pulumi-azure-kotlin/com.pulumi.azure.securitycenter.kotlin/AutomationArgs

AutomationArgs

data class AutomationArgs(val actions: Output<List<AutomationActionArgs>>? = null, val description: Output<String>? = null, val enabled: Output<Boolean>? = null, val location: Output<String>? = null, val name: Output<String>? = null, val resourceGroupName: Output<String>? = null, val scopes: Output<List<String>>? = null, val sources: Output<List<AutomationSourceArgs>>? = null, val tags: Output<Map<String, String>>? = null) : ConvertibleToJava<AutomationArgs>

Manages Security Center Automation and Continuous Export. This resource supports three types of destination in the action, Logic Apps, Log Analytics and Event Hubs

Example Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.eventhub.EventHubNamespace;
import com.pulumi.azure.eventhub.EventHubNamespaceArgs;
import com.pulumi.azure.eventhub.EventHub;
import com.pulumi.azure.eventhub.EventHubArgs;
import com.pulumi.azure.eventhub.AuthorizationRule;
import com.pulumi.azure.eventhub.AuthorizationRuleArgs;
import com.pulumi.azure.securitycenter.Automation;
import com.pulumi.azure.securitycenter.AutomationArgs;
import com.pulumi.azure.securitycenter.inputs.AutomationActionArgs;
import com.pulumi.azure.securitycenter.inputs.AutomationSourceArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var current = CoreFunctions.getClientConfig();
        var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
            .location("West Europe")
            .build());
        var exampleEventHubNamespace = new EventHubNamespace("exampleEventHubNamespace", EventHubNamespaceArgs.builder()
            .location(exampleResourceGroup.location())
            .resourceGroupName(exampleResourceGroup.name())
            .sku("Standard")
            .capacity(2)
            .build());
        var exampleEventHub = new EventHub("exampleEventHub", EventHubArgs.builder()
            .namespaceName(exampleEventHubNamespace.name())
            .resourceGroupName(exampleResourceGroup.name())
            .partitionCount(2)
            .messageRetention(2)
            .build());
        var exampleAuthorizationRule = new AuthorizationRule("exampleAuthorizationRule", AuthorizationRuleArgs.builder()
            .namespaceName(exampleEventHubNamespace.name())
            .eventhubName(exampleEventHub.name())
            .resourceGroupName(exampleResourceGroup.name())
            .listen(true)
            .send(false)
            .manage(false)
            .build());
        var exampleAutomation = new Automation("exampleAutomation", AutomationArgs.builder()
            .location(exampleResourceGroup.location())
            .resourceGroupName(exampleResourceGroup.name())
            .actions(AutomationActionArgs.builder()
                .type("EventHub")
                .resourceId(exampleEventHub.id())
                .connectionString(exampleAuthorizationRule.primaryConnectionString())
                .build())
            .sources(AutomationSourceArgs.builder()
                .eventSource("Alerts")
                .ruleSets(AutomationSourceRuleSetArgs.builder()
                    .rules(AutomationSourceRuleSetRuleArgs.builder()
                        .propertyPath("properties.metadata.severity")
                        .operator("Equals")
                        .expectedValue("High")
                        .propertyType("String")
                        .build())
                    .build())
                .build())
            .scopes(String.format("/subscriptions/%s", current.applyValue(getClientConfigResult -> getClientConfigResult.subscriptionId())))
            .build());
    }
}
Content copied to clipboard

Import

Security Center Automations can be imported using the resource id, e.g.

$ pulumi import azure:securitycenter/automation:Automation example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.Security/automations/automation1
Content copied to clipboard

Constructors

Link copied to clipboard
fun AutomationArgs(actions: Output<List<AutomationActionArgs>>? = null, description: Output<String>? = null, enabled: Output<Boolean>? = null, location: Output<String>? = null, name: Output<String>? = null, resourceGroupName: Output<String>? = null, scopes: Output<List<String>>? = null, sources: Output<List<AutomationSourceArgs>>? = null, tags: Output<Map<String, String>>? = null)

Functions

Link copied to clipboard
open override fun toJava(): AutomationArgs

Properties

Link copied to clipboard
val actions: Output<List<AutomationActionArgs>>? = null

One or more action blocks as defined below. An action tells this automation where the data is to be sent to upon being evaluated by the rules in the source.

Link copied to clipboard
val description: Output<String>? = null

Specifies the description for the Security Center Automation.

Link copied to clipboard
val enabled: Output<Boolean>? = null

Boolean to enable or disable this Security Center Automation. Defaults to true.

Link copied to clipboard
val location: Output<String>? = null

The Azure Region where the Security Center Automation should exist. Changing this forces a new Security Center Automation to be created.

Link copied to clipboard
val name: Output<String>? = null

The name which should be used for this Security Center Automation. Changing this forces a new Security Center Automation to be created.

Link copied to clipboard
val resourceGroupName: Output<String>? = null

The name of the Resource Group where the Security Center Automation should exist. Changing this forces a new Security Center Automation to be created.

Link copied to clipboard
val scopes: Output<List<String>>? = null

A list of scopes on which the automation logic is applied, at least one is required. Supported scopes are a subscription (in this format /subscriptions/00000000-0000-0000-0000-000000000000) or a resource group under that subscription (in the format /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/example). The automation will only apply on defined scopes.

Link copied to clipboard
val sources: Output<List<AutomationSourceArgs>>? = null

One or more source blocks as defined below. A source defines what data types will be processed and a set of rules to filter that data.

Link copied to clipboard
val tags: Output<Map<String, String>>? = null

A mapping of tags assigned to the resource.