REST Resource: projects.scanConfigs

{
  "name": string,
  "displayName": string,
  "maxQps": integer,
  "startingUrls": [
    string
  ],
  "authentication": {
    object (Authentication)
  },
  "userAgent": enum (UserAgent),
  "blacklistPatterns": [
    string
  ],
  "schedule": {
    object (Schedule)
  },
  "exportToSecurityCommandCenter": enum (ExportToSecurityCommandCenter),
  "riskLevel": enum (RiskLevel),
  "managedScan": boolean,
  "staticIpScan": boolean
}

string

The resource name of the ScanConfig. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}'. The ScanConfig IDs are generated by the system.

string

Required. The user provided display name of the ScanConfig.

integer

The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. If the field is unspecified or its value is set 0, server will default to 15. Other values outside of [5, 20] range will be rejected with INVALID_ARGUMENT error.

string

Required. The starting URLs from which the scanner finds site pages.

object (Authentication)

The authentication configuration. If specified, service will use the authentication configuration during scanning.

enum (UserAgent)

The user agent used during scanning.

string

The excluded URL patterns as described in https://cloud.google.com/security-command-center/docs/how-to-use-web-security-scanner#excluding_urls

object (Schedule)

The schedule of the ScanConfig.

enum (ExportToSecurityCommandCenter)

Controls export of scan configurations and results to Security Command Center.

enum (RiskLevel)

The risk level selected for the scan

boolean

Whether the scan config is managed by Web Security Scanner, output only.

boolean

Whether the scan configuration has enabled static IP address scan feature. If enabled, the scanner will access applications from static IP addresses.

{

  // Union field authentication can be only one of the following:
  "googleAccount": {
    object (GoogleAccount)
  },
  "customAccount": {
    object (CustomAccount)
  },
  "iapCredential": {
    object (IapCredential)
  }
  // End of list of possible types for union field authentication.
}

object (GoogleAccount)

Authentication using a Google account.

object (CustomAccount)

Authentication using a custom account.

object (IapCredential)

Authentication using Identity-Aware-Proxy (IAP).

{
  "username": string,
  "password": string
}

string

Required. The user name of the Google account.

string

Required. Input only. The password of the Google account. The credential is stored encrypted and not returned in any response nor included in audit logs.

{
  "username": string,
  "password": string,
  "loginUrl": string
}

string

Required. The user name of the custom account.

string

Required. Input only. The password of the custom account. The credential is stored encrypted and not returned in any response nor included in audit logs.

string

Required. The login form URL of the website.

{
  "iapTestServiceAccountInfo": {
    object (IapTestServiceAccountInfo)
  }
}

object (IapTestServiceAccountInfo)

Authentication configuration when Web-Security-Scanner service account is added in Identity-Aware-Proxy (IAP) access policies.

{
  "targetAudienceClientId": string
}

string

Required. Describes OAuth2 client id of resources protected by Identity-Aware-Proxy (IAP).

{
  "scheduleTime": string,
  "intervalDurationDays": integer
}

string (Timestamp format)

A timestamp indicates when the next run will be scheduled. The value is refreshed by the server after each run. If unspecified, it will default to current server time, which means the scan will be scheduled to start immediately.

A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z".

integer

Required. The duration of time between executions in days.