ResourceValueConfig(mapping=None, *, ignore_unknown_fields=False, **kwargs)A resource value configuration (RVC) is a mapping configuration of user's resources to resource values. Used in Attack path simulations.
Attributes |
|
|---|---|
| Name | Description |
name |
str
Identifier. Name for the resource value configuration |
resource_value |
google.cloud.securitycenter_v2.types.ResourceValue
Resource value level this expression represents Only required when there is no Sensitive Data Protection mapping in the request |
tag_values |
MutableSequence[str]
Tag values combined with AND to check against. Values in
the form "tagValues/123" Example:
[ "tagValues/123", "tagValues/456", "tagValues/789" ]
https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing
|
resource_type |
str
Apply resource_value only to resources that match resource_type. resource_type will be checked with AND of
other resources. For example,
"storage.googleapis.com/Bucket" with resource_value "HIGH"
will apply "HIGH" value only to
"storage.googleapis.com/Bucket" resources.
|
scope |
str
Project or folder to scope this configuration to. For example, "project/456" would apply this configuration only to resources in "project/456" scope and will be checked with AND of other resources.
|
resource_labels_selector |
MutableMapping[str, str]
List of resource labels to search for, evaluated with AND. For example, "resource_labels_selector": {"key":
"value", "env": "prod"} will match resources with labels
"key": "value" AND "env": "prod"
https://cloud.google.com/resource-manager/docs/creating-managing-labels
|
description |
str
Description of the resource value configuration. |
create_time |
google.protobuf.timestamp_pb2.Timestamp
Output only. Timestamp this resource value configuration was created. |
update_time |
google.protobuf.timestamp_pb2.Timestamp
Output only. Timestamp this resource value configuration was last updated. |
cloud_provider |
google.cloud.securitycenter_v2.types.CloudProvider
Cloud provider this configuration applies to |
sensitive_data_protection_mapping |
google.cloud.securitycenter_v2.types.ResourceValueConfig.SensitiveDataProtectionMapping
A mapping of the sensitivity on Sensitive Data Protection finding to resource values. This mapping can only be used in combination with a resource_type that is related to BigQuery, e.g. "bigquery.googleapis.com/Dataset". |
Classes
ResourceLabelsSelectorEntry
ResourceLabelsSelectorEntry(mapping=None, *, ignore_unknown_fields=False, **kwargs)The abstract base class for a message.
| Parameters | |
|---|---|
| Name | Description |
kwargs |
dict
Keys and values corresponding to the fields of the message. |
mapping |
Union[dict,
A dictionary or message to be used to determine the values for this message. |
ignore_unknown_fields |
Optional(bool)
If True, do not raise errors for unknown fields. Only applied if |
SensitiveDataProtectionMapping
SensitiveDataProtectionMapping(
mapping=None, *, ignore_unknown_fields=False, **kwargs
)Resource value mapping for Sensitive Data Protection findings If any of these mappings have a resource value that is not unspecified, the resource_value field will be ignored when reading this configuration.