cfe2e21ce7
* feat: add support for SCC Custom Security Health Analytics module in organization, folder and project modules * fix: update description and docs --------- Co-authored-by: Julio Castillo <jccb@google.com>
48 lines
1.6 KiB
YAML
48 lines
1.6 KiB
YAML
# Copyright 2025 Google LLC
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
values:
|
|
module.folder.google_folder.folder[0]:
|
|
deletion_protection: false
|
|
display_name: Folder name
|
|
parent: folders/1122334455
|
|
tags: null
|
|
timeouts: null
|
|
module.folder.google_scc_management_folder_security_health_analytics_custom_module.scc_folder_custom_module["cloudkmKeyRotationPeriod"]:
|
|
custom_config:
|
|
- custom_output: []
|
|
description: The rotation period of the identified cryptokey resource exceeds
|
|
30 days.
|
|
predicate:
|
|
- description: null
|
|
expression: resource.rotationPeriod > duration("2592000s")
|
|
location: null
|
|
title: null
|
|
recommendation: Set the rotation period to at most 30 days.
|
|
resource_selector:
|
|
- resource_types:
|
|
- cloudkms.googleapis.com/CryptoKey
|
|
severity: MEDIUM
|
|
display_name: cloudkmKeyRotationPeriod
|
|
enablement_state: ENABLED
|
|
location: global
|
|
timeouts: null
|
|
|
|
counts:
|
|
google_folder: 1
|
|
google_scc_management_folder_security_health_analytics_custom_module: 1
|
|
modules: 1
|
|
resources: 2
|
|
|