azure-native.security.CustomRecommendation
Explore with Pulumi AI
Custom Recommendation Azure REST API version: 2024-08-01.
Example Usage
Create or update custom recommendation over management group scope
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var customRecommendation = new AzureNative.Security.CustomRecommendation("customRecommendation", new()
{
CloudProviders = new[]
{
AzureNative.Security.RecommendationSupportedClouds.AWS,
},
CustomRecommendationName = "33e7cc6e-a139-4723-a0e5-76993aee0771",
Description = "organization passwords policy",
DisplayName = "Password Policy",
Query = "RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')",
RemediationDescription = "Change password policy to...",
Scope = "providers/Microsoft.Management/managementGroups/contoso",
SecurityIssue = AzureNative.Security.SecurityIssue.Vulnerability,
Severity = AzureNative.Security.SeverityEnum.Medium,
});
});
package main
import (
security "github.com/pulumi/pulumi-azure-native-sdk/security/v2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := security.NewCustomRecommendation(ctx, "customRecommendation", &security.CustomRecommendationArgs{
CloudProviders: pulumi.StringArray{
pulumi.String(security.RecommendationSupportedCloudsAWS),
},
CustomRecommendationName: pulumi.String("33e7cc6e-a139-4723-a0e5-76993aee0771"),
Description: pulumi.String("organization passwords policy"),
DisplayName: pulumi.String("Password Policy"),
Query: pulumi.String("RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')"),
RemediationDescription: pulumi.String("Change password policy to..."),
Scope: pulumi.String("providers/Microsoft.Management/managementGroups/contoso"),
SecurityIssue: pulumi.String(security.SecurityIssueVulnerability),
Severity: pulumi.String(security.SeverityEnumMedium),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.CustomRecommendation;
import com.pulumi.azurenative.security.CustomRecommendationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var customRecommendation = new CustomRecommendation("customRecommendation", CustomRecommendationArgs.builder()
.cloudProviders("AWS")
.customRecommendationName("33e7cc6e-a139-4723-a0e5-76993aee0771")
.description("organization passwords policy")
.displayName("Password Policy")
.query("RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')")
.remediationDescription("Change password policy to...")
.scope("providers/Microsoft.Management/managementGroups/contoso")
.securityIssue("Vulnerability")
.severity("Medium")
.build());
}
}
import pulumi
import pulumi_azure_native as azure_native
custom_recommendation = azure_native.security.CustomRecommendation("customRecommendation",
cloud_providers=[azure_native.security.RecommendationSupportedClouds.AWS],
custom_recommendation_name="33e7cc6e-a139-4723-a0e5-76993aee0771",
description="organization passwords policy",
display_name="Password Policy",
query="RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')",
remediation_description="Change password policy to...",
scope="providers/Microsoft.Management/managementGroups/contoso",
security_issue=azure_native.security.SecurityIssue.VULNERABILITY,
severity=azure_native.security.SeverityEnum.MEDIUM)
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const customRecommendation = new azure_native.security.CustomRecommendation("customRecommendation", {
cloudProviders: [azure_native.security.RecommendationSupportedClouds.AWS],
customRecommendationName: "33e7cc6e-a139-4723-a0e5-76993aee0771",
description: "organization passwords policy",
displayName: "Password Policy",
query: "RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')",
remediationDescription: "Change password policy to...",
scope: "providers/Microsoft.Management/managementGroups/contoso",
securityIssue: azure_native.security.SecurityIssue.Vulnerability,
severity: azure_native.security.SeverityEnum.Medium,
});
resources:
customRecommendation:
type: azure-native:security:CustomRecommendation
properties:
cloudProviders:
- AWS
customRecommendationName: 33e7cc6e-a139-4723-a0e5-76993aee0771
description: organization passwords policy
displayName: Password Policy
query: RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')
remediationDescription: Change password policy to...
scope: providers/Microsoft.Management/managementGroups/contoso
securityIssue: Vulnerability
severity: Medium
Create or update custom recommendation over security connector scope
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var customRecommendation = new AzureNative.Security.CustomRecommendation("customRecommendation", new()
{
CloudProviders = new[]
{
AzureNative.Security.RecommendationSupportedClouds.AWS,
},
CustomRecommendationName = "33e7cc6e-a139-4723-a0e5-76993aee0771",
Description = "organization passwords policy",
DisplayName = "Password Policy",
Query = "RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')",
RemediationDescription = "Change password policy to...",
Scope = "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector",
SecurityIssue = AzureNative.Security.SecurityIssue.Vulnerability,
Severity = AzureNative.Security.SeverityEnum.Medium,
});
});
package main
import (
security "github.com/pulumi/pulumi-azure-native-sdk/security/v2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := security.NewCustomRecommendation(ctx, "customRecommendation", &security.CustomRecommendationArgs{
CloudProviders: pulumi.StringArray{
pulumi.String(security.RecommendationSupportedCloudsAWS),
},
CustomRecommendationName: pulumi.String("33e7cc6e-a139-4723-a0e5-76993aee0771"),
Description: pulumi.String("organization passwords policy"),
DisplayName: pulumi.String("Password Policy"),
Query: pulumi.String("RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')"),
RemediationDescription: pulumi.String("Change password policy to..."),
Scope: pulumi.String("subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector"),
SecurityIssue: pulumi.String(security.SecurityIssueVulnerability),
Severity: pulumi.String(security.SeverityEnumMedium),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.CustomRecommendation;
import com.pulumi.azurenative.security.CustomRecommendationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var customRecommendation = new CustomRecommendation("customRecommendation", CustomRecommendationArgs.builder()
.cloudProviders("AWS")
.customRecommendationName("33e7cc6e-a139-4723-a0e5-76993aee0771")
.description("organization passwords policy")
.displayName("Password Policy")
.query("RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')")
.remediationDescription("Change password policy to...")
.scope("subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector")
.securityIssue("Vulnerability")
.severity("Medium")
.build());
}
}
import pulumi
import pulumi_azure_native as azure_native
custom_recommendation = azure_native.security.CustomRecommendation("customRecommendation",
cloud_providers=[azure_native.security.RecommendationSupportedClouds.AWS],
custom_recommendation_name="33e7cc6e-a139-4723-a0e5-76993aee0771",
description="organization passwords policy",
display_name="Password Policy",
query="RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')",
remediation_description="Change password policy to...",
scope="subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector",
security_issue=azure_native.security.SecurityIssue.VULNERABILITY,
severity=azure_native.security.SeverityEnum.MEDIUM)
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const customRecommendation = new azure_native.security.CustomRecommendation("customRecommendation", {
cloudProviders: [azure_native.security.RecommendationSupportedClouds.AWS],
customRecommendationName: "33e7cc6e-a139-4723-a0e5-76993aee0771",
description: "organization passwords policy",
displayName: "Password Policy",
query: "RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')",
remediationDescription: "Change password policy to...",
scope: "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector",
securityIssue: azure_native.security.SecurityIssue.Vulnerability,
severity: azure_native.security.SeverityEnum.Medium,
});
resources:
customRecommendation:
type: azure-native:security:CustomRecommendation
properties:
cloudProviders:
- AWS
customRecommendationName: 33e7cc6e-a139-4723-a0e5-76993aee0771
description: organization passwords policy
displayName: Password Policy
query: RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')
remediationDescription: Change password policy to...
scope: subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector
securityIssue: Vulnerability
severity: Medium
Create or update custom recommendation over subscription scope
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var customRecommendation = new AzureNative.Security.CustomRecommendation("customRecommendation", new()
{
CloudProviders = new[]
{
AzureNative.Security.RecommendationSupportedClouds.AWS,
},
CustomRecommendationName = "33e7cc6e-a139-4723-a0e5-76993aee0771",
Description = "organization passwords policy",
DisplayName = "Password Policy",
Query = "RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')",
RemediationDescription = "Change password policy to...",
Scope = "subscriptions/e5d1b86c-3051-44d5-8802-aa65d45a279b",
SecurityIssue = AzureNative.Security.SecurityIssue.Vulnerability,
Severity = AzureNative.Security.SeverityEnum.Medium,
});
});
package main
import (
security "github.com/pulumi/pulumi-azure-native-sdk/security/v2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := security.NewCustomRecommendation(ctx, "customRecommendation", &security.CustomRecommendationArgs{
CloudProviders: pulumi.StringArray{
pulumi.String(security.RecommendationSupportedCloudsAWS),
},
CustomRecommendationName: pulumi.String("33e7cc6e-a139-4723-a0e5-76993aee0771"),
Description: pulumi.String("organization passwords policy"),
DisplayName: pulumi.String("Password Policy"),
Query: pulumi.String("RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')"),
RemediationDescription: pulumi.String("Change password policy to..."),
Scope: pulumi.String("subscriptions/e5d1b86c-3051-44d5-8802-aa65d45a279b"),
SecurityIssue: pulumi.String(security.SecurityIssueVulnerability),
Severity: pulumi.String(security.SeverityEnumMedium),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.CustomRecommendation;
import com.pulumi.azurenative.security.CustomRecommendationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var customRecommendation = new CustomRecommendation("customRecommendation", CustomRecommendationArgs.builder()
.cloudProviders("AWS")
.customRecommendationName("33e7cc6e-a139-4723-a0e5-76993aee0771")
.description("organization passwords policy")
.displayName("Password Policy")
.query("RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')")
.remediationDescription("Change password policy to...")
.scope("subscriptions/e5d1b86c-3051-44d5-8802-aa65d45a279b")
.securityIssue("Vulnerability")
.severity("Medium")
.build());
}
}
import pulumi
import pulumi_azure_native as azure_native
custom_recommendation = azure_native.security.CustomRecommendation("customRecommendation",
cloud_providers=[azure_native.security.RecommendationSupportedClouds.AWS],
custom_recommendation_name="33e7cc6e-a139-4723-a0e5-76993aee0771",
description="organization passwords policy",
display_name="Password Policy",
query="RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')",
remediation_description="Change password policy to...",
scope="subscriptions/e5d1b86c-3051-44d5-8802-aa65d45a279b",
security_issue=azure_native.security.SecurityIssue.VULNERABILITY,
severity=azure_native.security.SeverityEnum.MEDIUM)
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const customRecommendation = new azure_native.security.CustomRecommendation("customRecommendation", {
cloudProviders: [azure_native.security.RecommendationSupportedClouds.AWS],
customRecommendationName: "33e7cc6e-a139-4723-a0e5-76993aee0771",
description: "organization passwords policy",
displayName: "Password Policy",
query: "RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')",
remediationDescription: "Change password policy to...",
scope: "subscriptions/e5d1b86c-3051-44d5-8802-aa65d45a279b",
securityIssue: azure_native.security.SecurityIssue.Vulnerability,
severity: azure_native.security.SeverityEnum.Medium,
});
resources:
customRecommendation:
type: azure-native:security:CustomRecommendation
properties:
cloudProviders:
- AWS
customRecommendationName: 33e7cc6e-a139-4723-a0e5-76993aee0771
description: organization passwords policy
displayName: Password Policy
query: RawEntityMetadata | where Environment == 'GCP' and Identifiers.Type == 'compute.firewalls' | extend IslogConfigEnabled = tobool(Record.logConfig.enable) | extend HealthStatus = iff(IslogConfigEnabled, 'HEALTHY', 'UNHEALTHY')
remediationDescription: Change password policy to...
scope: subscriptions/e5d1b86c-3051-44d5-8802-aa65d45a279b
securityIssue: Vulnerability
severity: Medium
Create CustomRecommendation Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new CustomRecommendation(name: string, args: CustomRecommendationArgs, opts?: CustomResourceOptions);
@overload
def CustomRecommendation(resource_name: str,
args: CustomRecommendationArgs,
opts: Optional[ResourceOptions] = None)
@overload
def CustomRecommendation(resource_name: str,
opts: Optional[ResourceOptions] = None,
scope: Optional[str] = None,
cloud_providers: Optional[Sequence[Union[str, RecommendationSupportedClouds]]] = None,
custom_recommendation_name: Optional[str] = None,
description: Optional[str] = None,
display_name: Optional[str] = None,
query: Optional[str] = None,
remediation_description: Optional[str] = None,
security_issue: Optional[Union[str, SecurityIssue]] = None,
severity: Optional[Union[str, SeverityEnum]] = None)
func NewCustomRecommendation(ctx *Context, name string, args CustomRecommendationArgs, opts ...ResourceOption) (*CustomRecommendation, error)
public CustomRecommendation(string name, CustomRecommendationArgs args, CustomResourceOptions? opts = null)
public CustomRecommendation(String name, CustomRecommendationArgs args)
public CustomRecommendation(String name, CustomRecommendationArgs args, CustomResourceOptions options)
type: azure-native:security:CustomRecommendation
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args CustomRecommendationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args CustomRecommendationArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args CustomRecommendationArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CustomRecommendationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args CustomRecommendationArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var customRecommendationResource = new AzureNative.Security.CustomRecommendation("customRecommendationResource", new()
{
Scope = "string",
CloudProviders = new[]
{
"string",
},
CustomRecommendationName = "string",
Description = "string",
DisplayName = "string",
Query = "string",
RemediationDescription = "string",
SecurityIssue = "string",
Severity = "string",
});
example, err := security.NewCustomRecommendation(ctx, "customRecommendationResource", &security.CustomRecommendationArgs{
Scope: pulumi.String("string"),
CloudProviders: pulumi.StringArray{
pulumi.String("string"),
},
CustomRecommendationName: pulumi.String("string"),
Description: pulumi.String("string"),
DisplayName: pulumi.String("string"),
Query: pulumi.String("string"),
RemediationDescription: pulumi.String("string"),
SecurityIssue: pulumi.String("string"),
Severity: pulumi.String("string"),
})
var customRecommendationResource = new CustomRecommendation("customRecommendationResource", CustomRecommendationArgs.builder()
.scope("string")
.cloudProviders("string")
.customRecommendationName("string")
.description("string")
.displayName("string")
.query("string")
.remediationDescription("string")
.securityIssue("string")
.severity("string")
.build());
custom_recommendation_resource = azure_native.security.CustomRecommendation("customRecommendationResource",
scope="string",
cloud_providers=["string"],
custom_recommendation_name="string",
description="string",
display_name="string",
query="string",
remediation_description="string",
security_issue="string",
severity="string")
const customRecommendationResource = new azure_native.security.CustomRecommendation("customRecommendationResource", {
scope: "string",
cloudProviders: ["string"],
customRecommendationName: "string",
description: "string",
displayName: "string",
query: "string",
remediationDescription: "string",
securityIssue: "string",
severity: "string",
});
type: azure-native:security:CustomRecommendation
properties:
cloudProviders:
- string
customRecommendationName: string
description: string
displayName: string
query: string
remediationDescription: string
scope: string
securityIssue: string
severity: string
CustomRecommendation Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The CustomRecommendation resource accepts the following input properties:
- Scope string
- The scope of the custom recommendation. Valid scopes are: management group (format: 'providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: 'subscriptions/{subscriptionId}'), or security connector (format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName})'
- Cloud
Providers List<Union<string, Pulumi.Azure Native. Security. Recommendation Supported Clouds>> - List of all standard supported clouds.
- Custom
Recommendation stringName - Name of the Custom Recommendation.
- Description string
- The description to relate to the assessments generated by this Recommendation.
- Display
Name string - The display name of the assessments generated by this Recommendation.
- Query string
- KQL query representing the Recommendation results required.
- Remediation
Description string - The remediation description to relate to the assessments generated by this Recommendation.
- Security
Issue string | Pulumi.Azure Native. Security. Security Issue - The severity to relate to the assessments generated by this Recommendation.
- Severity
string | Pulumi.
Azure Native. Security. Severity Enum - The severity to relate to the assessments generated by this Recommendation.
- Scope string
- The scope of the custom recommendation. Valid scopes are: management group (format: 'providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: 'subscriptions/{subscriptionId}'), or security connector (format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName})'
- Cloud
Providers []string - List of all standard supported clouds.
- Custom
Recommendation stringName - Name of the Custom Recommendation.
- Description string
- The description to relate to the assessments generated by this Recommendation.
- Display
Name string - The display name of the assessments generated by this Recommendation.
- Query string
- KQL query representing the Recommendation results required.
- Remediation
Description string - The remediation description to relate to the assessments generated by this Recommendation.
- Security
Issue string | SecurityIssue - The severity to relate to the assessments generated by this Recommendation.
- Severity
string | Severity
Enum - The severity to relate to the assessments generated by this Recommendation.
- scope String
- The scope of the custom recommendation. Valid scopes are: management group (format: 'providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: 'subscriptions/{subscriptionId}'), or security connector (format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName})'
- cloud
Providers List<Either<String,RecommendationSupported Clouds>> - List of all standard supported clouds.
- custom
Recommendation StringName - Name of the Custom Recommendation.
- description String
- The description to relate to the assessments generated by this Recommendation.
- display
Name String - The display name of the assessments generated by this Recommendation.
- query String
- KQL query representing the Recommendation results required.
- remediation
Description String - The remediation description to relate to the assessments generated by this Recommendation.
- security
Issue String | SecurityIssue - The severity to relate to the assessments generated by this Recommendation.
- severity
String | Severity
Enum - The severity to relate to the assessments generated by this Recommendation.
- scope string
- The scope of the custom recommendation. Valid scopes are: management group (format: 'providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: 'subscriptions/{subscriptionId}'), or security connector (format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName})'
- cloud
Providers (string | RecommendationSupported Clouds)[] - List of all standard supported clouds.
- custom
Recommendation stringName - Name of the Custom Recommendation.
- description string
- The description to relate to the assessments generated by this Recommendation.
- display
Name string - The display name of the assessments generated by this Recommendation.
- query string
- KQL query representing the Recommendation results required.
- remediation
Description string - The remediation description to relate to the assessments generated by this Recommendation.
- security
Issue string | SecurityIssue - The severity to relate to the assessments generated by this Recommendation.
- severity
string | Severity
Enum - The severity to relate to the assessments generated by this Recommendation.
- scope str
- The scope of the custom recommendation. Valid scopes are: management group (format: 'providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: 'subscriptions/{subscriptionId}'), or security connector (format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName})'
- cloud_
providers Sequence[Union[str, RecommendationSupported Clouds]] - List of all standard supported clouds.
- custom_
recommendation_ strname - Name of the Custom Recommendation.
- description str
- The description to relate to the assessments generated by this Recommendation.
- display_
name str - The display name of the assessments generated by this Recommendation.
- query str
- KQL query representing the Recommendation results required.
- remediation_
description str - The remediation description to relate to the assessments generated by this Recommendation.
- security_
issue str | SecurityIssue - The severity to relate to the assessments generated by this Recommendation.
- severity
str | Severity
Enum - The severity to relate to the assessments generated by this Recommendation.
- scope String
- The scope of the custom recommendation. Valid scopes are: management group (format: 'providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: 'subscriptions/{subscriptionId}'), or security connector (format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName})'
- cloud
Providers List<String | "Azure" | "AWS" | "GCP"> - List of all standard supported clouds.
- custom
Recommendation StringName - Name of the Custom Recommendation.
- description String
- The description to relate to the assessments generated by this Recommendation.
- display
Name String - The display name of the assessments generated by this Recommendation.
- query String
- KQL query representing the Recommendation results required.
- remediation
Description String - The remediation description to relate to the assessments generated by this Recommendation.
- security
Issue String | "Vulnerability" | "ExcessivePermissions" | "Anonymous Access" | "Network Exposure" | "Traffic Encryption" | "Best Practices" - The severity to relate to the assessments generated by this Recommendation.
- severity String | "High" | "Medium" | "Low"
- The severity to relate to the assessments generated by this Recommendation.
Outputs
All input properties are implicitly available as output properties. Additionally, the CustomRecommendation resource produces the following output properties:
- Assessment
Key string - The assessment metadata key used when an assessment is generated for this Recommendation.
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- Resource name
- System
Data Pulumi.Azure Native. Security. Outputs. System Data Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- Type string
- Resource type
- Assessment
Key string - The assessment metadata key used when an assessment is generated for this Recommendation.
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- Resource name
- System
Data SystemData Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- Type string
- Resource type
- assessment
Key String - The assessment metadata key used when an assessment is generated for this Recommendation.
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- Resource name
- system
Data SystemData Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type String
- Resource type
- assessment
Key string - The assessment metadata key used when an assessment is generated for this Recommendation.
- id string
- The provider-assigned unique ID for this managed resource.
- name string
- Resource name
- system
Data SystemData Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type string
- Resource type
- assessment_
key str - The assessment metadata key used when an assessment is generated for this Recommendation.
- id str
- The provider-assigned unique ID for this managed resource.
- name str
- Resource name
- system_
data SystemData Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type str
- Resource type
- assessment
Key String - The assessment metadata key used when an assessment is generated for this Recommendation.
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- Resource name
- system
Data Property Map - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type String
- Resource type
Supporting Types
RecommendationSupportedClouds, RecommendationSupportedCloudsArgs
- Azure
- Azure
- AWS
- AWS
- GCP
- GCP
- Recommendation
Supported Clouds Azure - Azure
- Recommendation
Supported Clouds AWS - AWS
- Recommendation
Supported Clouds GCP - GCP
- Azure
- Azure
- AWS
- AWS
- GCP
- GCP
- Azure
- Azure
- AWS
- AWS
- GCP
- GCP
- AZURE
- Azure
- AWS
- AWS
- GCP
- GCP
- "Azure"
- Azure
- "AWS"
- AWS
- "GCP"
- GCP
SecurityIssue, SecurityIssueArgs
- Vulnerability
- Vulnerability
- Excessive
Permissions - ExcessivePermissions
- Anonymous
Access - AnonymousAccess
- Network
Exposure - NetworkExposure
- Traffic
Encryption - TrafficEncryption
- Best
Practices - BestPractices
- Security
Issue Vulnerability - Vulnerability
- Security
Issue Excessive Permissions - ExcessivePermissions
- Security
Issue Anonymous Access - AnonymousAccess
- Security
Issue Network Exposure - NetworkExposure
- Security
Issue Traffic Encryption - TrafficEncryption
- Security
Issue Best Practices - BestPractices
- Vulnerability
- Vulnerability
- Excessive
Permissions - ExcessivePermissions
- Anonymous
Access - AnonymousAccess
- Network
Exposure - NetworkExposure
- Traffic
Encryption - TrafficEncryption
- Best
Practices - BestPractices
- Vulnerability
- Vulnerability
- Excessive
Permissions - ExcessivePermissions
- Anonymous
Access - AnonymousAccess
- Network
Exposure - NetworkExposure
- Traffic
Encryption - TrafficEncryption
- Best
Practices - BestPractices
- VULNERABILITY
- Vulnerability
- EXCESSIVE_PERMISSIONS
- ExcessivePermissions
- ANONYMOUS_ACCESS
- AnonymousAccess
- NETWORK_EXPOSURE
- NetworkExposure
- TRAFFIC_ENCRYPTION
- TrafficEncryption
- BEST_PRACTICES
- BestPractices
- "Vulnerability"
- Vulnerability
- "Excessive
Permissions" - ExcessivePermissions
- "Anonymous
Access" - AnonymousAccess
- "Network
Exposure" - NetworkExposure
- "Traffic
Encryption" - TrafficEncryption
- "Best
Practices" - BestPractices
SeverityEnum, SeverityEnumArgs
- High
- High
- Medium
- Medium
- Low
- Low
- Severity
Enum High - High
- Severity
Enum Medium - Medium
- Severity
Enum Low - Low
- High
- High
- Medium
- Medium
- Low
- Low
- High
- High
- Medium
- Medium
- Low
- Low
- HIGH
- High
- MEDIUM
- Medium
- LOW
- Low
- "High"
- High
- "Medium"
- Medium
- "Low"
- Low
SystemDataResponse, SystemDataResponseArgs
- Created
At string - The timestamp of resource creation (UTC).
- Created
By string - The identity that created the resource.
- Created
By stringType - The type of identity that created the resource.
- Last
Modified stringAt - The timestamp of resource last modification (UTC)
- Last
Modified stringBy - The identity that last modified the resource.
- Last
Modified stringBy Type - The type of identity that last modified the resource.
- Created
At string - The timestamp of resource creation (UTC).
- Created
By string - The identity that created the resource.
- Created
By stringType - The type of identity that created the resource.
- Last
Modified stringAt - The timestamp of resource last modification (UTC)
- Last
Modified stringBy - The identity that last modified the resource.
- Last
Modified stringBy Type - The type of identity that last modified the resource.
- created
At String - The timestamp of resource creation (UTC).
- created
By String - The identity that created the resource.
- created
By StringType - The type of identity that created the resource.
- last
Modified StringAt - The timestamp of resource last modification (UTC)
- last
Modified StringBy - The identity that last modified the resource.
- last
Modified StringBy Type - The type of identity that last modified the resource.
- created
At string - The timestamp of resource creation (UTC).
- created
By string - The identity that created the resource.
- created
By stringType - The type of identity that created the resource.
- last
Modified stringAt - The timestamp of resource last modification (UTC)
- last
Modified stringBy - The identity that last modified the resource.
- last
Modified stringBy Type - The type of identity that last modified the resource.
- created_
at str - The timestamp of resource creation (UTC).
- created_
by str - The identity that created the resource.
- created_
by_ strtype - The type of identity that created the resource.
- last_
modified_ strat - The timestamp of resource last modification (UTC)
- last_
modified_ strby - The identity that last modified the resource.
- last_
modified_ strby_ type - The type of identity that last modified the resource.
- created
At String - The timestamp of resource creation (UTC).
- created
By String - The identity that created the resource.
- created
By StringType - The type of identity that created the resource.
- last
Modified StringAt - The timestamp of resource last modification (UTC)
- last
Modified StringBy - The identity that last modified the resource.
- last
Modified StringBy Type - The type of identity that last modified the resource.
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:security:CustomRecommendation 33e7cc6e-a139-4723-a0e5-76993aee0771 /{scope}/providers/Microsoft.Security/customRecommendations/{customRecommendationName}
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Azure Native pulumi/pulumi-azure-native
- License
- Apache-2.0