sysdig 1.56.0, Apr 30 25

sysdig 1.56.0 published on Wednesday, Apr 30, 2025 by sysdiglabs

sysdig.getSecureDriftPolicy

Explore with Pulumi AI

sysdig 1.56.0 published on Wednesday, Apr 30, 2025 by sysdiglabs

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as sysdig from "@pulumi/sysdig";

const policy = sysdig.getSecureDriftPolicy({
    name: "Drift Policy 1",
});

import pulumi
import pulumi_sysdig as sysdig

policy = sysdig.get_secure_drift_policy(name="Drift Policy 1")

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/sysdig/sysdig"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := sysdig.LookupSecureDriftPolicy(ctx, &sysdig.LookupSecureDriftPolicyArgs{
			Name: "Drift Policy 1",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Sysdig = Pulumi.Sysdig;

return await Deployment.RunAsync(() => 
{
    var policy = Sysdig.GetSecureDriftPolicy.Invoke(new()
    {
        Name = "Drift Policy 1",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.sysdig.SysdigFunctions;
import com.pulumi.sysdig.inputs.GetSecureDriftPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var policy = SysdigFunctions.getSecureDriftPolicy(GetSecureDriftPolicyArgs.builder()
            .name("Drift Policy 1")
            .build());

    }
}

variables:
  policy:
    fn::invoke:
      function: sysdig:getSecureDriftPolicy
      arguments:
        name: Drift Policy 1

Using getSecureDriftPolicy

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getSecureDriftPolicy(args: GetSecureDriftPolicyArgs, opts?: InvokeOptions): Promise<GetSecureDriftPolicyResult>
function getSecureDriftPolicyOutput(args: GetSecureDriftPolicyOutputArgs, opts?: InvokeOptions): Output<GetSecureDriftPolicyResult>

def get_secure_drift_policy(id: Optional[str] = None,
                            name: Optional[str] = None,
                            timeouts: Optional[GetSecureDriftPolicyTimeouts] = None,
                            opts: Optional[InvokeOptions] = None) -> GetSecureDriftPolicyResult
def get_secure_drift_policy_output(id: Optional[pulumi.Input[str]] = None,
                            name: Optional[pulumi.Input[str]] = None,
                            timeouts: Optional[pulumi.Input[GetSecureDriftPolicyTimeoutsArgs]] = None,
                            opts: Optional[InvokeOptions] = None) -> Output[GetSecureDriftPolicyResult]

func LookupSecureDriftPolicy(ctx *Context, args *LookupSecureDriftPolicyArgs, opts ...InvokeOption) (*LookupSecureDriftPolicyResult, error)
func LookupSecureDriftPolicyOutput(ctx *Context, args *LookupSecureDriftPolicyOutputArgs, opts ...InvokeOption) LookupSecureDriftPolicyResultOutput

> Note: This function is named LookupSecureDriftPolicy in the Go SDK.

public static class GetSecureDriftPolicy 
{
    public static Task<GetSecureDriftPolicyResult> InvokeAsync(GetSecureDriftPolicyArgs args, InvokeOptions? opts = null)
    public static Output<GetSecureDriftPolicyResult> Invoke(GetSecureDriftPolicyInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetSecureDriftPolicyResult> getSecureDriftPolicy(GetSecureDriftPolicyArgs args, InvokeOptions options)
public static Output<GetSecureDriftPolicyResult> getSecureDriftPolicy(GetSecureDriftPolicyArgs args, InvokeOptions options)

fn::invoke:
  function: sysdig:index/getSecureDriftPolicy:getSecureDriftPolicy
  arguments:
    # arguments dictionary

The following arguments are supported:

Name string: The name of the Secure managed policy.
Id string: The id for the policy.
Timeouts GetSecureDriftPolicyTimeouts

Name string: The name of the Secure managed policy.
Id string: The id for the policy.
Timeouts GetSecureDriftPolicyTimeouts

name String: The name of the Secure managed policy.
id String: The id for the policy.
timeouts GetSecureDriftPolicyTimeouts

name string: The name of the Secure managed policy.
id string: The id for the policy.
timeouts GetSecureDriftPolicyTimeouts

name str: The name of the Secure managed policy.
id str: The id for the policy.
timeouts GetSecureDriftPolicyTimeouts

name String: The name of the Secure managed policy.
id String: The id for the policy.
timeouts Property Map

getSecureDriftPolicy Result

The following output properties are available:

Actions List<GetSecureDriftPolicyAction>
Description string: (Required) The description of the drift rule.
Enabled bool: (Required) Toggle to dynamically detect execution of drifted binaries. A drifted binary is any binary that was not part of the original image of the container. It is typically downloaded or compiled into a running container.
Id string: The id for the policy.
Name string: (Required) The name of the capture file
NotificationChannels List<double>: IDs of the notification channels to send alerts to when the policy is fired.
Rules List<GetSecureDriftPolicyRule>
Runbook string: Customer provided url that provides a runbook for a given policy.
Scope string: The application scope for the policy.
Severity double: The severity of Secure policy. The accepted values are: 0, 1, 2, 3 (High), 4, 5 (Medium), 6 (Low) and 7 (Info).
Type string
Version double
Timeouts GetSecureDriftPolicyTimeouts

Actions []GetSecureDriftPolicyAction
Description string: (Required) The description of the drift rule.
Enabled bool: (Required) Toggle to dynamically detect execution of drifted binaries. A drifted binary is any binary that was not part of the original image of the container. It is typically downloaded or compiled into a running container.
Id string: The id for the policy.
Name string: (Required) The name of the capture file
NotificationChannels []float64: IDs of the notification channels to send alerts to when the policy is fired.
Rules []GetSecureDriftPolicyRule
Runbook string: Customer provided url that provides a runbook for a given policy.
Scope string: The application scope for the policy.
Severity float64: The severity of Secure policy. The accepted values are: 0, 1, 2, 3 (High), 4, 5 (Medium), 6 (Low) and 7 (Info).
Type string
Version float64
Timeouts GetSecureDriftPolicyTimeouts

actions List<GetSecureDriftPolicyAction>
description String: (Required) The description of the drift rule.
enabled Boolean: (Required) Toggle to dynamically detect execution of drifted binaries. A drifted binary is any binary that was not part of the original image of the container. It is typically downloaded or compiled into a running container.
id String: The id for the policy.
name String: (Required) The name of the capture file
notificationChannels List<Double>: IDs of the notification channels to send alerts to when the policy is fired.
rules List<GetSecureDriftPolicyRule>
runbook String: Customer provided url that provides a runbook for a given policy.
scope String: The application scope for the policy.
severity Double: The severity of Secure policy. The accepted values are: 0, 1, 2, 3 (High), 4, 5 (Medium), 6 (Low) and 7 (Info).
type String
version Double
timeouts GetSecureDriftPolicyTimeouts

actions GetSecureDriftPolicyAction[]
description string: (Required) The description of the drift rule.
enabled boolean: (Required) Toggle to dynamically detect execution of drifted binaries. A drifted binary is any binary that was not part of the original image of the container. It is typically downloaded or compiled into a running container.
id string: The id for the policy.
name string: (Required) The name of the capture file
notificationChannels number[]: IDs of the notification channels to send alerts to when the policy is fired.
rules GetSecureDriftPolicyRule[]
runbook string: Customer provided url that provides a runbook for a given policy.
scope string: The application scope for the policy.
severity number: The severity of Secure policy. The accepted values are: 0, 1, 2, 3 (High), 4, 5 (Medium), 6 (Low) and 7 (Info).
type string
version number
timeouts GetSecureDriftPolicyTimeouts

actions Sequence[GetSecureDriftPolicyAction]
description str: (Required) The description of the drift rule.
enabled bool: (Required) Toggle to dynamically detect execution of drifted binaries. A drifted binary is any binary that was not part of the original image of the container. It is typically downloaded or compiled into a running container.
id str: The id for the policy.
name str: (Required) The name of the capture file
notification_channels Sequence[float]: IDs of the notification channels to send alerts to when the policy is fired.
rules Sequence[GetSecureDriftPolicyRule]
runbook str: Customer provided url that provides a runbook for a given policy.
scope str: The application scope for the policy.
severity float: The severity of Secure policy. The accepted values are: 0, 1, 2, 3 (High), 4, 5 (Medium), 6 (Low) and 7 (Info).
type str
version float
timeouts GetSecureDriftPolicyTimeouts

actions List<Property Map>
description String: (Required) The description of the drift rule.
enabled Boolean: (Required) Toggle to dynamically detect execution of drifted binaries. A drifted binary is any binary that was not part of the original image of the container. It is typically downloaded or compiled into a running container.
id String: The id for the policy.
name String: (Required) The name of the capture file
notificationChannels List<Number>: IDs of the notification channels to send alerts to when the policy is fired.
rules List<Property Map>
runbook String: Customer provided url that provides a runbook for a given policy.
scope String: The application scope for the policy.
severity Number: The severity of Secure policy. The accepted values are: 0, 1, 2, 3 (High), 4, 5 (Medium), 6 (Low) and 7 (Info).
type String
version Number
timeouts Property Map

Supporting Types

GetSecureDriftPolicyAction

Captures List<GetSecureDriftPolicyActionCapture>: (Optional) Captures with Sysdig the stream of system calls:
Container string: (Optional) The action applied to container when this Policy is triggered. Can be stop, pause or kill. If this is not specified, no action will be applied at the container level.
PreventDrift bool: (Optional) Prevent the execution of drifted binaries and specified prohibited binaries.

Captures []GetSecureDriftPolicyActionCapture: (Optional) Captures with Sysdig the stream of system calls:
Container string: (Optional) The action applied to container when this Policy is triggered. Can be stop, pause or kill. If this is not specified, no action will be applied at the container level.
PreventDrift bool: (Optional) Prevent the execution of drifted binaries and specified prohibited binaries.

captures List<GetSecureDriftPolicyActionCapture>: (Optional) Captures with Sysdig the stream of system calls:
container String: (Optional) The action applied to container when this Policy is triggered. Can be stop, pause or kill. If this is not specified, no action will be applied at the container level.
preventDrift Boolean: (Optional) Prevent the execution of drifted binaries and specified prohibited binaries.

captures GetSecureDriftPolicyActionCapture[]: (Optional) Captures with Sysdig the stream of system calls:
container string: (Optional) The action applied to container when this Policy is triggered. Can be stop, pause or kill. If this is not specified, no action will be applied at the container level.
preventDrift boolean: (Optional) Prevent the execution of drifted binaries and specified prohibited binaries.

captures Sequence[GetSecureDriftPolicyActionCapture]: (Optional) Captures with Sysdig the stream of system calls:
container str: (Optional) The action applied to container when this Policy is triggered. Can be stop, pause or kill. If this is not specified, no action will be applied at the container level.
prevent_drift bool: (Optional) Prevent the execution of drifted binaries and specified prohibited binaries.

captures List<Property Map>: (Optional) Captures with Sysdig the stream of system calls:
container String: (Optional) The action applied to container when this Policy is triggered. Can be stop, pause or kill. If this is not specified, no action will be applied at the container level.
preventDrift Boolean: (Optional) Prevent the execution of drifted binaries and specified prohibited binaries.

GetSecureDriftPolicyActionCapture

BucketName string: (Optional) Custom bucket to store capture in, bucket should be onboarded in Integrations > S3 Capture Storage. Default is to use Sysdig Secure Storage
Filter string: (Optional) Additional filter to apply to the capture. For example: proc.name=cat
Folder string: (Optional) Name of folder to store capture inside the bucket. By default we will store the capture file at the root of the bucket
Name string: The name of the Secure managed policy.
SecondsAfterEvent double: (Required) Captures the system calls for the amount of seconds after the policy was triggered.
SecondsBeforeEvent double: (Required) Captures the system calls during the amount of seconds before the policy was triggered.

BucketName string: (Optional) Custom bucket to store capture in, bucket should be onboarded in Integrations > S3 Capture Storage. Default is to use Sysdig Secure Storage
Filter string: (Optional) Additional filter to apply to the capture. For example: proc.name=cat
Folder string: (Optional) Name of folder to store capture inside the bucket. By default we will store the capture file at the root of the bucket
Name string: The name of the Secure managed policy.
SecondsAfterEvent float64: (Required) Captures the system calls for the amount of seconds after the policy was triggered.
SecondsBeforeEvent float64: (Required) Captures the system calls during the amount of seconds before the policy was triggered.

bucketName String: (Optional) Custom bucket to store capture in, bucket should be onboarded in Integrations > S3 Capture Storage. Default is to use Sysdig Secure Storage
filter String: (Optional) Additional filter to apply to the capture. For example: proc.name=cat
folder String: (Optional) Name of folder to store capture inside the bucket. By default we will store the capture file at the root of the bucket
name String: The name of the Secure managed policy.
secondsAfterEvent Double: (Required) Captures the system calls for the amount of seconds after the policy was triggered.
secondsBeforeEvent Double: (Required) Captures the system calls during the amount of seconds before the policy was triggered.

bucketName string: (Optional) Custom bucket to store capture in, bucket should be onboarded in Integrations > S3 Capture Storage. Default is to use Sysdig Secure Storage
filter string: (Optional) Additional filter to apply to the capture. For example: proc.name=cat
folder string: (Optional) Name of folder to store capture inside the bucket. By default we will store the capture file at the root of the bucket
name string: The name of the Secure managed policy.
secondsAfterEvent number: (Required) Captures the system calls for the amount of seconds after the policy was triggered.
secondsBeforeEvent number: (Required) Captures the system calls during the amount of seconds before the policy was triggered.

bucket_name str: (Optional) Custom bucket to store capture in, bucket should be onboarded in Integrations > S3 Capture Storage. Default is to use Sysdig Secure Storage
filter str: (Optional) Additional filter to apply to the capture. For example: proc.name=cat
folder str: (Optional) Name of folder to store capture inside the bucket. By default we will store the capture file at the root of the bucket
name str: The name of the Secure managed policy.
seconds_after_event float: (Required) Captures the system calls for the amount of seconds after the policy was triggered.
seconds_before_event float: (Required) Captures the system calls during the amount of seconds before the policy was triggered.

bucketName String: (Optional) Custom bucket to store capture in, bucket should be onboarded in Integrations > S3 Capture Storage. Default is to use Sysdig Secure Storage
filter String: (Optional) Additional filter to apply to the capture. For example: proc.name=cat
folder String: (Optional) Name of folder to store capture inside the bucket. By default we will store the capture file at the root of the bucket
name String: The name of the Secure managed policy.
secondsAfterEvent Number: (Required) Captures the system calls for the amount of seconds after the policy was triggered.
secondsBeforeEvent Number: (Required) Captures the system calls during the amount of seconds before the policy was triggered.

GetSecureDriftPolicyRule

Description string: (Required) The description of the drift rule.
Enabled bool: (Required) Toggle to dynamically detect execution of drifted binaries. A drifted binary is any binary that was not part of the original image of the container. It is typically downloaded or compiled into a running container.
Exceptions List<GetSecureDriftPolicyRuleException>: (Optional) Specify comma separated list of exceptions.
Id double: The id for the policy.
MountedVolumeDriftEnabled bool
Name string: The name of the Secure managed policy.
ProhibitedBinaries List<GetSecureDriftPolicyRuleProhibitedBinary>: (Optional) A prohibited binary can be a known harmful binary or one that facilitates discovery of your environment.
Tags List<string>
Version double

Description string: (Required) The description of the drift rule.
Enabled bool: (Required) Toggle to dynamically detect execution of drifted binaries. A drifted binary is any binary that was not part of the original image of the container. It is typically downloaded or compiled into a running container.
Exceptions []GetSecureDriftPolicyRuleException: (Optional) Specify comma separated list of exceptions.
Id float64: The id for the policy.
MountedVolumeDriftEnabled bool
Name string: The name of the Secure managed policy.
ProhibitedBinaries []GetSecureDriftPolicyRuleProhibitedBinary: (Optional) A prohibited binary can be a known harmful binary or one that facilitates discovery of your environment.
Tags []string
Version float64

description String: (Required) The description of the drift rule.
enabled Boolean: (Required) Toggle to dynamically detect execution of drifted binaries. A drifted binary is any binary that was not part of the original image of the container. It is typically downloaded or compiled into a running container.
exceptions List<GetSecureDriftPolicyRuleException>: (Optional) Specify comma separated list of exceptions.
id Double: The id for the policy.
mountedVolumeDriftEnabled Boolean
name String: The name of the Secure managed policy.
prohibitedBinaries List<GetSecureDriftPolicyRuleProhibitedBinary>: (Optional) A prohibited binary can be a known harmful binary or one that facilitates discovery of your environment.
tags List<String>
version Double

description string: (Required) The description of the drift rule.
enabled boolean: (Required) Toggle to dynamically detect execution of drifted binaries. A drifted binary is any binary that was not part of the original image of the container. It is typically downloaded or compiled into a running container.
exceptions GetSecureDriftPolicyRuleException[]: (Optional) Specify comma separated list of exceptions.
id number: The id for the policy.
mountedVolumeDriftEnabled boolean
name string: The name of the Secure managed policy.
prohibitedBinaries GetSecureDriftPolicyRuleProhibitedBinary[]: (Optional) A prohibited binary can be a known harmful binary or one that facilitates discovery of your environment.
tags string[]
version number

description str: (Required) The description of the drift rule.
enabled bool: (Required) Toggle to dynamically detect execution of drifted binaries. A drifted binary is any binary that was not part of the original image of the container. It is typically downloaded or compiled into a running container.
exceptions Sequence[GetSecureDriftPolicyRuleException]: (Optional) Specify comma separated list of exceptions.
id float: The id for the policy.
mounted_volume_drift_enabled bool
name str: The name of the Secure managed policy.
prohibited_binaries Sequence[GetSecureDriftPolicyRuleProhibitedBinary]: (Optional) A prohibited binary can be a known harmful binary or one that facilitates discovery of your environment.
tags Sequence[str]
version float

description String: (Required) The description of the drift rule.
enabled Boolean: (Required) Toggle to dynamically detect execution of drifted binaries. A drifted binary is any binary that was not part of the original image of the container. It is typically downloaded or compiled into a running container.
exceptions List<Property Map>: (Optional) Specify comma separated list of exceptions.
id Number: The id for the policy.
mountedVolumeDriftEnabled Boolean
name String: The name of the Secure managed policy.
prohibitedBinaries List<Property Map>: (Optional) A prohibited binary can be a known harmful binary or one that facilitates discovery of your environment.
tags List<String>
version Number

GetSecureDriftPolicyRuleException

Items List<string>: (Required) Specify comma separated list of prohibited binaries, e.g. /usr/bin/rm, /usr/bin/curl.
MatchItems bool

Items []string: (Required) Specify comma separated list of prohibited binaries, e.g. /usr/bin/rm, /usr/bin/curl.
MatchItems bool

items List<String>: (Required) Specify comma separated list of prohibited binaries, e.g. /usr/bin/rm, /usr/bin/curl.
matchItems Boolean

items string[]: (Required) Specify comma separated list of prohibited binaries, e.g. /usr/bin/rm, /usr/bin/curl.
matchItems boolean

items Sequence[str]: (Required) Specify comma separated list of prohibited binaries, e.g. /usr/bin/rm, /usr/bin/curl.
match_items bool

items List<String>: (Required) Specify comma separated list of prohibited binaries, e.g. /usr/bin/rm, /usr/bin/curl.
matchItems Boolean

GetSecureDriftPolicyRuleProhibitedBinary

Items List<string>: (Required) Specify comma separated list of prohibited binaries, e.g. /usr/bin/rm, /usr/bin/curl.
MatchItems bool

Items []string: (Required) Specify comma separated list of prohibited binaries, e.g. /usr/bin/rm, /usr/bin/curl.
MatchItems bool

items List<String>: (Required) Specify comma separated list of prohibited binaries, e.g. /usr/bin/rm, /usr/bin/curl.
matchItems Boolean

items string[]: (Required) Specify comma separated list of prohibited binaries, e.g. /usr/bin/rm, /usr/bin/curl.
matchItems boolean

items Sequence[str]: (Required) Specify comma separated list of prohibited binaries, e.g. /usr/bin/rm, /usr/bin/curl.
match_items bool

items List<String>: (Required) Specify comma separated list of prohibited binaries, e.g. /usr/bin/rm, /usr/bin/curl.
matchItems Boolean

GetSecureDriftPolicyTimeouts

Read string

Read string

read String

read string

read str

read String

Package Details

Repository: sysdig sysdiglabs/terraform-provider-sysdig
License
Notes: This Pulumi package is based on the sysdig Terraform Provider.

sysdig 1.56.0 published on Wednesday, Apr 30, 2025 by sysdiglabs

sysdiglabs/terraform-provider-sysdig

sysdig.getSecureDriftPolicy

On this page

On this page

Example Usage

Using getSecureDriftPolicy

getSecureDriftPolicy Result

Supporting Types

GetSecureDriftPolicyAction

GetSecureDriftPolicyActionCapture

GetSecureDriftPolicyRule

GetSecureDriftPolicyRuleException

GetSecureDriftPolicyRuleProhibitedBinary

GetSecureDriftPolicyTimeouts

Package Details

On this page

On this page