REST Resource: organizations.locations.resourceValueConfigs

Resource: ResourceValueConfig
Methods

Resource: ResourceValueConfig

A resource value configuration (RVC) is a mapping configuration of user's resources to resource values. Used in Attack path simulations.

JSON representation

JSON representation
{ "name": string, "resourceValue": enum (`ResourceValue`), "tagValues": [ string ], "resourceType": string, "scope": string, "resourceLabelsSelector": { string: string, ... }, "description": string, "createTime": string, "updateTime": string, "cloudProvider": enum (`CloudProvider`), "sensitiveDataProtectionMapping": { object (`SensitiveDataProtectionMapping`) } }

{
  "name": string,
  "resourceValue": enum (ResourceValue),
  "tagValues": [
    string
  ],
  "resourceType": string,
  "scope": string,
  "resourceLabelsSelector": {
    string: string,
    ...
  },
  "description": string,
  "createTime": string,
  "updateTime": string,
  "cloudProvider": enum (CloudProvider),
  "sensitiveDataProtectionMapping": {
    object (SensitiveDataProtectionMapping)
  }
}

Fields
`name`	`string` Identifier. Name for the resource value configuration
`resourceValue`	`enum (ResourceValue)` Resource value level this expression represents Only required when there is no Sensitive Data Protection mapping in the request
`tagValues[]`	`string` Tag values combined with `AND` to check against. For Google Cloud resources, they are tag value IDs in the form of "tagValues/123". Example: `[ "tagValues/123", "tagValues/456", "tagValues/789" ]` https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing
`resourceType`	`string` Apply resourceValue only to resources that match resourceType. resourceType will be checked with `AND` of other resources. For example, "storage.googleapis.com/Bucket" with resourceValue "HIGH" will apply "HIGH" value only to "storage.googleapis.com/Bucket" resources.
`scope`	`string` Project or folder to scope this configuration to. For example, "project/456" would apply this configuration only to resources in "project/456" scope and will be checked with `AND` of other resources.
`resourceLabelsSelector`	`map (key: string, value: string)` List of resource labels to search for, evaluated with `AND`. For example, "resourceLabelsSelector": {"key": "value", "env": "prod"} will match resources with labels "key": "value" `AND` "env": "prod" https://cloud.google.com/resource-manager/docs/creating-managing-labels An object containing a list of `"key": value` pairs. Example: `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`.
`description`	`string` Description of the resource value configuration.
`createTime`	`string (Timestamp format)` Output only. Timestamp this resource value configuration was created. Uses RFC 3339, where generated output will always be Z-normalized and uses 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: `"2014-10-02T15:01:23Z"`, `"2014-10-02T15:01:23.045123456Z"` or `"2014-10-02T15:01:23+05:30"`.
`updateTime`	`string (Timestamp format)` Output only. Timestamp this resource value configuration was last updated. Uses RFC 3339, where generated output will always be Z-normalized and uses 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: `"2014-10-02T15:01:23Z"`, `"2014-10-02T15:01:23.045123456Z"` or `"2014-10-02T15:01:23+05:30"`.
`cloudProvider`	`enum (CloudProvider)` Cloud provider this configuration applies to
`sensitiveDataProtectionMapping`	`object (SensitiveDataProtectionMapping)` A mapping of the sensitivity on Sensitive Data Protection finding to resource values. This mapping can only be used in combination with a resourceType that is related to BigQuery, e.g. "bigquery.googleapis.com/Dataset".

ResourceValue

Value enum to map to a resource

Enums
`RESOURCE_VALUE_UNSPECIFIED`	Unspecific value
`HIGH`	High resource value
`MEDIUM`	Medium resource value
`LOW`	Low resource value
`NONE`	No resource value, e.g. ignore these resources

SensitiveDataProtectionMapping

Resource value mapping for Sensitive Data Protection findings If any of these mappings have a resource value that is not unspecified, the resourceValue field will be ignored when reading this configuration.

JSON representation
{ "highSensitivityMapping": enum (`ResourceValue`), "mediumSensitivityMapping": enum (`ResourceValue`) }

Fields

Fields
`highSensitivityMapping`	`enum (ResourceValue)` Resource value mapping for high-sensitivity Sensitive Data Protection findings
`mediumSensitivityMapping`	`enum (ResourceValue)` Resource value mapping for medium-sensitivity Sensitive Data Protection findings

highSensitivityMapping

enum (ResourceValue)

Resource value mapping for high-sensitivity Sensitive Data Protection findings

mediumSensitivityMapping

enum (ResourceValue)

Resource value mapping for medium-sensitivity Sensitive Data Protection findings

Methods
`batchCreate`	Creates a ResourceValueConfig for an organization.
`delete`	Deletes a ResourceValueConfig.
`get`	Gets a ResourceValueConfig.
`list`	Lists all ResourceValueConfigs.
`patch`	Updates an existing ResourceValueConfigs with new rules.

REST Resource: organizations.locations.resourceValueConfigs

Resource: ResourceValueConfig

ResourceValue

SensitiveDataProtectionMapping

Methods

`batchCreate`

`delete`

`get`

`list`

`patch`