Security Command Center
Definition
Security Command Center (SCC) is a comprehensive security management and data risk platform for Google Cloud. It provides visibility into an organization’s cloud assets, identifies vulnerabilities, and detects threats in real-time. SCC helps in maintaining compliance by offering insights into security posture and enabling automated responses to security incidents.
Secure Settings Example
# Example of enabling Security Command Center in a Google Cloud project
resource "google_security_center_settings" "secure_settings" {
project = "my-secure-project"
# Enable all security sources
security_sources {
enable_asset_discovery = true
enable_event_threat_detection = true
enable_security_health_analytics = true
}
# Set notification configuration
notification_config {
pubsub_topic = "projects/my-secure-project/topics/security-notifications"
}
}
Insecure Settings Example
# Example of a misconfigured Security Command Center setup
resource "google_security_center_settings" "insecure_settings" {
project = "my-insecure-project"
# Asset discovery is disabled, reducing visibility
security_sources {
enable_asset_discovery = false
enable_event_threat_detection = true
enable_security_health_analytics = true
}
# No notification configuration, missing alerts
notification_config {
pubsub_topic = ""
}
}