Automation
The security automation resource. Uses Azure REST API version 2019-01-01-preview. In version 1.x of the Azure Native provider, it used API version 2019-01-01-preview. Other available API versions: 2023-12-01-preview.
Example Usage
Create or update a security automation for all assessments (including all severities)
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var automation = new AzureNative.Security.Automation("automation", new()
{
Actions = new[]
{
new AzureNative.Security.Inputs.AutomationActionLogicAppArgs
{
ActionType = "LogicApp",
LogicAppResourceId = "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
Uri = "https://exampleTriggerUri1.com",
},
},
AutomationName = "exampleAutomation",
Description = "An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment",
IsEnabled = true,
Location = "Central US",
ResourceGroupName = "exampleResourceGroup",
Scopes = new[]
{
new AzureNative.Security.Inputs.AutomationScopeArgs
{
Description = "A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5",
ScopePath = "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup",
},
},
Sources = new[]
{
new AzureNative.Security.Inputs.AutomationSourceArgs
{
EventSource = AzureNative.Security.EventSource.Assessments,
},
},
Tags = null,
});
});Content copied to clipboard
package main
import (
security "github.com/pulumi/pulumi-azure-native-sdk/security/v2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := security.NewAutomation(ctx, "automation", &security.AutomationArgs{
Actions: pulumi.Array{
security.AutomationActionLogicApp{
ActionType: "LogicApp",
LogicAppResourceId: "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
Uri: "https://exampleTriggerUri1.com",
},
},
AutomationName: pulumi.String("exampleAutomation"),
Description: pulumi.String("An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment"),
IsEnabled: pulumi.Bool(true),
Location: pulumi.String("Central US"),
ResourceGroupName: pulumi.String("exampleResourceGroup"),
Scopes: security.AutomationScopeArray{
&security.AutomationScopeArgs{
Description: pulumi.String("A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5"),
ScopePath: pulumi.String("/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup"),
},
},
Sources: security.AutomationSourceArray{
&security.AutomationSourceArgs{
EventSource: pulumi.String(security.EventSourceAssessments),
},
},
Tags: pulumi.StringMap{},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.Automation;
import com.pulumi.azurenative.security.AutomationArgs;
import com.pulumi.azurenative.security.inputs.AutomationScopeArgs;
import com.pulumi.azurenative.security.inputs.AutomationSourceArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var automation = new Automation("automation", AutomationArgs.builder()
.actions(AutomationActionLogicAppArgs.builder()
.actionType("LogicApp")
.logicAppResourceId("/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1")
.uri("https://exampleTriggerUri1.com")
.build())
.automationName("exampleAutomation")
.description("An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment")
.isEnabled(true)
.location("Central US")
.resourceGroupName("exampleResourceGroup")
.scopes(AutomationScopeArgs.builder()
.description("A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5")
.scopePath("/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup")
.build())
.sources(AutomationSourceArgs.builder()
.eventSource("Assessments")
.build())
.tags()
.build());
}
}Content copied to clipboard
Create or update a security automation for all high severity assessments
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var automation = new AzureNative.Security.Automation("automation", new()
{
Actions = new[]
{
new AzureNative.Security.Inputs.AutomationActionLogicAppArgs
{
ActionType = "LogicApp",
LogicAppResourceId = "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
Uri = "https://exampleTriggerUri1.com",
},
},
AutomationName = "exampleAutomation",
Description = "An example of a security automation that triggers one LogicApp resource (myTest1) on any high severity security assessment",
IsEnabled = true,
Location = "Central US",
ResourceGroupName = "exampleResourceGroup",
Scopes = new[]
{
new AzureNative.Security.Inputs.AutomationScopeArgs
{
Description = "A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5",
ScopePath = "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup",
},
},
Sources = new[]
{
new AzureNative.Security.Inputs.AutomationSourceArgs
{
EventSource = AzureNative.Security.EventSource.Assessments,
RuleSets = new[]
{
new AzureNative.Security.Inputs.AutomationRuleSetArgs
{
Rules = new[]
{
new AzureNative.Security.Inputs.AutomationTriggeringRuleArgs
{
ExpectedValue = "High",
Operator = AzureNative.Security.Operator.EqualsValue,
PropertyJPath = "properties.metadata.severity",
PropertyType = AzureNative.Security.PropertyType.String,
},
},
},
},
},
},
Tags = null,
});
});Content copied to clipboard
package main
import (
security "github.com/pulumi/pulumi-azure-native-sdk/security/v2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := security.NewAutomation(ctx, "automation", &security.AutomationArgs{
Actions: pulumi.Array{
security.AutomationActionLogicApp{
ActionType: "LogicApp",
LogicAppResourceId: "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
Uri: "https://exampleTriggerUri1.com",
},
},
AutomationName: pulumi.String("exampleAutomation"),
Description: pulumi.String("An example of a security automation that triggers one LogicApp resource (myTest1) on any high severity security assessment"),
IsEnabled: pulumi.Bool(true),
Location: pulumi.String("Central US"),
ResourceGroupName: pulumi.String("exampleResourceGroup"),
Scopes: security.AutomationScopeArray{
&security.AutomationScopeArgs{
Description: pulumi.String("A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5"),
ScopePath: pulumi.String("/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup"),
},
},
Sources: security.AutomationSourceArray{
&security.AutomationSourceArgs{
EventSource: pulumi.String(security.EventSourceAssessments),
RuleSets: security.AutomationRuleSetArray{
&security.AutomationRuleSetArgs{
Rules: security.AutomationTriggeringRuleArray{
&security.AutomationTriggeringRuleArgs{
ExpectedValue: pulumi.String("High"),
Operator: pulumi.String(security.OperatorEquals),
PropertyJPath: pulumi.String("properties.metadata.severity"),
PropertyType: pulumi.String(security.PropertyTypeString),
},
},
},
},
},
},
Tags: pulumi.StringMap{},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.Automation;
import com.pulumi.azurenative.security.AutomationArgs;
import com.pulumi.azurenative.security.inputs.AutomationScopeArgs;
import com.pulumi.azurenative.security.inputs.AutomationSourceArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var automation = new Automation("automation", AutomationArgs.builder()
.actions(AutomationActionLogicAppArgs.builder()
.actionType("LogicApp")
.logicAppResourceId("/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1")
.uri("https://exampleTriggerUri1.com")
.build())
.automationName("exampleAutomation")
.description("An example of a security automation that triggers one LogicApp resource (myTest1) on any high severity security assessment")
.isEnabled(true)
.location("Central US")
.resourceGroupName("exampleResourceGroup")
.scopes(AutomationScopeArgs.builder()
.description("A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5")
.scopePath("/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup")
.build())
.sources(AutomationSourceArgs.builder()
.eventSource("Assessments")
.ruleSets(AutomationRuleSetArgs.builder()
.rules(AutomationTriggeringRuleArgs.builder()
.expectedValue("High")
.operator("Equals")
.propertyJPath("properties.metadata.severity")
.propertyType("String")
.build())
.build())
.build())
.tags()
.build());
}
}Content copied to clipboard
Disable or enable a security automation
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var automation = new AzureNative.Security.Automation("automation", new()
{
Actions = new[]
{
new AzureNative.Security.Inputs.AutomationActionLogicAppArgs
{
ActionType = "LogicApp",
LogicAppResourceId = "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
Uri = "https://exampleTriggerUri1.com",
},
},
AutomationName = "exampleAutomation",
Description = "An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment of type customAssessment",
IsEnabled = false,
Location = "Central US",
ResourceGroupName = "exampleResourceGroup",
Scopes = new[]
{
new AzureNative.Security.Inputs.AutomationScopeArgs
{
Description = "A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5",
ScopePath = "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup",
},
},
Sources = new[]
{
new AzureNative.Security.Inputs.AutomationSourceArgs
{
EventSource = AzureNative.Security.EventSource.Assessments,
RuleSets = new[]
{
new AzureNative.Security.Inputs.AutomationRuleSetArgs
{
Rules = new[]
{
new AzureNative.Security.Inputs.AutomationTriggeringRuleArgs
{
ExpectedValue = "customAssessment",
Operator = AzureNative.Security.Operator.EqualsValue,
PropertyJPath = "$.Entity.AssessmentType",
PropertyType = AzureNative.Security.PropertyType.String,
},
},
},
},
},
},
Tags = null,
});
});Content copied to clipboard
package main
import (
security "github.com/pulumi/pulumi-azure-native-sdk/security/v2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := security.NewAutomation(ctx, "automation", &security.AutomationArgs{
Actions: pulumi.Array{
security.AutomationActionLogicApp{
ActionType: "LogicApp",
LogicAppResourceId: "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
Uri: "https://exampleTriggerUri1.com",
},
},
AutomationName: pulumi.String("exampleAutomation"),
Description: pulumi.String("An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment of type customAssessment"),
IsEnabled: pulumi.Bool(false),
Location: pulumi.String("Central US"),
ResourceGroupName: pulumi.String("exampleResourceGroup"),
Scopes: security.AutomationScopeArray{
&security.AutomationScopeArgs{
Description: pulumi.String("A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5"),
ScopePath: pulumi.String("/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup"),
},
},
Sources: security.AutomationSourceArray{
&security.AutomationSourceArgs{
EventSource: pulumi.String(security.EventSourceAssessments),
RuleSets: security.AutomationRuleSetArray{
&security.AutomationRuleSetArgs{
Rules: security.AutomationTriggeringRuleArray{
&security.AutomationTriggeringRuleArgs{
ExpectedValue: pulumi.String("customAssessment"),
Operator: pulumi.String(security.OperatorEquals),
PropertyJPath: pulumi.String("$.Entity.AssessmentType"),
PropertyType: pulumi.String(security.PropertyTypeString),
},
},
},
},
},
},
Tags: pulumi.StringMap{},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.Automation;
import com.pulumi.azurenative.security.AutomationArgs;
import com.pulumi.azurenative.security.inputs.AutomationScopeArgs;
import com.pulumi.azurenative.security.inputs.AutomationSourceArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var automation = new Automation("automation", AutomationArgs.builder()
.actions(AutomationActionLogicAppArgs.builder()
.actionType("LogicApp")
.logicAppResourceId("/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1")
.uri("https://exampleTriggerUri1.com")
.build())
.automationName("exampleAutomation")
.description("An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment of type customAssessment")
.isEnabled(false)
.location("Central US")
.resourceGroupName("exampleResourceGroup")
.scopes(AutomationScopeArgs.builder()
.description("A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5")
.scopePath("/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup")
.build())
.sources(AutomationSourceArgs.builder()
.eventSource("Assessments")
.ruleSets(AutomationRuleSetArgs.builder()
.rules(AutomationTriggeringRuleArgs.builder()
.expectedValue("customAssessment")
.operator("Equals")
.propertyJPath("$.Entity.AssessmentType")
.propertyType("String")
.build())
.build())
.build())
.tags()
.build());
}
}Content copied to clipboard
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:security:Automation exampleAutomation /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/automations/{automationName}Content copied to clipboard
Properties
Link copied to clipboard
The security automation description.
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
A collection of scopes on which the security automations logic is applied. Supported scopes are the subscription itself or a resource group under that subscription. The automation will only apply on defined scopes.
Link copied to clipboard
A collection of the source event types which evaluate the security automation set of rules.