Class CustomConfig (1.30.0)

CustomConfig(mapping=None, *, ignore_unknown_fields=False, **kwargs)

Defines the properties in a custom module configuration for Security Health Analytics. Use the custom module configuration to create custom detectors that generate custom findings for resources that you specify.

Attributes

NameDescription
predicate google.type.expr_pb2.Expr
The CEL expression to evaluate to produce findings. When the expression evaluates to true against a resource, a finding is generated.
custom_output google.cloud.securitycenter_v1.types.CustomConfig.CustomOutputSpec
Custom output properties.
resource_selector google.cloud.securitycenter_v1.types.CustomConfig.ResourceSelector
The resource types that the custom module operates on. Each custom module can specify up to 5 resource types.
severity google.cloud.securitycenter_v1.types.CustomConfig.Severity
The severity to assign to findings generated by the module.
description str
Text that describes the vulnerability or misconfiguration that the custom module detects. This explanation is returned with each finding instance to help investigators understand the detected issue. The text must be enclosed in quotation marks.
recommendation str
An explanation of the recommended steps that security teams can take to resolve the detected issue. This explanation is returned with each finding generated by this module in the nextSteps property of the finding JSON.

Classes

CustomOutputSpec

CustomOutputSpec(mapping=None, *, ignore_unknown_fields=False, **kwargs)

A set of optional name-value pairs that define custom source properties to return with each finding that is generated by the custom module. The custom source properties that are defined here are included in the finding JSON under sourceProperties.

ResourceSelector

ResourceSelector(mapping=None, *, ignore_unknown_fields=False, **kwargs)

Resource for selecting resource type.

Severity

Severity(value)

Defines the valid value options for the severity of a finding.

Values: SEVERITY_UNSPECIFIED (0): Unspecified severity. CRITICAL (1): Critical severity. HIGH (2): High severity. MEDIUM (3): Medium severity. LOW (4): Low severity.