ibm.CdToolchainToolSecuritycompliance

ibm 1.87.0-beta0, Dec 19 25

ibm 1.87.0-beta0 published on Friday, Dec 19, 2025 by ibm-cloud

Schema (JSON)

ibm-cloud/terraform-provider-ibm

ibm 1.87.0-beta0 published on Friday, Dec 19, 2025 by ibm-cloud

Schema (JSON)

ibm-cloud/terraform-provider-ibm

Create CdToolchainToolSecuritycompliance Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new CdToolchainToolSecuritycompliance(name: string, args: CdToolchainToolSecuritycomplianceArgs, opts?: CustomResourceOptions);

@overload
def CdToolchainToolSecuritycompliance(resource_name: str,
                                      args: CdToolchainToolSecuritycomplianceArgs,
                                      opts: Optional[ResourceOptions] = None)

@overload
def CdToolchainToolSecuritycompliance(resource_name: str,
                                      opts: Optional[ResourceOptions] = None,
                                      parameters: Optional[CdToolchainToolSecuritycomplianceParametersArgs] = None,
                                      toolchain_id: Optional[str] = None,
                                      cd_toolchain_tool_securitycompliance_id: Optional[str] = None,
                                      name: Optional[str] = None)

func NewCdToolchainToolSecuritycompliance(ctx *Context, name string, args CdToolchainToolSecuritycomplianceArgs, opts ...ResourceOption) (*CdToolchainToolSecuritycompliance, error)

public CdToolchainToolSecuritycompliance(string name, CdToolchainToolSecuritycomplianceArgs args, CustomResourceOptions? opts = null)

public CdToolchainToolSecuritycompliance(String name, CdToolchainToolSecuritycomplianceArgs args)
public CdToolchainToolSecuritycompliance(String name, CdToolchainToolSecuritycomplianceArgs args, CustomResourceOptions options)

type: ibm:CdToolchainToolSecuritycompliance
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args CdToolchainToolSecuritycomplianceArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args CdToolchainToolSecuritycomplianceArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args CdToolchainToolSecuritycomplianceArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args CdToolchainToolSecuritycomplianceArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args CdToolchainToolSecuritycomplianceArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var cdToolchainToolSecuritycomplianceResource = new Ibm.CdToolchainToolSecuritycompliance("cdToolchainToolSecuritycomplianceResource", new()
{
    Parameters = new Ibm.Inputs.CdToolchainToolSecuritycomplianceParametersArgs
    {
        Name = "string",
        AttachmentId = "string",
        CosBucketName = "string",
        EvidenceLockerType = "string",
        EvidenceNamespace = "string",
        EvidenceRepoUrl = "string",
        InstanceCrn = "string",
        ProfileName = "string",
        ProfileVersion = "string",
        SccApiKey = "string",
        UseProfileAttachment = "string",
    },
    ToolchainId = "string",
    CdToolchainToolSecuritycomplianceId = "string",
    Name = "string",
});

example, err := ibm.NewCdToolchainToolSecuritycompliance(ctx, "cdToolchainToolSecuritycomplianceResource", &ibm.CdToolchainToolSecuritycomplianceArgs{
	Parameters: &ibm.CdToolchainToolSecuritycomplianceParametersArgs{
		Name:                 pulumi.String("string"),
		AttachmentId:         pulumi.String("string"),
		CosBucketName:        pulumi.String("string"),
		EvidenceLockerType:   pulumi.String("string"),
		EvidenceNamespace:    pulumi.String("string"),
		EvidenceRepoUrl:      pulumi.String("string"),
		InstanceCrn:          pulumi.String("string"),
		ProfileName:          pulumi.String("string"),
		ProfileVersion:       pulumi.String("string"),
		SccApiKey:            pulumi.String("string"),
		UseProfileAttachment: pulumi.String("string"),
	},
	ToolchainId:                         pulumi.String("string"),
	CdToolchainToolSecuritycomplianceId: pulumi.String("string"),
	Name:                                pulumi.String("string"),
})

var cdToolchainToolSecuritycomplianceResource = new CdToolchainToolSecuritycompliance("cdToolchainToolSecuritycomplianceResource", CdToolchainToolSecuritycomplianceArgs.builder()
    .parameters(CdToolchainToolSecuritycomplianceParametersArgs.builder()
        .name("string")
        .attachmentId("string")
        .cosBucketName("string")
        .evidenceLockerType("string")
        .evidenceNamespace("string")
        .evidenceRepoUrl("string")
        .instanceCrn("string")
        .profileName("string")
        .profileVersion("string")
        .sccApiKey("string")
        .useProfileAttachment("string")
        .build())
    .toolchainId("string")
    .cdToolchainToolSecuritycomplianceId("string")
    .name("string")
    .build());

cd_toolchain_tool_securitycompliance_resource = ibm.CdToolchainToolSecuritycompliance("cdToolchainToolSecuritycomplianceResource",
    parameters={
        "name": "string",
        "attachment_id": "string",
        "cos_bucket_name": "string",
        "evidence_locker_type": "string",
        "evidence_namespace": "string",
        "evidence_repo_url": "string",
        "instance_crn": "string",
        "profile_name": "string",
        "profile_version": "string",
        "scc_api_key": "string",
        "use_profile_attachment": "string",
    },
    toolchain_id="string",
    cd_toolchain_tool_securitycompliance_id="string",
    name="string")

const cdToolchainToolSecuritycomplianceResource = new ibm.CdToolchainToolSecuritycompliance("cdToolchainToolSecuritycomplianceResource", {
    parameters: {
        name: "string",
        attachmentId: "string",
        cosBucketName: "string",
        evidenceLockerType: "string",
        evidenceNamespace: "string",
        evidenceRepoUrl: "string",
        instanceCrn: "string",
        profileName: "string",
        profileVersion: "string",
        sccApiKey: "string",
        useProfileAttachment: "string",
    },
    toolchainId: "string",
    cdToolchainToolSecuritycomplianceId: "string",
    name: "string",
});

type: ibm:CdToolchainToolSecuritycompliance
properties:
    cdToolchainToolSecuritycomplianceId: string
    name: string
    parameters:
        attachmentId: string
        cosBucketName: string
        evidenceLockerType: string
        evidenceNamespace: string
        evidenceRepoUrl: string
        instanceCrn: string
        name: string
        profileName: string
        profileVersion: string
        sccApiKey: string
        useProfileAttachment: string
    toolchainId: string

CdToolchainToolSecuritycompliance Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The CdToolchainToolSecuritycompliance resource accepts the following input properties:

Parameters CdToolchainToolSecuritycomplianceParameters: Unique key-value pairs representing parameters to be used to create the tool. A list of parameters for each tool integration can be found in the Configuring tool integrations page.
ToolchainId string: ID of the toolchain to bind the tool to.
CdToolchainToolSecuritycomplianceId string
Name string: Name of the tool.

Parameters CdToolchainToolSecuritycomplianceParametersArgs: Unique key-value pairs representing parameters to be used to create the tool. A list of parameters for each tool integration can be found in the Configuring tool integrations page.
ToolchainId string: ID of the toolchain to bind the tool to.
CdToolchainToolSecuritycomplianceId string
Name string: Name of the tool.

parameters CdToolchainToolSecuritycomplianceParameters: Unique key-value pairs representing parameters to be used to create the tool. A list of parameters for each tool integration can be found in the Configuring tool integrations page.
toolchainId String: ID of the toolchain to bind the tool to.
cdToolchainToolSecuritycomplianceId String
name String: Name of the tool.

parameters CdToolchainToolSecuritycomplianceParameters: Unique key-value pairs representing parameters to be used to create the tool. A list of parameters for each tool integration can be found in the Configuring tool integrations page.
toolchainId string: ID of the toolchain to bind the tool to.
cdToolchainToolSecuritycomplianceId string
name string: Name of the tool.

parameters CdToolchainToolSecuritycomplianceParametersArgs: Unique key-value pairs representing parameters to be used to create the tool. A list of parameters for each tool integration can be found in the Configuring tool integrations page.
toolchain_id str: ID of the toolchain to bind the tool to.
cd_toolchain_tool_securitycompliance_id str
name str: Name of the tool.

parameters Property Map: Unique key-value pairs representing parameters to be used to create the tool. A list of parameters for each tool integration can be found in the Configuring tool integrations page.
toolchainId String: ID of the toolchain to bind the tool to.
cdToolchainToolSecuritycomplianceId String
name String: Name of the tool.

Outputs

All input properties are implicitly available as output properties. Additionally, the CdToolchainToolSecuritycompliance resource produces the following output properties:

Crn string: Tool CRN.
Href string: URI representing the tool.
Id string: The provider-assigned unique ID for this managed resource.
Referents List<CdToolchainToolSecuritycomplianceReferent>: Information on URIs to access this resource through the UI or API.
ResourceGroupId string: Resource group where the tool is located.
State string: Current configuration state of the tool.
ToolId string: Tool ID.
ToolchainCrn string: CRN of toolchain which the tool is bound to.
UpdatedAt string: Latest tool update timestamp.

Crn string: Tool CRN.
Href string: URI representing the tool.
Id string: The provider-assigned unique ID for this managed resource.
Referents []CdToolchainToolSecuritycomplianceReferent: Information on URIs to access this resource through the UI or API.
ResourceGroupId string: Resource group where the tool is located.
State string: Current configuration state of the tool.
ToolId string: Tool ID.
ToolchainCrn string: CRN of toolchain which the tool is bound to.
UpdatedAt string: Latest tool update timestamp.

crn String: Tool CRN.
href String: URI representing the tool.
id String: The provider-assigned unique ID for this managed resource.
referents List<CdToolchainToolSecuritycomplianceReferent>: Information on URIs to access this resource through the UI or API.
resourceGroupId String: Resource group where the tool is located.
state String: Current configuration state of the tool.
toolId String: Tool ID.
toolchainCrn String: CRN of toolchain which the tool is bound to.
updatedAt String: Latest tool update timestamp.

crn string: Tool CRN.
href string: URI representing the tool.
id string: The provider-assigned unique ID for this managed resource.
referents CdToolchainToolSecuritycomplianceReferent[]: Information on URIs to access this resource through the UI or API.
resourceGroupId string: Resource group where the tool is located.
state string: Current configuration state of the tool.
toolId string: Tool ID.
toolchainCrn string: CRN of toolchain which the tool is bound to.
updatedAt string: Latest tool update timestamp.

crn str: Tool CRN.
href str: URI representing the tool.
id str: The provider-assigned unique ID for this managed resource.
referents Sequence[CdToolchainToolSecuritycomplianceReferent]: Information on URIs to access this resource through the UI or API.
resource_group_id str: Resource group where the tool is located.
state str: Current configuration state of the tool.
tool_id str: Tool ID.
toolchain_crn str: CRN of toolchain which the tool is bound to.
updated_at str: Latest tool update timestamp.

crn String: Tool CRN.
href String: URI representing the tool.
id String: The provider-assigned unique ID for this managed resource.
referents List<Property Map>: Information on URIs to access this resource through the UI or API.
resourceGroupId String: Resource group where the tool is located.
state String: Current configuration state of the tool.
toolId String: Tool ID.
toolchainCrn String: CRN of toolchain which the tool is bound to.
updatedAt String: Latest tool update timestamp.

Look up Existing CdToolchainToolSecuritycompliance Resource

Get an existing CdToolchainToolSecuritycompliance resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: CdToolchainToolSecuritycomplianceState, opts?: CustomResourceOptions): CdToolchainToolSecuritycompliance

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        cd_toolchain_tool_securitycompliance_id: Optional[str] = None,
        crn: Optional[str] = None,
        href: Optional[str] = None,
        name: Optional[str] = None,
        parameters: Optional[CdToolchainToolSecuritycomplianceParametersArgs] = None,
        referents: Optional[Sequence[CdToolchainToolSecuritycomplianceReferentArgs]] = None,
        resource_group_id: Optional[str] = None,
        state: Optional[str] = None,
        tool_id: Optional[str] = None,
        toolchain_crn: Optional[str] = None,
        toolchain_id: Optional[str] = None,
        updated_at: Optional[str] = None) -> CdToolchainToolSecuritycompliance

func GetCdToolchainToolSecuritycompliance(ctx *Context, name string, id IDInput, state *CdToolchainToolSecuritycomplianceState, opts ...ResourceOption) (*CdToolchainToolSecuritycompliance, error)

public static CdToolchainToolSecuritycompliance Get(string name, Input<string> id, CdToolchainToolSecuritycomplianceState? state, CustomResourceOptions? opts = null)

public static CdToolchainToolSecuritycompliance get(String name, Output<String> id, CdToolchainToolSecuritycomplianceState state, CustomResourceOptions options)

resources:  _:    type: ibm:CdToolchainToolSecuritycompliance    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

CdToolchainToolSecuritycomplianceId string
Crn string: Tool CRN.
Href string: URI representing the tool.
Name string: Name of the tool.
Parameters CdToolchainToolSecuritycomplianceParameters: Unique key-value pairs representing parameters to be used to create the tool. A list of parameters for each tool integration can be found in the Configuring tool integrations page.
Referents List<CdToolchainToolSecuritycomplianceReferent>: Information on URIs to access this resource through the UI or API.
ResourceGroupId string: Resource group where the tool is located.
State string: Current configuration state of the tool.
ToolId string: Tool ID.
ToolchainCrn string: CRN of toolchain which the tool is bound to.
ToolchainId string: ID of the toolchain to bind the tool to.
UpdatedAt string: Latest tool update timestamp.

CdToolchainToolSecuritycomplianceId string
Crn string: Tool CRN.
Href string: URI representing the tool.
Name string: Name of the tool.
Parameters CdToolchainToolSecuritycomplianceParametersArgs: Unique key-value pairs representing parameters to be used to create the tool. A list of parameters for each tool integration can be found in the Configuring tool integrations page.
Referents []CdToolchainToolSecuritycomplianceReferentArgs: Information on URIs to access this resource through the UI or API.
ResourceGroupId string: Resource group where the tool is located.
State string: Current configuration state of the tool.
ToolId string: Tool ID.
ToolchainCrn string: CRN of toolchain which the tool is bound to.
ToolchainId string: ID of the toolchain to bind the tool to.
UpdatedAt string: Latest tool update timestamp.

cdToolchainToolSecuritycomplianceId String
crn String: Tool CRN.
href String: URI representing the tool.
name String: Name of the tool.
parameters CdToolchainToolSecuritycomplianceParameters: Unique key-value pairs representing parameters to be used to create the tool. A list of parameters for each tool integration can be found in the Configuring tool integrations page.
referents List<CdToolchainToolSecuritycomplianceReferent>: Information on URIs to access this resource through the UI or API.
resourceGroupId String: Resource group where the tool is located.
state String: Current configuration state of the tool.
toolId String: Tool ID.
toolchainCrn String: CRN of toolchain which the tool is bound to.
toolchainId String: ID of the toolchain to bind the tool to.
updatedAt String: Latest tool update timestamp.

cdToolchainToolSecuritycomplianceId string
crn string: Tool CRN.
href string: URI representing the tool.
name string: Name of the tool.
parameters CdToolchainToolSecuritycomplianceParameters: Unique key-value pairs representing parameters to be used to create the tool. A list of parameters for each tool integration can be found in the Configuring tool integrations page.
referents CdToolchainToolSecuritycomplianceReferent[]: Information on URIs to access this resource through the UI or API.
resourceGroupId string: Resource group where the tool is located.
state string: Current configuration state of the tool.
toolId string: Tool ID.
toolchainCrn string: CRN of toolchain which the tool is bound to.
toolchainId string: ID of the toolchain to bind the tool to.
updatedAt string: Latest tool update timestamp.

cd_toolchain_tool_securitycompliance_id str
crn str: Tool CRN.
href str: URI representing the tool.
name str: Name of the tool.
parameters CdToolchainToolSecuritycomplianceParametersArgs: Unique key-value pairs representing parameters to be used to create the tool. A list of parameters for each tool integration can be found in the Configuring tool integrations page.
referents Sequence[CdToolchainToolSecuritycomplianceReferentArgs]: Information on URIs to access this resource through the UI or API.
resource_group_id str: Resource group where the tool is located.
state str: Current configuration state of the tool.
tool_id str: Tool ID.
toolchain_crn str: CRN of toolchain which the tool is bound to.
toolchain_id str: ID of the toolchain to bind the tool to.
updated_at str: Latest tool update timestamp.

cdToolchainToolSecuritycomplianceId String
crn String: Tool CRN.
href String: URI representing the tool.
name String: Name of the tool.
parameters Property Map: Unique key-value pairs representing parameters to be used to create the tool. A list of parameters for each tool integration can be found in the Configuring tool integrations page.
referents List<Property Map>: Information on URIs to access this resource through the UI or API.
resourceGroupId String: Resource group where the tool is located.
state String: Current configuration state of the tool.
toolId String: Tool ID.
toolchainCrn String: CRN of toolchain which the tool is bound to.
toolchainId String: ID of the toolchain to bind the tool to.
updatedAt String: Latest tool update timestamp.

Supporting Types

CdToolchainToolSecuritycomplianceParameters, CdToolchainToolSecuritycomplianceParametersArgs

Name string: The name for this tool integration, shown on the toolchain page.
AttachmentId string: An attachment ID. An attachment is configured under a profile to define how a scan will be run. To find the attachment ID, in the browser, in the attachments list, click on the attachment link, and a panel appears with a button to copy the attachment ID. This parameter is only relevant when the use_profile_attachment parameter is enabled.
CosBucketName string: The name of the Cloud Object Storage bucket used as an evidence locker. Make sure that this cos_bucket_name parameter matches the bucket_name for a cloudobjectstorage (Cloud Object Storage) tool integration in this toolchain. Only relevant when evidence_locker_type is set to evidence-bucket.
EvidenceLockerType string: The type of evidence storage locker. If you are using a Cloud Object Storage bucket, use the evidence-bucket type, and use the other cos_bucket_name parameter to point to the bucket, and provide a cloudobjectstorage (Cloud Object Storage) tool integration with a matching bucket_name and the credentials for connecting to the bucket. Or else if you are using a Git repository, use the evidence-repo type, and use the other evidence_repo_url parameter to point to the Git repository, and provide a Git tool integration. When absent defaults to evidence-repo.
EvidenceNamespace string: The kind of pipeline evidence to be displayed in Security and Compliance Center for this toolchain. The values are; cd which will use evidence generated by a Continuous Deployment (CD) pipeline, or cc which will use evidence generated by a Continuous Compliance (CC) pipeline. The default behavior is to use the CD evidence.
EvidenceRepoUrl string: The URL to a Git repository evidence locker. This evidence URL should match the repo_url for a Git tool integration in this toolchain. Only relevant when using evidence-repo as the evidence_locker_type.
InstanceCrn string: The Security and Compliance Center service instance CRN (Cloud Resource Name). It is recommended to provide an instance CRN, but when absent, the oldest service instance will be used. This parameter is only relevant when the use_profile_attachment parameter is enabled.
ProfileName string: The name of a Security and Compliance Center profile. Usually, use the "IBM Cloud Framework for Financial Services" predefined profile, which contains the DevSecOps Toolchain rules. Or use a user-authored customized profile that has been configured to contain those rules. This parameter is only relevant when the use_profile_attachment parameter is enabled.
ProfileVersion string: The version of a Security and Compliance Center profile, in SemVer format, like '0.0.0'. This parameter is only relevant when the use_profile_attachment parameter is enabled.
SccApiKey string: The IBM Cloud API key used to access the Security and Compliance Center service, for the use profile with attachment setting. This parameter is only relevant when the use_profile_attachment parameter is enabled. You can use a toolchain secret reference for this parameter. For more information, see Protecting your sensitive data in Continuous Delivery.
UseProfileAttachment string: Set to enabled to enable use of a Security and Compliance Center (SCC) attachment and associated profile. This configuration allows the pre-deployment validation scripts to use the SCC profile. These scripts interact with the Security and Compliance Center service to check compliance rules for Continuous Deployment (CD). Similar checks are in place to ensure compliance monitoring for Continuous Compliance (CC). When enabled, other parameters become relevant; scc_api_key, instance_crn, profile_name, profile_version, attachment_id.

Name string: The name for this tool integration, shown on the toolchain page.
AttachmentId string: An attachment ID. An attachment is configured under a profile to define how a scan will be run. To find the attachment ID, in the browser, in the attachments list, click on the attachment link, and a panel appears with a button to copy the attachment ID. This parameter is only relevant when the use_profile_attachment parameter is enabled.
CosBucketName string: The name of the Cloud Object Storage bucket used as an evidence locker. Make sure that this cos_bucket_name parameter matches the bucket_name for a cloudobjectstorage (Cloud Object Storage) tool integration in this toolchain. Only relevant when evidence_locker_type is set to evidence-bucket.
EvidenceLockerType string: The type of evidence storage locker. If you are using a Cloud Object Storage bucket, use the evidence-bucket type, and use the other cos_bucket_name parameter to point to the bucket, and provide a cloudobjectstorage (Cloud Object Storage) tool integration with a matching bucket_name and the credentials for connecting to the bucket. Or else if you are using a Git repository, use the evidence-repo type, and use the other evidence_repo_url parameter to point to the Git repository, and provide a Git tool integration. When absent defaults to evidence-repo.
EvidenceNamespace string: The kind of pipeline evidence to be displayed in Security and Compliance Center for this toolchain. The values are; cd which will use evidence generated by a Continuous Deployment (CD) pipeline, or cc which will use evidence generated by a Continuous Compliance (CC) pipeline. The default behavior is to use the CD evidence.
EvidenceRepoUrl string: The URL to a Git repository evidence locker. This evidence URL should match the repo_url for a Git tool integration in this toolchain. Only relevant when using evidence-repo as the evidence_locker_type.
InstanceCrn string: The Security and Compliance Center service instance CRN (Cloud Resource Name). It is recommended to provide an instance CRN, but when absent, the oldest service instance will be used. This parameter is only relevant when the use_profile_attachment parameter is enabled.
ProfileName string: The name of a Security and Compliance Center profile. Usually, use the "IBM Cloud Framework for Financial Services" predefined profile, which contains the DevSecOps Toolchain rules. Or use a user-authored customized profile that has been configured to contain those rules. This parameter is only relevant when the use_profile_attachment parameter is enabled.
ProfileVersion string: The version of a Security and Compliance Center profile, in SemVer format, like '0.0.0'. This parameter is only relevant when the use_profile_attachment parameter is enabled.
SccApiKey string: The IBM Cloud API key used to access the Security and Compliance Center service, for the use profile with attachment setting. This parameter is only relevant when the use_profile_attachment parameter is enabled. You can use a toolchain secret reference for this parameter. For more information, see Protecting your sensitive data in Continuous Delivery.
UseProfileAttachment string: Set to enabled to enable use of a Security and Compliance Center (SCC) attachment and associated profile. This configuration allows the pre-deployment validation scripts to use the SCC profile. These scripts interact with the Security and Compliance Center service to check compliance rules for Continuous Deployment (CD). Similar checks are in place to ensure compliance monitoring for Continuous Compliance (CC). When enabled, other parameters become relevant; scc_api_key, instance_crn, profile_name, profile_version, attachment_id.

name String: The name for this tool integration, shown on the toolchain page.
attachmentId String: An attachment ID. An attachment is configured under a profile to define how a scan will be run. To find the attachment ID, in the browser, in the attachments list, click on the attachment link, and a panel appears with a button to copy the attachment ID. This parameter is only relevant when the use_profile_attachment parameter is enabled.
cosBucketName String: The name of the Cloud Object Storage bucket used as an evidence locker. Make sure that this cos_bucket_name parameter matches the bucket_name for a cloudobjectstorage (Cloud Object Storage) tool integration in this toolchain. Only relevant when evidence_locker_type is set to evidence-bucket.
evidenceLockerType String: The type of evidence storage locker. If you are using a Cloud Object Storage bucket, use the evidence-bucket type, and use the other cos_bucket_name parameter to point to the bucket, and provide a cloudobjectstorage (Cloud Object Storage) tool integration with a matching bucket_name and the credentials for connecting to the bucket. Or else if you are using a Git repository, use the evidence-repo type, and use the other evidence_repo_url parameter to point to the Git repository, and provide a Git tool integration. When absent defaults to evidence-repo.
evidenceNamespace String: The kind of pipeline evidence to be displayed in Security and Compliance Center for this toolchain. The values are; cd which will use evidence generated by a Continuous Deployment (CD) pipeline, or cc which will use evidence generated by a Continuous Compliance (CC) pipeline. The default behavior is to use the CD evidence.
evidenceRepoUrl String: The URL to a Git repository evidence locker. This evidence URL should match the repo_url for a Git tool integration in this toolchain. Only relevant when using evidence-repo as the evidence_locker_type.
instanceCrn String: The Security and Compliance Center service instance CRN (Cloud Resource Name). It is recommended to provide an instance CRN, but when absent, the oldest service instance will be used. This parameter is only relevant when the use_profile_attachment parameter is enabled.
profileName String: The name of a Security and Compliance Center profile. Usually, use the "IBM Cloud Framework for Financial Services" predefined profile, which contains the DevSecOps Toolchain rules. Or use a user-authored customized profile that has been configured to contain those rules. This parameter is only relevant when the use_profile_attachment parameter is enabled.
profileVersion String: The version of a Security and Compliance Center profile, in SemVer format, like '0.0.0'. This parameter is only relevant when the use_profile_attachment parameter is enabled.
sccApiKey String: The IBM Cloud API key used to access the Security and Compliance Center service, for the use profile with attachment setting. This parameter is only relevant when the use_profile_attachment parameter is enabled. You can use a toolchain secret reference for this parameter. For more information, see Protecting your sensitive data in Continuous Delivery.
useProfileAttachment String: Set to enabled to enable use of a Security and Compliance Center (SCC) attachment and associated profile. This configuration allows the pre-deployment validation scripts to use the SCC profile. These scripts interact with the Security and Compliance Center service to check compliance rules for Continuous Deployment (CD). Similar checks are in place to ensure compliance monitoring for Continuous Compliance (CC). When enabled, other parameters become relevant; scc_api_key, instance_crn, profile_name, profile_version, attachment_id.

name string: The name for this tool integration, shown on the toolchain page.
attachmentId string: An attachment ID. An attachment is configured under a profile to define how a scan will be run. To find the attachment ID, in the browser, in the attachments list, click on the attachment link, and a panel appears with a button to copy the attachment ID. This parameter is only relevant when the use_profile_attachment parameter is enabled.
cosBucketName string: The name of the Cloud Object Storage bucket used as an evidence locker. Make sure that this cos_bucket_name parameter matches the bucket_name for a cloudobjectstorage (Cloud Object Storage) tool integration in this toolchain. Only relevant when evidence_locker_type is set to evidence-bucket.
evidenceLockerType string: The type of evidence storage locker. If you are using a Cloud Object Storage bucket, use the evidence-bucket type, and use the other cos_bucket_name parameter to point to the bucket, and provide a cloudobjectstorage (Cloud Object Storage) tool integration with a matching bucket_name and the credentials for connecting to the bucket. Or else if you are using a Git repository, use the evidence-repo type, and use the other evidence_repo_url parameter to point to the Git repository, and provide a Git tool integration. When absent defaults to evidence-repo.
evidenceNamespace string: The kind of pipeline evidence to be displayed in Security and Compliance Center for this toolchain. The values are; cd which will use evidence generated by a Continuous Deployment (CD) pipeline, or cc which will use evidence generated by a Continuous Compliance (CC) pipeline. The default behavior is to use the CD evidence.
evidenceRepoUrl string: The URL to a Git repository evidence locker. This evidence URL should match the repo_url for a Git tool integration in this toolchain. Only relevant when using evidence-repo as the evidence_locker_type.
instanceCrn string: The Security and Compliance Center service instance CRN (Cloud Resource Name). It is recommended to provide an instance CRN, but when absent, the oldest service instance will be used. This parameter is only relevant when the use_profile_attachment parameter is enabled.
profileName string: The name of a Security and Compliance Center profile. Usually, use the "IBM Cloud Framework for Financial Services" predefined profile, which contains the DevSecOps Toolchain rules. Or use a user-authored customized profile that has been configured to contain those rules. This parameter is only relevant when the use_profile_attachment parameter is enabled.
profileVersion string: The version of a Security and Compliance Center profile, in SemVer format, like '0.0.0'. This parameter is only relevant when the use_profile_attachment parameter is enabled.
sccApiKey string: The IBM Cloud API key used to access the Security and Compliance Center service, for the use profile with attachment setting. This parameter is only relevant when the use_profile_attachment parameter is enabled. You can use a toolchain secret reference for this parameter. For more information, see Protecting your sensitive data in Continuous Delivery.
useProfileAttachment string: Set to enabled to enable use of a Security and Compliance Center (SCC) attachment and associated profile. This configuration allows the pre-deployment validation scripts to use the SCC profile. These scripts interact with the Security and Compliance Center service to check compliance rules for Continuous Deployment (CD). Similar checks are in place to ensure compliance monitoring for Continuous Compliance (CC). When enabled, other parameters become relevant; scc_api_key, instance_crn, profile_name, profile_version, attachment_id.

name str: The name for this tool integration, shown on the toolchain page.
attachment_id str: An attachment ID. An attachment is configured under a profile to define how a scan will be run. To find the attachment ID, in the browser, in the attachments list, click on the attachment link, and a panel appears with a button to copy the attachment ID. This parameter is only relevant when the use_profile_attachment parameter is enabled.
cos_bucket_name str: The name of the Cloud Object Storage bucket used as an evidence locker. Make sure that this cos_bucket_name parameter matches the bucket_name for a cloudobjectstorage (Cloud Object Storage) tool integration in this toolchain. Only relevant when evidence_locker_type is set to evidence-bucket.
evidence_locker_type str: The type of evidence storage locker. If you are using a Cloud Object Storage bucket, use the evidence-bucket type, and use the other cos_bucket_name parameter to point to the bucket, and provide a cloudobjectstorage (Cloud Object Storage) tool integration with a matching bucket_name and the credentials for connecting to the bucket. Or else if you are using a Git repository, use the evidence-repo type, and use the other evidence_repo_url parameter to point to the Git repository, and provide a Git tool integration. When absent defaults to evidence-repo.
evidence_namespace str: The kind of pipeline evidence to be displayed in Security and Compliance Center for this toolchain. The values are; cd which will use evidence generated by a Continuous Deployment (CD) pipeline, or cc which will use evidence generated by a Continuous Compliance (CC) pipeline. The default behavior is to use the CD evidence.
evidence_repo_url str: The URL to a Git repository evidence locker. This evidence URL should match the repo_url for a Git tool integration in this toolchain. Only relevant when using evidence-repo as the evidence_locker_type.
instance_crn str: The Security and Compliance Center service instance CRN (Cloud Resource Name). It is recommended to provide an instance CRN, but when absent, the oldest service instance will be used. This parameter is only relevant when the use_profile_attachment parameter is enabled.
profile_name str: The name of a Security and Compliance Center profile. Usually, use the "IBM Cloud Framework for Financial Services" predefined profile, which contains the DevSecOps Toolchain rules. Or use a user-authored customized profile that has been configured to contain those rules. This parameter is only relevant when the use_profile_attachment parameter is enabled.
profile_version str: The version of a Security and Compliance Center profile, in SemVer format, like '0.0.0'. This parameter is only relevant when the use_profile_attachment parameter is enabled.
scc_api_key str: The IBM Cloud API key used to access the Security and Compliance Center service, for the use profile with attachment setting. This parameter is only relevant when the use_profile_attachment parameter is enabled. You can use a toolchain secret reference for this parameter. For more information, see Protecting your sensitive data in Continuous Delivery.
use_profile_attachment str: Set to enabled to enable use of a Security and Compliance Center (SCC) attachment and associated profile. This configuration allows the pre-deployment validation scripts to use the SCC profile. These scripts interact with the Security and Compliance Center service to check compliance rules for Continuous Deployment (CD). Similar checks are in place to ensure compliance monitoring for Continuous Compliance (CC). When enabled, other parameters become relevant; scc_api_key, instance_crn, profile_name, profile_version, attachment_id.

name String: The name for this tool integration, shown on the toolchain page.
attachmentId String: An attachment ID. An attachment is configured under a profile to define how a scan will be run. To find the attachment ID, in the browser, in the attachments list, click on the attachment link, and a panel appears with a button to copy the attachment ID. This parameter is only relevant when the use_profile_attachment parameter is enabled.
cosBucketName String: The name of the Cloud Object Storage bucket used as an evidence locker. Make sure that this cos_bucket_name parameter matches the bucket_name for a cloudobjectstorage (Cloud Object Storage) tool integration in this toolchain. Only relevant when evidence_locker_type is set to evidence-bucket.
evidenceLockerType String: The type of evidence storage locker. If you are using a Cloud Object Storage bucket, use the evidence-bucket type, and use the other cos_bucket_name parameter to point to the bucket, and provide a cloudobjectstorage (Cloud Object Storage) tool integration with a matching bucket_name and the credentials for connecting to the bucket. Or else if you are using a Git repository, use the evidence-repo type, and use the other evidence_repo_url parameter to point to the Git repository, and provide a Git tool integration. When absent defaults to evidence-repo.
evidenceNamespace String: The kind of pipeline evidence to be displayed in Security and Compliance Center for this toolchain. The values are; cd which will use evidence generated by a Continuous Deployment (CD) pipeline, or cc which will use evidence generated by a Continuous Compliance (CC) pipeline. The default behavior is to use the CD evidence.
evidenceRepoUrl String: The URL to a Git repository evidence locker. This evidence URL should match the repo_url for a Git tool integration in this toolchain. Only relevant when using evidence-repo as the evidence_locker_type.
instanceCrn String: The Security and Compliance Center service instance CRN (Cloud Resource Name). It is recommended to provide an instance CRN, but when absent, the oldest service instance will be used. This parameter is only relevant when the use_profile_attachment parameter is enabled.
profileName String: The name of a Security and Compliance Center profile. Usually, use the "IBM Cloud Framework for Financial Services" predefined profile, which contains the DevSecOps Toolchain rules. Or use a user-authored customized profile that has been configured to contain those rules. This parameter is only relevant when the use_profile_attachment parameter is enabled.
profileVersion String: The version of a Security and Compliance Center profile, in SemVer format, like '0.0.0'. This parameter is only relevant when the use_profile_attachment parameter is enabled.
sccApiKey String: The IBM Cloud API key used to access the Security and Compliance Center service, for the use profile with attachment setting. This parameter is only relevant when the use_profile_attachment parameter is enabled. You can use a toolchain secret reference for this parameter. For more information, see Protecting your sensitive data in Continuous Delivery.
useProfileAttachment String: Set to enabled to enable use of a Security and Compliance Center (SCC) attachment and associated profile. This configuration allows the pre-deployment validation scripts to use the SCC profile. These scripts interact with the Security and Compliance Center service to check compliance rules for Continuous Deployment (CD). Similar checks are in place to ensure compliance monitoring for Continuous Compliance (CC). When enabled, other parameters become relevant; scc_api_key, instance_crn, profile_name, profile_version, attachment_id.

CdToolchainToolSecuritycomplianceReferent, CdToolchainToolSecuritycomplianceReferentArgs

ApiHref string
UiHref string

ApiHref string
UiHref string

apiHref String
uiHref String

apiHref string
uiHref string

api_href str
ui_href str

apiHref String
uiHref String

Package Details

Repository: ibm ibm-cloud/terraform-provider-ibm
License
Notes: This Pulumi package is based on the ibm Terraform Provider.

ibm 1.87.0-beta0 published on Friday, Dec 19, 2025 by ibm-cloud

Schema (JSON)

ibm-cloud/terraform-provider-ibm

ibm.CdToolchainToolSecuritycompliance

On this page

On this page

Create CdToolchainToolSecuritycompliance Resource

Constructor syntax

Parameters

Constructor example

CdToolchainToolSecuritycompliance Resource Properties

Inputs

Outputs

Look up Existing CdToolchainToolSecuritycompliance Resource

Supporting Types

CdToolchainToolSecuritycomplianceParameters, CdToolchainToolSecuritycomplianceParametersArgs

CdToolchainToolSecuritycomplianceReferent, CdToolchainToolSecuritycomplianceReferentArgs

Package Details

On this page

On this page