This product is not supported for your selected
Datadog site. (
).
gcp_securitycentermanagement_security_health_analytics_custom_module
ancestor_module
Type: STRING
Provider name: ancestorModule
Description: Output only. If empty, indicates that the custom module was created in the organization, folder, or project in which you are viewing the custom module. Otherwise, ancestor_module specifies the organization or folder from which the custom module is inherited.
ancestors
Type: UNORDERED_LIST_STRING
cloud_provider
Type: STRING
Provider name: cloudProvider
Description: The cloud provider of the custom module.
Possible values:
CLOUD_PROVIDER_UNSPECIFIED - Unspecified cloud provider.
GOOGLE_CLOUD_PLATFORM - Google Cloud.
AMAZON_WEB_SERVICES - Amazon Web Services (AWS).
MICROSOFT_AZURE - Microsoft Azure.
custom_config
Type: STRUCT
Provider name: customConfig
Description: The user specified custom configuration for the module.
custom_output
Type: STRUCT
Provider name: customOutput
Description: Custom output properties.
properties
Type: UNORDERED_LIST_STRUCT
Provider name: properties
Description: A list of custom output properties to add to the finding.
name
Type: STRING
Provider name: name
Description: Name of the property for the custom output.
value_expression
Type: STRUCT
Provider name: valueExpression
Description: The CEL expression for the custom output. A resource property can be specified to return the value of the property or a text string enclosed in quotation marks.
description
Type: STRING
Provider name: description
Description: Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
expression
Type: STRING
Provider name: expression
Description: Textual representation of an expression in Common Expression Language syntax.
location
Type: STRING
Provider name: location
Description: Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
title
Type: STRING
Provider name: title
Description: Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
description
Type: STRING
Provider name: description
Description: Text that describes the vulnerability or misconfiguration that the custom module detects. This explanation is returned with each finding instance to help investigators understand the detected issue. The text must be enclosed in quotation marks.
predicate
Type: STRUCT
Provider name: predicate
Description: The CEL expression to evaluate to produce findings. When the expression evaluates to true against a resource, a finding is generated.
description
Type: STRING
Provider name: description
Description: Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
expression
Type: STRING
Provider name: expression
Description: Textual representation of an expression in Common Expression Language syntax.
location
Type: STRING
Provider name: location
Description: Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
title
Type: STRING
Provider name: title
Description: Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
recommendation
Type: STRING
Provider name: recommendation
Description: An explanation of the recommended steps that security teams can take to resolve the detected issue. This explanation is returned with each finding generated by this module in the nextSteps property of the finding JSON.
resource_selector
Type: STRUCT
Provider name: resourceSelector
Description: The resource types that the custom module operates on. Each custom module can specify up to 5 resource types.
resource_types
Type: UNORDERED_LIST_STRING
Provider name: resourceTypes
Description: The resource types to run the detector on.
severity
Type: STRING
Provider name: severity
Description: The severity to assign to findings generated by the module.
Possible values:
SEVERITY_UNSPECIFIED - Unspecified severity.
CRITICAL - Critical severity.
HIGH - High severity.
MEDIUM - Medium severity.
LOW - Low severity.
enablement_state
Type: STRING
Provider name: enablementState
Description: The enablement state of the custom module.
Possible values:
ENABLEMENT_STATE_UNSPECIFIED - Unspecified enablement state.
ENABLED - The module is enabled at the given CRM resource.
DISABLED - The module is disabled at the given CRM resource.
INHERITED - State is inherited from an ancestor module. The module will either be effectively ENABLED or DISABLED based on its closest non-inherited ancestor module in the CRM hierarchy.
gcp_display_name
Type: STRING
Provider name: displayName
Description: The display name of the Security Health Analytics custom module. This display name becomes the finding category for all findings that are returned by this custom module. The display name must be between 1 and 128 characters, start with a lowercase letter, and contain alphanumeric characters or underscores only.
labels
Type: UNORDERED_LIST_STRING
last_editor
Type: STRING
Provider name: lastEditor
Description: Output only. The editor that last updated the custom module.
name
Type: STRING
Provider name: name
Description: Immutable. The resource name of the custom module. Its format is “organizations/{organization}/securityHealthAnalyticsSettings/customModules/{customModule}”, or “folders/{folder}/securityHealthAnalyticsSettings/customModules/{customModule}”, or “projects/{project}/securityHealthAnalyticsSettings/customModules/{customModule}” The id {customModule} is server-generated and is not user settable. It will be a numeric id containing 1-20 digits.
organization_id
Type: STRING
parent
Type: STRING
project_id
Type: STRING
project_number
Type: STRING
resource_name
Type: STRING
Type: UNORDERED_LIST_STRING
update_time
Type: TIMESTAMP
Provider name: updateTime
Description: Output only. The time at which the custom module was last updated.
