pulumi-gcp-kotlin/com.pulumi.gcp.securitycenter.kotlin/FolderSccBigQueryExportArgs

FolderSccBigQueryExportArgs

data class FolderSccBigQueryExportArgs(val bigQueryExportId: Output<String>? = null, val dataset: Output<String>? = null, val description: Output<String>? = null, val filter: Output<String>? = null, val folder: Output<String>? = null) : ConvertibleToJava<FolderSccBigQueryExportArgs>

A Cloud Security Command Center (Cloud SCC) Big Query Export Config. It represents exporting Security Command Center data, including assets, findings, and security marks to a BigQuery instance.

Note: In order to use Cloud SCC resources, your organization must be enrolled in SCC Standard/Premium. Without doing so, you may run into errors during resource creation. To get more information about FolderSccBigQueryExport, see:

Example Usage

Scc Folder Big Query Export Config Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const folder = new gcp.organizations.Folder("folder", {
    parent: "organizations/123456789",
    displayName: "folder-name",
    deletionProtection: false,
});
const _default = new gcp.bigquery.Dataset("default", {
    datasetId: "my_dataset_id",
    friendlyName: "test",
    description: "This is a test description",
    location: "US",
    defaultTableExpirationMs: 3600000,
    defaultPartitionExpirationMs: null,
    labels: {
        env: "default",
    },
});
const customBigQueryExportConfig = new gcp.securitycenter.FolderSccBigQueryExport("custom_big_query_export_config", {
    bigQueryExportId: "my-export",
    folder: folder.folderId,
    dataset: _default.id,
    description: "Cloud Security Command Center Findings Big Query Export Config",
    filter: "state=\"ACTIVE\" AND NOT mute=\"MUTED\"",
});
Content copied to clipboard
import pulumi
import pulumi_gcp as gcp
folder = gcp.organizations.Folder("folder",
    parent="organizations/123456789",
    display_name="folder-name",
    deletion_protection=False)
default = gcp.bigquery.Dataset("default",
    dataset_id="my_dataset_id",
    friendly_name="test",
    description="This is a test description",
    location="US",
    default_table_expiration_ms=3600000,
    default_partition_expiration_ms=None,
    labels={
        "env": "default",
    })
custom_big_query_export_config = gcp.securitycenter.FolderSccBigQueryExport("custom_big_query_export_config",
    big_query_export_id="my-export",
    folder=folder.folder_id,
    dataset=default.id,
    description="Cloud Security Command Center Findings Big Query Export Config",
    filter="state=\"ACTIVE\" AND NOT mute=\"MUTED\"")
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
    var folder = new Gcp.Organizations.Folder("folder", new()
    {
        Parent = "organizations/123456789",
        DisplayName = "folder-name",
        DeletionProtection = false,
    });
    var @default = new Gcp.BigQuery.Dataset("default", new()
    {
        DatasetId = "my_dataset_id",
        FriendlyName = "test",
        Description = "This is a test description",
        Location = "US",
        DefaultTableExpirationMs = 3600000,
        DefaultPartitionExpirationMs = null,
        Labels =
        {
            { "env", "default" },
        },
    });
    var customBigQueryExportConfig = new Gcp.SecurityCenter.FolderSccBigQueryExport("custom_big_query_export_config", new()
    {
        BigQueryExportId = "my-export",
        Folder = folder.FolderId,
        Dataset = @default.Id,
        Description = "Cloud Security Command Center Findings Big Query Export Config",
        Filter = "state=\"ACTIVE\" AND NOT mute=\"MUTED\"",
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/bigquery"
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/securitycenter"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		folder, err := organizations.NewFolder(ctx, "folder", &organizations.FolderArgs{
			Parent:             pulumi.String("organizations/123456789"),
			DisplayName:        pulumi.String("folder-name"),
			DeletionProtection: pulumi.Bool(false),
		})
		if err != nil {
			return err
		}
		_default, err := bigquery.NewDataset(ctx, "default", &bigquery.DatasetArgs{
			DatasetId:                    pulumi.String("my_dataset_id"),
			FriendlyName:                 pulumi.String("test"),
			Description:                  pulumi.String("This is a test description"),
			Location:                     pulumi.String("US"),
			DefaultTableExpirationMs:     pulumi.Int(3600000),
			DefaultPartitionExpirationMs: nil,
			Labels: pulumi.StringMap{
				"env": pulumi.String("default"),
			},
		})
		if err != nil {
			return err
		}
		_, err = securitycenter.NewFolderSccBigQueryExport(ctx, "custom_big_query_export_config", &securitycenter.FolderSccBigQueryExportArgs{
			BigQueryExportId: pulumi.String("my-export"),
			Folder:           folder.FolderId,
			Dataset:          _default.ID(),
			Description:      pulumi.String("Cloud Security Command Center Findings Big Query Export Config"),
			Filter:           pulumi.String("state=\"ACTIVE\" AND NOT mute=\"MUTED\""),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.organizations.Folder;
import com.pulumi.gcp.organizations.FolderArgs;
import com.pulumi.gcp.bigquery.Dataset;
import com.pulumi.gcp.bigquery.DatasetArgs;
import com.pulumi.gcp.securitycenter.FolderSccBigQueryExport;
import com.pulumi.gcp.securitycenter.FolderSccBigQueryExportArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var folder = new Folder("folder", FolderArgs.builder()
            .parent("organizations/123456789")
            .displayName("folder-name")
            .deletionProtection(false)
            .build());
        var default_ = new Dataset("default", DatasetArgs.builder()
            .datasetId("my_dataset_id")
            .friendlyName("test")
            .description("This is a test description")
            .location("US")
            .defaultTableExpirationMs(3600000)
            .defaultPartitionExpirationMs(null)
            .labels(Map.of("env", "default"))
            .build());
        var customBigQueryExportConfig = new FolderSccBigQueryExport("customBigQueryExportConfig", FolderSccBigQueryExportArgs.builder()
            .bigQueryExportId("my-export")
            .folder(folder.folderId())
            .dataset(default_.id())
            .description("Cloud Security Command Center Findings Big Query Export Config")
            .filter("state=\"ACTIVE\" AND NOT mute=\"MUTED\"")
            .build());
    }
}
Content copied to clipboard
resources:
  folder:
    type: gcp:organizations:Folder
    properties:
      parent: organizations/123456789
      displayName: folder-name
      deletionProtection: false
  default:
    type: gcp:bigquery:Dataset
    properties:
      datasetId: my_dataset_id
      friendlyName: test
      description: This is a test description
      location: US
      defaultTableExpirationMs: 3.6e+06
      defaultPartitionExpirationMs: null
      labels:
        env: default
  customBigQueryExportConfig:
    type: gcp:securitycenter:FolderSccBigQueryExport
    name: custom_big_query_export_config
    properties:
      bigQueryExportId: my-export
      folder: ${folder.folderId}
      dataset: ${default.id}
      description: Cloud Security Command Center Findings Big Query Export Config
      filter: state="ACTIVE" AND NOT mute="MUTED"
Content copied to clipboard

Import

FolderSccBigQueryExport can be imported using any of these accepted formats:

  • folders/{{folder}}/bigQueryExports/{{big_query_export_id}}

  • {{folder}}/{{big_query_export_id}} When using the pulumi import command, FolderSccBigQueryExport can be imported using one of the formats above. For example:

$ pulumi import gcp:securitycenter/folderSccBigQueryExport:FolderSccBigQueryExport default folders/{{folder}}/bigQueryExports/{{big_query_export_id}}
Content copied to clipboard
$ pulumi import gcp:securitycenter/folderSccBigQueryExport:FolderSccBigQueryExport default {{folder}}/{{big_query_export_id}}
Content copied to clipboard

Constructors

Link copied to clipboard
constructor(bigQueryExportId: Output<String>? = null, dataset: Output<String>? = null, description: Output<String>? = null, filter: Output<String>? = null, folder: Output<String>? = null)

Properties

Link copied to clipboard
val bigQueryExportId: Output<String>? = null

This must be unique within the organization.

Link copied to clipboard
val dataset: Output<String>? = null

The dataset to write findings' updates to. Its format is "projects/projectId/datasets/bigquery_dataset_id". BigQuery Dataset unique ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_).

Link copied to clipboard
val description: Output<String>? = null

The description of the export (max of 1024 characters).

Link copied to clipboard
val filter: Output<String>? = null

Expression that defines the filter to apply across create/update events of findings. The expression is a list of zero or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND. Restrictions have the form and may have a - character in front of them to indicate negation. The fields map to those defined in the corresponding resource. The supported operators are:

Link copied to clipboard
val folder: Output<String>? = null

The folder where Cloud Security Command Center Big Query Export Config lives in.

Functions

Link copied to clipboard
open override fun toJava(): FolderSccBigQueryExportArgs