Automation
data class AutomationArgs(val actions: Output<List<Any>>? = null, val automationName: Output<String>? = null, val description: Output<String>? = null, val isEnabled: Output<Boolean>? = null, val kind: Output<String>? = null, val location: Output<String>? = null, val resourceGroupName: Output<String>? = null, val scopes: Output<List<AutomationScopeArgs>>? = null, val sources: Output<List<AutomationSourceArgs>>? = null, val tags: Output<Map<String, String>>? = null) : ConvertibleToJava<AutomationArgs>
The security automation resource. API Version: 2019-01-01-preview.
Example Usage
Create or update a security automation for all assessments (including all severities)
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var automation = new AzureNative.Security.Automation("automation", new()
{
Actions = new[]
{
new AzureNative.Security.Inputs.AutomationActionLogicAppArgs
{
ActionType = "LogicApp",
LogicAppResourceId = "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
Uri = "https://exampleTriggerUri1.com",
},
},
AutomationName = "exampleAutomation",
Description = "An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment",
IsEnabled = true,
Location = "Central US",
ResourceGroupName = "exampleResourceGroup",
Scopes = new[]
{
new AzureNative.Security.Inputs.AutomationScopeArgs
{
Description = "A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5",
ScopePath = "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup",
},
},
Sources = new[]
{
new AzureNative.Security.Inputs.AutomationSourceArgs
{
EventSource = "Assessments",
},
},
Tags = null,
});
});Content copied to clipboard
package main
import (
security "github.com/pulumi/pulumi-azure-native-sdk/security"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := security.NewAutomation(ctx, "automation", &security.AutomationArgs{
Actions: pulumi.AnyArray{
security.AutomationActionLogicApp{
ActionType: "LogicApp",
LogicAppResourceId: "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
Uri: "https://exampleTriggerUri1.com",
},
},
AutomationName: pulumi.String("exampleAutomation"),
Description: pulumi.String("An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment"),
IsEnabled: pulumi.Bool(true),
Location: pulumi.String("Central US"),
ResourceGroupName: pulumi.String("exampleResourceGroup"),
Scopes: []security.AutomationScopeArgs{
{
Description: pulumi.String("A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5"),
ScopePath: pulumi.String("/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup"),
},
},
Sources: []security.AutomationSourceArgs{
{
EventSource: pulumi.String("Assessments"),
},
},
Tags: nil,
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.Automation;
import com.pulumi.azurenative.security.AutomationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var automation = new Automation("automation", AutomationArgs.builder()
.actions(Map.ofEntries(
Map.entry("actionType", "LogicApp"),
Map.entry("logicAppResourceId", "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1"),
Map.entry("uri", "https://exampleTriggerUri1.com")
))
.automationName("exampleAutomation")
.description("An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment")
.isEnabled(true)
.location("Central US")
.resourceGroupName("exampleResourceGroup")
.scopes(Map.ofEntries(
Map.entry("description", "A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5"),
Map.entry("scopePath", "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup")
))
.sources(Map.of("eventSource", "Assessments"))
.tags()
.build());
}
}Content copied to clipboard
Create or update a security automation for all high severity assessments
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var automation = new AzureNative.Security.Automation("automation", new()
{
Actions = new[]
{
new AzureNative.Security.Inputs.AutomationActionLogicAppArgs
{
ActionType = "LogicApp",
LogicAppResourceId = "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
Uri = "https://exampleTriggerUri1.com",
},
},
AutomationName = "exampleAutomation",
Description = "An example of a security automation that triggers one LogicApp resource (myTest1) on any high severity security assessment",
IsEnabled = true,
Location = "Central US",
ResourceGroupName = "exampleResourceGroup",
Scopes = new[]
{
new AzureNative.Security.Inputs.AutomationScopeArgs
{
Description = "A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5",
ScopePath = "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup",
},
},
Sources = new[]
{
new AzureNative.Security.Inputs.AutomationSourceArgs
{
EventSource = "Assessments",
RuleSets = new[]
{
new AzureNative.Security.Inputs.AutomationRuleSetArgs
{
Rules = new[]
{
new AzureNative.Security.Inputs.AutomationTriggeringRuleArgs
{
ExpectedValue = "High",
Operator = "Equals",
PropertyJPath = "properties.metadata.severity",
PropertyType = "String",
},
},
},
},
},
},
Tags = null,
});
});Content copied to clipboard
package main
import (
security "github.com/pulumi/pulumi-azure-native-sdk/security"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := security.NewAutomation(ctx, "automation", &security.AutomationArgs{
Actions: pulumi.AnyArray{
security.AutomationActionLogicApp{
ActionType: "LogicApp",
LogicAppResourceId: "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
Uri: "https://exampleTriggerUri1.com",
},
},
AutomationName: pulumi.String("exampleAutomation"),
Description: pulumi.String("An example of a security automation that triggers one LogicApp resource (myTest1) on any high severity security assessment"),
IsEnabled: pulumi.Bool(true),
Location: pulumi.String("Central US"),
ResourceGroupName: pulumi.String("exampleResourceGroup"),
Scopes: []security.AutomationScopeArgs{
{
Description: pulumi.String("A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5"),
ScopePath: pulumi.String("/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup"),
},
},
Sources: []security.AutomationSourceArgs{
{
EventSource: pulumi.String("Assessments"),
RuleSets: security.AutomationRuleSetArray{
{
Rules: security.AutomationTriggeringRuleArray{
{
ExpectedValue: pulumi.String("High"),
Operator: pulumi.String("Equals"),
PropertyJPath: pulumi.String("properties.metadata.severity"),
PropertyType: pulumi.String("String"),
},
},
},
},
},
},
Tags: nil,
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.Automation;
import com.pulumi.azurenative.security.AutomationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var automation = new Automation("automation", AutomationArgs.builder()
.actions(Map.ofEntries(
Map.entry("actionType", "LogicApp"),
Map.entry("logicAppResourceId", "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1"),
Map.entry("uri", "https://exampleTriggerUri1.com")
))
.automationName("exampleAutomation")
.description("An example of a security automation that triggers one LogicApp resource (myTest1) on any high severity security assessment")
.isEnabled(true)
.location("Central US")
.resourceGroupName("exampleResourceGroup")
.scopes(Map.ofEntries(
Map.entry("description", "A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5"),
Map.entry("scopePath", "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup")
))
.sources(Map.ofEntries(
Map.entry("eventSource", "Assessments"),
Map.entry("ruleSets", Map.of("rules", Map.ofEntries(
Map.entry("expectedValue", "High"),
Map.entry("operator", "Equals"),
Map.entry("propertyJPath", "properties.metadata.severity"),
Map.entry("propertyType", "String")
)))
))
.tags()
.build());
}
}Content copied to clipboard
Disable or enable a security automation
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var automation = new AzureNative.Security.Automation("automation", new()
{
Actions = new[]
{
new AzureNative.Security.Inputs.AutomationActionLogicAppArgs
{
ActionType = "LogicApp",
LogicAppResourceId = "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
Uri = "https://exampleTriggerUri1.com",
},
},
AutomationName = "exampleAutomation",
Description = "An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment of type customAssessment",
IsEnabled = false,
Location = "Central US",
ResourceGroupName = "exampleResourceGroup",
Scopes = new[]
{
new AzureNative.Security.Inputs.AutomationScopeArgs
{
Description = "A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5",
ScopePath = "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup",
},
},
Sources = new[]
{
new AzureNative.Security.Inputs.AutomationSourceArgs
{
EventSource = "Assessments",
RuleSets = new[]
{
new AzureNative.Security.Inputs.AutomationRuleSetArgs
{
Rules = new[]
{
new AzureNative.Security.Inputs.AutomationTriggeringRuleArgs
{
ExpectedValue = "customAssessment",
Operator = "Equals",
PropertyJPath = "$.Entity.AssessmentType",
PropertyType = "String",
},
},
},
},
},
},
Tags = null,
});
});Content copied to clipboard
package main
import (
security "github.com/pulumi/pulumi-azure-native-sdk/security"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := security.NewAutomation(ctx, "automation", &security.AutomationArgs{
Actions: pulumi.AnyArray{
security.AutomationActionLogicApp{
ActionType: "LogicApp",
LogicAppResourceId: "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
Uri: "https://exampleTriggerUri1.com",
},
},
AutomationName: pulumi.String("exampleAutomation"),
Description: pulumi.String("An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment of type customAssessment"),
IsEnabled: pulumi.Bool(false),
Location: pulumi.String("Central US"),
ResourceGroupName: pulumi.String("exampleResourceGroup"),
Scopes: []security.AutomationScopeArgs{
{
Description: pulumi.String("A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5"),
ScopePath: pulumi.String("/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup"),
},
},
Sources: []security.AutomationSourceArgs{
{
EventSource: pulumi.String("Assessments"),
RuleSets: security.AutomationRuleSetArray{
{
Rules: security.AutomationTriggeringRuleArray{
{
ExpectedValue: pulumi.String("customAssessment"),
Operator: pulumi.String("Equals"),
PropertyJPath: pulumi.String("$.Entity.AssessmentType"),
PropertyType: pulumi.String("String"),
},
},
},
},
},
},
Tags: nil,
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.Automation;
import com.pulumi.azurenative.security.AutomationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var automation = new Automation("automation", AutomationArgs.builder()
.actions(Map.ofEntries(
Map.entry("actionType", "LogicApp"),
Map.entry("logicAppResourceId", "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1"),
Map.entry("uri", "https://exampleTriggerUri1.com")
))
.automationName("exampleAutomation")
.description("An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment of type customAssessment")
.isEnabled(false)
.location("Central US")
.resourceGroupName("exampleResourceGroup")
.scopes(Map.ofEntries(
Map.entry("description", "A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5"),
Map.entry("scopePath", "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup")
))
.sources(Map.ofEntries(
Map.entry("eventSource", "Assessments"),
Map.entry("ruleSets", Map.of("rules", Map.ofEntries(
Map.entry("expectedValue", "customAssessment"),
Map.entry("operator", "Equals"),
Map.entry("propertyJPath", "$.Entity.AssessmentType"),
Map.entry("propertyType", "String")
)))
))
.tags()
.build());
}
}Content copied to clipboard
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:security:Automation exampleAutomation /subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/exampleResourceGroup/providers/Microsoft.Security/automations/exampleAutomationContent copied to clipboard
Constructors
Link copied to clipboard
constructor(actions: Output<List<Any>>? = null, automationName: Output<String>? = null, description: Output<String>? = null, isEnabled: Output<Boolean>? = null, kind: Output<String>? = null, location: Output<String>? = null, resourceGroupName: Output<String>? = null, scopes: Output<List<AutomationScopeArgs>>? = null, sources: Output<List<AutomationSourceArgs>>? = null, tags: Output<Map<String, String>>? = null)
Properties
Link copied to clipboard
The security automation name.
Link copied to clipboard
The security automation description.
Link copied to clipboard
The name of the resource group within the user's subscription. The name is case insensitive.
Link copied to clipboard
A collection of scopes on which the security automations logic is applied. Supported scopes are the subscription itself or a resource group under that subscription. The automation will only apply on defined scopes.
Link copied to clipboard
A collection of the source event types which evaluate the security automation set of rules.