Package-level declarations
Types
Configuration payload for PR Annotations.
Properties of the additional workspaces.
Links relevant to the assessment
Describe the properties of a security assessment object reference (by key)
describe the properties of a security assessment object reference (by key)
Describe the properties of a of a standard assignments object reference
Additional data about the assignment
Describe the properties of a assignment attestation
Authorization payload.
The target Event Hub to which event data will be exported. To learn more about Microsoft Defender for Cloud continuous export capabilities, visit https://aka.ms/ASCExportLearnMore
The logic app action that should be triggered. To learn more about Microsoft Defender for Cloud's Workflow Automation capabilities, visit https://aka.ms/ASCWorkflowAutomationLearnMore
The Log Analytics Workspace to which event data will be exported. Security alerts data will reside in the 'SecurityAlert' table and the assessments data will reside in the 'SecurityRecommendation' table (under the 'Security'/'SecurityCenterFree' solutions). Note that in order to view the data in the workspace, the Security Center Log Analytics free/standard solution needs to be enabled on that workspace. To learn more about Microsoft Defender for Cloud continuous export capabilities, visit https://aka.ms/ASCExportLearnMore
A rule set which evaluates all its rules upon an event interception. Only when all the included rules in the rule set will be evaluated as 'true', will the event trigger the defined actions.
A single automation scope.
The source event types which evaluate the security automation set of rules. For example - security alerts and security assessments. To learn more about the supported security events data models schemas - please visit https://aka.ms/ASCAutomationSchemas.
A rule which is evaluated upon event interception. The rule is configured by comparing a specific value from the event model to an expected value. This comparison is done by using one of the supported operators set.
AWS cloud account connector based assume role, the role enables delegating access to your AWS resources. The role is composed of role Amazon Resource Name (ARN) and external ID. For more details, refer to Creating a Role to Delegate Permissions to an IAM User (write only)
AWS cloud account connector based credentials, the credentials is composed of access key ID and secret key, for more details, refer to Creating an IAM User in Your AWS Account (write only)
The AWS connector environment data
The AWS organization data for the master account
The AWS organization data for the member account
Azure DevOps Organization properties.
Azure DevOps Organization resource.
The AzureDevOps scope connector's environment data
Details of the Azure resource that was assessed
Severity level per category configuration for PR Annotations.
The CSPM monitoring for AWS offering
The native cloud connection configuration
The CSPM monitoring for AzureDevOps offering
The CSPM monitoring for GCP offering
The native cloud connection configuration
The CSPM monitoring for github offering
The CSPM (Cloud security posture management) monitoring for gitlab offering
The CSPM P1 for AWS offering
The databases DSPM configuration
The Microsoft Defender Data Sensitivity discovery configuration
The Microsoft Defender for Server VM scanning configuration
The CSPM P1 for GCP offering
The Defender for Databases AWS offering
The ARC autoprovisioning configuration
Configuration for servers Arc auto provisioning
The databases data security posture management (DSPM) configuration
The RDS configuration
The Defender for Containers AWS offering
The cloudwatch to kinesis connection configuration
The container vulnerability assessment configuration
The container vulnerability assessment task configuration
The kinesis to s3 connection configuration
The kubernetes to scuba connection configuration
The kubernetes service connection configuration
The containers GCP offering
The native cloud connection configuration
The native cloud connection configuration
The Defender for Databases GCP offering configurations
The ARC autoprovisioning configuration
Configuration for servers Arc auto provisioning
The native cloud connection configuration
The Defender for DevOps for Azure DevOps offering
The Defender for DevOps for Github offering
The Defender for DevOps for Gitlab offering
The Defender for Servers AWS offering
The ARC autoprovisioning configuration
Configuration for servers Arc auto provisioning
configuration for Vulnerability Assessment autoprovisioning
The Defender for servers connection configuration
The Microsoft Defender for Endpoint autoprovisioning configuration
configuration for the servers offering subPlan
The Vulnerability Assessment autoprovisioning configuration
The Microsoft Defender for Server VM scanning configuration
The Defender for Servers GCP offering configurations
The ARC autoprovisioning configuration
Configuration for servers Arc auto provisioning
configuration for Vulnerability Assessment autoprovisioning
configuration for Microsoft Defender for Server VM scanning
The Defender for servers connection configuration
The Microsoft Defender for Endpoint autoprovisioning configuration
configuration for the servers offering subPlan
The Vulnerability Assessment autoprovisioning configuration
The Microsoft Defender for Server VM scanning configuration
Defender for Storage resource properties.
DevOps Configuration properties.
Properties of the DevOps policy assignment resource.
Condensed information to identify a DevOps Policy resource.
A plan's extension properties
GCP cloud account connector based service to service credentials, the credentials are composed of the organization ID and a JSON API key (write only)
The gcpOrganization data for the member account
The gcpOrganization data for the parent account
The details about the project represented by the security connector
The GCP project connector environment data
The Advanced Threat Protection resource.
Describes the suppression rule
An API collection as represented by Microsoft Defender for APIs.
Security assessment metadata response
Security assessment on a resource - response format
Security assessment metadata
Security Assignment on a resource group over a given scope
The security automation resource.
A vulnerability assessments setting on Azure servers in the defined scope.
The connector setting
Custom Assessment Automation
Custom entity store assignment
Custom Recommendation
The Defender for Storage resource.
The device security group resource
DevOps Configuration resource.
DevOps Policy assignment resource.
Governance assignment over a given scope
Governance rule over a given scope
IoT Security solution configuration and resource information.
Microsoft Defender for Cloud is provided in two pricing tiers: free and standard. The standard tier offers advanced security capabilities, while the free tier offers basic security features.
The security connector resource.
Contact details and configurations for notifications coming from Microsoft Defender for Cloud.
Security operator under a given subscription and pricing
Security Standard on a resource
Describes the server vulnerability assessment details on a resource
Rule results.
Security Assignment on a resource group over a given scope
Security Standard on a resource
GitHub Owner resource.
The github scope connector's environment data
GitLab Group properties.
GitLab Group resource.
The GitLab scope connector's environment data
Describe the additional data of governance assignment - optional
The governance email weekly notification configuration.
The governance email weekly notification configuration
The governance rule metadata
Describe the owner source of governance rule
Settings for hybrid compute management
Identity for the resource.
The information protection for AWS offering
The native cloud connection configuration
List of RP resources which supports pagination.
List of RP resources which supports pagination.
List of RP resources which supports pagination.
List of RP resources which supports pagination.
Properties of Malware Scanning.
Properties of On Upload malware scanning.
A status describing the success/failure of the extension's enablement/disablement operation.
Describes properties of an assessment as related to the standard
For a non-Azure machine that is not connected directly to the internet, specify a proxy server that the non-Azure machine can use.
The type of IoT Security recommendation.
The ETA (estimated time of arrival) for remediation
Rule results properties.
A more specific scope used to identify the alerts to suppress.
Describes the partner that created the assessment
Describes properties of an assessment metadata.
Data regarding 3rd party partner integration
Defines whether to send email notifications about new security alerts
Defines whether to send email notifications from Microsoft Defender for Cloud to persons with specific RBAC roles on the subscription.
Properties of Sensitive Data Discovery.
Details of the service principal.
The standard assignment metadata
Additional data about assignment that has Attest effect
Additional data about assignment that has Exempt effect
Describes properties of an component as related to the standard
The standard metadata
Metadata pertaining to creation and last modification of the resource.
Repository branch configuration for PR Annotations.
A custom alert rule that checks if the number of activities (depends on the custom alert type) in a time window is within the given range.
Properties of the IoT Security solution's user defined resources.