sysdig.getSecureManagedPolicy

sysdig 3.5.0, Mar 6 26

Viewing docs for sysdig 3.5.0
published on Friday, Mar 6, 2026 by sysdiglabs

Schema (JSON)

sysdiglabs/terraform-provider-sysdig

Viewing docs for sysdig 3.5.0
published on Friday, Mar 6, 2026 by sysdiglabs

Schema (JSON)

sysdiglabs/terraform-provider-sysdig

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as sysdig from "@pulumi/sysdig";

const example = sysdig.getSecureManagedPolicy({
    name: "Sysdig Runtime Threat Detection",
    type: "falco",
});

import pulumi
import pulumi_sysdig as sysdig

example = sysdig.get_secure_managed_policy(name="Sysdig Runtime Threat Detection",
    type="falco")

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/sysdig/v3/sysdig"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := sysdig.LookupSecureManagedPolicy(ctx, &sysdig.LookupSecureManagedPolicyArgs{
			Name: "Sysdig Runtime Threat Detection",
			Type: pulumi.StringRef("falco"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Sysdig = Pulumi.Sysdig;

return await Deployment.RunAsync(() => 
{
    var example = Sysdig.GetSecureManagedPolicy.Invoke(new()
    {
        Name = "Sysdig Runtime Threat Detection",
        Type = "falco",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.sysdig.SysdigFunctions;
import com.pulumi.sysdig.inputs.GetSecureManagedPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var example = SysdigFunctions.getSecureManagedPolicy(GetSecureManagedPolicyArgs.builder()
            .name("Sysdig Runtime Threat Detection")
            .type("falco")
            .build());

    }
}

variables:
  example:
    fn::invoke:
      function: sysdig:getSecureManagedPolicy
      arguments:
        name: Sysdig Runtime Threat Detection
        type: falco

Using getSecureManagedPolicy

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getSecureManagedPolicy(args: GetSecureManagedPolicyArgs, opts?: InvokeOptions): Promise<GetSecureManagedPolicyResult>
function getSecureManagedPolicyOutput(args: GetSecureManagedPolicyOutputArgs, opts?: InvokeOptions): Output<GetSecureManagedPolicyResult>

def get_secure_managed_policy(actions: Optional[Sequence[GetSecureManagedPolicyAction]] = None,
                              name: Optional[str] = None,
                              runbook: Optional[str] = None,
                              timeouts: Optional[GetSecureManagedPolicyTimeouts] = None,
                              type: Optional[str] = None,
                              opts: Optional[InvokeOptions] = None) -> GetSecureManagedPolicyResult
def get_secure_managed_policy_output(actions: Optional[pulumi.Input[Sequence[pulumi.Input[GetSecureManagedPolicyActionArgs]]]] = None,
                              name: Optional[pulumi.Input[str]] = None,
                              runbook: Optional[pulumi.Input[str]] = None,
                              timeouts: Optional[pulumi.Input[GetSecureManagedPolicyTimeoutsArgs]] = None,
                              type: Optional[pulumi.Input[str]] = None,
                              opts: Optional[InvokeOptions] = None) -> Output[GetSecureManagedPolicyResult]

func LookupSecureManagedPolicy(ctx *Context, args *LookupSecureManagedPolicyArgs, opts ...InvokeOption) (*LookupSecureManagedPolicyResult, error)
func LookupSecureManagedPolicyOutput(ctx *Context, args *LookupSecureManagedPolicyOutputArgs, opts ...InvokeOption) LookupSecureManagedPolicyResultOutput

> Note: This function is named LookupSecureManagedPolicy in the Go SDK.

public static class GetSecureManagedPolicy 
{
    public static Task<GetSecureManagedPolicyResult> InvokeAsync(GetSecureManagedPolicyArgs args, InvokeOptions? opts = null)
    public static Output<GetSecureManagedPolicyResult> Invoke(GetSecureManagedPolicyInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetSecureManagedPolicyResult> getSecureManagedPolicy(GetSecureManagedPolicyArgs args, InvokeOptions options)
public static Output<GetSecureManagedPolicyResult> getSecureManagedPolicy(GetSecureManagedPolicyArgs args, InvokeOptions options)

fn::invoke:
  function: sysdig:index/getSecureManagedPolicy:getSecureManagedPolicy
  arguments:
    # arguments dictionary

The following arguments are supported:

Name string: The name of the Secure managed policy.
Actions List<GetSecureManagedPolicyAction>
Runbook string: Customer provided url that provides a runbook for a given policy.
Timeouts GetSecureManagedPolicyTimeouts
Type string: Specifies the type of the runtime policy. Must be one of: falco, list_matching, k8s_audit, aws_cloudtrail, gcp_auditlog, azure_platformlogs, awscloudtrail, okta, github, guardduty. By default it is falco.

Name string: The name of the Secure managed policy.
Actions []GetSecureManagedPolicyAction
Runbook string: Customer provided url that provides a runbook for a given policy.
Timeouts GetSecureManagedPolicyTimeouts
Type string: Specifies the type of the runtime policy. Must be one of: falco, list_matching, k8s_audit, aws_cloudtrail, gcp_auditlog, azure_platformlogs, awscloudtrail, okta, github, guardduty. By default it is falco.

name String: The name of the Secure managed policy.
actions List<GetSecureManagedPolicyAction>
runbook String: Customer provided url that provides a runbook for a given policy.
timeouts GetSecureManagedPolicyTimeouts
type String: Specifies the type of the runtime policy. Must be one of: falco, list_matching, k8s_audit, aws_cloudtrail, gcp_auditlog, azure_platformlogs, awscloudtrail, okta, github, guardduty. By default it is falco.

name string: The name of the Secure managed policy.
actions GetSecureManagedPolicyAction[]
runbook string: Customer provided url that provides a runbook for a given policy.
timeouts GetSecureManagedPolicyTimeouts
type string: Specifies the type of the runtime policy. Must be one of: falco, list_matching, k8s_audit, aws_cloudtrail, gcp_auditlog, azure_platformlogs, awscloudtrail, okta, github, guardduty. By default it is falco.

name str: The name of the Secure managed policy.
actions Sequence[GetSecureManagedPolicyAction]
runbook str: Customer provided url that provides a runbook for a given policy.
timeouts GetSecureManagedPolicyTimeouts
type str: Specifies the type of the runtime policy. Must be one of: falco, list_matching, k8s_audit, aws_cloudtrail, gcp_auditlog, azure_platformlogs, awscloudtrail, okta, github, guardduty. By default it is falco.

name String: The name of the Secure managed policy.
actions List<Property Map>
runbook String: Customer provided url that provides a runbook for a given policy.
timeouts Property Map
type String: Specifies the type of the runtime policy. Must be one of: falco, list_matching, k8s_audit, aws_cloudtrail, gcp_auditlog, azure_platformlogs, awscloudtrail, okta, github, guardduty. By default it is falco.

getSecureManagedPolicy Result

The following output properties are available:

Description string: The description for the managed policy.
Enabled bool: Whether the policy is enabled or not.
Id double: The id for the managed policy.
Name string: (Required) The name of the capture file
NotificationChannels List<double>: IDs of the notification channels to send alerts to when the policy is fired.
Rules List<GetSecureManagedPolicyRule>: An array of rules with the properties name and enabled to identify the rule name and whether it is enabled.
Scope string: The application scope for the policy.
Severity double: The severity of Secure policy. The accepted values are: 0, 1, 2, 3 (High), 4, 5 (Medium), 6 (Low) and 7 (Info).
Actions List<GetSecureManagedPolicyAction>
Runbook string: Customer provided url that provides a runbook for a given policy.
Timeouts GetSecureManagedPolicyTimeouts
Type string

Description string: The description for the managed policy.
Enabled bool: Whether the policy is enabled or not.
Id float64: The id for the managed policy.
Name string: (Required) The name of the capture file
NotificationChannels []float64: IDs of the notification channels to send alerts to when the policy is fired.
Rules []GetSecureManagedPolicyRule: An array of rules with the properties name and enabled to identify the rule name and whether it is enabled.
Scope string: The application scope for the policy.
Severity float64: The severity of Secure policy. The accepted values are: 0, 1, 2, 3 (High), 4, 5 (Medium), 6 (Low) and 7 (Info).
Actions []GetSecureManagedPolicyAction
Runbook string: Customer provided url that provides a runbook for a given policy.
Timeouts GetSecureManagedPolicyTimeouts
Type string

description String: The description for the managed policy.
enabled Boolean: Whether the policy is enabled or not.
id Double: The id for the managed policy.
name String: (Required) The name of the capture file
notificationChannels List<Double>: IDs of the notification channels to send alerts to when the policy is fired.
rules List<GetSecureManagedPolicyRule>: An array of rules with the properties name and enabled to identify the rule name and whether it is enabled.
scope String: The application scope for the policy.
severity Double: The severity of Secure policy. The accepted values are: 0, 1, 2, 3 (High), 4, 5 (Medium), 6 (Low) and 7 (Info).
actions List<GetSecureManagedPolicyAction>
runbook String: Customer provided url that provides a runbook for a given policy.
timeouts GetSecureManagedPolicyTimeouts
type String

description string: The description for the managed policy.
enabled boolean: Whether the policy is enabled or not.
id number: The id for the managed policy.
name string: (Required) The name of the capture file
notificationChannels number[]: IDs of the notification channels to send alerts to when the policy is fired.
rules GetSecureManagedPolicyRule[]: An array of rules with the properties name and enabled to identify the rule name and whether it is enabled.
scope string: The application scope for the policy.
severity number: The severity of Secure policy. The accepted values are: 0, 1, 2, 3 (High), 4, 5 (Medium), 6 (Low) and 7 (Info).
actions GetSecureManagedPolicyAction[]
runbook string: Customer provided url that provides a runbook for a given policy.
timeouts GetSecureManagedPolicyTimeouts
type string

description str: The description for the managed policy.
enabled bool: Whether the policy is enabled or not.
id float: The id for the managed policy.
name str: (Required) The name of the capture file
notification_channels Sequence[float]: IDs of the notification channels to send alerts to when the policy is fired.
rules Sequence[GetSecureManagedPolicyRule]: An array of rules with the properties name and enabled to identify the rule name and whether it is enabled.
scope str: The application scope for the policy.
severity float: The severity of Secure policy. The accepted values are: 0, 1, 2, 3 (High), 4, 5 (Medium), 6 (Low) and 7 (Info).
actions Sequence[GetSecureManagedPolicyAction]
runbook str: Customer provided url that provides a runbook for a given policy.
timeouts GetSecureManagedPolicyTimeouts
type str

description String: The description for the managed policy.
enabled Boolean: Whether the policy is enabled or not.
id Number: The id for the managed policy.
name String: (Required) The name of the capture file
notificationChannels List<Number>: IDs of the notification channels to send alerts to when the policy is fired.
rules List<Property Map>: An array of rules with the properties name and enabled to identify the rule name and whether it is enabled.
scope String: The application scope for the policy.
severity Number: The severity of Secure policy. The accepted values are: 0, 1, 2, 3 (High), 4, 5 (Medium), 6 (Low) and 7 (Info).
actions List<Property Map>
runbook String: Customer provided url that provides a runbook for a given policy.
timeouts Property Map
type String

Supporting Types

GetSecureManagedPolicyAction

Container string: (Optional) The action applied to container when this Policy is triggered. Can be stop, pause or kill. If this is not specified, no action will be applied at the container level.
KillProcess string
Captures List<GetSecureManagedPolicyActionCapture>: (Optional) Captures with Sysdig the stream of system calls:

Container string: (Optional) The action applied to container when this Policy is triggered. Can be stop, pause or kill. If this is not specified, no action will be applied at the container level.
KillProcess string
Captures []GetSecureManagedPolicyActionCapture: (Optional) Captures with Sysdig the stream of system calls:

container String: (Optional) The action applied to container when this Policy is triggered. Can be stop, pause or kill. If this is not specified, no action will be applied at the container level.
killProcess String
captures List<GetSecureManagedPolicyActionCapture>: (Optional) Captures with Sysdig the stream of system calls:

container string: (Optional) The action applied to container when this Policy is triggered. Can be stop, pause or kill. If this is not specified, no action will be applied at the container level.
killProcess string
captures GetSecureManagedPolicyActionCapture[]: (Optional) Captures with Sysdig the stream of system calls:

container str: (Optional) The action applied to container when this Policy is triggered. Can be stop, pause or kill. If this is not specified, no action will be applied at the container level.
kill_process str
captures Sequence[GetSecureManagedPolicyActionCapture]: (Optional) Captures with Sysdig the stream of system calls:

container String: (Optional) The action applied to container when this Policy is triggered. Can be stop, pause or kill. If this is not specified, no action will be applied at the container level.
killProcess String
captures List<Property Map>: (Optional) Captures with Sysdig the stream of system calls:

GetSecureManagedPolicyActionCapture

BucketName string: (Optional) Custom bucket to store capture in, bucket should be onboarded in Integrations > S3 Capture Storage. Default is to use Sysdig Secure Storage
Filter string: (Optional) Additional filter to apply to the capture. For example: proc.name=cat
Folder string: (Optional) Name of folder to store capture inside the bucket. By default we will store the capture file at the root of the bucket
Name string: The name of the Secure managed policy.
SecondsAfterEvent double: (Required) Captures the system calls for the amount of seconds after the policy was triggered.
SecondsBeforeEvent double: (Required) Captures the system calls during the amount of seconds before the policy was triggered.

BucketName string: (Optional) Custom bucket to store capture in, bucket should be onboarded in Integrations > S3 Capture Storage. Default is to use Sysdig Secure Storage
Filter string: (Optional) Additional filter to apply to the capture. For example: proc.name=cat
Folder string: (Optional) Name of folder to store capture inside the bucket. By default we will store the capture file at the root of the bucket
Name string: The name of the Secure managed policy.
SecondsAfterEvent float64: (Required) Captures the system calls for the amount of seconds after the policy was triggered.
SecondsBeforeEvent float64: (Required) Captures the system calls during the amount of seconds before the policy was triggered.

bucketName String: (Optional) Custom bucket to store capture in, bucket should be onboarded in Integrations > S3 Capture Storage. Default is to use Sysdig Secure Storage
filter String: (Optional) Additional filter to apply to the capture. For example: proc.name=cat
folder String: (Optional) Name of folder to store capture inside the bucket. By default we will store the capture file at the root of the bucket
name String: The name of the Secure managed policy.
secondsAfterEvent Double: (Required) Captures the system calls for the amount of seconds after the policy was triggered.
secondsBeforeEvent Double: (Required) Captures the system calls during the amount of seconds before the policy was triggered.

bucketName string: (Optional) Custom bucket to store capture in, bucket should be onboarded in Integrations > S3 Capture Storage. Default is to use Sysdig Secure Storage
filter string: (Optional) Additional filter to apply to the capture. For example: proc.name=cat
folder string: (Optional) Name of folder to store capture inside the bucket. By default we will store the capture file at the root of the bucket
name string: The name of the Secure managed policy.
secondsAfterEvent number: (Required) Captures the system calls for the amount of seconds after the policy was triggered.
secondsBeforeEvent number: (Required) Captures the system calls during the amount of seconds before the policy was triggered.

bucket_name str: (Optional) Custom bucket to store capture in, bucket should be onboarded in Integrations > S3 Capture Storage. Default is to use Sysdig Secure Storage
filter str: (Optional) Additional filter to apply to the capture. For example: proc.name=cat
folder str: (Optional) Name of folder to store capture inside the bucket. By default we will store the capture file at the root of the bucket
name str: The name of the Secure managed policy.
seconds_after_event float: (Required) Captures the system calls for the amount of seconds after the policy was triggered.
seconds_before_event float: (Required) Captures the system calls during the amount of seconds before the policy was triggered.

bucketName String: (Optional) Custom bucket to store capture in, bucket should be onboarded in Integrations > S3 Capture Storage. Default is to use Sysdig Secure Storage
filter String: (Optional) Additional filter to apply to the capture. For example: proc.name=cat
folder String: (Optional) Name of folder to store capture inside the bucket. By default we will store the capture file at the root of the bucket
name String: The name of the Secure managed policy.
secondsAfterEvent Number: (Required) Captures the system calls for the amount of seconds after the policy was triggered.
secondsBeforeEvent Number: (Required) Captures the system calls during the amount of seconds before the policy was triggered.

GetSecureManagedPolicyRule

Enabled bool: Whether the policy is enabled or not.
Name string: The name of the Secure managed policy.

Enabled bool: Whether the policy is enabled or not.
Name string: The name of the Secure managed policy.

enabled Boolean: Whether the policy is enabled or not.
name String: The name of the Secure managed policy.

enabled boolean: Whether the policy is enabled or not.
name string: The name of the Secure managed policy.

enabled bool: Whether the policy is enabled or not.
name str: The name of the Secure managed policy.

enabled Boolean: Whether the policy is enabled or not.
name String: The name of the Secure managed policy.

GetSecureManagedPolicyTimeouts

Read string

Read string

read String

read string

read str

read String

Package Details

Repository: sysdig sysdiglabs/terraform-provider-sysdig
License
Notes: This Pulumi package is based on the sysdig Terraform Provider.

Viewing docs for sysdig 3.5.0
published on Friday, Mar 6, 2026 by sysdiglabs

Schema (JSON)

sysdiglabs/terraform-provider-sysdig

sysdig.getSecureManagedPolicy

On this page

On this page

Example Usage

Using getSecureManagedPolicy

getSecureManagedPolicy Result

Supporting Types

GetSecureManagedPolicyAction

GetSecureManagedPolicyActionCapture

GetSecureManagedPolicyRule

GetSecureManagedPolicyTimeouts

Package Details

On this page

On this page