azure-native.security.AdaptiveApplicationControl

API Version: 2020-01-01.

Example Usage

Update an application control machine group by adding a new application

using System.Collections.Generic;
using Pulumi;
using AzureNative = Pulumi.AzureNative;

return await Deployment.RunAsync(() => 
{
    var adaptiveApplicationControl = new AzureNative.Security.AdaptiveApplicationControl("adaptiveApplicationControl", new()
    {
        AscLocation = "centralus",
        EnforcementMode = "Audit",
        GroupName = "ERELGROUP1",
        PathRecommendations = new[]
        {
            new AzureNative.Security.Inputs.PathRecommendationArgs
            {
                Action = "Recommended",
                Common = true,
                ConfigurationStatus = "Configured",
                FileType = "Exe",
                Path = "[Exe] O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\\*\\*\\0.0.0.0",
                PublisherInfo = new AzureNative.Security.Inputs.PublisherInfoArgs
                {
                    BinaryName = "*",
                    ProductName = "*",
                    PublisherName = "O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US",
                    Version = "0.0.0.0",
                },
                Type = "PublisherSignature",
                UserSids = new[]
                {
                    "S-1-1-0",
                },
                Usernames = new[]
                {
                    new AzureNative.Security.Inputs.UserRecommendationArgs
                    {
                        RecommendationAction = "Recommended",
                        Username = "Everyone",
                    },
                },
            },
            new AzureNative.Security.Inputs.PathRecommendationArgs
            {
                Action = "Recommended",
                Common = true,
                ConfigurationStatus = "Configured",
                FileType = "Exe",
                Path = "%OSDRIVE%\\WINDOWSAZURE\\SECAGENT\\WASECAGENTPROV.EXE",
                PublisherInfo = new AzureNative.Security.Inputs.PublisherInfoArgs
                {
                    BinaryName = "*",
                    ProductName = "MICROSOFT® COREXT",
                    PublisherName = "CN=MICROSOFT AZURE DEPENDENCY CODE SIGN",
                    Version = "0.0.0.0",
                },
                Type = "ProductSignature",
                UserSids = new[]
                {
                    "S-1-1-0",
                },
                Usernames = new[]
                {
                    new AzureNative.Security.Inputs.UserRecommendationArgs
                    {
                        RecommendationAction = "Recommended",
                        Username = "NT AUTHORITY\\SYSTEM",
                    },
                },
            },
            new AzureNative.Security.Inputs.PathRecommendationArgs
            {
                Action = "Recommended",
                Common = true,
                ConfigurationStatus = "Configured",
                FileType = "Exe",
                Path = "%OSDRIVE%\\WINDOWSAZURE\\PACKAGES_201973_7415\\COLLECTGUESTLOGS.EXE",
                PublisherInfo = new AzureNative.Security.Inputs.PublisherInfoArgs
                {
                    BinaryName = "*",
                    ProductName = "*",
                    PublisherName = "CN=MICROSOFT AZURE DEPENDENCY CODE SIGN",
                    Version = "0.0.0.0",
                },
                Type = "PublisherSignature",
                UserSids = new[]
                {
                    "S-1-1-0",
                },
                Usernames = new[]
                {
                    new AzureNative.Security.Inputs.UserRecommendationArgs
                    {
                        RecommendationAction = "Recommended",
                        Username = "NT AUTHORITY\\SYSTEM",
                    },
                },
            },
            new AzureNative.Security.Inputs.PathRecommendationArgs
            {
                Action = "Add",
                Common = true,
                Path = "C:\\directory\\file.exe",
                Type = "File",
            },
        },
        ProtectionMode = new AzureNative.Security.Inputs.ProtectionModeArgs
        {
            Exe = "Audit",
            Msi = "None",
            Script = "None",
        },
        VmRecommendations = new[]
        {
            new AzureNative.Security.Inputs.VmRecommendationArgs
            {
                ConfigurationStatus = "Configured",
                EnforcementSupport = "Supported",
                RecommendationAction = "Recommended",
                ResourceId = "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/erelh-stable/providers/microsoft.compute/virtualmachines/erelh-16090",
            },
            new AzureNative.Security.Inputs.VmRecommendationArgs
            {
                ConfigurationStatus = "Configured",
                EnforcementSupport = "Supported",
                RecommendationAction = "Recommended",
                ResourceId = "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/matanvs/providers/microsoft.compute/virtualmachines/matanvs19",
            },
        },
    });

});
package main

import (
	"fmt"

	security "github.com/pulumi/pulumi-azure-native/sdk/go/azure/security"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := security.NewAdaptiveApplicationControl(ctx, "adaptiveApplicationControl", &security.AdaptiveApplicationControlArgs{
			AscLocation:     pulumi.String("centralus"),
			EnforcementMode: pulumi.String("Audit"),
			GroupName:       pulumi.String("ERELGROUP1"),
			PathRecommendations: []security.PathRecommendationArgs{
				{
					Action:              pulumi.String("Recommended"),
					Common:              pulumi.Bool(true),
					ConfigurationStatus: pulumi.String("Configured"),
					FileType:            pulumi.String("Exe"),
					Path:                pulumi.String("[Exe] O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\\*\\*\\0.0.0.0"),
					PublisherInfo: {
						BinaryName:    pulumi.String("*"),
						ProductName:   pulumi.String("*"),
						PublisherName: pulumi.String("O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US"),
						Version:       pulumi.String("0.0.0.0"),
					},
					Type: pulumi.String("PublisherSignature"),
					UserSids: pulumi.StringArray{
						pulumi.String("S-1-1-0"),
					},
					Usernames: security.UserRecommendationArray{
						{
							RecommendationAction: pulumi.String("Recommended"),
							Username:             pulumi.String("Everyone"),
						},
					},
				},
				{
					Action:              pulumi.String("Recommended"),
					Common:              pulumi.Bool(true),
					ConfigurationStatus: pulumi.String("Configured"),
					FileType:            pulumi.String("Exe"),
					Path:                pulumi.String(fmt.Sprintf("%vOSDRIVE%v\\WINDOWSAZURE\\SECAGENT\\WASECAGENTPROV.EXE", "%", "%")),
					PublisherInfo: {
						BinaryName:    pulumi.String("*"),
						ProductName:   pulumi.String("MICROSOFT® COREXT"),
						PublisherName: pulumi.String("CN=MICROSOFT AZURE DEPENDENCY CODE SIGN"),
						Version:       pulumi.String("0.0.0.0"),
					},
					Type: pulumi.String("ProductSignature"),
					UserSids: pulumi.StringArray{
						pulumi.String("S-1-1-0"),
					},
					Usernames: security.UserRecommendationArray{
						{
							RecommendationAction: pulumi.String("Recommended"),
							Username:             pulumi.String("NT AUTHORITY\\SYSTEM"),
						},
					},
				},
				{
					Action:              pulumi.String("Recommended"),
					Common:              pulumi.Bool(true),
					ConfigurationStatus: pulumi.String("Configured"),
					FileType:            pulumi.String("Exe"),
					Path:                pulumi.String(fmt.Sprintf("%vOSDRIVE%v\\WINDOWSAZURE\\PACKAGES_201973_7415\\COLLECTGUESTLOGS.EXE", "%", "%")),
					PublisherInfo: {
						BinaryName:    pulumi.String("*"),
						ProductName:   pulumi.String("*"),
						PublisherName: pulumi.String("CN=MICROSOFT AZURE DEPENDENCY CODE SIGN"),
						Version:       pulumi.String("0.0.0.0"),
					},
					Type: pulumi.String("PublisherSignature"),
					UserSids: pulumi.StringArray{
						pulumi.String("S-1-1-0"),
					},
					Usernames: security.UserRecommendationArray{
						{
							RecommendationAction: pulumi.String("Recommended"),
							Username:             pulumi.String("NT AUTHORITY\\SYSTEM"),
						},
					},
				},
				{
					Action: pulumi.String("Add"),
					Common: pulumi.Bool(true),
					Path:   pulumi.String("C:\\directory\\file.exe"),
					Type:   pulumi.String("File"),
				},
			},
			ProtectionMode: &security.ProtectionModeArgs{
				Exe:    pulumi.String("Audit"),
				Msi:    pulumi.String("None"),
				Script: pulumi.String("None"),
			},
			VmRecommendations: []security.VmRecommendationArgs{
				{
					ConfigurationStatus:  pulumi.String("Configured"),
					EnforcementSupport:   pulumi.String("Supported"),
					RecommendationAction: pulumi.String("Recommended"),
					ResourceId:           pulumi.String("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/erelh-stable/providers/microsoft.compute/virtualmachines/erelh-16090"),
				},
				{
					ConfigurationStatus:  pulumi.String("Configured"),
					EnforcementSupport:   pulumi.String("Supported"),
					RecommendationAction: pulumi.String("Recommended"),
					ResourceId:           pulumi.String("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/matanvs/providers/microsoft.compute/virtualmachines/matanvs19"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.AdaptiveApplicationControl;
import com.pulumi.azurenative.security.AdaptiveApplicationControlArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var adaptiveApplicationControl = new AdaptiveApplicationControl("adaptiveApplicationControl", AdaptiveApplicationControlArgs.builder()        
            .ascLocation("centralus")
            .enforcementMode("Audit")
            .groupName("ERELGROUP1")
            .pathRecommendations(            
                Map.ofEntries(
                    Map.entry("action", "Recommended"),
                    Map.entry("common", true),
                    Map.entry("configurationStatus", "Configured"),
                    Map.entry("fileType", "Exe"),
                    Map.entry("path", "[Exe] O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\\*\\*\\0.0.0.0"),
                    Map.entry("publisherInfo", Map.ofEntries(
                        Map.entry("binaryName", "*"),
                        Map.entry("productName", "*"),
                        Map.entry("publisherName", "O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US"),
                        Map.entry("version", "0.0.0.0")
                    )),
                    Map.entry("type", "PublisherSignature"),
                    Map.entry("userSids", "S-1-1-0"),
                    Map.entry("usernames", Map.ofEntries(
                        Map.entry("recommendationAction", "Recommended"),
                        Map.entry("username", "Everyone")
                    ))
                ),
                Map.ofEntries(
                    Map.entry("action", "Recommended"),
                    Map.entry("common", true),
                    Map.entry("configurationStatus", "Configured"),
                    Map.entry("fileType", "Exe"),
                    Map.entry("path", "%OSDRIVE%\\WINDOWSAZURE\\SECAGENT\\WASECAGENTPROV.EXE"),
                    Map.entry("publisherInfo", Map.ofEntries(
                        Map.entry("binaryName", "*"),
                        Map.entry("productName", "MICROSOFT® COREXT"),
                        Map.entry("publisherName", "CN=MICROSOFT AZURE DEPENDENCY CODE SIGN"),
                        Map.entry("version", "0.0.0.0")
                    )),
                    Map.entry("type", "ProductSignature"),
                    Map.entry("userSids", "S-1-1-0"),
                    Map.entry("usernames", Map.ofEntries(
                        Map.entry("recommendationAction", "Recommended"),
                        Map.entry("username", "NT AUTHORITY\\SYSTEM")
                    ))
                ),
                Map.ofEntries(
                    Map.entry("action", "Recommended"),
                    Map.entry("common", true),
                    Map.entry("configurationStatus", "Configured"),
                    Map.entry("fileType", "Exe"),
                    Map.entry("path", "%OSDRIVE%\\WINDOWSAZURE\\PACKAGES_201973_7415\\COLLECTGUESTLOGS.EXE"),
                    Map.entry("publisherInfo", Map.ofEntries(
                        Map.entry("binaryName", "*"),
                        Map.entry("productName", "*"),
                        Map.entry("publisherName", "CN=MICROSOFT AZURE DEPENDENCY CODE SIGN"),
                        Map.entry("version", "0.0.0.0")
                    )),
                    Map.entry("type", "PublisherSignature"),
                    Map.entry("userSids", "S-1-1-0"),
                    Map.entry("usernames", Map.ofEntries(
                        Map.entry("recommendationAction", "Recommended"),
                        Map.entry("username", "NT AUTHORITY\\SYSTEM")
                    ))
                ),
                Map.ofEntries(
                    Map.entry("action", "Add"),
                    Map.entry("common", true),
                    Map.entry("path", "C:\\directory\\file.exe"),
                    Map.entry("type", "File")
                ))
            .protectionMode(Map.ofEntries(
                Map.entry("exe", "Audit"),
                Map.entry("msi", "None"),
                Map.entry("script", "None")
            ))
            .vmRecommendations(            
                Map.ofEntries(
                    Map.entry("configurationStatus", "Configured"),
                    Map.entry("enforcementSupport", "Supported"),
                    Map.entry("recommendationAction", "Recommended"),
                    Map.entry("resourceId", "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/erelh-stable/providers/microsoft.compute/virtualmachines/erelh-16090")
                ),
                Map.ofEntries(
                    Map.entry("configurationStatus", "Configured"),
                    Map.entry("enforcementSupport", "Supported"),
                    Map.entry("recommendationAction", "Recommended"),
                    Map.entry("resourceId", "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/matanvs/providers/microsoft.compute/virtualmachines/matanvs19")
                ))
            .build());

    }
}
import pulumi
import pulumi_azure_native as azure_native

adaptive_application_control = azure_native.security.AdaptiveApplicationControl("adaptiveApplicationControl",
    asc_location="centralus",
    enforcement_mode="Audit",
    group_name="ERELGROUP1",
    path_recommendations=[
        {
            "action": "Recommended",
            "common": True,
            "configurationStatus": "Configured",
            "fileType": "Exe",
            "path": "[Exe] O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\\*\\*\\0.0.0.0",
            "publisherInfo": azure_native.security.PublisherInfoArgs(
                binary_name="*",
                product_name="*",
                publisher_name="O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US",
                version="0.0.0.0",
            ),
            "type": "PublisherSignature",
            "userSids": ["S-1-1-0"],
            "usernames": [azure_native.security.UserRecommendationArgs(
                recommendation_action="Recommended",
                username="Everyone",
            )],
        },
        {
            "action": "Recommended",
            "common": True,
            "configurationStatus": "Configured",
            "fileType": "Exe",
            "path": "%OSDRIVE%\\WINDOWSAZURE\\SECAGENT\\WASECAGENTPROV.EXE",
            "publisherInfo": azure_native.security.PublisherInfoArgs(
                binary_name="*",
                product_name="MICROSOFT® COREXT",
                publisher_name="CN=MICROSOFT AZURE DEPENDENCY CODE SIGN",
                version="0.0.0.0",
            ),
            "type": "ProductSignature",
            "userSids": ["S-1-1-0"],
            "usernames": [azure_native.security.UserRecommendationArgs(
                recommendation_action="Recommended",
                username="NT AUTHORITY\\SYSTEM",
            )],
        },
        {
            "action": "Recommended",
            "common": True,
            "configurationStatus": "Configured",
            "fileType": "Exe",
            "path": "%OSDRIVE%\\WINDOWSAZURE\\PACKAGES_201973_7415\\COLLECTGUESTLOGS.EXE",
            "publisherInfo": azure_native.security.PublisherInfoArgs(
                binary_name="*",
                product_name="*",
                publisher_name="CN=MICROSOFT AZURE DEPENDENCY CODE SIGN",
                version="0.0.0.0",
            ),
            "type": "PublisherSignature",
            "userSids": ["S-1-1-0"],
            "usernames": [azure_native.security.UserRecommendationArgs(
                recommendation_action="Recommended",
                username="NT AUTHORITY\\SYSTEM",
            )],
        },
        azure_native.security.PathRecommendationArgs(
            action="Add",
            common=True,
            path="C:\\directory\\file.exe",
            type="File",
        ),
    ],
    protection_mode=azure_native.security.ProtectionModeArgs(
        exe="Audit",
        msi="None",
        script="None",
    ),
    vm_recommendations=[
        azure_native.security.VmRecommendationArgs(
            configuration_status="Configured",
            enforcement_support="Supported",
            recommendation_action="Recommended",
            resource_id="/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/erelh-stable/providers/microsoft.compute/virtualmachines/erelh-16090",
        ),
        azure_native.security.VmRecommendationArgs(
            configuration_status="Configured",
            enforcement_support="Supported",
            recommendation_action="Recommended",
            resource_id="/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/matanvs/providers/microsoft.compute/virtualmachines/matanvs19",
        ),
    ])
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";

const adaptiveApplicationControl = new azure_native.security.AdaptiveApplicationControl("adaptiveApplicationControl", {
    ascLocation: "centralus",
    enforcementMode: "Audit",
    groupName: "ERELGROUP1",
    pathRecommendations: [
        {
            action: "Recommended",
            common: true,
            configurationStatus: "Configured",
            fileType: "Exe",
            path: "[Exe] O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\\*\\*\\0.0.0.0",
            publisherInfo: {
                binaryName: "*",
                productName: "*",
                publisherName: "O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US",
                version: "0.0.0.0",
            },
            type: "PublisherSignature",
            userSids: ["S-1-1-0"],
            usernames: [{
                recommendationAction: "Recommended",
                username: "Everyone",
            }],
        },
        {
            action: "Recommended",
            common: true,
            configurationStatus: "Configured",
            fileType: "Exe",
            path: `%OSDRIVE%\WINDOWSAZURE\SECAGENT\WASECAGENTPROV.EXE`,
            publisherInfo: {
                binaryName: "*",
                productName: "MICROSOFT® COREXT",
                publisherName: "CN=MICROSOFT AZURE DEPENDENCY CODE SIGN",
                version: "0.0.0.0",
            },
            type: "ProductSignature",
            userSids: ["S-1-1-0"],
            usernames: [{
                recommendationAction: "Recommended",
                username: "NT AUTHORITY\\SYSTEM",
            }],
        },
        {
            action: "Recommended",
            common: true,
            configurationStatus: "Configured",
            fileType: "Exe",
            path: `%OSDRIVE%\WINDOWSAZURE\PACKAGES_201973_7415\COLLECTGUESTLOGS.EXE`,
            publisherInfo: {
                binaryName: "*",
                productName: "*",
                publisherName: "CN=MICROSOFT AZURE DEPENDENCY CODE SIGN",
                version: "0.0.0.0",
            },
            type: "PublisherSignature",
            userSids: ["S-1-1-0"],
            usernames: [{
                recommendationAction: "Recommended",
                username: "NT AUTHORITY\\SYSTEM",
            }],
        },
        {
            action: "Add",
            common: true,
            path: "C:\\directory\\file.exe",
            type: "File",
        },
    ],
    protectionMode: {
        exe: "Audit",
        msi: "None",
        script: "None",
    },
    vmRecommendations: [
        {
            configurationStatus: "Configured",
            enforcementSupport: "Supported",
            recommendationAction: "Recommended",
            resourceId: "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/erelh-stable/providers/microsoft.compute/virtualmachines/erelh-16090",
        },
        {
            configurationStatus: "Configured",
            enforcementSupport: "Supported",
            recommendationAction: "Recommended",
            resourceId: "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/matanvs/providers/microsoft.compute/virtualmachines/matanvs19",
        },
    ],
});
resources:
  adaptiveApplicationControl:
    type: azure-native:security:AdaptiveApplicationControl
    properties:
      ascLocation: centralus
      enforcementMode: Audit
      groupName: ERELGROUP1
      pathRecommendations:
        - action: Recommended
          common: true
          configurationStatus: Configured
          fileType: Exe
          path: '[Exe] O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\*\*\0.0.0.0'
          publisherInfo:
            binaryName: '*'
            productName: '*'
            publisherName: O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US
            version: 0.0.0.0
          type: PublisherSignature
          userSids:
            - S-1-1-0
          usernames:
            - recommendationAction: Recommended
              username: Everyone
        - action: Recommended
          common: true
          configurationStatus: Configured
          fileType: Exe
          path: '%OSDRIVE%\WINDOWSAZURE\SECAGENT\WASECAGENTPROV.EXE'
          publisherInfo:
            binaryName: '*'
            productName: MICROSOFT® COREXT
            publisherName: CN=MICROSOFT AZURE DEPENDENCY CODE SIGN
            version: 0.0.0.0
          type: ProductSignature
          userSids:
            - S-1-1-0
          usernames:
            - recommendationAction: Recommended
              username: NT AUTHORITY\SYSTEM
        - action: Recommended
          common: true
          configurationStatus: Configured
          fileType: Exe
          path: '%OSDRIVE%\WINDOWSAZURE\PACKAGES_201973_7415\COLLECTGUESTLOGS.EXE'
          publisherInfo:
            binaryName: '*'
            productName: '*'
            publisherName: CN=MICROSOFT AZURE DEPENDENCY CODE SIGN
            version: 0.0.0.0
          type: PublisherSignature
          userSids:
            - S-1-1-0
          usernames:
            - recommendationAction: Recommended
              username: NT AUTHORITY\SYSTEM
        - action: Add
          common: true
          path: C:\directory\file.exe
          type: File
      protectionMode:
        exe: Audit
        msi: None
        script: None
      vmRecommendations:
        - configurationStatus: Configured
          enforcementSupport: Supported
          recommendationAction: Recommended
          resourceId: /subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/erelh-stable/providers/microsoft.compute/virtualmachines/erelh-16090
        - configurationStatus: Configured
          enforcementSupport: Supported
          recommendationAction: Recommended
          resourceId: /subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/matanvs/providers/microsoft.compute/virtualmachines/matanvs19

Create AdaptiveApplicationControl Resource

new AdaptiveApplicationControl(name: string, args: AdaptiveApplicationControlArgs, opts?: CustomResourceOptions);
@overload
def AdaptiveApplicationControl(resource_name: str,
                               opts: Optional[ResourceOptions] = None,
                               asc_location: Optional[str] = None,
                               enforcement_mode: Optional[str] = None,
                               group_name: Optional[str] = None,
                               path_recommendations: Optional[Sequence[PathRecommendationArgs]] = None,
                               protection_mode: Optional[ProtectionModeArgs] = None,
                               vm_recommendations: Optional[Sequence[VmRecommendationArgs]] = None)
@overload
def AdaptiveApplicationControl(resource_name: str,
                               args: AdaptiveApplicationControlArgs,
                               opts: Optional[ResourceOptions] = None)
func NewAdaptiveApplicationControl(ctx *Context, name string, args AdaptiveApplicationControlArgs, opts ...ResourceOption) (*AdaptiveApplicationControl, error)
public AdaptiveApplicationControl(string name, AdaptiveApplicationControlArgs args, CustomResourceOptions? opts = null)
public AdaptiveApplicationControl(String name, AdaptiveApplicationControlArgs args)
public AdaptiveApplicationControl(String name, AdaptiveApplicationControlArgs args, CustomResourceOptions options)
type: azure-native:security:AdaptiveApplicationControl
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args AdaptiveApplicationControlArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args AdaptiveApplicationControlArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args AdaptiveApplicationControlArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args AdaptiveApplicationControlArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args AdaptiveApplicationControlArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

AdaptiveApplicationControl Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The AdaptiveApplicationControl resource accepts the following input properties:

AscLocation string

The location where ASC stores the data of the subscription. can be retrieved from Get locations

EnforcementMode string

The application control policy enforcement/protection mode of the machine group

GroupName string

Name of an application control machine group

PathRecommendations List<Pulumi.AzureNative.Security.Inputs.PathRecommendationArgs>
ProtectionMode Pulumi.AzureNative.Security.Inputs.ProtectionModeArgs

The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux.

VmRecommendations List<Pulumi.AzureNative.Security.Inputs.VmRecommendationArgs>
AscLocation string

The location where ASC stores the data of the subscription. can be retrieved from Get locations

EnforcementMode string

The application control policy enforcement/protection mode of the machine group

GroupName string

Name of an application control machine group

PathRecommendations []PathRecommendationArgs
ProtectionMode ProtectionModeArgs

The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux.

VmRecommendations []VmRecommendationArgs
ascLocation String

The location where ASC stores the data of the subscription. can be retrieved from Get locations

enforcementMode String

The application control policy enforcement/protection mode of the machine group

groupName String

Name of an application control machine group

pathRecommendations List<PathRecommendationArgs>
protectionMode ProtectionModeArgs

The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux.

vmRecommendations List<VmRecommendationArgs>
ascLocation string

The location where ASC stores the data of the subscription. can be retrieved from Get locations

enforcementMode string

The application control policy enforcement/protection mode of the machine group

groupName string

Name of an application control machine group

pathRecommendations PathRecommendationArgs[]
protectionMode ProtectionModeArgs

The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux.

vmRecommendations VmRecommendationArgs[]
asc_location str

The location where ASC stores the data of the subscription. can be retrieved from Get locations

enforcement_mode str

The application control policy enforcement/protection mode of the machine group

group_name str

Name of an application control machine group

path_recommendations Sequence[PathRecommendationArgs]
protection_mode ProtectionModeArgs

The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux.

vm_recommendations Sequence[VmRecommendationArgs]
ascLocation String

The location where ASC stores the data of the subscription. can be retrieved from Get locations

enforcementMode String

The application control policy enforcement/protection mode of the machine group

groupName String

Name of an application control machine group

pathRecommendations List<Property Map>
protectionMode Property Map

The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux.

vmRecommendations List<Property Map>

Outputs

All input properties are implicitly available as output properties. Additionally, the AdaptiveApplicationControl resource produces the following output properties:

ConfigurationStatus string

The configuration status of the machines group or machine or rule

Id string

The provider-assigned unique ID for this managed resource.

Issues List<Pulumi.AzureNative.Security.Outputs.AdaptiveApplicationControlIssueSummaryResponse>
Location string

Location where the resource is stored

Name string

Resource name

RecommendationStatus string

The initial recommendation status of the machine group or machine

SourceSystem string

The source type of the machine group

Type string

Resource type

ConfigurationStatus string

The configuration status of the machines group or machine or rule

Id string

The provider-assigned unique ID for this managed resource.

Issues []AdaptiveApplicationControlIssueSummaryResponse
Location string

Location where the resource is stored

Name string

Resource name

RecommendationStatus string

The initial recommendation status of the machine group or machine

SourceSystem string

The source type of the machine group

Type string

Resource type

configurationStatus String

The configuration status of the machines group or machine or rule

id String

The provider-assigned unique ID for this managed resource.

issues List<AdaptiveApplicationControlIssueSummaryResponse>
location String

Location where the resource is stored

name String

Resource name

recommendationStatus String

The initial recommendation status of the machine group or machine

sourceSystem String

The source type of the machine group

type String

Resource type

configurationStatus string

The configuration status of the machines group or machine or rule

id string

The provider-assigned unique ID for this managed resource.

issues AdaptiveApplicationControlIssueSummaryResponse[]
location string

Location where the resource is stored

name string

Resource name

recommendationStatus string

The initial recommendation status of the machine group or machine

sourceSystem string

The source type of the machine group

type string

Resource type

configuration_status str

The configuration status of the machines group or machine or rule

id str

The provider-assigned unique ID for this managed resource.

issues Sequence[AdaptiveApplicationControlIssueSummaryResponse]
location str

Location where the resource is stored

name str

Resource name

recommendation_status str

The initial recommendation status of the machine group or machine

source_system str

The source type of the machine group

type str

Resource type

configurationStatus String

The configuration status of the machines group or machine or rule

id String

The provider-assigned unique ID for this managed resource.

issues List<Property Map>
location String

Location where the resource is stored

name String

Resource name

recommendationStatus String

The initial recommendation status of the machine group or machine

sourceSystem String

The source type of the machine group

type String

Resource type

Supporting Types

AdaptiveApplicationControlIssueSummaryResponse

Issue string

An alert that machines within a group can have

NumberOfVms double

The number of machines in the group that have this alert

Issue string

An alert that machines within a group can have

NumberOfVms float64

The number of machines in the group that have this alert

issue String

An alert that machines within a group can have

numberOfVms Double

The number of machines in the group that have this alert

issue string

An alert that machines within a group can have

numberOfVms number

The number of machines in the group that have this alert

issue str

An alert that machines within a group can have

number_of_vms float

The number of machines in the group that have this alert

issue String

An alert that machines within a group can have

numberOfVms Number

The number of machines in the group that have this alert

PathRecommendation

Action string

The recommendation action of the machine or rule

Common bool

Whether the application is commonly run on the machine

ConfigurationStatus string

The configuration status of the machines group or machine or rule

FileType string

The type of the file (for Linux files - Executable is used)

Path string

The full path of the file, or an identifier of the application

PublisherInfo Pulumi.AzureNative.Security.Inputs.PublisherInfo

Represents the publisher information of a process/rule

Type string

The type of the rule to be allowed

UserSids List<string>
Usernames List<Pulumi.AzureNative.Security.Inputs.UserRecommendation>
Action string

The recommendation action of the machine or rule

Common bool

Whether the application is commonly run on the machine

ConfigurationStatus string

The configuration status of the machines group or machine or rule

FileType string

The type of the file (for Linux files - Executable is used)

Path string

The full path of the file, or an identifier of the application

PublisherInfo PublisherInfo

Represents the publisher information of a process/rule

Type string

The type of the rule to be allowed

UserSids []string
Usernames []UserRecommendation
action String

The recommendation action of the machine or rule

common Boolean

Whether the application is commonly run on the machine

configurationStatus String

The configuration status of the machines group or machine or rule

fileType String

The type of the file (for Linux files - Executable is used)

path String

The full path of the file, or an identifier of the application

publisherInfo PublisherInfo

Represents the publisher information of a process/rule

type String

The type of the rule to be allowed

userSids List<String>
usernames List<UserRecommendation>
action string

The recommendation action of the machine or rule

common boolean

Whether the application is commonly run on the machine

configurationStatus string

The configuration status of the machines group or machine or rule

fileType string

The type of the file (for Linux files - Executable is used)

path string

The full path of the file, or an identifier of the application

publisherInfo PublisherInfo

Represents the publisher information of a process/rule

type string

The type of the rule to be allowed

userSids string[]
usernames UserRecommendation[]
action str

The recommendation action of the machine or rule

common bool

Whether the application is commonly run on the machine

configuration_status str

The configuration status of the machines group or machine or rule

file_type str

The type of the file (for Linux files - Executable is used)

path str

The full path of the file, or an identifier of the application

publisher_info PublisherInfo

Represents the publisher information of a process/rule

type str

The type of the rule to be allowed

user_sids Sequence[str]
usernames Sequence[UserRecommendation]
action String

The recommendation action of the machine or rule

common Boolean

Whether the application is commonly run on the machine

configurationStatus String

The configuration status of the machines group or machine or rule

fileType String

The type of the file (for Linux files - Executable is used)

path String

The full path of the file, or an identifier of the application

publisherInfo Property Map

Represents the publisher information of a process/rule

type String

The type of the rule to be allowed

userSids List<String>
usernames List<Property Map>

PathRecommendationResponse

Action string

The recommendation action of the machine or rule

Common bool

Whether the application is commonly run on the machine

ConfigurationStatus string

The configuration status of the machines group or machine or rule

FileType string

The type of the file (for Linux files - Executable is used)

Path string

The full path of the file, or an identifier of the application

PublisherInfo Pulumi.AzureNative.Security.Inputs.PublisherInfoResponse

Represents the publisher information of a process/rule

Type string

The type of the rule to be allowed

UserSids List<string>
Usernames List<Pulumi.AzureNative.Security.Inputs.UserRecommendationResponse>
Action string

The recommendation action of the machine or rule

Common bool

Whether the application is commonly run on the machine

ConfigurationStatus string

The configuration status of the machines group or machine or rule

FileType string

The type of the file (for Linux files - Executable is used)

Path string

The full path of the file, or an identifier of the application

PublisherInfo PublisherInfoResponse

Represents the publisher information of a process/rule

Type string

The type of the rule to be allowed

UserSids []string
Usernames []UserRecommendationResponse
action String

The recommendation action of the machine or rule

common Boolean

Whether the application is commonly run on the machine

configurationStatus String

The configuration status of the machines group or machine or rule

fileType String

The type of the file (for Linux files - Executable is used)

path String

The full path of the file, or an identifier of the application

publisherInfo PublisherInfoResponse

Represents the publisher information of a process/rule

type String

The type of the rule to be allowed

userSids List<String>
usernames List<UserRecommendationResponse>
action string

The recommendation action of the machine or rule

common boolean

Whether the application is commonly run on the machine

configurationStatus string

The configuration status of the machines group or machine or rule

fileType string

The type of the file (for Linux files - Executable is used)

path string

The full path of the file, or an identifier of the application

publisherInfo PublisherInfoResponse

Represents the publisher information of a process/rule

type string

The type of the rule to be allowed

userSids string[]
usernames UserRecommendationResponse[]
action str

The recommendation action of the machine or rule

common bool

Whether the application is commonly run on the machine

configuration_status str

The configuration status of the machines group or machine or rule

file_type str

The type of the file (for Linux files - Executable is used)

path str

The full path of the file, or an identifier of the application

publisher_info PublisherInfoResponse

Represents the publisher information of a process/rule

type str

The type of the rule to be allowed

user_sids Sequence[str]
usernames Sequence[UserRecommendationResponse]
action String

The recommendation action of the machine or rule

common Boolean

Whether the application is commonly run on the machine

configurationStatus String

The configuration status of the machines group or machine or rule

fileType String

The type of the file (for Linux files - Executable is used)

path String

The full path of the file, or an identifier of the application

publisherInfo Property Map

Represents the publisher information of a process/rule

type String

The type of the rule to be allowed

userSids List<String>
usernames List<Property Map>

ProtectionMode

Exe string

The application control policy enforcement/protection mode of the machine group

Executable string

The application control policy enforcement/protection mode of the machine group

Msi string

The application control policy enforcement/protection mode of the machine group

Script string

The application control policy enforcement/protection mode of the machine group

Exe string

The application control policy enforcement/protection mode of the machine group

Executable string

The application control policy enforcement/protection mode of the machine group

Msi string

The application control policy enforcement/protection mode of the machine group

Script string

The application control policy enforcement/protection mode of the machine group

exe String

The application control policy enforcement/protection mode of the machine group

executable String

The application control policy enforcement/protection mode of the machine group

msi String

The application control policy enforcement/protection mode of the machine group

script String

The application control policy enforcement/protection mode of the machine group

exe string

The application control policy enforcement/protection mode of the machine group

executable string

The application control policy enforcement/protection mode of the machine group

msi string

The application control policy enforcement/protection mode of the machine group

script string

The application control policy enforcement/protection mode of the machine group

exe str

The application control policy enforcement/protection mode of the machine group

executable str

The application control policy enforcement/protection mode of the machine group

msi str

The application control policy enforcement/protection mode of the machine group

script str

The application control policy enforcement/protection mode of the machine group

exe String

The application control policy enforcement/protection mode of the machine group

executable String

The application control policy enforcement/protection mode of the machine group

msi String

The application control policy enforcement/protection mode of the machine group

script String

The application control policy enforcement/protection mode of the machine group

ProtectionModeResponse

Exe string

The application control policy enforcement/protection mode of the machine group

Executable string

The application control policy enforcement/protection mode of the machine group

Msi string

The application control policy enforcement/protection mode of the machine group

Script string

The application control policy enforcement/protection mode of the machine group

Exe string

The application control policy enforcement/protection mode of the machine group

Executable string

The application control policy enforcement/protection mode of the machine group

Msi string

The application control policy enforcement/protection mode of the machine group

Script string

The application control policy enforcement/protection mode of the machine group

exe String

The application control policy enforcement/protection mode of the machine group

executable String

The application control policy enforcement/protection mode of the machine group

msi String

The application control policy enforcement/protection mode of the machine group

script String

The application control policy enforcement/protection mode of the machine group

exe string

The application control policy enforcement/protection mode of the machine group

executable string

The application control policy enforcement/protection mode of the machine group

msi string

The application control policy enforcement/protection mode of the machine group

script string

The application control policy enforcement/protection mode of the machine group

exe str

The application control policy enforcement/protection mode of the machine group

executable str

The application control policy enforcement/protection mode of the machine group

msi str

The application control policy enforcement/protection mode of the machine group

script str

The application control policy enforcement/protection mode of the machine group

exe String

The application control policy enforcement/protection mode of the machine group

executable String

The application control policy enforcement/protection mode of the machine group

msi String

The application control policy enforcement/protection mode of the machine group

script String

The application control policy enforcement/protection mode of the machine group

PublisherInfo

BinaryName string

The "OriginalName" field taken from the file's version resource

ProductName string

The product name taken from the file's version resource

PublisherName string

The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country

Version string

The binary file version taken from the file's version resource

BinaryName string

The "OriginalName" field taken from the file's version resource

ProductName string

The product name taken from the file's version resource

PublisherName string

The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country

Version string

The binary file version taken from the file's version resource

binaryName String

The "OriginalName" field taken from the file's version resource

productName String

The product name taken from the file's version resource

publisherName String

The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country

version String

The binary file version taken from the file's version resource

binaryName string

The "OriginalName" field taken from the file's version resource

productName string

The product name taken from the file's version resource

publisherName string

The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country

version string

The binary file version taken from the file's version resource

binary_name str

The "OriginalName" field taken from the file's version resource

product_name str

The product name taken from the file's version resource

publisher_name str

The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country

version str

The binary file version taken from the file's version resource

binaryName String

The "OriginalName" field taken from the file's version resource

productName String

The product name taken from the file's version resource

publisherName String

The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country

version String

The binary file version taken from the file's version resource

PublisherInfoResponse

BinaryName string

The "OriginalName" field taken from the file's version resource

ProductName string

The product name taken from the file's version resource

PublisherName string

The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country

Version string

The binary file version taken from the file's version resource

BinaryName string

The "OriginalName" field taken from the file's version resource

ProductName string

The product name taken from the file's version resource

PublisherName string

The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country

Version string

The binary file version taken from the file's version resource

binaryName String

The "OriginalName" field taken from the file's version resource

productName String

The product name taken from the file's version resource

publisherName String

The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country

version String

The binary file version taken from the file's version resource

binaryName string

The "OriginalName" field taken from the file's version resource

productName string

The product name taken from the file's version resource

publisherName string

The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country

version string

The binary file version taken from the file's version resource

binary_name str

The "OriginalName" field taken from the file's version resource

product_name str

The product name taken from the file's version resource

publisher_name str

The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country

version str

The binary file version taken from the file's version resource

binaryName String

The "OriginalName" field taken from the file's version resource

productName String

The product name taken from the file's version resource

publisherName String

The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country

version String

The binary file version taken from the file's version resource

UserRecommendation

RecommendationAction string

The recommendation action of the machine or rule

Username string

Represents a user that is recommended to be allowed for a certain rule

RecommendationAction string

The recommendation action of the machine or rule

Username string

Represents a user that is recommended to be allowed for a certain rule

recommendationAction String

The recommendation action of the machine or rule

username String

Represents a user that is recommended to be allowed for a certain rule

recommendationAction string

The recommendation action of the machine or rule

username string

Represents a user that is recommended to be allowed for a certain rule

recommendation_action str

The recommendation action of the machine or rule

username str

Represents a user that is recommended to be allowed for a certain rule

recommendationAction String

The recommendation action of the machine or rule

username String

Represents a user that is recommended to be allowed for a certain rule

UserRecommendationResponse

RecommendationAction string

The recommendation action of the machine or rule

Username string

Represents a user that is recommended to be allowed for a certain rule

RecommendationAction string

The recommendation action of the machine or rule

Username string

Represents a user that is recommended to be allowed for a certain rule

recommendationAction String

The recommendation action of the machine or rule

username String

Represents a user that is recommended to be allowed for a certain rule

recommendationAction string

The recommendation action of the machine or rule

username string

Represents a user that is recommended to be allowed for a certain rule

recommendation_action str

The recommendation action of the machine or rule

username str

Represents a user that is recommended to be allowed for a certain rule

recommendationAction String

The recommendation action of the machine or rule

username String

Represents a user that is recommended to be allowed for a certain rule

VmRecommendation

ConfigurationStatus string

The configuration status of the machines group or machine or rule

EnforcementSupport string

The machine supportability of Enforce feature

RecommendationAction string

The recommendation action of the machine or rule

ResourceId string

The full resource id of the machine

ConfigurationStatus string

The configuration status of the machines group or machine or rule

EnforcementSupport string

The machine supportability of Enforce feature

RecommendationAction string

The recommendation action of the machine or rule

ResourceId string

The full resource id of the machine

configurationStatus String

The configuration status of the machines group or machine or rule

enforcementSupport String

The machine supportability of Enforce feature

recommendationAction String

The recommendation action of the machine or rule

resourceId String

The full resource id of the machine

configurationStatus string

The configuration status of the machines group or machine or rule

enforcementSupport string

The machine supportability of Enforce feature

recommendationAction string

The recommendation action of the machine or rule

resourceId string

The full resource id of the machine

configuration_status str

The configuration status of the machines group or machine or rule

enforcement_support str

The machine supportability of Enforce feature

recommendation_action str

The recommendation action of the machine or rule

resource_id str

The full resource id of the machine

configurationStatus String

The configuration status of the machines group or machine or rule

enforcementSupport String

The machine supportability of Enforce feature

recommendationAction String

The recommendation action of the machine or rule

resourceId String

The full resource id of the machine

VmRecommendationResponse

ConfigurationStatus string

The configuration status of the machines group or machine or rule

EnforcementSupport string

The machine supportability of Enforce feature

RecommendationAction string

The recommendation action of the machine or rule

ResourceId string

The full resource id of the machine

ConfigurationStatus string

The configuration status of the machines group or machine or rule

EnforcementSupport string

The machine supportability of Enforce feature

RecommendationAction string

The recommendation action of the machine or rule

ResourceId string

The full resource id of the machine

configurationStatus String

The configuration status of the machines group or machine or rule

enforcementSupport String

The machine supportability of Enforce feature

recommendationAction String

The recommendation action of the machine or rule

resourceId String

The full resource id of the machine

configurationStatus string

The configuration status of the machines group or machine or rule

enforcementSupport string

The machine supportability of Enforce feature

recommendationAction string

The recommendation action of the machine or rule

resourceId string

The full resource id of the machine

configuration_status str

The configuration status of the machines group or machine or rule

enforcement_support str

The machine supportability of Enforce feature

recommendation_action str

The recommendation action of the machine or rule

resource_id str

The full resource id of the machine

configurationStatus String

The configuration status of the machines group or machine or rule

enforcementSupport String

The machine supportability of Enforce feature

recommendationAction String

The recommendation action of the machine or rule

resourceId String

The full resource id of the machine

Import

An existing resource can be imported using its type token, name, and identifier, e.g.

$ pulumi import azure-native:security:AdaptiveApplicationControl ERELGROUP1 /subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/locations/centralus/applicationWhitelistings/ERELGROUP1 

Package Details

Repository
Azure Native pulumi/pulumi-azure-native
License
Apache-2.0