Guides

SECURITYPOSTURE

Suggest Edits
cloud.google.com
GCP documentation

securityposture.organizations.locations.operations.cancel

valid {
    input.Body.STRING == STRING
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

securityposture.organizations.locations.operations.delete

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

securityposture.organizations.locations.operations.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

securityposture.organizations.locations.operations.list

valid {
    input.ReqMap.name == STRING
    input.Qs.filter == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

securityposture.organizations.locations.postureDeployments.create

valid {
    input.Body.annotations.STRING == STRING
    input.Body.description == STRING
    input.Body.etag == STRING
    input.Body.name == STRING
    input.Body.postureId == STRING
    input.Body.postureRevisionId == STRING
    input.Body.targetResource == STRING
    input.ReqMap.parent == STRING
    input.Qs.postureDeploymentId == STRING
    input.ProviderMetadata.Region == STRING
}

securityposture.organizations.locations.postureDeployments.delete

valid {
    input.ReqMap.name == STRING
    input.Qs.etag == STRING
    input.ProviderMetadata.Region == STRING
}

securityposture.organizations.locations.postureDeployments.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

securityposture.organizations.locations.postureDeployments.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.filter == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

securityposture.organizations.locations.postureDeployments.patch

valid {
    input.Body.annotations.STRING == STRING
    input.Body.description == STRING
    input.Body.etag == STRING
    input.Body.name == STRING
    input.Body.postureId == STRING
    input.Body.postureRevisionId == STRING
    input.Body.targetResource == STRING
    input.ReqMap.name == STRING
    input.Qs.updateMask == STRING
    input.ProviderMetadata.Region == STRING
}

securityposture.organizations.locations.postureTemplates.get

valid {
    input.ReqMap.name == STRING
    input.Qs.revisionId == STRING
    input.ProviderMetadata.Region == STRING
}

securityposture.organizations.locations.postureTemplates.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.filter == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

securityposture.organizations.locations.postures.create

enum_CustomConfigSeverity := [ "SEVERITY_UNSPECIFIED", "CRITICAL", "HIGH", "MEDIUM", "LOW" ]
enum_GoogleCloudSecuritypostureV1CustomConstraintActionType := [ "ACTION_TYPE_UNSPECIFIED", "ALLOW", "DENY" ]
enum_GoogleCloudSecuritypostureV1CustomConstraintMethodTypes := [ "METHOD_TYPE_UNSPECIFIED", "CREATE", "UPDATE", "DELETE" ]
enum_PostureState := [ "STATE_UNSPECIFIED", "DEPRECATED", "DRAFT", "ACTIVE" ]
enum_SecurityHealthAnalyticsCustomModuleModuleEnablementState := [ "ENABLEMENT_STATE_UNSPECIFIED", "ENABLED", "DISABLED" ]
enum_SecurityHealthAnalyticsModuleModuleEnablementState := [ "ENABLEMENT_STATE_UNSPECIFIED", "ENABLED", "DISABLED" ]

valid {
    input.Body.annotations.STRING == STRING
    input.Body.description == STRING
    input.Body.etag == STRING
    input.Body.name == STRING
    input.Body.policySets[_].description == STRING
    input.Body.policySets[_].policies[_].complianceStandards[_].control == STRING
    input.Body.policySets[_].policies[_].complianceStandards[_].standard == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraint.cannedConstraintId == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraint.policyRules[_].allowAll == BOOLEAN
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraint.policyRules[_].condition.description == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraint.policyRules[_].condition.expression == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraint.policyRules[_].condition.location == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraint.policyRules[_].condition.title == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraint.policyRules[_].denyAll == BOOLEAN
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraint.policyRules[_].enforce == BOOLEAN
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraint.policyRules[_].parameters.STRING == ANY
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraint.policyRules[_].resourceTypes.included[_] == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraint.policyRules[_].values.allowedValues[_] == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraint.policyRules[_].values.deniedValues[_] == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.customConstraint.actionType == enum_GoogleCloudSecuritypostureV1CustomConstraintActionType[_]
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.customConstraint.condition == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.customConstraint.description == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.customConstraint.displayName == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.customConstraint.methodTypes[_] == enum_GoogleCloudSecuritypostureV1CustomConstraintMethodTypes[_]
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.customConstraint.name == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.customConstraint.resourceTypes[_] == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.policyRules[_].allowAll == BOOLEAN
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.policyRules[_].condition.description == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.policyRules[_].condition.expression == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.policyRules[_].condition.location == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.policyRules[_].condition.title == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.policyRules[_].denyAll == BOOLEAN
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.policyRules[_].enforce == BOOLEAN
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.policyRules[_].parameters.STRING == ANY
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.policyRules[_].resourceTypes.included[_] == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.policyRules[_].values.allowedValues[_] == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.policyRules[_].values.deniedValues[_] == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.config.customOutput.properties[_].name == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.config.customOutput.properties[_].valueExpression.description == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.config.customOutput.properties[_].valueExpression.expression == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.config.customOutput.properties[_].valueExpression.location == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.config.customOutput.properties[_].valueExpression.title == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.config.description == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.config.predicate.description == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.config.predicate.expression == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.config.predicate.location == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.config.predicate.title == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.config.recommendation == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.config.resourceSelector.resourceTypes[_] == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.config.severity == enum_CustomConfigSeverity[_]
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.displayName == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.moduleEnablementState == enum_SecurityHealthAnalyticsCustomModuleModuleEnablementState[_]
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsModule.moduleEnablementState == enum_SecurityHealthAnalyticsModuleModuleEnablementState[_]
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsModule.moduleName == STRING
    input.Body.policySets[_].policies[_].description == STRING
    input.Body.policySets[_].policies[_].policyId == STRING
    input.Body.policySets[_].policySetId == STRING
    input.Body.state == enum_PostureState[_]
    input.ReqMap.parent == STRING
    input.Qs.postureId == STRING
    input.ProviderMetadata.Region == STRING
}

securityposture.organizations.locations.postures.delete

valid {
    input.ReqMap.name == STRING
    input.Qs.etag == STRING
    input.ProviderMetadata.Region == STRING
}

securityposture.organizations.locations.postures.extract

valid {
    input.Body.postureId == STRING
    input.Body.workload == STRING
    input.ReqMap.parent == STRING
    input.ProviderMetadata.Region == STRING
}

securityposture.organizations.locations.postures.get

valid {
    input.ReqMap.name == STRING
    input.Qs.revisionId == STRING
    input.ProviderMetadata.Region == STRING
}

securityposture.organizations.locations.postures.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.filter == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

securityposture.organizations.locations.postures.listRevisions

valid {
    input.ReqMap.name == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

securityposture.organizations.locations.postures.patch

enum_CustomConfigSeverity := [ "SEVERITY_UNSPECIFIED", "CRITICAL", "HIGH", "MEDIUM", "LOW" ]
enum_GoogleCloudSecuritypostureV1CustomConstraintActionType := [ "ACTION_TYPE_UNSPECIFIED", "ALLOW", "DENY" ]
enum_GoogleCloudSecuritypostureV1CustomConstraintMethodTypes := [ "METHOD_TYPE_UNSPECIFIED", "CREATE", "UPDATE", "DELETE" ]
enum_PostureState := [ "STATE_UNSPECIFIED", "DEPRECATED", "DRAFT", "ACTIVE" ]
enum_SecurityHealthAnalyticsCustomModuleModuleEnablementState := [ "ENABLEMENT_STATE_UNSPECIFIED", "ENABLED", "DISABLED" ]
enum_SecurityHealthAnalyticsModuleModuleEnablementState := [ "ENABLEMENT_STATE_UNSPECIFIED", "ENABLED", "DISABLED" ]

valid {
    input.Body.annotations.STRING == STRING
    input.Body.description == STRING
    input.Body.etag == STRING
    input.Body.name == STRING
    input.Body.policySets[_].description == STRING
    input.Body.policySets[_].policies[_].complianceStandards[_].control == STRING
    input.Body.policySets[_].policies[_].complianceStandards[_].standard == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraint.cannedConstraintId == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraint.policyRules[_].allowAll == BOOLEAN
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraint.policyRules[_].condition.description == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraint.policyRules[_].condition.expression == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraint.policyRules[_].condition.location == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraint.policyRules[_].condition.title == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraint.policyRules[_].denyAll == BOOLEAN
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraint.policyRules[_].enforce == BOOLEAN
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraint.policyRules[_].parameters.STRING == ANY
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraint.policyRules[_].resourceTypes.included[_] == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraint.policyRules[_].values.allowedValues[_] == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraint.policyRules[_].values.deniedValues[_] == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.customConstraint.actionType == enum_GoogleCloudSecuritypostureV1CustomConstraintActionType[_]
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.customConstraint.condition == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.customConstraint.description == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.customConstraint.displayName == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.customConstraint.methodTypes[_] == enum_GoogleCloudSecuritypostureV1CustomConstraintMethodTypes[_]
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.customConstraint.name == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.customConstraint.resourceTypes[_] == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.policyRules[_].allowAll == BOOLEAN
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.policyRules[_].condition.description == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.policyRules[_].condition.expression == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.policyRules[_].condition.location == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.policyRules[_].condition.title == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.policyRules[_].denyAll == BOOLEAN
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.policyRules[_].enforce == BOOLEAN
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.policyRules[_].parameters.STRING == ANY
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.policyRules[_].resourceTypes.included[_] == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.policyRules[_].values.allowedValues[_] == STRING
    input.Body.policySets[_].policies[_].constraint.orgPolicyConstraintCustom.policyRules[_].values.deniedValues[_] == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.config.customOutput.properties[_].name == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.config.customOutput.properties[_].valueExpression.description == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.config.customOutput.properties[_].valueExpression.expression == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.config.customOutput.properties[_].valueExpression.location == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.config.customOutput.properties[_].valueExpression.title == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.config.description == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.config.predicate.description == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.config.predicate.expression == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.config.predicate.location == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.config.predicate.title == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.config.recommendation == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.config.resourceSelector.resourceTypes[_] == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.config.severity == enum_CustomConfigSeverity[_]
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.displayName == STRING
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsCustomModule.moduleEnablementState == enum_SecurityHealthAnalyticsCustomModuleModuleEnablementState[_]
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsModule.moduleEnablementState == enum_SecurityHealthAnalyticsModuleModuleEnablementState[_]
    input.Body.policySets[_].policies[_].constraint.securityHealthAnalyticsModule.moduleName == STRING
    input.Body.policySets[_].policies[_].description == STRING
    input.Body.policySets[_].policies[_].policyId == STRING
    input.Body.policySets[_].policySetId == STRING
    input.Body.state == enum_PostureState[_]
    input.ReqMap.name == STRING
    input.Qs.revisionId == STRING
    input.Qs.updateMask == STRING
    input.ProviderMetadata.Region == STRING
}

securityposture.organizations.locations.reports.createIaCValidationReport

valid {
    input.Body.iac.tfPlan == STRING
    input.ReqMap.parent == STRING
    input.ProviderMetadata.Region == STRING
}

securityposture.organizations.locations.reports.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

securityposture.organizations.locations.reports.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.filter == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

securityposture.projects.locations.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

securityposture.projects.locations.list

valid {
    input.ReqMap.name == STRING
    input.Qs.filter == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

Updated 5 days ago