Docs Home
Google Cloud v8.25.1 published on Wednesday, Apr 9, 2025 by Pulumi
gcp.compute.SecurityScanConfig
Explore with Pulumi AI
A ScanConfig resource contains the configurations to launch a scan.
To get more information about ScanConfig, see:
- API documentation
- How-to Guides
Example Usage
Scan Config Basic
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const scannerStaticIp = new gcp.compute.Address("scanner_static_ip", {name: "scan-basic-static-ip"});
const scan_config = new gcp.compute.SecurityScanConfig("scan-config", {
displayName: "scan-config",
startingUrls: [pulumi.interpolate`http://${scannerStaticIp.address}`],
targetPlatforms: ["COMPUTE"],
});
import pulumi
import pulumi_gcp as gcp
scanner_static_ip = gcp.compute.Address("scanner_static_ip", name="scan-basic-static-ip")
scan_config = gcp.compute.SecurityScanConfig("scan-config",
display_name="scan-config",
starting_urls=[scanner_static_ip.address.apply(lambda address: f"http://{address}")],
target_platforms=["COMPUTE"])
package main
import (
"fmt"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
scannerStaticIp, err := compute.NewAddress(ctx, "scanner_static_ip", &compute.AddressArgs{
Name: pulumi.String("scan-basic-static-ip"),
})
if err != nil {
return err
}
_, err = compute.NewSecurityScanConfig(ctx, "scan-config", &compute.SecurityScanConfigArgs{
DisplayName: pulumi.String("scan-config"),
StartingUrls: pulumi.StringArray{
scannerStaticIp.Address.ApplyT(func(address string) (string, error) {
return fmt.Sprintf("http://%v", address), nil
}).(pulumi.StringOutput),
},
TargetPlatforms: pulumi.StringArray{
pulumi.String("COMPUTE"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var scannerStaticIp = new Gcp.Compute.Address("scanner_static_ip", new()
{
Name = "scan-basic-static-ip",
});
var scan_config = new Gcp.Compute.SecurityScanConfig("scan-config", new()
{
DisplayName = "scan-config",
StartingUrls = new[]
{
scannerStaticIp.IPAddress.Apply(address => $"http://{address}"),
},
TargetPlatforms = new[]
{
"COMPUTE",
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Address;
import com.pulumi.gcp.compute.AddressArgs;
import com.pulumi.gcp.compute.SecurityScanConfig;
import com.pulumi.gcp.compute.SecurityScanConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var scannerStaticIp = new Address("scannerStaticIp", AddressArgs.builder()
.name("scan-basic-static-ip")
.build());
var scan_config = new SecurityScanConfig("scan-config", SecurityScanConfigArgs.builder()
.displayName("scan-config")
.startingUrls(scannerStaticIp.address().applyValue(_address -> String.format("http://%s", _address)))
.targetPlatforms("COMPUTE")
.build());
}
}
resources:
scannerStaticIp:
type: gcp:compute:Address
name: scanner_static_ip
properties:
name: scan-basic-static-ip
scan-config:
type: gcp:compute:SecurityScanConfig
properties:
displayName: scan-config
startingUrls:
- http://${scannerStaticIp.address}
targetPlatforms:
- COMPUTE
Create SecurityScanConfig Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new SecurityScanConfig(name: string, args: SecurityScanConfigArgs, opts?: CustomResourceOptions);@overload
def SecurityScanConfig(resource_name: str,
args: SecurityScanConfigArgs,
opts: Optional[ResourceOptions] = None)
@overload
def SecurityScanConfig(resource_name: str,
opts: Optional[ResourceOptions] = None,
display_name: Optional[str] = None,
starting_urls: Optional[Sequence[str]] = None,
authentication: Optional[SecurityScanConfigAuthenticationArgs] = None,
blacklist_patterns: Optional[Sequence[str]] = None,
export_to_security_command_center: Optional[str] = None,
max_qps: Optional[int] = None,
project: Optional[str] = None,
schedule: Optional[SecurityScanConfigScheduleArgs] = None,
target_platforms: Optional[Sequence[str]] = None,
user_agent: Optional[str] = None)func NewSecurityScanConfig(ctx *Context, name string, args SecurityScanConfigArgs, opts ...ResourceOption) (*SecurityScanConfig, error)public SecurityScanConfig(string name, SecurityScanConfigArgs args, CustomResourceOptions? opts = null)public SecurityScanConfig(String name, SecurityScanConfigArgs args)
public SecurityScanConfig(String name, SecurityScanConfigArgs args, CustomResourceOptions options)
type: gcp:compute:SecurityScanConfig
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name
This property is required. string - The unique name of the resource.
- args
This property is required. SecurityScanConfigArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name
This property is required. str - The unique name of the resource.
- args
This property is required. SecurityScanConfigArgs - The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. SecurityScanConfigArgs - The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. SecurityScanConfigArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name
This property is required. String - The unique name of the resource.
- args
This property is required. SecurityScanConfigArgs - The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var securityScanConfigResource = new Gcp.Compute.SecurityScanConfig("securityScanConfigResource", new()
{
DisplayName = "string",
StartingUrls = new[]
{
"string",
},
Authentication = new Gcp.Compute.Inputs.SecurityScanConfigAuthenticationArgs
{
CustomAccount = new Gcp.Compute.Inputs.SecurityScanConfigAuthenticationCustomAccountArgs
{
LoginUrl = "string",
Password = "string",
Username = "string",
},
GoogleAccount = new Gcp.Compute.Inputs.SecurityScanConfigAuthenticationGoogleAccountArgs
{
Password = "string",
Username = "string",
},
},
BlacklistPatterns = new[]
{
"string",
},
ExportToSecurityCommandCenter = "string",
MaxQps = 0,
Project = "string",
Schedule = new Gcp.Compute.Inputs.SecurityScanConfigScheduleArgs
{
IntervalDurationDays = 0,
ScheduleTime = "string",
},
TargetPlatforms = new[]
{
"string",
},
UserAgent = "string",
});
example, err := compute.NewSecurityScanConfig(ctx, "securityScanConfigResource", &compute.SecurityScanConfigArgs{
DisplayName: pulumi.String("string"),
StartingUrls: pulumi.StringArray{
pulumi.String("string"),
},
Authentication: &compute.SecurityScanConfigAuthenticationArgs{
CustomAccount: &compute.SecurityScanConfigAuthenticationCustomAccountArgs{
LoginUrl: pulumi.String("string"),
Password: pulumi.String("string"),
Username: pulumi.String("string"),
},
GoogleAccount: &compute.SecurityScanConfigAuthenticationGoogleAccountArgs{
Password: pulumi.String("string"),
Username: pulumi.String("string"),
},
},
BlacklistPatterns: pulumi.StringArray{
pulumi.String("string"),
},
ExportToSecurityCommandCenter: pulumi.String("string"),
MaxQps: pulumi.Int(0),
Project: pulumi.String("string"),
Schedule: &compute.SecurityScanConfigScheduleArgs{
IntervalDurationDays: pulumi.Int(0),
ScheduleTime: pulumi.String("string"),
},
TargetPlatforms: pulumi.StringArray{
pulumi.String("string"),
},
UserAgent: pulumi.String("string"),
})
var securityScanConfigResource = new SecurityScanConfig("securityScanConfigResource", SecurityScanConfigArgs.builder()
.displayName("string")
.startingUrls("string")
.authentication(SecurityScanConfigAuthenticationArgs.builder()
.customAccount(SecurityScanConfigAuthenticationCustomAccountArgs.builder()
.loginUrl("string")
.password("string")
.username("string")
.build())
.googleAccount(SecurityScanConfigAuthenticationGoogleAccountArgs.builder()
.password("string")
.username("string")
.build())
.build())
.blacklistPatterns("string")
.exportToSecurityCommandCenter("string")
.maxQps(0)
.project("string")
.schedule(SecurityScanConfigScheduleArgs.builder()
.intervalDurationDays(0)
.scheduleTime("string")
.build())
.targetPlatforms("string")
.userAgent("string")
.build());
security_scan_config_resource = gcp.compute.SecurityScanConfig("securityScanConfigResource",
display_name="string",
starting_urls=["string"],
authentication={
"custom_account": {
"login_url": "string",
"password": "string",
"username": "string",
},
"google_account": {
"password": "string",
"username": "string",
},
},
blacklist_patterns=["string"],
export_to_security_command_center="string",
max_qps=0,
project="string",
schedule={
"interval_duration_days": 0,
"schedule_time": "string",
},
target_platforms=["string"],
user_agent="string")
const securityScanConfigResource = new gcp.compute.SecurityScanConfig("securityScanConfigResource", {
displayName: "string",
startingUrls: ["string"],
authentication: {
customAccount: {
loginUrl: "string",
password: "string",
username: "string",
},
googleAccount: {
password: "string",
username: "string",
},
},
blacklistPatterns: ["string"],
exportToSecurityCommandCenter: "string",
maxQps: 0,
project: "string",
schedule: {
intervalDurationDays: 0,
scheduleTime: "string",
},
targetPlatforms: ["string"],
userAgent: "string",
});
type: gcp:compute:SecurityScanConfig
properties:
authentication:
customAccount:
loginUrl: string
password: string
username: string
googleAccount:
password: string
username: string
blacklistPatterns:
- string
displayName: string
exportToSecurityCommandCenter: string
maxQps: 0
project: string
schedule:
intervalDurationDays: 0
scheduleTime: string
startingUrls:
- string
targetPlatforms:
- string
userAgent: string
SecurityScanConfig Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The SecurityScanConfig resource accepts the following input properties:
- Display
Name This property is required. string - The user provider display name of the ScanConfig.
- Starting
Urls This property is required. List<string> - The starting URLs from which the scanner finds site pages.
- Authentication
Security
Scan Config Authentication - The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.
- Blacklist
Patterns List<string> - The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls
- Export
To stringSecurity Command Center - Controls export of scan configurations and results to Cloud Security Command Center.
Default value is
ENABLED. Possible values are:ENABLED,DISABLED. - Max
Qps int - The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.
- Project
Changes to this property will trigger replacement. - The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- Schedule
Security
Scan Config Schedule - The schedule of the ScanConfig Structure is documented below.
- Target
Platforms List<string> - Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default.
Each value may be one of:
APP_ENGINE,COMPUTE. - User
Agent string - Type of the user agents used for scanning
Default value is
CHROME_LINUX. Possible values are:USER_AGENT_UNSPECIFIED,CHROME_LINUX,CHROME_ANDROID,SAFARI_IPHONE.
- Display
Name This property is required. string - The user provider display name of the ScanConfig.
- Starting
Urls This property is required. []string - The starting URLs from which the scanner finds site pages.
- Authentication
Security
Scan Config Authentication Args - The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.
- Blacklist
Patterns []string - The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls
- Export
To stringSecurity Command Center - Controls export of scan configurations and results to Cloud Security Command Center.
Default value is
ENABLED. Possible values are:ENABLED,DISABLED. - Max
Qps int - The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.
- Project
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- Schedule
Security
Scan Config Schedule Args - The schedule of the ScanConfig Structure is documented below.
- Target
Platforms []string - Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default.
Each value may be one of:
APP_ENGINE,COMPUTE. - User
Agent string - Type of the user agents used for scanning
Default value is
CHROME_LINUX. Possible values are:USER_AGENT_UNSPECIFIED,CHROME_LINUX,CHROME_ANDROID,SAFARI_IPHONE.
- display
Name This property is required. String - The user provider display name of the ScanConfig.
- starting
Urls This property is required. List<String> - The starting URLs from which the scanner finds site pages.
- authentication
Security
Scan Config Authentication - The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.
- blacklist
Patterns List<String> - The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls
- export
To StringSecurity Command Center - Controls export of scan configurations and results to Cloud Security Command Center.
Default value is
ENABLED. Possible values are:ENABLED,DISABLED. - max
Qps Integer - The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.
- project
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- schedule
Security
Scan Config Schedule - The schedule of the ScanConfig Structure is documented below.
- target
Platforms List<String> - Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default.
Each value may be one of:
APP_ENGINE,COMPUTE. - user
Agent String - Type of the user agents used for scanning
Default value is
CHROME_LINUX. Possible values are:USER_AGENT_UNSPECIFIED,CHROME_LINUX,CHROME_ANDROID,SAFARI_IPHONE.
- display
Name This property is required. string - The user provider display name of the ScanConfig.
- starting
Urls This property is required. string[] - The starting URLs from which the scanner finds site pages.
- authentication
Security
Scan Config Authentication - The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.
- blacklist
Patterns string[] - The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls
- export
To stringSecurity Command Center - Controls export of scan configurations and results to Cloud Security Command Center.
Default value is
ENABLED. Possible values are:ENABLED,DISABLED. - max
Qps number - The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.
- project
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- schedule
Security
Scan Config Schedule - The schedule of the ScanConfig Structure is documented below.
- target
Platforms string[] - Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default.
Each value may be one of:
APP_ENGINE,COMPUTE. - user
Agent string - Type of the user agents used for scanning
Default value is
CHROME_LINUX. Possible values are:USER_AGENT_UNSPECIFIED,CHROME_LINUX,CHROME_ANDROID,SAFARI_IPHONE.
- display_
name This property is required. str - The user provider display name of the ScanConfig.
- starting_
urls This property is required. Sequence[str] - The starting URLs from which the scanner finds site pages.
- authentication
Security
Scan Config Authentication Args - The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.
- blacklist_
patterns Sequence[str] - The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls
- export_
to_ strsecurity_ command_ center - Controls export of scan configurations and results to Cloud Security Command Center.
Default value is
ENABLED. Possible values are:ENABLED,DISABLED. - max_
qps int - The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.
- project
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- schedule
Security
Scan Config Schedule Args - The schedule of the ScanConfig Structure is documented below.
- target_
platforms Sequence[str] - Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default.
Each value may be one of:
APP_ENGINE,COMPUTE. - user_
agent str - Type of the user agents used for scanning
Default value is
CHROME_LINUX. Possible values are:USER_AGENT_UNSPECIFIED,CHROME_LINUX,CHROME_ANDROID,SAFARI_IPHONE.
- display
Name This property is required. String - The user provider display name of the ScanConfig.
- starting
Urls This property is required. List<String> - The starting URLs from which the scanner finds site pages.
- authentication Property Map
- The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.
- blacklist
Patterns List<String> - The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls
- export
To StringSecurity Command Center - Controls export of scan configurations and results to Cloud Security Command Center.
Default value is
ENABLED. Possible values are:ENABLED,DISABLED. - max
Qps Number - The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.
- project
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- schedule Property Map
- The schedule of the ScanConfig Structure is documented below.
- target
Platforms List<String> - Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default.
Each value may be one of:
APP_ENGINE,COMPUTE. - user
Agent String - Type of the user agents used for scanning
Default value is
CHROME_LINUX. Possible values are:USER_AGENT_UNSPECIFIED,CHROME_LINUX,CHROME_ANDROID,SAFARI_IPHONE.
Outputs
All input properties are implicitly available as output properties. Additionally, the SecurityScanConfig resource produces the following output properties:
Look up Existing SecurityScanConfig Resource
Get an existing SecurityScanConfig resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: SecurityScanConfigState, opts?: CustomResourceOptions): SecurityScanConfig@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
authentication: Optional[SecurityScanConfigAuthenticationArgs] = None,
blacklist_patterns: Optional[Sequence[str]] = None,
display_name: Optional[str] = None,
export_to_security_command_center: Optional[str] = None,
max_qps: Optional[int] = None,
name: Optional[str] = None,
project: Optional[str] = None,
schedule: Optional[SecurityScanConfigScheduleArgs] = None,
starting_urls: Optional[Sequence[str]] = None,
target_platforms: Optional[Sequence[str]] = None,
user_agent: Optional[str] = None) -> SecurityScanConfigfunc GetSecurityScanConfig(ctx *Context, name string, id IDInput, state *SecurityScanConfigState, opts ...ResourceOption) (*SecurityScanConfig, error)public static SecurityScanConfig Get(string name, Input<string> id, SecurityScanConfigState? state, CustomResourceOptions? opts = null)public static SecurityScanConfig get(String name, Output<String> id, SecurityScanConfigState state, CustomResourceOptions options)resources: _: type: gcp:compute:SecurityScanConfig get: id: ${id}- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
The following state arguments are supported:
- Authentication
Security
Scan Config Authentication - The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.
- Blacklist
Patterns List<string> - The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls
- Display
Name string - The user provider display name of the ScanConfig.
- Export
To stringSecurity Command Center - Controls export of scan configurations and results to Cloud Security Command Center.
Default value is
ENABLED. Possible values are:ENABLED,DISABLED. - Max
Qps int - The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.
- Name string
- A server defined name for this index. Format:
projects/{{project}}/scanConfigs/{{server_generated_id}} - Project
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- Schedule
Security
Scan Config Schedule - The schedule of the ScanConfig Structure is documented below.
- Starting
Urls List<string> - The starting URLs from which the scanner finds site pages.
- Target
Platforms List<string> - Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default.
Each value may be one of:
APP_ENGINE,COMPUTE. - User
Agent string - Type of the user agents used for scanning
Default value is
CHROME_LINUX. Possible values are:USER_AGENT_UNSPECIFIED,CHROME_LINUX,CHROME_ANDROID,SAFARI_IPHONE.
- Authentication
Security
Scan Config Authentication Args - The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.
- Blacklist
Patterns []string - The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls
- Display
Name string - The user provider display name of the ScanConfig.
- Export
To stringSecurity Command Center - Controls export of scan configurations and results to Cloud Security Command Center.
Default value is
ENABLED. Possible values are:ENABLED,DISABLED. - Max
Qps int - The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.
- Name string
- A server defined name for this index. Format:
projects/{{project}}/scanConfigs/{{server_generated_id}} - Project
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- Schedule
Security
Scan Config Schedule Args - The schedule of the ScanConfig Structure is documented below.
- Starting
Urls []string - The starting URLs from which the scanner finds site pages.
- Target
Platforms []string - Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default.
Each value may be one of:
APP_ENGINE,COMPUTE. - User
Agent string - Type of the user agents used for scanning
Default value is
CHROME_LINUX. Possible values are:USER_AGENT_UNSPECIFIED,CHROME_LINUX,CHROME_ANDROID,SAFARI_IPHONE.
- authentication
Security
Scan Config Authentication - The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.
- blacklist
Patterns List<String> - The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls
- display
Name String - The user provider display name of the ScanConfig.
- export
To StringSecurity Command Center - Controls export of scan configurations and results to Cloud Security Command Center.
Default value is
ENABLED. Possible values are:ENABLED,DISABLED. - max
Qps Integer - The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.
- name String
- A server defined name for this index. Format:
projects/{{project}}/scanConfigs/{{server_generated_id}} - project
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- schedule
Security
Scan Config Schedule - The schedule of the ScanConfig Structure is documented below.
- starting
Urls List<String> - The starting URLs from which the scanner finds site pages.
- target
Platforms List<String> - Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default.
Each value may be one of:
APP_ENGINE,COMPUTE. - user
Agent String - Type of the user agents used for scanning
Default value is
CHROME_LINUX. Possible values are:USER_AGENT_UNSPECIFIED,CHROME_LINUX,CHROME_ANDROID,SAFARI_IPHONE.
- authentication
Security
Scan Config Authentication - The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.
- blacklist
Patterns string[] - The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls
- display
Name string - The user provider display name of the ScanConfig.
- export
To stringSecurity Command Center - Controls export of scan configurations and results to Cloud Security Command Center.
Default value is
ENABLED. Possible values are:ENABLED,DISABLED. - max
Qps number - The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.
- name string
- A server defined name for this index. Format:
projects/{{project}}/scanConfigs/{{server_generated_id}} - project
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- schedule
Security
Scan Config Schedule - The schedule of the ScanConfig Structure is documented below.
- starting
Urls string[] - The starting URLs from which the scanner finds site pages.
- target
Platforms string[] - Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default.
Each value may be one of:
APP_ENGINE,COMPUTE. - user
Agent string - Type of the user agents used for scanning
Default value is
CHROME_LINUX. Possible values are:USER_AGENT_UNSPECIFIED,CHROME_LINUX,CHROME_ANDROID,SAFARI_IPHONE.
- authentication
Security
Scan Config Authentication Args - The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.
- blacklist_
patterns Sequence[str] - The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls
- display_
name str - The user provider display name of the ScanConfig.
- export_
to_ strsecurity_ command_ center - Controls export of scan configurations and results to Cloud Security Command Center.
Default value is
ENABLED. Possible values are:ENABLED,DISABLED. - max_
qps int - The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.
- name str
- A server defined name for this index. Format:
projects/{{project}}/scanConfigs/{{server_generated_id}} - project
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- schedule
Security
Scan Config Schedule Args - The schedule of the ScanConfig Structure is documented below.
- starting_
urls Sequence[str] - The starting URLs from which the scanner finds site pages.
- target_
platforms Sequence[str] - Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default.
Each value may be one of:
APP_ENGINE,COMPUTE. - user_
agent str - Type of the user agents used for scanning
Default value is
CHROME_LINUX. Possible values are:USER_AGENT_UNSPECIFIED,CHROME_LINUX,CHROME_ANDROID,SAFARI_IPHONE.
- authentication Property Map
- The authentication configuration. If specified, service will use the authentication configuration during scanning. Structure is documented below.
- blacklist
Patterns List<String> - The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls
- display
Name String - The user provider display name of the ScanConfig.
- export
To StringSecurity Command Center - Controls export of scan configurations and results to Cloud Security Command Center.
Default value is
ENABLED. Possible values are:ENABLED,DISABLED. - max
Qps Number - The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. Defaults to 15.
- name String
- A server defined name for this index. Format:
projects/{{project}}/scanConfigs/{{server_generated_id}} - project
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- schedule Property Map
- The schedule of the ScanConfig Structure is documented below.
- starting
Urls List<String> - The starting URLs from which the scanner finds site pages.
- target
Platforms List<String> - Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default.
Each value may be one of:
APP_ENGINE,COMPUTE. - user
Agent String - Type of the user agents used for scanning
Default value is
CHROME_LINUX. Possible values are:USER_AGENT_UNSPECIFIED,CHROME_LINUX,CHROME_ANDROID,SAFARI_IPHONE.
Supporting Types
SecurityScanConfigAuthentication, SecurityScanConfigAuthenticationArgs
, SecurityScanConfigAuthenticationArgs
- Custom
Account SecurityScan Config Authentication Custom Account - Describes authentication configuration that uses a custom account. Structure is documented below.
- Google
Account SecurityScan Config Authentication Google Account - Describes authentication configuration that uses a Google account. Structure is documented below.
- Custom
Account SecurityScan Config Authentication Custom Account - Describes authentication configuration that uses a custom account. Structure is documented below.
- Google
Account SecurityScan Config Authentication Google Account - Describes authentication configuration that uses a Google account. Structure is documented below.
- custom
Account SecurityScan Config Authentication Custom Account - Describes authentication configuration that uses a custom account. Structure is documented below.
- google
Account SecurityScan Config Authentication Google Account - Describes authentication configuration that uses a Google account. Structure is documented below.
- custom
Account SecurityScan Config Authentication Custom Account - Describes authentication configuration that uses a custom account. Structure is documented below.
- google
Account SecurityScan Config Authentication Google Account - Describes authentication configuration that uses a Google account. Structure is documented below.
- custom_
account SecurityScan Config Authentication Custom Account - Describes authentication configuration that uses a custom account. Structure is documented below.
- google_
account SecurityScan Config Authentication Google Account - Describes authentication configuration that uses a Google account. Structure is documented below.
- custom
Account Property Map - Describes authentication configuration that uses a custom account. Structure is documented below.
- google
Account Property Map - Describes authentication configuration that uses a Google account. Structure is documented below.
SecurityScanConfigAuthenticationCustomAccount, SecurityScanConfigAuthenticationCustomAccountArgs
, SecurityScanConfigAuthenticationCustomAccountArgs
- Login
Url This property is required. string - The login form URL of the website.
- Password
string
This property is required. Changes to this property will trigger replacement. - The password of the custom account. The credential is stored encrypted in GCP. Note: This property is sensitive and will not be displayed in the plan.
- Username
This property is required. string - The user name of the custom account.
- Login
Url This property is required. string - The login form URL of the website.
- Password
string
This property is required. Changes to this property will trigger replacement. - The password of the custom account. The credential is stored encrypted in GCP. Note: This property is sensitive and will not be displayed in the plan.
- Username
This property is required. string - The user name of the custom account.
- login
Url This property is required. String - The login form URL of the website.
- password
String
This property is required. Changes to this property will trigger replacement. - The password of the custom account. The credential is stored encrypted in GCP. Note: This property is sensitive and will not be displayed in the plan.
- username
This property is required. String - The user name of the custom account.
- login
Url This property is required. string - The login form URL of the website.
- password
string
This property is required. Changes to this property will trigger replacement. - The password of the custom account. The credential is stored encrypted in GCP. Note: This property is sensitive and will not be displayed in the plan.
- username
This property is required. string - The user name of the custom account.
- login_
url This property is required. str - The login form URL of the website.
- password
str
This property is required. Changes to this property will trigger replacement. - The password of the custom account. The credential is stored encrypted in GCP. Note: This property is sensitive and will not be displayed in the plan.
- username
This property is required. str - The user name of the custom account.
- login
Url This property is required. String - The login form URL of the website.
- password
String
This property is required. Changes to this property will trigger replacement. - The password of the custom account. The credential is stored encrypted in GCP. Note: This property is sensitive and will not be displayed in the plan.
- username
This property is required. String - The user name of the custom account.
SecurityScanConfigAuthenticationGoogleAccount, SecurityScanConfigAuthenticationGoogleAccountArgs
, SecurityScanConfigAuthenticationGoogleAccountArgs
- Password
string
This property is required. Changes to this property will trigger replacement. - The password of the Google account. The credential is stored encrypted in GCP. Note: This property is sensitive and will not be displayed in the plan.
- Username
This property is required. string - The user name of the Google account.
- Password
string
This property is required. Changes to this property will trigger replacement. - The password of the Google account. The credential is stored encrypted in GCP. Note: This property is sensitive and will not be displayed in the plan.
- Username
This property is required. string - The user name of the Google account.
- password
String
This property is required. Changes to this property will trigger replacement. - The password of the Google account. The credential is stored encrypted in GCP. Note: This property is sensitive and will not be displayed in the plan.
- username
This property is required. String - The user name of the Google account.
- password
string
This property is required. Changes to this property will trigger replacement. - The password of the Google account. The credential is stored encrypted in GCP. Note: This property is sensitive and will not be displayed in the plan.
- username
This property is required. string - The user name of the Google account.
- password
str
This property is required. Changes to this property will trigger replacement. - The password of the Google account. The credential is stored encrypted in GCP. Note: This property is sensitive and will not be displayed in the plan.
- username
This property is required. str - The user name of the Google account.
- password
String
This property is required. Changes to this property will trigger replacement. - The password of the Google account. The credential is stored encrypted in GCP. Note: This property is sensitive and will not be displayed in the plan.
- username
This property is required. String - The user name of the Google account.
SecurityScanConfigSchedule, SecurityScanConfigScheduleArgs
, SecurityScanConfigScheduleArgs
- Interval
Duration Days This property is required. int - The duration of time between executions in days
- Schedule
Time string - A timestamp indicates when the next run will be scheduled. The value is refreshed by the server after each run. If unspecified, it will default to current server time, which means the scan will be scheduled to start immediately.
- Interval
Duration Days This property is required. int - The duration of time between executions in days
- Schedule
Time string - A timestamp indicates when the next run will be scheduled. The value is refreshed by the server after each run. If unspecified, it will default to current server time, which means the scan will be scheduled to start immediately.
- interval
Duration Days This property is required. Integer - The duration of time between executions in days
- schedule
Time String - A timestamp indicates when the next run will be scheduled. The value is refreshed by the server after each run. If unspecified, it will default to current server time, which means the scan will be scheduled to start immediately.
- interval
Duration Days This property is required. number - The duration of time between executions in days
- schedule
Time string - A timestamp indicates when the next run will be scheduled. The value is refreshed by the server after each run. If unspecified, it will default to current server time, which means the scan will be scheduled to start immediately.
- interval_
duration_ days This property is required. int - The duration of time between executions in days
- schedule_
time str - A timestamp indicates when the next run will be scheduled. The value is refreshed by the server after each run. If unspecified, it will default to current server time, which means the scan will be scheduled to start immediately.
- interval
Duration Days This property is required. Number - The duration of time between executions in days
- schedule
Time String - A timestamp indicates when the next run will be scheduled. The value is refreshed by the server after each run. If unspecified, it will default to current server time, which means the scan will be scheduled to start immediately.
Import
ScanConfig can be imported using any of these accepted formats:
{{project}}/{{name}}{{project}} {{name}}{{name}}
When using the pulumi import command, ScanConfig can be imported using one of the formats above. For example:
$ pulumi import gcp:compute/securityScanConfig:SecurityScanConfig default {{project}}/{{name}}
$ pulumi import gcp:compute/securityScanConfig:SecurityScanConfig default "{{project}} {{name}}"
$ pulumi import gcp:compute/securityScanConfig:SecurityScanConfig default {{name}}
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Google Cloud (GCP) Classic pulumi/pulumi-gcp
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
google-betaTerraform Provider.