Custom
data class CustomRecommendationArgs(val cloudProviders: Output<List<Either<String, RecommendationSupportedClouds>>>? = null, val customRecommendationName: Output<String>? = null, val description: Output<String>? = null, val displayName: Output<String>? = null, val query: Output<String>? = null, val remediationDescription: Output<String>? = null, val scope: Output<String>? = null, val securityIssue: Output<Either<String, SecurityIssue>>? = null, val severity: Output<Either<String, SeverityEnum>>? = null) : ConvertibleToJava<CustomRecommendationArgs>
Custom Recommendation Uses Azure REST API version 2024-08-01. In version 2.x of the Azure Native provider, it used API version 2024-08-01.
Example Usage
Create or update custom recommendation over management group scope
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var customRecommendation = new AzureNative.Security.CustomRecommendation("customRecommendation", new()
{
CloudProviders = new[]
{
AzureNative.Security.RecommendationSupportedClouds.AWS,
},
CustomRecommendationName = "33e7cc6e-a139-4723-a0e5-76993aee0771",
Description = "organization passwords policy",
DisplayName = "Password Policy",
Query = "RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')",
RemediationDescription = "Change password policy to...",
Scope = "providers/Microsoft.Management/managementGroups/contoso",
SecurityIssue = AzureNative.Security.SecurityIssue.Vulnerability,
Severity = AzureNative.Security.SeverityEnum.Medium,
});
});Content copied to clipboard
package main
import (
security "github.com/pulumi/pulumi-azure-native-sdk/security/v3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := security.NewCustomRecommendation(ctx, "customRecommendation", &security.CustomRecommendationArgs{
CloudProviders: pulumi.StringArray{
pulumi.String(security.RecommendationSupportedCloudsAWS),
},
CustomRecommendationName: pulumi.String("33e7cc6e-a139-4723-a0e5-76993aee0771"),
Description: pulumi.String("organization passwords policy"),
DisplayName: pulumi.String("Password Policy"),
Query: pulumi.String("RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')"),
RemediationDescription: pulumi.String("Change password policy to..."),
Scope: pulumi.String("providers/Microsoft.Management/managementGroups/contoso"),
SecurityIssue: pulumi.String(security.SecurityIssueVulnerability),
Severity: pulumi.String(security.SeverityEnumMedium),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.CustomRecommendation;
import com.pulumi.azurenative.security.CustomRecommendationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var customRecommendation = new CustomRecommendation("customRecommendation", CustomRecommendationArgs.builder()
.cloudProviders("AWS")
.customRecommendationName("33e7cc6e-a139-4723-a0e5-76993aee0771")
.description("organization passwords policy")
.displayName("Password Policy")
.query("RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')")
.remediationDescription("Change password policy to...")
.scope("providers/Microsoft.Management/managementGroups/contoso")
.securityIssue("Vulnerability")
.severity("Medium")
.build());
}
}Content copied to clipboard
Create or update custom recommendation over security connector scope
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var customRecommendation = new AzureNative.Security.CustomRecommendation("customRecommendation", new()
{
CloudProviders = new[]
{
AzureNative.Security.RecommendationSupportedClouds.AWS,
},
CustomRecommendationName = "33e7cc6e-a139-4723-a0e5-76993aee0771",
Description = "organization passwords policy",
DisplayName = "Password Policy",
Query = "RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')",
RemediationDescription = "Change password policy to...",
Scope = "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector",
SecurityIssue = AzureNative.Security.SecurityIssue.Vulnerability,
Severity = AzureNative.Security.SeverityEnum.Medium,
});
});Content copied to clipboard
package main
import (
security "github.com/pulumi/pulumi-azure-native-sdk/security/v3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := security.NewCustomRecommendation(ctx, "customRecommendation", &security.CustomRecommendationArgs{
CloudProviders: pulumi.StringArray{
pulumi.String(security.RecommendationSupportedCloudsAWS),
},
CustomRecommendationName: pulumi.String("33e7cc6e-a139-4723-a0e5-76993aee0771"),
Description: pulumi.String("organization passwords policy"),
DisplayName: pulumi.String("Password Policy"),
Query: pulumi.String("RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')"),
RemediationDescription: pulumi.String("Change password policy to..."),
Scope: pulumi.String("subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector"),
SecurityIssue: pulumi.String(security.SecurityIssueVulnerability),
Severity: pulumi.String(security.SeverityEnumMedium),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.CustomRecommendation;
import com.pulumi.azurenative.security.CustomRecommendationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var customRecommendation = new CustomRecommendation("customRecommendation", CustomRecommendationArgs.builder()
.cloudProviders("AWS")
.customRecommendationName("33e7cc6e-a139-4723-a0e5-76993aee0771")
.description("organization passwords policy")
.displayName("Password Policy")
.query("RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')")
.remediationDescription("Change password policy to...")
.scope("subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector")
.securityIssue("Vulnerability")
.severity("Medium")
.build());
}
}Content copied to clipboard
Create or update custom recommendation over subscription scope
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var customRecommendation = new AzureNative.Security.CustomRecommendation("customRecommendation", new()
{
CloudProviders = new[]
{
AzureNative.Security.RecommendationSupportedClouds.AWS,
},
CustomRecommendationName = "33e7cc6e-a139-4723-a0e5-76993aee0771",
Description = "organization passwords policy",
DisplayName = "Password Policy",
Query = "RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')",
RemediationDescription = "Change password policy to...",
Scope = "subscriptions/e5d1b86c-3051-44d5-8802-aa65d45a279b",
SecurityIssue = AzureNative.Security.SecurityIssue.Vulnerability,
Severity = AzureNative.Security.SeverityEnum.Medium,
});
});Content copied to clipboard
package main
import (
security "github.com/pulumi/pulumi-azure-native-sdk/security/v3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := security.NewCustomRecommendation(ctx, "customRecommendation", &security.CustomRecommendationArgs{
CloudProviders: pulumi.StringArray{
pulumi.String(security.RecommendationSupportedCloudsAWS),
},
CustomRecommendationName: pulumi.String("33e7cc6e-a139-4723-a0e5-76993aee0771"),
Description: pulumi.String("organization passwords policy"),
DisplayName: pulumi.String("Password Policy"),
Query: pulumi.String("RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')"),
RemediationDescription: pulumi.String("Change password policy to..."),
Scope: pulumi.String("subscriptions/e5d1b86c-3051-44d5-8802-aa65d45a279b"),
SecurityIssue: pulumi.String(security.SecurityIssueVulnerability),
Severity: pulumi.String(security.SeverityEnumMedium),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.CustomRecommendation;
import com.pulumi.azurenative.security.CustomRecommendationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var customRecommendation = new CustomRecommendation("customRecommendation", CustomRecommendationArgs.builder()
.cloudProviders("AWS")
.customRecommendationName("33e7cc6e-a139-4723-a0e5-76993aee0771")
.description("organization passwords policy")
.displayName("Password Policy")
.query("RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')")
.remediationDescription("Change password policy to...")
.scope("subscriptions/e5d1b86c-3051-44d5-8802-aa65d45a279b")
.securityIssue("Vulnerability")
.severity("Medium")
.build());
}
}Content copied to clipboard
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:security:CustomRecommendation 33e7cc6e-a139-4723-a0e5-76993aee0771 /{scope}/providers/Microsoft.Security/customRecommendations/{customRecommendationName}Content copied to clipboard
Constructors
Link copied to clipboard
constructor(cloudProviders: Output<List<Either<String, RecommendationSupportedClouds>>>? = null, customRecommendationName: Output<String>? = null, description: Output<String>? = null, displayName: Output<String>? = null, query: Output<String>? = null, remediationDescription: Output<String>? = null, scope: Output<String>? = null, securityIssue: Output<Either<String, SecurityIssue>>? = null, severity: Output<Either<String, SeverityEnum>>? = null)
Properties
Link copied to clipboard
List of all standard supported clouds.
Link copied to clipboard
Name of the Custom Recommendation.
Link copied to clipboard
The description to relate to the assessments generated by this Recommendation.
Link copied to clipboard
The display name of the assessments generated by this Recommendation.
Link copied to clipboard
The remediation description to relate to the assessments generated by this Recommendation.
Link copied to clipboard
The scope of the custom recommendation. Valid scopes are: management group (format: 'providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: 'subscriptions/{subscriptionId}'), or security connector (format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName})'
Link copied to clipboard
The severity to relate to the assessments generated by this Recommendation.
Link copied to clipboard
The severity to relate to the assessments generated by this Recommendation.