V2Organization
A Cloud Security Command Center (Cloud SCC) Big Query Export Config. It represents exporting Security Command Center data, including assets, findings, and security marks using gcloud scc bqexports
Note: In order to use Cloud SCC resources, your organization must be enrolled in SCC Standard/Premium. Without doing so, you may run into errors during resource creation. To get more information about OrganizationSccBigQueryExport, see:
How-to Guides
Example Usage
Scc V2 Organization Big Query Export Config Basic
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const _default = new gcp.bigquery.Dataset("default", {
datasetId: "",
friendlyName: "test",
description: "This is a test description",
location: "US",
defaultTableExpirationMs: 3600000,
defaultPartitionExpirationMs: null,
labels: {
env: "default",
},
});
const customBigQueryExportConfig = new gcp.securitycenter.V2OrganizationSccBigQueryExport("custom_big_query_export_config", {
name: "my-export",
bigQueryExportId: "my-export",
organization: "123456789",
dataset: _default.id,
location: "global",
description: "Cloud Security Command Center Findings Big Query Export Config",
filter: "state=\"ACTIVE\" AND NOT mute=\"MUTED\"",
});import pulumi
import pulumi_gcp as gcp
default = gcp.bigquery.Dataset("default",
dataset_id="",
friendly_name="test",
description="This is a test description",
location="US",
default_table_expiration_ms=3600000,
default_partition_expiration_ms=None,
labels={
"env": "default",
})
custom_big_query_export_config = gcp.securitycenter.V2OrganizationSccBigQueryExport("custom_big_query_export_config",
name="my-export",
big_query_export_id="my-export",
organization="123456789",
dataset=default.id,
location="global",
description="Cloud Security Command Center Findings Big Query Export Config",
filter="state=\"ACTIVE\" AND NOT mute=\"MUTED\"")using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var @default = new Gcp.BigQuery.Dataset("default", new()
{
DatasetId = "",
FriendlyName = "test",
Description = "This is a test description",
Location = "US",
DefaultTableExpirationMs = 3600000,
DefaultPartitionExpirationMs = null,
Labels =
{
{ "env", "default" },
},
});
var customBigQueryExportConfig = new Gcp.SecurityCenter.V2OrganizationSccBigQueryExport("custom_big_query_export_config", new()
{
Name = "my-export",
BigQueryExportId = "my-export",
Organization = "123456789",
Dataset = @default.Id,
Location = "global",
Description = "Cloud Security Command Center Findings Big Query Export Config",
Filter = "state=\"ACTIVE\" AND NOT mute=\"MUTED\"",
});
});package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/bigquery"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/securitycenter"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_default, err := bigquery.NewDataset(ctx, "default", &bigquery.DatasetArgs{
DatasetId: pulumi.String(""),
FriendlyName: pulumi.String("test"),
Description: pulumi.String("This is a test description"),
Location: pulumi.String("US"),
DefaultTableExpirationMs: pulumi.Int(3600000),
DefaultPartitionExpirationMs: nil,
Labels: pulumi.StringMap{
"env": pulumi.String("default"),
},
})
if err != nil {
return err
}
_, err = securitycenter.NewV2OrganizationSccBigQueryExport(ctx, "custom_big_query_export_config", &securitycenter.V2OrganizationSccBigQueryExportArgs{
Name: pulumi.String("my-export"),
BigQueryExportId: pulumi.String("my-export"),
Organization: pulumi.String("123456789"),
Dataset: _default.ID(),
Location: pulumi.String("global"),
Description: pulumi.String("Cloud Security Command Center Findings Big Query Export Config"),
Filter: pulumi.String("state=\"ACTIVE\" AND NOT mute=\"MUTED\""),
})
if err != nil {
return err
}
return nil
})
}package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.bigquery.Dataset;
import com.pulumi.gcp.bigquery.DatasetArgs;
import com.pulumi.gcp.securitycenter.V2OrganizationSccBigQueryExport;
import com.pulumi.gcp.securitycenter.V2OrganizationSccBigQueryExportArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var default_ = new Dataset("default", DatasetArgs.builder()
.datasetId("")
.friendlyName("test")
.description("This is a test description")
.location("US")
.defaultTableExpirationMs(3600000)
.defaultPartitionExpirationMs(null)
.labels(Map.of("env", "default"))
.build());
var customBigQueryExportConfig = new V2OrganizationSccBigQueryExport("customBigQueryExportConfig", V2OrganizationSccBigQueryExportArgs.builder()
.name("my-export")
.bigQueryExportId("my-export")
.organization("123456789")
.dataset(default_.id())
.location("global")
.description("Cloud Security Command Center Findings Big Query Export Config")
.filter("state=\"ACTIVE\" AND NOT mute=\"MUTED\"")
.build());
}
}resources:
default:
type: gcp:bigquery:Dataset
properties:
datasetId: ""
friendlyName: test
description: This is a test description
location: US
defaultTableExpirationMs: 3.6e+06
defaultPartitionExpirationMs: null
labels:
env: default
customBigQueryExportConfig:
type: gcp:securitycenter:V2OrganizationSccBigQueryExport
name: custom_big_query_export_config
properties:
name: my-export
bigQueryExportId: my-export
organization: '123456789'
dataset: ${default.id}
location: global
description: Cloud Security Command Center Findings Big Query Export Config
filter: state="ACTIVE" AND NOT mute="MUTED"Import
OrganizationSccBigQueryExport can be imported using any of these accepted formats:
organizations/{{organization}}/locations/{{location}}/bigQueryExports/{{big_query_export_id}}{{organization}}/{{location}}/{{big_query_export_id}}When using thepulumi importcommand, OrganizationSccBigQueryExport can be imported using one of the formats above. For example:
$ pulumi import gcp:securitycenter/v2OrganizationSccBigQueryExport:V2OrganizationSccBigQueryExport default organizations/{{organization}}/locations/{{location}}/bigQueryExports/{{big_query_export_id}}$ pulumi import gcp:securitycenter/v2OrganizationSccBigQueryExport:V2OrganizationSccBigQueryExport default {{organization}}/{{location}}/{{big_query_export_id}}Properties
This must be unique within the organization.
The time at which the BigQuery export was created. This field is set by the server and will be ignored if provided on export on creation. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
The description of the notification config (max of 1024 characters).
Expression that defines the filter to apply across create/update events of findings. The expression is a list of zero or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND. Restrictions have the form
Email address of the user who last edited the BigQuery export. This field is set by the server and will be ignored if provided on export creation or update.
The organization whose Cloud Security Command Center the Big Query Export Config lives in.
The most recent time at which the BigQuery export was updated. This field is set by the server and will be ignored if provided on export creation or update. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".