Google Cloud Native v0.32.0, Nov 29 23

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

pulumi/pulumi-google-native

google-native.networksecurity/v1beta1.SecurityProfile

Explore with Pulumi AI

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

pulumi/pulumi-google-native

Create SecurityProfile Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new SecurityProfile(name: string, args: SecurityProfileArgs, opts?: CustomResourceOptions);

@overload
def SecurityProfile(resource_name: str,
                    args: SecurityProfileArgs,
                    opts: Optional[ResourceOptions] = None)

@overload
def SecurityProfile(resource_name: str,
                    opts: Optional[ResourceOptions] = None,
                    organization_id: Optional[str] = None,
                    security_profile_id: Optional[str] = None,
                    description: Optional[str] = None,
                    labels: Optional[Mapping[str, str]] = None,
                    location: Optional[str] = None,
                    name: Optional[str] = None,
                    threat_prevention_profile: Optional[ThreatPreventionProfileArgs] = None,
                    type: Optional[SecurityProfileType] = None)

func NewSecurityProfile(ctx *Context, name string, args SecurityProfileArgs, opts ...ResourceOption) (*SecurityProfile, error)

public SecurityProfile(string name, SecurityProfileArgs args, CustomResourceOptions? opts = null)

public SecurityProfile(String name, SecurityProfileArgs args)
public SecurityProfile(String name, SecurityProfileArgs args, CustomResourceOptions options)

type: google-native:networksecurity/v1beta1:SecurityProfile
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args SecurityProfileArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args SecurityProfileArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args SecurityProfileArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args SecurityProfileArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args SecurityProfileArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Example

The following reference example uses placeholder values for all input properties.

var google_nativeSecurityProfileResource = new GoogleNative.NetworkSecurity.V1Beta1.SecurityProfile("google-nativeSecurityProfileResource", new()
{
    OrganizationId = "string",
    SecurityProfileId = "string",
    Description = "string",
    Labels = 
    {
        { "string", "string" },
    },
    Location = "string",
    Name = "string",
    ThreatPreventionProfile = new GoogleNative.NetworkSecurity.V1Beta1.Inputs.ThreatPreventionProfileArgs
    {
        SeverityOverrides = new[]
        {
            new GoogleNative.NetworkSecurity.V1Beta1.Inputs.SeverityOverrideArgs
            {
                Action = GoogleNative.NetworkSecurity.V1Beta1.SeverityOverrideAction.ThreatActionUnspecified,
                Severity = GoogleNative.NetworkSecurity.V1Beta1.SeverityOverrideSeverity.SeverityUnspecified,
            },
        },
        ThreatOverrides = new[]
        {
            new GoogleNative.NetworkSecurity.V1Beta1.Inputs.ThreatOverrideArgs
            {
                Action = GoogleNative.NetworkSecurity.V1Beta1.ThreatOverrideAction.ThreatActionUnspecified,
                ThreatId = "string",
            },
        },
    },
    Type = GoogleNative.NetworkSecurity.V1Beta1.SecurityProfileType.ProfileTypeUnspecified,
});

example, err := networksecurityv1beta1.NewSecurityProfile(ctx, "google-nativeSecurityProfileResource", &networksecurityv1beta1.SecurityProfileArgs{
OrganizationId: pulumi.String("string"),
SecurityProfileId: pulumi.String("string"),
Description: pulumi.String("string"),
Labels: pulumi.StringMap{
"string": pulumi.String("string"),
},
Location: pulumi.String("string"),
Name: pulumi.String("string"),
ThreatPreventionProfile: &networksecurity.ThreatPreventionProfileArgs{
SeverityOverrides: networksecurity.SeverityOverrideArray{
&networksecurity.SeverityOverrideArgs{
Action: networksecurityv1beta1.SeverityOverrideActionThreatActionUnspecified,
Severity: networksecurityv1beta1.SeverityOverrideSeveritySeverityUnspecified,
},
},
ThreatOverrides: networksecurity.ThreatOverrideArray{
&networksecurity.ThreatOverrideArgs{
Action: networksecurityv1beta1.ThreatOverrideActionThreatActionUnspecified,
ThreatId: pulumi.String("string"),
},
},
},
Type: networksecurityv1beta1.SecurityProfileTypeProfileTypeUnspecified,
})

var google_nativeSecurityProfileResource = new SecurityProfile("google-nativeSecurityProfileResource", SecurityProfileArgs.builder()        
    .organizationId("string")
    .securityProfileId("string")
    .description("string")
    .labels(Map.of("string", "string"))
    .location("string")
    .name("string")
    .threatPreventionProfile(ThreatPreventionProfileArgs.builder()
        .severityOverrides(SeverityOverrideArgs.builder()
            .action("THREAT_ACTION_UNSPECIFIED")
            .severity("SEVERITY_UNSPECIFIED")
            .build())
        .threatOverrides(ThreatOverrideArgs.builder()
            .action("THREAT_ACTION_UNSPECIFIED")
            .threatId("string")
            .build())
        .build())
    .type("PROFILE_TYPE_UNSPECIFIED")
    .build());

google_native_security_profile_resource = google_native.networksecurity.v1beta1.SecurityProfile("google-nativeSecurityProfileResource",
    organization_id="string",
    security_profile_id="string",
    description="string",
    labels={
        "string": "string",
    },
    location="string",
    name="string",
    threat_prevention_profile=google_native.networksecurity.v1beta1.ThreatPreventionProfileArgs(
        severity_overrides=[google_native.networksecurity.v1beta1.SeverityOverrideArgs(
            action=google_native.networksecurity.v1beta1.SeverityOverrideAction.THREAT_ACTION_UNSPECIFIED,
            severity=google_native.networksecurity.v1beta1.SeverityOverrideSeverity.SEVERITY_UNSPECIFIED,
        )],
        threat_overrides=[google_native.networksecurity.v1beta1.ThreatOverrideArgs(
            action=google_native.networksecurity.v1beta1.ThreatOverrideAction.THREAT_ACTION_UNSPECIFIED,
            threat_id="string",
        )],
    ),
    type=google_native.networksecurity.v1beta1.SecurityProfileType.PROFILE_TYPE_UNSPECIFIED)

const google_nativeSecurityProfileResource = new google_native.networksecurity.v1beta1.SecurityProfile("google-nativeSecurityProfileResource", {
    organizationId: "string",
    securityProfileId: "string",
    description: "string",
    labels: {
        string: "string",
    },
    location: "string",
    name: "string",
    threatPreventionProfile: {
        severityOverrides: [{
            action: google_native.networksecurity.v1beta1.SeverityOverrideAction.ThreatActionUnspecified,
            severity: google_native.networksecurity.v1beta1.SeverityOverrideSeverity.SeverityUnspecified,
        }],
        threatOverrides: [{
            action: google_native.networksecurity.v1beta1.ThreatOverrideAction.ThreatActionUnspecified,
            threatId: "string",
        }],
    },
    type: google_native.networksecurity.v1beta1.SecurityProfileType.ProfileTypeUnspecified,
});

type: google-native:networksecurity/v1beta1:SecurityProfile
properties:
    description: string
    labels:
        string: string
    location: string
    name: string
    organizationId: string
    securityProfileId: string
    threatPreventionProfile:
        severityOverrides:
            - action: THREAT_ACTION_UNSPECIFIED
              severity: SEVERITY_UNSPECIFIED
        threatOverrides:
            - action: THREAT_ACTION_UNSPECIFIED
              threatId: string
    type: PROFILE_TYPE_UNSPECIFIED

SecurityProfile Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The SecurityProfile resource accepts the following input properties:

OrganizationId string
SecurityProfileId string: Required. Short name of the SecurityProfile resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "security_profile1".
Description string: Optional. An optional description of the profile. Max length 512 characters.
Labels Dictionary<string, string>: Optional. Labels as key value pairs.
Location string
Name string: Immutable. Identifier. Name of the SecurityProfile resource. It matches pattern projects|organizations/*/locations/{location}/securityProfiles/{security_profile}.
ThreatPreventionProfile Pulumi.GoogleNative.NetworkSecurity.V1Beta1.Inputs.ThreatPreventionProfile: The threat prevention configuration for the SecurityProfile.
Type Pulumi.GoogleNative.NetworkSecurity.V1Beta1.SecurityProfileType: Immutable. The single ProfileType that the SecurityProfile resource configures.

OrganizationId string
SecurityProfileId string: Required. Short name of the SecurityProfile resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "security_profile1".
Description string: Optional. An optional description of the profile. Max length 512 characters.
Labels map[string]string: Optional. Labels as key value pairs.
Location string
Name string: Immutable. Identifier. Name of the SecurityProfile resource. It matches pattern projects|organizations/*/locations/{location}/securityProfiles/{security_profile}.
ThreatPreventionProfile ThreatPreventionProfileArgs: The threat prevention configuration for the SecurityProfile.
Type SecurityProfileType: Immutable. The single ProfileType that the SecurityProfile resource configures.

organizationId String
securityProfileId String: Required. Short name of the SecurityProfile resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "security_profile1".
description String: Optional. An optional description of the profile. Max length 512 characters.
labels Map<String,String>: Optional. Labels as key value pairs.
location String
name String: Immutable. Identifier. Name of the SecurityProfile resource. It matches pattern projects|organizations/*/locations/{location}/securityProfiles/{security_profile}.
threatPreventionProfile ThreatPreventionProfile: The threat prevention configuration for the SecurityProfile.
type SecurityProfileType: Immutable. The single ProfileType that the SecurityProfile resource configures.

organizationId string
securityProfileId string: Required. Short name of the SecurityProfile resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "security_profile1".
description string: Optional. An optional description of the profile. Max length 512 characters.
labels {[key: string]: string}: Optional. Labels as key value pairs.
location string
name string: Immutable. Identifier. Name of the SecurityProfile resource. It matches pattern projects|organizations/*/locations/{location}/securityProfiles/{security_profile}.
threatPreventionProfile ThreatPreventionProfile: The threat prevention configuration for the SecurityProfile.
type SecurityProfileType: Immutable. The single ProfileType that the SecurityProfile resource configures.

organization_id str
security_profile_id str: Required. Short name of the SecurityProfile resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "security_profile1".
description str: Optional. An optional description of the profile. Max length 512 characters.
labels Mapping[str, str]: Optional. Labels as key value pairs.
location str
name str: Immutable. Identifier. Name of the SecurityProfile resource. It matches pattern projects|organizations/*/locations/{location}/securityProfiles/{security_profile}.
threat_prevention_profile ThreatPreventionProfileArgs: The threat prevention configuration for the SecurityProfile.
type SecurityProfileType: Immutable. The single ProfileType that the SecurityProfile resource configures.

organizationId String
securityProfileId String: Required. Short name of the SecurityProfile resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "security_profile1".
description String: Optional. An optional description of the profile. Max length 512 characters.
labels Map<String>: Optional. Labels as key value pairs.
location String
name String: Immutable. Identifier. Name of the SecurityProfile resource. It matches pattern projects|organizations/*/locations/{location}/securityProfiles/{security_profile}.
threatPreventionProfile Property Map: The threat prevention configuration for the SecurityProfile.
type "PROFILE_TYPE_UNSPECIFIED" | "THREAT_PREVENTION": Immutable. The single ProfileType that the SecurityProfile resource configures.

Outputs

All input properties are implicitly available as output properties. Additionally, the SecurityProfile resource produces the following output properties:

CreateTime string: Resource creation timestamp.
Etag string: This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
Id string: The provider-assigned unique ID for this managed resource.
UpdateTime string: Last resource update timestamp.

CreateTime string: Resource creation timestamp.
Etag string: This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
Id string: The provider-assigned unique ID for this managed resource.
UpdateTime string: Last resource update timestamp.

createTime String: Resource creation timestamp.
etag String: This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
id String: The provider-assigned unique ID for this managed resource.
updateTime String: Last resource update timestamp.

createTime string: Resource creation timestamp.
etag string: This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
id string: The provider-assigned unique ID for this managed resource.
updateTime string: Last resource update timestamp.

create_time str: Resource creation timestamp.
etag str: This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
id str: The provider-assigned unique ID for this managed resource.
update_time str: Last resource update timestamp.

createTime String: Resource creation timestamp.
etag String: This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
id String: The provider-assigned unique ID for this managed resource.
updateTime String: Last resource update timestamp.

Supporting Types

SecurityProfileType, SecurityProfileTypeArgs

ProfileTypeUnspecified: PROFILE_TYPE_UNSPECIFIEDProfile type not specified.
ThreatPrevention: THREAT_PREVENTIONProfile type for threat prevention.

SecurityProfileTypeProfileTypeUnspecified: PROFILE_TYPE_UNSPECIFIEDProfile type not specified.
SecurityProfileTypeThreatPrevention: THREAT_PREVENTIONProfile type for threat prevention.

ProfileTypeUnspecified: PROFILE_TYPE_UNSPECIFIEDProfile type not specified.
ThreatPrevention: THREAT_PREVENTIONProfile type for threat prevention.

ProfileTypeUnspecified: PROFILE_TYPE_UNSPECIFIEDProfile type not specified.
ThreatPrevention: THREAT_PREVENTIONProfile type for threat prevention.

PROFILE_TYPE_UNSPECIFIED: PROFILE_TYPE_UNSPECIFIEDProfile type not specified.
THREAT_PREVENTION: THREAT_PREVENTIONProfile type for threat prevention.

"PROFILE_TYPE_UNSPECIFIED": PROFILE_TYPE_UNSPECIFIEDProfile type not specified.
"THREAT_PREVENTION": THREAT_PREVENTIONProfile type for threat prevention.

SeverityOverride, SeverityOverrideArgs

Action Pulumi.GoogleNative.NetworkSecurity.V1Beta1.SeverityOverrideAction: Threat action override.
Severity Pulumi.GoogleNative.NetworkSecurity.V1Beta1.SeverityOverrideSeverity: Severity level to match.

Action SeverityOverrideAction: Threat action override.
Severity SeverityOverrideSeverity: Severity level to match.

action SeverityOverrideAction: Threat action override.
severity SeverityOverrideSeverity: Severity level to match.

action SeverityOverrideAction: Threat action override.
severity SeverityOverrideSeverity: Severity level to match.

action SeverityOverrideAction: Threat action override.
severity SeverityOverrideSeverity: Severity level to match.

action "THREAT_ACTION_UNSPECIFIED" | "DEFAULT_ACTION" | "ALLOW" | "ALERT" | "DENY": Threat action override.
severity "SEVERITY_UNSPECIFIED" | "INFORMATIONAL" | "LOW" | "MEDIUM" | "HIGH" | "CRITICAL": Severity level to match.

SeverityOverrideAction, SeverityOverrideActionArgs

ThreatActionUnspecified: THREAT_ACTION_UNSPECIFIEDThreat action not specified.
DefaultAction: DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
Allow: ALLOWThe packet matching this rule will be allowed to transmit.
Alert: ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
Deny: DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.

SeverityOverrideActionThreatActionUnspecified: THREAT_ACTION_UNSPECIFIEDThreat action not specified.
SeverityOverrideActionDefaultAction: DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
SeverityOverrideActionAllow: ALLOWThe packet matching this rule will be allowed to transmit.
SeverityOverrideActionAlert: ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
SeverityOverrideActionDeny: DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.

ThreatActionUnspecified: THREAT_ACTION_UNSPECIFIEDThreat action not specified.
DefaultAction: DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
Allow: ALLOWThe packet matching this rule will be allowed to transmit.
Alert: ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
Deny: DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.

ThreatActionUnspecified: THREAT_ACTION_UNSPECIFIEDThreat action not specified.
DefaultAction: DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
Allow: ALLOWThe packet matching this rule will be allowed to transmit.
Alert: ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
Deny: DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.

THREAT_ACTION_UNSPECIFIED: THREAT_ACTION_UNSPECIFIEDThreat action not specified.
DEFAULT_ACTION: DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
ALLOW: ALLOWThe packet matching this rule will be allowed to transmit.
ALERT: ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
DENY: DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.

"THREAT_ACTION_UNSPECIFIED": THREAT_ACTION_UNSPECIFIEDThreat action not specified.
"DEFAULT_ACTION": DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
"ALLOW": ALLOWThe packet matching this rule will be allowed to transmit.
"ALERT": ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
"DENY": DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.

SeverityOverrideResponse, SeverityOverrideResponseArgs

Action string: Threat action override.
Severity string: Severity level to match.

Action string: Threat action override.
Severity string: Severity level to match.

action String: Threat action override.
severity String: Severity level to match.

action string: Threat action override.
severity string: Severity level to match.

action str: Threat action override.
severity str: Severity level to match.

action String: Threat action override.
severity String: Severity level to match.

SeverityOverrideSeverity, SeverityOverrideSeverityArgs

SeverityUnspecified: SEVERITY_UNSPECIFIEDSeverity level not specified.
Informational: INFORMATIONALSuspicious events that do not pose an immediate threat, but that are reported to call attention to deeper problems that could possibly exist.
Low: LOWWarning-level threats that have very little impact on an organization's infrastructure. They usually require local or physical system access and may often result in victim privacy issues and information leakage.
Medium: MEDIUMMinor threats in which impact is minimized, that do not compromise the target or exploits that require an attacker to reside on the same local network as the victim, affect only non-standard configurations or obscure applications, or provide very limited access.
High: HIGHThreats that have the ability to become critical but have mitigating factors; for example, they may be difficult to exploit, do not result in elevated privileges, or do not have a large victim pool.
Critical: CRITICALSerious threats, such as those that affect default installations of widely deployed software, result in root compromise of servers, and the exploit code is widely available to attackers. The attacker usually does not need any special authentication credentials or knowledge about the individual victims and the target does not need to be manipulated into performing any special functions.

SeverityOverrideSeveritySeverityUnspecified: SEVERITY_UNSPECIFIEDSeverity level not specified.
SeverityOverrideSeverityInformational: INFORMATIONALSuspicious events that do not pose an immediate threat, but that are reported to call attention to deeper problems that could possibly exist.
SeverityOverrideSeverityLow: LOWWarning-level threats that have very little impact on an organization's infrastructure. They usually require local or physical system access and may often result in victim privacy issues and information leakage.
SeverityOverrideSeverityMedium: MEDIUMMinor threats in which impact is minimized, that do not compromise the target or exploits that require an attacker to reside on the same local network as the victim, affect only non-standard configurations or obscure applications, or provide very limited access.
SeverityOverrideSeverityHigh: HIGHThreats that have the ability to become critical but have mitigating factors; for example, they may be difficult to exploit, do not result in elevated privileges, or do not have a large victim pool.
SeverityOverrideSeverityCritical: CRITICALSerious threats, such as those that affect default installations of widely deployed software, result in root compromise of servers, and the exploit code is widely available to attackers. The attacker usually does not need any special authentication credentials or knowledge about the individual victims and the target does not need to be manipulated into performing any special functions.

SeverityUnspecified: SEVERITY_UNSPECIFIEDSeverity level not specified.
Informational: INFORMATIONALSuspicious events that do not pose an immediate threat, but that are reported to call attention to deeper problems that could possibly exist.
Low: LOWWarning-level threats that have very little impact on an organization's infrastructure. They usually require local or physical system access and may often result in victim privacy issues and information leakage.
Medium: MEDIUMMinor threats in which impact is minimized, that do not compromise the target or exploits that require an attacker to reside on the same local network as the victim, affect only non-standard configurations or obscure applications, or provide very limited access.
High: HIGHThreats that have the ability to become critical but have mitigating factors; for example, they may be difficult to exploit, do not result in elevated privileges, or do not have a large victim pool.
Critical: CRITICALSerious threats, such as those that affect default installations of widely deployed software, result in root compromise of servers, and the exploit code is widely available to attackers. The attacker usually does not need any special authentication credentials or knowledge about the individual victims and the target does not need to be manipulated into performing any special functions.

SeverityUnspecified: SEVERITY_UNSPECIFIEDSeverity level not specified.
Informational: INFORMATIONALSuspicious events that do not pose an immediate threat, but that are reported to call attention to deeper problems that could possibly exist.
Low: LOWWarning-level threats that have very little impact on an organization's infrastructure. They usually require local or physical system access and may often result in victim privacy issues and information leakage.
Medium: MEDIUMMinor threats in which impact is minimized, that do not compromise the target or exploits that require an attacker to reside on the same local network as the victim, affect only non-standard configurations or obscure applications, or provide very limited access.
High: HIGHThreats that have the ability to become critical but have mitigating factors; for example, they may be difficult to exploit, do not result in elevated privileges, or do not have a large victim pool.
Critical: CRITICALSerious threats, such as those that affect default installations of widely deployed software, result in root compromise of servers, and the exploit code is widely available to attackers. The attacker usually does not need any special authentication credentials or knowledge about the individual victims and the target does not need to be manipulated into performing any special functions.

SEVERITY_UNSPECIFIED: SEVERITY_UNSPECIFIEDSeverity level not specified.
INFORMATIONAL: INFORMATIONALSuspicious events that do not pose an immediate threat, but that are reported to call attention to deeper problems that could possibly exist.
LOW: LOWWarning-level threats that have very little impact on an organization's infrastructure. They usually require local or physical system access and may often result in victim privacy issues and information leakage.
MEDIUM: MEDIUMMinor threats in which impact is minimized, that do not compromise the target or exploits that require an attacker to reside on the same local network as the victim, affect only non-standard configurations or obscure applications, or provide very limited access.
HIGH: HIGHThreats that have the ability to become critical but have mitigating factors; for example, they may be difficult to exploit, do not result in elevated privileges, or do not have a large victim pool.
CRITICAL: CRITICALSerious threats, such as those that affect default installations of widely deployed software, result in root compromise of servers, and the exploit code is widely available to attackers. The attacker usually does not need any special authentication credentials or knowledge about the individual victims and the target does not need to be manipulated into performing any special functions.

"SEVERITY_UNSPECIFIED": SEVERITY_UNSPECIFIEDSeverity level not specified.
"INFORMATIONAL": INFORMATIONALSuspicious events that do not pose an immediate threat, but that are reported to call attention to deeper problems that could possibly exist.
"LOW": LOWWarning-level threats that have very little impact on an organization's infrastructure. They usually require local or physical system access and may often result in victim privacy issues and information leakage.
"MEDIUM": MEDIUMMinor threats in which impact is minimized, that do not compromise the target or exploits that require an attacker to reside on the same local network as the victim, affect only non-standard configurations or obscure applications, or provide very limited access.
"HIGH": HIGHThreats that have the ability to become critical but have mitigating factors; for example, they may be difficult to exploit, do not result in elevated privileges, or do not have a large victim pool.
"CRITICAL": CRITICALSerious threats, such as those that affect default installations of widely deployed software, result in root compromise of servers, and the exploit code is widely available to attackers. The attacker usually does not need any special authentication credentials or knowledge about the individual victims and the target does not need to be manipulated into performing any special functions.

ThreatOverride, ThreatOverrideArgs

Action Pulumi.GoogleNative.NetworkSecurity.V1Beta1.ThreatOverrideAction: Threat action override. For some threat types, only a subset of actions applies.
ThreatId string: Vendor-specific ID of a threat to override.

Action ThreatOverrideAction: Threat action override. For some threat types, only a subset of actions applies.
ThreatId string: Vendor-specific ID of a threat to override.

action ThreatOverrideAction: Threat action override. For some threat types, only a subset of actions applies.
threatId String: Vendor-specific ID of a threat to override.

action ThreatOverrideAction: Threat action override. For some threat types, only a subset of actions applies.
threatId string: Vendor-specific ID of a threat to override.

action ThreatOverrideAction: Threat action override. For some threat types, only a subset of actions applies.
threat_id str: Vendor-specific ID of a threat to override.

action "THREAT_ACTION_UNSPECIFIED" | "DEFAULT_ACTION" | "ALLOW" | "ALERT" | "DENY": Threat action override. For some threat types, only a subset of actions applies.
threatId String: Vendor-specific ID of a threat to override.

ThreatOverrideAction, ThreatOverrideActionArgs

ThreatActionUnspecified: THREAT_ACTION_UNSPECIFIEDThreat action not specified.
DefaultAction: DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
Allow: ALLOWThe packet matching this rule will be allowed to transmit.
Alert: ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
Deny: DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.

ThreatOverrideActionThreatActionUnspecified: THREAT_ACTION_UNSPECIFIEDThreat action not specified.
ThreatOverrideActionDefaultAction: DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
ThreatOverrideActionAllow: ALLOWThe packet matching this rule will be allowed to transmit.
ThreatOverrideActionAlert: ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
ThreatOverrideActionDeny: DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.

ThreatActionUnspecified: THREAT_ACTION_UNSPECIFIEDThreat action not specified.
DefaultAction: DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
Allow: ALLOWThe packet matching this rule will be allowed to transmit.
Alert: ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
Deny: DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.

ThreatActionUnspecified: THREAT_ACTION_UNSPECIFIEDThreat action not specified.
DefaultAction: DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
Allow: ALLOWThe packet matching this rule will be allowed to transmit.
Alert: ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
Deny: DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.

THREAT_ACTION_UNSPECIFIED: THREAT_ACTION_UNSPECIFIEDThreat action not specified.
DEFAULT_ACTION: DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
ALLOW: ALLOWThe packet matching this rule will be allowed to transmit.
ALERT: ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
DENY: DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.

"THREAT_ACTION_UNSPECIFIED": THREAT_ACTION_UNSPECIFIEDThreat action not specified.
"DEFAULT_ACTION": DEFAULT_ACTIONThe default action (as specified by the vendor) is taken.
"ALLOW": ALLOWThe packet matching this rule will be allowed to transmit.
"ALERT": ALERTThe packet matching this rule will be allowed to transmit, but a threat_log entry will be sent to the consumer project.
"DENY": DENYThe packet matching this rule will be dropped, and a threat_log entry will be sent to the consumer project.

ThreatOverrideResponse, ThreatOverrideResponseArgs

Action string: Threat action override. For some threat types, only a subset of actions applies.
ThreatId string: Vendor-specific ID of a threat to override.
Type string: Type of the threat (read only).

Action string: Threat action override. For some threat types, only a subset of actions applies.
ThreatId string: Vendor-specific ID of a threat to override.
Type string: Type of the threat (read only).

action String: Threat action override. For some threat types, only a subset of actions applies.
threatId String: Vendor-specific ID of a threat to override.
type String: Type of the threat (read only).

action string: Threat action override. For some threat types, only a subset of actions applies.
threatId string: Vendor-specific ID of a threat to override.
type string: Type of the threat (read only).

action str: Threat action override. For some threat types, only a subset of actions applies.
threat_id str: Vendor-specific ID of a threat to override.
type str: Type of the threat (read only).

action String: Threat action override. For some threat types, only a subset of actions applies.
threatId String: Vendor-specific ID of a threat to override.
type String: Type of the threat (read only).

ThreatPreventionProfile, ThreatPreventionProfileArgs

SeverityOverrides List<Pulumi.GoogleNative.NetworkSecurity.V1Beta1.Inputs.SeverityOverride>: Optional. Configuration for overriding threats actions by severity match.
ThreatOverrides List<Pulumi.GoogleNative.NetworkSecurity.V1Beta1.Inputs.ThreatOverride>: Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.

SeverityOverrides []SeverityOverride: Optional. Configuration for overriding threats actions by severity match.
ThreatOverrides []ThreatOverride: Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.

severityOverrides List<SeverityOverride>: Optional. Configuration for overriding threats actions by severity match.
threatOverrides List<ThreatOverride>: Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.

severityOverrides SeverityOverride[]: Optional. Configuration for overriding threats actions by severity match.
threatOverrides ThreatOverride[]: Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.

severity_overrides Sequence[SeverityOverride]: Optional. Configuration for overriding threats actions by severity match.
threat_overrides Sequence[ThreatOverride]: Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.

severityOverrides List<Property Map>: Optional. Configuration for overriding threats actions by severity match.
threatOverrides List<Property Map>: Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.

ThreatPreventionProfileResponse, ThreatPreventionProfileResponseArgs

SeverityOverrides List<Pulumi.GoogleNative.NetworkSecurity.V1Beta1.Inputs.SeverityOverrideResponse>: Optional. Configuration for overriding threats actions by severity match.
ThreatOverrides List<Pulumi.GoogleNative.NetworkSecurity.V1Beta1.Inputs.ThreatOverrideResponse>: Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.

SeverityOverrides []SeverityOverrideResponse: Optional. Configuration for overriding threats actions by severity match.
ThreatOverrides []ThreatOverrideResponse: Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.

severityOverrides List<SeverityOverrideResponse>: Optional. Configuration for overriding threats actions by severity match.
threatOverrides List<ThreatOverrideResponse>: Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.

severityOverrides SeverityOverrideResponse[]: Optional. Configuration for overriding threats actions by severity match.
threatOverrides ThreatOverrideResponse[]: Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.

severity_overrides Sequence[SeverityOverrideResponse]: Optional. Configuration for overriding threats actions by severity match.
threat_overrides Sequence[ThreatOverrideResponse]: Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.

severityOverrides List<Property Map>: Optional. Configuration for overriding threats actions by severity match.
threatOverrides List<Property Map>: Optional. Configuration for overriding threats actions by threat_id match. If a threat is matched both by configuration provided in severity_overrides and threat_overrides, the threat_overrides action is applied.

Package Details

Repository: Google Cloud Native pulumi/pulumi-google-native
License: Apache-2.0

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

pulumi/pulumi-google-native

google-native.networksecurity/v1beta1.SecurityProfile

On this page

On this page

Create SecurityProfile Resource

Constructor syntax

Parameters

Example

SecurityProfile Resource Properties

Inputs

Outputs

Supporting Types

SecurityProfileType, SecurityProfileTypeArgs

SeverityOverride, SeverityOverrideArgs

SeverityOverrideAction, SeverityOverrideActionArgs

SeverityOverrideResponse, SeverityOverrideResponseArgs

SeverityOverrideSeverity, SeverityOverrideSeverityArgs

ThreatOverride, ThreatOverrideArgs

ThreatOverrideAction, ThreatOverrideActionArgs

ThreatOverrideResponse, ThreatOverrideResponseArgs

ThreatPreventionProfile, ThreatPreventionProfileArgs

ThreatPreventionProfileResponse, ThreatPreventionProfileResponseArgs

Package Details

On this page

On this page