pulumi-azure-native-kotlin/com.pulumi.azurenative.security.kotlin.outputs

Package-level declarations

Types

Link copied to clipboard
data class ActionableRemediationResponse(val branchConfiguration: TargetBranchConfigurationResponse? = null, val categoryConfigurations: List<CategoryConfigurationResponse>? = null, val inheritFromParentState: String? = null, val state: String? = null)

Configuration payload for PR Annotations.

data class AdaptiveApplicationControlIssueSummaryResponse(val issue: String? = null, val numberOfVms: Double? = null)

Represents a summary of the alerts of the machine group

Link copied to clipboard
data class AdditionalWorkspacesPropertiesResponse(val dataTypes: List<String>? = null, val type: String? = null, val workspace: String? = null)

Properties of the additional workspaces.

Link copied to clipboard
data class AllowlistCustomAlertRuleResponse(val allowlistValues: List<String>, val description: String, val displayName: String, val isEnabled: Boolean, val ruleType: String, val valueType: String)

A custom alert rule that checks if a value (depends on the custom alert type) is allowed.

Link copied to clipboard
data class AssessmentLinksResponse(val azurePortalUri: String)

Links relevant to the assessment

Link copied to clipboard
data class AssessmentStatusResponseResponse(val cause: String? = null, val code: String, val description: String? = null, val firstEvaluationDate: String, val statusChangeDate: String)

The result of the assessment

Link copied to clipboard
data class AssignedComponentItemResponse(val key: String? = null)

describe the properties of a security assessment object reference (by key)

Link copied to clipboard
data class AssignedStandardItemResponse(val id: String? = null)

describe the properties of a of a security standard object reference

data class AssignmentPropertiesResponseAdditionalData(val exemptionCategory: String? = null)

Additional data about the assignment

Link copied to clipboard
data class AuthorizationResponse(val code: String? = null)

Authorization payload.

Link copied to clipboard
data class AutomationActionEventHubResponse(val actionType: String, val connectionString: String? = null, val eventHubResourceId: String? = null, val sasPolicyName: String)

The target Event Hub to which event data will be exported. To learn more about Microsoft Defender for Cloud continuous export capabilities, visit https://aka.ms/ASCExportLearnMore

Link copied to clipboard
data class AutomationActionLogicAppResponse(val actionType: String, val logicAppResourceId: String? = null, val uri: String? = null)

The logic app action that should be triggered. To learn more about Microsoft Defender for Cloud's Workflow Automation capabilities, visit https://aka.ms/ASCWorkflowAutomationLearnMore

Link copied to clipboard
data class AutomationActionWorkspaceResponse(val actionType: String, val workspaceResourceId: String? = null)

The Log Analytics Workspace to which event data will be exported. Security alerts data will reside in the 'SecurityAlert' table and the assessments data will reside in the 'SecurityRecommendation' table (under the 'Security'/'SecurityCenterFree' solutions). Note that in order to view the data in the workspace, the Security Center Log Analytics free/standard solution needs to be enabled on that workspace. To learn more about Microsoft Defender for Cloud continuous export capabilities, visit https://aka.ms/ASCExportLearnMore

Link copied to clipboard
data class AutomationRuleSetResponse(val rules: List<AutomationTriggeringRuleResponse>? = null)

A rule set which evaluates all its rules upon an event interception. Only when all the included rules in the rule set will be evaluated as 'true', will the event trigger the defined actions.

Link copied to clipboard
data class AutomationScopeResponse(val description: String? = null, val scopePath: String? = null)

A single automation scope.

Link copied to clipboard
data class AutomationSourceResponse(val eventSource: String? = null, val ruleSets: List<AutomationRuleSetResponse>? = null)

The source event types which evaluate the security automation set of rules. For example - security alerts and security assessments. To learn more about the supported security events data models schemas - please visit https://aka.ms/ASCAutomationSchemas.

Link copied to clipboard
data class AutomationTriggeringRuleResponse(val expectedValue: String? = null, val operator: String? = null, val propertyJPath: String? = null, val propertyType: String? = null)

A rule which is evaluated upon event interception. The rule is configured by comparing a specific value from the event model to an expected value. This comparison is done by using one of the supported operators set.

data class AwAssumeRoleAuthenticationDetailsPropertiesResponse(val accountId: String, val authenticationProvisioningState: String, val authenticationType: String, val awsAssumeRoleArn: String, val awsExternalId: String, val grantedPermissions: List<String>)

AWS cloud account connector based assume role, the role enables delegating access to your AWS resources. The role is composed of role Amazon Resource Name (ARN) and external ID. For more details, refer to Creating a Role to Delegate Permissions to an IAM User (write only)

data class AwsCredsAuthenticationDetailsPropertiesResponse(val accountId: String, val authenticationProvisioningState: String, val authenticationType: String, val awsAccessKeyId: String, val awsSecretAccessKey: String, val grantedPermissions: List<String>)

AWS cloud account connector based credentials, the credentials is composed of access key ID and secret key, for more details, refer to Creating an IAM User in Your AWS Account (write only)

Link copied to clipboard
data class AwsEnvironmentDataResponse(val accountName: String, val environmentType: String, val organizationalData: Either<AwsOrganizationalDataMasterResponse, AwsOrganizationalDataMemberResponse>? = null, val regions: List<String>? = null)

The AWS connector environment data

Link copied to clipboard
data class AwsOrganizationalDataMasterResponse(val excludedAccountIds: List<String>? = null, val organizationMembershipType: String, val stacksetName: String? = null)

The AWS organization data for the master account

Link copied to clipboard
data class AwsOrganizationalDataMemberResponse(val organizationMembershipType: String, val parentHierarchyId: String? = null)

The AWS organization data for the member account

Link copied to clipboard
data class AzureDevOpsOrgPropertiesResponse(val actionableRemediation: ActionableRemediationResponse? = null, val onboardingState: String? = null, val provisioningState: String? = null, val provisioningStatusMessage: String, val provisioningStatusUpdateTimeUtc: String)

Azure DevOps Organization properties.

Link copied to clipboard
data class AzureDevOpsOrgResponse(val id: String, val name: String, val properties: AzureDevOpsOrgPropertiesResponse? = null, val systemData: SystemDataResponse, val type: String)

Azure DevOps Organization resource.

Link copied to clipboard
data class AzureDevOpsScopeEnvironmentDataResponse(val environmentType: String)

The AzureDevOps scope connector's environment data

Link copied to clipboard
data class AzureResourceDetailsResponse(val id: String, val source: String)

Details of the Azure resource that was assessed

Link copied to clipboard
data class CategoryConfigurationResponse(val category: String? = null, val minimumSeverityLevel: String? = null)

Severity level per category configuration for PR Annotations.

Link copied to clipboard
data class CspmMonitorAwsOfferingResponse(val description: String, val nativeCloudConnection: CspmMonitorAwsOfferingResponseNativeCloudConnection? = null, val offeringType: String)

The CSPM monitoring for AWS offering

data class CspmMonitorAwsOfferingResponseNativeCloudConnection(val cloudRoleArn: String? = null)

The native cloud connection configuration

Link copied to clipboard
data class CspmMonitorAzureDevOpsOfferingResponse(val description: String, val offeringType: String)

The CSPM monitoring for AzureDevOps offering

Link copied to clipboard
data class CspmMonitorGcpOfferingResponse(val description: String, val nativeCloudConnection: CspmMonitorGcpOfferingResponseNativeCloudConnection? = null, val offeringType: String)

The CSPM monitoring for GCP offering

data class CspmMonitorGcpOfferingResponseNativeCloudConnection(val serviceAccountEmailAddress: String? = null, val workloadIdentityProviderId: String? = null)

The native cloud connection configuration

Link copied to clipboard
data class CspmMonitorGithubOfferingResponse(val description: String, val offeringType: String)

The CSPM monitoring for github offering

Link copied to clipboard
data class CspmMonitorGitLabOfferingResponse(val description: String, val offeringType: String)

The CSPM (Cloud security posture management) monitoring for gitlab offering

Link copied to clipboard
data class DefenderCspmAwsOfferingResponse(val dataSensitivityDiscovery: DefenderCspmAwsOfferingResponseDataSensitivityDiscovery? = null, val databasesDspm: DefenderCspmAwsOfferingResponseDatabasesDspm? = null, val description: String, val offeringType: String, val vmScanners: DefenderCspmAwsOfferingResponseVmScanners? = null)

The CSPM P1 for AWS offering

data class DefenderCspmAwsOfferingResponseConfiguration(val cloudRoleArn: String? = null, val exclusionTags: Map<String, String>? = null, val scanningMode: String? = null)

configuration for Microsoft Defender for Server VM scanning

data class DefenderCspmAwsOfferingResponseDatabasesDspm(val cloudRoleArn: String? = null, val enabled: Boolean? = null)

The databases DSPM configuration

data class DefenderCspmAwsOfferingResponseDataSensitivityDiscovery(val cloudRoleArn: String? = null, val enabled: Boolean? = null)

The Microsoft Defender Data Sensitivity discovery configuration

data class DefenderCspmAwsOfferingResponseVmScanners(val configuration: DefenderCspmAwsOfferingResponseConfiguration? = null, val enabled: Boolean? = null)

The Microsoft Defender for Server VM scanning configuration

Link copied to clipboard
data class DefenderCspmGcpOfferingResponse(val description: String, val offeringType: String)

The CSPM P1 for GCP offering

Link copied to clipboard
data class DefenderFoDatabasesAwsOfferingResponse(val arcAutoProvisioning: DefenderFoDatabasesAwsOfferingResponseArcAutoProvisioning? = null, val databasesDspm: DefenderFoDatabasesAwsOfferingResponseDatabasesDspm? = null, val description: String, val offeringType: String, val rds: DefenderFoDatabasesAwsOfferingResponseRds? = null)

The Defender for Databases AWS offering

data class DefenderFoDatabasesAwsOfferingResponseArcAutoProvisioning(val cloudRoleArn: String? = null, val configuration: DefenderFoDatabasesAwsOfferingResponseConfiguration? = null, val enabled: Boolean? = null)

The ARC autoprovisioning configuration

data class DefenderFoDatabasesAwsOfferingResponseConfiguration(val privateLinkScope: String? = null, val proxy: String? = null)

Configuration for servers Arc auto provisioning

data class DefenderFoDatabasesAwsOfferingResponseDatabasesDspm(val cloudRoleArn: String? = null, val enabled: Boolean? = null)

The databases data security posture management (DSPM) configuration

data class DefenderFoDatabasesAwsOfferingResponseRds(val cloudRoleArn: String? = null, val enabled: Boolean? = null)

The RDS configuration

Link copied to clipboard
data class DefenderForContainersAwsOfferingResponse(val autoProvisioning: Boolean? = null, val cloudWatchToKinesis: DefenderForContainersAwsOfferingResponseCloudWatchToKinesis? = null, val containerVulnerabilityAssessment: DefenderForContainersAwsOfferingResponseContainerVulnerabilityAssessment? = null, val containerVulnerabilityAssessmentTask: DefenderForContainersAwsOfferingResponseContainerVulnerabilityAssessmentTask? = null, val description: String, val enableContainerVulnerabilityAssessment: Boolean? = null, val kinesisToS3: DefenderForContainersAwsOfferingResponseKinesisToS3? = null, val kubeAuditRetentionTime: Double? = null, val kubernetesScubaReader: DefenderForContainersAwsOfferingResponseKubernetesScubaReader? = null, val kubernetesService: DefenderForContainersAwsOfferingResponseKubernetesService? = null, val offeringType: String, val scubaExternalId: String? = null)

The Defender for Containers AWS offering

data class DefenderForContainersAwsOfferingResponseCloudWatchToKinesis(val cloudRoleArn: String? = null)

The cloudwatch to kinesis connection configuration

data class DefenderForContainersAwsOfferingResponseContainerVulnerabilityAssessment(val cloudRoleArn: String? = null)

The container vulnerability assessment configuration

data class DefenderForContainersAwsOfferingResponseContainerVulnerabilityAssessmentTask(val cloudRoleArn: String? = null)

The container vulnerability assessment task configuration

data class DefenderForContainersAwsOfferingResponseKinesisToS3(val cloudRoleArn: String? = null)

The kinesis to s3 connection configuration

data class DefenderForContainersAwsOfferingResponseKubernetesScubaReader(val cloudRoleArn: String? = null)

The kubernetes to scuba connection configuration

data class DefenderForContainersAwsOfferingResponseKubernetesService(val cloudRoleArn: String? = null)

The kubernetes service connection configuration

Link copied to clipboard
data class DefenderForContainersGcpOfferingResponse(val auditLogsAutoProvisioningFlag: Boolean? = null, val dataPipelineNativeCloudConnection: DefenderForContainersGcpOfferingResponseDataPipelineNativeCloudConnection? = null, val defenderAgentAutoProvisioningFlag: Boolean? = null, val description: String, val nativeCloudConnection: DefenderForContainersGcpOfferingResponseNativeCloudConnection? = null, val offeringType: String, val policyAgentAutoProvisioningFlag: Boolean? = null)

The containers GCP offering

data class DefenderForContainersGcpOfferingResponseDataPipelineNativeCloudConnection(val serviceAccountEmailAddress: String? = null, val workloadIdentityProviderId: String? = null)

The native cloud connection configuration

data class DefenderForContainersGcpOfferingResponseNativeCloudConnection(val serviceAccountEmailAddress: String? = null, val workloadIdentityProviderId: String? = null)

The native cloud connection configuration

Link copied to clipboard
data class DefenderForDatabasesGcpOfferingResponse(val arcAutoProvisioning: DefenderForDatabasesGcpOfferingResponseArcAutoProvisioning? = null, val defenderForDatabasesArcAutoProvisioning: DefenderForDatabasesGcpOfferingResponseDefenderForDatabasesArcAutoProvisioning? = null, val description: String, val offeringType: String)

The Defender for Databases GCP offering configurations

data class DefenderForDatabasesGcpOfferingResponseArcAutoProvisioning(val configuration: DefenderForDatabasesGcpOfferingResponseConfiguration? = null, val enabled: Boolean? = null)

The ARC autoprovisioning configuration

data class DefenderForDatabasesGcpOfferingResponseConfiguration(val privateLinkScope: String? = null, val proxy: String? = null)

Configuration for servers Arc auto provisioning

data class DefenderForDatabasesGcpOfferingResponseDefenderForDatabasesArcAutoProvisioning(val serviceAccountEmailAddress: String? = null, val workloadIdentityProviderId: String? = null)

The native cloud connection configuration

data class DefenderForDevOpsAzureDevOpsOfferingResponse(val description: String, val offeringType: String)

The Defender for DevOps for Azure DevOps offering

Link copied to clipboard
data class DefenderForDevOpsGithubOfferingResponse(val description: String, val offeringType: String)

The Defender for DevOps for Github offering

Link copied to clipboard
data class DefenderForDevOpsGitLabOfferingResponse(val description: String, val offeringType: String)

The Defender for DevOps for Gitlab offering

Link copied to clipboard
data class DefenderForServersAwsOfferingResponse(val arcAutoProvisioning: DefenderForServersAwsOfferingResponseArcAutoProvisioning? = null, val defenderForServers: DefenderForServersAwsOfferingResponseDefenderForServers? = null, val description: String, val mdeAutoProvisioning: DefenderForServersAwsOfferingResponseMdeAutoProvisioning? = null, val offeringType: String, val subPlan: DefenderForServersAwsOfferingResponseSubPlan? = null, val vaAutoProvisioning: DefenderForServersAwsOfferingResponseVaAutoProvisioning? = null, val vmScanners: DefenderForServersAwsOfferingResponseVmScanners? = null)

The Defender for Servers AWS offering

data class DefenderForServersAwsOfferingResponseArcAutoProvisioning(val cloudRoleArn: String? = null, val configuration: DefenderForServersAwsOfferingResponseConfiguration? = null, val enabled: Boolean? = null)

The ARC autoprovisioning configuration

data class DefenderForServersAwsOfferingResponseConfiguration(val privateLinkScope: String? = null, val proxy: String? = null)

Configuration for servers Arc auto provisioning

data class DefenderForServersAwsOfferingResponseConfigurationConfiguration(val type: String? = null)

configuration for Vulnerability Assessment autoprovisioning

data class DefenderForServersAwsOfferingResponseConfigurationConfigurationConfiguration(val cloudRoleArn: String? = null, val exclusionTags: Map<String, String>? = null, val scanningMode: String? = null)

configuration for Microsoft Defender for Server VM scanning

data class DefenderForServersAwsOfferingResponseDefenderForServers(val cloudRoleArn: String? = null)

The Defender for servers connection configuration

data class DefenderForServersAwsOfferingResponseMdeAutoProvisioning(val configuration: Any? = null, val enabled: Boolean? = null)

The Microsoft Defender for Endpoint autoprovisioning configuration

data class DefenderForServersAwsOfferingResponseSubPlan(val type: String? = null)

configuration for the servers offering subPlan

data class DefenderForServersAwsOfferingResponseVaAutoProvisioning(val configuration: DefenderForServersAwsOfferingResponseConfigurationConfiguration? = null, val enabled: Boolean? = null)

The Vulnerability Assessment autoprovisioning configuration

data class DefenderForServersAwsOfferingResponseVmScanners(val configuration: DefenderForServersAwsOfferingResponseConfigurationConfigurationConfiguration? = null, val enabled: Boolean? = null)

The Microsoft Defender for Server VM scanning configuration

Link copied to clipboard
data class DefenderForServersGcpOfferingResponse(val arcAutoProvisioning: DefenderForServersGcpOfferingResponseArcAutoProvisioning? = null, val defenderForServers: DefenderForServersGcpOfferingResponseDefenderForServers? = null, val description: String, val mdeAutoProvisioning: DefenderForServersGcpOfferingResponseMdeAutoProvisioning? = null, val offeringType: String, val subPlan: DefenderForServersGcpOfferingResponseSubPlan? = null, val vaAutoProvisioning: DefenderForServersGcpOfferingResponseVaAutoProvisioning? = null, val vmScanners: DefenderForServersGcpOfferingResponseVmScanners? = null)

The Defender for Servers GCP offering configurations

data class DefenderForServersGcpOfferingResponseArcAutoProvisioning(val configuration: DefenderForServersGcpOfferingResponseConfiguration? = null, val enabled: Boolean? = null)

The ARC autoprovisioning configuration

data class DefenderForServersGcpOfferingResponseConfiguration(val privateLinkScope: String? = null, val proxy: String? = null)

Configuration for servers Arc auto provisioning

data class DefenderForServersGcpOfferingResponseConfigurationConfiguration(val type: String? = null)

configuration for Vulnerability Assessment autoprovisioning

data class DefenderForServersGcpOfferingResponseConfigurationConfigurationConfiguration(val exclusionTags: Map<String, String>? = null, val scanningMode: String? = null)

configuration for Microsoft Defender for Server VM scanning

data class DefenderForServersGcpOfferingResponseDefenderForServers(val serviceAccountEmailAddress: String? = null, val workloadIdentityProviderId: String? = null)

The Defender for servers connection configuration

data class DefenderForServersGcpOfferingResponseMdeAutoProvisioning(val configuration: Any? = null, val enabled: Boolean? = null)

The Microsoft Defender for Endpoint autoprovisioning configuration

data class DefenderForServersGcpOfferingResponseSubPlan(val type: String? = null)

configuration for the servers offering subPlan

data class DefenderForServersGcpOfferingResponseVaAutoProvisioning(val configuration: DefenderForServersGcpOfferingResponseConfigurationConfiguration? = null, val enabled: Boolean? = null)

The Vulnerability Assessment autoprovisioning configuration

data class DefenderForServersGcpOfferingResponseVmScanners(val configuration: DefenderForServersGcpOfferingResponseConfigurationConfigurationConfiguration? = null, val enabled: Boolean? = null)

The Microsoft Defender for Server VM scanning configuration

Link copied to clipboard
data class DenylistCustomAlertRuleResponse(val denylistValues: List<String>, val description: String, val displayName: String, val isEnabled: Boolean, val ruleType: String, val valueType: String)

A custom alert rule that checks if a value (depends on the custom alert type) is denied.

Link copied to clipboard
data class DevOpsConfigurationPropertiesResponse(val authorization: AuthorizationResponse? = null, val autoDiscovery: String? = null, val provisioningState: String? = null, val provisioningStatusMessage: String, val provisioningStatusUpdateTimeUtc: String, val topLevelInventoryList: List<String>? = null)

DevOps Configuration properties.

Link copied to clipboard
data class GcpCredentialsDetailsPropertiesResponse(val authProviderX509CertUrl: String, val authUri: String, val authenticationProvisioningState: String, val authenticationType: String, val clientEmail: String, val clientId: String, val clientX509CertUrl: String, val grantedPermissions: List<String>, val organizationId: String, val privateKey: String, val privateKeyId: String, val projectId: String, val tokenUri: String, val type: String)

GCP cloud account connector based service to service credentials, the credentials are composed of the organization ID and a JSON API key (write only)

Link copied to clipboard
data class GcpOrganizationalDataMemberResponse(val managementProjectNumber: String? = null, val organizationMembershipType: String, val parentHierarchyId: String? = null)

The gcpOrganization data for the member account

data class GcpOrganizationalDataOrganizationResponse(val excludedProjectNumbers: List<String>? = null, val organizationMembershipType: String, val organizationName: String, val serviceAccountEmailAddress: String? = null, val workloadIdentityProviderId: String? = null)

The gcpOrganization data for the parent account

Link copied to clipboard
data class GcpProjectDetailsResponse(val projectId: String? = null, val projectName: String, val projectNumber: String? = null, val workloadIdentityPoolId: String)

The details about the project represented by the security connector

Link copied to clipboard
data class GcpProjectEnvironmentDataResponse(val environmentType: String, val organizationalData: Either<GcpOrganizationalDataMemberResponse, GcpOrganizationalDataOrganizationResponse>? = null, val projectDetails: GcpProjectDetailsResponse? = null)

The GCP project connector environment data

Link copied to clipboard
data class GetAdaptiveApplicationControlResult(val configurationStatus: String, val enforcementMode: String? = null, val id: String, val issues: List<AdaptiveApplicationControlIssueSummaryResponse>, val location: String, val name: String, val pathRecommendations: List<PathRecommendationResponse>? = null, val protectionMode: ProtectionModeResponse? = null, val recommendationStatus: String, val sourceSystem: String, val type: String, val vmRecommendations: List<VmRecommendationResponse>? = null)
Link copied to clipboard
data class GetAdvancedThreatProtectionResult(val id: String, val isEnabled: Boolean? = null, val name: String, val type: String)

The Advanced Threat Protection resource.

Link copied to clipboard
data class GetAlertsSuppressionRuleResult(val alertType: String, val comment: String? = null, val expirationDateUtc: String? = null, val id: String, val lastModifiedUtc: String, val name: String, val reason: String, val state: String, val suppressionAlertsScope: SuppressionAlertsScopeResponse? = null, val type: String)

Describes the suppression rule

data class GetAPICollectionByAzureApiManagementServiceResult(val baseUrl: String, val discoveredVia: String, val displayName: String, val id: String, val name: String, val numberOfApiEndpoints: Double, val numberOfApiEndpointsWithSensitiveDataExposed: Double, val numberOfExternalApiEndpoints: Double, val numberOfInactiveApiEndpoints: Double, val numberOfUnauthenticatedApiEndpoints: Double, val provisioningState: String, val sensitivityLabel: String, val type: String)

An API collection as represented by Microsoft Defender for APIs.

Link copied to clipboard
data class GetAPICollectionResult(val additionalData: Map<String, String>? = null, val displayName: String? = null, val id: String, val name: String, val type: String)

An API collection as represented by Defender for APIs.

Link copied to clipboard
data class GetApplicationResult(val description: String? = null, val displayName: String? = null, val id: String, val name: String, val sourceResourceType: String, val type: String)

Security Application over a given scope

data class GetAssessmentMetadataInSubscriptionResult(val assessmentType: String, val categories: List<String>? = null, val description: String? = null, val displayName: String, val id: String, val implementationEffort: String? = null, val name: String, val partnerData: SecurityAssessmentMetadataPartnerDataResponse? = null, val plannedDeprecationDate: String? = null, val policyDefinitionId: String, val preview: Boolean? = null, val publishDates: SecurityAssessmentMetadataPropertiesResponseResponsePublishDates? = null, val remediationDescription: String? = null, val severity: String, val tactics: List<String>? = null, val techniques: List<String>? = null, val threats: List<String>? = null, val type: String, val userImpact: String? = null)

Security assessment metadata response

Link copied to clipboard
data class GetAssessmentResult(val additionalData: Map<String, String>? = null, val displayName: String, val id: String, val links: AssessmentLinksResponse, val metadata: SecurityAssessmentMetadataPropertiesResponse? = null, val name: String, val partnersData: SecurityAssessmentPartnerDataResponse? = null, val resourceDetails: Any, val status: AssessmentStatusResponseResponse, val type: String)

Security assessment on a resource - response format

Link copied to clipboard
data class GetAssessmentsMetadataSubscriptionResult(val assessmentType: String, val categories: List<String>? = null, val description: String? = null, val displayName: String, val id: String, val implementationEffort: String? = null, val name: String, val policyDefinitionId: String, val preview: Boolean? = null, val remediationDescription: String? = null, val severity: String, val threats: List<String>? = null, val type: String, val userImpact: String? = null)

Security assessment metadata

Link copied to clipboard
data class GetAssignmentResult(val additionalData: AssignmentPropertiesResponseAdditionalData? = null, val assignedComponent: AssignedComponentItemResponse? = null, val assignedStandard: AssignedStandardItemResponse? = null, val description: String? = null, val displayName: String? = null, val effect: String? = null, val etag: String? = null, val expiresOn: String? = null, val id: String, val kind: String? = null, val location: String? = null, val metadata: Any? = null, val name: String, val scope: String? = null, val systemData: SystemDataResponse, val tags: Map<String, String>? = null, val type: String)

Security Assignment on a resource group over a given scope

Link copied to clipboard
data class GetAutomationResult(val actions: List<Any>? = null, val description: String? = null, val etag: String? = null, val id: String, val isEnabled: Boolean? = null, val kind: String? = null, val location: String? = null, val name: String, val scopes: List<AutomationScopeResponse>? = null, val sources: List<AutomationSourceResponse>? = null, val tags: Map<String, String>? = null, val type: String)

The security automation resource.

Link copied to clipboard
data class GetAzureServersSettingResult(val id: String, val kind: String, val name: String, val selectedProvider: String, val systemData: SystemDataResponse, val type: String)

A vulnerability assessments setting on Azure servers in the defined scope.

Link copied to clipboard
data class GetConnectorResult(val authenticationDetails: Any? = null, val hybridComputeSettings: HybridComputeSettingsPropertiesResponse? = null, val id: String, val name: String, val type: String)

The connector setting

Link copied to clipboard
data class GetCustomAssessmentAutomationResult(val assessmentKey: String? = null, val compressedQuery: String? = null, val description: String? = null, val displayName: String? = null, val id: String, val name: String, val remediationDescription: String? = null, val severity: String? = null, val supportedCloud: String? = null, val systemData: SystemDataResponse, val type: String)

Custom Assessment Automation

Link copied to clipboard
data class GetCustomEntityStoreAssignmentResult(val entityStoreDatabaseLink: String? = null, val id: String, val name: String, val principal: String? = null, val systemData: SystemDataResponse, val type: String)

Custom entity store assignment

Link copied to clipboard
data class GetDeviceSecurityGroupResult(val allowlistRules: List<AllowlistCustomAlertRuleResponse>? = null, val denylistRules: List<DenylistCustomAlertRuleResponse>? = null, val id: String, val name: String, val thresholdRules: List<ThresholdCustomAlertRuleResponse>? = null, val timeWindowRules: List<TimeWindowCustomAlertRuleResponse>? = null, val type: String)

The device security group resource

Link copied to clipboard
data class GetDevOpsConfigurationResult(val id: String, val name: String, val properties: DevOpsConfigurationPropertiesResponse, val systemData: SystemDataResponse, val type: String)

DevOps Configuration resource.

Link copied to clipboard
data class GetGovernanceAssignmentResult(val additionalData: GovernanceAssignmentAdditionalDataResponse? = null, val governanceEmailNotification: GovernanceEmailNotificationResponse? = null, val id: String, val isGracePeriod: Boolean? = null, val name: String, val owner: String? = null, val remediationDueDate: String, val remediationEta: RemediationEtaResponse? = null, val type: String)

Governance assignment over a given scope

Link copied to clipboard
data class GetGovernanceRuleResult(val description: String? = null, val displayName: String, val excludedScopes: List<String>? = null, val governanceEmailNotification: GovernanceRuleEmailNotificationResponse? = null, val id: String, val includeMemberScopes: Boolean? = null, val isDisabled: Boolean? = null, val isGracePeriod: Boolean? = null, val metadata: GovernanceRuleMetadataResponse? = null, val name: String, val ownerSource: GovernanceRuleOwnerSourceResponse, val remediationTimeframe: String? = null, val rulePriority: Int, val ruleType: String, val sourceResourceType: String, val tenantId: String, val type: String)

Governance rule over a given scope

Link copied to clipboard
data class GetIotSecuritySolutionResult(val additionalWorkspaces: List<AdditionalWorkspacesPropertiesResponse>? = null, val autoDiscoveredResources: List<String>, val disabledDataSources: List<String>? = null, val displayName: String, val export: List<String>? = null, val id: String, val iotHubs: List<String>, val location: String? = null, val name: String, val recommendationsConfiguration: List<RecommendationConfigurationPropertiesResponse>? = null, val status: String? = null, val systemData: SystemDataResponse, val tags: Map<String, String>? = null, val type: String, val unmaskedIpLoggingStatus: String? = null, val userDefinedResources: UserDefinedResourcesPropertiesResponse? = null, val workspace: String? = null)

IoT Security solution configuration and resource information.

Link copied to clipboard
data class GetJitNetworkAccessPolicyResult(val id: String, val kind: String? = null, val location: String, val name: String, val provisioningState: String, val requests: List<JitNetworkAccessRequestResponse>? = null, val type: String, val virtualMachines: List<JitNetworkAccessPolicyVirtualMachineResponse>)
Link copied to clipboard
data class GetSecurityConnectorApplicationResult(val description: String? = null, val displayName: String? = null, val id: String, val name: String, val sourceResourceType: String, val type: String)

Security Application over a given scope

Link copied to clipboard
data class GetSecurityConnectorResult(val environmentData: Any? = null, val environmentName: String? = null, val etag: String? = null, val hierarchyIdentifier: String? = null, val hierarchyIdentifierTrialEndDate: String, val id: String, val kind: String? = null, val location: String? = null, val name: String, val offerings: List<Any>? = null, val systemData: SystemDataResponse, val tags: Map<String, String>? = null, val type: String)

The security connector resource.

Link copied to clipboard
data class GetSecurityContactResult(val alertNotifications: SecurityContactPropertiesResponseAlertNotifications? = null, val emails: String? = null, val id: String, val name: String, val notificationsByRole: SecurityContactPropertiesResponseNotificationsByRole? = null, val phone: String? = null, val type: String)

Contact details and configurations for notifications coming from Microsoft Defender for Cloud.

Link copied to clipboard
data class GetSecurityOperatorResult(val id: String, val identity: IdentityResponse? = null, val name: String, val type: String)

Security operator under a given subscription and pricing

Link copied to clipboard
data class GetServerVulnerabilityAssessmentResult(val id: String, val name: String, val provisioningState: String, val type: String)

Describes the server vulnerability assessment details on a resource

data class GetSqlVulnerabilityAssessmentBaselineRuleResult(val id: String, val name: String, val properties: RuleResultsPropertiesResponse, val type: String)

Rule results.

Link copied to clipboard
data class GetStandardResult(val category: String? = null, val components: List<StandardComponentPropertiesResponse>? = null, val description: String? = null, val displayName: String? = null, val etag: String? = null, val id: String, val kind: String? = null, val location: String? = null, val name: String, val standardType: String, val supportedClouds: List<String>? = null, val systemData: SystemDataResponse, val tags: Map<String, String>? = null, val type: String)

Security Standard on a resource

Link copied to clipboard
data class GetWorkspaceSettingResult(val id: String, val name: String, val scope: String, val type: String, val workspaceId: String)

Configures where to store the OMS agent data for workspaces under a scope

Link copied to clipboard
data class GitHubOwnerPropertiesResponse(val gitHubInternalId: String, val onboardingState: String? = null, val ownerUrl: String, val provisioningState: String? = null, val provisioningStatusMessage: String, val provisioningStatusUpdateTimeUtc: String)

GitHub Owner properties.

Link copied to clipboard
data class GitHubOwnerResponse(val id: String, val name: String, val properties: GitHubOwnerPropertiesResponse? = null, val systemData: SystemDataResponse, val type: String)

GitHub Owner resource.

Link copied to clipboard
data class GithubScopeEnvironmentDataResponse(val environmentType: String)

The github scope connector's environment data

Link copied to clipboard
data class GitLabGroupPropertiesResponse(val fullyQualifiedFriendlyName: String, val fullyQualifiedName: String, val onboardingState: String? = null, val provisioningState: String? = null, val provisioningStatusMessage: String, val provisioningStatusUpdateTimeUtc: String, val url: String)

GitLab Group properties.

Link copied to clipboard
data class GitLabGroupResponse(val id: String, val name: String, val properties: GitLabGroupPropertiesResponse? = null, val systemData: SystemDataResponse, val type: String)

GitLab Group resource.

Link copied to clipboard
data class GitlabScopeEnvironmentDataResponse(val environmentType: String)

The GitLab scope connector's environment data

data class GovernanceAssignmentAdditionalDataResponse(val ticketLink: String? = null, val ticketNumber: Int? = null, val ticketStatus: String? = null)

Describe the additional data of governance assignment - optional

Link copied to clipboard
data class GovernanceEmailNotificationResponse(val disableManagerEmailNotification: Boolean? = null, val disableOwnerEmailNotification: Boolean? = null)

The governance email weekly notification configuration.

Link copied to clipboard
data class GovernanceRuleEmailNotificationResponse(val disableManagerEmailNotification: Boolean? = null, val disableOwnerEmailNotification: Boolean? = null)

The governance email weekly notification configuration

Link copied to clipboard
data class GovernanceRuleMetadataResponse(val createdBy: String, val createdOn: String, val updatedBy: String, val updatedOn: String)

The governance rule metadata

Link copied to clipboard
data class GovernanceRuleOwnerSourceResponse(val type: String? = null, val value: String? = null)

Describe the owner source of governance rule

Link copied to clipboard
data class HybridComputeSettingsPropertiesResponse(val autoProvision: String, val hybridComputeProvisioningState: String, val proxyServer: ProxyServerPropertiesResponse? = null, val region: String? = null, val resourceGroupName: String? = null, val servicePrincipal: ServicePrincipalPropertiesResponse? = null)

Settings for hybrid compute management

Link copied to clipboard
data class IdentityResponse(val principalId: String, val tenantId: String, val type: String? = null)

Identity for the resource.

Link copied to clipboard
data class InformationProtectionAwsOfferingResponse(val description: String, val informationProtection: InformationProtectionAwsOfferingResponseInformationProtection? = null, val offeringType: String)

The information protection for AWS offering

data class InformationProtectionAwsOfferingResponseInformationProtection(val cloudRoleArn: String? = null)

The native cloud connection configuration

data class JitNetworkAccessPolicyVirtualMachineResponse(val id: String, val ports: List<JitNetworkAccessPortRuleResponse>, val publicIpAddress: String? = null)
Link copied to clipboard
data class JitNetworkAccessPortRuleResponse(val allowedSourceAddressPrefix: String? = null, val allowedSourceAddressPrefixes: List<String>? = null, val maxRequestAccessDuration: String, val number: Int, val protocol: String)
Link copied to clipboard
data class JitNetworkAccessRequestPortResponse(val allowedSourceAddressPrefix: String? = null, val allowedSourceAddressPrefixes: List<String>? = null, val endTimeUtc: String, val mappedPort: Int? = null, val number: Int, val status: String, val statusReason: String)
Link copied to clipboard
data class JitNetworkAccessRequestResponse(val justification: String? = null, val requestor: String, val startTimeUtc: String, val virtualMachines: List<JitNetworkAccessRequestVirtualMachineResponse>)
Link copied to clipboard
data class ListAzureDevOpsOrgAvailableResult(val nextLink: String? = null, val value: List<AzureDevOpsOrgResponse>? = null)

List of RP resources which supports pagination.

Link copied to clipboard
data class ListGitHubOwnerAvailableResult(val nextLink: String? = null, val value: List<GitHubOwnerResponse>? = null)

List of RP resources which supports pagination.

Link copied to clipboard
data class ListGitLabGroupAvailableResult(val nextLink: String? = null, val value: List<GitLabGroupResponse>? = null)

List of RP resources which supports pagination.

Link copied to clipboard
data class ListGitLabSubgroupResult(val nextLink: String? = null, val value: List<GitLabGroupResponse>? = null)

List of RP resources which supports pagination.

Link copied to clipboard
data class OnPremiseResourceDetailsResponse(val machineName: String, val source: String, val sourceComputerId: String, val vmuuid: String, val workspaceId: String)

Details of the On Premise resource that was assessed

Link copied to clipboard
data class OnPremiseSqlResourceDetailsResponse(val databaseName: String, val machineName: String, val serverName: String, val source: String, val sourceComputerId: String, val vmuuid: String, val workspaceId: String)

Details of the On Premise Sql resource that was assessed

Link copied to clipboard
data class PathRecommendationResponse(val action: String? = null, val common: Boolean? = null, val configurationStatus: String? = null, val fileType: String? = null, val path: String? = null, val publisherInfo: PublisherInfoResponse? = null, val type: String? = null, val userSids: List<String>? = null, val usernames: List<UserRecommendationResponse>? = null)

Represents a path that is recommended to be allowed and its properties

Link copied to clipboard
data class ProtectionModeResponse(val exe: String? = null, val executable: String? = null, val msi: String? = null, val script: String? = null)

The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux.

Link copied to clipboard
data class ProxyServerPropertiesResponse(val ip: String? = null, val port: String? = null)

For a non-Azure machine that is not connected directly to the internet, specify a proxy server that the non-Azure machine can use.

Link copied to clipboard
data class PublisherInfoResponse(val binaryName: String? = null, val productName: String? = null, val publisherName: String? = null, val version: String? = null)

Represents the publisher information of a process/rule

data class RecommendationConfigurationPropertiesResponse(val name: String, val recommendationType: String, val status: String)

The type of IoT Security recommendation.

Link copied to clipboard
data class RemediationEtaResponse(val eta: String, val justification: String)

The ETA (estimated time of arrival) for remediation

Link copied to clipboard
data class RuleResultsPropertiesResponse(val results: List<List<String>>? = null)

Rule results properties.

Link copied to clipboard
data class ScopeElementResponse(val field: String? = null)

A more specific scope used to identify the alerts to suppress.

data class SecurityAssessmentMetadataPartnerDataResponse(val partnerName: String, val productName: String? = null, val secret: String)

Describes the partner that created the assessment

data class SecurityAssessmentMetadataPropertiesResponse(val assessmentType: String, val categories: List<String>? = null, val description: String? = null, val displayName: String, val implementationEffort: String? = null, val partnerData: SecurityAssessmentMetadataPartnerDataResponse? = null, val policyDefinitionId: String, val preview: Boolean? = null, val remediationDescription: String? = null, val severity: String, val threats: List<String>? = null, val userImpact: String? = null)

Describes properties of an assessment metadata.

Link copied to clipboard
data class SecurityAssessmentPartnerDataResponse(val partnerName: String, val secret: String)

Data regarding 3rd party partner integration

data class SecurityContactPropertiesResponseAlertNotifications(val minimalSeverity: String? = null, val state: String? = null)

Defines whether to send email notifications about new security alerts

data class SecurityContactPropertiesResponseNotificationsByRole(val roles: List<String>? = null, val state: String? = null)

Defines whether to send email notifications from Microsoft Defender for Cloud to persons with specific RBAC roles on the subscription.

Link copied to clipboard
data class ServicePrincipalPropertiesResponse(val applicationId: String? = null, val secret: String? = null)

Details of the service principal.

Link copied to clipboard
data class StandardComponentPropertiesResponse(val key: String? = null)

Describes properties of an component as related to the standard

Link copied to clipboard
Link copied to clipboard
data class SystemDataResponse(val createdAt: String? = null, val createdBy: String? = null, val createdByType: String? = null, val lastModifiedAt: String? = null, val lastModifiedBy: String? = null, val lastModifiedByType: String? = null)

Metadata pertaining to creation and last modification of the resource.

Link copied to clipboard
data class TargetBranchConfigurationResponse(val annotateDefaultBranch: String? = null, val branchNames: List<String>? = null)

Repository branch configuration for PR Annotations.

Link copied to clipboard
data class ThresholdCustomAlertRuleResponse(val description: String, val displayName: String, val isEnabled: Boolean, val maxThreshold: Int, val minThreshold: Int, val ruleType: String)

A custom alert rule that checks if a value (depends on the custom alert type) is within the given range.

Link copied to clipboard
data class TimeWindowCustomAlertRuleResponse(val description: String, val displayName: String, val isEnabled: Boolean, val maxThreshold: Int, val minThreshold: Int, val ruleType: String, val timeWindowSize: String)

A custom alert rule that checks if the number of activities (depends on the custom alert type) in a time window is within the given range.

Link copied to clipboard
data class UserDefinedResourcesPropertiesResponse(val query: String, val querySubscriptions: List<String>)

Properties of the IoT Security solution's user defined resources.

Link copied to clipboard
data class UserRecommendationResponse(val recommendationAction: String? = null, val username: String? = null)

Represents a user that is recommended to be allowed for a certain rule

Link copied to clipboard
data class VmRecommendationResponse(val configurationStatus: String? = null, val enforcementSupport: String? = null, val recommendationAction: String? = null, val resourceId: String? = null)

Represents a machine that is part of a machine group