google_security_scanner_scan_config add support for fixed ip

[jenshonkan84]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment. If the issue is assigned to the "modular-magician" user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If the issue is assigned to a user, that user is claiming responsibility for the issue. If the issue is assigned to "hashibot", a community member has claimed the issue already.

Description

Add support for "Runs scan from fixed IPs"

New or Affected Resource(s)

• google_security_scanner_scan_config

Potential Terraform Configuration

# Propose what you think the configuration to take advantage of this feature should look like.
# We may not use it verbatim, but it's helpful in understanding your intent.
resource "google_security_scanner_scan_config" "scan-config" {
  provider         = google-beta
  display_name     = "terraform-scan-config"
  starting_urls    = ["http://${google_compute_address.scanner_static_ip.address}"]
  target_platforms = ["COMPUTE"]
  fixed_ip     = true
}

References

• 0000

b/299442467

[danawillow]

@jenshonkan84 can you link to the documentation for the feature? A gcloud command that makes it work would be helpful here.

[jenshonkan84]

Sorry for late replay. Here is the documentation: https://cloud.google.com/security-command-center/docs/how-to-web-security-scanner-custom-scans?&_ga=2.259902730.-1600235768.1588667725#firewall-configuration

[ScottSuarez]

Should be workable after reviewing https://cloud.google.com/security-command-center/docs/reference/web-security-scanner/rest/v1/projects.scanConfigs