gcp.certmanager-certificate
GCP Certificate Manager Certificate
Filters
metrics
Supports metrics filters on resources.
All resources that have cloud watch metrics are supported.
Docs on cloud watch metrics
Google Supported Metrics https://cloud.google.com/monitoring/api/metrics_gcp
Custom Metrics https://cloud.google.com/monitoring/api/v3/metric-model#intro-custom-metrics
- name: firewall-hit-count
resource: gcp.firewall
filters:
- type: metrics
name: firewallinsights.googleapis.com/subnet/firewall_hit_count
aligner: ALIGN_COUNT
days: 14
value: 1
op: greater-than
properties:
aligner:
enum:
- ALIGN_NONE
- ALIGN_DELTA
- ALIGN_RATE
- ALIGN_INTERPOLATE
- ALIGN_MIN
- ALIGN_MAX
- ALIGN_MEAN
- ALIGN_COUNT
- ALIGN_SUM
- REDUCE_COUNT_FALSE
- ALIGN_STDDEV
- ALIGN_COUNT_TRUE
- ALIGN_COUNT_FALSE
- ALIGN_FRACTION_TRUE
- ALIGN_PERCENTILE_99
- ALIGN_PERCENTILE_95
- ALIGN_PERCENTILE_50
- ALIGN_PERCENTILE_05
- ALIGN_PERCENT_CHANG
type: string
days:
type: number
filter:
type: string
group-by-fields:
items:
type: string
type: array
metric-key:
type: string
missing-value:
type: number
name:
type: string
op:
enum:
- eq
- equal
- ne
- not-equal
- gt
- greater-than
- ge
- gte
- le
- lte
- lt
- less-than
- glob
- regex
- regex-case
- in
- ni
- not-in
- contains
- difference
- intersect
- mod
type: string
reducer:
enum:
- REDUCE_NONE
- REDUCE_MEAN
- REDUCE_MIN
- REDUCE_MAX
- REDUCE_MEAN
- REDUCE_SUM
- REDUCE_STDDEV
- REDUCE_COUNT
- REDUCE_COUNT_TRUE
- REDUCE_COUNT_FALSE
- REDUCE_FRACTION_TRUE
- REDUCE_PERCENTILE_99
- REDUCE_PERCENTILE_95
- REDUCE_PERCENTILE_50
- REDUCE_PERCENTILE_05
type: string
type:
enum:
- metrics
value:
type: number
required:
- value
- name
- op
Permissions - monitoring.timeSeries.list
Actions
delete
Delete Certificate Manager Certificate
- example:
policies:
- name: delete-unused-certificates
resource: gcp.certmanager-certificate
filters:
- type: value
key: labels.environment
value: staging
actions:
- type: delete
properties:
type:
enum:
- delete
required:
- type
Permissions - certificatemanager.certs.delete
mark-for-op
Mark Certificate Manager Certificate for future action
- example:
policies:
- name: mark-certificates-for-deletion
resource: gcp.certmanager-certificate
actions:
- type: mark-for-op
op: delete
days: 7
properties:
days:
exclusiveMinimum: false
minimum: 0
type: number
hours:
exclusiveMinimum: false
minimum: 0
type: number
label:
type: string
msg:
type: string
op:
type: string
type:
enum:
- mark-for-op
tz:
type: string
required:
- type
Permissions - certificatemanager.certs.update
set-labels
Set labels to Certificate Manager Certificate
- example:
policies:
- name: label-certificates
resource: gcp.certmanager-certificate
actions:
- type: set-labels
labels:
environment: test
properties:
labels:
additionalProperties:
oneOf:
- oneOf:
- additionalProperties: false
properties:
default-value:
type: string
key:
type: string
type:
enum:
- resource
type: string
required:
- type
- key
type: object
- type: string
type: object
remove:
items:
type: string
type: array
type:
enum:
- set-labels
required:
- type
Permissions - certificatemanager.certs.update