

PiperOrigin-RevId: 247230302
diff --git a/google/cloud/websecurityscanner/artman_websecurityscanner_v1beta.yaml b/google/cloud/websecurityscanner/artman_websecurityscanner_v1beta.yaml
new file mode 100644
index 0000000..1300841
--- /dev/null
+++ b/google/cloud/websecurityscanner/artman_websecurityscanner_v1beta.yaml
@@ -0,0 +1,34 @@
+common:
+  api_name: websecurityscanner
+  api_version: v1beta
+  organization_name: google-cloud
+  proto_deps:
+  - name: google-common-protos
+  src_proto_paths:
+  - v1beta
+  service_yaml: websecurityscanner_v1beta.yaml
+  gapic_yaml: v1beta/websecurityscanner_gapic.yaml
+artifacts:
+- name: gapic_config
+  type: GAPIC_CONFIG
+- name: java_gapic
+  type: GAPIC
+  language: JAVA
+- name: python_gapic
+  type: GAPIC
+  language: PYTHON
+- name: nodejs_gapic
+  type: GAPIC
+  language: NODEJS
+- name: php_gapic
+  type: GAPIC
+  language: PHP
+- name: go_gapic
+  type: GAPIC
+  language: GO
+- name: ruby_gapic
+  type: GAPIC
+  language: RUBY
+- name: csharp_gapic
+  type: GAPIC
+  language: CSHARP
diff --git a/google/cloud/websecurityscanner/v1beta/crawled_url.proto b/google/cloud/websecurityscanner/v1beta/crawled_url.proto
new file mode 100644
index 0000000..7e5c41a
--- /dev/null
+++ b/google/cloud/websecurityscanner/v1beta/crawled_url.proto
@@ -0,0 +1,43 @@
+// Copyright 2019 Google LLC.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+syntax = "proto3";
+
+package google.cloud.websecurityscanner.v1beta;
+
+import "google/api/annotations.proto";
+
+option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1beta;websecurityscanner";
+option java_multiple_files = true;
+option java_outer_classname = "CrawledUrlProto";
+option java_package = "com.google.cloud.websecurityscanner.v1beta";
+
+// A CrawledUrl resource represents a URL that was crawled during a ScanRun. Web
+// Security Scanner Service crawls the web applications, following all links
+// within the scope of sites, to find the URLs to test against.
+message CrawledUrl {
+  // Output only.
+  // The http method of the request that was used to visit the URL, in
+  // uppercase.
+  string http_method = 1;
+
+  // Output only.
+  // The URL that was crawled.
+  string url = 2;
+
+  // Output only.
+  // The body of the request that was used to visit the URL.
+  string body = 3;
+}
diff --git a/google/cloud/websecurityscanner/v1beta/finding.proto b/google/cloud/websecurityscanner/v1beta/finding.proto
new file mode 100644
index 0000000..c01dcf7
--- /dev/null
+++ b/google/cloud/websecurityscanner/v1beta/finding.proto
@@ -0,0 +1,106 @@
+// Copyright 2019 Google LLC.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+syntax = "proto3";
+
+package google.cloud.websecurityscanner.v1beta;
+
+import "google/api/annotations.proto";
+import "google/cloud/websecurityscanner/v1beta/finding_addon.proto";
+
+option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1beta;websecurityscanner";
+option java_multiple_files = true;
+option java_outer_classname = "FindingProto";
+option java_package = "com.google.cloud.websecurityscanner.v1beta";
+
+// A Finding resource represents a vulnerability instance identified during a
+// ScanRun.
+message Finding {
+  // Output only.
+  // The resource name of the Finding. The name follows the format of
+  // 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'.
+  // The finding IDs are generated by the system.
+  string name = 1;
+
+  // Output only.
+  // The type of the Finding.
+  // Detailed and up-to-date information on findings can be found here:
+  // https://cloud.google.com/security-scanner/docs/scan-result-details
+  string finding_type = 2;
+
+  // Output only.
+  // The http method of the request that triggered the vulnerability, in
+  // uppercase.
+  string http_method = 3;
+
+  // Output only.
+  // The URL produced by the server-side fuzzer and used in the request that
+  // triggered the vulnerability.
+  string fuzzed_url = 4;
+
+  // Output only.
+  // The body of the request that triggered the vulnerability.
+  string body = 5;
+
+  // Output only.
+  // The description of the vulnerability.
+  string description = 6;
+
+  // Output only.
+  // The URL containing human-readable payload that user can leverage to
+  // reproduce the vulnerability.
+  string reproduction_url = 7;
+
+  // Output only.
+  // If the vulnerability was originated from nested IFrame, the immediate
+  // parent IFrame is reported.
+  string frame_url = 8;
+
+  // Output only.
+  // The URL where the browser lands when the vulnerability is detected.
+  string final_url = 9;
+
+  // Output only.
+  // The tracking ID uniquely identifies a vulnerability instance across
+  // multiple ScanRuns.
+  string tracking_id = 10;
+
+  // Output only.
+  // An addon containing information reported for a vulnerability with an HTML
+  // form, if any.
+  Form form = 16;
+
+  // Output only.
+  // An addon containing information about outdated libraries.
+  OutdatedLibrary outdated_library = 11;
+
+  // Output only.
+  // An addon containing detailed information regarding any resource causing the
+  // vulnerability such as JavaScript sources, image, audio files, etc.
+  ViolatingResource violating_resource = 12;
+
+  // Output only.
+  // An addon containing information about vulnerable or missing HTTP headers.
+  VulnerableHeaders vulnerable_headers = 15;
+
+  // Output only.
+  // An addon containing information about request parameters which were found
+  // to be vulnerable.
+  VulnerableParameters vulnerable_parameters = 13;
+
+  // Output only.
+  // An addon containing information reported for an XSS, if any.
+  Xss xss = 14;
+}
diff --git a/google/cloud/websecurityscanner/v1beta/finding_addon.proto b/google/cloud/websecurityscanner/v1beta/finding_addon.proto
new file mode 100644
index 0000000..33d5f42
--- /dev/null
+++ b/google/cloud/websecurityscanner/v1beta/finding_addon.proto
@@ -0,0 +1,89 @@
+// Copyright 2019 Google LLC.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+syntax = "proto3";
+
+package google.cloud.websecurityscanner.v1beta;
+
+import "google/api/annotations.proto";
+
+option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1beta;websecurityscanner";
+option java_multiple_files = true;
+option java_outer_classname = "FindingAddonProto";
+option java_package = "com.google.cloud.websecurityscanner.v1beta";
+
+// ! Information about a vulnerability with an HTML.
+message Form {
+  // ! The URI where to send the form when it's submitted.
+  string action_uri = 1;
+
+  // ! The names of form fields related to the vulnerability.
+  repeated string fields = 2;
+}
+
+// Information reported for an outdated library.
+message OutdatedLibrary {
+  // The name of the outdated library.
+  string library_name = 1;
+
+  // The version number.
+  string version = 2;
+
+  // URLs to learn more information about the vulnerabilities in the library.
+  repeated string learn_more_urls = 3;
+}
+
+// Information regarding any resource causing the vulnerability such
+// as JavaScript sources, image, audio files, etc.
+message ViolatingResource {
+  // The MIME type of this resource.
+  string content_type = 1;
+
+  // URL of this violating resource.
+  string resource_url = 2;
+}
+
+// Information about vulnerable request parameters.
+message VulnerableParameters {
+  // The vulnerable parameter names.
+  repeated string parameter_names = 1;
+}
+
+// Information about vulnerable or missing HTTP Headers.
+message VulnerableHeaders {
+  // Describes a HTTP Header.
+  message Header {
+    // Header name.
+    string name = 1;
+
+    // Header value.
+    string value = 2;
+  }
+
+  // List of vulnerable headers.
+  repeated Header headers = 1;
+
+  // List of missing headers.
+  repeated Header missing_headers = 2;
+}
+
+// Information reported for an XSS.
+message Xss {
+  // Stack traces leading to the point where the XSS occurred.
+  repeated string stack_traces = 1;
+
+  // An error message generated by a javascript breakage.
+  string error_message = 2;
+}
diff --git a/google/cloud/websecurityscanner/v1beta/finding_type_stats.proto b/google/cloud/websecurityscanner/v1beta/finding_type_stats.proto
new file mode 100644
index 0000000..1b36d63
--- /dev/null
+++ b/google/cloud/websecurityscanner/v1beta/finding_type_stats.proto
@@ -0,0 +1,37 @@
+// Copyright 2019 Google LLC.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+syntax = "proto3";
+
+package google.cloud.websecurityscanner.v1beta;
+
+import "google/api/annotations.proto";
+
+option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1beta;websecurityscanner";
+option java_multiple_files = true;
+option java_outer_classname = "FindingTypeStatsProto";
+option java_package = "com.google.cloud.websecurityscanner.v1beta";
+
+// A FindingTypeStats resource represents stats regarding a specific FindingType
+// of Findings under a given ScanRun.
+message FindingTypeStats {
+  // Output only.
+  // The finding type associated with the stats.
+  string finding_type = 1;
+
+  // Output only.
+  // The count of findings belonging to this finding type.
+  int32 finding_count = 2;
+}
diff --git a/google/cloud/websecurityscanner/v1beta/scan_config.proto b/google/cloud/websecurityscanner/v1beta/scan_config.proto
new file mode 100644
index 0000000..1be0098
--- /dev/null
+++ b/google/cloud/websecurityscanner/v1beta/scan_config.proto
@@ -0,0 +1,188 @@
+// Copyright 2019 Google LLC.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+syntax = "proto3";
+
+package google.cloud.websecurityscanner.v1beta;
+
+import "google/api/annotations.proto";
+import "google/cloud/websecurityscanner/v1beta/scan_run.proto";
+import "google/protobuf/timestamp.proto";
+
+option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1beta;websecurityscanner";
+option java_multiple_files = true;
+option java_outer_classname = "ScanConfigProto";
+option java_package = "com.google.cloud.websecurityscanner.v1beta";
+
+// A ScanConfig resource contains the configurations to launch a scan.
+message ScanConfig {
+  // Scan authentication configuration.
+  message Authentication {
+    // Describes authentication configuration that uses a Google account.
+    message GoogleAccount {
+      // Required.
+      // The user name of the Google account.
+      string username = 1;
+
+      // Input only.
+      // Required.
+      // The password of the Google account. The credential is stored encrypted
+      // and not returned in any response nor included in audit logs.
+      string password = 2;
+    }
+
+    // Describes authentication configuration that uses a custom account.
+    message CustomAccount {
+      // Required.
+      // The user name of the custom account.
+      string username = 1;
+
+      // Input only.
+      // Required.
+      // The password of the custom account. The credential is stored encrypted
+      // and not returned in any response nor included in audit logs.
+      string password = 2;
+
+      // Required.
+      // The login form URL of the website.
+      string login_url = 3;
+    }
+
+    // Required.
+    // Authentication configuration
+    oneof authentication {
+      // Authentication using a Google account.
+      GoogleAccount google_account = 1;
+
+      // Authentication using a custom account.
+      CustomAccount custom_account = 2;
+    }
+  }
+
+  // Scan schedule configuration.
+  message Schedule {
+    // A timestamp indicates when the next run will be scheduled. The value is
+    // refreshed by the server after each run. If unspecified, it will default
+    // to current server time, which means the scan will be scheduled to start
+    // immediately.
+    google.protobuf.Timestamp schedule_time = 1;
+
+    // Required.
+    // The duration of time between executions in days.
+    int32 interval_duration_days = 2;
+  }
+
+  // Type of user agents used for scanning.
+  enum UserAgent {
+    // The user agent is unknown. Service will default to CHROME_LINUX.
+    USER_AGENT_UNSPECIFIED = 0;
+
+    // Chrome on Linux. This is the service default if unspecified.
+    CHROME_LINUX = 1;
+
+    // Chrome on Android.
+    CHROME_ANDROID = 2;
+
+    // Safari on IPhone.
+    SAFARI_IPHONE = 3;
+  }
+
+  // Cloud platforms supported by Cloud Web Security Scanner.
+  enum TargetPlatform {
+    // The target platform is unknown. Requests with this enum value will be
+    // rejected with INVALID_ARGUMENT error.
+    TARGET_PLATFORM_UNSPECIFIED = 0;
+
+    // Google App Engine service.
+    APP_ENGINE = 1;
+
+    // Google Compute Engine service.
+    COMPUTE = 2;
+  }
+
+  // Scan risk levels supported by Cloud Web Security Scanner. LOW impact
+  // scanning will minimize requests with the potential to modify data. To
+  // achieve the maximum scan coverage, NORMAL risk level is recommended.
+  enum RiskLevel {
+    // Use default, which is NORMAL.
+    RISK_LEVEL_UNSPECIFIED = 0;
+
+    // Normal scanning (Recommended)
+    NORMAL = 1;
+
+    // Lower impact scanning
+    LOW = 2;
+  }
+
+  // Controls export of scan configurations and results to Cloud Security
+  // Command Center.
+  enum ExportToSecurityCommandCenter {
+    // Use default, which is ENABLED.
+    EXPORT_TO_SECURITY_COMMAND_CENTER_UNSPECIFIED = 0;
+
+    // Export results of this scan to Cloud Security Command Center.
+    ENABLED = 1;
+
+    // Do not export results of this scan to Cloud Security Command Center.
+    DISABLED = 2;
+  }
+
+  // The resource name of the ScanConfig. The name follows the format of
+  // 'projects/{projectId}/scanConfigs/{scanConfigId}'. The ScanConfig IDs are
+  // generated by the system.
+  string name = 1;
+
+  // Required.
+  // The user provided display name of the ScanConfig.
+  string display_name = 2;
+
+  // The maximum QPS during scanning. A valid value ranges from 5 to 20
+  // inclusively. If the field is unspecified or its value is set 0, server will
+  // default to 15. Other values outside of [5, 20] range will be rejected with
+  // INVALID_ARGUMENT error.
+  int32 max_qps = 3;
+
+  // Required.
+  // The starting URLs from which the scanner finds site pages.
+  repeated string starting_urls = 4;
+
+  // The authentication configuration. If specified, service will use the
+  // authentication configuration during scanning.
+  Authentication authentication = 5;
+
+  // The user agent used during scanning.
+  UserAgent user_agent = 6;
+
+  // The blacklist URL patterns as described in
+  // https://cloud.google.com/security-scanner/docs/excluded-urls
+  repeated string blacklist_patterns = 7;
+
+  // The schedule of the ScanConfig.
+  Schedule schedule = 8;
+
+  // Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be
+  // used as a default.
+  repeated TargetPlatform target_platforms = 9;
+
+  // Controls export of scan configurations and results to Cloud Security
+  // Command Center.
+  ExportToSecurityCommandCenter export_to_security_command_center = 10;
+
+  // Latest ScanRun if available.
+  ScanRun latest_run = 11;
+
+  // The risk level selected for the scan
+  RiskLevel risk_level = 12;
+}
diff --git a/google/cloud/websecurityscanner/v1beta/scan_config_error.proto b/google/cloud/websecurityscanner/v1beta/scan_config_error.proto
new file mode 100644
index 0000000..9f624b7
--- /dev/null
+++ b/google/cloud/websecurityscanner/v1beta/scan_config_error.proto
@@ -0,0 +1,186 @@
+// Copyright 2019 Google LLC.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+syntax = "proto3";
+
+package google.cloud.websecurityscanner.v1beta;
+
+option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1beta;websecurityscanner";
+option java_multiple_files = true;
+option java_outer_classname = "ScanConfigErrorProto";
+option java_package = "com.google.cloud.websecurityscanner.v1beta";
+
+// Defines a custom error message used by CreateScanConfig and UpdateScanConfig
+// APIs when scan configuration validation fails. It is also reported as part of
+// a ScanRunErrorTrace message if scan validation fails due to a scan
+// configuration error.
+message ScanConfigError {
+  // Output only.
+  // Defines an error reason code.
+  // Next id: 43
+  enum Code {
+    option allow_alias = true;
+
+    // There is no error.
+    CODE_UNSPECIFIED = 0;
+
+    // There is no error.
+    OK = 0;
+
+    // Indicates an internal server error.
+    // Please DO NOT USE THIS ERROR CODE unless the root cause is truly unknown.
+    INTERNAL_ERROR = 1;
+
+    // One of the seed URLs is an App Engine URL but we cannot validate the scan
+    // settings due to an App Engine API backend error.
+    APPENGINE_API_BACKEND_ERROR = 2;
+
+    // One of the seed URLs is an App Engine URL but we cannot access the
+    // App Engine API to validate scan settings.
+    APPENGINE_API_NOT_ACCESSIBLE = 3;
+
+    // One of the seed URLs is an App Engine URL but the Default Host of the
+    // App Engine is not set.
+    APPENGINE_DEFAULT_HOST_MISSING = 4;
+
+    // Google corporate accounts can not be used for scanning.
+    CANNOT_USE_GOOGLE_COM_ACCOUNT = 6;
+
+    // The account of the scan creator can not be used for scanning.
+    CANNOT_USE_OWNER_ACCOUNT = 7;
+
+    // This scan targets Compute Engine, but we cannot validate scan settings
+    // due to a Compute Engine API backend error.
+    COMPUTE_API_BACKEND_ERROR = 8;
+
+    // This scan targets Compute Engine, but we cannot access the Compute Engine
+    // API to validate the scan settings.
+    COMPUTE_API_NOT_ACCESSIBLE = 9;
+
+    // The Custom Login URL does not belong to the current project.
+    CUSTOM_LOGIN_URL_DOES_NOT_BELONG_TO_CURRENT_PROJECT = 10;
+
+    // The Custom Login URL is malformed (can not be parsed).
+    CUSTOM_LOGIN_URL_MALFORMED = 11;
+
+    // The Custom Login URL is mapped to a non-routable IP address in DNS.
+    CUSTOM_LOGIN_URL_MAPPED_TO_NON_ROUTABLE_ADDRESS = 12;
+
+    // The Custom Login URL is mapped to an IP address which is not reserved for
+    // the current project.
+    CUSTOM_LOGIN_URL_MAPPED_TO_UNRESERVED_ADDRESS = 13;
+
+    // The Custom Login URL has a non-routable IP address.
+    CUSTOM_LOGIN_URL_HAS_NON_ROUTABLE_IP_ADDRESS = 14;
+
+    // The Custom Login URL has an IP address which is not reserved for the
+    // current project.
+    CUSTOM_LOGIN_URL_HAS_UNRESERVED_IP_ADDRESS = 15;
+
+    // Another scan with the same name (case-sensitive) already exists.
+    DUPLICATE_SCAN_NAME = 16;
+
+    // A field is set to an invalid value.
+    INVALID_FIELD_VALUE = 18;
+
+    // There was an error trying to authenticate to the scan target.
+    FAILED_TO_AUTHENTICATE_TO_TARGET = 19;
+
+    // Finding type value is not specified in the list findings request.
+    FINDING_TYPE_UNSPECIFIED = 20;
+
+    // Scan targets Compute Engine, yet current project was not whitelisted for
+    // Google Compute Engine Scanning Alpha access.
+    FORBIDDEN_TO_SCAN_COMPUTE = 21;
+
+    // The supplied filter is malformed. For example, it can not be parsed, does
+    // not have a filter type in expression, or the same filter type appears
+    // more than once.
+    MALFORMED_FILTER = 22;
+
+    // The supplied resource name is malformed (can not be parsed).
+    MALFORMED_RESOURCE_NAME = 23;
+
+    // The current project is not in an active state.
+    PROJECT_INACTIVE = 24;
+
+    // A required field is not set.
+    REQUIRED_FIELD = 25;
+
+    // Project id, scanconfig id, scanrun id, or finding id are not consistent
+    // with each other in resource name.
+    RESOURCE_NAME_INCONSISTENT = 26;
+
+    // The scan being requested to start is already running.
+    SCAN_ALREADY_RUNNING = 27;
+
+    // The scan that was requested to be stopped is not running.
+    SCAN_NOT_RUNNING = 28;
+
+    // One of the seed URLs does not belong to the current project.
+    SEED_URL_DOES_NOT_BELONG_TO_CURRENT_PROJECT = 29;
+
+    // One of the seed URLs is malformed (can not be parsed).
+    SEED_URL_MALFORMED = 30;
+
+    // One of the seed URLs is mapped to a non-routable IP address in DNS.
+    SEED_URL_MAPPED_TO_NON_ROUTABLE_ADDRESS = 31;
+
+    // One of the seed URLs is mapped to an IP address which is not reserved
+    // for the current project.
+    SEED_URL_MAPPED_TO_UNRESERVED_ADDRESS = 32;
+
+    // One of the seed URLs has on-routable IP address.
+    SEED_URL_HAS_NON_ROUTABLE_IP_ADDRESS = 33;
+
+    // One of the seed URLs has an IP address that is not reserved
+    // for the current project.
+    SEED_URL_HAS_UNRESERVED_IP_ADDRESS = 35;
+
+    // The Cloud Security Scanner service account is not configured under the
+    // project.
+    SERVICE_ACCOUNT_NOT_CONFIGURED = 36;
+
+    // A project has reached the maximum number of scans.
+    TOO_MANY_SCANS = 37;
+
+    // Resolving the details of the current project fails.
+    UNABLE_TO_RESOLVE_PROJECT_INFO = 38;
+
+    // One or more blacklist patterns were in the wrong format.
+    UNSUPPORTED_BLACKLIST_PATTERN_FORMAT = 39;
+
+    // The supplied filter is not supported.
+    UNSUPPORTED_FILTER = 40;
+
+    // The supplied finding type is not supported. For example, we do not
+    // provide findings of the given finding type.
+    UNSUPPORTED_FINDING_TYPE = 41;
+
+    // The URL scheme of one or more of the supplied URLs is not supported.
+    UNSUPPORTED_URL_SCHEME = 42;
+  }
+
+  // Output only.
+  // Indicates the reason code for a configuration failure.
+  Code code = 1;
+
+  // Output only.
+  // Indicates the full name of the ScanConfig field that triggers this error,
+  // for example "scan_config.max_qps". This field is provided for
+  // troubleshooting purposes only and its actual value can change in the
+  // future.
+  string field_name = 2;
+}
diff --git a/google/cloud/websecurityscanner/v1beta/scan_run.proto b/google/cloud/websecurityscanner/v1beta/scan_run.proto
new file mode 100644
index 0000000..c783ef5
--- /dev/null
+++ b/google/cloud/websecurityscanner/v1beta/scan_run.proto
@@ -0,0 +1,120 @@
+// Copyright 2019 Google LLC.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+syntax = "proto3";
+
+package google.cloud.websecurityscanner.v1beta;
+
+import "google/api/annotations.proto";
+import "google/cloud/websecurityscanner/v1beta/scan_run_error_trace.proto";
+import "google/cloud/websecurityscanner/v1beta/scan_run_warning_trace.proto";
+import "google/protobuf/timestamp.proto";
+
+option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1beta;websecurityscanner";
+option java_multiple_files = true;
+option java_outer_classname = "ScanRunProto";
+option java_package = "com.google.cloud.websecurityscanner.v1beta";
+
+// A ScanRun is a output-only resource representing an actual run of the scan.
+// Next id: 12
+message ScanRun {
+  // Types of ScanRun execution state.
+  enum ExecutionState {
+    // Represents an invalid state caused by internal server error. This value
+    // should never be returned.
+    EXECUTION_STATE_UNSPECIFIED = 0;
+
+    // The scan is waiting in the queue.
+    QUEUED = 1;
+
+    // The scan is in progress.
+    SCANNING = 2;
+
+    // The scan is either finished or stopped by user.
+    FINISHED = 3;
+  }
+
+  // Types of ScanRun result state.
+  enum ResultState {
+    // Default value. This value is returned when the ScanRun is not yet
+    // finished.
+    RESULT_STATE_UNSPECIFIED = 0;
+
+    // The scan finished without errors.
+    SUCCESS = 1;
+
+    // The scan finished with errors.
+    ERROR = 2;
+
+    // The scan was terminated by user.
+    KILLED = 3;
+  }
+
+  // Output only.
+  // The resource name of the ScanRun. The name follows the format of
+  // 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'.
+  // The ScanRun IDs are generated by the system.
+  string name = 1;
+
+  // Output only.
+  // The execution state of the ScanRun.
+  ExecutionState execution_state = 2;
+
+  // Output only.
+  // The result state of the ScanRun. This field is only available after the
+  // execution state reaches "FINISHED".
+  ResultState result_state = 3;
+
+  // Output only.
+  // The time at which the ScanRun started.
+  google.protobuf.Timestamp start_time = 4;
+
+  // Output only.
+  // The time at which the ScanRun reached termination state - that the ScanRun
+  // is either finished or stopped by user.
+  google.protobuf.Timestamp end_time = 5;
+
+  // Output only.
+  // The number of URLs crawled during this ScanRun. If the scan is in progress,
+  // the value represents the number of URLs crawled up to now.
+  int64 urls_crawled_count = 6;
+
+  // Output only.
+  // The number of URLs tested during this ScanRun. If the scan is in progress,
+  // the value represents the number of URLs tested up to now. The number of
+  // URLs tested is usually larger than the number URLS crawled because
+  // typically a crawled URL is tested with multiple test payloads.
+  int64 urls_tested_count = 7;
+
+  // Output only.
+  // Whether the scan run has found any vulnerabilities.
+  bool has_vulnerabilities = 8;
+
+  // Output only.
+  // The percentage of total completion ranging from 0 to 100.
+  // If the scan is in queue, the value is 0.
+  // If the scan is running, the value ranges from 0 to 100.
+  // If the scan is finished, the value is 100.
+  int32 progress_percent = 9;
+
+  // Output only.
+  // If result_state is an ERROR, this field provides the primary reason for
+  // scan's termination and more details, if such are available.
+  ScanRunErrorTrace error_trace = 10;
+
+  // Output only.
+  // A list of warnings, if such are encountered during this scan run.
+  repeated ScanRunWarningTrace warning_traces = 11;
+}
diff --git a/google/cloud/websecurityscanner/v1beta/scan_run_error_trace.proto b/google/cloud/websecurityscanner/v1beta/scan_run_error_trace.proto
new file mode 100644
index 0000000..dd8e0c1
--- /dev/null
+++ b/google/cloud/websecurityscanner/v1beta/scan_run_error_trace.proto
@@ -0,0 +1,76 @@
+// Copyright 2019 Google LLC.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+syntax = "proto3";
+
+package google.cloud.websecurityscanner.v1beta;
+
+import "google/cloud/websecurityscanner/v1beta/scan_config_error.proto";
+
+option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1beta;websecurityscanner";
+option java_multiple_files = true;
+option java_outer_classname = "ScanRunErrorTraceProto";
+option java_package = "com.google.cloud.websecurityscanner.v1beta";
+
+// Output only.
+// Defines an error trace message for a ScanRun.
+message ScanRunErrorTrace {
+  // Output only.
+  // Defines an error reason code.
+  // Next id: 7
+  enum Code {
+    // Default value is never used.
+    CODE_UNSPECIFIED = 0;
+
+    // Indicates that the scan run failed due to an internal server error.
+    INTERNAL_ERROR = 1;
+
+    // Indicates a scan configuration error, usually due to outdated ScanConfig
+    // settings, such as starting_urls or the DNS configuration.
+    SCAN_CONFIG_ISSUE = 2;
+
+    // Indicates an authentication error, usually due to outdated ScanConfig
+    // authentication settings.
+    AUTHENTICATION_CONFIG_ISSUE = 3;
+
+    // Indicates a scan operation timeout, usually caused by a very large site.
+    TIMED_OUT_WHILE_SCANNING = 4;
+
+    // Indicates that a scan encountered excessive redirects, either to
+    // authentication or some other page outside of the scan scope.
+    TOO_MANY_REDIRECTS = 5;
+
+    // Indicates that a scan encountered numerous errors from the web site
+    // pages. When available, most_common_http_error_code field indicates the
+    // the most common HTTP error code encountered during the scan.
+    TOO_MANY_HTTP_ERRORS = 6;
+  }
+
+  // Output only.
+  // Indicates the error reason code.
+  Code code = 1;
+
+  // Output only.
+  // If the scan encounters SCAN_CONFIG_ISSUE error, this field has the error
+  // message encountered during scan configuration validation that is performed
+  // before each scan run.
+  ScanConfigError scan_config_error = 2;
+
+  // Output only.
+  // If the scan encounters TOO_MANY_HTTP_ERRORS, this field indicates the most
+  // common HTTP error code, if such is available. For example, if this code is
+  // 404, the scan has encountered too many NOT_FOUND responses.
+  int32 most_common_http_error_code = 3;
+}
diff --git a/google/cloud/websecurityscanner/v1beta/scan_run_warning_trace.proto b/google/cloud/websecurityscanner/v1beta/scan_run_warning_trace.proto
new file mode 100644
index 0000000..b60547a
--- /dev/null
+++ b/google/cloud/websecurityscanner/v1beta/scan_run_warning_trace.proto
@@ -0,0 +1,57 @@
+// Copyright 2019 Google LLC.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+syntax = "proto3";
+
+package google.cloud.websecurityscanner.v1beta;
+
+option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1beta;websecurityscanner";
+option java_multiple_files = true;
+option java_outer_classname = "ScanRunWarningTraceProto";
+option java_package = "com.google.cloud.websecurityscanner.v1beta";
+
+// Output only.
+// Defines a warning trace message for ScanRun. Warning traces provide customers
+// with useful information that helps make the scanning process more effective.
+message ScanRunWarningTrace {
+  // Output only.
+  // Defines a warning message code.
+  // Next id: 5
+  enum Code {
+    // Default value is never used.
+    CODE_UNSPECIFIED = 0;
+
+    // Indicates that a scan discovered an unexpectedly low number of URLs. This
+    // is sometimes caused by complex navigation features or by using a single
+    // URL for numerous pages.
+    INSUFFICIENT_CRAWL_RESULTS = 1;
+
+    // Indicates that a scan discovered too many URLs to test, or excessive
+    // redundant URLs.
+    TOO_MANY_CRAWL_RESULTS = 2;
+
+    // Indicates that too many tests have been generated for the scan. Customer
+    // should try reducing the number of starting URLs, increasing the QPS rate,
+    // or narrowing down the scope of the scan using the excluded patterns.
+    TOO_MANY_FUZZ_TASKS = 3;
+
+    // Indicates that a scan is blocked by IAP.
+    BLOCKED_BY_IAP = 4;
+  }
+
+  // Output only.
+  // Indicates the warning code.
+  Code code = 1;
+}
diff --git a/google/cloud/websecurityscanner/v1beta/web_security_scanner.proto b/google/cloud/websecurityscanner/v1beta/web_security_scanner.proto
new file mode 100644
index 0000000..c99f16a
--- /dev/null
+++ b/google/cloud/websecurityscanner/v1beta/web_security_scanner.proto
@@ -0,0 +1,346 @@
+// Copyright 2019 Google LLC.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+syntax = "proto3";
+
+package google.cloud.websecurityscanner.v1beta;
+
+import "google/api/annotations.proto";
+import "google/cloud/websecurityscanner/v1beta/crawled_url.proto";
+import "google/cloud/websecurityscanner/v1beta/finding.proto";
+import "google/cloud/websecurityscanner/v1beta/finding_type_stats.proto";
+import "google/cloud/websecurityscanner/v1beta/scan_config.proto";
+import "google/cloud/websecurityscanner/v1beta/scan_run.proto";
+import "google/protobuf/empty.proto";
+import "google/protobuf/field_mask.proto";
+
+option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1beta;websecurityscanner";
+option java_multiple_files = true;
+option java_outer_classname = "WebSecurityScannerProto";
+option java_package = "com.google.cloud.websecurityscanner.v1beta";
+
+// Cloud Web Security Scanner Service identifies security vulnerabilities in web
+// applications hosted on Google Cloud Platform. It crawls your application, and
+// attempts to exercise as many user inputs and event handlers as possible.
+service WebSecurityScanner {
+  // Creates a new ScanConfig.
+  rpc CreateScanConfig(CreateScanConfigRequest) returns (ScanConfig) {
+    option (google.api.http) = {
+      post: "/v1beta/{parent=projects/*}/scanConfigs"
+      body: "scan_config"
+    };
+  }
+
+  // Deletes an existing ScanConfig and its child resources.
+  rpc DeleteScanConfig(DeleteScanConfigRequest) returns (google.protobuf.Empty) {
+    option (google.api.http) = {
+      delete: "/v1beta/{name=projects/*/scanConfigs/*}"
+    };
+  }
+
+  // Gets a ScanConfig.
+  rpc GetScanConfig(GetScanConfigRequest) returns (ScanConfig) {
+    option (google.api.http) = {
+      get: "/v1beta/{name=projects/*/scanConfigs/*}"
+    };
+  }
+
+  // Lists ScanConfigs under a given project.
+  rpc ListScanConfigs(ListScanConfigsRequest) returns (ListScanConfigsResponse) {
+    option (google.api.http) = {
+      get: "/v1beta/{parent=projects/*}/scanConfigs"
+    };
+  }
+
+  // Updates a ScanConfig. This method support partial update of a ScanConfig.
+  rpc UpdateScanConfig(UpdateScanConfigRequest) returns (ScanConfig) {
+    option (google.api.http) = {
+      patch: "/v1beta/{scan_config.name=projects/*/scanConfigs/*}"
+      body: "scan_config"
+    };
+  }
+
+  // Start a ScanRun according to the given ScanConfig.
+  rpc StartScanRun(StartScanRunRequest) returns (ScanRun) {
+    option (google.api.http) = {
+      post: "/v1beta/{name=projects/*/scanConfigs/*}:start"
+      body: "*"
+    };
+  }
+
+  // Gets a ScanRun.
+  rpc GetScanRun(GetScanRunRequest) returns (ScanRun) {
+    option (google.api.http) = {
+      get: "/v1beta/{name=projects/*/scanConfigs/*/scanRuns/*}"
+    };
+  }
+
+  // Lists ScanRuns under a given ScanConfig, in descending order of ScanRun
+  // stop time.
+  rpc ListScanRuns(ListScanRunsRequest) returns (ListScanRunsResponse) {
+    option (google.api.http) = {
+      get: "/v1beta/{parent=projects/*/scanConfigs/*}/scanRuns"
+    };
+  }
+
+  // Stops a ScanRun. The stopped ScanRun is returned.
+  rpc StopScanRun(StopScanRunRequest) returns (ScanRun) {
+    option (google.api.http) = {
+      post: "/v1beta/{name=projects/*/scanConfigs/*/scanRuns/*}:stop"
+      body: "*"
+    };
+  }
+
+  // List CrawledUrls under a given ScanRun.
+  rpc ListCrawledUrls(ListCrawledUrlsRequest) returns (ListCrawledUrlsResponse) {
+    option (google.api.http) = {
+      get: "/v1beta/{parent=projects/*/scanConfigs/*/scanRuns/*}/crawledUrls"
+    };
+  }
+
+  // Gets a Finding.
+  rpc GetFinding(GetFindingRequest) returns (Finding) {
+    option (google.api.http) = {
+      get: "/v1beta/{name=projects/*/scanConfigs/*/scanRuns/*/findings/*}"
+    };
+  }
+
+  // List Findings under a given ScanRun.
+  rpc ListFindings(ListFindingsRequest) returns (ListFindingsResponse) {
+    option (google.api.http) = {
+      get: "/v1beta/{parent=projects/*/scanConfigs/*/scanRuns/*}/findings"
+    };
+  }
+
+  // List all FindingTypeStats under a given ScanRun.
+  rpc ListFindingTypeStats(ListFindingTypeStatsRequest) returns (ListFindingTypeStatsResponse) {
+    option (google.api.http) = {
+      get: "/v1beta/{parent=projects/*/scanConfigs/*/scanRuns/*}/findingTypeStats"
+    };
+  }
+}
+
+// Request for the `CreateScanConfig` method.
+message CreateScanConfigRequest {
+  // Required.
+  // The parent resource name where the scan is created, which should be a
+  // project resource name in the format 'projects/{projectId}'.
+  string parent = 1;
+
+  // Required.
+  // The ScanConfig to be created.
+  ScanConfig scan_config = 2;
+}
+
+// Request for the `DeleteScanConfig` method.
+message DeleteScanConfigRequest {
+  // Required.
+  // The resource name of the ScanConfig to be deleted. The name follows the
+  // format of 'projects/{projectId}/scanConfigs/{scanConfigId}'.
+  string name = 1;
+}
+
+// Request for the `GetScanConfig` method.
+message GetScanConfigRequest {
+  // Required.
+  // The resource name of the ScanConfig to be returned. The name follows the
+  // format of 'projects/{projectId}/scanConfigs/{scanConfigId}'.
+  string name = 1;
+}
+
+// Request for the `ListScanConfigs` method.
+message ListScanConfigsRequest {
+  // Required.
+  // The parent resource name, which should be a project resource name in the
+  // format 'projects/{projectId}'.
+  string parent = 1;
+
+  // A token identifying a page of results to be returned. This should be a
+  // `next_page_token` value returned from a previous List request.
+  // If unspecified, the first page of results is returned.
+  string page_token = 2;
+
+  // The maximum number of ScanConfigs to return, can be limited by server.
+  // If not specified or not positive, the implementation will select a
+  // reasonable value.
+  int32 page_size = 3;
+}
+
+// Request for the `UpdateScanConfigRequest` method.
+message UpdateScanConfigRequest {
+  // Required.
+  // The ScanConfig to be updated. The name field must be set to identify the
+  // resource to be updated. The values of fields not covered by the mask
+  // will be ignored.
+  ScanConfig scan_config = 2;
+
+  // Required.
+  // The update mask applies to the resource. For the `FieldMask` definition,
+  // see
+  // https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask
+  google.protobuf.FieldMask update_mask = 3;
+}
+
+// Response for the `ListScanConfigs` method.
+message ListScanConfigsResponse {
+  // The list of ScanConfigs returned.
+  repeated ScanConfig scan_configs = 1;
+
+  // Token to retrieve the next page of results, or empty if there are no
+  // more results in the list.
+  string next_page_token = 2;
+}
+
+// Request for the `StartScanRun` method.
+message StartScanRunRequest {
+  // Required.
+  // The resource name of the ScanConfig to be used. The name follows the
+  // format of 'projects/{projectId}/scanConfigs/{scanConfigId}'.
+  string name = 1;
+}
+
+// Request for the `GetScanRun` method.
+message GetScanRunRequest {
+  // Required.
+  // The resource name of the ScanRun to be returned. The name follows the
+  // format of
+  // 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'.
+  string name = 1;
+}
+
+// Request for the `ListScanRuns` method.
+message ListScanRunsRequest {
+  // Required.
+  // The parent resource name, which should be a scan resource name in the
+  // format 'projects/{projectId}/scanConfigs/{scanConfigId}'.
+  string parent = 1;
+
+  // A token identifying a page of results to be returned. This should be a
+  // `next_page_token` value returned from a previous List request.
+  // If unspecified, the first page of results is returned.
+  string page_token = 2;
+
+  // The maximum number of ScanRuns to return, can be limited by server.
+  // If not specified or not positive, the implementation will select a
+  // reasonable value.
+  int32 page_size = 3;
+}
+
+// Response for the `ListScanRuns` method.
+message ListScanRunsResponse {
+  // The list of ScanRuns returned.
+  repeated ScanRun scan_runs = 1;
+
+  // Token to retrieve the next page of results, or empty if there are no
+  // more results in the list.
+  string next_page_token = 2;
+}
+
+// Request for the `StopScanRun` method.
+message StopScanRunRequest {
+  // Required.
+  // The resource name of the ScanRun to be stopped. The name follows the
+  // format of
+  // 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'.
+  string name = 1;
+}
+
+// Request for the `ListCrawledUrls` method.
+message ListCrawledUrlsRequest {
+  // Required.
+  // The parent resource name, which should be a scan run resource name in the
+  // format
+  // 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'.
+  string parent = 1;
+
+  // A token identifying a page of results to be returned. This should be a
+  // `next_page_token` value returned from a previous List request.
+  // If unspecified, the first page of results is returned.
+  string page_token = 2;
+
+  // The maximum number of CrawledUrls to return, can be limited by server.
+  // If not specified or not positive, the implementation will select a
+  // reasonable value.
+  int32 page_size = 3;
+}
+
+// Response for the `ListCrawledUrls` method.
+message ListCrawledUrlsResponse {
+  // The list of CrawledUrls returned.
+  repeated CrawledUrl crawled_urls = 1;
+
+  // Token to retrieve the next page of results, or empty if there are no
+  // more results in the list.
+  string next_page_token = 2;
+}
+
+// Request for the `GetFinding` method.
+message GetFindingRequest {
+  // Required.
+  // The resource name of the Finding to be returned. The name follows the
+  // format of
+  // 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}/findings/{findingId}'.
+  string name = 1;
+}
+
+// Request for the `ListFindings` method.
+message ListFindingsRequest {
+  // Required.
+  // The parent resource name, which should be a scan run resource name in the
+  // format
+  // 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'.
+  string parent = 1;
+
+  // The filter expression. The expression must be in the format: <field>
+  // <operator> <value>.
+  // Supported field: 'finding_type'.
+  // Supported operator: '='.
+  string filter = 2;
+
+  // A token identifying a page of results to be returned. This should be a
+  // `next_page_token` value returned from a previous List request.
+  // If unspecified, the first page of results is returned.
+  string page_token = 3;
+
+  // The maximum number of Findings to return, can be limited by server.
+  // If not specified or not positive, the implementation will select a
+  // reasonable value.
+  int32 page_size = 4;
+}
+
+// Response for the `ListFindings` method.
+message ListFindingsResponse {
+  // The list of Findings returned.
+  repeated Finding findings = 1;
+
+  // Token to retrieve the next page of results, or empty if there are no
+  // more results in the list.
+  string next_page_token = 2;
+}
+
+// Request for the `ListFindingTypeStats` method.
+message ListFindingTypeStatsRequest {
+  // Required.
+  // The parent resource name, which should be a scan run resource name in the
+  // format
+  // 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'.
+  string parent = 1;
+}
+
+// Response for the `ListFindingTypeStats` method.
+message ListFindingTypeStatsResponse {
+  // The list of FindingTypeStats returned.
+  repeated FindingTypeStats finding_type_stats = 1;
+}
diff --git a/google/cloud/websecurityscanner/v1beta/websecurityscanner_gapic.yaml b/google/cloud/websecurityscanner/v1beta/websecurityscanner_gapic.yaml
new file mode 100644
index 0000000..c098e21
--- /dev/null
+++ b/google/cloud/websecurityscanner/v1beta/websecurityscanner_gapic.yaml
@@ -0,0 +1,294 @@
+type: com.google.api.codegen.ConfigProto
+config_schema_version: 1.0.0
+# The settings of generated code in a specific language.
+language_settings:
+  java:
+    package_name: com.google.cloud.websecurityscanner.v1beta
+  python:
+    package_name: google.cloud.websecurityscanner_v1beta.gapic
+  go:
+    package_name: cloud.google.com/go/websecurityscanner/apiv1beta
+  csharp:
+    package_name: Google.Cloud.Websecurityscanner.V1beta
+  ruby:
+    package_name: Google::Cloud::Websecurityscanner::V1beta
+  php:
+    package_name: Google\Cloud\Websecurityscanner\V1beta
+  nodejs:
+    package_name: websecurityscanner.v1beta
+# A list of API interface configurations.
+interfaces:
+# The fully qualified name of the API interface.
+- name: google.cloud.websecurityscanner.v1beta.WebSecurityScanner
+  # A list of resource collection configurations.
+  # Consists of a name_pattern and an entity_name.
+  # The name_pattern is a pattern to describe the names of the resources of this
+  # collection, using the platform's conventions for URI patterns. A generator
+  # may use this to generate methods to compose and decompose such names. The
+  # pattern should use named placeholders as in `shelves/{shelf}/books/{book}`;
+  # those will be taken as hints for the parameter names of the generated
+  # methods. If empty, no name methods are generated.
+  # The entity_name is the name to be used as a basis for generated methods and
+  # classes.
+  collections:
+  - name_pattern: projects/{project}
+    entity_name: project
+  - name_pattern: projects/{project}/scanConfigs/{scan_config}
+    entity_name: scan_config
+  - name_pattern: projects/{project}/scanConfigs/{scan_config}/scanRuns/{scan_run}
+    entity_name: scan_run
+  - name_pattern: projects/{project}/scanConfigs/{scan_config}/scanRuns/{scan_run}/findings/{finding}
+    entity_name: finding
+  # Definition for retryable codes.
+  retry_codes_def:
+  - name: idempotent
+    retry_codes:
+    - DEADLINE_EXCEEDED
+    - UNAVAILABLE
+  - name: non_idempotent
+    retry_codes: []
+  # Definition for retry/backoff parameters.
+  retry_params_def:
+  - name: default
+    initial_retry_delay_millis: 100
+    retry_delay_multiplier: 1.3
+    max_retry_delay_millis: 60000
+    initial_rpc_timeout_millis: 20000
+    rpc_timeout_multiplier: 1
+    max_rpc_timeout_millis: 20000
+    total_timeout_millis: 600000
+  # A list of method configurations.
+  # Common properties:
+  #
+  #   name - The simple name of the method.
+  #
+  #   flattening - Specifies the configuration for parameter flattening.
+  #   Describes the parameter groups for which a generator should produce method
+  #   overloads which allow a client to directly pass request message fields as
+  #   method parameters. This information may or may not be used, depending on
+  #   the target language.
+  #   Consists of groups, which each represent a list of parameters to be
+  #   flattened. Each parameter listed must be a field of the request message.
+  #
+  #   required_fields - Fields that are always required for a request to be
+  #   valid.
+  #
+  #   page_streaming - Specifies the configuration for paging.
+  #   Describes information for generating a method which transforms a paging
+  #   list RPC into a stream of resources.
+  #   Consists of a request and a response.
+  #   The request specifies request information of the list method. It defines
+  #   which fields match the paging pattern in the request. The request consists
+  #   of a page_size_field and a token_field. The page_size_field is the name of
+  #   the optional field specifying the maximum number of elements to be
+  #   returned in the response. The token_field is the name of the field in the
+  #   request containing the page token.
+  #   The response specifies response information of the list method. It defines
+  #   which fields match the paging pattern in the response. The response
+  #   consists of a token_field and a resources_field. The token_field is the
+  #   name of the field in the response containing the next page token. The
+  #   resources_field is the name of the field in the response containing the
+  #   list of resources belonging to the page.
+  #
+  #   retry_codes_name - Specifies the configuration for retryable codes. The
+  #   name must be defined in interfaces.retry_codes_def.
+  #
+  #   retry_params_name - Specifies the configuration for retry/backoff
+  #   parameters. The name must be defined in interfaces.retry_params_def.
+  #
+  #   field_name_patterns - Maps the field name of the request type to
+  #   entity_name of interfaces.collections.
+  #   Specifies the string pattern that the field must follow.
+  #
+  #   timeout_millis - Specifies the default timeout for a non-retrying call. If
+  #   the call is retrying, refer to retry_params_name instead.
+  methods:
+  - name: CreateScanConfig
+    flattening:
+      groups:
+      - parameters:
+        - parent
+        - scan_config
+    required_fields:
+    - parent
+    - scan_config
+    retry_codes_name: non_idempotent
+    retry_params_name: default
+    field_name_patterns:
+      parent: project
+    timeout_millis: 60000
+  - name: DeleteScanConfig
+    flattening:
+      groups:
+      - parameters:
+        - name
+    required_fields:
+    - name
+    retry_codes_name: idempotent
+    retry_params_name: default
+    field_name_patterns:
+      name: scan_config
+    timeout_millis: 60000
+  - name: GetScanConfig
+    flattening:
+      groups:
+      - parameters:
+        - name
+    required_fields:
+    - name
+    retry_codes_name: idempotent
+    retry_params_name: default
+    field_name_patterns:
+      name: scan_config
+    timeout_millis: 60000
+  - name: ListScanConfigs
+    flattening:
+      groups:
+      - parameters:
+        - parent
+    required_fields:
+    - parent
+    page_streaming:
+      request:
+        page_size_field: page_size
+        token_field: page_token
+      response:
+        token_field: next_page_token
+        resources_field: scan_configs
+    retry_codes_name: idempotent
+    retry_params_name: default
+    field_name_patterns:
+      parent: project
+    timeout_millis: 60000
+  - name: UpdateScanConfig
+    flattening:
+      groups:
+      - parameters:
+        - scan_config
+        - update_mask
+    required_fields:
+    - scan_config
+    - update_mask
+    retry_codes_name: non_idempotent
+    retry_params_name: default
+    field_name_patterns:
+      scan_config.name: scan_config
+    timeout_millis: 60000
+  - name: StartScanRun
+    flattening:
+      groups:
+      - parameters:
+        - name
+    required_fields:
+    - name
+    retry_codes_name: non_idempotent
+    retry_params_name: default
+    field_name_patterns:
+      name: scan_config
+    timeout_millis: 60000
+  - name: GetScanRun
+    flattening:
+      groups:
+      - parameters:
+        - name
+    required_fields:
+    - name
+    retry_codes_name: idempotent
+    retry_params_name: default
+    field_name_patterns:
+      name: scan_run
+    timeout_millis: 60000
+  - name: ListScanRuns
+    flattening:
+      groups:
+      - parameters:
+        - parent
+    required_fields:
+    - parent
+    page_streaming:
+      request:
+        page_size_field: page_size
+        token_field: page_token
+      response:
+        token_field: next_page_token
+        resources_field: scan_runs
+    retry_codes_name: idempotent
+    retry_params_name: default
+    field_name_patterns:
+      parent: scan_config
+    timeout_millis: 60000
+  - name: StopScanRun
+    flattening:
+      groups:
+      - parameters:
+        - name
+    required_fields:
+    - name
+    retry_codes_name: non_idempotent
+    retry_params_name: default
+    field_name_patterns:
+      name: scan_run
+    timeout_millis: 60000
+  - name: ListCrawledUrls
+    flattening:
+      groups:
+      - parameters:
+        - parent
+    required_fields:
+    - parent
+    page_streaming:
+      request:
+        page_size_field: page_size
+        token_field: page_token
+      response:
+        token_field: next_page_token
+        resources_field: crawled_urls
+    retry_params_name: default
+    field_name_patterns:
+      parent: scan_run
+    timeout_millis: 60000
+  - name: GetFinding
+    flattening:
+      groups:
+      - parameters:
+        - name
+    required_fields:
+    - name
+    retry_codes_name: idempotent
+    retry_params_name: default
+    field_name_patterns:
+      name: finding
+    timeout_millis: 60000
+  - name: ListFindings
+    flattening:
+      groups:
+      - parameters:
+        - parent
+        - filter
+    required_fields:
+    - parent
+    - filter
+    page_streaming:
+      request:
+        page_size_field: page_size
+        token_field: page_token
+      response:
+        token_field: next_page_token
+        resources_field: findings
+    retry_codes_name: idempotent
+    retry_params_name: default
+    field_name_patterns:
+      parent: scan_run
+    timeout_millis: 60000
+  - name: ListFindingTypeStats
+    flattening:
+      groups:
+      - parameters:
+        - parent
+    required_fields:
+    - parent
+    retry_codes_name: idempotent
+    retry_params_name: default
+    field_name_patterns:
+      parent: scan_run
+    timeout_millis: 60000
diff --git a/google/cloud/websecurityscanner/websecurityscanner_v1beta.yaml b/google/cloud/websecurityscanner/websecurityscanner_v1beta.yaml
new file mode 100644
index 0000000..8e89581
--- /dev/null
+++ b/google/cloud/websecurityscanner/websecurityscanner_v1beta.yaml
@@ -0,0 +1,22 @@
+type: google.api.Service
+config_version: 3
+name: websecurityscanner.googleapis.com
+title: Web Security Scanner API
+
+apis:
+- name: google.cloud.websecurityscanner.v1beta.WebSecurityScanner
+
+documentation:
+  summary: Scans your Compute and App Engine apps for common web vulnerabilities.
+
+backend:
+  rules:
+  - selector: 'google.cloud.websecurityscanner.v1beta.WebSecurityScanner.*'
+    deadline: 60.0
+
+authentication:
+  rules:
+  - selector: 'google.cloud.websecurityscanner.v1beta.WebSecurityScanner.*'
+    oauth:
+      canonical_scopes: |-
+        https://www.googleapis.com/auth/cloud-platform