1. Packages
  2. Azure Native v1
  3. API Docs
  4. securityinsights
  5. MicrosoftSecurityIncidentCreationAlertRule
These are the docs for Azure Native v1. We recommenend using the latest version, Azure Native v2.
Azure Native v1 v1.104.0 published on Thursday, Jul 6, 2023 by Pulumi

azure-native.securityinsights.MicrosoftSecurityIncidentCreationAlertRule

Explore with Pulumi AI

azure-native-v1 logo
These are the docs for Azure Native v1. We recommenend using the latest version, Azure Native v2.
Azure Native v1 v1.104.0 published on Thursday, Jul 6, 2023 by Pulumi

    Represents MicrosoftSecurityIncidentCreation rule. API Version: 2020-01-01.

    Example Usage

    Creates or updates a Fusion alert rule.

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureNative = Pulumi.AzureNative;
    
    return await Deployment.RunAsync(() => 
    {
        var microsoftSecurityIncidentCreationAlertRule = new AzureNative.SecurityInsights.MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRule", new()
        {
            ResourceGroupName = "myRg",
            RuleId = "myFirstFusionRule",
            WorkspaceName = "myWorkspace",
        });
    
    });
    
    package main
    
    import (
    	securityinsights "github.com/pulumi/pulumi-azure-native-sdk/securityinsights"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := securityinsights.NewMicrosoftSecurityIncidentCreationAlertRule(ctx, "microsoftSecurityIncidentCreationAlertRule", &securityinsights.MicrosoftSecurityIncidentCreationAlertRuleArgs{
    			ResourceGroupName: pulumi.String("myRg"),
    			RuleId:            pulumi.String("myFirstFusionRule"),
    			WorkspaceName:     pulumi.String("myWorkspace"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azurenative.securityinsights.MicrosoftSecurityIncidentCreationAlertRule;
    import com.pulumi.azurenative.securityinsights.MicrosoftSecurityIncidentCreationAlertRuleArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var microsoftSecurityIncidentCreationAlertRule = new MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRule", MicrosoftSecurityIncidentCreationAlertRuleArgs.builder()        
                .resourceGroupName("myRg")
                .ruleId("myFirstFusionRule")
                .workspaceName("myWorkspace")
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_azure_native as azure_native
    
    microsoft_security_incident_creation_alert_rule = azure_native.securityinsights.MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRule",
        resource_group_name="myRg",
        rule_id="myFirstFusionRule",
        workspace_name="myWorkspace")
    
    import * as pulumi from "@pulumi/pulumi";
    import * as azure_native from "@pulumi/azure-native";
    
    const microsoftSecurityIncidentCreationAlertRule = new azure_native.securityinsights.MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRule", {
        resourceGroupName: "myRg",
        ruleId: "myFirstFusionRule",
        workspaceName: "myWorkspace",
    });
    
    resources:
      microsoftSecurityIncidentCreationAlertRule:
        type: azure-native:securityinsights:MicrosoftSecurityIncidentCreationAlertRule
        properties:
          resourceGroupName: myRg
          ruleId: myFirstFusionRule
          workspaceName: myWorkspace
    

    Creates or updates a MicrosoftSecurityIncidentCreation rule.

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureNative = Pulumi.AzureNative;
    
    return await Deployment.RunAsync(() => 
    {
        var microsoftSecurityIncidentCreationAlertRule = new AzureNative.SecurityInsights.MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRule", new()
        {
            DisplayName = "testing displayname",
            Enabled = true,
            Kind = "MicrosoftSecurityIncidentCreation",
            ProductFilter = "Microsoft Cloud App Security",
            ResourceGroupName = "myRg",
            RuleId = "microsoftSecurityIncidentCreationRuleExample",
            WorkspaceName = "myWorkspace",
        });
    
    });
    
    package main
    
    import (
    	securityinsights "github.com/pulumi/pulumi-azure-native-sdk/securityinsights"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := securityinsights.NewMicrosoftSecurityIncidentCreationAlertRule(ctx, "microsoftSecurityIncidentCreationAlertRule", &securityinsights.MicrosoftSecurityIncidentCreationAlertRuleArgs{
    			DisplayName:       pulumi.String("testing displayname"),
    			Enabled:           pulumi.Bool(true),
    			Kind:              pulumi.String("MicrosoftSecurityIncidentCreation"),
    			ProductFilter:     pulumi.String("Microsoft Cloud App Security"),
    			ResourceGroupName: pulumi.String("myRg"),
    			RuleId:            pulumi.String("microsoftSecurityIncidentCreationRuleExample"),
    			WorkspaceName:     pulumi.String("myWorkspace"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azurenative.securityinsights.MicrosoftSecurityIncidentCreationAlertRule;
    import com.pulumi.azurenative.securityinsights.MicrosoftSecurityIncidentCreationAlertRuleArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var microsoftSecurityIncidentCreationAlertRule = new MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRule", MicrosoftSecurityIncidentCreationAlertRuleArgs.builder()        
                .displayName("testing displayname")
                .enabled(true)
                .kind("MicrosoftSecurityIncidentCreation")
                .productFilter("Microsoft Cloud App Security")
                .resourceGroupName("myRg")
                .ruleId("microsoftSecurityIncidentCreationRuleExample")
                .workspaceName("myWorkspace")
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_azure_native as azure_native
    
    microsoft_security_incident_creation_alert_rule = azure_native.securityinsights.MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRule",
        display_name="testing displayname",
        enabled=True,
        kind="MicrosoftSecurityIncidentCreation",
        product_filter="Microsoft Cloud App Security",
        resource_group_name="myRg",
        rule_id="microsoftSecurityIncidentCreationRuleExample",
        workspace_name="myWorkspace")
    
    import * as pulumi from "@pulumi/pulumi";
    import * as azure_native from "@pulumi/azure-native";
    
    const microsoftSecurityIncidentCreationAlertRule = new azure_native.securityinsights.MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRule", {
        displayName: "testing displayname",
        enabled: true,
        kind: "MicrosoftSecurityIncidentCreation",
        productFilter: "Microsoft Cloud App Security",
        resourceGroupName: "myRg",
        ruleId: "microsoftSecurityIncidentCreationRuleExample",
        workspaceName: "myWorkspace",
    });
    
    resources:
      microsoftSecurityIncidentCreationAlertRule:
        type: azure-native:securityinsights:MicrosoftSecurityIncidentCreationAlertRule
        properties:
          displayName: testing displayname
          enabled: true
          kind: MicrosoftSecurityIncidentCreation
          productFilter: Microsoft Cloud App Security
          resourceGroupName: myRg
          ruleId: microsoftSecurityIncidentCreationRuleExample
          workspaceName: myWorkspace
    

    Creates or updates a Scheduled alert rule.

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AzureNative = Pulumi.AzureNative;
    
    return await Deployment.RunAsync(() => 
    {
        var microsoftSecurityIncidentCreationAlertRule = new AzureNative.SecurityInsights.MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRule", new()
        {
            ResourceGroupName = "myRg",
            RuleId = "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
            WorkspaceName = "myWorkspace",
        });
    
    });
    
    package main
    
    import (
    	securityinsights "github.com/pulumi/pulumi-azure-native-sdk/securityinsights"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := securityinsights.NewMicrosoftSecurityIncidentCreationAlertRule(ctx, "microsoftSecurityIncidentCreationAlertRule", &securityinsights.MicrosoftSecurityIncidentCreationAlertRuleArgs{
    			ResourceGroupName: pulumi.String("myRg"),
    			RuleId:            pulumi.String("73e01a99-5cd7-4139-a149-9f2736ff2ab5"),
    			WorkspaceName:     pulumi.String("myWorkspace"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azurenative.securityinsights.MicrosoftSecurityIncidentCreationAlertRule;
    import com.pulumi.azurenative.securityinsights.MicrosoftSecurityIncidentCreationAlertRuleArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var microsoftSecurityIncidentCreationAlertRule = new MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRule", MicrosoftSecurityIncidentCreationAlertRuleArgs.builder()        
                .resourceGroupName("myRg")
                .ruleId("73e01a99-5cd7-4139-a149-9f2736ff2ab5")
                .workspaceName("myWorkspace")
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_azure_native as azure_native
    
    microsoft_security_incident_creation_alert_rule = azure_native.securityinsights.MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRule",
        resource_group_name="myRg",
        rule_id="73e01a99-5cd7-4139-a149-9f2736ff2ab5",
        workspace_name="myWorkspace")
    
    import * as pulumi from "@pulumi/pulumi";
    import * as azure_native from "@pulumi/azure-native";
    
    const microsoftSecurityIncidentCreationAlertRule = new azure_native.securityinsights.MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRule", {
        resourceGroupName: "myRg",
        ruleId: "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
        workspaceName: "myWorkspace",
    });
    
    resources:
      microsoftSecurityIncidentCreationAlertRule:
        type: azure-native:securityinsights:MicrosoftSecurityIncidentCreationAlertRule
        properties:
          resourceGroupName: myRg
          ruleId: 73e01a99-5cd7-4139-a149-9f2736ff2ab5
          workspaceName: myWorkspace
    

    Create MicrosoftSecurityIncidentCreationAlertRule Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new MicrosoftSecurityIncidentCreationAlertRule(name: string, args: MicrosoftSecurityIncidentCreationAlertRuleArgs, opts?: CustomResourceOptions);
    @overload
    def MicrosoftSecurityIncidentCreationAlertRule(resource_name: str,
                                                   args: MicrosoftSecurityIncidentCreationAlertRuleArgs,
                                                   opts: Optional[ResourceOptions] = None)
    
    @overload
    def MicrosoftSecurityIncidentCreationAlertRule(resource_name: str,
                                                   opts: Optional[ResourceOptions] = None,
                                                   display_name: Optional[str] = None,
                                                   enabled: Optional[bool] = None,
                                                   product_filter: Optional[Union[str, MicrosoftSecurityProductName]] = None,
                                                   resource_group_name: Optional[str] = None,
                                                   workspace_name: Optional[str] = None,
                                                   alert_rule_template_name: Optional[str] = None,
                                                   description: Optional[str] = None,
                                                   display_names_exclude_filter: Optional[Sequence[str]] = None,
                                                   display_names_filter: Optional[Sequence[str]] = None,
                                                   rule_id: Optional[str] = None,
                                                   severities_filter: Optional[Sequence[Union[str, AlertSeverity]]] = None)
    func NewMicrosoftSecurityIncidentCreationAlertRule(ctx *Context, name string, args MicrosoftSecurityIncidentCreationAlertRuleArgs, opts ...ResourceOption) (*MicrosoftSecurityIncidentCreationAlertRule, error)
    public MicrosoftSecurityIncidentCreationAlertRule(string name, MicrosoftSecurityIncidentCreationAlertRuleArgs args, CustomResourceOptions? opts = null)
    public MicrosoftSecurityIncidentCreationAlertRule(String name, MicrosoftSecurityIncidentCreationAlertRuleArgs args)
    public MicrosoftSecurityIncidentCreationAlertRule(String name, MicrosoftSecurityIncidentCreationAlertRuleArgs args, CustomResourceOptions options)
    
    type: azure-native:securityinsights:MicrosoftSecurityIncidentCreationAlertRule
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args MicrosoftSecurityIncidentCreationAlertRuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args MicrosoftSecurityIncidentCreationAlertRuleArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args MicrosoftSecurityIncidentCreationAlertRuleArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args MicrosoftSecurityIncidentCreationAlertRuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args MicrosoftSecurityIncidentCreationAlertRuleArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var microsoftSecurityIncidentCreationAlertRuleResource = new AzureNative.Securityinsights.MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRuleResource", new()
    {
        DisplayName = "string",
        Enabled = false,
        Kind = "string",
        ProductFilter = "string",
        ResourceGroupName = "string",
        WorkspaceName = "string",
        AlertRuleTemplateName = "string",
        Description = "string",
        DisplayNamesExcludeFilter = new[]
        {
            "string",
        },
        DisplayNamesFilter = new[]
        {
            "string",
        },
        RuleId = "string",
        SeveritiesFilter = new[]
        {
            "string",
        },
    });
    
    example, err := securityinsights.NewMicrosoftSecurityIncidentCreationAlertRule(ctx, "microsoftSecurityIncidentCreationAlertRuleResource", &securityinsights.MicrosoftSecurityIncidentCreationAlertRuleArgs{
    	DisplayName:           "string",
    	Enabled:               false,
    	Kind:                  "string",
    	ProductFilter:         "string",
    	ResourceGroupName:     "string",
    	WorkspaceName:         "string",
    	AlertRuleTemplateName: "string",
    	Description:           "string",
    	DisplayNamesExcludeFilter: []string{
    		"string",
    	},
    	DisplayNamesFilter: []string{
    		"string",
    	},
    	RuleId: "string",
    	SeveritiesFilter: []string{
    		"string",
    	},
    })
    
    var microsoftSecurityIncidentCreationAlertRuleResource = new MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRuleResource", MicrosoftSecurityIncidentCreationAlertRuleArgs.builder()
        .displayName("string")
        .enabled(false)
        .kind("string")
        .productFilter("string")
        .resourceGroupName("string")
        .workspaceName("string")
        .alertRuleTemplateName("string")
        .description("string")
        .displayNamesExcludeFilter("string")
        .displayNamesFilter("string")
        .ruleId("string")
        .severitiesFilter("string")
        .build());
    
    microsoft_security_incident_creation_alert_rule_resource = azure_native.securityinsights.MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRuleResource",
        display_name=string,
        enabled=False,
        kind=string,
        product_filter=string,
        resource_group_name=string,
        workspace_name=string,
        alert_rule_template_name=string,
        description=string,
        display_names_exclude_filter=[string],
        display_names_filter=[string],
        rule_id=string,
        severities_filter=[string])
    
    const microsoftSecurityIncidentCreationAlertRuleResource = new azure_native.securityinsights.MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRuleResource", {
        displayName: "string",
        enabled: false,
        kind: "string",
        productFilter: "string",
        resourceGroupName: "string",
        workspaceName: "string",
        alertRuleTemplateName: "string",
        description: "string",
        displayNamesExcludeFilter: ["string"],
        displayNamesFilter: ["string"],
        ruleId: "string",
        severitiesFilter: ["string"],
    });
    
    type: azure-native:securityinsights:MicrosoftSecurityIncidentCreationAlertRule
    properties:
        alertRuleTemplateName: string
        description: string
        displayName: string
        displayNamesExcludeFilter:
            - string
        displayNamesFilter:
            - string
        enabled: false
        kind: string
        productFilter: string
        resourceGroupName: string
        ruleId: string
        severitiesFilter:
            - string
        workspaceName: string
    

    MicrosoftSecurityIncidentCreationAlertRule Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The MicrosoftSecurityIncidentCreationAlertRule resource accepts the following input properties:

    DisplayName string
    The display name for alerts created by this alert rule.
    Enabled bool
    Determines whether this alert rule is enabled or disabled.
    ProductFilter string | Pulumi.AzureNative.SecurityInsights.MicrosoftSecurityProductName
    The alerts' productName on which the cases will be generated
    ResourceGroupName string
    The name of the resource group within the user's subscription. The name is case insensitive.
    WorkspaceName string
    The name of the workspace.
    AlertRuleTemplateName string
    The Name of the alert rule template used to create this rule.
    Description string
    The description of the alert rule.
    DisplayNamesExcludeFilter List<string>
    the alerts' displayNames on which the cases will not be generated
    DisplayNamesFilter List<string>
    the alerts' displayNames on which the cases will be generated
    RuleId string
    Alert rule ID
    SeveritiesFilter List<Union<string, Pulumi.AzureNative.SecurityInsights.AlertSeverity>>
    the alerts' severities on which the cases will be generated
    DisplayName string
    The display name for alerts created by this alert rule.
    Enabled bool
    Determines whether this alert rule is enabled or disabled.
    ProductFilter string | MicrosoftSecurityProductName
    The alerts' productName on which the cases will be generated
    ResourceGroupName string
    The name of the resource group within the user's subscription. The name is case insensitive.
    WorkspaceName string
    The name of the workspace.
    AlertRuleTemplateName string
    The Name of the alert rule template used to create this rule.
    Description string
    The description of the alert rule.
    DisplayNamesExcludeFilter []string
    the alerts' displayNames on which the cases will not be generated
    DisplayNamesFilter []string
    the alerts' displayNames on which the cases will be generated
    RuleId string
    Alert rule ID
    SeveritiesFilter []string
    the alerts' severities on which the cases will be generated
    displayName String
    The display name for alerts created by this alert rule.
    enabled Boolean
    Determines whether this alert rule is enabled or disabled.
    productFilter String | MicrosoftSecurityProductName
    The alerts' productName on which the cases will be generated
    resourceGroupName String
    The name of the resource group within the user's subscription. The name is case insensitive.
    workspaceName String
    The name of the workspace.
    alertRuleTemplateName String
    The Name of the alert rule template used to create this rule.
    description String
    The description of the alert rule.
    displayNamesExcludeFilter List<String>
    the alerts' displayNames on which the cases will not be generated
    displayNamesFilter List<String>
    the alerts' displayNames on which the cases will be generated
    ruleId String
    Alert rule ID
    severitiesFilter List<Either<String,AlertSeverity>>
    the alerts' severities on which the cases will be generated
    displayName string
    The display name for alerts created by this alert rule.
    enabled boolean
    Determines whether this alert rule is enabled or disabled.
    productFilter string | MicrosoftSecurityProductName
    The alerts' productName on which the cases will be generated
    resourceGroupName string
    The name of the resource group within the user's subscription. The name is case insensitive.
    workspaceName string
    The name of the workspace.
    alertRuleTemplateName string
    The Name of the alert rule template used to create this rule.
    description string
    The description of the alert rule.
    displayNamesExcludeFilter string[]
    the alerts' displayNames on which the cases will not be generated
    displayNamesFilter string[]
    the alerts' displayNames on which the cases will be generated
    ruleId string
    Alert rule ID
    severitiesFilter (string | AlertSeverity)[]
    the alerts' severities on which the cases will be generated
    display_name str
    The display name for alerts created by this alert rule.
    enabled bool
    Determines whether this alert rule is enabled or disabled.
    product_filter str | MicrosoftSecurityProductName
    The alerts' productName on which the cases will be generated
    resource_group_name str
    The name of the resource group within the user's subscription. The name is case insensitive.
    workspace_name str
    The name of the workspace.
    alert_rule_template_name str
    The Name of the alert rule template used to create this rule.
    description str
    The description of the alert rule.
    display_names_exclude_filter Sequence[str]
    the alerts' displayNames on which the cases will not be generated
    display_names_filter Sequence[str]
    the alerts' displayNames on which the cases will be generated
    rule_id str
    Alert rule ID
    severities_filter Sequence[Union[str, AlertSeverity]]
    the alerts' severities on which the cases will be generated
    displayName String
    The display name for alerts created by this alert rule.
    enabled Boolean
    Determines whether this alert rule is enabled or disabled.
    productFilter String | "Microsoft Cloud App Security" | "Azure Security Center" | "Azure Advanced Threat Protection" | "Azure Active Directory Identity Protection" | "Azure Security Center for IoT"
    The alerts' productName on which the cases will be generated
    resourceGroupName String
    The name of the resource group within the user's subscription. The name is case insensitive.
    workspaceName String
    The name of the workspace.
    alertRuleTemplateName String
    The Name of the alert rule template used to create this rule.
    description String
    The description of the alert rule.
    displayNamesExcludeFilter List<String>
    the alerts' displayNames on which the cases will not be generated
    displayNamesFilter List<String>
    the alerts' displayNames on which the cases will be generated
    ruleId String
    Alert rule ID
    severitiesFilter List<String | "High" | "Medium" | "Low" | "Informational">
    the alerts' severities on which the cases will be generated

    Outputs

    All input properties are implicitly available as output properties. Additionally, the MicrosoftSecurityIncidentCreationAlertRule resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    LastModifiedUtc string
    The last time that this alert has been modified.
    Name string
    Azure resource name
    Type string
    Azure resource type
    Etag string
    Etag of the azure resource
    Id string
    The provider-assigned unique ID for this managed resource.
    LastModifiedUtc string
    The last time that this alert has been modified.
    Name string
    Azure resource name
    Type string
    Azure resource type
    Etag string
    Etag of the azure resource
    id String
    The provider-assigned unique ID for this managed resource.
    lastModifiedUtc String
    The last time that this alert has been modified.
    name String
    Azure resource name
    type String
    Azure resource type
    etag String
    Etag of the azure resource
    id string
    The provider-assigned unique ID for this managed resource.
    lastModifiedUtc string
    The last time that this alert has been modified.
    name string
    Azure resource name
    type string
    Azure resource type
    etag string
    Etag of the azure resource
    id str
    The provider-assigned unique ID for this managed resource.
    last_modified_utc str
    The last time that this alert has been modified.
    name str
    Azure resource name
    type str
    Azure resource type
    etag str
    Etag of the azure resource
    id String
    The provider-assigned unique ID for this managed resource.
    lastModifiedUtc String
    The last time that this alert has been modified.
    name String
    Azure resource name
    type String
    Azure resource type
    etag String
    Etag of the azure resource

    Supporting Types

    AlertSeverity, AlertSeverityArgs

    High
    HighHigh severity
    Medium
    MediumMedium severity
    Low
    LowLow severity
    Informational
    InformationalInformational severity
    AlertSeverityHigh
    HighHigh severity
    AlertSeverityMedium
    MediumMedium severity
    AlertSeverityLow
    LowLow severity
    AlertSeverityInformational
    InformationalInformational severity
    High
    HighHigh severity
    Medium
    MediumMedium severity
    Low
    LowLow severity
    Informational
    InformationalInformational severity
    High
    HighHigh severity
    Medium
    MediumMedium severity
    Low
    LowLow severity
    Informational
    InformationalInformational severity
    HIGH
    HighHigh severity
    MEDIUM
    MediumMedium severity
    LOW
    LowLow severity
    INFORMATIONAL
    InformationalInformational severity
    "High"
    HighHigh severity
    "Medium"
    MediumMedium severity
    "Low"
    LowLow severity
    "Informational"
    InformationalInformational severity

    MicrosoftSecurityProductName, MicrosoftSecurityProductNameArgs

    Microsoft_Cloud_App_Security
    Microsoft Cloud App Security
    Azure_Security_Center
    Azure Security Center
    Azure_Advanced_Threat_Protection
    Azure Advanced Threat Protection
    Azure_Active_Directory_Identity_Protection
    Azure Active Directory Identity Protection
    Azure_Security_Center_for_IoT
    Azure Security Center for IoT
    MicrosoftSecurityProductName_Microsoft_Cloud_App_Security
    Microsoft Cloud App Security
    MicrosoftSecurityProductName_Azure_Security_Center
    Azure Security Center
    MicrosoftSecurityProductName_Azure_Advanced_Threat_Protection
    Azure Advanced Threat Protection
    MicrosoftSecurityProductName_Azure_Active_Directory_Identity_Protection
    Azure Active Directory Identity Protection
    MicrosoftSecurityProductName_Azure_Security_Center_for_IoT
    Azure Security Center for IoT
    Microsoft_Cloud_App_Security
    Microsoft Cloud App Security
    Azure_Security_Center
    Azure Security Center
    Azure_Advanced_Threat_Protection
    Azure Advanced Threat Protection
    Azure_Active_Directory_Identity_Protection
    Azure Active Directory Identity Protection
    Azure_Security_Center_for_IoT
    Azure Security Center for IoT
    Microsoft_Cloud_App_Security
    Microsoft Cloud App Security
    Azure_Security_Center
    Azure Security Center
    Azure_Advanced_Threat_Protection
    Azure Advanced Threat Protection
    Azure_Active_Directory_Identity_Protection
    Azure Active Directory Identity Protection
    Azure_Security_Center_for_IoT
    Azure Security Center for IoT
    MICROSOFT_CLOUD_APP_SECURITY
    Microsoft Cloud App Security
    AZURE_SECURITY_CENTER
    Azure Security Center
    AZURE_ADVANCED_THREAT_PROTECTION
    Azure Advanced Threat Protection
    AZURE_ACTIVE_DIRECTORY_IDENTITY_PROTECTION
    Azure Active Directory Identity Protection
    AZURE_SECURITY_CENTER_FOR_IO_T
    Azure Security Center for IoT
    "Microsoft Cloud App Security"
    Microsoft Cloud App Security
    "Azure Security Center"
    Azure Security Center
    "Azure Advanced Threat Protection"
    Azure Advanced Threat Protection
    "Azure Active Directory Identity Protection"
    Azure Active Directory Identity Protection
    "Azure Security Center for IoT"
    Azure Security Center for IoT

    Import

    An existing resource can be imported using its type token, name, and identifier, e.g.

    $ pulumi import azure-native:securityinsights:MicrosoftSecurityIncidentCreationAlertRule 73e01a99-5cd7-4139-a149-9f2736ff2ab5 /subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/73e01a99-5cd7-4139-a149-9f2736ff2ab5 
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    azure-native-v1 pulumi/pulumi-azure-native
    License
    Apache-2.0
    azure-native-v1 logo
    These are the docs for Azure Native v1. We recommenend using the latest version, Azure Native v2.
    Azure Native v1 v1.104.0 published on Thursday, Jul 6, 2023 by Pulumi