Represents an instance of an Event Threat Detection custom module, including its full module name, display name, enablement state, andlast updated time. You can create a custom module at the organization level only.
To get more information about EventThreatDetectionCustomModule, see:
resource "google_scc_event_threat_detection_custom_module" "example" {
organization = "123456789"
display_name = "basic_custom_module"
enablement_state = "ENABLED"
type = "CONFIGURABLE_BAD_IP"
description = "My Event Threat Detection Custom Module"
config = jsonencode({
"metadata": {
"severity": "LOW",
"description": "Flagged by Forcepoint as malicious",
"recommendation": "Contact the owner of the relevant project."
},
"ips": [
"192.0.2.1",
"192.0.2.0/24"
]
})
}
The following arguments are supported:
config
-
(Required)
Config for the module. For the resident module, its config value is defined at this level.
For the inherited module, its config value is inherited from the ancestor module.
enablement_state
-
(Required)
The state of enablement for the module at the given level of the hierarchy.
Possible values are: ENABLED
, DISABLED
.
type
-
(Required)
Immutable. Type for the module. e.g. CONFIGURABLE_BAD_IP.
organization
-
(Required)
Numerical ID of the parent organization.
display_name
-
(Optional)
The human readable name to be displayed for the module.In addition to the arguments listed above, the following computed attributes are exported:
id
- an identifier for the resource with format organizations/{{organization}}/eventThreatDetectionSettings/customModules/{{name}}
name
-
The resource name of the Event Threat Detection custom module.
Its format is "organizations/{organization}/eventThreatDetectionSettings/customModules/{module}".
update_time
-
The time at which the custom module was last updated.
A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and
up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
last_editor
-
The editor that last updated the custom module
This resource provides the following Timeouts configuration options:
create
- Default is 20 minutes.update
- Default is 20 minutes.delete
- Default is 20 minutes.EventThreatDetectionCustomModule can be imported using any of these accepted formats:
organizations/{{organization}}/eventThreatDetectionSettings/customModules/{{name}}
{{organization}}/{{name}}
In Terraform v1.5.0 and later, use an import
block to import EventThreatDetectionCustomModule using one of the formats above. For example:
import {
id = "organizations/{{organization}}/eventThreatDetectionSettings/customModules/{{name}}"
to = google_scc_event_threat_detection_custom_module.default
}
When using the terraform import
command, EventThreatDetectionCustomModule can be imported using one of the formats above. For example:
$ terraform import google_scc_event_threat_detection_custom_module.default organizations/{{organization}}/eventThreatDetectionSettings/customModules/{{name}}
$ terraform import google_scc_event_threat_detection_custom_module.default {{organization}}/{{name}}