googleSccNotificationConfig

A Cloud Security Command Center (Cloud SCC) notification configs. A notification config is a Cloud SCC resource that contains the configuration to send notifications for create/update events of findings, assets and etc. \~> Note: In order to use Cloud SCC resources, your organization must be enrolled in SCC Standard/Premium. Without doing so, you may run into errors during resource creation.

To get more information about NotificationConfig, see:

• API documentation
• How-to Guides
• Official Documentation

Example Usage - Scc Notification Config Basic

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
const googlePubsubTopicSccNotification = new google.pubsubTopic.PubsubTopic(
  this,
  "scc_notification",
  {
    name: "my-topic",
  }
);
new google.sccNotificationConfig.SccNotificationConfig(
  this,
  "custom_notification_config",
  {
    config_id: "my-config",
    description:
      "My custom Cloud Security Command Center Finding Notification Configuration",
    organization: "123456789",
    pubsub_topic: googlePubsubTopicSccNotification.id,
    streaming_config: [
      {
        filter: 'category = "OPEN_FIREWALL" AND state = "ACTIVE"',
      },
    ],
  }
);

Argument Reference

The following arguments are supported:

• pubsubTopic - (Required) The Pub/Sub topic to send notifications to. Its format is "projects/[project_id]/topics/[topic]".

• streamingConfig - (Required) The config for triggering streaming-based notifications. Structure is documented below.

• organization - (Required) The organization whose Cloud Security Command Center the Notification Config lives in.

• configId - (Required) This must be unique within the organization.

The streamingConfig block supports:

• filter - (Required) Expression that defines the filter to apply across create/update events of assets or findings as specified by the event type. The expression is a list of zero or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND. Restrictions have the form and may have a - character in front of them to indicate negation. The fields map to those defined in the corresponding resource. The supported operators are:
• \= for all value types.

• , <, >=, <= for integer values.

• :, meaning substring matching, for strings. The supported value types are:
• string literals in quotes.
• integer literals without quotes.
• boolean literals true and false without quotes. See Filtering notifications for information on how to write a filter.

• description - (Optional) The description of the notification config (max of 1024 characters).

Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

• id - an identifier for the resource with format {{name}}

• name - The resource name of this notification config, in the format organizations/{{organization}}/notificationConfigs/{{configId}}.

• serviceAccount - The service account that needs "pubsub.topics.publish" permission to publish to the Pub/Sub topic.

Timeouts

This resource provides the following Timeouts configuration options:

• create - Default is 20 minutes.
• update - Default is 20 minutes.
• delete - Default is 20 minutes.

Import

NotificationConfig can be imported using any of these accepted formats:

$ terraform import google_scc_notification_config.default organizations/{{organization}}/notificationConfigs/{{name}}
$ terraform import google_scc_notification_config.default {{organization}}/{{name}}