import * as pulumi from "@pulumi/pulumi"; /** * A Cloud Security Command Center (Cloud SCC) Big Query Export Config. * It represents exporting Security Command Center data, including assets, findings, and security marks * using gcloud scc bqexports * > **Note:** In order to use Cloud SCC resources, your organization must be enrolled * in [SCC Standard/Premium](https://cloud.google.com/security-command-center/docs/quickstart-security-command-center). * Without doing so, you may run into errors during resource creation. * * To get more information about OrganizationSccBigQueryExport, see: * * * [API documentation](https://cloud.google.com/security-command-center/docs/reference/rest/v1/organizations.bigQueryExports) * * How-to Guides * * [Official Documentation](https://cloud.google.com/security-command-center/docs/how-to-analyze-findings-in-big-query) * * ## Example Usage * * ### Scc Organization Big Query Export Config Basic * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const _default = new gcp.bigquery.Dataset("default", { * datasetId: "my-dataset", * friendlyName: "test", * description: "This is a test description", * location: "US", * defaultTableExpirationMs: 3600000, * defaultPartitionExpirationMs: null, * labels: { * env: "default", * }, * }); * const customBigQueryExportConfig = new gcp.securitycenter.OrganizationSccBigQueryExport("custom_big_query_export_config", { * name: "my-export", * bigQueryExportId: "my-export", * organization: "123456789", * dataset: _default.id, * description: "Cloud Security Command Center Findings Big Query Export Config", * filter: "state=\"ACTIVE\" AND NOT mute=\"MUTED\"", * }); * ``` * * ## Import * * OrganizationSccBigQueryExport can be imported using any of these accepted formats: * * * `organizations/{{organization}}/bigQueryExports/{{big_query_export_id}}` * * * `{{organization}}/{{big_query_export_id}}` * * When using the `pulumi import` command, OrganizationSccBigQueryExport can be imported using one of the formats above. For example: * * ```sh * $ pulumi import gcp:securitycenter/organizationSccBigQueryExport:OrganizationSccBigQueryExport default organizations/{{organization}}/bigQueryExports/{{big_query_export_id}} * ``` * * ```sh * $ pulumi import gcp:securitycenter/organizationSccBigQueryExport:OrganizationSccBigQueryExport default {{organization}}/{{big_query_export_id}} * ``` */ export declare class OrganizationSccBigQueryExport extends pulumi.CustomResource { /** * Get an existing OrganizationSccBigQueryExport resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: OrganizationSccBigQueryExportState, opts?: pulumi.CustomResourceOptions): OrganizationSccBigQueryExport; /** * Returns true if the given object is an instance of OrganizationSccBigQueryExport. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is OrganizationSccBigQueryExport; /** * This must be unique within the organization. */ readonly bigQueryExportId: pulumi.Output; /** * The time at which the BigQuery export was created. This field is set by the server and will be ignored if provided on export on creation. * A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. * Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". */ readonly createTime: pulumi.Output; /** * The dataset to write findings' updates to. * Its format is "projects/[projectId]/datasets/[bigqueryDatasetId]". * BigQuery Dataset unique ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). */ readonly dataset: pulumi.Output; /** * The description of the notification config (max of 1024 characters). */ readonly description: pulumi.Output; /** * Expression that defines the filter to apply across create/update * events of findings. The * expression is a list of zero or more restrictions combined via * logical operators AND and OR. Parentheses are supported, and OR * has higher precedence than AND. * Restrictions have the form and may have * a - character in front of them to indicate negation. The fields * map to those defined in the corresponding resource. * The supported operators are: * * = for all value types. * * \>, <, >=, <= for integer values. * * :, meaning substring matching, for strings. * The supported value types are: * * string literals in quotes. * * integer literals without quotes. * * boolean literals true and false without quotes. * See * [Filtering notifications](https://cloud.google.com/security-command-center/docs/how-to-api-filter-notifications) * for information on how to write a filter. */ readonly filter: pulumi.Output; /** * Email address of the user who last edited the BigQuery export. * This field is set by the server and will be ignored if provided on export creation or update. */ readonly mostRecentEditor: pulumi.Output; /** * The resource name of this export, in the format * `organizations/{{organization}}/bigQueryExports/{{big_query_export_id}}`. * This field is provided in responses, and is ignored when provided in create requests. */ readonly name: pulumi.Output; /** * The organization whose Cloud Security Command Center the Big Query Export * Config lives in. */ readonly organization: pulumi.Output; /** * The service account that needs permission to create table and upload data to the BigQuery dataset. */ readonly principal: pulumi.Output; /** * The most recent time at which the BigQuery export was updated. This field is set by the server and will be ignored if provided on export creation or update. * A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. * Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". */ readonly updateTime: pulumi.Output; /** * Create a OrganizationSccBigQueryExport resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: OrganizationSccBigQueryExportArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering OrganizationSccBigQueryExport resources. */ export interface OrganizationSccBigQueryExportState { /** * This must be unique within the organization. */ bigQueryExportId?: pulumi.Input; /** * The time at which the BigQuery export was created. This field is set by the server and will be ignored if provided on export on creation. * A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. * Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". */ createTime?: pulumi.Input; /** * The dataset to write findings' updates to. * Its format is "projects/[projectId]/datasets/[bigqueryDatasetId]". * BigQuery Dataset unique ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). */ dataset?: pulumi.Input; /** * The description of the notification config (max of 1024 characters). */ description?: pulumi.Input; /** * Expression that defines the filter to apply across create/update * events of findings. The * expression is a list of zero or more restrictions combined via * logical operators AND and OR. Parentheses are supported, and OR * has higher precedence than AND. * Restrictions have the form and may have * a - character in front of them to indicate negation. The fields * map to those defined in the corresponding resource. * The supported operators are: * * = for all value types. * * \>, <, >=, <= for integer values. * * :, meaning substring matching, for strings. * The supported value types are: * * string literals in quotes. * * integer literals without quotes. * * boolean literals true and false without quotes. * See * [Filtering notifications](https://cloud.google.com/security-command-center/docs/how-to-api-filter-notifications) * for information on how to write a filter. */ filter?: pulumi.Input; /** * Email address of the user who last edited the BigQuery export. * This field is set by the server and will be ignored if provided on export creation or update. */ mostRecentEditor?: pulumi.Input; /** * The resource name of this export, in the format * `organizations/{{organization}}/bigQueryExports/{{big_query_export_id}}`. * This field is provided in responses, and is ignored when provided in create requests. */ name?: pulumi.Input; /** * The organization whose Cloud Security Command Center the Big Query Export * Config lives in. */ organization?: pulumi.Input; /** * The service account that needs permission to create table and upload data to the BigQuery dataset. */ principal?: pulumi.Input; /** * The most recent time at which the BigQuery export was updated. This field is set by the server and will be ignored if provided on export creation or update. * A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. * Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z". */ updateTime?: pulumi.Input; } /** * The set of arguments for constructing a OrganizationSccBigQueryExport resource. */ export interface OrganizationSccBigQueryExportArgs { /** * This must be unique within the organization. */ bigQueryExportId: pulumi.Input; /** * The dataset to write findings' updates to. * Its format is "projects/[projectId]/datasets/[bigqueryDatasetId]". * BigQuery Dataset unique ID must contain only letters (a-z, A-Z), numbers (0-9), or underscores (_). */ dataset?: pulumi.Input; /** * The description of the notification config (max of 1024 characters). */ description?: pulumi.Input; /** * Expression that defines the filter to apply across create/update * events of findings. The * expression is a list of zero or more restrictions combined via * logical operators AND and OR. Parentheses are supported, and OR * has higher precedence than AND. * Restrictions have the form and may have * a - character in front of them to indicate negation. The fields * map to those defined in the corresponding resource. * The supported operators are: * * = for all value types. * * \>, <, >=, <= for integer values. * * :, meaning substring matching, for strings. * The supported value types are: * * string literals in quotes. * * integer literals without quotes. * * boolean literals true and false without quotes. * See * [Filtering notifications](https://cloud.google.com/security-command-center/docs/how-to-api-filter-notifications) * for information on how to write a filter. */ filter?: pulumi.Input; /** * The organization whose Cloud Security Command Center the Big Query Export * Config lives in. */ organization: pulumi.Input; }