REST Resource: organizations.resourceValueConfigs

Resource: ResourceValueConfig

A resource value config (RVC) is a mapping configuration of user's resources to resource values. Used in Attack path simulations.

JSON representation 
{
  "name": string,
  "resourceValue": enum (ResourceValue),
  "tagValues": [
    string
  ],
  "resourceType": string,
  "scope": string,
  "resourceLabelsSelector": {
    string: string,
    ...
  },
  "description": string,
  "createTime": string,
  "updateTime": string,
  "cloudProvider": enum (CloudProvider),
  "sensitiveDataProtectionMapping": {
    object (SensitiveDataProtectionMapping)
  }
}
Fields
name

string

Name for the resource value config
resourceValue

enum (ResourceValue)

Resource value level this expression represents Only required when there is no SDP mapping in the request
tagValues[]

string

Required. Tag values combined with AND to check against. Values in the form "tagValues/123" E.g. [ "tagValues/123", "tagValues/456", "tagValues/789" ] https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing
resourceType

string

Apply resourceValue only to resources that match resourceType. resourceType will be checked with "AND" of other resources. E.g. "storage.googleapis.com/Bucket" with resourceValue "HIGH" will apply "HIGH" value only to "storage.googleapis.com/Bucket" resources.
scope

string

Project or folder to scope this config to. For example, "project/456" would apply this config only to resources in "project/456" scope will be checked with "AND" of other resources.
resourceLabelsSelector

map (key: string, value: string)

List of resource labels to search for, evaluated with AND. E.g. "resourceLabelsSelector": {"key": "value", "env": "prod"} will match resources with labels "key": "value" AND "env": "prod" https://cloud.google.com/resource-manager/docs/creating-managing-labels

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
description

string

Description of the resource value config.
createTime

string (Timestamp format)

Output only. Timestamp this resource value config was created.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
updateTime

string (Timestamp format)

Output only. Timestamp this resource value config was last updated.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
cloudProvider

enum (CloudProvider)

Cloud provider this configuration applies to
sensitiveDataProtectionMapping

object (SensitiveDataProtectionMapping)

A mapping of the sensitivity on Sensitive Data Protection finding to resource values. This mapping can only be used in combination with a resourceType that is related to BigQuery, e.g. "bigquery.googleapis.com/Dataset".

ResourceValue

Value enum to map to a resource

Enums
RESOURCE_VALUE_UNSPECIFIED Unspecific value
HIGH High resource value
MEDIUM Medium resource value
LOW Low resource value
NONE No resource value, e.g. ignore these resources

SensitiveDataProtectionMapping

Resource value mapping for Sensitive Data Protection findings If any of these mappings have a resource value that is not unspecified, the resourceValue field will be ignored when reading this configuration.

JSON representation 
{
  "highSensitivityMapping": enum (ResourceValue),
  "mediumSensitivityMapping": enum (ResourceValue)
}
Fields
highSensitivityMapping

enum (ResourceValue)

Resource value mapping for high-sensitivity Sensitive Data Protection findings
mediumSensitivityMapping

enum (ResourceValue)

Resource value mapping for medium-sensitivity Sensitive Data Protection findings

Methods

batchCreate

 Creates a ResourceValueConfig for an organization.

delete

 Deletes a ResourceValueConfig.

get

 Gets a ResourceValueConfig.

list

 Lists all ResourceValueConfigs.

patch

 Updates an existing ResourceValueConfigs with new rules.