Client
data class ClientUserDefineRuleArgs(val actionType: Output<Int>? = null, val clientUserDefineRuleName: Output<String>? = null, val cmdline: Output<String>? = null, val filePath: Output<String>? = null, val hash: Output<String>? = null, val ip: Output<String>? = null, val newFilePath: Output<String>? = null, val parentCmdline: Output<String>? = null, val parentProcPath: Output<String>? = null, val platform: Output<String>? = null, val portStr: Output<String>? = null, val procPath: Output<String>? = null, val registryContent: Output<String>? = null, val registryKey: Output<String>? = null, val type: Output<Int>? = null) : ConvertibleToJava<ClientUserDefineRuleArgs>
Provides a Threat Detection Client User Define Rule resource. Malicious Behavior Defense Custom Rules. For information about Threat Detection Client User Define Rule and how to use it, see What is Client User Define Rule.
NOTE: Available since v1.212.0.
Example Usage
Basic Usage
import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";
const config = new pulumi.Config();
const name = config.get("name") || "terraform-example";
const _default = new alicloud.threatdetection.ClientUserDefineRule("default", {
actionType: 0,
platform: "windows",
registryContent: "123",
clientUserDefineRuleName: name,
parentProcPath: "/root/bash",
type: 5,
cmdline: "bash",
procPath: "/root/bash",
parentCmdline: "bash",
registryKey: "123",
});Content copied to clipboard
import pulumi
import pulumi_alicloud as alicloud
config = pulumi.Config()
name = config.get("name")
if name is None:
name = "terraform-example"
default = alicloud.threatdetection.ClientUserDefineRule("default",
action_type=0,
platform="windows",
registry_content="123",
client_user_define_rule_name=name,
parent_proc_path="/root/bash",
type=5,
cmdline="bash",
proc_path="/root/bash",
parent_cmdline="bash",
registry_key="123")Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AliCloud = Pulumi.AliCloud;
return await Deployment.RunAsync(() =>
{
var config = new Config();
var name = config.Get("name") ?? "terraform-example";
var @default = new AliCloud.ThreatDetection.ClientUserDefineRule("default", new()
{
ActionType = 0,
Platform = "windows",
RegistryContent = "123",
ClientUserDefineRuleName = name,
ParentProcPath = "/root/bash",
Type = 5,
Cmdline = "bash",
ProcPath = "/root/bash",
ParentCmdline = "bash",
RegistryKey = "123",
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/threatdetection"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cfg := config.New(ctx, "")
name := "terraform-example"
if param := cfg.Get("name"); param != "" {
name = param
}
_, err := threatdetection.NewClientUserDefineRule(ctx, "default", &threatdetection.ClientUserDefineRuleArgs{
ActionType: pulumi.Int(0),
Platform: pulumi.String("windows"),
RegistryContent: pulumi.String("123"),
ClientUserDefineRuleName: pulumi.String(name),
ParentProcPath: pulumi.String("/root/bash"),
Type: pulumi.Int(5),
Cmdline: pulumi.String("bash"),
ProcPath: pulumi.String("/root/bash"),
ParentCmdline: pulumi.String("bash"),
RegistryKey: pulumi.String("123"),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.threatdetection.ClientUserDefineRule;
import com.pulumi.alicloud.threatdetection.ClientUserDefineRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var config = ctx.config();
final var name = config.get("name").orElse("terraform-example");
var default_ = new ClientUserDefineRule("default", ClientUserDefineRuleArgs.builder()
.actionType(0)
.platform("windows")
.registryContent("123")
.clientUserDefineRuleName(name)
.parentProcPath("/root/bash")
.type(5)
.cmdline("bash")
.procPath("/root/bash")
.parentCmdline("bash")
.registryKey("123")
.build());
}
}Content copied to clipboard
configuration:
name:
type: string
default: terraform-example
resources:
default:
type: alicloud:threatdetection:ClientUserDefineRule
properties:
actionType: '0'
platform: windows
registryContent: '123'
clientUserDefineRuleName: ${name}
parentProcPath: /root/bash
type: '5'
cmdline: bash
procPath: /root/bash
parentCmdline: bash
registryKey: '123'Content copied to clipboard
Import
Threat Detection Client User Define Rule can be imported using the id, e.g.
$ pulumi import alicloud:threatdetection/clientUserDefineRule:ClientUserDefineRule example <id>Content copied to clipboard
Constructors
Link copied to clipboard
constructor(actionType: Output<Int>? = null, clientUserDefineRuleName: Output<String>? = null, cmdline: Output<String>? = null, filePath: Output<String>? = null, hash: Output<String>? = null, ip: Output<String>? = null, newFilePath: Output<String>? = null, parentCmdline: Output<String>? = null, parentProcPath: Output<String>? = null, platform: Output<String>? = null, portStr: Output<String>? = null, procPath: Output<String>? = null, registryContent: Output<String>? = null, registryKey: Output<String>? = null, type: Output<Int>? = null)
Properties
Link copied to clipboard
The operation type. Value:
Link copied to clipboard
The custom rule name.
Link copied to clipboard
The new file path to rename the file. When the value of the Type attribute is 7, the NewFilePath attribute is required.
Link copied to clipboard
The parent command line.
Link copied to clipboard
Parent process path.
Link copied to clipboard
The registry value. When the value of the Type attribute is 5, the RegistryKey attribute is required.
Link copied to clipboard
The registry key. When the value of the Type attribute is 5, the RegistryKey attribute is required.