REST Resource: organizations.resourceValueConfigs

Resource: ResourceValueConfig
- JSON representation
ResourceValue
SensitiveDataProtectionMapping
- JSON representation
Methods

Resource: ResourceValueConfig

A resource value configuration (RVC) is a mapping configuration of user's resources to resource values. Used in Attack path simulations.

JSON representation

JSON representation
{ "name": string, "resourceValue": enum (`ResourceValue`), "tagValues": [ string ], "resourceType": string, "scope": string, "resourceLabelsSelector": { string: string, ... }, "description": string, "createTime": string, "updateTime": string, "cloudProvider": enum (`CloudProvider`), "sensitiveDataProtectionMapping": { object (`SensitiveDataProtectionMapping`) } }

{
  "name": string,
  "resourceValue": enum (ResourceValue),
  "tagValues": [
    string
  ],
  "resourceType": string,
  "scope": string,
  "resourceLabelsSelector": {
    string: string,
    ...
  },
  "description": string,
  "createTime": string,
  "updateTime": string,
  "cloudProvider": enum (CloudProvider),
  "sensitiveDataProtectionMapping": {
    object (SensitiveDataProtectionMapping)
  }
}

Fields
`name`	`string` Name for the resource value configuration
`resourceValue`	`enum (ResourceValue)` Required. Resource value level this expression represents
`tagValues[]`	`string` Required. Tag values combined with `AND` to check against. Values in the form "tagValues/123" Example: `[ "tagValues/123", "tagValues/456", "tagValues/789" ]` https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing
`resourceType`	`string` Apply resourceValue only to resources that match resourceType. resourceType will be checked with `AND` of other resources. For example, "storage.googleapis.com/Bucket" with resourceValue "HIGH" will apply "HIGH" value only to "storage.googleapis.com/Bucket" resources.
`scope`	`string` Project or folder to scope this configuration to. For example, "project/456" would apply this configuration only to resources in "project/456" scope will be checked with `AND` of other resources.
`resourceLabelsSelector`	`map (key: string, value: string)` List of resource labels to search for, evaluated with `AND`. For example, `"resourceLabelsSelector": {"key": "value", "env": "prod"}` will match resources with labels "key": "value" `AND` "env": "prod" https://cloud.google.com/resource-manager/docs/creating-managing-labels An object containing a list of `"key": value` pairs. Example: `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`.
`description`	`string` Description of the resource value configuration.
`createTime`	`string (Timestamp format)` Output only. Timestamp this resource value configuration was created. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: `"2014-10-02T15:01:23Z"` and `"2014-10-02T15:01:23.045123456Z"`.
`updateTime`	`string (Timestamp format)` Output only. Timestamp this resource value configuration was last updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: `"2014-10-02T15:01:23Z"` and `"2014-10-02T15:01:23.045123456Z"`.
`cloudProvider`	`enum (CloudProvider)` Cloud provider this configuration applies to
`sensitiveDataProtectionMapping`	`object (SensitiveDataProtectionMapping)` A mapping of the sensitivity on Sensitive Data Protection finding to resource values. This mapping can only be used in combination with a resourceType that is related to BigQuery, e.g. "bigquery.googleapis.com/Dataset".

ResourceValue

Value enum to map to a resource

Enums
`RESOURCE_VALUE_UNSPECIFIED`	Unspecific value
`HIGH`	High resource value
`MEDIUM`	Medium resource value
`LOW`	Low resource value
`NONE`	No resource value, e.g. ignore these resources

SensitiveDataProtectionMapping

Resource value mapping for Sensitive Data Protection findings. If any of these mappings have a resource value that is not unspecified, the resourceValue field will be ignored when reading this configuration.

JSON representation
{ "highSensitivityMapping": enum (`ResourceValue`), "mediumSensitivityMapping": enum (`ResourceValue`) }

Fields

Fields
`highSensitivityMapping`	`enum (ResourceValue)` Resource value mapping for high-sensitivity Sensitive Data Protection findings
`mediumSensitivityMapping`	`enum (ResourceValue)` Resource value mapping for medium-sensitivity Sensitive Data Protection findings

highSensitivityMapping

enum (ResourceValue)

Resource value mapping for high-sensitivity Sensitive Data Protection findings

mediumSensitivityMapping

enum (ResourceValue)

Resource value mapping for medium-sensitivity Sensitive Data Protection findings

Methods
`batchCreate`	Creates a ResourceValueConfig for an organization.
`delete`	Deletes a ResourceValueConfig.
`get`	Gets a ResourceValueConfig.
`list`	Lists all ResourceValueConfigs.
`patch`	Updates an existing ResourceValueConfigs with new rules.

REST Resource: organizations.resourceValueConfigs

Resource: ResourceValueConfig

ResourceValue

SensitiveDataProtectionMapping

Methods

`batchCreate`

`delete`

`get`

`list`

`patch`