Automation
The security automation resource. API Version: 2019-01-01-preview.
Example Usage
Create or update a security automation for all assessments (including all severities)
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var automation = new AzureNative.Security.Automation("automation", new()
{
Actions = new[]
{
new AzureNative.Security.Inputs.AutomationActionLogicAppArgs
{
ActionType = "LogicApp",
LogicAppResourceId = "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
Uri = "https://exampleTriggerUri1.com",
},
},
AutomationName = "exampleAutomation",
Description = "An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment",
IsEnabled = true,
Location = "Central US",
ResourceGroupName = "exampleResourceGroup",
Scopes = new[]
{
new AzureNative.Security.Inputs.AutomationScopeArgs
{
Description = "A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5",
ScopePath = "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup",
},
},
Sources = new[]
{
new AzureNative.Security.Inputs.AutomationSourceArgs
{
EventSource = "Assessments",
},
},
Tags = null,
});
});Content copied to clipboard
package main
import (
security "github.com/pulumi/pulumi-azure-native-sdk/security"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := security.NewAutomation(ctx, "automation", &security.AutomationArgs{
Actions: pulumi.AnyArray{
security.AutomationActionLogicApp{
ActionType: "LogicApp",
LogicAppResourceId: "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
Uri: "https://exampleTriggerUri1.com",
},
},
AutomationName: pulumi.String("exampleAutomation"),
Description: pulumi.String("An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment"),
IsEnabled: pulumi.Bool(true),
Location: pulumi.String("Central US"),
ResourceGroupName: pulumi.String("exampleResourceGroup"),
Scopes: []security.AutomationScopeArgs{
{
Description: pulumi.String("A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5"),
ScopePath: pulumi.String("/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup"),
},
},
Sources: []security.AutomationSourceArgs{
{
EventSource: pulumi.String("Assessments"),
},
},
Tags: nil,
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.Automation;
import com.pulumi.azurenative.security.AutomationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var automation = new Automation("automation", AutomationArgs.builder()
.actions(Map.ofEntries(
Map.entry("actionType", "LogicApp"),
Map.entry("logicAppResourceId", "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1"),
Map.entry("uri", "https://exampleTriggerUri1.com")
))
.automationName("exampleAutomation")
.description("An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment")
.isEnabled(true)
.location("Central US")
.resourceGroupName("exampleResourceGroup")
.scopes(Map.ofEntries(
Map.entry("description", "A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5"),
Map.entry("scopePath", "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup")
))
.sources(Map.of("eventSource", "Assessments"))
.tags()
.build());
}
}Content copied to clipboard
Create or update a security automation for all high severity assessments
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var automation = new AzureNative.Security.Automation("automation", new()
{
Actions = new[]
{
new AzureNative.Security.Inputs.AutomationActionLogicAppArgs
{
ActionType = "LogicApp",
LogicAppResourceId = "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
Uri = "https://exampleTriggerUri1.com",
},
},
AutomationName = "exampleAutomation",
Description = "An example of a security automation that triggers one LogicApp resource (myTest1) on any high severity security assessment",
IsEnabled = true,
Location = "Central US",
ResourceGroupName = "exampleResourceGroup",
Scopes = new[]
{
new AzureNative.Security.Inputs.AutomationScopeArgs
{
Description = "A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5",
ScopePath = "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup",
},
},
Sources = new[]
{
new AzureNative.Security.Inputs.AutomationSourceArgs
{
EventSource = "Assessments",
RuleSets = new[]
{
new AzureNative.Security.Inputs.AutomationRuleSetArgs
{
Rules = new[]
{
new AzureNative.Security.Inputs.AutomationTriggeringRuleArgs
{
ExpectedValue = "High",
Operator = "Equals",
PropertyJPath = "properties.metadata.severity",
PropertyType = "String",
},
},
},
},
},
},
Tags = null,
});
});Content copied to clipboard
package main
import (
security "github.com/pulumi/pulumi-azure-native-sdk/security"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := security.NewAutomation(ctx, "automation", &security.AutomationArgs{
Actions: pulumi.AnyArray{
security.AutomationActionLogicApp{
ActionType: "LogicApp",
LogicAppResourceId: "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
Uri: "https://exampleTriggerUri1.com",
},
},
AutomationName: pulumi.String("exampleAutomation"),
Description: pulumi.String("An example of a security automation that triggers one LogicApp resource (myTest1) on any high severity security assessment"),
IsEnabled: pulumi.Bool(true),
Location: pulumi.String("Central US"),
ResourceGroupName: pulumi.String("exampleResourceGroup"),
Scopes: []security.AutomationScopeArgs{
{
Description: pulumi.String("A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5"),
ScopePath: pulumi.String("/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup"),
},
},
Sources: []security.AutomationSourceArgs{
{
EventSource: pulumi.String("Assessments"),
RuleSets: security.AutomationRuleSetArray{
{
Rules: security.AutomationTriggeringRuleArray{
{
ExpectedValue: pulumi.String("High"),
Operator: pulumi.String("Equals"),
PropertyJPath: pulumi.String("properties.metadata.severity"),
PropertyType: pulumi.String("String"),
},
},
},
},
},
},
Tags: nil,
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.Automation;
import com.pulumi.azurenative.security.AutomationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var automation = new Automation("automation", AutomationArgs.builder()
.actions(Map.ofEntries(
Map.entry("actionType", "LogicApp"),
Map.entry("logicAppResourceId", "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1"),
Map.entry("uri", "https://exampleTriggerUri1.com")
))
.automationName("exampleAutomation")
.description("An example of a security automation that triggers one LogicApp resource (myTest1) on any high severity security assessment")
.isEnabled(true)
.location("Central US")
.resourceGroupName("exampleResourceGroup")
.scopes(Map.ofEntries(
Map.entry("description", "A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5"),
Map.entry("scopePath", "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup")
))
.sources(Map.ofEntries(
Map.entry("eventSource", "Assessments"),
Map.entry("ruleSets", Map.of("rules", Map.ofEntries(
Map.entry("expectedValue", "High"),
Map.entry("operator", "Equals"),
Map.entry("propertyJPath", "properties.metadata.severity"),
Map.entry("propertyType", "String")
)))
))
.tags()
.build());
}
}Content copied to clipboard
Disable or enable a security automation
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var automation = new AzureNative.Security.Automation("automation", new()
{
Actions = new[]
{
new AzureNative.Security.Inputs.AutomationActionLogicAppArgs
{
ActionType = "LogicApp",
LogicAppResourceId = "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
Uri = "https://exampleTriggerUri1.com",
},
},
AutomationName = "exampleAutomation",
Description = "An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment of type customAssessment",
IsEnabled = false,
Location = "Central US",
ResourceGroupName = "exampleResourceGroup",
Scopes = new[]
{
new AzureNative.Security.Inputs.AutomationScopeArgs
{
Description = "A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5",
ScopePath = "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup",
},
},
Sources = new[]
{
new AzureNative.Security.Inputs.AutomationSourceArgs
{
EventSource = "Assessments",
RuleSets = new[]
{
new AzureNative.Security.Inputs.AutomationRuleSetArgs
{
Rules = new[]
{
new AzureNative.Security.Inputs.AutomationTriggeringRuleArgs
{
ExpectedValue = "customAssessment",
Operator = "Equals",
PropertyJPath = "$.Entity.AssessmentType",
PropertyType = "String",
},
},
},
},
},
},
Tags = null,
});
});Content copied to clipboard
package main
import (
security "github.com/pulumi/pulumi-azure-native-sdk/security"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := security.NewAutomation(ctx, "automation", &security.AutomationArgs{
Actions: pulumi.AnyArray{
security.AutomationActionLogicApp{
ActionType: "LogicApp",
LogicAppResourceId: "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
Uri: "https://exampleTriggerUri1.com",
},
},
AutomationName: pulumi.String("exampleAutomation"),
Description: pulumi.String("An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment of type customAssessment"),
IsEnabled: pulumi.Bool(false),
Location: pulumi.String("Central US"),
ResourceGroupName: pulumi.String("exampleResourceGroup"),
Scopes: []security.AutomationScopeArgs{
{
Description: pulumi.String("A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5"),
ScopePath: pulumi.String("/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup"),
},
},
Sources: []security.AutomationSourceArgs{
{
EventSource: pulumi.String("Assessments"),
RuleSets: security.AutomationRuleSetArray{
{
Rules: security.AutomationTriggeringRuleArray{
{
ExpectedValue: pulumi.String("customAssessment"),
Operator: pulumi.String("Equals"),
PropertyJPath: pulumi.String("$.Entity.AssessmentType"),
PropertyType: pulumi.String("String"),
},
},
},
},
},
},
Tags: nil,
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.Automation;
import com.pulumi.azurenative.security.AutomationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var automation = new Automation("automation", AutomationArgs.builder()
.actions(Map.ofEntries(
Map.entry("actionType", "LogicApp"),
Map.entry("logicAppResourceId", "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1"),
Map.entry("uri", "https://exampleTriggerUri1.com")
))
.automationName("exampleAutomation")
.description("An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment of type customAssessment")
.isEnabled(false)
.location("Central US")
.resourceGroupName("exampleResourceGroup")
.scopes(Map.ofEntries(
Map.entry("description", "A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5"),
Map.entry("scopePath", "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup")
))
.sources(Map.ofEntries(
Map.entry("eventSource", "Assessments"),
Map.entry("ruleSets", Map.of("rules", Map.ofEntries(
Map.entry("expectedValue", "customAssessment"),
Map.entry("operator", "Equals"),
Map.entry("propertyJPath", "$.Entity.AssessmentType"),
Map.entry("propertyType", "String")
)))
))
.tags()
.build());
}
}Content copied to clipboard
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:security:Automation exampleAutomation /subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/exampleResourceGroup/providers/Microsoft.Security/automations/exampleAutomationContent copied to clipboard
Properties
Link copied to clipboard
The security automation description.
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
A collection of scopes on which the security automations logic is applied. Supported scopes are the subscription itself or a resource group under that subscription. The automation will only apply on defined scopes.
Link copied to clipboard
A collection of the source event types which evaluate the security automation set of rules.