scan_configs

Creates, updates, deletes, gets or lists a scan_configs resource.

Overview

Name	`scan_configs`
Type	Resource
Id	`google.websecurityscanner.scan_configs`

Fields

Name	Datatype	Description
`name`	`string`	The resource name of the ScanConfig. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}'. The ScanConfig IDs are generated by the system.
`authentication`	`object`	Scan authentication configuration.
`blacklistPatterns`	`array`	The excluded URL patterns as described in https://cloud.google.com/security-command-center/docs/how-to-use-web-security-scanner#excluding_urls
`displayName`	`string`	Required. The user provided display name of the ScanConfig.
`exportToSecurityCommandCenter`	`string`	Controls export of scan configurations and results to Security Command Center.
`ignoreHttpStatusErrors`	`boolean`	Whether to keep scanning even if most requests return HTTP error codes.
`managedScan`	`boolean`	Whether the scan config is managed by Web Security Scanner, output only.
`maxQps`	`integer`	The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. If the field is unspecified or its value is set 0, server will default to 15. Other values outside of [5, 20] range will be rejected with INVALID_ARGUMENT error.
`riskLevel`	`string`	The risk level selected for the scan
`schedule`	`object`	Scan schedule configuration.
`startingUrls`	`array`	Required. The starting URLs from which the scanner finds site pages.
`staticIpScan`	`boolean`	Whether the scan configuration has enabled static IP address scan feature. If enabled, the scanner will access applications from static IP addresses.
`userAgent`	`string`	The user agent used during scanning.

Methods

Name	Accessible by	Required Params	Description
`get`	`SELECT`	`projectsId, scanConfigsId`	Gets a ScanConfig.
`list`	`SELECT`	`projectsId`	Lists ScanConfigs under a given project.
`create`	`INSERT`	`projectsId`	Creates a new ScanConfig.
`delete`	`DELETE`	`projectsId, scanConfigsId`	Deletes an existing ScanConfig and its child resources.
`patch`	`UPDATE`	`projectsId, scanConfigsId`	Updates a ScanConfig. This method support partial update of a ScanConfig.
`start`	`EXEC`	`projectsId, scanConfigsId`	Start a ScanRun according to the given ScanConfig.

`SELECT` examples

Lists ScanConfigs under a given project.

SELECT
name,
authentication,
blacklistPatterns,
displayName,
exportToSecurityCommandCenter,
ignoreHttpStatusErrors,
managedScan,
maxQps,
riskLevel,
schedule,
startingUrls,
staticIpScan,
userAgent
FROM google.websecurityscanner.scan_configs
WHERE projectsId = '{{ projectsId }}';

`INSERT` example

Use the following StackQL query and manifest file to create a new scan_configs resource.

All Properties
Manifest

/*+ create */
INSERT INTO google.websecurityscanner.scan_configs (
projectsId,
startingUrls,
authentication,
riskLevel,
displayName,
blacklistPatterns,
ignoreHttpStatusErrors,
staticIpScan,
managedScan,
name,
userAgent,
maxQps,
schedule,
exportToSecurityCommandCenter
)
SELECT 
'{{ projectsId }}',
'{{ startingUrls }}',
'{{ authentication }}',
'{{ riskLevel }}',
'{{ displayName }}',
'{{ blacklistPatterns }}',
{{ ignoreHttpStatusErrors }},
{{ staticIpScan }},
{{ managedScan }},
'{{ name }}',
'{{ userAgent }}',
'{{ maxQps }}',
'{{ schedule }}',
'{{ exportToSecurityCommandCenter }}'
;

- name: your_resource_model_name
  props:
    - name: startingUrls
      value:
        - string
    - name: authentication
      value:
        - name: googleAccount
          value:
            - name: username
              value: string
            - name: password
              value: string
        - name: iapCredential
          value:
            - name: iapTestServiceAccountInfo
              value:
                - name: targetAudienceClientId
                  value: string
        - name: customAccount
          value:
            - name: username
              value: string
            - name: password
              value: string
            - name: loginUrl
              value: string
    - name: riskLevel
      value: string
    - name: displayName
      value: string
    - name: blacklistPatterns
      value:
        - string
    - name: ignoreHttpStatusErrors
      value: boolean
    - name: staticIpScan
      value: boolean
    - name: managedScan
      value: boolean
    - name: name
      value: string
    - name: userAgent
      value: string
    - name: maxQps
      value: integer
    - name: schedule
      value:
        - name: scheduleTime
          value: string
        - name: intervalDurationDays
          value: integer
    - name: exportToSecurityCommandCenter
      value: string

`UPDATE` example

Updates a scan_configs resource.

/*+ update */
UPDATE google.websecurityscanner.scan_configs
SET 
startingUrls = '{{ startingUrls }}',
authentication = '{{ authentication }}',
riskLevel = '{{ riskLevel }}',
displayName = '{{ displayName }}',
blacklistPatterns = '{{ blacklistPatterns }}',
ignoreHttpStatusErrors = true|false,
staticIpScan = true|false,
managedScan = true|false,
name = '{{ name }}',
userAgent = '{{ userAgent }}',
maxQps = '{{ maxQps }}',
schedule = '{{ schedule }}',
exportToSecurityCommandCenter = '{{ exportToSecurityCommandCenter }}'
WHERE 
projectsId = '{{ projectsId }}'
AND scanConfigsId = '{{ scanConfigsId }}';

`DELETE` example

Deletes the specified scan_configs resource.

/*+ delete */
DELETE FROM google.websecurityscanner.scan_configs
WHERE projectsId = '{{ projectsId }}'
AND scanConfigsId = '{{ scanConfigsId }}';

Overview​

Fields​

Methods​

SELECT examples​

INSERT example​

UPDATE example​

DELETE example​