azure-native.security.AssessmentsMetadataSubscription
Explore with Pulumi AI
Security assessment metadata Azure REST API version: 2019-01-01-preview.
Example Usage
Create security assessment metadata for subscription
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var assessmentsMetadataSubscription = new AzureNative.Security.AssessmentsMetadataSubscription("assessmentsMetadataSubscription", new()
{
AssessmentMetadataName = "ca039e75-a276-4175-aebc-bcd41e4b14b7",
AssessmentType = "CustomerManaged",
Categories = new[]
{
"Compute",
},
Description = "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
DisplayName = "Install endpoint protection solution on virtual machine scale sets",
ImplementationEffort = "Low",
RemediationDescription = "To install an endpoint protection solution: 1. <a href=\"https://docs.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-faq#how-do-i-turn-on-antimalware-in-my-virtual-machine-scale-set\">Follow the instructions in How do I turn on antimalware in my virtual machine scale set</a>",
Severity = "Medium",
Threats = new[]
{
"dataExfiltration",
"dataSpillage",
"maliciousInsider",
},
UserImpact = "Low",
});
});
package main
import (
"github.com/pulumi/pulumi-azure-native-sdk/security/v2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := security.NewAssessmentsMetadataSubscription(ctx, "assessmentsMetadataSubscription", &security.AssessmentsMetadataSubscriptionArgs{
AssessmentMetadataName: pulumi.String("ca039e75-a276-4175-aebc-bcd41e4b14b7"),
AssessmentType: pulumi.String("CustomerManaged"),
Categories: pulumi.StringArray{
pulumi.String("Compute"),
},
Description: pulumi.String("Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities."),
DisplayName: pulumi.String("Install endpoint protection solution on virtual machine scale sets"),
ImplementationEffort: pulumi.String("Low"),
RemediationDescription: pulumi.String("To install an endpoint protection solution: 1. <a href=\"https://docs.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-faq#how-do-i-turn-on-antimalware-in-my-virtual-machine-scale-set\">Follow the instructions in How do I turn on antimalware in my virtual machine scale set</a>"),
Severity: pulumi.String("Medium"),
Threats: pulumi.StringArray{
pulumi.String("dataExfiltration"),
pulumi.String("dataSpillage"),
pulumi.String("maliciousInsider"),
},
UserImpact: pulumi.String("Low"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.AssessmentsMetadataSubscription;
import com.pulumi.azurenative.security.AssessmentsMetadataSubscriptionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var assessmentsMetadataSubscription = new AssessmentsMetadataSubscription("assessmentsMetadataSubscription", AssessmentsMetadataSubscriptionArgs.builder()
.assessmentMetadataName("ca039e75-a276-4175-aebc-bcd41e4b14b7")
.assessmentType("CustomerManaged")
.categories("Compute")
.description("Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.")
.displayName("Install endpoint protection solution on virtual machine scale sets")
.implementationEffort("Low")
.remediationDescription("To install an endpoint protection solution: 1. <a href=\"https://docs.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-faq#how-do-i-turn-on-antimalware-in-my-virtual-machine-scale-set\">Follow the instructions in How do I turn on antimalware in my virtual machine scale set</a>")
.severity("Medium")
.threats(
"dataExfiltration",
"dataSpillage",
"maliciousInsider")
.userImpact("Low")
.build());
}
}
import pulumi
import pulumi_azure_native as azure_native
assessments_metadata_subscription = azure_native.security.AssessmentsMetadataSubscription("assessmentsMetadataSubscription",
assessment_metadata_name="ca039e75-a276-4175-aebc-bcd41e4b14b7",
assessment_type="CustomerManaged",
categories=["Compute"],
description="Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
display_name="Install endpoint protection solution on virtual machine scale sets",
implementation_effort="Low",
remediation_description="To install an endpoint protection solution: 1. <a href=\"https://docs.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-faq#how-do-i-turn-on-antimalware-in-my-virtual-machine-scale-set\">Follow the instructions in How do I turn on antimalware in my virtual machine scale set</a>",
severity="Medium",
threats=[
"dataExfiltration",
"dataSpillage",
"maliciousInsider",
],
user_impact="Low")
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const assessmentsMetadataSubscription = new azure_native.security.AssessmentsMetadataSubscription("assessmentsMetadataSubscription", {
assessmentMetadataName: "ca039e75-a276-4175-aebc-bcd41e4b14b7",
assessmentType: "CustomerManaged",
categories: ["Compute"],
description: "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
displayName: "Install endpoint protection solution on virtual machine scale sets",
implementationEffort: "Low",
remediationDescription: "To install an endpoint protection solution: 1. <a href=\"https://docs.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-faq#how-do-i-turn-on-antimalware-in-my-virtual-machine-scale-set\">Follow the instructions in How do I turn on antimalware in my virtual machine scale set</a>",
severity: "Medium",
threats: [
"dataExfiltration",
"dataSpillage",
"maliciousInsider",
],
userImpact: "Low",
});
resources:
assessmentsMetadataSubscription:
type: azure-native:security:AssessmentsMetadataSubscription
properties:
assessmentMetadataName: ca039e75-a276-4175-aebc-bcd41e4b14b7
assessmentType: CustomerManaged
categories:
- Compute
description: Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.
displayName: Install endpoint protection solution on virtual machine scale sets
implementationEffort: Low
remediationDescription: 'To install an endpoint protection solution: 1. <a href="https://docs.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-faq#how-do-i-turn-on-antimalware-in-my-virtual-machine-scale-set">Follow the instructions in How do I turn on antimalware in my virtual machine scale set</a>'
severity: Medium
threats:
- dataExfiltration
- dataSpillage
- maliciousInsider
userImpact: Low
Create AssessmentsMetadataSubscription Resource
new AssessmentsMetadataSubscription(name: string, args: AssessmentsMetadataSubscriptionArgs, opts?: CustomResourceOptions);
@overload
def AssessmentsMetadataSubscription(resource_name: str,
opts: Optional[ResourceOptions] = None,
assessment_metadata_name: Optional[str] = None,
assessment_type: Optional[Union[str, AssessmentType]] = None,
categories: Optional[Sequence[Union[str, Categories]]] = None,
description: Optional[str] = None,
display_name: Optional[str] = None,
implementation_effort: Optional[Union[str, ImplementationEffort]] = None,
preview: Optional[bool] = None,
remediation_description: Optional[str] = None,
severity: Optional[Union[str, Severity]] = None,
threats: Optional[Sequence[Union[str, Threats]]] = None,
user_impact: Optional[Union[str, UserImpact]] = None)
@overload
def AssessmentsMetadataSubscription(resource_name: str,
args: AssessmentsMetadataSubscriptionArgs,
opts: Optional[ResourceOptions] = None)
func NewAssessmentsMetadataSubscription(ctx *Context, name string, args AssessmentsMetadataSubscriptionArgs, opts ...ResourceOption) (*AssessmentsMetadataSubscription, error)
public AssessmentsMetadataSubscription(string name, AssessmentsMetadataSubscriptionArgs args, CustomResourceOptions? opts = null)
public AssessmentsMetadataSubscription(String name, AssessmentsMetadataSubscriptionArgs args)
public AssessmentsMetadataSubscription(String name, AssessmentsMetadataSubscriptionArgs args, CustomResourceOptions options)
type: azure-native:security:AssessmentsMetadataSubscription
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AssessmentsMetadataSubscriptionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AssessmentsMetadataSubscriptionArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AssessmentsMetadataSubscriptionArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AssessmentsMetadataSubscriptionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AssessmentsMetadataSubscriptionArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
AssessmentsMetadataSubscription Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The AssessmentsMetadataSubscription resource accepts the following input properties:
- Assessment
Type string | Pulumi.Azure Native. Security. Assessment Type BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition
- Display
Name string User friendly display name of the assessment
- Severity
string | Pulumi.
Azure Native. Security. Severity The severity level of the assessment
- Assessment
Metadata stringName The Assessment Key - Unique key for the assessment type
- Categories
List<Union<string, Pulumi.
Azure Native. Security. Categories>> - Description string
Human readable description of the assessment
- Implementation
Effort string | Pulumi.Azure Native. Security. Implementation Effort The implementation effort required to remediate this assessment
- Preview bool
True if this assessment is in preview release status
- Remediation
Description string Human readable description of what you should do to mitigate this security issue
- Threats
List<Union<string, Pulumi.
Azure Native. Security. Threats>> - User
Impact string | Pulumi.Azure Native. Security. User Impact The user impact of the assessment
- Assessment
Type string | AssessmentType BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition
- Display
Name string User friendly display name of the assessment
- Severity string | Severity
The severity level of the assessment
- Assessment
Metadata stringName The Assessment Key - Unique key for the assessment type
- Categories []string
- Description string
Human readable description of the assessment
- Implementation
Effort string | ImplementationEffort The implementation effort required to remediate this assessment
- Preview bool
True if this assessment is in preview release status
- Remediation
Description string Human readable description of what you should do to mitigate this security issue
- Threats []string
- User
Impact string | UserImpact The user impact of the assessment
- assessment
Type String | AssessmentType BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition
- display
Name String User friendly display name of the assessment
- severity String | Severity
The severity level of the assessment
- assessment
Metadata StringName The Assessment Key - Unique key for the assessment type
- categories List<Either<String,Categories>>
- description String
Human readable description of the assessment
- implementation
Effort String | ImplementationEffort The implementation effort required to remediate this assessment
- preview Boolean
True if this assessment is in preview release status
- remediation
Description String Human readable description of what you should do to mitigate this security issue
- threats List<Either<String,Threats>>
- user
Impact String | UserImpact The user impact of the assessment
- assessment
Type string | AssessmentType BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition
- display
Name string User friendly display name of the assessment
- severity string | Severity
The severity level of the assessment
- assessment
Metadata stringName The Assessment Key - Unique key for the assessment type
- categories (string | Categories)[]
- description string
Human readable description of the assessment
- implementation
Effort string | ImplementationEffort The implementation effort required to remediate this assessment
- preview boolean
True if this assessment is in preview release status
- remediation
Description string Human readable description of what you should do to mitigate this security issue
- threats (string | Threats)[]
- user
Impact string | UserImpact The user impact of the assessment
- assessment_
type str | AssessmentType BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition
- display_
name str User friendly display name of the assessment
- severity str | Severity
The severity level of the assessment
- assessment_
metadata_ strname The Assessment Key - Unique key for the assessment type
- categories Sequence[Union[str, Categories]]
- description str
Human readable description of the assessment
- implementation_
effort str | ImplementationEffort The implementation effort required to remediate this assessment
- preview bool
True if this assessment is in preview release status
- remediation_
description str Human readable description of what you should do to mitigate this security issue
- threats Sequence[Union[str, Threats]]
- user_
impact str | UserImpact The user impact of the assessment
- assessment
Type String | "BuiltIn" | "Custom Policy" | "Customer Managed" BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition
- display
Name String User friendly display name of the assessment
- severity String | "Low" | "Medium" | "High"
The severity level of the assessment
- assessment
Metadata StringName The Assessment Key - Unique key for the assessment type
- categories
List<String | "Compute" | "Networking" | "Data" | "Identity
And Access" | "Io T"> - description String
Human readable description of the assessment
- implementation
Effort String | "Low" | "Moderate" | "High" The implementation effort required to remediate this assessment
- preview Boolean
True if this assessment is in preview release status
- remediation
Description String Human readable description of what you should do to mitigate this security issue
- threats
List<String | "account
Breach" | "data Exfiltration" | "data Spillage" | "malicious Insider" | "elevation Of Privilege" | "threat Resistance" | "missing Coverage" | "denial Of Service"> - user
Impact String | "Low" | "Moderate" | "High" The user impact of the assessment
Outputs
All input properties are implicitly available as output properties. Additionally, the AssessmentsMetadataSubscription resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Name string
Resource name
- Policy
Definition stringId Azure resource ID of the policy definition that turns this assessment calculation on
- Type string
Resource type
- Id string
The provider-assigned unique ID for this managed resource.
- Name string
Resource name
- Policy
Definition stringId Azure resource ID of the policy definition that turns this assessment calculation on
- Type string
Resource type
- id String
The provider-assigned unique ID for this managed resource.
- name String
Resource name
- policy
Definition StringId Azure resource ID of the policy definition that turns this assessment calculation on
- type String
Resource type
- id string
The provider-assigned unique ID for this managed resource.
- name string
Resource name
- policy
Definition stringId Azure resource ID of the policy definition that turns this assessment calculation on
- type string
Resource type
- id str
The provider-assigned unique ID for this managed resource.
- name str
Resource name
- policy_
definition_ strid Azure resource ID of the policy definition that turns this assessment calculation on
- type str
Resource type
- id String
The provider-assigned unique ID for this managed resource.
- name String
Resource name
- policy
Definition StringId Azure resource ID of the policy definition that turns this assessment calculation on
- type String
Resource type
Supporting Types
AssessmentType, AssessmentTypeArgs
- Built
In - BuiltIn
Microsoft Defender for Cloud managed assessments
- Custom
Policy - CustomPolicy
User defined policies that are automatically ingested from Azure Policy to Microsoft Defender for Cloud
- Customer
Managed - CustomerManaged
User assessments pushed directly by the user or other third party to Microsoft Defender for Cloud
- Assessment
Type Built In - BuiltIn
Microsoft Defender for Cloud managed assessments
- Assessment
Type Custom Policy - CustomPolicy
User defined policies that are automatically ingested from Azure Policy to Microsoft Defender for Cloud
- Assessment
Type Customer Managed - CustomerManaged
User assessments pushed directly by the user or other third party to Microsoft Defender for Cloud
- Built
In - BuiltIn
Microsoft Defender for Cloud managed assessments
- Custom
Policy - CustomPolicy
User defined policies that are automatically ingested from Azure Policy to Microsoft Defender for Cloud
- Customer
Managed - CustomerManaged
User assessments pushed directly by the user or other third party to Microsoft Defender for Cloud
- Built
In - BuiltIn
Microsoft Defender for Cloud managed assessments
- Custom
Policy - CustomPolicy
User defined policies that are automatically ingested from Azure Policy to Microsoft Defender for Cloud
- Customer
Managed - CustomerManaged
User assessments pushed directly by the user or other third party to Microsoft Defender for Cloud
- BUILT_IN
- BuiltIn
Microsoft Defender for Cloud managed assessments
- CUSTOM_POLICY
- CustomPolicy
User defined policies that are automatically ingested from Azure Policy to Microsoft Defender for Cloud
- CUSTOMER_MANAGED
- CustomerManaged
User assessments pushed directly by the user or other third party to Microsoft Defender for Cloud
- "Built
In" - BuiltIn
Microsoft Defender for Cloud managed assessments
- "Custom
Policy" - CustomPolicy
User defined policies that are automatically ingested from Azure Policy to Microsoft Defender for Cloud
- "Customer
Managed" - CustomerManaged
User assessments pushed directly by the user or other third party to Microsoft Defender for Cloud
Categories, CategoriesArgs
- Compute
- Compute
- Networking
- Networking
- Data
- Data
- Identity
And Access - IdentityAndAccess
- Io
T - IoT
- Categories
Compute - Compute
- Categories
Networking - Networking
- Categories
Data - Data
- Categories
Identity And Access - IdentityAndAccess
- Categories
Io T - IoT
- Compute
- Compute
- Networking
- Networking
- Data
- Data
- Identity
And Access - IdentityAndAccess
- Io
T - IoT
- Compute
- Compute
- Networking
- Networking
- Data
- Data
- Identity
And Access - IdentityAndAccess
- Io
T - IoT
- COMPUTE
- Compute
- NETWORKING
- Networking
- DATA
- Data
- IDENTITY_AND_ACCESS
- IdentityAndAccess
- IO_T
- IoT
- "Compute"
- Compute
- "Networking"
- Networking
- "Data"
- Data
- "Identity
And Access" - IdentityAndAccess
- "Io
T" - IoT
ImplementationEffort, ImplementationEffortArgs
- Low
- Low
- Moderate
- Moderate
- High
- High
- Implementation
Effort Low - Low
- Implementation
Effort Moderate - Moderate
- Implementation
Effort High - High
- Low
- Low
- Moderate
- Moderate
- High
- High
- Low
- Low
- Moderate
- Moderate
- High
- High
- LOW
- Low
- MODERATE
- Moderate
- HIGH
- High
- "Low"
- Low
- "Moderate"
- Moderate
- "High"
- High
Severity, SeverityArgs
- Low
- Low
- Medium
- Medium
- High
- High
- Severity
Low - Low
- Severity
Medium - Medium
- Severity
High - High
- Low
- Low
- Medium
- Medium
- High
- High
- Low
- Low
- Medium
- Medium
- High
- High
- LOW
- Low
- MEDIUM
- Medium
- HIGH
- High
- "Low"
- Low
- "Medium"
- Medium
- "High"
- High
Threats, ThreatsArgs
- Account
Breach - accountBreach
- Data
Exfiltration - dataExfiltration
- Data
Spillage - dataSpillage
- Malicious
Insider - maliciousInsider
- Elevation
Of Privilege - elevationOfPrivilege
- Threat
Resistance - threatResistance
- Missing
Coverage - missingCoverage
- Denial
Of Service - denialOfService
- Threats
Account Breach - accountBreach
- Threats
Data Exfiltration - dataExfiltration
- Threats
Data Spillage - dataSpillage
- Threats
Malicious Insider - maliciousInsider
- Threats
Elevation Of Privilege - elevationOfPrivilege
- Threats
Threat Resistance - threatResistance
- Threats
Missing Coverage - missingCoverage
- Threats
Denial Of Service - denialOfService
- Account
Breach - accountBreach
- Data
Exfiltration - dataExfiltration
- Data
Spillage - dataSpillage
- Malicious
Insider - maliciousInsider
- Elevation
Of Privilege - elevationOfPrivilege
- Threat
Resistance - threatResistance
- Missing
Coverage - missingCoverage
- Denial
Of Service - denialOfService
- Account
Breach - accountBreach
- Data
Exfiltration - dataExfiltration
- Data
Spillage - dataSpillage
- Malicious
Insider - maliciousInsider
- Elevation
Of Privilege - elevationOfPrivilege
- Threat
Resistance - threatResistance
- Missing
Coverage - missingCoverage
- Denial
Of Service - denialOfService
- ACCOUNT_BREACH
- accountBreach
- DATA_EXFILTRATION
- dataExfiltration
- DATA_SPILLAGE
- dataSpillage
- MALICIOUS_INSIDER
- maliciousInsider
- ELEVATION_OF_PRIVILEGE
- elevationOfPrivilege
- THREAT_RESISTANCE
- threatResistance
- MISSING_COVERAGE
- missingCoverage
- DENIAL_OF_SERVICE
- denialOfService
- "account
Breach" - accountBreach
- "data
Exfiltration" - dataExfiltration
- "data
Spillage" - dataSpillage
- "malicious
Insider" - maliciousInsider
- "elevation
Of Privilege" - elevationOfPrivilege
- "threat
Resistance" - threatResistance
- "missing
Coverage" - missingCoverage
- "denial
Of Service" - denialOfService
UserImpact, UserImpactArgs
- Low
- Low
- Moderate
- Moderate
- High
- High
- User
Impact Low - Low
- User
Impact Moderate - Moderate
- User
Impact High - High
- Low
- Low
- Moderate
- Moderate
- High
- High
- Low
- Low
- Moderate
- Moderate
- High
- High
- LOW
- Low
- MODERATE
- Moderate
- HIGH
- High
- "Low"
- Low
- "Moderate"
- Moderate
- "High"
- High
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:security:AssessmentsMetadataSubscription ca039e75-a276-4175-aebc-bcd41e4b14b7 /subscriptions/{subscriptionId}/providers/Microsoft.Security/assessmentMetadata/{assessmentMetadataName}
Package Details
- Repository
- Azure Native pulumi/pulumi-azure-native
- License
- Apache-2.0