Reference documentation and code samples for the Google Cloud Security Compliance V1 Client class CloudControl.
A CloudControl is the fundamental unit encapsulating the rules to meet a specific security or compliance intent. It can contain various rule types (like Organization Policies, CEL expressions, etc.) enabling different enforcement modes (Preventive, Detective, Audit).
CloudControls are often parameterized for reusability and can be either BUILT_IN (provided by Google) or CUSTOM (defined by the user).
Generated from protobuf message google.cloud.cloudsecuritycompliance.v1.CloudControl
Namespace
Google \ Cloud \ CloudSecurityCompliance \ V1Methods
__construct
Constructor.
data
array
Optional. Data for populating the Message object.
↳ name
string
Required. Identifier. The resource name of the cloud control. Format: organizations/{organization}/locations/{location}/cloudControls/{cloud_control_id}
↳ major_revision_id
int|string
Output only. Major revision of the cloud control incremented in ascending order.
↳ description
string
Optional. A description of the cloud control. The maximum length is 2000 characters.
↳ display_name
string
Optional. The display name of the cloud control. The maximum length is 200 characters.
↳ supported_enforcement_modes
array
Output only. The supported enforcement mode of the cloud control. Default is DETECTIVE.
↳ parameter_spec
↳ rules
↳ severity
int
Optional. The severity of findings generated by the cloud control.
↳ finding_category
string
Optional. The finding_category of the cloud control. The maximum length is 255 characters.
↳ supported_cloud_providers
array
Optional. cloud providers supported
↳ related_frameworks
array
Output only. The Frameworks that include this CloudControl
↳ remediation_steps
string
Optional. The remediation steps for the findings generated by the cloud control. The maximum length is 400 characters.
↳ categories
array
Optional. The categories of the cloud control.
↳ create_time
Google\Protobuf\Timestamp
Output only. The last updated time of the cloud control. The create_time is used because a new CC is created whenever we update an existing CC.
↳ supported_target_resource_types
array
Optional. target resource types supported by the CloudControl.
getName
Required. Identifier. The resource name of the cloud control.
Format: organizations/{organization}/locations/{location}/cloudControls/{cloud_control_id}
string
setName
Required. Identifier. The resource name of the cloud control.
Format: organizations/{organization}/locations/{location}/cloudControls/{cloud_control_id}
var
string
$this
getMajorRevisionId
Output only. Major revision of the cloud control incremented in ascending order.
int|string
setMajorRevisionId
Output only. Major revision of the cloud control incremented in ascending order.
var
int|string
$this
getDescription
Optional. A description of the cloud control. The maximum length is 2000 characters.
string
setDescription
Optional. A description of the cloud control. The maximum length is 2000 characters.
var
string
$this
getDisplayName
Optional. The display name of the cloud control. The maximum length is 200 characters.
string
setDisplayName
Optional. The display name of the cloud control. The maximum length is 200 characters.
var
string
$this
getSupportedEnforcementModes
Output only. The supported enforcement mode of the cloud control. Default is DETECTIVE.
setSupportedEnforcementModes
Output only. The supported enforcement mode of the cloud control. Default is DETECTIVE.
var
int[]
$this
getParameterSpec
Optional. The parameter spec of the cloud control.
setParameterSpec
Optional. The parameter spec of the cloud control.
$this
getRules
Optional. The Policy to be enforced to prevent/detect resource non-compliance.
setRules
Optional. The Policy to be enforced to prevent/detect resource non-compliance.
$this
getSeverity
Optional. The severity of findings generated by the cloud control.
setSeverity
Optional. The severity of findings generated by the cloud control.
$this
getFindingCategory
Optional. The finding_category of the cloud control. The maximum length is 255 characters.
string
setFindingCategory
Optional. The finding_category of the cloud control. The maximum length is 255 characters.
var
string
$this
getSupportedCloudProviders
Optional. cloud providers supported
setSupportedCloudProviders
Optional. cloud providers supported
var
int[]
$this
getRelatedFrameworks
Output only. The Frameworks that include this CloudControl
setRelatedFrameworks
Output only. The Frameworks that include this CloudControl
var
string[]
$this
getRemediationSteps
Optional. The remediation steps for the findings generated by the cloud control. The maximum length is 400 characters.
string
setRemediationSteps
Optional. The remediation steps for the findings generated by the cloud control. The maximum length is 400 characters.
var
string
$this
getCategories
Optional. The categories of the cloud control.
setCategories
Optional. The categories of the cloud control.
var
int[]
$this
getCreateTime
Output only. The last updated time of the cloud control.
The create_time is used because a new CC is created whenever we update an existing CC.
hasCreateTime
clearCreateTime
setCreateTime
Output only. The last updated time of the cloud control.
The create_time is used because a new CC is created whenever we update an existing CC.
$this
getSupportedTargetResourceTypes
Optional. target resource types supported by the CloudControl.
setSupportedTargetResourceTypes
Optional. target resource types supported by the CloudControl.
var
int[]
$this
