Custom
Custom Recommendation Uses Azure REST API version 2024-08-01. In version 2.x of the Azure Native provider, it used API version 2024-08-01.
Example Usage
Create or update custom recommendation over management group scope
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var customRecommendation = new AzureNative.Security.CustomRecommendation("customRecommendation", new()
{
CloudProviders = new[]
{
AzureNative.Security.RecommendationSupportedClouds.AWS,
},
CustomRecommendationName = "33e7cc6e-a139-4723-a0e5-76993aee0771",
Description = "organization passwords policy",
DisplayName = "Password Policy",
Query = "RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')",
RemediationDescription = "Change password policy to...",
Scope = "providers/Microsoft.Management/managementGroups/contoso",
SecurityIssue = AzureNative.Security.SecurityIssue.Vulnerability,
Severity = AzureNative.Security.SeverityEnum.Medium,
});
});Content copied to clipboard
package main
import (
security "github.com/pulumi/pulumi-azure-native-sdk/security/v2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := security.NewCustomRecommendation(ctx, "customRecommendation", &security.CustomRecommendationArgs{
CloudProviders: pulumi.StringArray{
pulumi.String(security.RecommendationSupportedCloudsAWS),
},
CustomRecommendationName: pulumi.String("33e7cc6e-a139-4723-a0e5-76993aee0771"),
Description: pulumi.String("organization passwords policy"),
DisplayName: pulumi.String("Password Policy"),
Query: pulumi.String("RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')"),
RemediationDescription: pulumi.String("Change password policy to..."),
Scope: pulumi.String("providers/Microsoft.Management/managementGroups/contoso"),
SecurityIssue: pulumi.String(security.SecurityIssueVulnerability),
Severity: pulumi.String(security.SeverityEnumMedium),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.CustomRecommendation;
import com.pulumi.azurenative.security.CustomRecommendationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var customRecommendation = new CustomRecommendation("customRecommendation", CustomRecommendationArgs.builder()
.cloudProviders("AWS")
.customRecommendationName("33e7cc6e-a139-4723-a0e5-76993aee0771")
.description("organization passwords policy")
.displayName("Password Policy")
.query("RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')")
.remediationDescription("Change password policy to...")
.scope("providers/Microsoft.Management/managementGroups/contoso")
.securityIssue("Vulnerability")
.severity("Medium")
.build());
}
}Content copied to clipboard
Create or update custom recommendation over security connector scope
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var customRecommendation = new AzureNative.Security.CustomRecommendation("customRecommendation", new()
{
CloudProviders = new[]
{
AzureNative.Security.RecommendationSupportedClouds.AWS,
},
CustomRecommendationName = "33e7cc6e-a139-4723-a0e5-76993aee0771",
Description = "organization passwords policy",
DisplayName = "Password Policy",
Query = "RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')",
RemediationDescription = "Change password policy to...",
Scope = "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector",
SecurityIssue = AzureNative.Security.SecurityIssue.Vulnerability,
Severity = AzureNative.Security.SeverityEnum.Medium,
});
});Content copied to clipboard
package main
import (
security "github.com/pulumi/pulumi-azure-native-sdk/security/v2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := security.NewCustomRecommendation(ctx, "customRecommendation", &security.CustomRecommendationArgs{
CloudProviders: pulumi.StringArray{
pulumi.String(security.RecommendationSupportedCloudsAWS),
},
CustomRecommendationName: pulumi.String("33e7cc6e-a139-4723-a0e5-76993aee0771"),
Description: pulumi.String("organization passwords policy"),
DisplayName: pulumi.String("Password Policy"),
Query: pulumi.String("RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')"),
RemediationDescription: pulumi.String("Change password policy to..."),
Scope: pulumi.String("subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector"),
SecurityIssue: pulumi.String(security.SecurityIssueVulnerability),
Severity: pulumi.String(security.SeverityEnumMedium),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.CustomRecommendation;
import com.pulumi.azurenative.security.CustomRecommendationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var customRecommendation = new CustomRecommendation("customRecommendation", CustomRecommendationArgs.builder()
.cloudProviders("AWS")
.customRecommendationName("33e7cc6e-a139-4723-a0e5-76993aee0771")
.description("organization passwords policy")
.displayName("Password Policy")
.query("RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')")
.remediationDescription("Change password policy to...")
.scope("subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector")
.securityIssue("Vulnerability")
.severity("Medium")
.build());
}
}Content copied to clipboard
Create or update custom recommendation over subscription scope
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var customRecommendation = new AzureNative.Security.CustomRecommendation("customRecommendation", new()
{
CloudProviders = new[]
{
AzureNative.Security.RecommendationSupportedClouds.AWS,
},
CustomRecommendationName = "33e7cc6e-a139-4723-a0e5-76993aee0771",
Description = "organization passwords policy",
DisplayName = "Password Policy",
Query = "RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')",
RemediationDescription = "Change password policy to...",
Scope = "subscriptions/e5d1b86c-3051-44d5-8802-aa65d45a279b",
SecurityIssue = AzureNative.Security.SecurityIssue.Vulnerability,
Severity = AzureNative.Security.SeverityEnum.Medium,
});
});Content copied to clipboard
package main
import (
security "github.com/pulumi/pulumi-azure-native-sdk/security/v2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := security.NewCustomRecommendation(ctx, "customRecommendation", &security.CustomRecommendationArgs{
CloudProviders: pulumi.StringArray{
pulumi.String(security.RecommendationSupportedCloudsAWS),
},
CustomRecommendationName: pulumi.String("33e7cc6e-a139-4723-a0e5-76993aee0771"),
Description: pulumi.String("organization passwords policy"),
DisplayName: pulumi.String("Password Policy"),
Query: pulumi.String("RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')"),
RemediationDescription: pulumi.String("Change password policy to..."),
Scope: pulumi.String("subscriptions/e5d1b86c-3051-44d5-8802-aa65d45a279b"),
SecurityIssue: pulumi.String(security.SecurityIssueVulnerability),
Severity: pulumi.String(security.SeverityEnumMedium),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.CustomRecommendation;
import com.pulumi.azurenative.security.CustomRecommendationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var customRecommendation = new CustomRecommendation("customRecommendation", CustomRecommendationArgs.builder()
.cloudProviders("AWS")
.customRecommendationName("33e7cc6e-a139-4723-a0e5-76993aee0771")
.description("organization passwords policy")
.displayName("Password Policy")
.query("RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')")
.remediationDescription("Change password policy to...")
.scope("subscriptions/e5d1b86c-3051-44d5-8802-aa65d45a279b")
.securityIssue("Vulnerability")
.severity("Medium")
.build());
}
}Content copied to clipboard
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:security:CustomRecommendation 33e7cc6e-a139-4723-a0e5-76993aee0771 /{scope}/providers/Microsoft.Security/customRecommendations/{customRecommendationName}Content copied to clipboard
Properties
Link copied to clipboard
The assessment metadata key used when an assessment is generated for this Recommendation.
Link copied to clipboard
The Azure API version of the resource.
Link copied to clipboard
List of all standard supported clouds.
Link copied to clipboard
The description to relate to the assessments generated by this Recommendation.
Link copied to clipboard
The display name of the assessments generated by this Recommendation.
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
The remediation description to relate to the assessments generated by this Recommendation.
Link copied to clipboard
The severity to relate to the assessments generated by this Recommendation.
Link copied to clipboard
Azure Resource Manager metadata containing createdBy and modifiedBy information.