Viewing docs for elasticstack 0.15.0
published on Thursday, May 14, 2026 by elastic
published on Thursday, May 14, 2026 by elastic
Viewing docs for elasticstack 0.15.0
published on Thursday, May 14, 2026 by elastic
published on Thursday, May 14, 2026 by elastic
Manages an Elastic Defend Fleet integration policy (package policy for the endpoint package). Uses a two-phase create (bootstrap then finalize) and preserves server-managed payloads such as artifact_manifest and the package policy version in private state.
Create FleetElasticDefendIntegrationPolicy Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new FleetElasticDefendIntegrationPolicy(name: string, args: FleetElasticDefendIntegrationPolicyArgs, opts?: CustomResourceOptions);@overload
def FleetElasticDefendIntegrationPolicy(resource_name: str,
args: FleetElasticDefendIntegrationPolicyArgs,
opts: Optional[ResourceOptions] = None)
@overload
def FleetElasticDefendIntegrationPolicy(resource_name: str,
opts: Optional[ResourceOptions] = None,
agent_policy_id: Optional[str] = None,
integration_version: Optional[str] = None,
namespace: Optional[str] = None,
policy: Optional[FleetElasticDefendIntegrationPolicyPolicyArgs] = None,
description: Optional[str] = None,
enabled: Optional[bool] = None,
force: Optional[bool] = None,
kibana_connections: Optional[Sequence[FleetElasticDefendIntegrationPolicyKibanaConnectionArgs]] = None,
name: Optional[str] = None,
policy_id: Optional[str] = None,
preset: Optional[str] = None,
space_ids: Optional[Sequence[str]] = None)func NewFleetElasticDefendIntegrationPolicy(ctx *Context, name string, args FleetElasticDefendIntegrationPolicyArgs, opts ...ResourceOption) (*FleetElasticDefendIntegrationPolicy, error)public FleetElasticDefendIntegrationPolicy(string name, FleetElasticDefendIntegrationPolicyArgs args, CustomResourceOptions? opts = null)
public FleetElasticDefendIntegrationPolicy(String name, FleetElasticDefendIntegrationPolicyArgs args)
public FleetElasticDefendIntegrationPolicy(String name, FleetElasticDefendIntegrationPolicyArgs args, CustomResourceOptions options)
type: elasticstack:FleetElasticDefendIntegrationPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
resource "elasticstack_fleetelasticdefendintegrationpolicy" "name" {
# resource properties
}Parameters
- name string
- The unique name of the resource.
- args FleetElasticDefendIntegrationPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args FleetElasticDefendIntegrationPolicyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args FleetElasticDefendIntegrationPolicyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FleetElasticDefendIntegrationPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args FleetElasticDefendIntegrationPolicyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var fleetElasticDefendIntegrationPolicyResource = new Elasticstack.FleetElasticDefendIntegrationPolicy("fleetElasticDefendIntegrationPolicyResource", new()
{
AgentPolicyId = "string",
IntegrationVersion = "string",
Namespace = "string",
Policy = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyArgs
{
Linux = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyLinuxArgs
{
BehaviorProtection = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyLinuxBehaviorProtectionArgs
{
Mode = "string",
ReputationService = false,
Supported = false,
},
Events = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyLinuxEventsArgs
{
File = false,
Network = false,
Process = false,
SessionData = false,
TtyIo = false,
},
Logging = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyLinuxLoggingArgs
{
File = "string",
},
Malware = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyLinuxMalwareArgs
{
Blocklist = false,
Mode = "string",
},
MemoryProtection = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyLinuxMemoryProtectionArgs
{
Mode = "string",
Supported = false,
},
Popup = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyLinuxPopupArgs
{
BehaviorProtection = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyLinuxPopupBehaviorProtectionArgs
{
Enabled = false,
Message = "string",
},
Malware = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyLinuxPopupMalwareArgs
{
Enabled = false,
Message = "string",
},
MemoryProtection = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyLinuxPopupMemoryProtectionArgs
{
Enabled = false,
Message = "string",
},
},
},
Mac = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyMacArgs
{
BehaviorProtection = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyMacBehaviorProtectionArgs
{
Mode = "string",
ReputationService = false,
Supported = false,
},
Events = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyMacEventsArgs
{
File = false,
Network = false,
Process = false,
},
Logging = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyMacLoggingArgs
{
File = "string",
},
Malware = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyMacMalwareArgs
{
Blocklist = false,
Mode = "string",
NotifyUser = false,
OnWriteScan = false,
},
MemoryProtection = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyMacMemoryProtectionArgs
{
Mode = "string",
Supported = false,
},
Popup = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyMacPopupArgs
{
BehaviorProtection = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyMacPopupBehaviorProtectionArgs
{
Enabled = false,
Message = "string",
},
Malware = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyMacPopupMalwareArgs
{
Enabled = false,
Message = "string",
},
MemoryProtection = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyMacPopupMemoryProtectionArgs
{
Enabled = false,
Message = "string",
},
},
},
Windows = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyWindowsArgs
{
AntivirusRegistration = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyWindowsAntivirusRegistrationArgs
{
Enabled = false,
Mode = "string",
},
AttackSurfaceReduction = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyWindowsAttackSurfaceReductionArgs
{
CredentialHardening = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyWindowsAttackSurfaceReductionCredentialHardeningArgs
{
Enabled = false,
},
},
BehaviorProtection = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyWindowsBehaviorProtectionArgs
{
Mode = "string",
ReputationService = false,
Supported = false,
},
Events = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyWindowsEventsArgs
{
Authentication = false,
DllAndDriverLoad = false,
Dns = false,
File = false,
Network = false,
Process = false,
Registry = false,
Security = false,
},
Logging = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyWindowsLoggingArgs
{
File = "string",
},
Malware = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyWindowsMalwareArgs
{
Blocklist = false,
Mode = "string",
NotifyUser = false,
OnWriteScan = false,
},
MemoryProtection = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyWindowsMemoryProtectionArgs
{
Mode = "string",
Supported = false,
},
Popup = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyWindowsPopupArgs
{
BehaviorProtection = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyWindowsPopupBehaviorProtectionArgs
{
Enabled = false,
Message = "string",
},
Malware = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyWindowsPopupMalwareArgs
{
Enabled = false,
Message = "string",
},
MemoryProtection = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyWindowsPopupMemoryProtectionArgs
{
Enabled = false,
Message = "string",
},
Ransomware = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyWindowsPopupRansomwareArgs
{
Enabled = false,
Message = "string",
},
},
Ransomware = new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyPolicyWindowsRansomwareArgs
{
Mode = "string",
Supported = false,
},
},
},
Description = "string",
Enabled = false,
Force = false,
KibanaConnections = new[]
{
new Elasticstack.Inputs.FleetElasticDefendIntegrationPolicyKibanaConnectionArgs
{
ApiKey = "string",
BearerToken = "string",
CaCerts = new[]
{
"string",
},
Endpoints = new[]
{
"string",
},
Insecure = false,
Password = "string",
Username = "string",
},
},
Name = "string",
PolicyId = "string",
Preset = "string",
SpaceIds = new[]
{
"string",
},
});
example, err := elasticstack.NewFleetElasticDefendIntegrationPolicy(ctx, "fleetElasticDefendIntegrationPolicyResource", &elasticstack.FleetElasticDefendIntegrationPolicyArgs{
AgentPolicyId: pulumi.String("string"),
IntegrationVersion: pulumi.String("string"),
Namespace: pulumi.String("string"),
Policy: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyArgs{
Linux: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyLinuxArgs{
BehaviorProtection: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyLinuxBehaviorProtectionArgs{
Mode: pulumi.String("string"),
ReputationService: pulumi.Bool(false),
Supported: pulumi.Bool(false),
},
Events: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyLinuxEventsArgs{
File: pulumi.Bool(false),
Network: pulumi.Bool(false),
Process: pulumi.Bool(false),
SessionData: pulumi.Bool(false),
TtyIo: pulumi.Bool(false),
},
Logging: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyLinuxLoggingArgs{
File: pulumi.String("string"),
},
Malware: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyLinuxMalwareArgs{
Blocklist: pulumi.Bool(false),
Mode: pulumi.String("string"),
},
MemoryProtection: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyLinuxMemoryProtectionArgs{
Mode: pulumi.String("string"),
Supported: pulumi.Bool(false),
},
Popup: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyLinuxPopupArgs{
BehaviorProtection: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyLinuxPopupBehaviorProtectionArgs{
Enabled: pulumi.Bool(false),
Message: pulumi.String("string"),
},
Malware: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyLinuxPopupMalwareArgs{
Enabled: pulumi.Bool(false),
Message: pulumi.String("string"),
},
MemoryProtection: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyLinuxPopupMemoryProtectionArgs{
Enabled: pulumi.Bool(false),
Message: pulumi.String("string"),
},
},
},
Mac: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyMacArgs{
BehaviorProtection: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyMacBehaviorProtectionArgs{
Mode: pulumi.String("string"),
ReputationService: pulumi.Bool(false),
Supported: pulumi.Bool(false),
},
Events: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyMacEventsArgs{
File: pulumi.Bool(false),
Network: pulumi.Bool(false),
Process: pulumi.Bool(false),
},
Logging: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyMacLoggingArgs{
File: pulumi.String("string"),
},
Malware: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyMacMalwareArgs{
Blocklist: pulumi.Bool(false),
Mode: pulumi.String("string"),
NotifyUser: pulumi.Bool(false),
OnWriteScan: pulumi.Bool(false),
},
MemoryProtection: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyMacMemoryProtectionArgs{
Mode: pulumi.String("string"),
Supported: pulumi.Bool(false),
},
Popup: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyMacPopupArgs{
BehaviorProtection: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyMacPopupBehaviorProtectionArgs{
Enabled: pulumi.Bool(false),
Message: pulumi.String("string"),
},
Malware: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyMacPopupMalwareArgs{
Enabled: pulumi.Bool(false),
Message: pulumi.String("string"),
},
MemoryProtection: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyMacPopupMemoryProtectionArgs{
Enabled: pulumi.Bool(false),
Message: pulumi.String("string"),
},
},
},
Windows: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyWindowsArgs{
AntivirusRegistration: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyWindowsAntivirusRegistrationArgs{
Enabled: pulumi.Bool(false),
Mode: pulumi.String("string"),
},
AttackSurfaceReduction: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyWindowsAttackSurfaceReductionArgs{
CredentialHardening: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyWindowsAttackSurfaceReductionCredentialHardeningArgs{
Enabled: pulumi.Bool(false),
},
},
BehaviorProtection: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyWindowsBehaviorProtectionArgs{
Mode: pulumi.String("string"),
ReputationService: pulumi.Bool(false),
Supported: pulumi.Bool(false),
},
Events: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyWindowsEventsArgs{
Authentication: pulumi.Bool(false),
DllAndDriverLoad: pulumi.Bool(false),
Dns: pulumi.Bool(false),
File: pulumi.Bool(false),
Network: pulumi.Bool(false),
Process: pulumi.Bool(false),
Registry: pulumi.Bool(false),
Security: pulumi.Bool(false),
},
Logging: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyWindowsLoggingArgs{
File: pulumi.String("string"),
},
Malware: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyWindowsMalwareArgs{
Blocklist: pulumi.Bool(false),
Mode: pulumi.String("string"),
NotifyUser: pulumi.Bool(false),
OnWriteScan: pulumi.Bool(false),
},
MemoryProtection: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyWindowsMemoryProtectionArgs{
Mode: pulumi.String("string"),
Supported: pulumi.Bool(false),
},
Popup: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyWindowsPopupArgs{
BehaviorProtection: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyWindowsPopupBehaviorProtectionArgs{
Enabled: pulumi.Bool(false),
Message: pulumi.String("string"),
},
Malware: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyWindowsPopupMalwareArgs{
Enabled: pulumi.Bool(false),
Message: pulumi.String("string"),
},
MemoryProtection: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyWindowsPopupMemoryProtectionArgs{
Enabled: pulumi.Bool(false),
Message: pulumi.String("string"),
},
Ransomware: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyWindowsPopupRansomwareArgs{
Enabled: pulumi.Bool(false),
Message: pulumi.String("string"),
},
},
Ransomware: &elasticstack.FleetElasticDefendIntegrationPolicyPolicyWindowsRansomwareArgs{
Mode: pulumi.String("string"),
Supported: pulumi.Bool(false),
},
},
},
Description: pulumi.String("string"),
Enabled: pulumi.Bool(false),
Force: pulumi.Bool(false),
KibanaConnections: elasticstack.FleetElasticDefendIntegrationPolicyKibanaConnectionArray{
&elasticstack.FleetElasticDefendIntegrationPolicyKibanaConnectionArgs{
ApiKey: pulumi.String("string"),
BearerToken: pulumi.String("string"),
CaCerts: pulumi.StringArray{
pulumi.String("string"),
},
Endpoints: pulumi.StringArray{
pulumi.String("string"),
},
Insecure: pulumi.Bool(false),
Password: pulumi.String("string"),
Username: pulumi.String("string"),
},
},
Name: pulumi.String("string"),
PolicyId: pulumi.String("string"),
Preset: pulumi.String("string"),
SpaceIds: pulumi.StringArray{
pulumi.String("string"),
},
})
resource "elasticstack_fleetelasticdefendintegrationpolicy" "fleetElasticDefendIntegrationPolicyResource" {
agent_policy_id = "string"
integration_version = "string"
namespace = "string"
policy = {
linux = {
behavior_protection = {
mode = "string"
reputation_service = false
supported = false
}
events = {
file = false
network = false
process = false
session_data = false
tty_io = false
}
logging = {
file = "string"
}
malware = {
blocklist = false
mode = "string"
}
memory_protection = {
mode = "string"
supported = false
}
popup = {
behavior_protection = {
enabled = false
message = "string"
}
malware = {
enabled = false
message = "string"
}
memory_protection = {
enabled = false
message = "string"
}
}
}
mac = {
behavior_protection = {
mode = "string"
reputation_service = false
supported = false
}
events = {
file = false
network = false
process = false
}
logging = {
file = "string"
}
malware = {
blocklist = false
mode = "string"
notify_user = false
on_write_scan = false
}
memory_protection = {
mode = "string"
supported = false
}
popup = {
behavior_protection = {
enabled = false
message = "string"
}
malware = {
enabled = false
message = "string"
}
memory_protection = {
enabled = false
message = "string"
}
}
}
windows = {
antivirus_registration = {
enabled = false
mode = "string"
}
attack_surface_reduction = {
credential_hardening = {
enabled = false
}
}
behavior_protection = {
mode = "string"
reputation_service = false
supported = false
}
events = {
authentication = false
dll_and_driver_load = false
dns = false
file = false
network = false
process = false
registry = false
security = false
}
logging = {
file = "string"
}
malware = {
blocklist = false
mode = "string"
notify_user = false
on_write_scan = false
}
memory_protection = {
mode = "string"
supported = false
}
popup = {
behavior_protection = {
enabled = false
message = "string"
}
malware = {
enabled = false
message = "string"
}
memory_protection = {
enabled = false
message = "string"
}
ransomware = {
enabled = false
message = "string"
}
}
ransomware = {
mode = "string"
supported = false
}
}
}
description = "string"
enabled = false
force = false
kibana_connections {
api_key = "string"
bearer_token = "string"
ca_certs = ["string"]
endpoints = ["string"]
insecure = false
password = "string"
username = "string"
}
name = "string"
policy_id = "string"
preset = "string"
space_ids = ["string"]
}
var fleetElasticDefendIntegrationPolicyResource = new FleetElasticDefendIntegrationPolicy("fleetElasticDefendIntegrationPolicyResource", FleetElasticDefendIntegrationPolicyArgs.builder()
.agentPolicyId("string")
.integrationVersion("string")
.namespace("string")
.policy(FleetElasticDefendIntegrationPolicyPolicyArgs.builder()
.linux(FleetElasticDefendIntegrationPolicyPolicyLinuxArgs.builder()
.behaviorProtection(FleetElasticDefendIntegrationPolicyPolicyLinuxBehaviorProtectionArgs.builder()
.mode("string")
.reputationService(false)
.supported(false)
.build())
.events(FleetElasticDefendIntegrationPolicyPolicyLinuxEventsArgs.builder()
.file(false)
.network(false)
.process(false)
.sessionData(false)
.ttyIo(false)
.build())
.logging(FleetElasticDefendIntegrationPolicyPolicyLinuxLoggingArgs.builder()
.file("string")
.build())
.malware(FleetElasticDefendIntegrationPolicyPolicyLinuxMalwareArgs.builder()
.blocklist(false)
.mode("string")
.build())
.memoryProtection(FleetElasticDefendIntegrationPolicyPolicyLinuxMemoryProtectionArgs.builder()
.mode("string")
.supported(false)
.build())
.popup(FleetElasticDefendIntegrationPolicyPolicyLinuxPopupArgs.builder()
.behaviorProtection(FleetElasticDefendIntegrationPolicyPolicyLinuxPopupBehaviorProtectionArgs.builder()
.enabled(false)
.message("string")
.build())
.malware(FleetElasticDefendIntegrationPolicyPolicyLinuxPopupMalwareArgs.builder()
.enabled(false)
.message("string")
.build())
.memoryProtection(FleetElasticDefendIntegrationPolicyPolicyLinuxPopupMemoryProtectionArgs.builder()
.enabled(false)
.message("string")
.build())
.build())
.build())
.mac(FleetElasticDefendIntegrationPolicyPolicyMacArgs.builder()
.behaviorProtection(FleetElasticDefendIntegrationPolicyPolicyMacBehaviorProtectionArgs.builder()
.mode("string")
.reputationService(false)
.supported(false)
.build())
.events(FleetElasticDefendIntegrationPolicyPolicyMacEventsArgs.builder()
.file(false)
.network(false)
.process(false)
.build())
.logging(FleetElasticDefendIntegrationPolicyPolicyMacLoggingArgs.builder()
.file("string")
.build())
.malware(FleetElasticDefendIntegrationPolicyPolicyMacMalwareArgs.builder()
.blocklist(false)
.mode("string")
.notifyUser(false)
.onWriteScan(false)
.build())
.memoryProtection(FleetElasticDefendIntegrationPolicyPolicyMacMemoryProtectionArgs.builder()
.mode("string")
.supported(false)
.build())
.popup(FleetElasticDefendIntegrationPolicyPolicyMacPopupArgs.builder()
.behaviorProtection(FleetElasticDefendIntegrationPolicyPolicyMacPopupBehaviorProtectionArgs.builder()
.enabled(false)
.message("string")
.build())
.malware(FleetElasticDefendIntegrationPolicyPolicyMacPopupMalwareArgs.builder()
.enabled(false)
.message("string")
.build())
.memoryProtection(FleetElasticDefendIntegrationPolicyPolicyMacPopupMemoryProtectionArgs.builder()
.enabled(false)
.message("string")
.build())
.build())
.build())
.windows(FleetElasticDefendIntegrationPolicyPolicyWindowsArgs.builder()
.antivirusRegistration(FleetElasticDefendIntegrationPolicyPolicyWindowsAntivirusRegistrationArgs.builder()
.enabled(false)
.mode("string")
.build())
.attackSurfaceReduction(FleetElasticDefendIntegrationPolicyPolicyWindowsAttackSurfaceReductionArgs.builder()
.credentialHardening(FleetElasticDefendIntegrationPolicyPolicyWindowsAttackSurfaceReductionCredentialHardeningArgs.builder()
.enabled(false)
.build())
.build())
.behaviorProtection(FleetElasticDefendIntegrationPolicyPolicyWindowsBehaviorProtectionArgs.builder()
.mode("string")
.reputationService(false)
.supported(false)
.build())
.events(FleetElasticDefendIntegrationPolicyPolicyWindowsEventsArgs.builder()
.authentication(false)
.dllAndDriverLoad(false)
.dns(false)
.file(false)
.network(false)
.process(false)
.registry(false)
.security(false)
.build())
.logging(FleetElasticDefendIntegrationPolicyPolicyWindowsLoggingArgs.builder()
.file("string")
.build())
.malware(FleetElasticDefendIntegrationPolicyPolicyWindowsMalwareArgs.builder()
.blocklist(false)
.mode("string")
.notifyUser(false)
.onWriteScan(false)
.build())
.memoryProtection(FleetElasticDefendIntegrationPolicyPolicyWindowsMemoryProtectionArgs.builder()
.mode("string")
.supported(false)
.build())
.popup(FleetElasticDefendIntegrationPolicyPolicyWindowsPopupArgs.builder()
.behaviorProtection(FleetElasticDefendIntegrationPolicyPolicyWindowsPopupBehaviorProtectionArgs.builder()
.enabled(false)
.message("string")
.build())
.malware(FleetElasticDefendIntegrationPolicyPolicyWindowsPopupMalwareArgs.builder()
.enabled(false)
.message("string")
.build())
.memoryProtection(FleetElasticDefendIntegrationPolicyPolicyWindowsPopupMemoryProtectionArgs.builder()
.enabled(false)
.message("string")
.build())
.ransomware(FleetElasticDefendIntegrationPolicyPolicyWindowsPopupRansomwareArgs.builder()
.enabled(false)
.message("string")
.build())
.build())
.ransomware(FleetElasticDefendIntegrationPolicyPolicyWindowsRansomwareArgs.builder()
.mode("string")
.supported(false)
.build())
.build())
.build())
.description("string")
.enabled(false)
.force(false)
.kibanaConnections(FleetElasticDefendIntegrationPolicyKibanaConnectionArgs.builder()
.apiKey("string")
.bearerToken("string")
.caCerts("string")
.endpoints("string")
.insecure(false)
.password("string")
.username("string")
.build())
.name("string")
.policyId("string")
.preset("string")
.spaceIds("string")
.build());
fleet_elastic_defend_integration_policy_resource = elasticstack.FleetElasticDefendIntegrationPolicy("fleetElasticDefendIntegrationPolicyResource",
agent_policy_id="string",
integration_version="string",
namespace="string",
policy={
"linux": {
"behavior_protection": {
"mode": "string",
"reputation_service": False,
"supported": False,
},
"events": {
"file": False,
"network": False,
"process": False,
"session_data": False,
"tty_io": False,
},
"logging": {
"file": "string",
},
"malware": {
"blocklist": False,
"mode": "string",
},
"memory_protection": {
"mode": "string",
"supported": False,
},
"popup": {
"behavior_protection": {
"enabled": False,
"message": "string",
},
"malware": {
"enabled": False,
"message": "string",
},
"memory_protection": {
"enabled": False,
"message": "string",
},
},
},
"mac": {
"behavior_protection": {
"mode": "string",
"reputation_service": False,
"supported": False,
},
"events": {
"file": False,
"network": False,
"process": False,
},
"logging": {
"file": "string",
},
"malware": {
"blocklist": False,
"mode": "string",
"notify_user": False,
"on_write_scan": False,
},
"memory_protection": {
"mode": "string",
"supported": False,
},
"popup": {
"behavior_protection": {
"enabled": False,
"message": "string",
},
"malware": {
"enabled": False,
"message": "string",
},
"memory_protection": {
"enabled": False,
"message": "string",
},
},
},
"windows": {
"antivirus_registration": {
"enabled": False,
"mode": "string",
},
"attack_surface_reduction": {
"credential_hardening": {
"enabled": False,
},
},
"behavior_protection": {
"mode": "string",
"reputation_service": False,
"supported": False,
},
"events": {
"authentication": False,
"dll_and_driver_load": False,
"dns": False,
"file": False,
"network": False,
"process": False,
"registry": False,
"security": False,
},
"logging": {
"file": "string",
},
"malware": {
"blocklist": False,
"mode": "string",
"notify_user": False,
"on_write_scan": False,
},
"memory_protection": {
"mode": "string",
"supported": False,
},
"popup": {
"behavior_protection": {
"enabled": False,
"message": "string",
},
"malware": {
"enabled": False,
"message": "string",
},
"memory_protection": {
"enabled": False,
"message": "string",
},
"ransomware": {
"enabled": False,
"message": "string",
},
},
"ransomware": {
"mode": "string",
"supported": False,
},
},
},
description="string",
enabled=False,
force=False,
kibana_connections=[{
"api_key": "string",
"bearer_token": "string",
"ca_certs": ["string"],
"endpoints": ["string"],
"insecure": False,
"password": "string",
"username": "string",
}],
name="string",
policy_id="string",
preset="string",
space_ids=["string"])
const fleetElasticDefendIntegrationPolicyResource = new elasticstack.FleetElasticDefendIntegrationPolicy("fleetElasticDefendIntegrationPolicyResource", {
agentPolicyId: "string",
integrationVersion: "string",
namespace: "string",
policy: {
linux: {
behaviorProtection: {
mode: "string",
reputationService: false,
supported: false,
},
events: {
file: false,
network: false,
process: false,
sessionData: false,
ttyIo: false,
},
logging: {
file: "string",
},
malware: {
blocklist: false,
mode: "string",
},
memoryProtection: {
mode: "string",
supported: false,
},
popup: {
behaviorProtection: {
enabled: false,
message: "string",
},
malware: {
enabled: false,
message: "string",
},
memoryProtection: {
enabled: false,
message: "string",
},
},
},
mac: {
behaviorProtection: {
mode: "string",
reputationService: false,
supported: false,
},
events: {
file: false,
network: false,
process: false,
},
logging: {
file: "string",
},
malware: {
blocklist: false,
mode: "string",
notifyUser: false,
onWriteScan: false,
},
memoryProtection: {
mode: "string",
supported: false,
},
popup: {
behaviorProtection: {
enabled: false,
message: "string",
},
malware: {
enabled: false,
message: "string",
},
memoryProtection: {
enabled: false,
message: "string",
},
},
},
windows: {
antivirusRegistration: {
enabled: false,
mode: "string",
},
attackSurfaceReduction: {
credentialHardening: {
enabled: false,
},
},
behaviorProtection: {
mode: "string",
reputationService: false,
supported: false,
},
events: {
authentication: false,
dllAndDriverLoad: false,
dns: false,
file: false,
network: false,
process: false,
registry: false,
security: false,
},
logging: {
file: "string",
},
malware: {
blocklist: false,
mode: "string",
notifyUser: false,
onWriteScan: false,
},
memoryProtection: {
mode: "string",
supported: false,
},
popup: {
behaviorProtection: {
enabled: false,
message: "string",
},
malware: {
enabled: false,
message: "string",
},
memoryProtection: {
enabled: false,
message: "string",
},
ransomware: {
enabled: false,
message: "string",
},
},
ransomware: {
mode: "string",
supported: false,
},
},
},
description: "string",
enabled: false,
force: false,
kibanaConnections: [{
apiKey: "string",
bearerToken: "string",
caCerts: ["string"],
endpoints: ["string"],
insecure: false,
password: "string",
username: "string",
}],
name: "string",
policyId: "string",
preset: "string",
spaceIds: ["string"],
});
type: elasticstack:FleetElasticDefendIntegrationPolicy
properties:
agentPolicyId: string
description: string
enabled: false
force: false
integrationVersion: string
kibanaConnections:
- apiKey: string
bearerToken: string
caCerts:
- string
endpoints:
- string
insecure: false
password: string
username: string
name: string
namespace: string
policy:
linux:
behaviorProtection:
mode: string
reputationService: false
supported: false
events:
file: false
network: false
process: false
sessionData: false
ttyIo: false
logging:
file: string
malware:
blocklist: false
mode: string
memoryProtection:
mode: string
supported: false
popup:
behaviorProtection:
enabled: false
message: string
malware:
enabled: false
message: string
memoryProtection:
enabled: false
message: string
mac:
behaviorProtection:
mode: string
reputationService: false
supported: false
events:
file: false
network: false
process: false
logging:
file: string
malware:
blocklist: false
mode: string
notifyUser: false
onWriteScan: false
memoryProtection:
mode: string
supported: false
popup:
behaviorProtection:
enabled: false
message: string
malware:
enabled: false
message: string
memoryProtection:
enabled: false
message: string
windows:
antivirusRegistration:
enabled: false
mode: string
attackSurfaceReduction:
credentialHardening:
enabled: false
behaviorProtection:
mode: string
reputationService: false
supported: false
events:
authentication: false
dllAndDriverLoad: false
dns: false
file: false
network: false
process: false
registry: false
security: false
logging:
file: string
malware:
blocklist: false
mode: string
notifyUser: false
onWriteScan: false
memoryProtection:
mode: string
supported: false
popup:
behaviorProtection:
enabled: false
message: string
malware:
enabled: false
message: string
memoryProtection:
enabled: false
message: string
ransomware:
enabled: false
message: string
ransomware:
mode: string
supported: false
policyId: string
preset: string
spaceIds:
- string
FleetElasticDefendIntegrationPolicy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The FleetElasticDefendIntegrationPolicy resource accepts the following input properties:
- Agent
Policy stringId - ID of the agent policy.
- Integration
Version string - The version of the Elastic Defend integration package.
- Namespace string
- The namespace of the integration policy.
- Policy
Fleet
Elastic Defend Integration Policy Policy - Elastic Defend policy configuration.
- Description string
- The description of the integration policy.
- Enabled bool
- Enable the integration policy.
- Force bool
- Force operations, such as creation and deletion, to occur.
- Kibana
Connections List<FleetElastic Defend Integration Policy Kibana Connection> - Kibana connection configuration block.
- Name string
- The name of the integration policy.
- Policy
Id string - Unique identifier of the Elastic Defend integration policy. Used as the import key.
- Preset string
- Elastic Defend preset configuration. Maps to
endpointConfig.presetin the Defend API. Common values include"NGAv1","NGAV","dataCollection","EDRComplete","EDREssential". - Space
Ids List<string> - The Kibana space IDs where this integration policy is available. When set, must match the space_ids of the referenced agent policy. If not set, will be inherited from the agent policy.
- Agent
Policy stringId - ID of the agent policy.
- Integration
Version string - The version of the Elastic Defend integration package.
- Namespace string
- The namespace of the integration policy.
- Policy
Fleet
Elastic Defend Integration Policy Policy Args - Elastic Defend policy configuration.
- Description string
- The description of the integration policy.
- Enabled bool
- Enable the integration policy.
- Force bool
- Force operations, such as creation and deletion, to occur.
- Kibana
Connections []FleetElastic Defend Integration Policy Kibana Connection Args - Kibana connection configuration block.
- Name string
- The name of the integration policy.
- Policy
Id string - Unique identifier of the Elastic Defend integration policy. Used as the import key.
- Preset string
- Elastic Defend preset configuration. Maps to
endpointConfig.presetin the Defend API. Common values include"NGAv1","NGAV","dataCollection","EDRComplete","EDREssential". - Space
Ids []string - The Kibana space IDs where this integration policy is available. When set, must match the space_ids of the referenced agent policy. If not set, will be inherited from the agent policy.
- agent_
policy_ stringid - ID of the agent policy.
- integration_
version string - The version of the Elastic Defend integration package.
- namespace string
- The namespace of the integration policy.
- policy object
- Elastic Defend policy configuration.
- description string
- The description of the integration policy.
- enabled bool
- Enable the integration policy.
- force bool
- Force operations, such as creation and deletion, to occur.
- kibana_
connections list(object) - Kibana connection configuration block.
- name string
- The name of the integration policy.
- policy_
id string - Unique identifier of the Elastic Defend integration policy. Used as the import key.
- preset string
- Elastic Defend preset configuration. Maps to
endpointConfig.presetin the Defend API. Common values include"NGAv1","NGAV","dataCollection","EDRComplete","EDREssential". - space_
ids list(string) - The Kibana space IDs where this integration policy is available. When set, must match the space_ids of the referenced agent policy. If not set, will be inherited from the agent policy.
- agent
Policy StringId - ID of the agent policy.
- integration
Version String - The version of the Elastic Defend integration package.
- namespace String
- The namespace of the integration policy.
- policy
Fleet
Elastic Defend Integration Policy Policy - Elastic Defend policy configuration.
- description String
- The description of the integration policy.
- enabled Boolean
- Enable the integration policy.
- force Boolean
- Force operations, such as creation and deletion, to occur.
- kibana
Connections List<FleetElastic Defend Integration Policy Kibana Connection> - Kibana connection configuration block.
- name String
- The name of the integration policy.
- policy
Id String - Unique identifier of the Elastic Defend integration policy. Used as the import key.
- preset String
- Elastic Defend preset configuration. Maps to
endpointConfig.presetin the Defend API. Common values include"NGAv1","NGAV","dataCollection","EDRComplete","EDREssential". - space
Ids List<String> - The Kibana space IDs where this integration policy is available. When set, must match the space_ids of the referenced agent policy. If not set, will be inherited from the agent policy.
- agent
Policy stringId - ID of the agent policy.
- integration
Version string - The version of the Elastic Defend integration package.
- namespace string
- The namespace of the integration policy.
- policy
Fleet
Elastic Defend Integration Policy Policy - Elastic Defend policy configuration.
- description string
- The description of the integration policy.
- enabled boolean
- Enable the integration policy.
- force boolean
- Force operations, such as creation and deletion, to occur.
- kibana
Connections FleetElastic Defend Integration Policy Kibana Connection[] - Kibana connection configuration block.
- name string
- The name of the integration policy.
- policy
Id string - Unique identifier of the Elastic Defend integration policy. Used as the import key.
- preset string
- Elastic Defend preset configuration. Maps to
endpointConfig.presetin the Defend API. Common values include"NGAv1","NGAV","dataCollection","EDRComplete","EDREssential". - space
Ids string[] - The Kibana space IDs where this integration policy is available. When set, must match the space_ids of the referenced agent policy. If not set, will be inherited from the agent policy.
- agent_
policy_ strid - ID of the agent policy.
- integration_
version str - The version of the Elastic Defend integration package.
- namespace str
- The namespace of the integration policy.
- policy
Fleet
Elastic Defend Integration Policy Policy Args - Elastic Defend policy configuration.
- description str
- The description of the integration policy.
- enabled bool
- Enable the integration policy.
- force bool
- Force operations, such as creation and deletion, to occur.
- kibana_
connections Sequence[FleetElastic Defend Integration Policy Kibana Connection Args] - Kibana connection configuration block.
- name str
- The name of the integration policy.
- policy_
id str - Unique identifier of the Elastic Defend integration policy. Used as the import key.
- preset str
- Elastic Defend preset configuration. Maps to
endpointConfig.presetin the Defend API. Common values include"NGAv1","NGAV","dataCollection","EDRComplete","EDREssential". - space_
ids Sequence[str] - The Kibana space IDs where this integration policy is available. When set, must match the space_ids of the referenced agent policy. If not set, will be inherited from the agent policy.
- agent
Policy StringId - ID of the agent policy.
- integration
Version String - The version of the Elastic Defend integration package.
- namespace String
- The namespace of the integration policy.
- policy Property Map
- Elastic Defend policy configuration.
- description String
- The description of the integration policy.
- enabled Boolean
- Enable the integration policy.
- force Boolean
- Force operations, such as creation and deletion, to occur.
- kibana
Connections List<Property Map> - Kibana connection configuration block.
- name String
- The name of the integration policy.
- policy
Id String - Unique identifier of the Elastic Defend integration policy. Used as the import key.
- preset String
- Elastic Defend preset configuration. Maps to
endpointConfig.presetin the Defend API. Common values include"NGAv1","NGAV","dataCollection","EDRComplete","EDREssential". - space
Ids List<String> - The Kibana space IDs where this integration policy is available. When set, must match the space_ids of the referenced agent policy. If not set, will be inherited from the agent policy.
Outputs
All input properties are implicitly available as output properties. Additionally, the FleetElasticDefendIntegrationPolicy resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing FleetElasticDefendIntegrationPolicy Resource
Get an existing FleetElasticDefendIntegrationPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: FleetElasticDefendIntegrationPolicyState, opts?: CustomResourceOptions): FleetElasticDefendIntegrationPolicy@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
agent_policy_id: Optional[str] = None,
description: Optional[str] = None,
enabled: Optional[bool] = None,
force: Optional[bool] = None,
integration_version: Optional[str] = None,
kibana_connections: Optional[Sequence[FleetElasticDefendIntegrationPolicyKibanaConnectionArgs]] = None,
name: Optional[str] = None,
namespace: Optional[str] = None,
policy: Optional[FleetElasticDefendIntegrationPolicyPolicyArgs] = None,
policy_id: Optional[str] = None,
preset: Optional[str] = None,
space_ids: Optional[Sequence[str]] = None) -> FleetElasticDefendIntegrationPolicyfunc GetFleetElasticDefendIntegrationPolicy(ctx *Context, name string, id IDInput, state *FleetElasticDefendIntegrationPolicyState, opts ...ResourceOption) (*FleetElasticDefendIntegrationPolicy, error)public static FleetElasticDefendIntegrationPolicy Get(string name, Input<string> id, FleetElasticDefendIntegrationPolicyState? state, CustomResourceOptions? opts = null)public static FleetElasticDefendIntegrationPolicy get(String name, Output<String> id, FleetElasticDefendIntegrationPolicyState state, CustomResourceOptions options)resources: _: type: elasticstack:FleetElasticDefendIntegrationPolicy get: id: ${id}import {
to = elasticstack_fleetelasticdefendintegrationpolicy.example
id = "${id}"
}
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Agent
Policy stringId - ID of the agent policy.
- Description string
- The description of the integration policy.
- Enabled bool
- Enable the integration policy.
- Force bool
- Force operations, such as creation and deletion, to occur.
- Integration
Version string - The version of the Elastic Defend integration package.
- Kibana
Connections List<FleetElastic Defend Integration Policy Kibana Connection> - Kibana connection configuration block.
- Name string
- The name of the integration policy.
- Namespace string
- The namespace of the integration policy.
- Policy
Fleet
Elastic Defend Integration Policy Policy - Elastic Defend policy configuration.
- Policy
Id string - Unique identifier of the Elastic Defend integration policy. Used as the import key.
- Preset string
- Elastic Defend preset configuration. Maps to
endpointConfig.presetin the Defend API. Common values include"NGAv1","NGAV","dataCollection","EDRComplete","EDREssential". - Space
Ids List<string> - The Kibana space IDs where this integration policy is available. When set, must match the space_ids of the referenced agent policy. If not set, will be inherited from the agent policy.
- Agent
Policy stringId - ID of the agent policy.
- Description string
- The description of the integration policy.
- Enabled bool
- Enable the integration policy.
- Force bool
- Force operations, such as creation and deletion, to occur.
- Integration
Version string - The version of the Elastic Defend integration package.
- Kibana
Connections []FleetElastic Defend Integration Policy Kibana Connection Args - Kibana connection configuration block.
- Name string
- The name of the integration policy.
- Namespace string
- The namespace of the integration policy.
- Policy
Fleet
Elastic Defend Integration Policy Policy Args - Elastic Defend policy configuration.
- Policy
Id string - Unique identifier of the Elastic Defend integration policy. Used as the import key.
- Preset string
- Elastic Defend preset configuration. Maps to
endpointConfig.presetin the Defend API. Common values include"NGAv1","NGAV","dataCollection","EDRComplete","EDREssential". - Space
Ids []string - The Kibana space IDs where this integration policy is available. When set, must match the space_ids of the referenced agent policy. If not set, will be inherited from the agent policy.
- agent_
policy_ stringid - ID of the agent policy.
- description string
- The description of the integration policy.
- enabled bool
- Enable the integration policy.
- force bool
- Force operations, such as creation and deletion, to occur.
- integration_
version string - The version of the Elastic Defend integration package.
- kibana_
connections list(object) - Kibana connection configuration block.
- name string
- The name of the integration policy.
- namespace string
- The namespace of the integration policy.
- policy object
- Elastic Defend policy configuration.
- policy_
id string - Unique identifier of the Elastic Defend integration policy. Used as the import key.
- preset string
- Elastic Defend preset configuration. Maps to
endpointConfig.presetin the Defend API. Common values include"NGAv1","NGAV","dataCollection","EDRComplete","EDREssential". - space_
ids list(string) - The Kibana space IDs where this integration policy is available. When set, must match the space_ids of the referenced agent policy. If not set, will be inherited from the agent policy.
- agent
Policy StringId - ID of the agent policy.
- description String
- The description of the integration policy.
- enabled Boolean
- Enable the integration policy.
- force Boolean
- Force operations, such as creation and deletion, to occur.
- integration
Version String - The version of the Elastic Defend integration package.
- kibana
Connections List<FleetElastic Defend Integration Policy Kibana Connection> - Kibana connection configuration block.
- name String
- The name of the integration policy.
- namespace String
- The namespace of the integration policy.
- policy
Fleet
Elastic Defend Integration Policy Policy - Elastic Defend policy configuration.
- policy
Id String - Unique identifier of the Elastic Defend integration policy. Used as the import key.
- preset String
- Elastic Defend preset configuration. Maps to
endpointConfig.presetin the Defend API. Common values include"NGAv1","NGAV","dataCollection","EDRComplete","EDREssential". - space
Ids List<String> - The Kibana space IDs where this integration policy is available. When set, must match the space_ids of the referenced agent policy. If not set, will be inherited from the agent policy.
- agent
Policy stringId - ID of the agent policy.
- description string
- The description of the integration policy.
- enabled boolean
- Enable the integration policy.
- force boolean
- Force operations, such as creation and deletion, to occur.
- integration
Version string - The version of the Elastic Defend integration package.
- kibana
Connections FleetElastic Defend Integration Policy Kibana Connection[] - Kibana connection configuration block.
- name string
- The name of the integration policy.
- namespace string
- The namespace of the integration policy.
- policy
Fleet
Elastic Defend Integration Policy Policy - Elastic Defend policy configuration.
- policy
Id string - Unique identifier of the Elastic Defend integration policy. Used as the import key.
- preset string
- Elastic Defend preset configuration. Maps to
endpointConfig.presetin the Defend API. Common values include"NGAv1","NGAV","dataCollection","EDRComplete","EDREssential". - space
Ids string[] - The Kibana space IDs where this integration policy is available. When set, must match the space_ids of the referenced agent policy. If not set, will be inherited from the agent policy.
- agent_
policy_ strid - ID of the agent policy.
- description str
- The description of the integration policy.
- enabled bool
- Enable the integration policy.
- force bool
- Force operations, such as creation and deletion, to occur.
- integration_
version str - The version of the Elastic Defend integration package.
- kibana_
connections Sequence[FleetElastic Defend Integration Policy Kibana Connection Args] - Kibana connection configuration block.
- name str
- The name of the integration policy.
- namespace str
- The namespace of the integration policy.
- policy
Fleet
Elastic Defend Integration Policy Policy Args - Elastic Defend policy configuration.
- policy_
id str - Unique identifier of the Elastic Defend integration policy. Used as the import key.
- preset str
- Elastic Defend preset configuration. Maps to
endpointConfig.presetin the Defend API. Common values include"NGAv1","NGAV","dataCollection","EDRComplete","EDREssential". - space_
ids Sequence[str] - The Kibana space IDs where this integration policy is available. When set, must match the space_ids of the referenced agent policy. If not set, will be inherited from the agent policy.
- agent
Policy StringId - ID of the agent policy.
- description String
- The description of the integration policy.
- enabled Boolean
- Enable the integration policy.
- force Boolean
- Force operations, such as creation and deletion, to occur.
- integration
Version String - The version of the Elastic Defend integration package.
- kibana
Connections List<Property Map> - Kibana connection configuration block.
- name String
- The name of the integration policy.
- namespace String
- The namespace of the integration policy.
- policy Property Map
- Elastic Defend policy configuration.
- policy
Id String - Unique identifier of the Elastic Defend integration policy. Used as the import key.
- preset String
- Elastic Defend preset configuration. Maps to
endpointConfig.presetin the Defend API. Common values include"NGAv1","NGAV","dataCollection","EDRComplete","EDREssential". - space
Ids List<String> - The Kibana space IDs where this integration policy is available. When set, must match the space_ids of the referenced agent policy. If not set, will be inherited from the agent policy.
Supporting Types
FleetElasticDefendIntegrationPolicyKibanaConnection, FleetElasticDefendIntegrationPolicyKibanaConnectionArgs
- Api
Key string - API Key to use for authentication to Kibana
- Bearer
Token string - Bearer Token to use for authentication to Kibana
- Ca
Certs List<string> - A list of paths to CA certificates to validate the certificate presented by the Kibana server.
- Endpoints List<string>
- Insecure bool
- Disable TLS certificate validation
- Password string
- Password to use for API authentication to Kibana.
- Username string
- Username to use for API authentication to Kibana.
- Api
Key string - API Key to use for authentication to Kibana
- Bearer
Token string - Bearer Token to use for authentication to Kibana
- Ca
Certs []string - A list of paths to CA certificates to validate the certificate presented by the Kibana server.
- Endpoints []string
- Insecure bool
- Disable TLS certificate validation
- Password string
- Password to use for API authentication to Kibana.
- Username string
- Username to use for API authentication to Kibana.
- api_
key string - API Key to use for authentication to Kibana
- bearer_
token string - Bearer Token to use for authentication to Kibana
- ca_
certs list(string) - A list of paths to CA certificates to validate the certificate presented by the Kibana server.
- endpoints list(string)
- insecure bool
- Disable TLS certificate validation
- password string
- Password to use for API authentication to Kibana.
- username string
- Username to use for API authentication to Kibana.
- api
Key String - API Key to use for authentication to Kibana
- bearer
Token String - Bearer Token to use for authentication to Kibana
- ca
Certs List<String> - A list of paths to CA certificates to validate the certificate presented by the Kibana server.
- endpoints List<String>
- insecure Boolean
- Disable TLS certificate validation
- password String
- Password to use for API authentication to Kibana.
- username String
- Username to use for API authentication to Kibana.
- api
Key string - API Key to use for authentication to Kibana
- bearer
Token string - Bearer Token to use for authentication to Kibana
- ca
Certs string[] - A list of paths to CA certificates to validate the certificate presented by the Kibana server.
- endpoints string[]
- insecure boolean
- Disable TLS certificate validation
- password string
- Password to use for API authentication to Kibana.
- username string
- Username to use for API authentication to Kibana.
- api_
key str - API Key to use for authentication to Kibana
- bearer_
token str - Bearer Token to use for authentication to Kibana
- ca_
certs Sequence[str] - A list of paths to CA certificates to validate the certificate presented by the Kibana server.
- endpoints Sequence[str]
- insecure bool
- Disable TLS certificate validation
- password str
- Password to use for API authentication to Kibana.
- username str
- Username to use for API authentication to Kibana.
- api
Key String - API Key to use for authentication to Kibana
- bearer
Token String - Bearer Token to use for authentication to Kibana
- ca
Certs List<String> - A list of paths to CA certificates to validate the certificate presented by the Kibana server.
- endpoints List<String>
- insecure Boolean
- Disable TLS certificate validation
- password String
- Password to use for API authentication to Kibana.
- username String
- Username to use for API authentication to Kibana.
FleetElasticDefendIntegrationPolicyPolicy, FleetElasticDefendIntegrationPolicyPolicyArgs
- Linux
Fleet
Elastic Defend Integration Policy Policy Linux - Linux-specific Elastic Defend policy settings.
- Mac
Fleet
Elastic Defend Integration Policy Policy Mac - macOS-specific Elastic Defend policy settings.
- Windows
Fleet
Elastic Defend Integration Policy Policy Windows - Windows-specific Elastic Defend policy settings.
- Linux
Fleet
Elastic Defend Integration Policy Policy Linux - Linux-specific Elastic Defend policy settings.
- Mac
Fleet
Elastic Defend Integration Policy Policy Mac - macOS-specific Elastic Defend policy settings.
- Windows
Fleet
Elastic Defend Integration Policy Policy Windows - Windows-specific Elastic Defend policy settings.
- linux
Fleet
Elastic Defend Integration Policy Policy Linux - Linux-specific Elastic Defend policy settings.
- mac
Fleet
Elastic Defend Integration Policy Policy Mac - macOS-specific Elastic Defend policy settings.
- windows
Fleet
Elastic Defend Integration Policy Policy Windows - Windows-specific Elastic Defend policy settings.
- linux
Fleet
Elastic Defend Integration Policy Policy Linux - Linux-specific Elastic Defend policy settings.
- mac
Fleet
Elastic Defend Integration Policy Policy Mac - macOS-specific Elastic Defend policy settings.
- windows
Fleet
Elastic Defend Integration Policy Policy Windows - Windows-specific Elastic Defend policy settings.
- linux
Fleet
Elastic Defend Integration Policy Policy Linux - Linux-specific Elastic Defend policy settings.
- mac
Fleet
Elastic Defend Integration Policy Policy Mac - macOS-specific Elastic Defend policy settings.
- windows
Fleet
Elastic Defend Integration Policy Policy Windows - Windows-specific Elastic Defend policy settings.
- linux Property Map
- Linux-specific Elastic Defend policy settings.
- mac Property Map
- macOS-specific Elastic Defend policy settings.
- windows Property Map
- Windows-specific Elastic Defend policy settings.
FleetElasticDefendIntegrationPolicyPolicyLinux, FleetElasticDefendIntegrationPolicyPolicyLinuxArgs
- Behavior
Protection FleetElastic Defend Integration Policy Policy Linux Behavior Protection - Linux behavior protection settings.
- Events
Fleet
Elastic Defend Integration Policy Policy Linux Events - Linux event collection settings.
- Logging
Fleet
Elastic Defend Integration Policy Policy Linux Logging - Linux logging settings.
- Malware
Fleet
Elastic Defend Integration Policy Policy Linux Malware - Linux malware protection settings.
- Memory
Protection FleetElastic Defend Integration Policy Policy Linux Memory Protection - Linux memory protection settings.
- Popup
Fleet
Elastic Defend Integration Policy Policy Linux Popup - Linux popup notification settings.
- Behavior
Protection FleetElastic Defend Integration Policy Policy Linux Behavior Protection - Linux behavior protection settings.
- Events
Fleet
Elastic Defend Integration Policy Policy Linux Events - Linux event collection settings.
- Logging
Fleet
Elastic Defend Integration Policy Policy Linux Logging - Linux logging settings.
- Malware
Fleet
Elastic Defend Integration Policy Policy Linux Malware - Linux malware protection settings.
- Memory
Protection FleetElastic Defend Integration Policy Policy Linux Memory Protection - Linux memory protection settings.
- Popup
Fleet
Elastic Defend Integration Policy Policy Linux Popup - Linux popup notification settings.
- behavior
Protection FleetElastic Defend Integration Policy Policy Linux Behavior Protection - Linux behavior protection settings.
- events
Fleet
Elastic Defend Integration Policy Policy Linux Events - Linux event collection settings.
- logging
Fleet
Elastic Defend Integration Policy Policy Linux Logging - Linux logging settings.
- malware
Fleet
Elastic Defend Integration Policy Policy Linux Malware - Linux malware protection settings.
- memory
Protection FleetElastic Defend Integration Policy Policy Linux Memory Protection - Linux memory protection settings.
- popup
Fleet
Elastic Defend Integration Policy Policy Linux Popup - Linux popup notification settings.
- behavior
Protection FleetElastic Defend Integration Policy Policy Linux Behavior Protection - Linux behavior protection settings.
- events
Fleet
Elastic Defend Integration Policy Policy Linux Events - Linux event collection settings.
- logging
Fleet
Elastic Defend Integration Policy Policy Linux Logging - Linux logging settings.
- malware
Fleet
Elastic Defend Integration Policy Policy Linux Malware - Linux malware protection settings.
- memory
Protection FleetElastic Defend Integration Policy Policy Linux Memory Protection - Linux memory protection settings.
- popup
Fleet
Elastic Defend Integration Policy Policy Linux Popup - Linux popup notification settings.
- behavior_
protection FleetElastic Defend Integration Policy Policy Linux Behavior Protection - Linux behavior protection settings.
- events
Fleet
Elastic Defend Integration Policy Policy Linux Events - Linux event collection settings.
- logging
Fleet
Elastic Defend Integration Policy Policy Linux Logging - Linux logging settings.
- malware
Fleet
Elastic Defend Integration Policy Policy Linux Malware - Linux malware protection settings.
- memory_
protection FleetElastic Defend Integration Policy Policy Linux Memory Protection - Linux memory protection settings.
- popup
Fleet
Elastic Defend Integration Policy Policy Linux Popup - Linux popup notification settings.
- behavior
Protection Property Map - Linux behavior protection settings.
- events Property Map
- Linux event collection settings.
- logging Property Map
- Linux logging settings.
- malware Property Map
- Linux malware protection settings.
- memory
Protection Property Map - Linux memory protection settings.
- popup Property Map
- Linux popup notification settings.
FleetElasticDefendIntegrationPolicyPolicyLinuxBehaviorProtection, FleetElasticDefendIntegrationPolicyPolicyLinuxBehaviorProtectionArgs
- Mode string
- Protection mode. Valid values:
"off","detect","prevent". - Reputation
Service bool - Whether reputation service is enabled.
- Supported bool
- Whether this protection is supported on the platform.
- Mode string
- Protection mode. Valid values:
"off","detect","prevent". - Reputation
Service bool - Whether reputation service is enabled.
- Supported bool
- Whether this protection is supported on the platform.
- mode string
- Protection mode. Valid values:
"off","detect","prevent". - reputation_
service bool - Whether reputation service is enabled.
- supported bool
- Whether this protection is supported on the platform.
- mode String
- Protection mode. Valid values:
"off","detect","prevent". - reputation
Service Boolean - Whether reputation service is enabled.
- supported Boolean
- Whether this protection is supported on the platform.
- mode string
- Protection mode. Valid values:
"off","detect","prevent". - reputation
Service boolean - Whether reputation service is enabled.
- supported boolean
- Whether this protection is supported on the platform.
- mode str
- Protection mode. Valid values:
"off","detect","prevent". - reputation_
service bool - Whether reputation service is enabled.
- supported bool
- Whether this protection is supported on the platform.
- mode String
- Protection mode. Valid values:
"off","detect","prevent". - reputation
Service Boolean - Whether reputation service is enabled.
- supported Boolean
- Whether this protection is supported on the platform.
FleetElasticDefendIntegrationPolicyPolicyLinuxEvents, FleetElasticDefendIntegrationPolicyPolicyLinuxEventsArgs
- File bool
- Collect file events.
- Network bool
- Collect network events.
- Process bool
- Collect process events.
- Session
Data bool - Collect session data events.
- Tty
Io bool - Collect TTY I/O events.
- File bool
- Collect file events.
- Network bool
- Collect network events.
- Process bool
- Collect process events.
- Session
Data bool - Collect session data events.
- Tty
Io bool - Collect TTY I/O events.
- file bool
- Collect file events.
- network bool
- Collect network events.
- process bool
- Collect process events.
- session_
data bool - Collect session data events.
- tty_
io bool - Collect TTY I/O events.
- file Boolean
- Collect file events.
- network Boolean
- Collect network events.
- process Boolean
- Collect process events.
- session
Data Boolean - Collect session data events.
- tty
Io Boolean - Collect TTY I/O events.
- file boolean
- Collect file events.
- network boolean
- Collect network events.
- process boolean
- Collect process events.
- session
Data boolean - Collect session data events.
- tty
Io boolean - Collect TTY I/O events.
- file bool
- Collect file events.
- network bool
- Collect network events.
- process bool
- Collect process events.
- session_
data bool - Collect session data events.
- tty_
io bool - Collect TTY I/O events.
- file Boolean
- Collect file events.
- network Boolean
- Collect network events.
- process Boolean
- Collect process events.
- session
Data Boolean - Collect session data events.
- tty
Io Boolean - Collect TTY I/O events.
FleetElasticDefendIntegrationPolicyPolicyLinuxLogging, FleetElasticDefendIntegrationPolicyPolicyLinuxLoggingArgs
- File string
- Log level for file logging. Valid values:
"info","debug","warning","error","critical".
- File string
- Log level for file logging. Valid values:
"info","debug","warning","error","critical".
- file string
- Log level for file logging. Valid values:
"info","debug","warning","error","critical".
- file String
- Log level for file logging. Valid values:
"info","debug","warning","error","critical".
- file string
- Log level for file logging. Valid values:
"info","debug","warning","error","critical".
- file str
- Log level for file logging. Valid values:
"info","debug","warning","error","critical".
- file String
- Log level for file logging. Valid values:
"info","debug","warning","error","critical".
FleetElasticDefendIntegrationPolicyPolicyLinuxMalware, FleetElasticDefendIntegrationPolicyPolicyLinuxMalwareArgs
FleetElasticDefendIntegrationPolicyPolicyLinuxMemoryProtection, FleetElasticDefendIntegrationPolicyPolicyLinuxMemoryProtectionArgs
FleetElasticDefendIntegrationPolicyPolicyLinuxPopup, FleetElasticDefendIntegrationPolicyPolicyLinuxPopupArgs
FleetElasticDefendIntegrationPolicyPolicyLinuxPopupBehaviorProtection, FleetElasticDefendIntegrationPolicyPolicyLinuxPopupBehaviorProtectionArgs
FleetElasticDefendIntegrationPolicyPolicyLinuxPopupMalware, FleetElasticDefendIntegrationPolicyPolicyLinuxPopupMalwareArgs
FleetElasticDefendIntegrationPolicyPolicyLinuxPopupMemoryProtection, FleetElasticDefendIntegrationPolicyPolicyLinuxPopupMemoryProtectionArgs
FleetElasticDefendIntegrationPolicyPolicyMac, FleetElasticDefendIntegrationPolicyPolicyMacArgs
- Behavior
Protection FleetElastic Defend Integration Policy Policy Mac Behavior Protection - macOS behavior protection settings.
- Events
Fleet
Elastic Defend Integration Policy Policy Mac Events - macOS event collection settings.
- Logging
Fleet
Elastic Defend Integration Policy Policy Mac Logging - macOS logging settings.
- Malware
Fleet
Elastic Defend Integration Policy Policy Mac Malware - macOS malware protection settings.
- Memory
Protection FleetElastic Defend Integration Policy Policy Mac Memory Protection - macOS memory protection settings.
- Popup
Fleet
Elastic Defend Integration Policy Policy Mac Popup - macOS popup notification settings.
- Behavior
Protection FleetElastic Defend Integration Policy Policy Mac Behavior Protection - macOS behavior protection settings.
- Events
Fleet
Elastic Defend Integration Policy Policy Mac Events - macOS event collection settings.
- Logging
Fleet
Elastic Defend Integration Policy Policy Mac Logging - macOS logging settings.
- Malware
Fleet
Elastic Defend Integration Policy Policy Mac Malware - macOS malware protection settings.
- Memory
Protection FleetElastic Defend Integration Policy Policy Mac Memory Protection - macOS memory protection settings.
- Popup
Fleet
Elastic Defend Integration Policy Policy Mac Popup - macOS popup notification settings.
- behavior
Protection FleetElastic Defend Integration Policy Policy Mac Behavior Protection - macOS behavior protection settings.
- events
Fleet
Elastic Defend Integration Policy Policy Mac Events - macOS event collection settings.
- logging
Fleet
Elastic Defend Integration Policy Policy Mac Logging - macOS logging settings.
- malware
Fleet
Elastic Defend Integration Policy Policy Mac Malware - macOS malware protection settings.
- memory
Protection FleetElastic Defend Integration Policy Policy Mac Memory Protection - macOS memory protection settings.
- popup
Fleet
Elastic Defend Integration Policy Policy Mac Popup - macOS popup notification settings.
- behavior
Protection FleetElastic Defend Integration Policy Policy Mac Behavior Protection - macOS behavior protection settings.
- events
Fleet
Elastic Defend Integration Policy Policy Mac Events - macOS event collection settings.
- logging
Fleet
Elastic Defend Integration Policy Policy Mac Logging - macOS logging settings.
- malware
Fleet
Elastic Defend Integration Policy Policy Mac Malware - macOS malware protection settings.
- memory
Protection FleetElastic Defend Integration Policy Policy Mac Memory Protection - macOS memory protection settings.
- popup
Fleet
Elastic Defend Integration Policy Policy Mac Popup - macOS popup notification settings.
- behavior_
protection FleetElastic Defend Integration Policy Policy Mac Behavior Protection - macOS behavior protection settings.
- events
Fleet
Elastic Defend Integration Policy Policy Mac Events - macOS event collection settings.
- logging
Fleet
Elastic Defend Integration Policy Policy Mac Logging - macOS logging settings.
- malware
Fleet
Elastic Defend Integration Policy Policy Mac Malware - macOS malware protection settings.
- memory_
protection FleetElastic Defend Integration Policy Policy Mac Memory Protection - macOS memory protection settings.
- popup
Fleet
Elastic Defend Integration Policy Policy Mac Popup - macOS popup notification settings.
- behavior
Protection Property Map - macOS behavior protection settings.
- events Property Map
- macOS event collection settings.
- logging Property Map
- macOS logging settings.
- malware Property Map
- macOS malware protection settings.
- memory
Protection Property Map - macOS memory protection settings.
- popup Property Map
- macOS popup notification settings.
FleetElasticDefendIntegrationPolicyPolicyMacBehaviorProtection, FleetElasticDefendIntegrationPolicyPolicyMacBehaviorProtectionArgs
- Mode string
- Protection mode. Valid values:
"off","detect","prevent". - Reputation
Service bool - Whether reputation service is enabled.
- Supported bool
- Whether this protection is supported on the platform.
- Mode string
- Protection mode. Valid values:
"off","detect","prevent". - Reputation
Service bool - Whether reputation service is enabled.
- Supported bool
- Whether this protection is supported on the platform.
- mode string
- Protection mode. Valid values:
"off","detect","prevent". - reputation_
service bool - Whether reputation service is enabled.
- supported bool
- Whether this protection is supported on the platform.
- mode String
- Protection mode. Valid values:
"off","detect","prevent". - reputation
Service Boolean - Whether reputation service is enabled.
- supported Boolean
- Whether this protection is supported on the platform.
- mode string
- Protection mode. Valid values:
"off","detect","prevent". - reputation
Service boolean - Whether reputation service is enabled.
- supported boolean
- Whether this protection is supported on the platform.
- mode str
- Protection mode. Valid values:
"off","detect","prevent". - reputation_
service bool - Whether reputation service is enabled.
- supported bool
- Whether this protection is supported on the platform.
- mode String
- Protection mode. Valid values:
"off","detect","prevent". - reputation
Service Boolean - Whether reputation service is enabled.
- supported Boolean
- Whether this protection is supported on the platform.
FleetElasticDefendIntegrationPolicyPolicyMacEvents, FleetElasticDefendIntegrationPolicyPolicyMacEventsArgs
FleetElasticDefendIntegrationPolicyPolicyMacLogging, FleetElasticDefendIntegrationPolicyPolicyMacLoggingArgs
- File string
- Log level for file logging. Valid values:
"info","debug","warning","error","critical".
- File string
- Log level for file logging. Valid values:
"info","debug","warning","error","critical".
- file string
- Log level for file logging. Valid values:
"info","debug","warning","error","critical".
- file String
- Log level for file logging. Valid values:
"info","debug","warning","error","critical".
- file string
- Log level for file logging. Valid values:
"info","debug","warning","error","critical".
- file str
- Log level for file logging. Valid values:
"info","debug","warning","error","critical".
- file String
- Log level for file logging. Valid values:
"info","debug","warning","error","critical".
FleetElasticDefendIntegrationPolicyPolicyMacMalware, FleetElasticDefendIntegrationPolicyPolicyMacMalwareArgs
- Blocklist bool
- Whether blocklist is enabled.
- Mode string
- Malware protection mode. Valid values:
"off","detect","prevent". - Notify
User bool - Whether to notify the user on malware detection.
- On
Write boolScan - Whether on-write scan is enabled.
- Blocklist bool
- Whether blocklist is enabled.
- Mode string
- Malware protection mode. Valid values:
"off","detect","prevent". - Notify
User bool - Whether to notify the user on malware detection.
- On
Write boolScan - Whether on-write scan is enabled.
- blocklist bool
- Whether blocklist is enabled.
- mode string
- Malware protection mode. Valid values:
"off","detect","prevent". - notify_
user bool - Whether to notify the user on malware detection.
- on_
write_ boolscan - Whether on-write scan is enabled.
- blocklist Boolean
- Whether blocklist is enabled.
- mode String
- Malware protection mode. Valid values:
"off","detect","prevent". - notify
User Boolean - Whether to notify the user on malware detection.
- on
Write BooleanScan - Whether on-write scan is enabled.
- blocklist boolean
- Whether blocklist is enabled.
- mode string
- Malware protection mode. Valid values:
"off","detect","prevent". - notify
User boolean - Whether to notify the user on malware detection.
- on
Write booleanScan - Whether on-write scan is enabled.
- blocklist bool
- Whether blocklist is enabled.
- mode str
- Malware protection mode. Valid values:
"off","detect","prevent". - notify_
user bool - Whether to notify the user on malware detection.
- on_
write_ boolscan - Whether on-write scan is enabled.
- blocklist Boolean
- Whether blocklist is enabled.
- mode String
- Malware protection mode. Valid values:
"off","detect","prevent". - notify
User Boolean - Whether to notify the user on malware detection.
- on
Write BooleanScan - Whether on-write scan is enabled.
FleetElasticDefendIntegrationPolicyPolicyMacMemoryProtection, FleetElasticDefendIntegrationPolicyPolicyMacMemoryProtectionArgs
FleetElasticDefendIntegrationPolicyPolicyMacPopup, FleetElasticDefendIntegrationPolicyPolicyMacPopupArgs
FleetElasticDefendIntegrationPolicyPolicyMacPopupBehaviorProtection, FleetElasticDefendIntegrationPolicyPolicyMacPopupBehaviorProtectionArgs
FleetElasticDefendIntegrationPolicyPolicyMacPopupMalware, FleetElasticDefendIntegrationPolicyPolicyMacPopupMalwareArgs
FleetElasticDefendIntegrationPolicyPolicyMacPopupMemoryProtection, FleetElasticDefendIntegrationPolicyPolicyMacPopupMemoryProtectionArgs
FleetElasticDefendIntegrationPolicyPolicyWindows, FleetElasticDefendIntegrationPolicyPolicyWindowsArgs
- Antivirus
Registration FleetElastic Defend Integration Policy Policy Windows Antivirus Registration - Windows antivirus registration settings.
- Attack
Surface FleetReduction Elastic Defend Integration Policy Policy Windows Attack Surface Reduction - Windows attack surface reduction settings.
- Behavior
Protection FleetElastic Defend Integration Policy Policy Windows Behavior Protection - Windows behavior protection settings.
- Events
Fleet
Elastic Defend Integration Policy Policy Windows Events - Windows event collection settings.
- Logging
Fleet
Elastic Defend Integration Policy Policy Windows Logging - Windows logging settings.
- Malware
Fleet
Elastic Defend Integration Policy Policy Windows Malware - Windows malware protection settings.
- Memory
Protection FleetElastic Defend Integration Policy Policy Windows Memory Protection - Windows memory protection settings.
- Popup
Fleet
Elastic Defend Integration Policy Policy Windows Popup - Windows popup notification settings.
- Ransomware
Fleet
Elastic Defend Integration Policy Policy Windows Ransomware - Windows ransomware protection settings.
- Antivirus
Registration FleetElastic Defend Integration Policy Policy Windows Antivirus Registration - Windows antivirus registration settings.
- Attack
Surface FleetReduction Elastic Defend Integration Policy Policy Windows Attack Surface Reduction - Windows attack surface reduction settings.
- Behavior
Protection FleetElastic Defend Integration Policy Policy Windows Behavior Protection - Windows behavior protection settings.
- Events
Fleet
Elastic Defend Integration Policy Policy Windows Events - Windows event collection settings.
- Logging
Fleet
Elastic Defend Integration Policy Policy Windows Logging - Windows logging settings.
- Malware
Fleet
Elastic Defend Integration Policy Policy Windows Malware - Windows malware protection settings.
- Memory
Protection FleetElastic Defend Integration Policy Policy Windows Memory Protection - Windows memory protection settings.
- Popup
Fleet
Elastic Defend Integration Policy Policy Windows Popup - Windows popup notification settings.
- Ransomware
Fleet
Elastic Defend Integration Policy Policy Windows Ransomware - Windows ransomware protection settings.
- antivirus_
registration object - Windows antivirus registration settings.
- attack_
surface_ objectreduction - Windows attack surface reduction settings.
- behavior_
protection object - Windows behavior protection settings.
- events object
- Windows event collection settings.
- logging object
- Windows logging settings.
- malware object
- Windows malware protection settings.
- memory_
protection object - Windows memory protection settings.
- popup object
- Windows popup notification settings.
- ransomware object
- Windows ransomware protection settings.
- antivirus
Registration FleetElastic Defend Integration Policy Policy Windows Antivirus Registration - Windows antivirus registration settings.
- attack
Surface FleetReduction Elastic Defend Integration Policy Policy Windows Attack Surface Reduction - Windows attack surface reduction settings.
- behavior
Protection FleetElastic Defend Integration Policy Policy Windows Behavior Protection - Windows behavior protection settings.
- events
Fleet
Elastic Defend Integration Policy Policy Windows Events - Windows event collection settings.
- logging
Fleet
Elastic Defend Integration Policy Policy Windows Logging - Windows logging settings.
- malware
Fleet
Elastic Defend Integration Policy Policy Windows Malware - Windows malware protection settings.
- memory
Protection FleetElastic Defend Integration Policy Policy Windows Memory Protection - Windows memory protection settings.
- popup
Fleet
Elastic Defend Integration Policy Policy Windows Popup - Windows popup notification settings.
- ransomware
Fleet
Elastic Defend Integration Policy Policy Windows Ransomware - Windows ransomware protection settings.
- antivirus
Registration FleetElastic Defend Integration Policy Policy Windows Antivirus Registration - Windows antivirus registration settings.
- attack
Surface FleetReduction Elastic Defend Integration Policy Policy Windows Attack Surface Reduction - Windows attack surface reduction settings.
- behavior
Protection FleetElastic Defend Integration Policy Policy Windows Behavior Protection - Windows behavior protection settings.
- events
Fleet
Elastic Defend Integration Policy Policy Windows Events - Windows event collection settings.
- logging
Fleet
Elastic Defend Integration Policy Policy Windows Logging - Windows logging settings.
- malware
Fleet
Elastic Defend Integration Policy Policy Windows Malware - Windows malware protection settings.
- memory
Protection FleetElastic Defend Integration Policy Policy Windows Memory Protection - Windows memory protection settings.
- popup
Fleet
Elastic Defend Integration Policy Policy Windows Popup - Windows popup notification settings.
- ransomware
Fleet
Elastic Defend Integration Policy Policy Windows Ransomware - Windows ransomware protection settings.
- antivirus_
registration FleetElastic Defend Integration Policy Policy Windows Antivirus Registration - Windows antivirus registration settings.
- attack_
surface_ Fleetreduction Elastic Defend Integration Policy Policy Windows Attack Surface Reduction - Windows attack surface reduction settings.
- behavior_
protection FleetElastic Defend Integration Policy Policy Windows Behavior Protection - Windows behavior protection settings.
- events
Fleet
Elastic Defend Integration Policy Policy Windows Events - Windows event collection settings.
- logging
Fleet
Elastic Defend Integration Policy Policy Windows Logging - Windows logging settings.
- malware
Fleet
Elastic Defend Integration Policy Policy Windows Malware - Windows malware protection settings.
- memory_
protection FleetElastic Defend Integration Policy Policy Windows Memory Protection - Windows memory protection settings.
- popup
Fleet
Elastic Defend Integration Policy Policy Windows Popup - Windows popup notification settings.
- ransomware
Fleet
Elastic Defend Integration Policy Policy Windows Ransomware - Windows ransomware protection settings.
- antivirus
Registration Property Map - Windows antivirus registration settings.
- attack
Surface Property MapReduction - Windows attack surface reduction settings.
- behavior
Protection Property Map - Windows behavior protection settings.
- events Property Map
- Windows event collection settings.
- logging Property Map
- Windows logging settings.
- malware Property Map
- Windows malware protection settings.
- memory
Protection Property Map - Windows memory protection settings.
- popup Property Map
- Windows popup notification settings.
- ransomware Property Map
- Windows ransomware protection settings.
FleetElasticDefendIntegrationPolicyPolicyWindowsAntivirusRegistration, FleetElasticDefendIntegrationPolicyPolicyWindowsAntivirusRegistrationArgs
FleetElasticDefendIntegrationPolicyPolicyWindowsAttackSurfaceReduction, FleetElasticDefendIntegrationPolicyPolicyWindowsAttackSurfaceReductionArgs
- Credential
Hardening FleetElastic Defend Integration Policy Policy Windows Attack Surface Reduction Credential Hardening - Credential hardening settings.
- Credential
Hardening FleetElastic Defend Integration Policy Policy Windows Attack Surface Reduction Credential Hardening - Credential hardening settings.
- credential_
hardening object - Credential hardening settings.
- credential
Hardening FleetElastic Defend Integration Policy Policy Windows Attack Surface Reduction Credential Hardening - Credential hardening settings.
- credential
Hardening FleetElastic Defend Integration Policy Policy Windows Attack Surface Reduction Credential Hardening - Credential hardening settings.
- credential_
hardening FleetElastic Defend Integration Policy Policy Windows Attack Surface Reduction Credential Hardening - Credential hardening settings.
- credential
Hardening Property Map - Credential hardening settings.
FleetElasticDefendIntegrationPolicyPolicyWindowsAttackSurfaceReductionCredentialHardening, FleetElasticDefendIntegrationPolicyPolicyWindowsAttackSurfaceReductionCredentialHardeningArgs
- Enabled bool
- Whether credential hardening is enabled.
- Enabled bool
- Whether credential hardening is enabled.
- enabled bool
- Whether credential hardening is enabled.
- enabled Boolean
- Whether credential hardening is enabled.
- enabled boolean
- Whether credential hardening is enabled.
- enabled bool
- Whether credential hardening is enabled.
- enabled Boolean
- Whether credential hardening is enabled.
FleetElasticDefendIntegrationPolicyPolicyWindowsBehaviorProtection, FleetElasticDefendIntegrationPolicyPolicyWindowsBehaviorProtectionArgs
- Mode string
- Protection mode. Valid values:
"off","detect","prevent". - Reputation
Service bool - Whether reputation service is enabled.
- Supported bool
- Whether this protection is supported on the platform.
- Mode string
- Protection mode. Valid values:
"off","detect","prevent". - Reputation
Service bool - Whether reputation service is enabled.
- Supported bool
- Whether this protection is supported on the platform.
- mode string
- Protection mode. Valid values:
"off","detect","prevent". - reputation_
service bool - Whether reputation service is enabled.
- supported bool
- Whether this protection is supported on the platform.
- mode String
- Protection mode. Valid values:
"off","detect","prevent". - reputation
Service Boolean - Whether reputation service is enabled.
- supported Boolean
- Whether this protection is supported on the platform.
- mode string
- Protection mode. Valid values:
"off","detect","prevent". - reputation
Service boolean - Whether reputation service is enabled.
- supported boolean
- Whether this protection is supported on the platform.
- mode str
- Protection mode. Valid values:
"off","detect","prevent". - reputation_
service bool - Whether reputation service is enabled.
- supported bool
- Whether this protection is supported on the platform.
- mode String
- Protection mode. Valid values:
"off","detect","prevent". - reputation
Service Boolean - Whether reputation service is enabled.
- supported Boolean
- Whether this protection is supported on the platform.
FleetElasticDefendIntegrationPolicyPolicyWindowsEvents, FleetElasticDefendIntegrationPolicyPolicyWindowsEventsArgs
- Authentication bool
- Collect authentication events.
- Dll
And boolDriver Load - Collect DLL and driver load events.
- Dns bool
- Collect DNS events.
- File bool
- Collect file events.
- Network bool
- Collect network events.
- Process bool
- Collect process events.
- Registry bool
- Collect registry events.
- Security bool
- Collect security events.
- Authentication bool
- Collect authentication events.
- Dll
And boolDriver Load - Collect DLL and driver load events.
- Dns bool
- Collect DNS events.
- File bool
- Collect file events.
- Network bool
- Collect network events.
- Process bool
- Collect process events.
- Registry bool
- Collect registry events.
- Security bool
- Collect security events.
- authentication bool
- Collect authentication events.
- dll_
and_ booldriver_ load - Collect DLL and driver load events.
- dns bool
- Collect DNS events.
- file bool
- Collect file events.
- network bool
- Collect network events.
- process bool
- Collect process events.
- registry bool
- Collect registry events.
- security bool
- Collect security events.
- authentication Boolean
- Collect authentication events.
- dll
And BooleanDriver Load - Collect DLL and driver load events.
- dns Boolean
- Collect DNS events.
- file Boolean
- Collect file events.
- network Boolean
- Collect network events.
- process Boolean
- Collect process events.
- registry Boolean
- Collect registry events.
- security Boolean
- Collect security events.
- authentication boolean
- Collect authentication events.
- dll
And booleanDriver Load - Collect DLL and driver load events.
- dns boolean
- Collect DNS events.
- file boolean
- Collect file events.
- network boolean
- Collect network events.
- process boolean
- Collect process events.
- registry boolean
- Collect registry events.
- security boolean
- Collect security events.
- authentication bool
- Collect authentication events.
- dll_
and_ booldriver_ load - Collect DLL and driver load events.
- dns bool
- Collect DNS events.
- file bool
- Collect file events.
- network bool
- Collect network events.
- process bool
- Collect process events.
- registry bool
- Collect registry events.
- security bool
- Collect security events.
- authentication Boolean
- Collect authentication events.
- dll
And BooleanDriver Load - Collect DLL and driver load events.
- dns Boolean
- Collect DNS events.
- file Boolean
- Collect file events.
- network Boolean
- Collect network events.
- process Boolean
- Collect process events.
- registry Boolean
- Collect registry events.
- security Boolean
- Collect security events.
FleetElasticDefendIntegrationPolicyPolicyWindowsLogging, FleetElasticDefendIntegrationPolicyPolicyWindowsLoggingArgs
- File string
- Log level for file logging. Valid values:
"info","debug","warning","error","critical".
- File string
- Log level for file logging. Valid values:
"info","debug","warning","error","critical".
- file string
- Log level for file logging. Valid values:
"info","debug","warning","error","critical".
- file String
- Log level for file logging. Valid values:
"info","debug","warning","error","critical".
- file string
- Log level for file logging. Valid values:
"info","debug","warning","error","critical".
- file str
- Log level for file logging. Valid values:
"info","debug","warning","error","critical".
- file String
- Log level for file logging. Valid values:
"info","debug","warning","error","critical".
FleetElasticDefendIntegrationPolicyPolicyWindowsMalware, FleetElasticDefendIntegrationPolicyPolicyWindowsMalwareArgs
- Blocklist bool
- Whether blocklist is enabled.
- Mode string
- Malware protection mode. Valid values:
"off","detect","prevent". - Notify
User bool - Whether to notify the user on malware detection.
- On
Write boolScan - Whether on-write scan is enabled.
- Blocklist bool
- Whether blocklist is enabled.
- Mode string
- Malware protection mode. Valid values:
"off","detect","prevent". - Notify
User bool - Whether to notify the user on malware detection.
- On
Write boolScan - Whether on-write scan is enabled.
- blocklist bool
- Whether blocklist is enabled.
- mode string
- Malware protection mode. Valid values:
"off","detect","prevent". - notify_
user bool - Whether to notify the user on malware detection.
- on_
write_ boolscan - Whether on-write scan is enabled.
- blocklist Boolean
- Whether blocklist is enabled.
- mode String
- Malware protection mode. Valid values:
"off","detect","prevent". - notify
User Boolean - Whether to notify the user on malware detection.
- on
Write BooleanScan - Whether on-write scan is enabled.
- blocklist boolean
- Whether blocklist is enabled.
- mode string
- Malware protection mode. Valid values:
"off","detect","prevent". - notify
User boolean - Whether to notify the user on malware detection.
- on
Write booleanScan - Whether on-write scan is enabled.
- blocklist bool
- Whether blocklist is enabled.
- mode str
- Malware protection mode. Valid values:
"off","detect","prevent". - notify_
user bool - Whether to notify the user on malware detection.
- on_
write_ boolscan - Whether on-write scan is enabled.
- blocklist Boolean
- Whether blocklist is enabled.
- mode String
- Malware protection mode. Valid values:
"off","detect","prevent". - notify
User Boolean - Whether to notify the user on malware detection.
- on
Write BooleanScan - Whether on-write scan is enabled.
FleetElasticDefendIntegrationPolicyPolicyWindowsMemoryProtection, FleetElasticDefendIntegrationPolicyPolicyWindowsMemoryProtectionArgs
FleetElasticDefendIntegrationPolicyPolicyWindowsPopup, FleetElasticDefendIntegrationPolicyPolicyWindowsPopupArgs
- Behavior
Protection FleetElastic Defend Integration Policy Policy Windows Popup Behavior Protection - Malware
Fleet
Elastic Defend Integration Policy Policy Windows Popup Malware - Memory
Protection FleetElastic Defend Integration Policy Policy Windows Popup Memory Protection - Ransomware
Fleet
Elastic Defend Integration Policy Policy Windows Popup Ransomware
- Behavior
Protection FleetElastic Defend Integration Policy Policy Windows Popup Behavior Protection - Malware
Fleet
Elastic Defend Integration Policy Policy Windows Popup Malware - Memory
Protection FleetElastic Defend Integration Policy Policy Windows Popup Memory Protection - Ransomware
Fleet
Elastic Defend Integration Policy Policy Windows Popup Ransomware
- behavior
Protection FleetElastic Defend Integration Policy Policy Windows Popup Behavior Protection - malware
Fleet
Elastic Defend Integration Policy Policy Windows Popup Malware - memory
Protection FleetElastic Defend Integration Policy Policy Windows Popup Memory Protection - ransomware
Fleet
Elastic Defend Integration Policy Policy Windows Popup Ransomware
- behavior
Protection FleetElastic Defend Integration Policy Policy Windows Popup Behavior Protection - malware
Fleet
Elastic Defend Integration Policy Policy Windows Popup Malware - memory
Protection FleetElastic Defend Integration Policy Policy Windows Popup Memory Protection - ransomware
Fleet
Elastic Defend Integration Policy Policy Windows Popup Ransomware
- behavior_
protection FleetElastic Defend Integration Policy Policy Windows Popup Behavior Protection - malware
Fleet
Elastic Defend Integration Policy Policy Windows Popup Malware - memory_
protection FleetElastic Defend Integration Policy Policy Windows Popup Memory Protection - ransomware
Fleet
Elastic Defend Integration Policy Policy Windows Popup Ransomware
FleetElasticDefendIntegrationPolicyPolicyWindowsPopupBehaviorProtection, FleetElasticDefendIntegrationPolicyPolicyWindowsPopupBehaviorProtectionArgs
FleetElasticDefendIntegrationPolicyPolicyWindowsPopupMalware, FleetElasticDefendIntegrationPolicyPolicyWindowsPopupMalwareArgs
FleetElasticDefendIntegrationPolicyPolicyWindowsPopupMemoryProtection, FleetElasticDefendIntegrationPolicyPolicyWindowsPopupMemoryProtectionArgs
FleetElasticDefendIntegrationPolicyPolicyWindowsPopupRansomware, FleetElasticDefendIntegrationPolicyPolicyWindowsPopupRansomwareArgs
FleetElasticDefendIntegrationPolicyPolicyWindowsRansomware, FleetElasticDefendIntegrationPolicyPolicyWindowsRansomwareArgs
Package Details
- Repository
- elasticstack elastic/terraform-provider-elasticstack
- License
- Notes
- This Pulumi package is based on the
elasticstackTerraform Provider.
Viewing docs for elasticstack 0.15.0
published on Thursday, May 14, 2026 by elastic
published on Thursday, May 14, 2026 by elastic
