Class: Google::Cloud::SecurityCenter::V2::ResourceValueConfig

Inherits:

Object

• Object
• Google::Cloud::SecurityCenter::V2::ResourceValueConfig

Extended by:

Protobuf::MessageExts::ClassMethods

Includes:

Protobuf::MessageExts

Defined in:

proto_docs/google/cloud/securitycenter/v2/resource_value_config.rb

Overview

A resource value configuration (RVC) is a mapping configuration of user's resources to resource values. Used in Attack path simulations.

Defined Under Namespace

Classes: ResourceLabelsSelectorEntry, SensitiveDataProtectionMapping

Instance Attribute Summary

• #cloud_provider ⇒ ::Google::Cloud::SecurityCenter::V2::CloudProvider

  Cloud provider this configuration applies to.

• #create_time ⇒ ::Google::Protobuf::Timestamp readonly

  Output only.

• #description ⇒ ::String

  Description of the resource value configuration.

• #name ⇒ ::String

  Identifier.

• #resource_labels_selector ⇒ ::Google::Protobuf::Map{::String => ::String}

  List of resource labels to search for, evaluated with AND.

• #resource_type ⇒ ::String

  Apply resource_value only to resources that match resource_type.

• #resource_value ⇒ ::Google::Cloud::SecurityCenter::V2::ResourceValue

  Resource value level this expression represents Only required when there is no Sensitive Data Protection mapping in the request.

• #scope ⇒ ::String

  Project or folder to scope this configuration to.

• #sensitive_data_protection_mapping ⇒ ::Google::Cloud::SecurityCenter::V2::ResourceValueConfig::SensitiveDataProtectionMapping

  A mapping of the sensitivity on Sensitive Data Protection finding to resource values.

• #tag_values ⇒ ::Array<::String>

  Tag values combined with AND to check against.

• #update_time ⇒ ::Google::Protobuf::Timestamp readonly

  Output only.

Instance Attribute Details

#cloud_provider ⇒ ::Google::Cloud::SecurityCenter::V2::CloudProvider

Returns Cloud provider this configuration applies to.

Returns:

• (::Google::Cloud::SecurityCenter::V2::CloudProvider) —

  Cloud provider this configuration applies to

# File 'proto_docs/google/cloud/securitycenter/v2/resource_value_config.rb', line 77

class ResourceValueConfig
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Resource value mapping for Sensitive Data Protection findings
  # If any of these mappings have a resource value that is not unspecified,
  # the resource_value field will be ignored when reading this configuration.
  # @!attribute [rw] high_sensitivity_mapping
  #   @return [::Google::Cloud::SecurityCenter::V2::ResourceValue]
  #     Resource value mapping for high-sensitivity Sensitive Data Protection
  #     findings
  # @!attribute [rw] medium_sensitivity_mapping
  #   @return [::Google::Cloud::SecurityCenter::V2::ResourceValue]
  #     Resource value mapping for medium-sensitivity Sensitive Data Protection
  #     findings
  class SensitiveDataProtectionMapping
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class ResourceLabelsSelectorEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#create_time ⇒ ::Google::Protobuf::Timestamp (readonly)

Returns Output only. Timestamp this resource value configuration was created.

Returns:

• (::Google::Protobuf::Timestamp) —

  Output only. Timestamp this resource value configuration was created.

# File 'proto_docs/google/cloud/securitycenter/v2/resource_value_config.rb', line 77

class ResourceValueConfig
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Resource value mapping for Sensitive Data Protection findings
  # If any of these mappings have a resource value that is not unspecified,
  # the resource_value field will be ignored when reading this configuration.
  # @!attribute [rw] high_sensitivity_mapping
  #   @return [::Google::Cloud::SecurityCenter::V2::ResourceValue]
  #     Resource value mapping for high-sensitivity Sensitive Data Protection
  #     findings
  # @!attribute [rw] medium_sensitivity_mapping
  #   @return [::Google::Cloud::SecurityCenter::V2::ResourceValue]
  #     Resource value mapping for medium-sensitivity Sensitive Data Protection
  #     findings
  class SensitiveDataProtectionMapping
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class ResourceLabelsSelectorEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#description ⇒ ::String

Returns Description of the resource value configuration.

Returns:

• (::String) —

  Description of the resource value configuration.

# File 'proto_docs/google/cloud/securitycenter/v2/resource_value_config.rb', line 77

class ResourceValueConfig
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Resource value mapping for Sensitive Data Protection findings
  # If any of these mappings have a resource value that is not unspecified,
  # the resource_value field will be ignored when reading this configuration.
  # @!attribute [rw] high_sensitivity_mapping
  #   @return [::Google::Cloud::SecurityCenter::V2::ResourceValue]
  #     Resource value mapping for high-sensitivity Sensitive Data Protection
  #     findings
  # @!attribute [rw] medium_sensitivity_mapping
  #   @return [::Google::Cloud::SecurityCenter::V2::ResourceValue]
  #     Resource value mapping for medium-sensitivity Sensitive Data Protection
  #     findings
  class SensitiveDataProtectionMapping
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class ResourceLabelsSelectorEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#name ⇒ ::String

Returns Identifier. Name for the resource value configuration.

Returns:

• (::String) —

  Identifier. Name for the resource value configuration

# File 'proto_docs/google/cloud/securitycenter/v2/resource_value_config.rb', line 77

class ResourceValueConfig
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Resource value mapping for Sensitive Data Protection findings
  # If any of these mappings have a resource value that is not unspecified,
  # the resource_value field will be ignored when reading this configuration.
  # @!attribute [rw] high_sensitivity_mapping
  #   @return [::Google::Cloud::SecurityCenter::V2::ResourceValue]
  #     Resource value mapping for high-sensitivity Sensitive Data Protection
  #     findings
  # @!attribute [rw] medium_sensitivity_mapping
  #   @return [::Google::Cloud::SecurityCenter::V2::ResourceValue]
  #     Resource value mapping for medium-sensitivity Sensitive Data Protection
  #     findings
  class SensitiveDataProtectionMapping
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class ResourceLabelsSelectorEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#resource_labels_selector ⇒ ::Google::Protobuf::Map{::String => ::String}

Returns List of resource labels to search for, evaluated with AND. For example, "resource_labels_selector": {"key": "value", "env": "prod"} will match resources with labels "key": "value" AND "env": "prod" https://cloud.google.com/resource-manager/docs/creating-managing-labels.

Returns:

• (::Google::Protobuf::Map{::String => ::String}) —

  List of resource labels to search for, evaluated with AND. For example, "resource_labels_selector": {"key": "value", "env": "prod"} will match resources with labels "key": "value" AND "env": "prod" https://cloud.google.com/resource-manager/docs/creating-managing-labels

# File 'proto_docs/google/cloud/securitycenter/v2/resource_value_config.rb', line 77

class ResourceValueConfig
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Resource value mapping for Sensitive Data Protection findings
  # If any of these mappings have a resource value that is not unspecified,
  # the resource_value field will be ignored when reading this configuration.
  # @!attribute [rw] high_sensitivity_mapping
  #   @return [::Google::Cloud::SecurityCenter::V2::ResourceValue]
  #     Resource value mapping for high-sensitivity Sensitive Data Protection
  #     findings
  # @!attribute [rw] medium_sensitivity_mapping
  #   @return [::Google::Cloud::SecurityCenter::V2::ResourceValue]
  #     Resource value mapping for medium-sensitivity Sensitive Data Protection
  #     findings
  class SensitiveDataProtectionMapping
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class ResourceLabelsSelectorEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#resource_type ⇒ ::String

Returns Apply resource_value only to resources that match resource_type. resource_type will be checked with AND of other resources. For example, "storage.googleapis.com/Bucket" with resource_value "HIGH" will apply "HIGH" value only to "storage.googleapis.com/Bucket" resources.

Returns:

• (::String) —

  Apply resource_value only to resources that match resource_type. resource_type will be checked with AND of other resources. For example, "storage.googleapis.com/Bucket" with resource_value "HIGH" will apply "HIGH" value only to "storage.googleapis.com/Bucket" resources.

# File 'proto_docs/google/cloud/securitycenter/v2/resource_value_config.rb', line 77

class ResourceValueConfig
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Resource value mapping for Sensitive Data Protection findings
  # If any of these mappings have a resource value that is not unspecified,
  # the resource_value field will be ignored when reading this configuration.
  # @!attribute [rw] high_sensitivity_mapping
  #   @return [::Google::Cloud::SecurityCenter::V2::ResourceValue]
  #     Resource value mapping for high-sensitivity Sensitive Data Protection
  #     findings
  # @!attribute [rw] medium_sensitivity_mapping
  #   @return [::Google::Cloud::SecurityCenter::V2::ResourceValue]
  #     Resource value mapping for medium-sensitivity Sensitive Data Protection
  #     findings
  class SensitiveDataProtectionMapping
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class ResourceLabelsSelectorEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#resource_value ⇒ ::Google::Cloud::SecurityCenter::V2::ResourceValue

Returns Resource value level this expression represents Only required when there is no Sensitive Data Protection mapping in the request.

Returns:

• (::Google::Cloud::SecurityCenter::V2::ResourceValue) —

  Resource value level this expression represents Only required when there is no Sensitive Data Protection mapping in the request

# File 'proto_docs/google/cloud/securitycenter/v2/resource_value_config.rb', line 77

class ResourceValueConfig
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Resource value mapping for Sensitive Data Protection findings
  # If any of these mappings have a resource value that is not unspecified,
  # the resource_value field will be ignored when reading this configuration.
  # @!attribute [rw] high_sensitivity_mapping
  #   @return [::Google::Cloud::SecurityCenter::V2::ResourceValue]
  #     Resource value mapping for high-sensitivity Sensitive Data Protection
  #     findings
  # @!attribute [rw] medium_sensitivity_mapping
  #   @return [::Google::Cloud::SecurityCenter::V2::ResourceValue]
  #     Resource value mapping for medium-sensitivity Sensitive Data Protection
  #     findings
  class SensitiveDataProtectionMapping
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class ResourceLabelsSelectorEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#scope ⇒ ::String

Returns Project or folder to scope this configuration to. For example, "project/456" would apply this configuration only to resources in "project/456" scope and will be checked with AND of other resources.

Returns:

• (::String) —

  Project or folder to scope this configuration to. For example, "project/456" would apply this configuration only to resources in "project/456" scope and will be checked with AND of other resources.

# File 'proto_docs/google/cloud/securitycenter/v2/resource_value_config.rb', line 77

class ResourceValueConfig
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Resource value mapping for Sensitive Data Protection findings
  # If any of these mappings have a resource value that is not unspecified,
  # the resource_value field will be ignored when reading this configuration.
  # @!attribute [rw] high_sensitivity_mapping
  #   @return [::Google::Cloud::SecurityCenter::V2::ResourceValue]
  #     Resource value mapping for high-sensitivity Sensitive Data Protection
  #     findings
  # @!attribute [rw] medium_sensitivity_mapping
  #   @return [::Google::Cloud::SecurityCenter::V2::ResourceValue]
  #     Resource value mapping for medium-sensitivity Sensitive Data Protection
  #     findings
  class SensitiveDataProtectionMapping
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class ResourceLabelsSelectorEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#sensitive_data_protection_mapping ⇒ ::Google::Cloud::SecurityCenter::V2::ResourceValueConfig::SensitiveDataProtectionMapping

Returns A mapping of the sensitivity on Sensitive Data Protection finding to resource values. This mapping can only be used in combination with a resource_type that is related to BigQuery, e.g. "bigquery.googleapis.com/Dataset".

Returns:

• (::Google::Cloud::SecurityCenter::V2::ResourceValueConfig::SensitiveDataProtectionMapping) —

  A mapping of the sensitivity on Sensitive Data Protection finding to resource values. This mapping can only be used in combination with a resource_type that is related to BigQuery, e.g. "bigquery.googleapis.com/Dataset".

# File 'proto_docs/google/cloud/securitycenter/v2/resource_value_config.rb', line 77

class ResourceValueConfig
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Resource value mapping for Sensitive Data Protection findings
  # If any of these mappings have a resource value that is not unspecified,
  # the resource_value field will be ignored when reading this configuration.
  # @!attribute [rw] high_sensitivity_mapping
  #   @return [::Google::Cloud::SecurityCenter::V2::ResourceValue]
  #     Resource value mapping for high-sensitivity Sensitive Data Protection
  #     findings
  # @!attribute [rw] medium_sensitivity_mapping
  #   @return [::Google::Cloud::SecurityCenter::V2::ResourceValue]
  #     Resource value mapping for medium-sensitivity Sensitive Data Protection
  #     findings
  class SensitiveDataProtectionMapping
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class ResourceLabelsSelectorEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#tag_values ⇒ ::Array<::String>

Returns Tag values combined with AND to check against. For Google Cloud resources, they are tag value IDs in the form of "tagValues/123". Example: [ "tagValues/123", "tagValues/456", "tagValues/789" ] https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing.

Returns:

• (::Array<::String>) —

  Tag values combined with AND to check against. For Google Cloud resources, they are tag value IDs in the form of "tagValues/123". Example: [ "tagValues/123", "tagValues/456", "tagValues/789" ] https://cloud.google.com/resource-manager/docs/tags/tags-creating-and-managing

# File 'proto_docs/google/cloud/securitycenter/v2/resource_value_config.rb', line 77

class ResourceValueConfig
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Resource value mapping for Sensitive Data Protection findings
  # If any of these mappings have a resource value that is not unspecified,
  # the resource_value field will be ignored when reading this configuration.
  # @!attribute [rw] high_sensitivity_mapping
  #   @return [::Google::Cloud::SecurityCenter::V2::ResourceValue]
  #     Resource value mapping for high-sensitivity Sensitive Data Protection
  #     findings
  # @!attribute [rw] medium_sensitivity_mapping
  #   @return [::Google::Cloud::SecurityCenter::V2::ResourceValue]
  #     Resource value mapping for medium-sensitivity Sensitive Data Protection
  #     findings
  class SensitiveDataProtectionMapping
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class ResourceLabelsSelectorEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#update_time ⇒ ::Google::Protobuf::Timestamp (readonly)

Returns Output only. Timestamp this resource value configuration was last updated.

Returns:

• (::Google::Protobuf::Timestamp) —

  Output only. Timestamp this resource value configuration was last updated.

# File 'proto_docs/google/cloud/securitycenter/v2/resource_value_config.rb', line 77

class ResourceValueConfig
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Resource value mapping for Sensitive Data Protection findings
  # If any of these mappings have a resource value that is not unspecified,
  # the resource_value field will be ignored when reading this configuration.
  # @!attribute [rw] high_sensitivity_mapping
  #   @return [::Google::Cloud::SecurityCenter::V2::ResourceValue]
  #     Resource value mapping for high-sensitivity Sensitive Data Protection
  #     findings
  # @!attribute [rw] medium_sensitivity_mapping
  #   @return [::Google::Cloud::SecurityCenter::V2::ResourceValue]
  #     Resource value mapping for medium-sensitivity Sensitive Data Protection
  #     findings
  class SensitiveDataProtectionMapping
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class ResourceLabelsSelectorEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end