1. Packages
  2. Google Cloud Native
  3. API Docs
  4. networksecurity
  5. networksecurity/v1beta1
  6. SecurityProfile

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

google-native.networksecurity/v1beta1.SecurityProfile

Explore with Pulumi AI

google-native logo

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

    Creates a new SecurityProfile in a given organization and location. Auto-naming is currently not supported for this resource.

    Create SecurityProfile Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new SecurityProfile(name: string, args: SecurityProfileArgs, opts?: CustomResourceOptions);
    @overload
    def SecurityProfile(resource_name: str,
                        args: SecurityProfileArgs,
                        opts: Optional[ResourceOptions] = None)
    
    @overload
    def SecurityProfile(resource_name: str,
                        opts: Optional[ResourceOptions] = None,
                        organization_id: Optional[str] = None,
                        security_profile_id: Optional[str] = None,
                        description: Optional[str] = None,
                        labels: Optional[Mapping[str, str]] = None,
                        location: Optional[str] = None,
                        name: Optional[str] = None,
                        threat_prevention_profile: Optional[ThreatPreventionProfileArgs] = None,
                        type: Optional[SecurityProfileType] = None)
    func NewSecurityProfile(ctx *Context, name string, args SecurityProfileArgs, opts ...ResourceOption) (*SecurityProfile, error)
    public SecurityProfile(string name, SecurityProfileArgs args, CustomResourceOptions? opts = null)
    public SecurityProfile(String name, SecurityProfileArgs args)
    public SecurityProfile(String name, SecurityProfileArgs args, CustomResourceOptions options)
    
    type: google-native:networksecurity/v1beta1:SecurityProfile
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args SecurityProfileArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args SecurityProfileArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args SecurityProfileArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args SecurityProfileArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args SecurityProfileArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var google_nativeSecurityProfileResource = new GoogleNative.NetworkSecurity.V1Beta1.SecurityProfile("google-nativeSecurityProfileResource", new()
    {
        OrganizationId = "string",
        SecurityProfileId = "string",
        Description = "string",
        Labels = 
        {
            { "string", "string" },
        },
        Location = "string",
        Name = "string",
        ThreatPreventionProfile = new GoogleNative.NetworkSecurity.V1Beta1.Inputs.ThreatPreventionProfileArgs
        {
            SeverityOverrides = new[]
            {
                new GoogleNative.NetworkSecurity.V1Beta1.Inputs.SeverityOverrideArgs
                {
                    Action = GoogleNative.NetworkSecurity.V1Beta1.SeverityOverrideAction.ThreatActionUnspecified,
                    Severity = GoogleNative.NetworkSecurity.V1Beta1.SeverityOverrideSeverity.SeverityUnspecified,
                },
            },
            ThreatOverrides = new[]
            {
                new GoogleNative.NetworkSecurity.V1Beta1.Inputs.ThreatOverrideArgs
                {
                    Action = GoogleNative.NetworkSecurity.V1Beta1.ThreatOverrideAction.ThreatActionUnspecified,
                    ThreatId = "string",
                },
            },
        },
        Type = GoogleNative.NetworkSecurity.V1Beta1.SecurityProfileType.ProfileTypeUnspecified,
    });
    
    example, err := networksecurityv1beta1.NewSecurityProfile(ctx, "google-nativeSecurityProfileResource", &networksecurityv1beta1.SecurityProfileArgs{
    	OrganizationId:    pulumi.String("string"),
    	SecurityProfileId: pulumi.String("string"),
    	Description:       pulumi.String("string"),
    	Labels: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	Location: pulumi.String("string"),
    	Name:     pulumi.String("string"),
    	ThreatPreventionProfile: &networksecurity.ThreatPreventionProfileArgs{
    		SeverityOverrides: networksecurity.SeverityOverrideArray{
    			&networksecurity.SeverityOverrideArgs{
    				Action:   networksecurityv1beta1.SeverityOverrideActionThreatActionUnspecified,
    				Severity: networksecurityv1beta1.SeverityOverrideSeveritySeverityUnspecified,
    			},
    		},
    		ThreatOverrides: networksecurity.ThreatOverrideArray{
    			&networksecurity.ThreatOverrideArgs{
    				Action:   networksecurityv1beta1.ThreatOverrideActionThreatActionUnspecified,
    				ThreatId: pulumi.String("string"),
    			},
    		},
    	},
    	Type: networksecurityv1beta1.SecurityProfileTypeProfileTypeUnspecified,
    })
    
    var google_nativeSecurityProfileResource = new SecurityProfile("google-nativeSecurityProfileResource", SecurityProfileArgs.builder()
        .organizationId("string")
        .securityProfileId("string")
        .description("string")
        .labels(Map.of("string", "string"))
        .location("string")
        .name("string")
        .threatPreventionProfile(ThreatPreventionProfileArgs.builder()
            .severityOverrides(SeverityOverrideArgs.builder()
                .action("THREAT_ACTION_UNSPECIFIED")
                .severity("SEVERITY_UNSPECIFIED")
                .build())
            .threatOverrides(ThreatOverrideArgs.builder()
                .action("THREAT_ACTION_UNSPECIFIED")
                .threatId("string")
                .build())
            .build())
        .type("PROFILE_TYPE_UNSPECIFIED")
        .build());
    
    google_native_security_profile_resource = google_native.networksecurity.v1beta1.SecurityProfile("google-nativeSecurityProfileResource",
        organization_id="string",
        security_profile_id="string",
        description="string",
        labels={
            "string": "string",
        },
        location="string",
        name="string",
        threat_prevention_profile={
            "severity_overrides": [{
                "action": google_native.networksecurity.v1beta1.SeverityOverrideAction.THREAT_ACTION_UNSPECIFIED,
                "severity": google_native.networksecurity.v1beta1.SeverityOverrideSeverity.SEVERITY_UNSPECIFIED,
            }],
            "threat_overrides": [{
                "action": google_native.networksecurity.v1beta1.ThreatOverrideAction.THREAT_ACTION_UNSPECIFIED,
                "threat_id": "string",
            }],
        },
        type=google_native.networksecurity.v1beta1.SecurityProfileType.PROFILE_TYPE_UNSPECIFIED)
    
    const google_nativeSecurityProfileResource = new google_native.networksecurity.v1beta1.SecurityProfile("google-nativeSecurityProfileResource", {
        organizationId: "string",
        securityProfileId: "string",
        description: "string",
        labels: {
            string: "string",
        },
        location: "string",
        name: "string",
        threatPreventionProfile: {
            severityOverrides: [{
                action: google_native.networksecurity.v1beta1.SeverityOverrideAction.ThreatActionUnspecified,
                severity: google_native.networksecurity.v1beta1.SeverityOverrideSeverity.SeverityUnspecified,
            }],
            threatOverrides: [{
                action: google_native.networksecurity.v1beta1.ThreatOverrideAction.ThreatActionUnspecified,
                threatId: "string",
            }],
        },
        type: google_native.networksecurity.v1beta1.SecurityProfileType.ProfileTypeUnspecified,
    });
    
    type: google-native:networksecurity/v1beta1:SecurityProfile
    properties:
        description: string
        labels:
            string: string
        location: string
        name: string
        organizationId: string
        securityProfileId: string
        threatPreventionProfile:
            severityOverrides:
                - action: THREAT_ACTION_UNSPECIFIED
                  severity: SEVERITY_UNSPECIFIED
            threatOverrides:
                - action: THREAT_ACTION_UNSPECIFIED
                  threatId: string
        type: PROFILE_TYPE_UNSPECIFIED
    

    SecurityProfile Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The SecurityProfile resource accepts the following input properties:

    OrganizationId string
    SecurityProfileId string
    Required. Short name of the SecurityProfile resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "security_profile1".
    Description string
    Optional. An optional description of the profile. Max length 512 characters.
    Labels Dictionary<string, string>
    Optional. Labels as key value pairs.
    Location string
    Name string
    Immutable. Identifier. Name of the SecurityProfile resource. It matches pattern projects|organizations/*/locations/{location}/securityProfiles/{security_profile}.
    ThreatPreventionProfile Pulumi.GoogleNative.NetworkSecurity.V1Beta1.Inputs.ThreatPreventionProfile
    The threat prevention configuration for the SecurityProfile.
    Type Pulumi.GoogleNative.NetworkSecurity.V1Beta1.SecurityProfileType
    Immutable. The single ProfileType that the SecurityProfile resource configures.
    OrganizationId string
    SecurityProfileId string
    Required. Short name of the SecurityProfile resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "security_profile1".
    Description string
    Optional. An optional description of the profile. Max length 512 characters.
    Labels map[string]string
    Optional. Labels as key value pairs.
    Location string
    Name string
    Immutable. Identifier. Name of the SecurityProfile resource. It matches pattern projects|organizations/*/locations/{location}/securityProfiles/{security_profile}.
    ThreatPreventionProfile ThreatPreventionProfileArgs
    The threat prevention configuration for the SecurityProfile.
    Type SecurityProfileType
    Immutable. The single ProfileType that the SecurityProfile resource configures.
    organizationId String
    securityProfileId String
    Required. Short name of the SecurityProfile resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "security_profile1".
    description String
    Optional. An optional description of the profile. Max length 512 characters.
    labels Map<String,String>
    Optional. Labels as key value pairs.
    location String
    name String
    Immutable. Identifier. Name of the SecurityProfile resource. It matches pattern projects|organizations/*/locations/{location}/securityProfiles/{security_profile}.
    threatPreventionProfile ThreatPreventionProfile
    The threat prevention configuration for the SecurityProfile.
    type SecurityProfileType
    Immutable. The single ProfileType that the SecurityProfile resource configures.
    organizationId string
    securityProfileId string
    Required. Short name of the SecurityProfile resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "security_profile1".
    description string
    Optional. An optional description of the profile. Max length 512 characters.
    labels {[key: string]: string}
    Optional. Labels as key value pairs.
    location string
    name string
    Immutable. Identifier. Name of the SecurityProfile resource. It matches pattern projects|organizations/*/locations/{location}/securityProfiles/{security_profile}.
    threatPreventionProfile ThreatPreventionProfile
    The threat prevention configuration for the SecurityProfile.
    type SecurityProfileType
    Immutable. The single ProfileType that the SecurityProfile resource configures.
    organization_id str
    security_profile_id str
    Required. Short name of the SecurityProfile resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "security_profile1".
    description str
    Optional. An optional description of the profile. Max length 512 characters.
    labels Mapping[str, str]
    Optional. Labels as key value pairs.
    location str
    name str
    Immutable. Identifier. Name of the SecurityProfile resource. It matches pattern projects|organizations/*/locations/{location}/securityProfiles/{security_profile}.
    threat_prevention_profile ThreatPreventionProfileArgs
    The threat prevention configuration for the SecurityProfile.
    type SecurityProfileType
    Immutable. The single ProfileType that the SecurityProfile resource configures.
    organizationId String
    securityProfileId String
    Required. Short name of the SecurityProfile resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "security_profile1".
    description String
    Optional. An optional description of the profile. Max length 512 characters.
    labels Map<String>
    Optional. Labels as key value pairs.
    location String
    name String
    Immutable. Identifier. Name of the SecurityProfile resource. It matches pattern projects|organizations/*/locations/{location}/securityProfiles/{security_profile}.
    threatPreventionProfile Property Map
    The threat prevention configuration for the SecurityProfile.
    type "PROFILE_TYPE_UNSPECIFIED" | "THREAT_PREVENTION"
    Immutable. The single ProfileType that the SecurityProfile resource configures.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the SecurityProfile resource produces the following output properties:

    CreateTime string
    Resource creation timestamp.
    Etag string
    This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
    Id string
    The provider-assigned unique ID for this managed resource.
    UpdateTime string
    Last resource update timestamp.
    CreateTime string
    Resource creation timestamp.
    Etag string
    This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
    Id string
    The provider-assigned unique ID for this managed resource.
    UpdateTime string
    Last resource update timestamp.
    createTime String
    Resource creation timestamp.
    etag String
    This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
    id String
    The provider-assigned unique ID for this managed resource.
    updateTime String
    Last resource update timestamp.
    createTime string
    Resource creation timestamp.
    etag string
    This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
    id string
    The provider-assigned unique ID for this managed resource.
    updateTime string
    Last resource update timestamp.
    create_time str
    Resource creation timestamp.
    etag str
    This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
    id str
    The provider-assigned unique ID for this managed resource.
    update_time str
    Last resource update timestamp.
    createTime String
    Resource creation timestamp.
    etag String
    This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
    id String
    The provider-assigned unique ID for this managed resource.
    updateTime String
    Last resource update timestamp.

    Supporting Types

    SecurityProfileType, SecurityProfileTypeArgs

    ProfileTypeUnspecified
    PROFILE_TYPE_UNSPECIFIEDProfile type not specified.
    ThreatPrevention
    THREAT_PREVENTIONProfile type for threat prevention.
    SecurityProfileTypeProfileTypeUnspecified
    PROFILE_TYPE_UNSPECIFIEDProfile type not specified.
    SecurityProfileTypeThreatPrevention
    THREAT_PREVENTIONProfile type for threat prevention.
    ProfileTypeUnspecified
    PROFILE_TYPE_UNSPECIFIEDProfile type not specified.
    ThreatPrevention
    THREAT_PREVENTIONProfile type for threat prevention.
    ProfileTypeUnspecified
    PROFILE_TYPE_UNSPECIFIEDProfile type not specified.
    ThreatPrevention
    THREAT_PREVENTIONProfile type for threat prevention.
    PROFILE_TYPE_UNSPECIFIED
    PROFILE_TYPE_UNSPECIFIEDProfile type not specified.
    THREAT_PREVENTION
    THREAT_PREVENTIONProfile type for threat prevention.
    "PROFILE_TYPE_UNSPECIFIED"
    PROFILE_TYPE_UNSPECIFIEDProfile type not specified.
    "THREAT_PREVENTION"
    THREAT_PREVENTIONProfile type for threat prevention.

    SeverityOverride, SeverityOverrideArgs

    Action SeverityOverrideAction
    Threat action override.
    Severity SeverityOverrideSeverity
    Severity level to match.
    action SeverityOverrideAction
    Threat action override.
    severity SeverityOverrideSeverity
    Severity level to match.
    action SeverityOverrideAction
    Threat action override.
    severity SeverityOverrideSeverity
    Severity level to match.
    action SeverityOverrideAction
    Threat action override.
    severity SeverityOverrideSeverity
    Severity level to match.

    SeverityOverrideAction, SeverityOverrideActionArgs

    ThreatActionUnspecified
    THREAT_ACTION_UNSPECIFIEDThreat action not specified.
    DefaultAction
    DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
    Allow
    ALLOWThe packet matching this rule will be allowed to transmit.
    Alert
    ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
    Deny
    DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.
    SeverityOverrideActionThreatActionUnspecified
    THREAT_ACTION_UNSPECIFIEDThreat action not specified.
    SeverityOverrideActionDefaultAction
    DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
    SeverityOverrideActionAllow
    ALLOWThe packet matching this rule will be allowed to transmit.
    SeverityOverrideActionAlert
    ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
    SeverityOverrideActionDeny
    DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.
    ThreatActionUnspecified
    THREAT_ACTION_UNSPECIFIEDThreat action not specified.
    DefaultAction
    DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
    Allow
    ALLOWThe packet matching this rule will be allowed to transmit.
    Alert
    ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
    Deny
    DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.
    ThreatActionUnspecified
    THREAT_ACTION_UNSPECIFIEDThreat action not specified.
    DefaultAction
    DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
    Allow
    ALLOWThe packet matching this rule will be allowed to transmit.
    Alert
    ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
    Deny
    DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.
    THREAT_ACTION_UNSPECIFIED
    THREAT_ACTION_UNSPECIFIEDThreat action not specified.
    DEFAULT_ACTION
    DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
    ALLOW
    ALLOWThe packet matching this rule will be allowed to transmit.
    ALERT
    ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
    DENY
    DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.
    "THREAT_ACTION_UNSPECIFIED"
    THREAT_ACTION_UNSPECIFIEDThreat action not specified.
    "DEFAULT_ACTION"
    DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
    "ALLOW"
    ALLOWThe packet matching this rule will be allowed to transmit.
    "ALERT"
    ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
    "DENY"
    DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.

    SeverityOverrideResponse, SeverityOverrideResponseArgs

    Action string
    Threat action override.
    Severity string
    Severity level to match.
    Action string
    Threat action override.
    Severity string
    Severity level to match.
    action String
    Threat action override.
    severity String
    Severity level to match.
    action string
    Threat action override.
    severity string
    Severity level to match.
    action str
    Threat action override.
    severity str
    Severity level to match.
    action String
    Threat action override.
    severity String
    Severity level to match.

    SeverityOverrideSeverity, SeverityOverrideSeverityArgs

    SeverityUnspecified
    SEVERITY_UNSPECIFIEDSeverity level not specified.
    Informational
    INFORMATIONALSuspicious events that do not pose an immediate threat, but that are reported to call attention to deeper problems that could possibly exist.
    Low
    LOWWarning-level threats that have very little impact on an organization's infrastructure. They usually require local or physical system access and may often result in victim privacy issues and information leakage.
    Medium
    MEDIUMMinor threats in which impact is minimized, that do not compromise the target or exploits that require an attacker to reside on the same local network as the victim, affect only non-standard configurations or obscure applications, or provide very limited access.
    High
    HIGHThreats that have the ability to become critical but have mitigating factors; for example, they may be difficult to exploit, do not result in elevated privileges, or do not have a large victim pool.
    Critical
    CRITICALSerious threats, such as those that affect default installations of widely deployed software, result in root compromise of servers, and the exploit code is widely available to attackers. The attacker usually does not need any special authentication credentials or knowledge about the individual victims and the target does not need to be manipulated into performing any special functions.
    SeverityOverrideSeveritySeverityUnspecified
    SEVERITY_UNSPECIFIEDSeverity level not specified.
    SeverityOverrideSeverityInformational
    INFORMATIONALSuspicious events that do not pose an immediate threat, but that are reported to call attention to deeper problems that could possibly exist.
    SeverityOverrideSeverityLow
    LOWWarning-level threats that have very little impact on an organization's infrastructure. They usually require local or physical system access and may often result in victim privacy issues and information leakage.
    SeverityOverrideSeverityMedium
    MEDIUMMinor threats in which impact is minimized, that do not compromise the target or exploits that require an attacker to reside on the same local network as the victim, affect only non-standard configurations or obscure applications, or provide very limited access.
    SeverityOverrideSeverityHigh
    HIGHThreats that have the ability to become critical but have mitigating factors; for example, they may be difficult to exploit, do not result in elevated privileges, or do not have a large victim pool.
    SeverityOverrideSeverityCritical
    CRITICALSerious threats, such as those that affect default installations of widely deployed software, result in root compromise of servers, and the exploit code is widely available to attackers. The attacker usually does not need any special authentication credentials or knowledge about the individual victims and the target does not need to be manipulated into performing any special functions.
    SeverityUnspecified
    SEVERITY_UNSPECIFIEDSeverity level not specified.
    Informational
    INFORMATIONALSuspicious events that do not pose an immediate threat, but that are reported to call attention to deeper problems that could possibly exist.
    Low
    LOWWarning-level threats that have very little impact on an organization's infrastructure. They usually require local or physical system access and may often result in victim privacy issues and information leakage.
    Medium
    MEDIUMMinor threats in which impact is minimized, that do not compromise the target or exploits that require an attacker to reside on the same local network as the victim, affect only non-standard configurations or obscure applications, or provide very limited access.
    High
    HIGHThreats that have the ability to become critical but have mitigating factors; for example, they may be difficult to exploit, do not result in elevated privileges, or do not have a large victim pool.
    Critical
    CRITICALSerious threats, such as those that affect default installations of widely deployed software, result in root compromise of servers, and the exploit code is widely available to attackers. The attacker usually does not need any special authentication credentials or knowledge about the individual victims and the target does not need to be manipulated into performing any special functions.
    SeverityUnspecified
    SEVERITY_UNSPECIFIEDSeverity level not specified.
    Informational
    INFORMATIONALSuspicious events that do not pose an immediate threat, but that are reported to call attention to deeper problems that could possibly exist.
    Low
    LOWWarning-level threats that have very little impact on an organization's infrastructure. They usually require local or physical system access and may often result in victim privacy issues and information leakage.
    Medium
    MEDIUMMinor threats in which impact is minimized, that do not compromise the target or exploits that require an attacker to reside on the same local network as the victim, affect only non-standard configurations or obscure applications, or provide very limited access.
    High
    HIGHThreats that have the ability to become critical but have mitigating factors; for example, they may be difficult to exploit, do not result in elevated privileges, or do not have a large victim pool.
    Critical
    CRITICALSerious threats, such as those that affect default installations of widely deployed software, result in root compromise of servers, and the exploit code is widely available to attackers. The attacker usually does not need any special authentication credentials or knowledge about the individual victims and the target does not need to be manipulated into performing any special functions.
    SEVERITY_UNSPECIFIED
    SEVERITY_UNSPECIFIEDSeverity level not specified.
    INFORMATIONAL
    INFORMATIONALSuspicious events that do not pose an immediate threat, but that are reported to call attention to deeper problems that could possibly exist.
    LOW
    LOWWarning-level threats that have very little impact on an organization's infrastructure. They usually require local or physical system access and may often result in victim privacy issues and information leakage.
    MEDIUM
    MEDIUMMinor threats in which impact is minimized, that do not compromise the target or exploits that require an attacker to reside on the same local network as the victim, affect only non-standard configurations or obscure applications, or provide very limited access.
    HIGH
    HIGHThreats that have the ability to become critical but have mitigating factors; for example, they may be difficult to exploit, do not result in elevated privileges, or do not have a large victim pool.
    CRITICAL
    CRITICALSerious threats, such as those that affect default installations of widely deployed software, result in root compromise of servers, and the exploit code is widely available to attackers. The attacker usually does not need any special authentication credentials or knowledge about the individual victims and the target does not need to be manipulated into performing any special functions.
    "SEVERITY_UNSPECIFIED"
    SEVERITY_UNSPECIFIEDSeverity level not specified.
    "INFORMATIONAL"
    INFORMATIONALSuspicious events that do not pose an immediate threat, but that are reported to call attention to deeper problems that could possibly exist.
    "LOW"
    LOWWarning-level threats that have very little impact on an organization's infrastructure. They usually require local or physical system access and may often result in victim privacy issues and information leakage.
    "MEDIUM"
    MEDIUMMinor threats in which impact is minimized, that do not compromise the target or exploits that require an attacker to reside on the same local network as the victim, affect only non-standard configurations or obscure applications, or provide very limited access.
    "HIGH"
    HIGHThreats that have the ability to become critical but have mitigating factors; for example, they may be difficult to exploit, do not result in elevated privileges, or do not have a large victim pool.
    "CRITICAL"
    CRITICALSerious threats, such as those that affect default installations of widely deployed software, result in root compromise of servers, and the exploit code is widely available to attackers. The attacker usually does not need any special authentication credentials or knowledge about the individual victims and the target does not need to be manipulated into performing any special functions.

    ThreatOverride, ThreatOverrideArgs

    Action Pulumi.GoogleNative.NetworkSecurity.V1Beta1.ThreatOverrideAction
    Threat action override. For some threat types, only a subset of actions applies.
    ThreatId string
    Vendor-specific ID of a threat to override.
    Action ThreatOverrideAction
    Threat action override. For some threat types, only a subset of actions applies.
    ThreatId string
    Vendor-specific ID of a threat to override.
    action ThreatOverrideAction
    Threat action override. For some threat types, only a subset of actions applies.
    threatId String
    Vendor-specific ID of a threat to override.
    action ThreatOverrideAction
    Threat action override. For some threat types, only a subset of actions applies.
    threatId string
    Vendor-specific ID of a threat to override.
    action ThreatOverrideAction
    Threat action override. For some threat types, only a subset of actions applies.
    threat_id str
    Vendor-specific ID of a threat to override.
    action "THREAT_ACTION_UNSPECIFIED" | "DEFAULT_ACTION" | "ALLOW" | "ALERT" | "DENY"
    Threat action override. For some threat types, only a subset of actions applies.
    threatId String
    Vendor-specific ID of a threat to override.

    ThreatOverrideAction, ThreatOverrideActionArgs

    ThreatActionUnspecified
    THREAT_ACTION_UNSPECIFIEDThreat action not specified.
    DefaultAction
    DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
    Allow
    ALLOWThe packet matching this rule will be allowed to transmit.
    Alert
    ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
    Deny
    DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.
    ThreatOverrideActionThreatActionUnspecified
    THREAT_ACTION_UNSPECIFIEDThreat action not specified.
    ThreatOverrideActionDefaultAction
    DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
    ThreatOverrideActionAllow
    ALLOWThe packet matching this rule will be allowed to transmit.
    ThreatOverrideActionAlert
    ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
    ThreatOverrideActionDeny
    DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.
    ThreatActionUnspecified
    THREAT_ACTION_UNSPECIFIEDThreat action not specified.
    DefaultAction
    DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
    Allow
    ALLOWThe packet matching this rule will be allowed to transmit.
    Alert
    ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
    Deny
    DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.
    ThreatActionUnspecified
    THREAT_ACTION_UNSPECIFIEDThreat action not specified.
    DefaultAction
    DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
    Allow
    ALLOWThe packet matching this rule will be allowed to transmit.
    Alert
    ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
    Deny
    DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.
    THREAT_ACTION_UNSPECIFIED
    THREAT_ACTION_UNSPECIFIEDThreat action not specified.
    DEFAULT_ACTION
    DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
    ALLOW
    ALLOWThe packet matching this rule will be allowed to transmit.
    ALERT
    ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
    DENY
    DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.
    "THREAT_ACTION_UNSPECIFIED"
    THREAT_ACTION_UNSPECIFIEDThreat action not specified.
    "DEFAULT_ACTION"
    DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
    "ALLOW"
    ALLOWThe packet matching this rule will be allowed to transmit.
    "ALERT"
    ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
    "DENY"
    DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.

    ThreatOverrideResponse, ThreatOverrideResponseArgs

    Action string
    Threat action override. For some threat types, only a subset of actions applies.
    ThreatId string
    Vendor-specific ID of a threat to override.
    Type string
    Type of the threat (read only).
    Action string
    Threat action override. For some threat types, only a subset of actions applies.
    ThreatId string
    Vendor-specific ID of a threat to override.
    Type string
    Type of the threat (read only).
    action String
    Threat action override. For some threat types, only a subset of actions applies.
    threatId String
    Vendor-specific ID of a threat to override.
    type String
    Type of the threat (read only).
    action string
    Threat action override. For some threat types, only a subset of actions applies.
    threatId string
    Vendor-specific ID of a threat to override.
    type string
    Type of the threat (read only).
    action str
    Threat action override. For some threat types, only a subset of actions applies.
    threat_id str
    Vendor-specific ID of a threat to override.
    type str
    Type of the threat (read only).
    action String
    Threat action override. For some threat types, only a subset of actions applies.
    threatId String
    Vendor-specific ID of a threat to override.
    type String
    Type of the threat (read only).

    ThreatPreventionProfile, ThreatPreventionProfileArgs

    SeverityOverrides List<Pulumi.GoogleNative.NetworkSecurity.V1Beta1.Inputs.SeverityOverride>
    Optional. Configuration for overriding threats actions by severity match.
    ThreatOverrides List<Pulumi.GoogleNative.NetworkSecurity.V1Beta1.Inputs.ThreatOverride>
    Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.
    SeverityOverrides []SeverityOverride
    Optional. Configuration for overriding threats actions by severity match.
    ThreatOverrides []ThreatOverride
    Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.
    severityOverrides List<SeverityOverride>
    Optional. Configuration for overriding threats actions by severity match.
    threatOverrides List<ThreatOverride>
    Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.
    severityOverrides SeverityOverride[]
    Optional. Configuration for overriding threats actions by severity match.
    threatOverrides ThreatOverride[]
    Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.
    severity_overrides Sequence[SeverityOverride]
    Optional. Configuration for overriding threats actions by severity match.
    threat_overrides Sequence[ThreatOverride]
    Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.
    severityOverrides List<Property Map>
    Optional. Configuration for overriding threats actions by severity match.
    threatOverrides List<Property Map>
    Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.

    ThreatPreventionProfileResponse, ThreatPreventionProfileResponseArgs

    SeverityOverrides List<Pulumi.GoogleNative.NetworkSecurity.V1Beta1.Inputs.SeverityOverrideResponse>
    Optional. Configuration for overriding threats actions by severity match.
    ThreatOverrides List<Pulumi.GoogleNative.NetworkSecurity.V1Beta1.Inputs.ThreatOverrideResponse>
    Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.
    SeverityOverrides []SeverityOverrideResponse
    Optional. Configuration for overriding threats actions by severity match.
    ThreatOverrides []ThreatOverrideResponse
    Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.
    severityOverrides List<SeverityOverrideResponse>
    Optional. Configuration for overriding threats actions by severity match.
    threatOverrides List<ThreatOverrideResponse>
    Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.
    severityOverrides SeverityOverrideResponse[]
    Optional. Configuration for overriding threats actions by severity match.
    threatOverrides ThreatOverrideResponse[]
    Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.
    severity_overrides Sequence[SeverityOverrideResponse]
    Optional. Configuration for overriding threats actions by severity match.
    threat_overrides Sequence[ThreatOverrideResponse]
    Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.
    severityOverrides List<Property Map>
    Optional. Configuration for overriding threats actions by severity match.
    threatOverrides List<Property Map>
    Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.

    Package Details

    Repository
    Google Cloud Native pulumi/pulumi-google-native
    License
    Apache-2.0
    google-native logo

    Google Cloud Native is in preview. Google Cloud Classic is fully supported.

    Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi