pulumi-azure-native-kotlin/com.pulumi.azurenative.securityinsights.kotlin/ThreatIntelligenceIndicator

ThreatIntelligenceIndicator

class ThreatIntelligenceIndicator : KotlinCustomResource

Threat intelligence information object. Azure REST API version: 2023-02-01. Prior API version in Azure Native 1.x: 2019-01-01-preview. Other available API versions: 2021-04-01, 2021-09-01-preview, 2023-06-01-preview, 2023-07-01-preview, 2023-08-01-preview, 2023-09-01-preview, 2023-10-01-preview.

Example Usage

Update a threat Intelligence indicator

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
    var threatIntelligenceIndicator = new AzureNative.SecurityInsights.ThreatIntelligenceIndicator("threatIntelligenceIndicator", new()
    {
        Confidence = 78,
        CreatedByRef = "contoso@contoso.com",
        Description = "debugging indicators",
        DisplayName = "new schema",
        ExternalReferences = new[] {},
        GranularMarkings = new[] {},
        KillChainPhases = new[] {},
        Kind = "indicator",
        Labels = new[] {},
        Modified = "",
        Name = "d9cd6f0b-96b9-3984-17cd-a779d1e15a93",
        Pattern = "[url:value = 'https://www.contoso.com']",
        PatternType = "url",
        ResourceGroupName = "myRg",
        Revoked = false,
        Source = "Azure Sentinel",
        ThreatIntelligenceTags = new[]
        {
            "new schema",
        },
        ThreatTypes = new[]
        {
            "compromised",
        },
        ValidFrom = "2020-04-15T17:44:00.114052Z",
        ValidUntil = "",
        WorkspaceName = "myWorkspace",
    });
});

package main
import (
	"github.com/pulumi/pulumi-azure-native-sdk/securityinsights/v2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := securityinsights.NewThreatIntelligenceIndicator(ctx, "threatIntelligenceIndicator", &securityinsights.ThreatIntelligenceIndicatorArgs{
			Confidence:         pulumi.Int(78),
			CreatedByRef:       pulumi.String("contoso@contoso.com"),
			Description:        pulumi.String("debugging indicators"),
			DisplayName:        pulumi.String("new schema"),
			ExternalReferences: securityinsights.ThreatIntelligenceExternalReferenceArray{},
			GranularMarkings:   securityinsights.ThreatIntelligenceGranularMarkingModelArray{},
			KillChainPhases:    securityinsights.ThreatIntelligenceKillChainPhaseArray{},
			Kind:               pulumi.String("indicator"),
			Labels:             pulumi.StringArray{},
			Modified:           pulumi.String(""),
			Name:               pulumi.String("d9cd6f0b-96b9-3984-17cd-a779d1e15a93"),
			Pattern:            pulumi.String("[url:value = 'https://www.contoso.com']"),
			PatternType:        pulumi.String("url"),
			ResourceGroupName:  pulumi.String("myRg"),
			Revoked:            pulumi.Bool(false),
			Source:             pulumi.String("Azure Sentinel"),
			ThreatIntelligenceTags: pulumi.StringArray{
				pulumi.String("new schema"),
			},
			ThreatTypes: pulumi.StringArray{
				pulumi.String("compromised"),
			},
			ValidFrom:     pulumi.String("2020-04-15T17:44:00.114052Z"),
			ValidUntil:    pulumi.String(""),
			WorkspaceName: pulumi.String("myWorkspace"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.securityinsights.ThreatIntelligenceIndicator;
import com.pulumi.azurenative.securityinsights.ThreatIntelligenceIndicatorArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var threatIntelligenceIndicator = new ThreatIntelligenceIndicator("threatIntelligenceIndicator", ThreatIntelligenceIndicatorArgs.builder()
            .confidence(78)
            .createdByRef("contoso@contoso.com")
            .description("debugging indicators")
            .displayName("new schema")
            .externalReferences()
            .granularMarkings()
            .killChainPhases()
            .kind("indicator")
            .labels()
            .modified("")
            .name("d9cd6f0b-96b9-3984-17cd-a779d1e15a93")
            .pattern("[url:value = 'https://www.contoso.com']")
            .patternType("url")
            .resourceGroupName("myRg")
            .revoked(false)
            .source("Azure Sentinel")
            .threatIntelligenceTags("new schema")
            .threatTypes("compromised")
            .validFrom("2020-04-15T17:44:00.114052Z")
            .validUntil("")
            .workspaceName("myWorkspace")
            .build());
    }
}

Import

An existing resource can be imported using its type token, name, and identifier, e.g.

$ pulumi import azure-native:securityinsights:ThreatIntelligenceIndicator 180105c7-a28d-b1a2-4a78-234f6ec80fd6 /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/indicators/{name}