Event
Represents an instance of an Event Threat Detection custom module, including its full module name, display name, enablement state, andlast updated time. You can create a custom module at the organization level only. To get more information about EventThreatDetectionCustomModule, see:
Example Usage
Scc Event Threat Detection Custom Module
resources:
example:
type: gcp:securitycenter:EventThreatDetectionCustomModule
properties:
organization: '123456789'
displayName: basic_custom_module
enablementState: ENABLED
type: CONFIGURABLE_BAD_IP
description: My Event Threat Detection Custom Module
config:
fn::toJSON:
metadata:
severity: LOW
description: Flagged by Forcepoint as malicious
recommendation: Contact the owner of the relevant project.
ips:
- 192.0.2.1
- 192.0.2.0/24Import
EventThreatDetectionCustomModule can be imported using any of these accepted formats:
organizations/{{organization}}/eventThreatDetectionSettings/customModules/{{name}}{{organization}}/{{name}}When using thepulumi importcommand, EventThreatDetectionCustomModule can be imported using one of the formats above. For example:
$ pulumi import gcp:securitycenter/eventThreatDetectionCustomModule:EventThreatDetectionCustomModule default organizations/{{organization}}/eventThreatDetectionSettings/customModules/{{name}}$ pulumi import gcp:securitycenter/eventThreatDetectionCustomModule:EventThreatDetectionCustomModule default {{organization}}/{{name}}Properties
The human readable name to be displayed for the module.
The state of enablement for the module at the given level of the hierarchy. Possible values are: ENABLED, DISABLED.
The editor that last updated the custom module
Numerical ID of the parent organization.
The time at which the custom module was last updated. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".