Security
A security profile defines the behavior associated to a profile type. To get more information about SecurityProfile, see:
How-to Guides
Example Usage
Network Security Security Profile Basic
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const _default = new gcp.networksecurity.SecurityProfile("default", {
name: "my-security-profile",
parent: "organizations/123456789",
description: "my description",
type: "THREAT_PREVENTION",
labels: {
foo: "bar",
},
});Content copied to clipboard
import pulumi
import pulumi_gcp as gcp
default = gcp.networksecurity.SecurityProfile("default",
name="my-security-profile",
parent="organizations/123456789",
description="my description",
type="THREAT_PREVENTION",
labels={
"foo": "bar",
})Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var @default = new Gcp.NetworkSecurity.SecurityProfile("default", new()
{
Name = "my-security-profile",
Parent = "organizations/123456789",
Description = "my description",
Type = "THREAT_PREVENTION",
Labels =
{
{ "foo", "bar" },
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := networksecurity.NewSecurityProfile(ctx, "default", &networksecurity.SecurityProfileArgs{
Name: pulumi.String("my-security-profile"),
Parent: pulumi.String("organizations/123456789"),
Description: pulumi.String("my description"),
Type: pulumi.String("THREAT_PREVENTION"),
Labels: pulumi.StringMap{
"foo": pulumi.String("bar"),
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.networksecurity.SecurityProfile;
import com.pulumi.gcp.networksecurity.SecurityProfileArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var default_ = new SecurityProfile("default", SecurityProfileArgs.builder()
.name("my-security-profile")
.parent("organizations/123456789")
.description("my description")
.type("THREAT_PREVENTION")
.labels(Map.of("foo", "bar"))
.build());
}
}Content copied to clipboard
resources:
default:
type: gcp:networksecurity:SecurityProfile
properties:
name: my-security-profile
parent: organizations/123456789
description: my description
type: THREAT_PREVENTION
labels:
foo: barContent copied to clipboard
Network Security Security Profile Overrides
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const _default = new gcp.networksecurity.SecurityProfile("default", {
name: "my-security-profile",
parent: "organizations/123456789",
description: "my description",
type: "THREAT_PREVENTION",
threatPreventionProfile: {
severityOverrides: [
{
action: "ALLOW",
severity: "INFORMATIONAL",
},
{
action: "DENY",
severity: "HIGH",
},
],
threatOverrides: [{
action: "ALLOW",
threatId: "280647",
}],
},
});Content copied to clipboard
import pulumi
import pulumi_gcp as gcp
default = gcp.networksecurity.SecurityProfile("default",
name="my-security-profile",
parent="organizations/123456789",
description="my description",
type="THREAT_PREVENTION",
threat_prevention_profile={
"severity_overrides": [
{
"action": "ALLOW",
"severity": "INFORMATIONAL",
},
{
"action": "DENY",
"severity": "HIGH",
},
],
"threat_overrides": [{
"action": "ALLOW",
"threat_id": "280647",
}],
})Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var @default = new Gcp.NetworkSecurity.SecurityProfile("default", new()
{
Name = "my-security-profile",
Parent = "organizations/123456789",
Description = "my description",
Type = "THREAT_PREVENTION",
ThreatPreventionProfile = new Gcp.NetworkSecurity.Inputs.SecurityProfileThreatPreventionProfileArgs
{
SeverityOverrides = new[]
{
new Gcp.NetworkSecurity.Inputs.SecurityProfileThreatPreventionProfileSeverityOverrideArgs
{
Action = "ALLOW",
Severity = "INFORMATIONAL",
},
new Gcp.NetworkSecurity.Inputs.SecurityProfileThreatPreventionProfileSeverityOverrideArgs
{
Action = "DENY",
Severity = "HIGH",
},
},
ThreatOverrides = new[]
{
new Gcp.NetworkSecurity.Inputs.SecurityProfileThreatPreventionProfileThreatOverrideArgs
{
Action = "ALLOW",
ThreatId = "280647",
},
},
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/networksecurity"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := networksecurity.NewSecurityProfile(ctx, "default", &networksecurity.SecurityProfileArgs{
Name: pulumi.String("my-security-profile"),
Parent: pulumi.String("organizations/123456789"),
Description: pulumi.String("my description"),
Type: pulumi.String("THREAT_PREVENTION"),
ThreatPreventionProfile: &networksecurity.SecurityProfileThreatPreventionProfileArgs{
SeverityOverrides: networksecurity.SecurityProfileThreatPreventionProfileSeverityOverrideArray{
&networksecurity.SecurityProfileThreatPreventionProfileSeverityOverrideArgs{
Action: pulumi.String("ALLOW"),
Severity: pulumi.String("INFORMATIONAL"),
},
&networksecurity.SecurityProfileThreatPreventionProfileSeverityOverrideArgs{
Action: pulumi.String("DENY"),
Severity: pulumi.String("HIGH"),
},
},
ThreatOverrides: networksecurity.SecurityProfileThreatPreventionProfileThreatOverrideArray{
&networksecurity.SecurityProfileThreatPreventionProfileThreatOverrideArgs{
Action: pulumi.String("ALLOW"),
ThreatId: pulumi.String("280647"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.networksecurity.SecurityProfile;
import com.pulumi.gcp.networksecurity.SecurityProfileArgs;
import com.pulumi.gcp.networksecurity.inputs.SecurityProfileThreatPreventionProfileArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var default_ = new SecurityProfile("default", SecurityProfileArgs.builder()
.name("my-security-profile")
.parent("organizations/123456789")
.description("my description")
.type("THREAT_PREVENTION")
.threatPreventionProfile(SecurityProfileThreatPreventionProfileArgs.builder()
.severityOverrides(
SecurityProfileThreatPreventionProfileSeverityOverrideArgs.builder()
.action("ALLOW")
.severity("INFORMATIONAL")
.build(),
SecurityProfileThreatPreventionProfileSeverityOverrideArgs.builder()
.action("DENY")
.severity("HIGH")
.build())
.threatOverrides(SecurityProfileThreatPreventionProfileThreatOverrideArgs.builder()
.action("ALLOW")
.threatId("280647")
.build())
.build())
.build());
}
}Content copied to clipboard
resources:
default:
type: gcp:networksecurity:SecurityProfile
properties:
name: my-security-profile
parent: organizations/123456789
description: my description
type: THREAT_PREVENTION
threatPreventionProfile:
severityOverrides:
- action: ALLOW
severity: INFORMATIONAL
- action: DENY
severity: HIGH
threatOverrides:
- action: ALLOW
threatId: '280647'Content copied to clipboard
Import
SecurityProfile can be imported using any of these accepted formats:
{{parent}}/locations/{{location}}/securityProfiles/{{name}}When using thepulumi importcommand, SecurityProfile can be imported using one of the formats above. For example:
$ pulumi import gcp:networksecurity/securityProfile:SecurityProfile default {{parent}}/locations/{{location}}/securityProfiles/{{name}}Content copied to clipboard
Properties
Link copied to clipboard
Time the security profile was created in UTC.
Link copied to clipboard
An optional description of the security profile. The Max length is 512 characters.
Link copied to clipboard
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
The combination of labels configured directly on the resource and default labels configured on the provider.
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
The threat prevention configuration for the security profile. Structure is documented below.
Link copied to clipboard
Time the security profile was updated in UTC.