Skip to content

googleCloudIdsEndpoint

Cloud IDS is an intrusion detection service that provides threat detection for intrusions, malware, spyware, and command-and-control attacks on your network.

To get more information about Endpoint, see:

Example Usage - Cloudids Endpoint

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
const googleComputeNetworkDefault = new google.computeNetwork.ComputeNetwork(
  this,
  "default",
  {
    name: "tf-test-my-network",
  }
);
const googleComputeGlobalAddressServiceRange =
  new google.computeGlobalAddress.ComputeGlobalAddress(this, "service_range", {
    address_type: "INTERNAL",
    name: "address",
    network: googleComputeNetworkDefault.id,
    prefix_length: 16,
    purpose: "VPC_PEERING",
  });
const googleServiceNetworkingConnectionPrivateServiceConnection =
  new google.serviceNetworkingConnection.ServiceNetworkingConnection(
    this,
    "private_service_connection",
    {
      network: googleComputeNetworkDefault.id,
      reserved_peering_ranges: [googleComputeGlobalAddressServiceRange.name],
      service: "servicenetworking.googleapis.com",
    }
  );
new google.cloudIdsEndpoint.CloudIdsEndpoint(this, "example-endpoint", {
  depends_on: [
    `\${${googleServiceNetworkingConnectionPrivateServiceConnection.fqn}}`,
  ],
  location: "us-central1-f",
  name: "test",
  network: googleComputeNetworkDefault.id,
  severity: "INFORMATIONAL",
});

Argument Reference

The following arguments are supported:

  • name - (Required) Name of the endpoint in the format projects/{project_id}/locations/{locationId}/endpoints/{endpointId}.

  • network - (Required) Name of the VPC network that is connected to the IDS endpoint. This can either contain the VPC network name itself (like "src-net") or the full URL to the network (like "projects/{project_id}/global/networks/src-net").

  • severity - (Required) The minimum alert severity level that is reported by the endpoint. Possible values are informational, low, medium, high, and critical.

  • location - (Required) The location for the endpoint.

  • description - (Optional) An optional description of the endpoint.

  • threatExceptions - (Optional) Configuration for threat IDs excluded from generating alerts. Limit: 99 IDs.

  • project - (Optional) The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

  • id - an identifier for the resource with format projects/{{project}}/locations/{{location}}/endpoints/{{name}}

  • createTime - Creation timestamp in RFC 3339 text format.

  • updateTime - Last update timestamp in RFC 3339 text format.

  • endpointForwardingRule - URL of the endpoint's network address to which traffic is to be sent by Packet Mirroring.

  • endpointIp - Internal IP address of the endpoint's network entry point.

Timeouts

This resource provides the following Timeouts configuration options:

  • create - Default is 20 minutes.
  • update - Default is 20 minutes.
  • delete - Default is 20 minutes.

Import

Endpoint can be imported using any of these accepted formats:

$ terraform import google_cloud_ids_endpoint.default projects/{{project}}/locations/{{location}}/endpoints/{{name}}
$ terraform import google_cloud_ids_endpoint.default {{project}}/{{location}}/{{name}}
$ terraform import google_cloud_ids_endpoint.default {{location}}/{{name}}

User Project Overrides

This resource supports User Project Overrides.