Google Cloud Native is in preview. Google Cloud Classic is fully supported.
google-native.networksecurity/v1beta1.SecurityProfile
Explore with Pulumi AI
Google Cloud Native is in preview. Google Cloud Classic is fully supported.
Creates a new SecurityProfile in a given organization and location. Auto-naming is currently not supported for this resource.
Create SecurityProfile Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new SecurityProfile(name: string, args: SecurityProfileArgs, opts?: CustomResourceOptions);
@overload
def SecurityProfile(resource_name: str,
args: SecurityProfileArgs,
opts: Optional[ResourceOptions] = None)
@overload
def SecurityProfile(resource_name: str,
opts: Optional[ResourceOptions] = None,
organization_id: Optional[str] = None,
security_profile_id: Optional[str] = None,
description: Optional[str] = None,
labels: Optional[Mapping[str, str]] = None,
location: Optional[str] = None,
name: Optional[str] = None,
threat_prevention_profile: Optional[ThreatPreventionProfileArgs] = None,
type: Optional[SecurityProfileType] = None)
func NewSecurityProfile(ctx *Context, name string, args SecurityProfileArgs, opts ...ResourceOption) (*SecurityProfile, error)
public SecurityProfile(string name, SecurityProfileArgs args, CustomResourceOptions? opts = null)
public SecurityProfile(String name, SecurityProfileArgs args)
public SecurityProfile(String name, SecurityProfileArgs args, CustomResourceOptions options)
type: google-native:networksecurity/v1beta1:SecurityProfile
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args SecurityProfileArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args SecurityProfileArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args SecurityProfileArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SecurityProfileArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args SecurityProfileArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var google_nativeSecurityProfileResource = new GoogleNative.NetworkSecurity.V1Beta1.SecurityProfile("google-nativeSecurityProfileResource", new()
{
OrganizationId = "string",
SecurityProfileId = "string",
Description = "string",
Labels =
{
{ "string", "string" },
},
Location = "string",
Name = "string",
ThreatPreventionProfile = new GoogleNative.NetworkSecurity.V1Beta1.Inputs.ThreatPreventionProfileArgs
{
SeverityOverrides = new[]
{
new GoogleNative.NetworkSecurity.V1Beta1.Inputs.SeverityOverrideArgs
{
Action = GoogleNative.NetworkSecurity.V1Beta1.SeverityOverrideAction.ThreatActionUnspecified,
Severity = GoogleNative.NetworkSecurity.V1Beta1.SeverityOverrideSeverity.SeverityUnspecified,
},
},
ThreatOverrides = new[]
{
new GoogleNative.NetworkSecurity.V1Beta1.Inputs.ThreatOverrideArgs
{
Action = GoogleNative.NetworkSecurity.V1Beta1.ThreatOverrideAction.ThreatActionUnspecified,
ThreatId = "string",
},
},
},
Type = GoogleNative.NetworkSecurity.V1Beta1.SecurityProfileType.ProfileTypeUnspecified,
});
example, err := networksecurityv1beta1.NewSecurityProfile(ctx, "google-nativeSecurityProfileResource", &networksecurityv1beta1.SecurityProfileArgs{
OrganizationId: pulumi.String("string"),
SecurityProfileId: pulumi.String("string"),
Description: pulumi.String("string"),
Labels: pulumi.StringMap{
"string": pulumi.String("string"),
},
Location: pulumi.String("string"),
Name: pulumi.String("string"),
ThreatPreventionProfile: &networksecurity.ThreatPreventionProfileArgs{
SeverityOverrides: networksecurity.SeverityOverrideArray{
&networksecurity.SeverityOverrideArgs{
Action: networksecurityv1beta1.SeverityOverrideActionThreatActionUnspecified,
Severity: networksecurityv1beta1.SeverityOverrideSeveritySeverityUnspecified,
},
},
ThreatOverrides: networksecurity.ThreatOverrideArray{
&networksecurity.ThreatOverrideArgs{
Action: networksecurityv1beta1.ThreatOverrideActionThreatActionUnspecified,
ThreatId: pulumi.String("string"),
},
},
},
Type: networksecurityv1beta1.SecurityProfileTypeProfileTypeUnspecified,
})
var google_nativeSecurityProfileResource = new SecurityProfile("google-nativeSecurityProfileResource", SecurityProfileArgs.builder()
.organizationId("string")
.securityProfileId("string")
.description("string")
.labels(Map.of("string", "string"))
.location("string")
.name("string")
.threatPreventionProfile(ThreatPreventionProfileArgs.builder()
.severityOverrides(SeverityOverrideArgs.builder()
.action("THREAT_ACTION_UNSPECIFIED")
.severity("SEVERITY_UNSPECIFIED")
.build())
.threatOverrides(ThreatOverrideArgs.builder()
.action("THREAT_ACTION_UNSPECIFIED")
.threatId("string")
.build())
.build())
.type("PROFILE_TYPE_UNSPECIFIED")
.build());
google_native_security_profile_resource = google_native.networksecurity.v1beta1.SecurityProfile("google-nativeSecurityProfileResource",
organization_id="string",
security_profile_id="string",
description="string",
labels={
"string": "string",
},
location="string",
name="string",
threat_prevention_profile={
"severity_overrides": [{
"action": google_native.networksecurity.v1beta1.SeverityOverrideAction.THREAT_ACTION_UNSPECIFIED,
"severity": google_native.networksecurity.v1beta1.SeverityOverrideSeverity.SEVERITY_UNSPECIFIED,
}],
"threat_overrides": [{
"action": google_native.networksecurity.v1beta1.ThreatOverrideAction.THREAT_ACTION_UNSPECIFIED,
"threat_id": "string",
}],
},
type=google_native.networksecurity.v1beta1.SecurityProfileType.PROFILE_TYPE_UNSPECIFIED)
const google_nativeSecurityProfileResource = new google_native.networksecurity.v1beta1.SecurityProfile("google-nativeSecurityProfileResource", {
organizationId: "string",
securityProfileId: "string",
description: "string",
labels: {
string: "string",
},
location: "string",
name: "string",
threatPreventionProfile: {
severityOverrides: [{
action: google_native.networksecurity.v1beta1.SeverityOverrideAction.ThreatActionUnspecified,
severity: google_native.networksecurity.v1beta1.SeverityOverrideSeverity.SeverityUnspecified,
}],
threatOverrides: [{
action: google_native.networksecurity.v1beta1.ThreatOverrideAction.ThreatActionUnspecified,
threatId: "string",
}],
},
type: google_native.networksecurity.v1beta1.SecurityProfileType.ProfileTypeUnspecified,
});
type: google-native:networksecurity/v1beta1:SecurityProfile
properties:
description: string
labels:
string: string
location: string
name: string
organizationId: string
securityProfileId: string
threatPreventionProfile:
severityOverrides:
- action: THREAT_ACTION_UNSPECIFIED
severity: SEVERITY_UNSPECIFIED
threatOverrides:
- action: THREAT_ACTION_UNSPECIFIED
threatId: string
type: PROFILE_TYPE_UNSPECIFIED
SecurityProfile Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The SecurityProfile resource accepts the following input properties:
- Organization
Id string - Security
Profile stringId - Required. Short name of the SecurityProfile resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "security_profile1".
- Description string
- Optional. An optional description of the profile. Max length 512 characters.
- Labels Dictionary<string, string>
- Optional. Labels as key value pairs.
- Location string
- Name string
- Immutable. Identifier. Name of the SecurityProfile resource. It matches pattern
projects|organizations/*/locations/{location}/securityProfiles/{security_profile}
. - Threat
Prevention Pulumi.Profile Google Native. Network Security. V1Beta1. Inputs. Threat Prevention Profile - The threat prevention configuration for the SecurityProfile.
- Type
Pulumi.
Google Native. Network Security. V1Beta1. Security Profile Type - Immutable. The single ProfileType that the SecurityProfile resource configures.
- Organization
Id string - Security
Profile stringId - Required. Short name of the SecurityProfile resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "security_profile1".
- Description string
- Optional. An optional description of the profile. Max length 512 characters.
- Labels map[string]string
- Optional. Labels as key value pairs.
- Location string
- Name string
- Immutable. Identifier. Name of the SecurityProfile resource. It matches pattern
projects|organizations/*/locations/{location}/securityProfiles/{security_profile}
. - Threat
Prevention ThreatProfile Prevention Profile Args - The threat prevention configuration for the SecurityProfile.
- Type
Security
Profile Type - Immutable. The single ProfileType that the SecurityProfile resource configures.
- organization
Id String - security
Profile StringId - Required. Short name of the SecurityProfile resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "security_profile1".
- description String
- Optional. An optional description of the profile. Max length 512 characters.
- labels Map<String,String>
- Optional. Labels as key value pairs.
- location String
- name String
- Immutable. Identifier. Name of the SecurityProfile resource. It matches pattern
projects|organizations/*/locations/{location}/securityProfiles/{security_profile}
. - threat
Prevention ThreatProfile Prevention Profile - The threat prevention configuration for the SecurityProfile.
- type
Security
Profile Type - Immutable. The single ProfileType that the SecurityProfile resource configures.
- organization
Id string - security
Profile stringId - Required. Short name of the SecurityProfile resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "security_profile1".
- description string
- Optional. An optional description of the profile. Max length 512 characters.
- labels {[key: string]: string}
- Optional. Labels as key value pairs.
- location string
- name string
- Immutable. Identifier. Name of the SecurityProfile resource. It matches pattern
projects|organizations/*/locations/{location}/securityProfiles/{security_profile}
. - threat
Prevention ThreatProfile Prevention Profile - The threat prevention configuration for the SecurityProfile.
- type
Security
Profile Type - Immutable. The single ProfileType that the SecurityProfile resource configures.
- organization_
id str - security_
profile_ strid - Required. Short name of the SecurityProfile resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "security_profile1".
- description str
- Optional. An optional description of the profile. Max length 512 characters.
- labels Mapping[str, str]
- Optional. Labels as key value pairs.
- location str
- name str
- Immutable. Identifier. Name of the SecurityProfile resource. It matches pattern
projects|organizations/*/locations/{location}/securityProfiles/{security_profile}
. - threat_
prevention_ Threatprofile Prevention Profile Args - The threat prevention configuration for the SecurityProfile.
- type
Security
Profile Type - Immutable. The single ProfileType that the SecurityProfile resource configures.
- organization
Id String - security
Profile StringId - Required. Short name of the SecurityProfile resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "security_profile1".
- description String
- Optional. An optional description of the profile. Max length 512 characters.
- labels Map<String>
- Optional. Labels as key value pairs.
- location String
- name String
- Immutable. Identifier. Name of the SecurityProfile resource. It matches pattern
projects|organizations/*/locations/{location}/securityProfiles/{security_profile}
. - threat
Prevention Property MapProfile - The threat prevention configuration for the SecurityProfile.
- type "PROFILE_TYPE_UNSPECIFIED" | "THREAT_PREVENTION"
- Immutable. The single ProfileType that the SecurityProfile resource configures.
Outputs
All input properties are implicitly available as output properties. Additionally, the SecurityProfile resource produces the following output properties:
- Create
Time string - Resource creation timestamp.
- Etag string
- This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- Id string
- The provider-assigned unique ID for this managed resource.
- Update
Time string - Last resource update timestamp.
- Create
Time string - Resource creation timestamp.
- Etag string
- This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- Id string
- The provider-assigned unique ID for this managed resource.
- Update
Time string - Last resource update timestamp.
- create
Time String - Resource creation timestamp.
- etag String
- This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- id String
- The provider-assigned unique ID for this managed resource.
- update
Time String - Last resource update timestamp.
- create
Time string - Resource creation timestamp.
- etag string
- This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- id string
- The provider-assigned unique ID for this managed resource.
- update
Time string - Last resource update timestamp.
- create_
time str - Resource creation timestamp.
- etag str
- This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- id str
- The provider-assigned unique ID for this managed resource.
- update_
time str - Last resource update timestamp.
- create
Time String - Resource creation timestamp.
- etag String
- This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- id String
- The provider-assigned unique ID for this managed resource.
- update
Time String - Last resource update timestamp.
Supporting Types
SecurityProfileType, SecurityProfileTypeArgs
- Profile
Type Unspecified - PROFILE_TYPE_UNSPECIFIEDProfile type not specified.
- Threat
Prevention - THREAT_PREVENTIONProfile type for threat prevention.
- Security
Profile Type Profile Type Unspecified - PROFILE_TYPE_UNSPECIFIEDProfile type not specified.
- Security
Profile Type Threat Prevention - THREAT_PREVENTIONProfile type for threat prevention.
- Profile
Type Unspecified - PROFILE_TYPE_UNSPECIFIEDProfile type not specified.
- Threat
Prevention - THREAT_PREVENTIONProfile type for threat prevention.
- Profile
Type Unspecified - PROFILE_TYPE_UNSPECIFIEDProfile type not specified.
- Threat
Prevention - THREAT_PREVENTIONProfile type for threat prevention.
- PROFILE_TYPE_UNSPECIFIED
- PROFILE_TYPE_UNSPECIFIEDProfile type not specified.
- THREAT_PREVENTION
- THREAT_PREVENTIONProfile type for threat prevention.
- "PROFILE_TYPE_UNSPECIFIED"
- PROFILE_TYPE_UNSPECIFIEDProfile type not specified.
- "THREAT_PREVENTION"
- THREAT_PREVENTIONProfile type for threat prevention.
SeverityOverride, SeverityOverrideArgs
- Action
Pulumi.
Google Native. Network Security. V1Beta1. Severity Override Action - Threat action override.
- Severity
Pulumi.
Google Native. Network Security. V1Beta1. Severity Override Severity - Severity level to match.
- Action
Severity
Override Action - Threat action override.
- Severity
Severity
Override Severity - Severity level to match.
- action
Severity
Override Action - Threat action override.
- severity
Severity
Override Severity - Severity level to match.
- action
Severity
Override Action - Threat action override.
- severity
Severity
Override Severity - Severity level to match.
- action
Severity
Override Action - Threat action override.
- severity
Severity
Override Severity - Severity level to match.
- action "THREAT_ACTION_UNSPECIFIED" | "DEFAULT_ACTION" | "ALLOW" | "ALERT" | "DENY"
- Threat action override.
- severity "SEVERITY_UNSPECIFIED" | "INFORMATIONAL" | "LOW" | "MEDIUM" | "HIGH" | "CRITICAL"
- Severity level to match.
SeverityOverrideAction, SeverityOverrideActionArgs
- Threat
Action Unspecified - THREAT_ACTION_UNSPECIFIEDThreat action not specified.
- Default
Action - DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
- Allow
- ALLOWThe packet matching this rule will be allowed to transmit.
- Alert
- ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
- Deny
- DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.
- Severity
Override Action Threat Action Unspecified - THREAT_ACTION_UNSPECIFIEDThreat action not specified.
- Severity
Override Action Default Action - DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
- Severity
Override Action Allow - ALLOWThe packet matching this rule will be allowed to transmit.
- Severity
Override Action Alert - ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
- Severity
Override Action Deny - DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.
- Threat
Action Unspecified - THREAT_ACTION_UNSPECIFIEDThreat action not specified.
- Default
Action - DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
- Allow
- ALLOWThe packet matching this rule will be allowed to transmit.
- Alert
- ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
- Deny
- DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.
- Threat
Action Unspecified - THREAT_ACTION_UNSPECIFIEDThreat action not specified.
- Default
Action - DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
- Allow
- ALLOWThe packet matching this rule will be allowed to transmit.
- Alert
- ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
- Deny
- DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.
- THREAT_ACTION_UNSPECIFIED
- THREAT_ACTION_UNSPECIFIEDThreat action not specified.
- DEFAULT_ACTION
- DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
- ALLOW
- ALLOWThe packet matching this rule will be allowed to transmit.
- ALERT
- ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
- DENY
- DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.
- "THREAT_ACTION_UNSPECIFIED"
- THREAT_ACTION_UNSPECIFIEDThreat action not specified.
- "DEFAULT_ACTION"
- DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
- "ALLOW"
- ALLOWThe packet matching this rule will be allowed to transmit.
- "ALERT"
- ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
- "DENY"
- DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.
SeverityOverrideResponse, SeverityOverrideResponseArgs
SeverityOverrideSeverity, SeverityOverrideSeverityArgs
- Severity
Unspecified - SEVERITY_UNSPECIFIEDSeverity level not specified.
- Informational
- INFORMATIONALSuspicious events that do not pose an immediate threat, but that are reported to call attention to deeper problems that could possibly exist.
- Low
- LOWWarning-level threats that have very little impact on an organization's infrastructure. They usually require local or physical system access and may often result in victim privacy issues and information leakage.
- Medium
- MEDIUMMinor threats in which impact is minimized, that do not compromise the target or exploits that require an attacker to reside on the same local network as the victim, affect only non-standard configurations or obscure applications, or provide very limited access.
- High
- HIGHThreats that have the ability to become critical but have mitigating factors; for example, they may be difficult to exploit, do not result in elevated privileges, or do not have a large victim pool.
- Critical
- CRITICALSerious threats, such as those that affect default installations of widely deployed software, result in root compromise of servers, and the exploit code is widely available to attackers. The attacker usually does not need any special authentication credentials or knowledge about the individual victims and the target does not need to be manipulated into performing any special functions.
- Severity
Override Severity Severity Unspecified - SEVERITY_UNSPECIFIEDSeverity level not specified.
- Severity
Override Severity Informational - INFORMATIONALSuspicious events that do not pose an immediate threat, but that are reported to call attention to deeper problems that could possibly exist.
- Severity
Override Severity Low - LOWWarning-level threats that have very little impact on an organization's infrastructure. They usually require local or physical system access and may often result in victim privacy issues and information leakage.
- Severity
Override Severity Medium - MEDIUMMinor threats in which impact is minimized, that do not compromise the target or exploits that require an attacker to reside on the same local network as the victim, affect only non-standard configurations or obscure applications, or provide very limited access.
- Severity
Override Severity High - HIGHThreats that have the ability to become critical but have mitigating factors; for example, they may be difficult to exploit, do not result in elevated privileges, or do not have a large victim pool.
- Severity
Override Severity Critical - CRITICALSerious threats, such as those that affect default installations of widely deployed software, result in root compromise of servers, and the exploit code is widely available to attackers. The attacker usually does not need any special authentication credentials or knowledge about the individual victims and the target does not need to be manipulated into performing any special functions.
- Severity
Unspecified - SEVERITY_UNSPECIFIEDSeverity level not specified.
- Informational
- INFORMATIONALSuspicious events that do not pose an immediate threat, but that are reported to call attention to deeper problems that could possibly exist.
- Low
- LOWWarning-level threats that have very little impact on an organization's infrastructure. They usually require local or physical system access and may often result in victim privacy issues and information leakage.
- Medium
- MEDIUMMinor threats in which impact is minimized, that do not compromise the target or exploits that require an attacker to reside on the same local network as the victim, affect only non-standard configurations or obscure applications, or provide very limited access.
- High
- HIGHThreats that have the ability to become critical but have mitigating factors; for example, they may be difficult to exploit, do not result in elevated privileges, or do not have a large victim pool.
- Critical
- CRITICALSerious threats, such as those that affect default installations of widely deployed software, result in root compromise of servers, and the exploit code is widely available to attackers. The attacker usually does not need any special authentication credentials or knowledge about the individual victims and the target does not need to be manipulated into performing any special functions.
- Severity
Unspecified - SEVERITY_UNSPECIFIEDSeverity level not specified.
- Informational
- INFORMATIONALSuspicious events that do not pose an immediate threat, but that are reported to call attention to deeper problems that could possibly exist.
- Low
- LOWWarning-level threats that have very little impact on an organization's infrastructure. They usually require local or physical system access and may often result in victim privacy issues and information leakage.
- Medium
- MEDIUMMinor threats in which impact is minimized, that do not compromise the target or exploits that require an attacker to reside on the same local network as the victim, affect only non-standard configurations or obscure applications, or provide very limited access.
- High
- HIGHThreats that have the ability to become critical but have mitigating factors; for example, they may be difficult to exploit, do not result in elevated privileges, or do not have a large victim pool.
- Critical
- CRITICALSerious threats, such as those that affect default installations of widely deployed software, result in root compromise of servers, and the exploit code is widely available to attackers. The attacker usually does not need any special authentication credentials or knowledge about the individual victims and the target does not need to be manipulated into performing any special functions.
- SEVERITY_UNSPECIFIED
- SEVERITY_UNSPECIFIEDSeverity level not specified.
- INFORMATIONAL
- INFORMATIONALSuspicious events that do not pose an immediate threat, but that are reported to call attention to deeper problems that could possibly exist.
- LOW
- LOWWarning-level threats that have very little impact on an organization's infrastructure. They usually require local or physical system access and may often result in victim privacy issues and information leakage.
- MEDIUM
- MEDIUMMinor threats in which impact is minimized, that do not compromise the target or exploits that require an attacker to reside on the same local network as the victim, affect only non-standard configurations or obscure applications, or provide very limited access.
- HIGH
- HIGHThreats that have the ability to become critical but have mitigating factors; for example, they may be difficult to exploit, do not result in elevated privileges, or do not have a large victim pool.
- CRITICAL
- CRITICALSerious threats, such as those that affect default installations of widely deployed software, result in root compromise of servers, and the exploit code is widely available to attackers. The attacker usually does not need any special authentication credentials or knowledge about the individual victims and the target does not need to be manipulated into performing any special functions.
- "SEVERITY_UNSPECIFIED"
- SEVERITY_UNSPECIFIEDSeverity level not specified.
- "INFORMATIONAL"
- INFORMATIONALSuspicious events that do not pose an immediate threat, but that are reported to call attention to deeper problems that could possibly exist.
- "LOW"
- LOWWarning-level threats that have very little impact on an organization's infrastructure. They usually require local or physical system access and may often result in victim privacy issues and information leakage.
- "MEDIUM"
- MEDIUMMinor threats in which impact is minimized, that do not compromise the target or exploits that require an attacker to reside on the same local network as the victim, affect only non-standard configurations or obscure applications, or provide very limited access.
- "HIGH"
- HIGHThreats that have the ability to become critical but have mitigating factors; for example, they may be difficult to exploit, do not result in elevated privileges, or do not have a large victim pool.
- "CRITICAL"
- CRITICALSerious threats, such as those that affect default installations of widely deployed software, result in root compromise of servers, and the exploit code is widely available to attackers. The attacker usually does not need any special authentication credentials or knowledge about the individual victims and the target does not need to be manipulated into performing any special functions.
ThreatOverride, ThreatOverrideArgs
- Action
Pulumi.
Google Native. Network Security. V1Beta1. Threat Override Action - Threat action override. For some threat types, only a subset of actions applies.
- Threat
Id string - Vendor-specific ID of a threat to override.
- Action
Threat
Override Action - Threat action override. For some threat types, only a subset of actions applies.
- Threat
Id string - Vendor-specific ID of a threat to override.
- action
Threat
Override Action - Threat action override. For some threat types, only a subset of actions applies.
- threat
Id String - Vendor-specific ID of a threat to override.
- action
Threat
Override Action - Threat action override. For some threat types, only a subset of actions applies.
- threat
Id string - Vendor-specific ID of a threat to override.
- action
Threat
Override Action - Threat action override. For some threat types, only a subset of actions applies.
- threat_
id str - Vendor-specific ID of a threat to override.
- action "THREAT_ACTION_UNSPECIFIED" | "DEFAULT_ACTION" | "ALLOW" | "ALERT" | "DENY"
- Threat action override. For some threat types, only a subset of actions applies.
- threat
Id String - Vendor-specific ID of a threat to override.
ThreatOverrideAction, ThreatOverrideActionArgs
- Threat
Action Unspecified - THREAT_ACTION_UNSPECIFIEDThreat action not specified.
- Default
Action - DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
- Allow
- ALLOWThe packet matching this rule will be allowed to transmit.
- Alert
- ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
- Deny
- DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.
- Threat
Override Action Threat Action Unspecified - THREAT_ACTION_UNSPECIFIEDThreat action not specified.
- Threat
Override Action Default Action - DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
- Threat
Override Action Allow - ALLOWThe packet matching this rule will be allowed to transmit.
- Threat
Override Action Alert - ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
- Threat
Override Action Deny - DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.
- Threat
Action Unspecified - THREAT_ACTION_UNSPECIFIEDThreat action not specified.
- Default
Action - DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
- Allow
- ALLOWThe packet matching this rule will be allowed to transmit.
- Alert
- ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
- Deny
- DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.
- Threat
Action Unspecified - THREAT_ACTION_UNSPECIFIEDThreat action not specified.
- Default
Action - DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
- Allow
- ALLOWThe packet matching this rule will be allowed to transmit.
- Alert
- ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
- Deny
- DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.
- THREAT_ACTION_UNSPECIFIED
- THREAT_ACTION_UNSPECIFIEDThreat action not specified.
- DEFAULT_ACTION
- DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
- ALLOW
- ALLOWThe packet matching this rule will be allowed to transmit.
- ALERT
- ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
- DENY
- DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.
- "THREAT_ACTION_UNSPECIFIED"
- THREAT_ACTION_UNSPECIFIEDThreat action not specified.
- "DEFAULT_ACTION"
- DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
- "ALLOW"
- ALLOWThe packet matching this rule will be allowed to transmit.
- "ALERT"
- ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
- "DENY"
- DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.
ThreatOverrideResponse, ThreatOverrideResponseArgs
ThreatPreventionProfile, ThreatPreventionProfileArgs
- Severity
Overrides List<Pulumi.Google Native. Network Security. V1Beta1. Inputs. Severity Override> - Optional. Configuration for overriding threats actions by severity match.
- Threat
Overrides List<Pulumi.Google Native. Network Security. V1Beta1. Inputs. Threat Override> - Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.
- Severity
Overrides []SeverityOverride - Optional. Configuration for overriding threats actions by severity match.
- Threat
Overrides []ThreatOverride - Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.
- severity
Overrides List<SeverityOverride> - Optional. Configuration for overriding threats actions by severity match.
- threat
Overrides List<ThreatOverride> - Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.
- severity
Overrides SeverityOverride[] - Optional. Configuration for overriding threats actions by severity match.
- threat
Overrides ThreatOverride[] - Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.
- severity_
overrides Sequence[SeverityOverride] - Optional. Configuration for overriding threats actions by severity match.
- threat_
overrides Sequence[ThreatOverride] - Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.
- severity
Overrides List<Property Map> - Optional. Configuration for overriding threats actions by severity match.
- threat
Overrides List<Property Map> - Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.
ThreatPreventionProfileResponse, ThreatPreventionProfileResponseArgs
- Severity
Overrides List<Pulumi.Google Native. Network Security. V1Beta1. Inputs. Severity Override Response> - Optional. Configuration for overriding threats actions by severity match.
- Threat
Overrides List<Pulumi.Google Native. Network Security. V1Beta1. Inputs. Threat Override Response> - Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.
- Severity
Overrides []SeverityOverride Response - Optional. Configuration for overriding threats actions by severity match.
- Threat
Overrides []ThreatOverride Response - Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.
- severity
Overrides List<SeverityOverride Response> - Optional. Configuration for overriding threats actions by severity match.
- threat
Overrides List<ThreatOverride Response> - Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.
- severity
Overrides SeverityOverride Response[] - Optional. Configuration for overriding threats actions by severity match.
- threat
Overrides ThreatOverride Response[] - Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.
- severity_
overrides Sequence[SeverityOverride Response] - Optional. Configuration for overriding threats actions by severity match.
- threat_
overrides Sequence[ThreatOverride Response] - Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.
- severity
Overrides List<Property Map> - Optional. Configuration for overriding threats actions by severity match.
- threat
Overrides List<Property Map> - Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.
Package Details
- Repository
- Google Cloud Native pulumi/pulumi-google-native
- License
- Apache-2.0
Google Cloud Native is in preview. Google Cloud Classic is fully supported.