1
0
Fork 0
mirror of https://github.com/imjasonh/gcloud-help synced 2026-07-09 02:55:19 +00:00
gcloud-help/gcloud/alpha/web-security-scanner/scan-configs/create
2022-06-08 09:13:38 +00:00

113 lines
4.5 KiB
Text

NAME
gcloud alpha web-security-scanner scan-configs create - create a Web
Security Scanner ScanConfig
SYNOPSIS
gcloud alpha web-security-scanner scan-configs create
--display-name=DISPLAY_NAME --starting-urls=[STARTING_URLS,...]
[--blacklist-patterns=[BLACKLIST_PATTERNS,...]]
[--no-export-to-security-center] [--max-qps=MAX_QPS]
[--risk-level=RISK_LEVEL; default="normal"]
[--target-platforms=[TARGET_PLATFORMS,...];
default="app_engine,compute"] [--user-agent=USER_AGENT]
[--auth-password=AUTH_PASSWORD
--auth-type=AUTH_TYPE --auth-url=AUTH_URL --auth-user=AUTH_USER]
[--schedule-interval-days=SCHEDULE_INTERVAL_DAYS
--schedule-next-start=SCHEDULE_NEXT_START] [GCLOUD_WIDE_FLAG ...]
DESCRIPTION
(ALPHA) Creates a Web Security Scanner ScanConfig.
EXAMPLES
The following command creates a scan config named "my-scan-config":
$ gcloud alpha web-security-scanner scan-configs create \
--display-name=my-scan-config
REQUIRED FLAGS
--display-name=DISPLAY_NAME
A human-readable name for the scan config.
--starting-urls=[STARTING_URLS,...]
URLs the scan starts scanning from. These URLs must be 'owned' by the
project in some way (resolve to a reserved IP address, or be the
default https://<PROJECT-ID>.<REGION-ID>.r.appspot.com).
OPTIONAL FLAGS
--blacklist-patterns=[BLACKLIST_PATTERNS,...]
List of blacklist URL patterns as described online:
https://cloud.google.com/security-scanner/docs/excluded-urls
--export-to-security-center
If True, the scanner will export scan results to Cloud Security Command
Center. Defaults to true. Enabled by default, use
--no-export-to-security-center to disable.
--max-qps=MAX_QPS
Maximum queries per second (QPS) of the scanners. Defaults to 15, with
a maximum of 20.
--risk-level=RISK_LEVEL; default="normal"
The risk level selected for the scan. Defaults to normal scanning.
RISK_LEVEL must be one of: low, normal.
--target-platforms=[TARGET_PLATFORMS,...]; default="app_engine,compute"
List of platforms the site is running on. Defaults to
'app_engine,compute'. TARGET_PLATFORMS must be one of: app-engine,
cloud-functions, cloud-run, compute, target-platform-unspecified.
--user-agent=USER_AGENT
List of user agents to use when crawling. Defaults to 'chrome_linux'.
USER_AGENT must be one of: chrome-android, chrome-linux, safari-iphone,
user-agent-unspecified.
--auth-password=AUTH_PASSWORD
Password for the test user. Required if --auth-type is not 'none'.
--auth-type=AUTH_TYPE
Type of authentication to use. AUTH_TYPE must be one of:
custom
Authentication with a custom account.
google
Authentication with a Google account.
none
Disables Authentication.
--auth-url=AUTH_URL
URL of the login page for your site. Required if --auth-type is
'custom'. Otherwise, it should not be set.
--auth-user=AUTH_USER
The test user to log in as. Required if --auth-type is not 'none'.
'google' login requires a full email address. Cannot be your own
account.
--schedule-interval-days=SCHEDULE_INTERVAL_DAYS
How frequently the scan should be run automatically (in days). If not
set, there is no automatic scheduling of this scan.
--schedule-next-start=SCHEDULE_NEXT_START
When the next automatic scheduled scan should start. Requires
--schedule-interval-days to be set. See $ gcloud topic datetimes for
information on time formats.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account,
--billing-project, --configuration, --flags-file, --flatten, --format,
--help, --impersonate-service-account, --log-http, --project, --quiet,
--trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
API REFERENCE
This command uses the websecurityscanner/v1beta API. The full documentation
for this API can be found at:
https://cloud.google.com/security-command-center/docs/concepts-web-security-scanner-overview/
NOTES
This command is currently in alpha and might change without notice. If this
command fails with API permission errors despite specifying the correct
project, you might be trying to access an API with an invitation-only early
access allowlist.