CloudControl(mapping=None, *, ignore_unknown_fields=False, **kwargs)A CloudControl is the fundamental unit encapsulating the rules to meet a specific security or compliance intent. It can contain various rule types (like Organization Policies, CEL expressions, etc.) enabling different enforcement modes (Preventive, Detective, Audit). CloudControls are often parameterized for reusability and can be either BUILT_IN (provided by Google) or CUSTOM (defined by the user).
| Attributes | |
|---|---|
| Name | Description | 
| name | strRequired. Identifier. The resource name of the cloud control. Format: organizations/{organization}/locations/{location}/cloudControls/{cloud_control_id} | 
| major_revision_id | intOutput only. Major revision of the cloud control incremented in ascending order. | 
| description | strOptional. A description of the cloud control. The maximum length is 2000 characters. | 
| display_name | strOptional. The display name of the cloud control. The maximum length is 200 characters. | 
| supported_enforcement_modes | MutableSequence[google.cloud.cloudsecuritycompliance_v1.types.EnforcementMode]Output only. The supported enforcement mode of the cloud control. Default is DETECTIVE. | 
| parameter_spec | MutableSequence[google.cloud.cloudsecuritycompliance_v1.types.ParameterSpec]Optional. The parameter spec of the cloud control. | 
| rules | MutableSequence[google.cloud.cloudsecuritycompliance_v1.types.Rule]Optional. The Policy to be enforced to prevent/detect resource non-compliance. | 
| severity | google.cloud.cloudsecuritycompliance_v1.types.SeverityOptional. The severity of findings generated by the cloud control. | 
| finding_category | strOptional. The finding_category of the cloud control. The maximum length is 255 characters. | 
| supported_cloud_providers | MutableSequence[google.cloud.cloudsecuritycompliance_v1.types.CloudProvider]Optional. cloud providers supported | 
| related_frameworks | MutableSequence[str]Output only. The Frameworks that include this CloudControl | 
| remediation_steps | strOptional. The remediation steps for the findings generated by the cloud control. The maximum length is 400 characters. | 
| categories | MutableSequence[google.cloud.cloudsecuritycompliance_v1.types.CloudControlCategory]Optional. The categories of the cloud control. | 
| create_time | google.protobuf.timestamp_pb2.TimestampOutput only. The last updated time of the cloud control. The create_time is used because a new CC is created whenever we update an existing CC. | 
| supported_target_resource_types | MutableSequence[google.cloud.cloudsecuritycompliance_v1.types.TargetResourceType]Optional. target resource types supported by the CloudControl. |