azure-native.security.AdaptiveApplicationControl
API Version: 2020-01-01.
Example Usage
Update an application control machine group by adding a new application
using System.Collections.Generic;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var adaptiveApplicationControl = new AzureNative.Security.AdaptiveApplicationControl("adaptiveApplicationControl", new()
{
AscLocation = "centralus",
EnforcementMode = "Audit",
GroupName = "ERELGROUP1",
PathRecommendations = new[]
{
new AzureNative.Security.Inputs.PathRecommendationArgs
{
Action = "Recommended",
Common = true,
ConfigurationStatus = "Configured",
FileType = "Exe",
Path = "[Exe] O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\\*\\*\\0.0.0.0",
PublisherInfo = new AzureNative.Security.Inputs.PublisherInfoArgs
{
BinaryName = "*",
ProductName = "*",
PublisherName = "O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US",
Version = "0.0.0.0",
},
Type = "PublisherSignature",
UserSids = new[]
{
"S-1-1-0",
},
Usernames = new[]
{
new AzureNative.Security.Inputs.UserRecommendationArgs
{
RecommendationAction = "Recommended",
Username = "Everyone",
},
},
},
new AzureNative.Security.Inputs.PathRecommendationArgs
{
Action = "Recommended",
Common = true,
ConfigurationStatus = "Configured",
FileType = "Exe",
Path = "%OSDRIVE%\\WINDOWSAZURE\\SECAGENT\\WASECAGENTPROV.EXE",
PublisherInfo = new AzureNative.Security.Inputs.PublisherInfoArgs
{
BinaryName = "*",
ProductName = "MICROSOFT® COREXT",
PublisherName = "CN=MICROSOFT AZURE DEPENDENCY CODE SIGN",
Version = "0.0.0.0",
},
Type = "ProductSignature",
UserSids = new[]
{
"S-1-1-0",
},
Usernames = new[]
{
new AzureNative.Security.Inputs.UserRecommendationArgs
{
RecommendationAction = "Recommended",
Username = "NT AUTHORITY\\SYSTEM",
},
},
},
new AzureNative.Security.Inputs.PathRecommendationArgs
{
Action = "Recommended",
Common = true,
ConfigurationStatus = "Configured",
FileType = "Exe",
Path = "%OSDRIVE%\\WINDOWSAZURE\\PACKAGES_201973_7415\\COLLECTGUESTLOGS.EXE",
PublisherInfo = new AzureNative.Security.Inputs.PublisherInfoArgs
{
BinaryName = "*",
ProductName = "*",
PublisherName = "CN=MICROSOFT AZURE DEPENDENCY CODE SIGN",
Version = "0.0.0.0",
},
Type = "PublisherSignature",
UserSids = new[]
{
"S-1-1-0",
},
Usernames = new[]
{
new AzureNative.Security.Inputs.UserRecommendationArgs
{
RecommendationAction = "Recommended",
Username = "NT AUTHORITY\\SYSTEM",
},
},
},
new AzureNative.Security.Inputs.PathRecommendationArgs
{
Action = "Add",
Common = true,
Path = "C:\\directory\\file.exe",
Type = "File",
},
},
ProtectionMode = new AzureNative.Security.Inputs.ProtectionModeArgs
{
Exe = "Audit",
Msi = "None",
Script = "None",
},
VmRecommendations = new[]
{
new AzureNative.Security.Inputs.VmRecommendationArgs
{
ConfigurationStatus = "Configured",
EnforcementSupport = "Supported",
RecommendationAction = "Recommended",
ResourceId = "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/erelh-stable/providers/microsoft.compute/virtualmachines/erelh-16090",
},
new AzureNative.Security.Inputs.VmRecommendationArgs
{
ConfigurationStatus = "Configured",
EnforcementSupport = "Supported",
RecommendationAction = "Recommended",
ResourceId = "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/matanvs/providers/microsoft.compute/virtualmachines/matanvs19",
},
},
});
});
package main
import (
"fmt"
security "github.com/pulumi/pulumi-azure-native/sdk/go/azure/security"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := security.NewAdaptiveApplicationControl(ctx, "adaptiveApplicationControl", &security.AdaptiveApplicationControlArgs{
AscLocation: pulumi.String("centralus"),
EnforcementMode: pulumi.String("Audit"),
GroupName: pulumi.String("ERELGROUP1"),
PathRecommendations: []security.PathRecommendationArgs{
{
Action: pulumi.String("Recommended"),
Common: pulumi.Bool(true),
ConfigurationStatus: pulumi.String("Configured"),
FileType: pulumi.String("Exe"),
Path: pulumi.String("[Exe] O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\\*\\*\\0.0.0.0"),
PublisherInfo: {
BinaryName: pulumi.String("*"),
ProductName: pulumi.String("*"),
PublisherName: pulumi.String("O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US"),
Version: pulumi.String("0.0.0.0"),
},
Type: pulumi.String("PublisherSignature"),
UserSids: pulumi.StringArray{
pulumi.String("S-1-1-0"),
},
Usernames: security.UserRecommendationArray{
{
RecommendationAction: pulumi.String("Recommended"),
Username: pulumi.String("Everyone"),
},
},
},
{
Action: pulumi.String("Recommended"),
Common: pulumi.Bool(true),
ConfigurationStatus: pulumi.String("Configured"),
FileType: pulumi.String("Exe"),
Path: pulumi.String(fmt.Sprintf("%vOSDRIVE%v\\WINDOWSAZURE\\SECAGENT\\WASECAGENTPROV.EXE", "%", "%")),
PublisherInfo: {
BinaryName: pulumi.String("*"),
ProductName: pulumi.String("MICROSOFT® COREXT"),
PublisherName: pulumi.String("CN=MICROSOFT AZURE DEPENDENCY CODE SIGN"),
Version: pulumi.String("0.0.0.0"),
},
Type: pulumi.String("ProductSignature"),
UserSids: pulumi.StringArray{
pulumi.String("S-1-1-0"),
},
Usernames: security.UserRecommendationArray{
{
RecommendationAction: pulumi.String("Recommended"),
Username: pulumi.String("NT AUTHORITY\\SYSTEM"),
},
},
},
{
Action: pulumi.String("Recommended"),
Common: pulumi.Bool(true),
ConfigurationStatus: pulumi.String("Configured"),
FileType: pulumi.String("Exe"),
Path: pulumi.String(fmt.Sprintf("%vOSDRIVE%v\\WINDOWSAZURE\\PACKAGES_201973_7415\\COLLECTGUESTLOGS.EXE", "%", "%")),
PublisherInfo: {
BinaryName: pulumi.String("*"),
ProductName: pulumi.String("*"),
PublisherName: pulumi.String("CN=MICROSOFT AZURE DEPENDENCY CODE SIGN"),
Version: pulumi.String("0.0.0.0"),
},
Type: pulumi.String("PublisherSignature"),
UserSids: pulumi.StringArray{
pulumi.String("S-1-1-0"),
},
Usernames: security.UserRecommendationArray{
{
RecommendationAction: pulumi.String("Recommended"),
Username: pulumi.String("NT AUTHORITY\\SYSTEM"),
},
},
},
{
Action: pulumi.String("Add"),
Common: pulumi.Bool(true),
Path: pulumi.String("C:\\directory\\file.exe"),
Type: pulumi.String("File"),
},
},
ProtectionMode: &security.ProtectionModeArgs{
Exe: pulumi.String("Audit"),
Msi: pulumi.String("None"),
Script: pulumi.String("None"),
},
VmRecommendations: []security.VmRecommendationArgs{
{
ConfigurationStatus: pulumi.String("Configured"),
EnforcementSupport: pulumi.String("Supported"),
RecommendationAction: pulumi.String("Recommended"),
ResourceId: pulumi.String("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/erelh-stable/providers/microsoft.compute/virtualmachines/erelh-16090"),
},
{
ConfigurationStatus: pulumi.String("Configured"),
EnforcementSupport: pulumi.String("Supported"),
RecommendationAction: pulumi.String("Recommended"),
ResourceId: pulumi.String("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/matanvs/providers/microsoft.compute/virtualmachines/matanvs19"),
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.AdaptiveApplicationControl;
import com.pulumi.azurenative.security.AdaptiveApplicationControlArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var adaptiveApplicationControl = new AdaptiveApplicationControl("adaptiveApplicationControl", AdaptiveApplicationControlArgs.builder()
.ascLocation("centralus")
.enforcementMode("Audit")
.groupName("ERELGROUP1")
.pathRecommendations(
Map.ofEntries(
Map.entry("action", "Recommended"),
Map.entry("common", true),
Map.entry("configurationStatus", "Configured"),
Map.entry("fileType", "Exe"),
Map.entry("path", "[Exe] O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\\*\\*\\0.0.0.0"),
Map.entry("publisherInfo", Map.ofEntries(
Map.entry("binaryName", "*"),
Map.entry("productName", "*"),
Map.entry("publisherName", "O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US"),
Map.entry("version", "0.0.0.0")
)),
Map.entry("type", "PublisherSignature"),
Map.entry("userSids", "S-1-1-0"),
Map.entry("usernames", Map.ofEntries(
Map.entry("recommendationAction", "Recommended"),
Map.entry("username", "Everyone")
))
),
Map.ofEntries(
Map.entry("action", "Recommended"),
Map.entry("common", true),
Map.entry("configurationStatus", "Configured"),
Map.entry("fileType", "Exe"),
Map.entry("path", "%OSDRIVE%\\WINDOWSAZURE\\SECAGENT\\WASECAGENTPROV.EXE"),
Map.entry("publisherInfo", Map.ofEntries(
Map.entry("binaryName", "*"),
Map.entry("productName", "MICROSOFT® COREXT"),
Map.entry("publisherName", "CN=MICROSOFT AZURE DEPENDENCY CODE SIGN"),
Map.entry("version", "0.0.0.0")
)),
Map.entry("type", "ProductSignature"),
Map.entry("userSids", "S-1-1-0"),
Map.entry("usernames", Map.ofEntries(
Map.entry("recommendationAction", "Recommended"),
Map.entry("username", "NT AUTHORITY\\SYSTEM")
))
),
Map.ofEntries(
Map.entry("action", "Recommended"),
Map.entry("common", true),
Map.entry("configurationStatus", "Configured"),
Map.entry("fileType", "Exe"),
Map.entry("path", "%OSDRIVE%\\WINDOWSAZURE\\PACKAGES_201973_7415\\COLLECTGUESTLOGS.EXE"),
Map.entry("publisherInfo", Map.ofEntries(
Map.entry("binaryName", "*"),
Map.entry("productName", "*"),
Map.entry("publisherName", "CN=MICROSOFT AZURE DEPENDENCY CODE SIGN"),
Map.entry("version", "0.0.0.0")
)),
Map.entry("type", "PublisherSignature"),
Map.entry("userSids", "S-1-1-0"),
Map.entry("usernames", Map.ofEntries(
Map.entry("recommendationAction", "Recommended"),
Map.entry("username", "NT AUTHORITY\\SYSTEM")
))
),
Map.ofEntries(
Map.entry("action", "Add"),
Map.entry("common", true),
Map.entry("path", "C:\\directory\\file.exe"),
Map.entry("type", "File")
))
.protectionMode(Map.ofEntries(
Map.entry("exe", "Audit"),
Map.entry("msi", "None"),
Map.entry("script", "None")
))
.vmRecommendations(
Map.ofEntries(
Map.entry("configurationStatus", "Configured"),
Map.entry("enforcementSupport", "Supported"),
Map.entry("recommendationAction", "Recommended"),
Map.entry("resourceId", "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/erelh-stable/providers/microsoft.compute/virtualmachines/erelh-16090")
),
Map.ofEntries(
Map.entry("configurationStatus", "Configured"),
Map.entry("enforcementSupport", "Supported"),
Map.entry("recommendationAction", "Recommended"),
Map.entry("resourceId", "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/matanvs/providers/microsoft.compute/virtualmachines/matanvs19")
))
.build());
}
}
import pulumi
import pulumi_azure_native as azure_native
adaptive_application_control = azure_native.security.AdaptiveApplicationControl("adaptiveApplicationControl",
asc_location="centralus",
enforcement_mode="Audit",
group_name="ERELGROUP1",
path_recommendations=[
{
"action": "Recommended",
"common": True,
"configurationStatus": "Configured",
"fileType": "Exe",
"path": "[Exe] O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\\*\\*\\0.0.0.0",
"publisherInfo": azure_native.security.PublisherInfoArgs(
binary_name="*",
product_name="*",
publisher_name="O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US",
version="0.0.0.0",
),
"type": "PublisherSignature",
"userSids": ["S-1-1-0"],
"usernames": [azure_native.security.UserRecommendationArgs(
recommendation_action="Recommended",
username="Everyone",
)],
},
{
"action": "Recommended",
"common": True,
"configurationStatus": "Configured",
"fileType": "Exe",
"path": "%OSDRIVE%\\WINDOWSAZURE\\SECAGENT\\WASECAGENTPROV.EXE",
"publisherInfo": azure_native.security.PublisherInfoArgs(
binary_name="*",
product_name="MICROSOFT® COREXT",
publisher_name="CN=MICROSOFT AZURE DEPENDENCY CODE SIGN",
version="0.0.0.0",
),
"type": "ProductSignature",
"userSids": ["S-1-1-0"],
"usernames": [azure_native.security.UserRecommendationArgs(
recommendation_action="Recommended",
username="NT AUTHORITY\\SYSTEM",
)],
},
{
"action": "Recommended",
"common": True,
"configurationStatus": "Configured",
"fileType": "Exe",
"path": "%OSDRIVE%\\WINDOWSAZURE\\PACKAGES_201973_7415\\COLLECTGUESTLOGS.EXE",
"publisherInfo": azure_native.security.PublisherInfoArgs(
binary_name="*",
product_name="*",
publisher_name="CN=MICROSOFT AZURE DEPENDENCY CODE SIGN",
version="0.0.0.0",
),
"type": "PublisherSignature",
"userSids": ["S-1-1-0"],
"usernames": [azure_native.security.UserRecommendationArgs(
recommendation_action="Recommended",
username="NT AUTHORITY\\SYSTEM",
)],
},
azure_native.security.PathRecommendationArgs(
action="Add",
common=True,
path="C:\\directory\\file.exe",
type="File",
),
],
protection_mode=azure_native.security.ProtectionModeArgs(
exe="Audit",
msi="None",
script="None",
),
vm_recommendations=[
azure_native.security.VmRecommendationArgs(
configuration_status="Configured",
enforcement_support="Supported",
recommendation_action="Recommended",
resource_id="/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/erelh-stable/providers/microsoft.compute/virtualmachines/erelh-16090",
),
azure_native.security.VmRecommendationArgs(
configuration_status="Configured",
enforcement_support="Supported",
recommendation_action="Recommended",
resource_id="/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/matanvs/providers/microsoft.compute/virtualmachines/matanvs19",
),
])
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const adaptiveApplicationControl = new azure_native.security.AdaptiveApplicationControl("adaptiveApplicationControl", {
ascLocation: "centralus",
enforcementMode: "Audit",
groupName: "ERELGROUP1",
pathRecommendations: [
{
action: "Recommended",
common: true,
configurationStatus: "Configured",
fileType: "Exe",
path: "[Exe] O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\\*\\*\\0.0.0.0",
publisherInfo: {
binaryName: "*",
productName: "*",
publisherName: "O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US",
version: "0.0.0.0",
},
type: "PublisherSignature",
userSids: ["S-1-1-0"],
usernames: [{
recommendationAction: "Recommended",
username: "Everyone",
}],
},
{
action: "Recommended",
common: true,
configurationStatus: "Configured",
fileType: "Exe",
path: `%OSDRIVE%\WINDOWSAZURE\SECAGENT\WASECAGENTPROV.EXE`,
publisherInfo: {
binaryName: "*",
productName: "MICROSOFT® COREXT",
publisherName: "CN=MICROSOFT AZURE DEPENDENCY CODE SIGN",
version: "0.0.0.0",
},
type: "ProductSignature",
userSids: ["S-1-1-0"],
usernames: [{
recommendationAction: "Recommended",
username: "NT AUTHORITY\\SYSTEM",
}],
},
{
action: "Recommended",
common: true,
configurationStatus: "Configured",
fileType: "Exe",
path: `%OSDRIVE%\WINDOWSAZURE\PACKAGES_201973_7415\COLLECTGUESTLOGS.EXE`,
publisherInfo: {
binaryName: "*",
productName: "*",
publisherName: "CN=MICROSOFT AZURE DEPENDENCY CODE SIGN",
version: "0.0.0.0",
},
type: "PublisherSignature",
userSids: ["S-1-1-0"],
usernames: [{
recommendationAction: "Recommended",
username: "NT AUTHORITY\\SYSTEM",
}],
},
{
action: "Add",
common: true,
path: "C:\\directory\\file.exe",
type: "File",
},
],
protectionMode: {
exe: "Audit",
msi: "None",
script: "None",
},
vmRecommendations: [
{
configurationStatus: "Configured",
enforcementSupport: "Supported",
recommendationAction: "Recommended",
resourceId: "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/erelh-stable/providers/microsoft.compute/virtualmachines/erelh-16090",
},
{
configurationStatus: "Configured",
enforcementSupport: "Supported",
recommendationAction: "Recommended",
resourceId: "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/matanvs/providers/microsoft.compute/virtualmachines/matanvs19",
},
],
});
resources:
adaptiveApplicationControl:
type: azure-native:security:AdaptiveApplicationControl
properties:
ascLocation: centralus
enforcementMode: Audit
groupName: ERELGROUP1
pathRecommendations:
- action: Recommended
common: true
configurationStatus: Configured
fileType: Exe
path: '[Exe] O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\*\*\0.0.0.0'
publisherInfo:
binaryName: '*'
productName: '*'
publisherName: O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US
version: 0.0.0.0
type: PublisherSignature
userSids:
- S-1-1-0
usernames:
- recommendationAction: Recommended
username: Everyone
- action: Recommended
common: true
configurationStatus: Configured
fileType: Exe
path: '%OSDRIVE%\WINDOWSAZURE\SECAGENT\WASECAGENTPROV.EXE'
publisherInfo:
binaryName: '*'
productName: MICROSOFT® COREXT
publisherName: CN=MICROSOFT AZURE DEPENDENCY CODE SIGN
version: 0.0.0.0
type: ProductSignature
userSids:
- S-1-1-0
usernames:
- recommendationAction: Recommended
username: NT AUTHORITY\SYSTEM
- action: Recommended
common: true
configurationStatus: Configured
fileType: Exe
path: '%OSDRIVE%\WINDOWSAZURE\PACKAGES_201973_7415\COLLECTGUESTLOGS.EXE'
publisherInfo:
binaryName: '*'
productName: '*'
publisherName: CN=MICROSOFT AZURE DEPENDENCY CODE SIGN
version: 0.0.0.0
type: PublisherSignature
userSids:
- S-1-1-0
usernames:
- recommendationAction: Recommended
username: NT AUTHORITY\SYSTEM
- action: Add
common: true
path: C:\directory\file.exe
type: File
protectionMode:
exe: Audit
msi: None
script: None
vmRecommendations:
- configurationStatus: Configured
enforcementSupport: Supported
recommendationAction: Recommended
resourceId: /subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/erelh-stable/providers/microsoft.compute/virtualmachines/erelh-16090
- configurationStatus: Configured
enforcementSupport: Supported
recommendationAction: Recommended
resourceId: /subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/matanvs/providers/microsoft.compute/virtualmachines/matanvs19
Create AdaptiveApplicationControl Resource
new AdaptiveApplicationControl(name: string, args: AdaptiveApplicationControlArgs, opts?: CustomResourceOptions);@overload
def AdaptiveApplicationControl(resource_name: str,
opts: Optional[ResourceOptions] = None,
asc_location: Optional[str] = None,
enforcement_mode: Optional[str] = None,
group_name: Optional[str] = None,
path_recommendations: Optional[Sequence[PathRecommendationArgs]] = None,
protection_mode: Optional[ProtectionModeArgs] = None,
vm_recommendations: Optional[Sequence[VmRecommendationArgs]] = None)
@overload
def AdaptiveApplicationControl(resource_name: str,
args: AdaptiveApplicationControlArgs,
opts: Optional[ResourceOptions] = None)func NewAdaptiveApplicationControl(ctx *Context, name string, args AdaptiveApplicationControlArgs, opts ...ResourceOption) (*AdaptiveApplicationControl, error)public AdaptiveApplicationControl(string name, AdaptiveApplicationControlArgs args, CustomResourceOptions? opts = null)
public AdaptiveApplicationControl(String name, AdaptiveApplicationControlArgs args)
public AdaptiveApplicationControl(String name, AdaptiveApplicationControlArgs args, CustomResourceOptions options)
type: azure-native:security:AdaptiveApplicationControl
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AdaptiveApplicationControlArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AdaptiveApplicationControlArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AdaptiveApplicationControlArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AdaptiveApplicationControlArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AdaptiveApplicationControlArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
AdaptiveApplicationControl Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The AdaptiveApplicationControl resource accepts the following input properties:
- Asc
Location string The location where ASC stores the data of the subscription. can be retrieved from Get locations
- Enforcement
Mode string The application control policy enforcement/protection mode of the machine group
- Group
Name string Name of an application control machine group
- Path
Recommendations List<Pulumi.Azure Native. Security. Inputs. Path Recommendation Args> - Protection
Mode Pulumi.Azure Native. Security. Inputs. Protection Mode Args The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux.
- Vm
Recommendations List<Pulumi.Azure Native. Security. Inputs. Vm Recommendation Args>
- Asc
Location string The location where ASC stores the data of the subscription. can be retrieved from Get locations
- Enforcement
Mode string The application control policy enforcement/protection mode of the machine group
- Group
Name string Name of an application control machine group
- Path
Recommendations []PathRecommendation Args - Protection
Mode ProtectionMode Args The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux.
- Vm
Recommendations []VmRecommendation Args
- asc
Location String The location where ASC stores the data of the subscription. can be retrieved from Get locations
- enforcement
Mode String The application control policy enforcement/protection mode of the machine group
- group
Name String Name of an application control machine group
- path
Recommendations List<PathRecommendation Args> - protection
Mode ProtectionMode Args The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux.
- vm
Recommendations List<VmRecommendation Args>
- asc
Location string The location where ASC stores the data of the subscription. can be retrieved from Get locations
- enforcement
Mode string The application control policy enforcement/protection mode of the machine group
- group
Name string Name of an application control machine group
- path
Recommendations PathRecommendation Args[] - protection
Mode ProtectionMode Args The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux.
- vm
Recommendations VmRecommendation Args[]
- asc_
location str The location where ASC stores the data of the subscription. can be retrieved from Get locations
- enforcement_
mode str The application control policy enforcement/protection mode of the machine group
- group_
name str Name of an application control machine group
- path_
recommendations Sequence[PathRecommendation Args] - protection_
mode ProtectionMode Args The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux.
- vm_
recommendations Sequence[VmRecommendation Args]
- asc
Location String The location where ASC stores the data of the subscription. can be retrieved from Get locations
- enforcement
Mode String The application control policy enforcement/protection mode of the machine group
- group
Name String Name of an application control machine group
- path
Recommendations List<Property Map> - protection
Mode Property Map The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux.
- vm
Recommendations List<Property Map>
Outputs
All input properties are implicitly available as output properties. Additionally, the AdaptiveApplicationControl resource produces the following output properties:
- Configuration
Status string The configuration status of the machines group or machine or rule
- Id string
The provider-assigned unique ID for this managed resource.
- Issues
List<Pulumi.
Azure Native. Security. Outputs. Adaptive Application Control Issue Summary Response> - Location string
Location where the resource is stored
- Name string
Resource name
- Recommendation
Status string The initial recommendation status of the machine group or machine
- Source
System string The source type of the machine group
- Type string
Resource type
- Configuration
Status string The configuration status of the machines group or machine or rule
- Id string
The provider-assigned unique ID for this managed resource.
- Issues
[]Adaptive
Application Control Issue Summary Response - Location string
Location where the resource is stored
- Name string
Resource name
- Recommendation
Status string The initial recommendation status of the machine group or machine
- Source
System string The source type of the machine group
- Type string
Resource type
- configuration
Status String The configuration status of the machines group or machine or rule
- id String
The provider-assigned unique ID for this managed resource.
- issues
List<Adaptive
Application Control Issue Summary Response> - location String
Location where the resource is stored
- name String
Resource name
- recommendation
Status String The initial recommendation status of the machine group or machine
- source
System String The source type of the machine group
- type String
Resource type
- configuration
Status string The configuration status of the machines group or machine or rule
- id string
The provider-assigned unique ID for this managed resource.
- issues
Adaptive
Application Control Issue Summary Response[] - location string
Location where the resource is stored
- name string
Resource name
- recommendation
Status string The initial recommendation status of the machine group or machine
- source
System string The source type of the machine group
- type string
Resource type
- configuration_
status str The configuration status of the machines group or machine or rule
- id str
The provider-assigned unique ID for this managed resource.
- issues
Sequence[Adaptive
Application Control Issue Summary Response] - location str
Location where the resource is stored
- name str
Resource name
- recommendation_
status str The initial recommendation status of the machine group or machine
- source_
system str The source type of the machine group
- type str
Resource type
- configuration
Status String The configuration status of the machines group or machine or rule
- id String
The provider-assigned unique ID for this managed resource.
- issues List<Property Map>
- location String
Location where the resource is stored
- name String
Resource name
- recommendation
Status String The initial recommendation status of the machine group or machine
- source
System String The source type of the machine group
- type String
Resource type
Supporting Types
AdaptiveApplicationControlIssueSummaryResponse
- Issue string
An alert that machines within a group can have
- Number
Of doubleVms The number of machines in the group that have this alert
- Issue string
An alert that machines within a group can have
- Number
Of float64Vms The number of machines in the group that have this alert
- issue String
An alert that machines within a group can have
- number
Of DoubleVms The number of machines in the group that have this alert
- issue string
An alert that machines within a group can have
- number
Of numberVms The number of machines in the group that have this alert
- issue str
An alert that machines within a group can have
- number_
of_ floatvms The number of machines in the group that have this alert
- issue String
An alert that machines within a group can have
- number
Of NumberVms The number of machines in the group that have this alert
PathRecommendation
- Action string
The recommendation action of the machine or rule
- Common bool
Whether the application is commonly run on the machine
- Configuration
Status string The configuration status of the machines group or machine or rule
- File
Type string The type of the file (for Linux files - Executable is used)
- Path string
The full path of the file, or an identifier of the application
- Publisher
Info Pulumi.Azure Native. Security. Inputs. Publisher Info Represents the publisher information of a process/rule
- Type string
The type of the rule to be allowed
- User
Sids List<string> - Usernames
List<Pulumi.
Azure Native. Security. Inputs. User Recommendation>
- Action string
The recommendation action of the machine or rule
- Common bool
Whether the application is commonly run on the machine
- Configuration
Status string The configuration status of the machines group or machine or rule
- File
Type string The type of the file (for Linux files - Executable is used)
- Path string
The full path of the file, or an identifier of the application
- Publisher
Info PublisherInfo Represents the publisher information of a process/rule
- Type string
The type of the rule to be allowed
- User
Sids []string - Usernames
[]User
Recommendation
- action String
The recommendation action of the machine or rule
- common Boolean
Whether the application is commonly run on the machine
- configuration
Status String The configuration status of the machines group or machine or rule
- file
Type String The type of the file (for Linux files - Executable is used)
- path String
The full path of the file, or an identifier of the application
- publisher
Info PublisherInfo Represents the publisher information of a process/rule
- type String
The type of the rule to be allowed
- user
Sids List<String> - usernames
List<User
Recommendation>
- action string
The recommendation action of the machine or rule
- common boolean
Whether the application is commonly run on the machine
- configuration
Status string The configuration status of the machines group or machine or rule
- file
Type string The type of the file (for Linux files - Executable is used)
- path string
The full path of the file, or an identifier of the application
- publisher
Info PublisherInfo Represents the publisher information of a process/rule
- type string
The type of the rule to be allowed
- user
Sids string[] - usernames
User
Recommendation[]
- action str
The recommendation action of the machine or rule
- common bool
Whether the application is commonly run on the machine
- configuration_
status str The configuration status of the machines group or machine or rule
- file_
type str The type of the file (for Linux files - Executable is used)
- path str
The full path of the file, or an identifier of the application
- publisher_
info PublisherInfo Represents the publisher information of a process/rule
- type str
The type of the rule to be allowed
- user_
sids Sequence[str] - usernames
Sequence[User
Recommendation]
- action String
The recommendation action of the machine or rule
- common Boolean
Whether the application is commonly run on the machine
- configuration
Status String The configuration status of the machines group or machine or rule
- file
Type String The type of the file (for Linux files - Executable is used)
- path String
The full path of the file, or an identifier of the application
- publisher
Info Property Map Represents the publisher information of a process/rule
- type String
The type of the rule to be allowed
- user
Sids List<String> - usernames List<Property Map>
PathRecommendationResponse
- Action string
The recommendation action of the machine or rule
- Common bool
Whether the application is commonly run on the machine
- Configuration
Status string The configuration status of the machines group or machine or rule
- File
Type string The type of the file (for Linux files - Executable is used)
- Path string
The full path of the file, or an identifier of the application
- Publisher
Info Pulumi.Azure Native. Security. Inputs. Publisher Info Response Represents the publisher information of a process/rule
- Type string
The type of the rule to be allowed
- User
Sids List<string> - Usernames
List<Pulumi.
Azure Native. Security. Inputs. User Recommendation Response>
- Action string
The recommendation action of the machine or rule
- Common bool
Whether the application is commonly run on the machine
- Configuration
Status string The configuration status of the machines group or machine or rule
- File
Type string The type of the file (for Linux files - Executable is used)
- Path string
The full path of the file, or an identifier of the application
- Publisher
Info PublisherInfo Response Represents the publisher information of a process/rule
- Type string
The type of the rule to be allowed
- User
Sids []string - Usernames
[]User
Recommendation Response
- action String
The recommendation action of the machine or rule
- common Boolean
Whether the application is commonly run on the machine
- configuration
Status String The configuration status of the machines group or machine or rule
- file
Type String The type of the file (for Linux files - Executable is used)
- path String
The full path of the file, or an identifier of the application
- publisher
Info PublisherInfo Response Represents the publisher information of a process/rule
- type String
The type of the rule to be allowed
- user
Sids List<String> - usernames
List<User
Recommendation Response>
- action string
The recommendation action of the machine or rule
- common boolean
Whether the application is commonly run on the machine
- configuration
Status string The configuration status of the machines group or machine or rule
- file
Type string The type of the file (for Linux files - Executable is used)
- path string
The full path of the file, or an identifier of the application
- publisher
Info PublisherInfo Response Represents the publisher information of a process/rule
- type string
The type of the rule to be allowed
- user
Sids string[] - usernames
User
Recommendation Response[]
- action str
The recommendation action of the machine or rule
- common bool
Whether the application is commonly run on the machine
- configuration_
status str The configuration status of the machines group or machine or rule
- file_
type str The type of the file (for Linux files - Executable is used)
- path str
The full path of the file, or an identifier of the application
- publisher_
info PublisherInfo Response Represents the publisher information of a process/rule
- type str
The type of the rule to be allowed
- user_
sids Sequence[str] - usernames
Sequence[User
Recommendation Response]
- action String
The recommendation action of the machine or rule
- common Boolean
Whether the application is commonly run on the machine
- configuration
Status String The configuration status of the machines group or machine or rule
- file
Type String The type of the file (for Linux files - Executable is used)
- path String
The full path of the file, or an identifier of the application
- publisher
Info Property Map Represents the publisher information of a process/rule
- type String
The type of the rule to be allowed
- user
Sids List<String> - usernames List<Property Map>
ProtectionMode
- Exe string
The application control policy enforcement/protection mode of the machine group
- Executable string
The application control policy enforcement/protection mode of the machine group
- Msi string
The application control policy enforcement/protection mode of the machine group
- Script string
The application control policy enforcement/protection mode of the machine group
- Exe string
The application control policy enforcement/protection mode of the machine group
- Executable string
The application control policy enforcement/protection mode of the machine group
- Msi string
The application control policy enforcement/protection mode of the machine group
- Script string
The application control policy enforcement/protection mode of the machine group
- exe String
The application control policy enforcement/protection mode of the machine group
- executable String
The application control policy enforcement/protection mode of the machine group
- msi String
The application control policy enforcement/protection mode of the machine group
- script String
The application control policy enforcement/protection mode of the machine group
- exe string
The application control policy enforcement/protection mode of the machine group
- executable string
The application control policy enforcement/protection mode of the machine group
- msi string
The application control policy enforcement/protection mode of the machine group
- script string
The application control policy enforcement/protection mode of the machine group
- exe str
The application control policy enforcement/protection mode of the machine group
- executable str
The application control policy enforcement/protection mode of the machine group
- msi str
The application control policy enforcement/protection mode of the machine group
- script str
The application control policy enforcement/protection mode of the machine group
- exe String
The application control policy enforcement/protection mode of the machine group
- executable String
The application control policy enforcement/protection mode of the machine group
- msi String
The application control policy enforcement/protection mode of the machine group
- script String
The application control policy enforcement/protection mode of the machine group
ProtectionModeResponse
- Exe string
The application control policy enforcement/protection mode of the machine group
- Executable string
The application control policy enforcement/protection mode of the machine group
- Msi string
The application control policy enforcement/protection mode of the machine group
- Script string
The application control policy enforcement/protection mode of the machine group
- Exe string
The application control policy enforcement/protection mode of the machine group
- Executable string
The application control policy enforcement/protection mode of the machine group
- Msi string
The application control policy enforcement/protection mode of the machine group
- Script string
The application control policy enforcement/protection mode of the machine group
- exe String
The application control policy enforcement/protection mode of the machine group
- executable String
The application control policy enforcement/protection mode of the machine group
- msi String
The application control policy enforcement/protection mode of the machine group
- script String
The application control policy enforcement/protection mode of the machine group
- exe string
The application control policy enforcement/protection mode of the machine group
- executable string
The application control policy enforcement/protection mode of the machine group
- msi string
The application control policy enforcement/protection mode of the machine group
- script string
The application control policy enforcement/protection mode of the machine group
- exe str
The application control policy enforcement/protection mode of the machine group
- executable str
The application control policy enforcement/protection mode of the machine group
- msi str
The application control policy enforcement/protection mode of the machine group
- script str
The application control policy enforcement/protection mode of the machine group
- exe String
The application control policy enforcement/protection mode of the machine group
- executable String
The application control policy enforcement/protection mode of the machine group
- msi String
The application control policy enforcement/protection mode of the machine group
- script String
The application control policy enforcement/protection mode of the machine group
PublisherInfo
- Binary
Name string The "OriginalName" field taken from the file's version resource
- Product
Name string The product name taken from the file's version resource
- Publisher
Name string The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country
- Version string
The binary file version taken from the file's version resource
- Binary
Name string The "OriginalName" field taken from the file's version resource
- Product
Name string The product name taken from the file's version resource
- Publisher
Name string The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country
- Version string
The binary file version taken from the file's version resource
- binary
Name String The "OriginalName" field taken from the file's version resource
- product
Name String The product name taken from the file's version resource
- publisher
Name String The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country
- version String
The binary file version taken from the file's version resource
- binary
Name string The "OriginalName" field taken from the file's version resource
- product
Name string The product name taken from the file's version resource
- publisher
Name string The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country
- version string
The binary file version taken from the file's version resource
- binary_
name str The "OriginalName" field taken from the file's version resource
- product_
name str The product name taken from the file's version resource
- publisher_
name str The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country
- version str
The binary file version taken from the file's version resource
- binary
Name String The "OriginalName" field taken from the file's version resource
- product
Name String The product name taken from the file's version resource
- publisher
Name String The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country
- version String
The binary file version taken from the file's version resource
PublisherInfoResponse
- Binary
Name string The "OriginalName" field taken from the file's version resource
- Product
Name string The product name taken from the file's version resource
- Publisher
Name string The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country
- Version string
The binary file version taken from the file's version resource
- Binary
Name string The "OriginalName" field taken from the file's version resource
- Product
Name string The product name taken from the file's version resource
- Publisher
Name string The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country
- Version string
The binary file version taken from the file's version resource
- binary
Name String The "OriginalName" field taken from the file's version resource
- product
Name String The product name taken from the file's version resource
- publisher
Name String The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country
- version String
The binary file version taken from the file's version resource
- binary
Name string The "OriginalName" field taken from the file's version resource
- product
Name string The product name taken from the file's version resource
- publisher
Name string The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country
- version string
The binary file version taken from the file's version resource
- binary_
name str The "OriginalName" field taken from the file's version resource
- product_
name str The product name taken from the file's version resource
- publisher_
name str The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country
- version str
The binary file version taken from the file's version resource
- binary
Name String The "OriginalName" field taken from the file's version resource
- product
Name String The product name taken from the file's version resource
- publisher
Name String The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country
- version String
The binary file version taken from the file's version resource
UserRecommendation
- Recommendation
Action string The recommendation action of the machine or rule
- Username string
Represents a user that is recommended to be allowed for a certain rule
- Recommendation
Action string The recommendation action of the machine or rule
- Username string
Represents a user that is recommended to be allowed for a certain rule
- recommendation
Action String The recommendation action of the machine or rule
- username String
Represents a user that is recommended to be allowed for a certain rule
- recommendation
Action string The recommendation action of the machine or rule
- username string
Represents a user that is recommended to be allowed for a certain rule
- recommendation_
action str The recommendation action of the machine or rule
- username str
Represents a user that is recommended to be allowed for a certain rule
- recommendation
Action String The recommendation action of the machine or rule
- username String
Represents a user that is recommended to be allowed for a certain rule
UserRecommendationResponse
- Recommendation
Action string The recommendation action of the machine or rule
- Username string
Represents a user that is recommended to be allowed for a certain rule
- Recommendation
Action string The recommendation action of the machine or rule
- Username string
Represents a user that is recommended to be allowed for a certain rule
- recommendation
Action String The recommendation action of the machine or rule
- username String
Represents a user that is recommended to be allowed for a certain rule
- recommendation
Action string The recommendation action of the machine or rule
- username string
Represents a user that is recommended to be allowed for a certain rule
- recommendation_
action str The recommendation action of the machine or rule
- username str
Represents a user that is recommended to be allowed for a certain rule
- recommendation
Action String The recommendation action of the machine or rule
- username String
Represents a user that is recommended to be allowed for a certain rule
VmRecommendation
- Configuration
Status string The configuration status of the machines group or machine or rule
- Enforcement
Support string The machine supportability of Enforce feature
- Recommendation
Action string The recommendation action of the machine or rule
- Resource
Id string The full resource id of the machine
- Configuration
Status string The configuration status of the machines group or machine or rule
- Enforcement
Support string The machine supportability of Enforce feature
- Recommendation
Action string The recommendation action of the machine or rule
- Resource
Id string The full resource id of the machine
- configuration
Status String The configuration status of the machines group or machine or rule
- enforcement
Support String The machine supportability of Enforce feature
- recommendation
Action String The recommendation action of the machine or rule
- resource
Id String The full resource id of the machine
- configuration
Status string The configuration status of the machines group or machine or rule
- enforcement
Support string The machine supportability of Enforce feature
- recommendation
Action string The recommendation action of the machine or rule
- resource
Id string The full resource id of the machine
- configuration_
status str The configuration status of the machines group or machine or rule
- enforcement_
support str The machine supportability of Enforce feature
- recommendation_
action str The recommendation action of the machine or rule
- resource_
id str The full resource id of the machine
- configuration
Status String The configuration status of the machines group or machine or rule
- enforcement
Support String The machine supportability of Enforce feature
- recommendation
Action String The recommendation action of the machine or rule
- resource
Id String The full resource id of the machine
VmRecommendationResponse
- Configuration
Status string The configuration status of the machines group or machine or rule
- Enforcement
Support string The machine supportability of Enforce feature
- Recommendation
Action string The recommendation action of the machine or rule
- Resource
Id string The full resource id of the machine
- Configuration
Status string The configuration status of the machines group or machine or rule
- Enforcement
Support string The machine supportability of Enforce feature
- Recommendation
Action string The recommendation action of the machine or rule
- Resource
Id string The full resource id of the machine
- configuration
Status String The configuration status of the machines group or machine or rule
- enforcement
Support String The machine supportability of Enforce feature
- recommendation
Action String The recommendation action of the machine or rule
- resource
Id String The full resource id of the machine
- configuration
Status string The configuration status of the machines group or machine or rule
- enforcement
Support string The machine supportability of Enforce feature
- recommendation
Action string The recommendation action of the machine or rule
- resource
Id string The full resource id of the machine
- configuration_
status str The configuration status of the machines group or machine or rule
- enforcement_
support str The machine supportability of Enforce feature
- recommendation_
action str The recommendation action of the machine or rule
- resource_
id str The full resource id of the machine
- configuration
Status String The configuration status of the machines group or machine or rule
- enforcement
Support String The machine supportability of Enforce feature
- recommendation
Action String The recommendation action of the machine or rule
- resource
Id String The full resource id of the machine
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:security:AdaptiveApplicationControl ERELGROUP1 /subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/locations/centralus/applicationWhitelistings/ERELGROUP1
Package Details
- Repository
- Azure Native pulumi/pulumi-azure-native
- License
- Apache-2.0