Docs
Packagesdatadog.SecurityMonitoringDefaultRule
Explore with Pulumi AI
Provides a Datadog Security Monitoring Rule API resource for default rules. It can only be imported, you can’t create a default rule.
Example Usage
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Datadog = Pulumi.Datadog;
return await Deployment.RunAsync(() =>
{
var adefaultrule = new Datadog.SecurityMonitoringDefaultRule("adefaultrule", new()
{
Cases = new[]
{
new Datadog.Inputs.SecurityMonitoringDefaultRuleCaseArgs
{
Notifications = new[]
{
"@me",
},
Status = "high",
},
},
Enabled = true,
});
});
package main
import (
"github.com/pulumi/pulumi-datadog/sdk/v4/go/datadog"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := datadog.NewSecurityMonitoringDefaultRule(ctx, "adefaultrule", &datadog.SecurityMonitoringDefaultRuleArgs{
Cases: datadog.SecurityMonitoringDefaultRuleCaseArray{
&datadog.SecurityMonitoringDefaultRuleCaseArgs{
Notifications: pulumi.StringArray{
pulumi.String("@me"),
},
Status: pulumi.String("high"),
},
},
Enabled: pulumi.Bool(true),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.datadog.SecurityMonitoringDefaultRule;
import com.pulumi.datadog.SecurityMonitoringDefaultRuleArgs;
import com.pulumi.datadog.inputs.SecurityMonitoringDefaultRuleCaseArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var adefaultrule = new SecurityMonitoringDefaultRule("adefaultrule", SecurityMonitoringDefaultRuleArgs.builder()
.cases(SecurityMonitoringDefaultRuleCaseArgs.builder()
.notifications("@me")
.status("high")
.build())
.enabled(true)
.build());
}
}
import pulumi
import pulumi_datadog as datadog
adefaultrule = datadog.SecurityMonitoringDefaultRule("adefaultrule",
cases=[datadog.SecurityMonitoringDefaultRuleCaseArgs(
notifications=["@me"],
status="high",
)],
enabled=True)
import * as pulumi from "@pulumi/pulumi";
import * as datadog from "@pulumi/datadog";
const adefaultrule = new datadog.SecurityMonitoringDefaultRule("adefaultrule", {
cases: [{
notifications: ["@me"],
status: "high",
}],
enabled: true,
});
resources:
adefaultrule:
type: datadog:SecurityMonitoringDefaultRule
properties:
# Change the notifications for the high case
cases:
- notifications:
- '@me'
status: high
enabled: true
Create SecurityMonitoringDefaultRule Resource
new SecurityMonitoringDefaultRule(name: string, args?: SecurityMonitoringDefaultRuleArgs, opts?: CustomResourceOptions);@overload
def SecurityMonitoringDefaultRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
cases: Optional[Sequence[SecurityMonitoringDefaultRuleCaseArgs]] = None,
enabled: Optional[bool] = None,
filters: Optional[Sequence[SecurityMonitoringDefaultRuleFilterArgs]] = None,
options: Optional[SecurityMonitoringDefaultRuleOptionsArgs] = None)
@overload
def SecurityMonitoringDefaultRule(resource_name: str,
args: Optional[SecurityMonitoringDefaultRuleArgs] = None,
opts: Optional[ResourceOptions] = None)func NewSecurityMonitoringDefaultRule(ctx *Context, name string, args *SecurityMonitoringDefaultRuleArgs, opts ...ResourceOption) (*SecurityMonitoringDefaultRule, error)public SecurityMonitoringDefaultRule(string name, SecurityMonitoringDefaultRuleArgs? args = null, CustomResourceOptions? opts = null)
public SecurityMonitoringDefaultRule(String name, SecurityMonitoringDefaultRuleArgs args)
public SecurityMonitoringDefaultRule(String name, SecurityMonitoringDefaultRuleArgs args, CustomResourceOptions options)
type: datadog:SecurityMonitoringDefaultRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SecurityMonitoringDefaultRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args SecurityMonitoringDefaultRuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args SecurityMonitoringDefaultRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SecurityMonitoringDefaultRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args SecurityMonitoringDefaultRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
SecurityMonitoringDefaultRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The SecurityMonitoringDefaultRule resource accepts the following input properties:
- Cases
List<Security
Monitoring Default Rule Case> Cases of the rule, this is used to update notifications.
- Enabled bool
Enable the rule.
- Filters
List<Security
Monitoring Default Rule Filter> Additional queries to filter matched events before they are processed.
- Options
Security
Monitoring Default Rule Options Options on default rules. Note that only a subset of fields can be updated on default rule options.
- Cases
[]Security
Monitoring Default Rule Case Args Cases of the rule, this is used to update notifications.
- Enabled bool
Enable the rule.
- Filters
[]Security
Monitoring Default Rule Filter Args Additional queries to filter matched events before they are processed.
- Options
Security
Monitoring Default Rule Options Args Options on default rules. Note that only a subset of fields can be updated on default rule options.
- cases
List<Security
Monitoring Default Rule Case> Cases of the rule, this is used to update notifications.
- enabled Boolean
Enable the rule.
- filters
List<Security
Monitoring Default Rule Filter> Additional queries to filter matched events before they are processed.
- options
Security
Monitoring Default Rule Options Options on default rules. Note that only a subset of fields can be updated on default rule options.
- cases
Security
Monitoring Default Rule Case[] Cases of the rule, this is used to update notifications.
- enabled boolean
Enable the rule.
- filters
Security
Monitoring Default Rule Filter[] Additional queries to filter matched events before they are processed.
- options
Security
Monitoring Default Rule Options Options on default rules. Note that only a subset of fields can be updated on default rule options.
- cases
Sequence[Security
Monitoring Default Rule Case Args] Cases of the rule, this is used to update notifications.
- enabled bool
Enable the rule.
- filters
Sequence[Security
Monitoring Default Rule Filter Args] Additional queries to filter matched events before they are processed.
- options
Security
Monitoring Default Rule Options Args Options on default rules. Note that only a subset of fields can be updated on default rule options.
- cases List<Property Map>
Cases of the rule, this is used to update notifications.
- enabled Boolean
Enable the rule.
- filters List<Property Map>
Additional queries to filter matched events before they are processed.
- options Property Map
Options on default rules. Note that only a subset of fields can be updated on default rule options.
Outputs
All input properties are implicitly available as output properties. Additionally, the SecurityMonitoringDefaultRule resource produces the following output properties:
Look up Existing SecurityMonitoringDefaultRule Resource
Get an existing SecurityMonitoringDefaultRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: SecurityMonitoringDefaultRuleState, opts?: CustomResourceOptions): SecurityMonitoringDefaultRule@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
cases: Optional[Sequence[SecurityMonitoringDefaultRuleCaseArgs]] = None,
enabled: Optional[bool] = None,
filters: Optional[Sequence[SecurityMonitoringDefaultRuleFilterArgs]] = None,
options: Optional[SecurityMonitoringDefaultRuleOptionsArgs] = None,
type: Optional[str] = None) -> SecurityMonitoringDefaultRulefunc GetSecurityMonitoringDefaultRule(ctx *Context, name string, id IDInput, state *SecurityMonitoringDefaultRuleState, opts ...ResourceOption) (*SecurityMonitoringDefaultRule, error)public static SecurityMonitoringDefaultRule Get(string name, Input<string> id, SecurityMonitoringDefaultRuleState? state, CustomResourceOptions? opts = null)public static SecurityMonitoringDefaultRule get(String name, Output<String> id, SecurityMonitoringDefaultRuleState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Cases
List<Security
Monitoring Default Rule Case> Cases of the rule, this is used to update notifications.
- Enabled bool
Enable the rule.
- Filters
List<Security
Monitoring Default Rule Filter> Additional queries to filter matched events before they are processed.
- Options
Security
Monitoring Default Rule Options Options on default rules. Note that only a subset of fields can be updated on default rule options.
- Type string
The rule type.
- Cases
[]Security
Monitoring Default Rule Case Args Cases of the rule, this is used to update notifications.
- Enabled bool
Enable the rule.
- Filters
[]Security
Monitoring Default Rule Filter Args Additional queries to filter matched events before they are processed.
- Options
Security
Monitoring Default Rule Options Args Options on default rules. Note that only a subset of fields can be updated on default rule options.
- Type string
The rule type.
- cases
List<Security
Monitoring Default Rule Case> Cases of the rule, this is used to update notifications.
- enabled Boolean
Enable the rule.
- filters
List<Security
Monitoring Default Rule Filter> Additional queries to filter matched events before they are processed.
- options
Security
Monitoring Default Rule Options Options on default rules. Note that only a subset of fields can be updated on default rule options.
- type String
The rule type.
- cases
Security
Monitoring Default Rule Case[] Cases of the rule, this is used to update notifications.
- enabled boolean
Enable the rule.
- filters
Security
Monitoring Default Rule Filter[] Additional queries to filter matched events before they are processed.
- options
Security
Monitoring Default Rule Options Options on default rules. Note that only a subset of fields can be updated on default rule options.
- type string
The rule type.
- cases
Sequence[Security
Monitoring Default Rule Case Args] Cases of the rule, this is used to update notifications.
- enabled bool
Enable the rule.
- filters
Sequence[Security
Monitoring Default Rule Filter Args] Additional queries to filter matched events before they are processed.
- options
Security
Monitoring Default Rule Options Args Options on default rules. Note that only a subset of fields can be updated on default rule options.
- type str
The rule type.
- cases List<Property Map>
Cases of the rule, this is used to update notifications.
- enabled Boolean
Enable the rule.
- filters List<Property Map>
Additional queries to filter matched events before they are processed.
- options Property Map
Options on default rules. Note that only a subset of fields can be updated on default rule options.
- type String
The rule type.
Supporting Types
SecurityMonitoringDefaultRuleCase, SecurityMonitoringDefaultRuleCaseArgs
- Notifications List<string>
Notification targets for each rule case.
- Status string
Status of the rule case to match. Valid values are
info,low,medium,high,critical.
- Notifications []string
Notification targets for each rule case.
- Status string
Status of the rule case to match. Valid values are
info,low,medium,high,critical.
- notifications List<String>
Notification targets for each rule case.
- status String
Status of the rule case to match. Valid values are
info,low,medium,high,critical.
- notifications string[]
Notification targets for each rule case.
- status string
Status of the rule case to match. Valid values are
info,low,medium,high,critical.
- notifications Sequence[str]
Notification targets for each rule case.
- status str
Status of the rule case to match. Valid values are
info,low,medium,high,critical.
- notifications List<String>
Notification targets for each rule case.
- status String
Status of the rule case to match. Valid values are
info,low,medium,high,critical.
SecurityMonitoringDefaultRuleFilter, SecurityMonitoringDefaultRuleFilterArgs
SecurityMonitoringDefaultRuleOptions, SecurityMonitoringDefaultRuleOptionsArgs
- Decrease
Criticality boolBased On Env If true, signals in non-production environments have a lower severity than what is defined by the rule case, which can reduce noise. The decrement is applied when the environment tag of the signal starts with
staging,test, ordev. Only available when the rule type islog_detection.
- Decrease
Criticality boolBased On Env If true, signals in non-production environments have a lower severity than what is defined by the rule case, which can reduce noise. The decrement is applied when the environment tag of the signal starts with
staging,test, ordev. Only available when the rule type islog_detection.
- decrease
Criticality BooleanBased On Env If true, signals in non-production environments have a lower severity than what is defined by the rule case, which can reduce noise. The decrement is applied when the environment tag of the signal starts with
staging,test, ordev. Only available when the rule type islog_detection.
- decrease
Criticality booleanBased On Env If true, signals in non-production environments have a lower severity than what is defined by the rule case, which can reduce noise. The decrement is applied when the environment tag of the signal starts with
staging,test, ordev. Only available when the rule type islog_detection.
- decrease_
criticality_ boolbased_ on_ env If true, signals in non-production environments have a lower severity than what is defined by the rule case, which can reduce noise. The decrement is applied when the environment tag of the signal starts with
staging,test, ordev. Only available when the rule type islog_detection.
- decrease
Criticality BooleanBased On Env If true, signals in non-production environments have a lower severity than what is defined by the rule case, which can reduce noise. The decrement is applied when the environment tag of the signal starts with
staging,test, ordev. Only available when the rule type islog_detection.
Import
Default rules need to be imported using their ID before applying. resource “datadog_security_monitoring_default_rule” “adefaultrule” { }
$ pulumi import datadog:index/securityMonitoringDefaultRule:SecurityMonitoringDefaultRule adefaultrule m0o-hto-lkb
Package Details
- Repository
- Datadog pulumi/pulumi-datadog
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
datadogTerraform Provider.