Class ResourceValueConfig (1.35.1)

ResourceValueConfig(mapping=None, *, ignore_unknown_fields=False, **kwargs)

A resource value configuration (RVC) is a mapping configuration of user's resources to resource values. Used in Attack path simulations.

Attributes

Name Description
name str
Name for the resource value configuration
resource_value google.cloud.securitycenter_v1.types.ResourceValue
Required. Resource value level this expression represents
tag_values MutableSequence[str]
Required. Tag values combined with AND to check against. Values in the form "tagValues/123" Example: [ "tagValues/123", "tagValues/456", "tagValues/789" ] https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing
resource_type str
Apply resource_value only to resources that match resource_type. resource_type will be checked with AND of other resources. For example, "storage.googleapis.com/Bucket" with resource_value "HIGH" will apply "HIGH" value only to "storage.googleapis.com/Bucket" resources.
scope str
Project or folder to scope this configuration to. For example, "project/456" would apply this configuration only to resources in "project/456" scope will be checked with AND of other resources.
resource_labels_selector MutableMapping[str, str]
List of resource labels to search for, evaluated with AND. For example, "resource_labels_selector": {"key": "value", "env": "prod"} will match resources with labels "key": "value" AND "env": "prod" https://cloud.google.com/resource-manager/docs/creating-managing-labels
description str
Description of the resource value configuration.
create_time google.protobuf.timestamp_pb2.Timestamp
Output only. Timestamp this resource value configuration was created.
update_time google.protobuf.timestamp_pb2.Timestamp
Output only. Timestamp this resource value configuration was last updated.
cloud_provider google.cloud.securitycenter_v1.types.CloudProvider
Cloud provider this configuration applies to
sensitive_data_protection_mapping google.cloud.securitycenter_v1.types.ResourceValueConfig.SensitiveDataProtectionMapping
A mapping of the sensitivity on Sensitive Data Protection finding to resource values. This mapping can only be used in combination with a resource_type that is related to BigQuery, e.g. "bigquery.googleapis.com/Dataset".

Classes

ResourceLabelsSelectorEntry

ResourceLabelsSelectorEntry(mapping=None, *, ignore_unknown_fields=False, **kwargs)

The abstract base class for a message.

Parameters
Name Description
kwargs dict

Keys and values corresponding to the fields of the message.

mapping Union[dict, .Message]

A dictionary or message to be used to determine the values for this message.

ignore_unknown_fields Optional(bool)

If True, do not raise errors for unknown fields. Only applied if mapping is a mapping type or there are keyword parameters.

SensitiveDataProtectionMapping

SensitiveDataProtectionMapping(
    mapping=None, *, ignore_unknown_fields=False, **kwargs
)

Resource value mapping for Sensitive Data Protection findings. If any of these mappings have a resource value that is not unspecified, the resource_value field will be ignored when reading this configuration.