Governance
Governance assignment over a given scope Uses Azure REST API version 2022-01-01-preview.
Example Usage
Create Governance assignment
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var governanceAssignment = new AzureNative.Security.GovernanceAssignment("governanceAssignment", new()
{
AdditionalData = new AzureNative.Security.Inputs.GovernanceAssignmentAdditionalDataArgs
{
TicketLink = "https://snow.com",
TicketNumber = 123123,
TicketStatus = "Active",
},
AssessmentName = "6b9421dd-5555-2251-9b3d-2be58e2f82cd",
AssignmentKey = "6634ff9f-127b-4bf2-8e6e-b1737f5e789c",
GovernanceEmailNotification = new AzureNative.Security.Inputs.GovernanceEmailNotificationArgs
{
DisableManagerEmailNotification = false,
DisableOwnerEmailNotification = false,
},
IsGracePeriod = true,
Owner = "user@contoso.com",
RemediationDueDate = "2022-01-07T13:00:00.0000000Z",
RemediationEta = new AzureNative.Security.Inputs.RemediationEtaArgs
{
Eta = "2022-01-08T13:00:00.0000000Z",
Justification = "Justification of ETA",
},
Scope = "subscriptions/c32e05d9-7207-4e22-bdf4-4f7d9c72e5fd/resourceGroups/compute_servers/providers/Microsoft.Compute/virtualMachines/win2012",
});
});Content copied to clipboard
package main
import (
security "github.com/pulumi/pulumi-azure-native-sdk/security/v2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := security.NewGovernanceAssignment(ctx, "governanceAssignment", &security.GovernanceAssignmentArgs{
AdditionalData: &security.GovernanceAssignmentAdditionalDataArgs{
TicketLink: pulumi.String("https://snow.com"),
TicketNumber: pulumi.Int(123123),
TicketStatus: pulumi.String("Active"),
},
AssessmentName: pulumi.String("6b9421dd-5555-2251-9b3d-2be58e2f82cd"),
AssignmentKey: pulumi.String("6634ff9f-127b-4bf2-8e6e-b1737f5e789c"),
GovernanceEmailNotification: &security.GovernanceEmailNotificationArgs{
DisableManagerEmailNotification: pulumi.Bool(false),
DisableOwnerEmailNotification: pulumi.Bool(false),
},
IsGracePeriod: pulumi.Bool(true),
Owner: pulumi.String("user@contoso.com"),
RemediationDueDate: pulumi.String("2022-01-07T13:00:00.0000000Z"),
RemediationEta: &security.RemediationEtaArgs{
Eta: pulumi.String("2022-01-08T13:00:00.0000000Z"),
Justification: pulumi.String("Justification of ETA"),
},
Scope: pulumi.String("subscriptions/c32e05d9-7207-4e22-bdf4-4f7d9c72e5fd/resourceGroups/compute_servers/providers/Microsoft.Compute/virtualMachines/win2012"),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.GovernanceAssignment;
import com.pulumi.azurenative.security.GovernanceAssignmentArgs;
import com.pulumi.azurenative.security.inputs.GovernanceAssignmentAdditionalDataArgs;
import com.pulumi.azurenative.security.inputs.GovernanceEmailNotificationArgs;
import com.pulumi.azurenative.security.inputs.RemediationEtaArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var governanceAssignment = new GovernanceAssignment("governanceAssignment", GovernanceAssignmentArgs.builder()
.additionalData(GovernanceAssignmentAdditionalDataArgs.builder()
.ticketLink("https://snow.com")
.ticketNumber(123123)
.ticketStatus("Active")
.build())
.assessmentName("6b9421dd-5555-2251-9b3d-2be58e2f82cd")
.assignmentKey("6634ff9f-127b-4bf2-8e6e-b1737f5e789c")
.governanceEmailNotification(GovernanceEmailNotificationArgs.builder()
.disableManagerEmailNotification(false)
.disableOwnerEmailNotification(false)
.build())
.isGracePeriod(true)
.owner("user@contoso.com")
.remediationDueDate("2022-01-07T13:00:00.0000000Z")
.remediationEta(RemediationEtaArgs.builder()
.eta("2022-01-08T13:00:00.0000000Z")
.justification("Justification of ETA")
.build())
.scope("subscriptions/c32e05d9-7207-4e22-bdf4-4f7d9c72e5fd/resourceGroups/compute_servers/providers/Microsoft.Compute/virtualMachines/win2012")
.build());
}
}Content copied to clipboard
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:security:GovernanceAssignment 6634ff9f-127b-4bf2-8e6e-b1737f5e789c /{scope}/providers/Microsoft.Security/assessments/{assessmentName}/governanceAssignments/{assignmentKey}Content copied to clipboard
Properties
Link copied to clipboard
The additional data for the governance assignment - e.g. links to ticket (optional), see example
Link copied to clipboard
The email notifications settings for the governance rule, states whether to disable notifications for mangers and owners
Link copied to clipboard
Defines whether there is a grace period on the governance assignment
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
The remediation due-date - after this date Secure Score will be affected (in case of active grace-period)
Link copied to clipboard
The ETA (estimated time of arrival) for remediation (optional), see example