Adaptive
API Version: 2020-01-01.
Example Usage
Update an application control machine group by adding a new application
using System.Collections.Generic;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var adaptiveApplicationControl = new AzureNative.Security.AdaptiveApplicationControl("adaptiveApplicationControl", new()
{
AscLocation = "centralus",
EnforcementMode = "Audit",
GroupName = "ERELGROUP1",
PathRecommendations = new[]
{
new AzureNative.Security.Inputs.PathRecommendationArgs
{
Action = "Recommended",
Common = true,
ConfigurationStatus = "Configured",
FileType = "Exe",
Path = "[Exe] O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\\*\\*\\0.0.0.0",
PublisherInfo = new AzureNative.Security.Inputs.PublisherInfoArgs
{
BinaryName = "*",
ProductName = "*",
PublisherName = "O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US",
Version = "0.0.0.0",
},
Type = "PublisherSignature",
UserSids = new[]
{
"S-1-1-0",
},
Usernames = new[]
{
new AzureNative.Security.Inputs.UserRecommendationArgs
{
RecommendationAction = "Recommended",
Username = "Everyone",
},
},
},
new AzureNative.Security.Inputs.PathRecommendationArgs
{
Action = "Recommended",
Common = true,
ConfigurationStatus = "Configured",
FileType = "Exe",
Path = "%OSDRIVE%\\WINDOWSAZURE\\SECAGENT\\WASECAGENTPROV.EXE",
PublisherInfo = new AzureNative.Security.Inputs.PublisherInfoArgs
{
BinaryName = "*",
ProductName = "MICROSOFT® COREXT",
PublisherName = "CN=MICROSOFT AZURE DEPENDENCY CODE SIGN",
Version = "0.0.0.0",
},
Type = "ProductSignature",
UserSids = new[]
{
"S-1-1-0",
},
Usernames = new[]
{
new AzureNative.Security.Inputs.UserRecommendationArgs
{
RecommendationAction = "Recommended",
Username = "NT AUTHORITY\\SYSTEM",
},
},
},
new AzureNative.Security.Inputs.PathRecommendationArgs
{
Action = "Recommended",
Common = true,
ConfigurationStatus = "Configured",
FileType = "Exe",
Path = "%OSDRIVE%\\WINDOWSAZURE\\PACKAGES_201973_7415\\COLLECTGUESTLOGS.EXE",
PublisherInfo = new AzureNative.Security.Inputs.PublisherInfoArgs
{
BinaryName = "*",
ProductName = "*",
PublisherName = "CN=MICROSOFT AZURE DEPENDENCY CODE SIGN",
Version = "0.0.0.0",
},
Type = "PublisherSignature",
UserSids = new[]
{
"S-1-1-0",
},
Usernames = new[]
{
new AzureNative.Security.Inputs.UserRecommendationArgs
{
RecommendationAction = "Recommended",
Username = "NT AUTHORITY\\SYSTEM",
},
},
},
new AzureNative.Security.Inputs.PathRecommendationArgs
{
Action = "Add",
Common = true,
Path = "C:\\directory\\file.exe",
Type = "File",
},
},
ProtectionMode = new AzureNative.Security.Inputs.ProtectionModeArgs
{
Exe = "Audit",
Msi = "None",
Script = "None",
},
VmRecommendations = new[]
{
new AzureNative.Security.Inputs.VmRecommendationArgs
{
ConfigurationStatus = "Configured",
EnforcementSupport = "Supported",
RecommendationAction = "Recommended",
ResourceId = "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/erelh-stable/providers/microsoft.compute/virtualmachines/erelh-16090",
},
new AzureNative.Security.Inputs.VmRecommendationArgs
{
ConfigurationStatus = "Configured",
EnforcementSupport = "Supported",
RecommendationAction = "Recommended",
ResourceId = "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/matanvs/providers/microsoft.compute/virtualmachines/matanvs19",
},
},
});
});Content copied to clipboard
package main
import (
"fmt"
security "github.com/pulumi/pulumi-azure-native/sdk/go/azure/security"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := security.NewAdaptiveApplicationControl(ctx, "adaptiveApplicationControl", &security.AdaptiveApplicationControlArgs{
AscLocation: pulumi.String("centralus"),
EnforcementMode: pulumi.String("Audit"),
GroupName: pulumi.String("ERELGROUP1"),
PathRecommendations: []security.PathRecommendationArgs{
{
Action: pulumi.String("Recommended"),
Common: pulumi.Bool(true),
ConfigurationStatus: pulumi.String("Configured"),
FileType: pulumi.String("Exe"),
Path: pulumi.String("[Exe] O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\\*\\*\\0.0.0.0"),
PublisherInfo: {
BinaryName: pulumi.String("*"),
ProductName: pulumi.String("*"),
PublisherName: pulumi.String("O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US"),
Version: pulumi.String("0.0.0.0"),
},
Type: pulumi.String("PublisherSignature"),
UserSids: pulumi.StringArray{
pulumi.String("S-1-1-0"),
},
Usernames: security.UserRecommendationArray{
{
RecommendationAction: pulumi.String("Recommended"),
Username: pulumi.String("Everyone"),
},
},
},
{
Action: pulumi.String("Recommended"),
Common: pulumi.Bool(true),
ConfigurationStatus: pulumi.String("Configured"),
FileType: pulumi.String("Exe"),
Path: pulumi.String(fmt.Sprintf("%vOSDRIVE%v\\WINDOWSAZURE\\SECAGENT\\WASECAGENTPROV.EXE", "%", "%")),
PublisherInfo: {
BinaryName: pulumi.String("*"),
ProductName: pulumi.String("MICROSOFT® COREXT"),
PublisherName: pulumi.String("CN=MICROSOFT AZURE DEPENDENCY CODE SIGN"),
Version: pulumi.String("0.0.0.0"),
},
Type: pulumi.String("ProductSignature"),
UserSids: pulumi.StringArray{
pulumi.String("S-1-1-0"),
},
Usernames: security.UserRecommendationArray{
{
RecommendationAction: pulumi.String("Recommended"),
Username: pulumi.String("NT AUTHORITY\\SYSTEM"),
},
},
},
{
Action: pulumi.String("Recommended"),
Common: pulumi.Bool(true),
ConfigurationStatus: pulumi.String("Configured"),
FileType: pulumi.String("Exe"),
Path: pulumi.String(fmt.Sprintf("%vOSDRIVE%v\\WINDOWSAZURE\\PACKAGES_201973_7415\\COLLECTGUESTLOGS.EXE", "%", "%")),
PublisherInfo: {
BinaryName: pulumi.String("*"),
ProductName: pulumi.String("*"),
PublisherName: pulumi.String("CN=MICROSOFT AZURE DEPENDENCY CODE SIGN"),
Version: pulumi.String("0.0.0.0"),
},
Type: pulumi.String("PublisherSignature"),
UserSids: pulumi.StringArray{
pulumi.String("S-1-1-0"),
},
Usernames: security.UserRecommendationArray{
{
RecommendationAction: pulumi.String("Recommended"),
Username: pulumi.String("NT AUTHORITY\\SYSTEM"),
},
},
},
{
Action: pulumi.String("Add"),
Common: pulumi.Bool(true),
Path: pulumi.String("C:\\directory\\file.exe"),
Type: pulumi.String("File"),
},
},
ProtectionMode: &security.ProtectionModeArgs{
Exe: pulumi.String("Audit"),
Msi: pulumi.String("None"),
Script: pulumi.String("None"),
},
VmRecommendations: []security.VmRecommendationArgs{
{
ConfigurationStatus: pulumi.String("Configured"),
EnforcementSupport: pulumi.String("Supported"),
RecommendationAction: pulumi.String("Recommended"),
ResourceId: pulumi.String("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/erelh-stable/providers/microsoft.compute/virtualmachines/erelh-16090"),
},
{
ConfigurationStatus: pulumi.String("Configured"),
EnforcementSupport: pulumi.String("Supported"),
RecommendationAction: pulumi.String("Recommended"),
ResourceId: pulumi.String("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/matanvs/providers/microsoft.compute/virtualmachines/matanvs19"),
},
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.AdaptiveApplicationControl;
import com.pulumi.azurenative.security.AdaptiveApplicationControlArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var adaptiveApplicationControl = new AdaptiveApplicationControl("adaptiveApplicationControl", AdaptiveApplicationControlArgs.builder()
.ascLocation("centralus")
.enforcementMode("Audit")
.groupName("ERELGROUP1")
.pathRecommendations(
Map.ofEntries(
Map.entry("action", "Recommended"),
Map.entry("common", true),
Map.entry("configurationStatus", "Configured"),
Map.entry("fileType", "Exe"),
Map.entry("path", "[Exe] O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\\*\\*\\0.0.0.0"),
Map.entry("publisherInfo", Map.ofEntries(
Map.entry("binaryName", "*"),
Map.entry("productName", "*"),
Map.entry("publisherName", "O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US"),
Map.entry("version", "0.0.0.0")
)),
Map.entry("type", "PublisherSignature"),
Map.entry("userSids", "S-1-1-0"),
Map.entry("usernames", Map.ofEntries(
Map.entry("recommendationAction", "Recommended"),
Map.entry("username", "Everyone")
))
),
Map.ofEntries(
Map.entry("action", "Recommended"),
Map.entry("common", true),
Map.entry("configurationStatus", "Configured"),
Map.entry("fileType", "Exe"),
Map.entry("path", "%OSDRIVE%\\WINDOWSAZURE\\SECAGENT\\WASECAGENTPROV.EXE"),
Map.entry("publisherInfo", Map.ofEntries(
Map.entry("binaryName", "*"),
Map.entry("productName", "MICROSOFT® COREXT"),
Map.entry("publisherName", "CN=MICROSOFT AZURE DEPENDENCY CODE SIGN"),
Map.entry("version", "0.0.0.0")
)),
Map.entry("type", "ProductSignature"),
Map.entry("userSids", "S-1-1-0"),
Map.entry("usernames", Map.ofEntries(
Map.entry("recommendationAction", "Recommended"),
Map.entry("username", "NT AUTHORITY\\SYSTEM")
))
),
Map.ofEntries(
Map.entry("action", "Recommended"),
Map.entry("common", true),
Map.entry("configurationStatus", "Configured"),
Map.entry("fileType", "Exe"),
Map.entry("path", "%OSDRIVE%\\WINDOWSAZURE\\PACKAGES_201973_7415\\COLLECTGUESTLOGS.EXE"),
Map.entry("publisherInfo", Map.ofEntries(
Map.entry("binaryName", "*"),
Map.entry("productName", "*"),
Map.entry("publisherName", "CN=MICROSOFT AZURE DEPENDENCY CODE SIGN"),
Map.entry("version", "0.0.0.0")
)),
Map.entry("type", "PublisherSignature"),
Map.entry("userSids", "S-1-1-0"),
Map.entry("usernames", Map.ofEntries(
Map.entry("recommendationAction", "Recommended"),
Map.entry("username", "NT AUTHORITY\\SYSTEM")
))
),
Map.ofEntries(
Map.entry("action", "Add"),
Map.entry("common", true),
Map.entry("path", "C:\\directory\\file.exe"),
Map.entry("type", "File")
))
.protectionMode(Map.ofEntries(
Map.entry("exe", "Audit"),
Map.entry("msi", "None"),
Map.entry("script", "None")
))
.vmRecommendations(
Map.ofEntries(
Map.entry("configurationStatus", "Configured"),
Map.entry("enforcementSupport", "Supported"),
Map.entry("recommendationAction", "Recommended"),
Map.entry("resourceId", "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/erelh-stable/providers/microsoft.compute/virtualmachines/erelh-16090")
),
Map.ofEntries(
Map.entry("configurationStatus", "Configured"),
Map.entry("enforcementSupport", "Supported"),
Map.entry("recommendationAction", "Recommended"),
Map.entry("resourceId", "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/matanvs/providers/microsoft.compute/virtualmachines/matanvs19")
))
.build());
}
}Content copied to clipboard
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:security:AdaptiveApplicationControl ERELGROUP1 /subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/locations/centralus/applicationWhitelistings/ERELGROUP1Content copied to clipboard