pulumi-azure-native-kotlin/com.pulumi.azurenative.azurestackhci.kotlin.inputs/DeploymentSecuritySettingsArgs

DeploymentSecuritySettingsArgs

data class DeploymentSecuritySettingsArgs(val bitlockerBootVolume: Output<Boolean>? = null, val bitlockerDataVolumes: Output<Boolean>? = null, val credentialGuardEnforced: Output<Boolean>? = null, val driftControlEnforced: Output<Boolean>? = null, val drtmProtection: Output<Boolean>? = null, val hvciProtection: Output<Boolean>? = null, val sideChannelMitigationEnforced: Output<Boolean>? = null, val smbClusterEncryption: Output<Boolean>? = null, val smbSigningEnforced: Output<Boolean>? = null, val wdacEnforced: Output<Boolean>? = null) : ConvertibleToJava<DeploymentSecuritySettingsArgs>

The SecuritySettings of AzureStackHCI Cluster.

Constructors

Link copied to clipboard
constructor(bitlockerBootVolume: Output<Boolean>? = null, bitlockerDataVolumes: Output<Boolean>? = null, credentialGuardEnforced: Output<Boolean>? = null, driftControlEnforced: Output<Boolean>? = null, drtmProtection: Output<Boolean>? = null, hvciProtection: Output<Boolean>? = null, sideChannelMitigationEnforced: Output<Boolean>? = null, smbClusterEncryption: Output<Boolean>? = null, smbSigningEnforced: Output<Boolean>? = null, wdacEnforced: Output<Boolean>? = null)

Properties

Link copied to clipboard
val bitlockerBootVolume: Output<Boolean>? = null

When set to true, BitLocker XTS_AES 256-bit encryption is enabled for all data-at-rest on the OS volume of your Azure Stack HCI cluster. This setting is TPM-hardware dependent.

Link copied to clipboard
val bitlockerDataVolumes: Output<Boolean>? = null

When set to true, BitLocker XTS-AES 256-bit encryption is enabled for all data-at-rest on your Azure Stack HCI cluster shared volumes.

Link copied to clipboard
val credentialGuardEnforced: Output<Boolean>? = null

When set to true, Credential Guard is enabled.

Link copied to clipboard
val driftControlEnforced: Output<Boolean>? = null

When set to true, the security baseline is re-applied regularly.

Link copied to clipboard
val drtmProtection: Output<Boolean>? = null

By default, Secure Boot is enabled on your Azure HCI cluster. This setting is hardware dependent.

Link copied to clipboard
val hvciProtection: Output<Boolean>? = null

By default, Hypervisor-protected Code Integrity is enabled on your Azure HCI cluster.

Link copied to clipboard
val sideChannelMitigationEnforced: Output<Boolean>? = null

When set to true, all the side channel mitigations are enabled

Link copied to clipboard
val smbClusterEncryption: Output<Boolean>? = null

When set to true, cluster east-west traffic is encrypted.

Link copied to clipboard
val smbSigningEnforced: Output<Boolean>? = null

When set to true, the SMB default instance requires sign in for the client and server services.

Link copied to clipboard
val wdacEnforced: Output<Boolean>? = null

WDAC is enabled by default and limits the applications and the code that you can run on your Azure Stack HCI cluster.

Functions

Link copied to clipboard
open override fun toJava(): DeploymentSecuritySettingsArgs