Web Security Scanner ScanConfig
Web Security Scanner ScanConfig in Google Cloud is a configuration resource that defines how web security scans are performed on your applications. It specifies scan targets, authentication settings, scheduling, and scan parameters to identify vulnerabilities such as cross-site scripting, mixed content, and outdated libraries. This resource helps automate and manage regular security assessments for web applications hosted on GCP.
gcp.websecurityscanner_scan_config
Fields
| Title | ID | Type | Data Type | Description |
|---|
| _key | core | string | |
| ancestors | core | array<string> | |
| authentication | core | json | The authentication configuration. If specified, service will use the authentication configuration during scanning. |
| blacklist_patterns | core | array<string> | The excluded URL patterns as described in https://cloud.google.com/security-command-center/docs/how-to-use-web-security-scanner#excluding_urls |
| datadog_display_name | core | string | |
| export_to_security_command_center | core | string | Controls export of scan configurations and results to Security Command Center. |
| gcp_display_name | core | string | Required. The user provided display name of the ScanConfig. |
| ignore_http_status_errors | core | bool | Whether to keep scanning even if most requests return HTTP error codes. |
| labels | core | array<string> | |
| latest_run | core | json | |
| managed_scan | core | bool | Whether the scan config is managed by Web Security Scanner, output only. |
| max_qps | core | int64 | The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. If the field is unspecified or its value is set 0, server will default to 15. Other values outside of [5, 20] range will be rejected with INVALID_ARGUMENT error. |
| name | core | string | Identifier. The resource name of the ScanConfig. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}'. The ScanConfig IDs are generated by the system. |
| organization_id | core | string | |
| parent | core | string | |
| project_id | core | string | |
| project_number | core | string | |
| region_id | core | string | |
| resource_name | core | string | |
| risk_level | core | string | The risk level selected for the scan |
| schedule | core | json | The schedule of the ScanConfig. |
| starting_urls | core | array<string> | Required. The starting URLs from which the scanner finds site pages. |
| static_ip_scan | core | bool | Whether the scan configuration has enabled static IP address scan feature. If enabled, the scanner will access applications from static IP addresses. |
| tags | core | hstore_csv | |
| target_platforms | core | array<string> | Set of Google Cloud platforms targeted by the scan. If empty, APP_ENGINE will be used as a default. |
| user_agent | core | string | The user agent used during scanning. |
| zone_id | core | string | |
