Advanced vulnerability workloads scanning option

[tacrdenys]

Hello!

• Vote on this issue by adding a 👍 reaction
• If you want to implement this feature, comment to let us know (we'll work with you on design, scheduling, etc.)

Issue details

Hi, found that GKE implemented workload vulnerability scanning with a new Advanced mode, that you can turn on in cluster details

Also i found, that pulumi_google_native.container.v1.Cluster SecurityPostureConfigVulnerabilityMode Enum have only implementation for Basic mode.

I will glad to see that feature implemented as a code, so i dont need to use my own workarounds.

Thanks.

Affected area/feature

So it will be a modification of pulumi_google_native.container.v1.Cluster, so security_posture_config(vulnerability_mode= ) could accept SecurityPostureConfigVulnerabilityMode with "ADVANCED" Enum variant and properly call the create/update methods of cluster

P.S. Sorry for bad grammar and so on

[mjeffryes]

Thanks for the report @tacrdenys; this provider will get that feature when the GCP API specification is updated. You may also check the pulumi-gcp provider to see if it's available there.