1. Packages
  2. Google Cloud (GCP) Classic
  3. API Docs
  4. compute
  5. SecurityScanConfig
Google Cloud Classic v7.29.0 published on Wednesday, Jun 26, 2024 by Pulumi

gcp.compute.SecurityScanConfig

Explore with Pulumi AI

gcp logo
Google Cloud Classic v7.29.0 published on Wednesday, Jun 26, 2024 by Pulumi

    A ScanConfig resource contains the configurations to launch a scan.

    To get more information about ScanConfig, see:

    Example Usage

    Scan Config Basic

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const scannerStaticIp = new gcp.compute.Address("scanner_static_ip", {name: "scan-basic-static-ip"});
    const scan_config = new gcp.compute.SecurityScanConfig("scan-config", {
        displayName: "scan-config",
        startingUrls: [pulumi.interpolate`http://${scannerStaticIp.address}`],
        targetPlatforms: ["COMPUTE"],
    });
    
    import pulumi
    import pulumi_gcp as gcp
    
    scanner_static_ip = gcp.compute.Address("scanner_static_ip", name="scan-basic-static-ip")
    scan_config = gcp.compute.SecurityScanConfig("scan-config",
        display_name="scan-config",
        starting_urls=[scanner_static_ip.address.apply(lambda address: f"http://{address}")],
        target_platforms=["COMPUTE"])
    
    package main
    
    import (
    	"fmt"
    
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		scannerStaticIp, err := compute.NewAddress(ctx, "scanner_static_ip", &compute.AddressArgs{
    			Name: pulumi.String("scan-basic-static-ip"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = compute.NewSecurityScanConfig(ctx, "scan-config", &compute.SecurityScanConfigArgs{
    			DisplayName: pulumi.String("scan-config"),
    			StartingUrls: pulumi.StringArray{
    				scannerStaticIp.Address.ApplyT(func(address string) (string, error) {
    					return fmt.Sprintf("http://%v", address), nil
    				}).(pulumi.StringOutput),
    			},
    			TargetPlatforms: pulumi.StringArray{
    				pulumi.String("COMPUTE"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var scannerStaticIp = new Gcp.Compute.Address("scanner_static_ip", new()
        {
            Name = "scan-basic-static-ip",
        });
    
        var scan_config = new Gcp.Compute.SecurityScanConfig("scan-config", new()
        {
            DisplayName = "scan-config",
            StartingUrls = new[]
            {
                scannerStaticIp.IPAddress.Apply(address => $"http://{address}"),
            },
            TargetPlatforms = new[]
            {
                "COMPUTE",
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.Address;
    import com.pulumi.gcp.compute.AddressArgs;
    import com.pulumi.gcp.compute.SecurityScanConfig;
    import com.pulumi.gcp.compute.SecurityScanConfigArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var scannerStaticIp = new Address("scannerStaticIp", AddressArgs.builder()
                .name("scan-basic-static-ip")
                .build());
    
            var scan_config = new SecurityScanConfig("scan-config", SecurityScanConfigArgs.builder()
                .displayName("scan-config")
                .startingUrls(scannerStaticIp.address().applyValue(address -> String.format("http://%s", address)))
                .targetPlatforms("COMPUTE")
                .build());
    
        }
    }
    
    resources:
      scannerStaticIp:
        type: gcp:compute:Address
        name: scanner_static_ip
        properties:
          name: scan-basic-static-ip
      scan-config:
        type: gcp:compute:SecurityScanConfig
        properties:
          displayName: scan-config
          startingUrls:
            - http://${scannerStaticIp.address}
          targetPlatforms:
            - COMPUTE
    

    Create SecurityScanConfig Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new SecurityScanConfig(name: string, args: SecurityScanConfigArgs, opts?: CustomResourceOptions);
    @overload
    def SecurityScanConfig(resource_name: str,
                           args: SecurityScanConfigArgs,
                           opts: Optional[ResourceOptions] = None)
    
    @overload
    def SecurityScanConfig(resource_name: str,
                           opts: Optional[ResourceOptions] = None,
                           display_name: Optional[str] = None,
                           starting_urls: Optional[Sequence[str]] = None,
                           authentication: Optional[SecurityScanConfigAuthenticationArgs] = None,
                           blacklist_patterns: Optional[Sequence[str]] = None,
                           export_to_security_command_center: Optional[str] = None,
                           max_qps: Optional[int] = None,
                           project: Optional[str] = None,
                           schedule: Optional[SecurityScanConfigScheduleArgs] = None,
                           target_platforms: Optional[Sequence[str]] = None,
                           user_agent: Optional[str] = None)
    func NewSecurityScanConfig(ctx *Context, name string, args SecurityScanConfigArgs, opts ...ResourceOption) (*SecurityScanConfig, error)
    public SecurityScanConfig(string name, SecurityScanConfigArgs args, CustomResourceOptions? opts = null)
    public SecurityScanConfig(String name, SecurityScanConfigArgs args)
    public SecurityScanConfig(String name, SecurityScanConfigArgs args, CustomResourceOptions options)
    
    type: gcp:compute:SecurityScanConfig
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args SecurityScanConfigArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args SecurityScanConfigArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args SecurityScanConfigArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args SecurityScanConfigArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args SecurityScanConfigArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var securityScanConfigResource = new Gcp.Compute.SecurityScanConfig("securityScanConfigResource", new()
    {
        DisplayName = "string",
        StartingUrls = new[]
        {
            "string",
        },
        Authentication = new Gcp.Compute.Inputs.SecurityScanConfigAuthenticationArgs
        {
            CustomAccount = new Gcp.Compute.Inputs.SecurityScanConfigAuthenticationCustomAccountArgs
            {
                LoginUrl = "string",
                Password = "string",
                Username = "string",
            },
            GoogleAccount = new Gcp.Compute.Inputs.SecurityScanConfigAuthenticationGoogleAccountArgs
            {
                Password = "string",
                Username = "string",
            },
        },
        BlacklistPatterns = new[]
        {
            "string",
        },
        ExportToSecurityCommandCenter = "string",
        MaxQps = 0,
        Project = "string",
        Schedule = new Gcp.Compute.Inputs.SecurityScanConfigScheduleArgs
        {
            IntervalDurationDays = 0,
            ScheduleTime = "string",
        },
        TargetPlatforms = new[]
        {
            "string",
        },
        UserAgent = "string",
    });
    
    example, err := compute.NewSecurityScanConfig(ctx, "securityScanConfigResource", &compute.SecurityScanConfigArgs{
    	DisplayName: pulumi.String("string"),
    	StartingUrls: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Authentication: &compute.SecurityScanConfigAuthenticationArgs{
    		CustomAccount: &compute.SecurityScanConfigAuthenticationCustomAccountArgs{
    			LoginUrl: pulumi.String("string"),
    			Password: pulumi.String("string"),
    			Username: pulumi.String("string"),
    		},
    		GoogleAccount: &compute.SecurityScanConfigAuthenticationGoogleAccountArgs{
    			Password: pulumi.String("string"),
    			Username: pulumi.String("string"),
    		},
    	},
    	BlacklistPatterns: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	ExportToSecurityCommandCenter: pulumi.String("string"),
    	MaxQps:                        pulumi.Int(0),
    	Project:                       pulumi.String("string"),
    	Schedule: &compute.SecurityScanConfigScheduleArgs{
    		IntervalDurationDays: pulumi.Int(0),
    		ScheduleTime:         pulumi.String("string"),
    	},
    	TargetPlatforms: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	UserAgent: pulumi.String("string"),
    })
    
    var securityScanConfigResource = new SecurityScanConfig("securityScanConfigResource", SecurityScanConfigArgs.builder()
        .displayName("string")
        .startingUrls("string")
        .authentication(SecurityScanConfigAuthenticationArgs.builder()
            .customAccount(SecurityScanConfigAuthenticationCustomAccountArgs.builder()
                .loginUrl("string")
                .password("string")
                .username("string")
                .build())
            .googleAccount(SecurityScanConfigAuthenticationGoogleAccountArgs.builder()
                .password("string")
                .username("string")
                .build())
            .build())
        .blacklistPatterns("string")
        .exportToSecurityCommandCenter("string")
        .maxQps(0)
        .project("string")
        .schedule(SecurityScanConfigScheduleArgs.builder()
            .intervalDurationDays(0)
            .scheduleTime("string")
            .build())
        .targetPlatforms("string")
        .userAgent("string")
        .build());
    
    security_scan_config_resource = gcp.compute.SecurityScanConfig("securityScanConfigResource",
        display_name="string",
        starting_urls=["string"],
        authentication=gcp.compute.SecurityScanConfigAuthenticationArgs(
            custom_account=gcp.compute.SecurityScanConfigAuthenticationCustomAccountArgs(
                login_url="string",
                password="string",
                username="string",
            ),
            google_account=gcp.compute.SecurityScanConfigAuthenticationGoogleAccountArgs(
                password="string",
                username="string",
            ),
        ),
        blacklist_patterns=["string"],
        export_to_security_command_center="string",
        max_qps=0,
        project="string",
        schedule=gcp.compute.SecurityScanConfigScheduleArgs(
            interval_duration_days=0,
            schedule_time="string",
        ),
        target_platforms=["string"],
        user_agent="string")
    
    const securityScanConfigResource = new gcp.compute.SecurityScanConfig("securityScanConfigResource", {
        displayName: "string",
        startingUrls: ["string"],
        authentication: {
            customAccount: {
                loginUrl: "string",
                password: "string",
                username: "string",
            },
            googleAccount: {
                password: "string",
                username: "string",
            },
        },
        blacklistPatterns: ["string"],
        exportToSecurityCommandCenter: "string",
        maxQps: 0,
        project: "string",
        schedule: {
            intervalDurationDays: 0,
            scheduleTime: "string",
        },
        targetPlatforms: ["string"],
        userAgent: "string",
    });
    
    type: gcp:compute:SecurityScanConfig
    properties:
        authentication:
            customAccount:
                loginUrl: string
                password: string
                username: string
            googleAccount:
                password: string
                username: string
        blacklistPatterns:
            - string
        displayName: string
        exportToSecurityCommandCenter: string
        maxQps: 0
        project: string
        schedule:
            intervalDurationDays: 0
            scheduleTime: string
        startingUrls:
            - string
        targetPlatforms:
            - string
        userAgent: string
    

    SecurityScanConfig Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The SecurityScanConfig resource accepts the following input properties:

    DisplayName string
    The user provider display name of the ScanConfig.
    StartingUrls List<string>
    The starting URLs from which the scanner finds site pages.


    Authentication SecurityScanConfigAuthentication
    The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.
    BlacklistPatterns List<string>
    The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls
    ExportToSecurityCommandCenter string
    Controls export of scan configurations and results to Cloud Security Command Center. Default value is ENABLED. Possible values are: ENABLED, DISABLED.
    MaxQps int
    The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.
    Project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    Schedule SecurityScanConfigSchedule
    The schedule of the ScanConfig Structure is documented below.
    TargetPlatforms List<string>
    Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default. Each value may be one of: APP_ENGINE, COMPUTE.
    UserAgent string
    Type of the user agents used for scanning Default value is CHROME_LINUX. Possible values are: USER_AGENT_UNSPECIFIED, CHROME_LINUX, CHROME_ANDROID, SAFARI_IPHONE.
    DisplayName string
    The user provider display name of the ScanConfig.
    StartingUrls []string
    The starting URLs from which the scanner finds site pages.


    Authentication SecurityScanConfigAuthenticationArgs
    The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.
    BlacklistPatterns []string
    The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls
    ExportToSecurityCommandCenter string
    Controls export of scan configurations and results to Cloud Security Command Center. Default value is ENABLED. Possible values are: ENABLED, DISABLED.
    MaxQps int
    The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.
    Project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    Schedule SecurityScanConfigScheduleArgs
    The schedule of the ScanConfig Structure is documented below.
    TargetPlatforms []string
    Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default. Each value may be one of: APP_ENGINE, COMPUTE.
    UserAgent string
    Type of the user agents used for scanning Default value is CHROME_LINUX. Possible values are: USER_AGENT_UNSPECIFIED, CHROME_LINUX, CHROME_ANDROID, SAFARI_IPHONE.
    displayName String
    The user provider display name of the ScanConfig.
    startingUrls List<String>
    The starting URLs from which the scanner finds site pages.


    authentication SecurityScanConfigAuthentication
    The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.
    blacklistPatterns List<String>
    The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls
    exportToSecurityCommandCenter String
    Controls export of scan configurations and results to Cloud Security Command Center. Default value is ENABLED. Possible values are: ENABLED, DISABLED.
    maxQps Integer
    The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.
    project String
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    schedule SecurityScanConfigSchedule
    The schedule of the ScanConfig Structure is documented below.
    targetPlatforms List<String>
    Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default. Each value may be one of: APP_ENGINE, COMPUTE.
    userAgent String
    Type of the user agents used for scanning Default value is CHROME_LINUX. Possible values are: USER_AGENT_UNSPECIFIED, CHROME_LINUX, CHROME_ANDROID, SAFARI_IPHONE.
    displayName string
    The user provider display name of the ScanConfig.
    startingUrls string[]
    The starting URLs from which the scanner finds site pages.


    authentication SecurityScanConfigAuthentication
    The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.
    blacklistPatterns string[]
    The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls
    exportToSecurityCommandCenter string
    Controls export of scan configurations and results to Cloud Security Command Center. Default value is ENABLED. Possible values are: ENABLED, DISABLED.
    maxQps number
    The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.
    project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    schedule SecurityScanConfigSchedule
    The schedule of the ScanConfig Structure is documented below.
    targetPlatforms string[]
    Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default. Each value may be one of: APP_ENGINE, COMPUTE.
    userAgent string
    Type of the user agents used for scanning Default value is CHROME_LINUX. Possible values are: USER_AGENT_UNSPECIFIED, CHROME_LINUX, CHROME_ANDROID, SAFARI_IPHONE.
    display_name str
    The user provider display name of the ScanConfig.
    starting_urls Sequence[str]
    The starting URLs from which the scanner finds site pages.


    authentication SecurityScanConfigAuthenticationArgs
    The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.
    blacklist_patterns Sequence[str]
    The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls
    export_to_security_command_center str
    Controls export of scan configurations and results to Cloud Security Command Center. Default value is ENABLED. Possible values are: ENABLED, DISABLED.
    max_qps int
    The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.
    project str
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    schedule SecurityScanConfigScheduleArgs
    The schedule of the ScanConfig Structure is documented below.
    target_platforms Sequence[str]
    Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default. Each value may be one of: APP_ENGINE, COMPUTE.
    user_agent str
    Type of the user agents used for scanning Default value is CHROME_LINUX. Possible values are: USER_AGENT_UNSPECIFIED, CHROME_LINUX, CHROME_ANDROID, SAFARI_IPHONE.
    displayName String
    The user provider display name of the ScanConfig.
    startingUrls List<String>
    The starting URLs from which the scanner finds site pages.


    authentication Property Map
    The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.
    blacklistPatterns List<String>
    The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls
    exportToSecurityCommandCenter String
    Controls export of scan configurations and results to Cloud Security Command Center. Default value is ENABLED. Possible values are: ENABLED, DISABLED.
    maxQps Number
    The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.
    project String
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    schedule Property Map
    The schedule of the ScanConfig Structure is documented below.
    targetPlatforms List<String>
    Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default. Each value may be one of: APP_ENGINE, COMPUTE.
    userAgent String
    Type of the user agents used for scanning Default value is CHROME_LINUX. Possible values are: USER_AGENT_UNSPECIFIED, CHROME_LINUX, CHROME_ANDROID, SAFARI_IPHONE.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the SecurityScanConfig resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Name string
    A server defined name for this index. Format: projects/{{project}}/scanConfigs/{{server_generated_id}}
    Id string
    The provider-assigned unique ID for this managed resource.
    Name string
    A server defined name for this index. Format: projects/{{project}}/scanConfigs/{{server_generated_id}}
    id String
    The provider-assigned unique ID for this managed resource.
    name String
    A server defined name for this index. Format: projects/{{project}}/scanConfigs/{{server_generated_id}}
    id string
    The provider-assigned unique ID for this managed resource.
    name string
    A server defined name for this index. Format: projects/{{project}}/scanConfigs/{{server_generated_id}}
    id str
    The provider-assigned unique ID for this managed resource.
    name str
    A server defined name for this index. Format: projects/{{project}}/scanConfigs/{{server_generated_id}}
    id String
    The provider-assigned unique ID for this managed resource.
    name String
    A server defined name for this index. Format: projects/{{project}}/scanConfigs/{{server_generated_id}}

    Look up Existing SecurityScanConfig Resource

    Get an existing SecurityScanConfig resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: SecurityScanConfigState, opts?: CustomResourceOptions): SecurityScanConfig
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            authentication: Optional[SecurityScanConfigAuthenticationArgs] = None,
            blacklist_patterns: Optional[Sequence[str]] = None,
            display_name: Optional[str] = None,
            export_to_security_command_center: Optional[str] = None,
            max_qps: Optional[int] = None,
            name: Optional[str] = None,
            project: Optional[str] = None,
            schedule: Optional[SecurityScanConfigScheduleArgs] = None,
            starting_urls: Optional[Sequence[str]] = None,
            target_platforms: Optional[Sequence[str]] = None,
            user_agent: Optional[str] = None) -> SecurityScanConfig
    func GetSecurityScanConfig(ctx *Context, name string, id IDInput, state *SecurityScanConfigState, opts ...ResourceOption) (*SecurityScanConfig, error)
    public static SecurityScanConfig Get(string name, Input<string> id, SecurityScanConfigState? state, CustomResourceOptions? opts = null)
    public static SecurityScanConfig get(String name, Output<String> id, SecurityScanConfigState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Authentication SecurityScanConfigAuthentication
    The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.
    BlacklistPatterns List<string>
    The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls
    DisplayName string
    The user provider display name of the ScanConfig.
    ExportToSecurityCommandCenter string
    Controls export of scan configurations and results to Cloud Security Command Center. Default value is ENABLED. Possible values are: ENABLED, DISABLED.
    MaxQps int
    The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.
    Name string
    A server defined name for this index. Format: projects/{{project}}/scanConfigs/{{server_generated_id}}
    Project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    Schedule SecurityScanConfigSchedule
    The schedule of the ScanConfig Structure is documented below.
    StartingUrls List<string>
    The starting URLs from which the scanner finds site pages.


    TargetPlatforms List<string>
    Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default. Each value may be one of: APP_ENGINE, COMPUTE.
    UserAgent string
    Type of the user agents used for scanning Default value is CHROME_LINUX. Possible values are: USER_AGENT_UNSPECIFIED, CHROME_LINUX, CHROME_ANDROID, SAFARI_IPHONE.
    Authentication SecurityScanConfigAuthenticationArgs
    The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.
    BlacklistPatterns []string
    The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls
    DisplayName string
    The user provider display name of the ScanConfig.
    ExportToSecurityCommandCenter string
    Controls export of scan configurations and results to Cloud Security Command Center. Default value is ENABLED. Possible values are: ENABLED, DISABLED.
    MaxQps int
    The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.
    Name string
    A server defined name for this index. Format: projects/{{project}}/scanConfigs/{{server_generated_id}}
    Project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    Schedule SecurityScanConfigScheduleArgs
    The schedule of the ScanConfig Structure is documented below.
    StartingUrls []string
    The starting URLs from which the scanner finds site pages.


    TargetPlatforms []string
    Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default. Each value may be one of: APP_ENGINE, COMPUTE.
    UserAgent string
    Type of the user agents used for scanning Default value is CHROME_LINUX. Possible values are: USER_AGENT_UNSPECIFIED, CHROME_LINUX, CHROME_ANDROID, SAFARI_IPHONE.
    authentication SecurityScanConfigAuthentication
    The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.
    blacklistPatterns List<String>
    The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls
    displayName String
    The user provider display name of the ScanConfig.
    exportToSecurityCommandCenter String
    Controls export of scan configurations and results to Cloud Security Command Center. Default value is ENABLED. Possible values are: ENABLED, DISABLED.
    maxQps Integer
    The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.
    name String
    A server defined name for this index. Format: projects/{{project}}/scanConfigs/{{server_generated_id}}
    project String
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    schedule SecurityScanConfigSchedule
    The schedule of the ScanConfig Structure is documented below.
    startingUrls List<String>
    The starting URLs from which the scanner finds site pages.


    targetPlatforms List<String>
    Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default. Each value may be one of: APP_ENGINE, COMPUTE.
    userAgent String
    Type of the user agents used for scanning Default value is CHROME_LINUX. Possible values are: USER_AGENT_UNSPECIFIED, CHROME_LINUX, CHROME_ANDROID, SAFARI_IPHONE.
    authentication SecurityScanConfigAuthentication
    The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.
    blacklistPatterns string[]
    The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls
    displayName string
    The user provider display name of the ScanConfig.
    exportToSecurityCommandCenter string
    Controls export of scan configurations and results to Cloud Security Command Center. Default value is ENABLED. Possible values are: ENABLED, DISABLED.
    maxQps number
    The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.
    name string
    A server defined name for this index. Format: projects/{{project}}/scanConfigs/{{server_generated_id}}
    project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    schedule SecurityScanConfigSchedule
    The schedule of the ScanConfig Structure is documented below.
    startingUrls string[]
    The starting URLs from which the scanner finds site pages.


    targetPlatforms string[]
    Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default. Each value may be one of: APP_ENGINE, COMPUTE.
    userAgent string
    Type of the user agents used for scanning Default value is CHROME_LINUX. Possible values are: USER_AGENT_UNSPECIFIED, CHROME_LINUX, CHROME_ANDROID, SAFARI_IPHONE.
    authentication SecurityScanConfigAuthenticationArgs
    The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.
    blacklist_patterns Sequence[str]
    The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls
    display_name str
    The user provider display name of the ScanConfig.
    export_to_security_command_center str
    Controls export of scan configurations and results to Cloud Security Command Center. Default value is ENABLED. Possible values are: ENABLED, DISABLED.
    max_qps int
    The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.
    name str
    A server defined name for this index. Format: projects/{{project}}/scanConfigs/{{server_generated_id}}
    project str
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    schedule SecurityScanConfigScheduleArgs
    The schedule of the ScanConfig Structure is documented below.
    starting_urls Sequence[str]
    The starting URLs from which the scanner finds site pages.


    target_platforms Sequence[str]
    Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default. Each value may be one of: APP_ENGINE, COMPUTE.
    user_agent str
    Type of the user agents used for scanning Default value is CHROME_LINUX. Possible values are: USER_AGENT_UNSPECIFIED, CHROME_LINUX, CHROME_ANDROID, SAFARI_IPHONE.
    authentication Property Map
    The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.
    blacklistPatterns List<String>
    The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls
    displayName String
    The user provider display name of the ScanConfig.
    exportToSecurityCommandCenter String
    Controls export of scan configurations and results to Cloud Security Command Center. Default value is ENABLED. Possible values are: ENABLED, DISABLED.
    maxQps Number
    The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.
    name String
    A server defined name for this index. Format: projects/{{project}}/scanConfigs/{{server_generated_id}}
    project String
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    schedule Property Map
    The schedule of the ScanConfig Structure is documented below.
    startingUrls List<String>
    The starting URLs from which the scanner finds site pages.


    targetPlatforms List<String>
    Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default. Each value may be one of: APP_ENGINE, COMPUTE.
    userAgent String
    Type of the user agents used for scanning Default value is CHROME_LINUX. Possible values are: USER_AGENT_UNSPECIFIED, CHROME_LINUX, CHROME_ANDROID, SAFARI_IPHONE.

    Supporting Types

    SecurityScanConfigAuthentication, SecurityScanConfigAuthenticationArgs

    CustomAccount SecurityScanConfigAuthenticationCustomAccount
    Describes authentication configuration that uses a custom account. Structure is documented below.
    GoogleAccount SecurityScanConfigAuthenticationGoogleAccount
    Describes authentication configuration that uses a Google account. Structure is documented below.
    CustomAccount SecurityScanConfigAuthenticationCustomAccount
    Describes authentication configuration that uses a custom account. Structure is documented below.
    GoogleAccount SecurityScanConfigAuthenticationGoogleAccount
    Describes authentication configuration that uses a Google account. Structure is documented below.
    customAccount SecurityScanConfigAuthenticationCustomAccount
    Describes authentication configuration that uses a custom account. Structure is documented below.
    googleAccount SecurityScanConfigAuthenticationGoogleAccount
    Describes authentication configuration that uses a Google account. Structure is documented below.
    customAccount SecurityScanConfigAuthenticationCustomAccount
    Describes authentication configuration that uses a custom account. Structure is documented below.
    googleAccount SecurityScanConfigAuthenticationGoogleAccount
    Describes authentication configuration that uses a Google account. Structure is documented below.
    custom_account SecurityScanConfigAuthenticationCustomAccount
    Describes authentication configuration that uses a custom account. Structure is documented below.
    google_account SecurityScanConfigAuthenticationGoogleAccount
    Describes authentication configuration that uses a Google account. Structure is documented below.
    customAccount Property Map
    Describes authentication configuration that uses a custom account. Structure is documented below.
    googleAccount Property Map
    Describes authentication configuration that uses a Google account. Structure is documented below.

    SecurityScanConfigAuthenticationCustomAccount, SecurityScanConfigAuthenticationCustomAccountArgs

    LoginUrl string
    The login form URL of the website.
    Password string
    The password of the custom account. The credential is stored encrypted in GCP. Note: This property is sensitive and will not be displayed in the plan.
    Username string
    The user name of the custom account.
    LoginUrl string
    The login form URL of the website.
    Password string
    The password of the custom account. The credential is stored encrypted in GCP. Note: This property is sensitive and will not be displayed in the plan.
    Username string
    The user name of the custom account.
    loginUrl String
    The login form URL of the website.
    password String
    The password of the custom account. The credential is stored encrypted in GCP. Note: This property is sensitive and will not be displayed in the plan.
    username String
    The user name of the custom account.
    loginUrl string
    The login form URL of the website.
    password string
    The password of the custom account. The credential is stored encrypted in GCP. Note: This property is sensitive and will not be displayed in the plan.
    username string
    The user name of the custom account.
    login_url str
    The login form URL of the website.
    password str
    The password of the custom account. The credential is stored encrypted in GCP. Note: This property is sensitive and will not be displayed in the plan.
    username str
    The user name of the custom account.
    loginUrl String
    The login form URL of the website.
    password String
    The password of the custom account. The credential is stored encrypted in GCP. Note: This property is sensitive and will not be displayed in the plan.
    username String
    The user name of the custom account.

    SecurityScanConfigAuthenticationGoogleAccount, SecurityScanConfigAuthenticationGoogleAccountArgs

    Password string
    The password of the Google account. The credential is stored encrypted in GCP. Note: This property is sensitive and will not be displayed in the plan.
    Username string
    The user name of the Google account.
    Password string
    The password of the Google account. The credential is stored encrypted in GCP. Note: This property is sensitive and will not be displayed in the plan.
    Username string
    The user name of the Google account.
    password String
    The password of the Google account. The credential is stored encrypted in GCP. Note: This property is sensitive and will not be displayed in the plan.
    username String
    The user name of the Google account.
    password string
    The password of the Google account. The credential is stored encrypted in GCP. Note: This property is sensitive and will not be displayed in the plan.
    username string
    The user name of the Google account.
    password str
    The password of the Google account. The credential is stored encrypted in GCP. Note: This property is sensitive and will not be displayed in the plan.
    username str
    The user name of the Google account.
    password String
    The password of the Google account. The credential is stored encrypted in GCP. Note: This property is sensitive and will not be displayed in the plan.
    username String
    The user name of the Google account.

    SecurityScanConfigSchedule, SecurityScanConfigScheduleArgs

    IntervalDurationDays int
    The duration of time between executions in days
    ScheduleTime string
    A timestamp indicates when the next run will be scheduled. The value is refreshed by the server after each run. If unspecified, it will default to current server time, which means the scan will be scheduled to start immediately.
    IntervalDurationDays int
    The duration of time between executions in days
    ScheduleTime string
    A timestamp indicates when the next run will be scheduled. The value is refreshed by the server after each run. If unspecified, it will default to current server time, which means the scan will be scheduled to start immediately.
    intervalDurationDays Integer
    The duration of time between executions in days
    scheduleTime String
    A timestamp indicates when the next run will be scheduled. The value is refreshed by the server after each run. If unspecified, it will default to current server time, which means the scan will be scheduled to start immediately.
    intervalDurationDays number
    The duration of time between executions in days
    scheduleTime string
    A timestamp indicates when the next run will be scheduled. The value is refreshed by the server after each run. If unspecified, it will default to current server time, which means the scan will be scheduled to start immediately.
    interval_duration_days int
    The duration of time between executions in days
    schedule_time str
    A timestamp indicates when the next run will be scheduled. The value is refreshed by the server after each run. If unspecified, it will default to current server time, which means the scan will be scheduled to start immediately.
    intervalDurationDays Number
    The duration of time between executions in days
    scheduleTime String
    A timestamp indicates when the next run will be scheduled. The value is refreshed by the server after each run. If unspecified, it will default to current server time, which means the scan will be scheduled to start immediately.

    Import

    ScanConfig can be imported using any of these accepted formats:

    • projects/{{project}}/scanConfigs/{{name}}

    • {{project}}/{{name}}

    • {{name}}

    When using the pulumi import command, ScanConfig can be imported using one of the formats above. For example:

    $ pulumi import gcp:compute/securityScanConfig:SecurityScanConfig default projects/{{project}}/scanConfigs/{{name}}
    
    $ pulumi import gcp:compute/securityScanConfig:SecurityScanConfig default {{project}}/{{name}}
    
    $ pulumi import gcp:compute/securityScanConfig:SecurityScanConfig default {{name}}
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Google Cloud (GCP) Classic pulumi/pulumi-gcp
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the google-beta Terraform Provider.
    gcp logo
    Google Cloud Classic v7.29.0 published on Wednesday, Jun 26, 2024 by Pulumi