Add securitySettings to the backendService (#5003)

mmv1/products/compute/api.yaml

@@ -1672,6 +1672,34 @@ objects:
         name: 'securityPolicy'
         description: |
           The security policy associated with this backend service.
+      - !ruby/object:Api::Type::NestedObject
+        name: 'securitySettings'
+        min_version: beta
+        description: |
+          The security settings that apply to this backend service. This field is applicable to either
+          a regional backend service with the service_protocol set to HTTP, HTTPS, or HTTP2, and
+          load_balancing_scheme set to INTERNAL_MANAGED; or a global backend service with the
+          load_balancing_scheme set to INTERNAL_SELF_MANAGED.
+        properties:
+          - !ruby/object:Api::Type::ResourceRef
+            name: 'clientTlsPolicy'
+            resource: 'Region' # TODO: 'Region' is incorrect and should be 'ClientTlsPolicy'
+            imports: 'name'
+            min_version: beta
+            description: |
+              ClientTlsPolicy is a resource that specifies how a client should authenticate
+              connections to backends of a service. This resource itself does not affect
+              configuration unless it is attached to a backend service resource.
+            required: true
+          - !ruby/object:Api::Type::Array
+            name: 'subjectAltNames'
+            min_version: beta
+            description: |
+              A list of alternate names to verify the subject identity in the certificate.
+              If specified, the client will verify that the server certificate's subject
+              alt name matches one of the specified values.
+            required: true
+            item_type: Api::Type::String
       - !ruby/object:Api::Type::Enum
         name: 'sessionAffinity'
         description: |