azure-native.security.getPricing

func LookupPricing(ctx *Context, args *LookupPricingArgs, opts ...InvokeOption) (*LookupPricingResult, error)
func LookupPricingOutput(ctx *Context, args *LookupPricingOutputArgs, opts ...InvokeOption) LookupPricingResultOutput

> Note: This function is named LookupPricing in the Go SDK.

PricingName string

name of the pricing configuration

ScopeId string

The scope id of the pricing. Valid scopes are: subscription (format: 'subscriptions/{subscriptionId}'), or a specific resource (format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}) - Supported resources are (VirtualMachines)

PricingName string

name of the pricing configuration

ScopeId string

The scope id of the pricing. Valid scopes are: subscription (format: 'subscriptions/{subscriptionId}'), or a specific resource (format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}) - Supported resources are (VirtualMachines)

pricingName String

name of the pricing configuration

scopeId String

The scope id of the pricing. Valid scopes are: subscription (format: 'subscriptions/{subscriptionId}'), or a specific resource (format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}) - Supported resources are (VirtualMachines)

pricingName string

name of the pricing configuration

scopeId string

The scope id of the pricing. Valid scopes are: subscription (format: 'subscriptions/{subscriptionId}'), or a specific resource (format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}) - Supported resources are (VirtualMachines)

pricing_name str

name of the pricing configuration

scope_id str

The scope id of the pricing. Valid scopes are: subscription (format: 'subscriptions/{subscriptionId}'), or a specific resource (format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}) - Supported resources are (VirtualMachines)

pricingName String

name of the pricing configuration

scopeId String

The scope id of the pricing. Valid scopes are: subscription (format: 'subscriptions/{subscriptionId}'), or a specific resource (format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}) - Supported resources are (VirtualMachines)

Deprecated bool

Optional. True if the plan is deprecated. If there are replacing plans they will appear in replacedBy property

EnablementTime string

Optional. If pricingTier is Standard then this property holds the date of the last time the pricingTier was set to Standard, when available (e.g 2023-03-01T12:42:42.1921106Z).

FreeTrialRemainingTime string

The duration left for the subscriptions free trial period - in ISO 8601 format (e.g. P3Y6M4DT12H30M5S).

Id string

Resource Id

Inherited string

"inherited" = "True" indicates that the current scope inherits its pricing configuration from its parent. The ID of the parent scope that provides the inherited configuration is displayed in the "inheritedFrom" field. On the other hand, "inherited" = "False" indicates that the current scope has its own pricing configuration explicitly set, and does not inherit from its parent. This field is read only and available only for resource-level pricing.

InheritedFrom string

The id of the scope inherited from. "Null" if not inherited. This field is only available for resource-level pricing.

Name string

Resource name

PricingTier string

Indicates whether the Defender plan is enabled on the selected scope. Microsoft Defender for Cloud is provided in two pricing tiers: free and standard. The standard tier offers advanced security capabilities, while the free tier offers basic security features.

ReplacedBy List<string>

Optional. List of plans that replace this plan. This property exists only if this plan is deprecated.

ResourcesCoverageStatus string

This field is available for subscription-level only, and reflects the coverage status of the resources under the subscription. Please note: The "pricingTier" field reflects the plan status of the subscription. However, since the plan status can also be defined at the resource level, there might be misalignment between the subscription's plan status and the resource status. This field helps indicate the coverage status of the resources.

Type string

Resource type

Enforce string

If set to "False", it allows the descendants of this scope to override the pricing configuration set on this scope (allows setting inherited="False"). If set to "True", it prevents overrides and forces this pricing configuration on all the descendants of this scope. This field is only available for subscription-level pricing.

Extensions List<Pulumi.AzureNative.Security.Outputs.ExtensionResponse>

Optional. List of extensions offered under a plan.

SubPlan string

The sub-plan selected for a Standard pricing configuration, when more than one sub-plan is available. Each sub-plan enables a set of security features. When not specified, full plan is applied. For VirtualMachines plan, available sub plans are 'P1' & 'P2', where for resource level only 'P1' sub plan is supported.

Deprecated bool

Optional. True if the plan is deprecated. If there are replacing plans they will appear in replacedBy property

EnablementTime string

Optional. If pricingTier is Standard then this property holds the date of the last time the pricingTier was set to Standard, when available (e.g 2023-03-01T12:42:42.1921106Z).

FreeTrialRemainingTime string

The duration left for the subscriptions free trial period - in ISO 8601 format (e.g. P3Y6M4DT12H30M5S).

Id string

Resource Id

Inherited string

"inherited" = "True" indicates that the current scope inherits its pricing configuration from its parent. The ID of the parent scope that provides the inherited configuration is displayed in the "inheritedFrom" field. On the other hand, "inherited" = "False" indicates that the current scope has its own pricing configuration explicitly set, and does not inherit from its parent. This field is read only and available only for resource-level pricing.

InheritedFrom string

The id of the scope inherited from. "Null" if not inherited. This field is only available for resource-level pricing.

Name string

Resource name

PricingTier string

Indicates whether the Defender plan is enabled on the selected scope. Microsoft Defender for Cloud is provided in two pricing tiers: free and standard. The standard tier offers advanced security capabilities, while the free tier offers basic security features.

ReplacedBy []string

Optional. List of plans that replace this plan. This property exists only if this plan is deprecated.

ResourcesCoverageStatus string

This field is available for subscription-level only, and reflects the coverage status of the resources under the subscription. Please note: The "pricingTier" field reflects the plan status of the subscription. However, since the plan status can also be defined at the resource level, there might be misalignment between the subscription's plan status and the resource status. This field helps indicate the coverage status of the resources.

Type string

Resource type

Enforce string

If set to "False", it allows the descendants of this scope to override the pricing configuration set on this scope (allows setting inherited="False"). If set to "True", it prevents overrides and forces this pricing configuration on all the descendants of this scope. This field is only available for subscription-level pricing.

Extensions []ExtensionResponse

Optional. List of extensions offered under a plan.

SubPlan string

The sub-plan selected for a Standard pricing configuration, when more than one sub-plan is available. Each sub-plan enables a set of security features. When not specified, full plan is applied. For VirtualMachines plan, available sub plans are 'P1' & 'P2', where for resource level only 'P1' sub plan is supported.

deprecated Boolean

Optional. True if the plan is deprecated. If there are replacing plans they will appear in replacedBy property

enablementTime String

Optional. If pricingTier is Standard then this property holds the date of the last time the pricingTier was set to Standard, when available (e.g 2023-03-01T12:42:42.1921106Z).

freeTrialRemainingTime String

The duration left for the subscriptions free trial period - in ISO 8601 format (e.g. P3Y6M4DT12H30M5S).

id String

Resource Id

inherited String

"inherited" = "True" indicates that the current scope inherits its pricing configuration from its parent. The ID of the parent scope that provides the inherited configuration is displayed in the "inheritedFrom" field. On the other hand, "inherited" = "False" indicates that the current scope has its own pricing configuration explicitly set, and does not inherit from its parent. This field is read only and available only for resource-level pricing.

inheritedFrom String

The id of the scope inherited from. "Null" if not inherited. This field is only available for resource-level pricing.

name String

Resource name

pricingTier String

Indicates whether the Defender plan is enabled on the selected scope. Microsoft Defender for Cloud is provided in two pricing tiers: free and standard. The standard tier offers advanced security capabilities, while the free tier offers basic security features.

replacedBy List<String>

Optional. List of plans that replace this plan. This property exists only if this plan is deprecated.

resourcesCoverageStatus String

This field is available for subscription-level only, and reflects the coverage status of the resources under the subscription. Please note: The "pricingTier" field reflects the plan status of the subscription. However, since the plan status can also be defined at the resource level, there might be misalignment between the subscription's plan status and the resource status. This field helps indicate the coverage status of the resources.

type String

Resource type

enforce String

If set to "False", it allows the descendants of this scope to override the pricing configuration set on this scope (allows setting inherited="False"). If set to "True", it prevents overrides and forces this pricing configuration on all the descendants of this scope. This field is only available for subscription-level pricing.

extensions List<ExtensionResponse>

Optional. List of extensions offered under a plan.

subPlan String

The sub-plan selected for a Standard pricing configuration, when more than one sub-plan is available. Each sub-plan enables a set of security features. When not specified, full plan is applied. For VirtualMachines plan, available sub plans are 'P1' & 'P2', where for resource level only 'P1' sub plan is supported.

deprecated boolean

Optional. True if the plan is deprecated. If there are replacing plans they will appear in replacedBy property

enablementTime string

Optional. If pricingTier is Standard then this property holds the date of the last time the pricingTier was set to Standard, when available (e.g 2023-03-01T12:42:42.1921106Z).

freeTrialRemainingTime string

The duration left for the subscriptions free trial period - in ISO 8601 format (e.g. P3Y6M4DT12H30M5S).

id string

Resource Id

inherited string

"inherited" = "True" indicates that the current scope inherits its pricing configuration from its parent. The ID of the parent scope that provides the inherited configuration is displayed in the "inheritedFrom" field. On the other hand, "inherited" = "False" indicates that the current scope has its own pricing configuration explicitly set, and does not inherit from its parent. This field is read only and available only for resource-level pricing.

inheritedFrom string

The id of the scope inherited from. "Null" if not inherited. This field is only available for resource-level pricing.

name string

Resource name

pricingTier string

Indicates whether the Defender plan is enabled on the selected scope. Microsoft Defender for Cloud is provided in two pricing tiers: free and standard. The standard tier offers advanced security capabilities, while the free tier offers basic security features.

replacedBy string[]

Optional. List of plans that replace this plan. This property exists only if this plan is deprecated.

resourcesCoverageStatus string

This field is available for subscription-level only, and reflects the coverage status of the resources under the subscription. Please note: The "pricingTier" field reflects the plan status of the subscription. However, since the plan status can also be defined at the resource level, there might be misalignment between the subscription's plan status and the resource status. This field helps indicate the coverage status of the resources.

type string

Resource type

enforce string

If set to "False", it allows the descendants of this scope to override the pricing configuration set on this scope (allows setting inherited="False"). If set to "True", it prevents overrides and forces this pricing configuration on all the descendants of this scope. This field is only available for subscription-level pricing.

extensions ExtensionResponse[]

Optional. List of extensions offered under a plan.

subPlan string

The sub-plan selected for a Standard pricing configuration, when more than one sub-plan is available. Each sub-plan enables a set of security features. When not specified, full plan is applied. For VirtualMachines plan, available sub plans are 'P1' & 'P2', where for resource level only 'P1' sub plan is supported.

deprecated bool

Optional. True if the plan is deprecated. If there are replacing plans they will appear in replacedBy property

enablement_time str

Optional. If pricingTier is Standard then this property holds the date of the last time the pricingTier was set to Standard, when available (e.g 2023-03-01T12:42:42.1921106Z).

free_trial_remaining_time str

The duration left for the subscriptions free trial period - in ISO 8601 format (e.g. P3Y6M4DT12H30M5S).

id str

Resource Id

inherited str

"inherited" = "True" indicates that the current scope inherits its pricing configuration from its parent. The ID of the parent scope that provides the inherited configuration is displayed in the "inheritedFrom" field. On the other hand, "inherited" = "False" indicates that the current scope has its own pricing configuration explicitly set, and does not inherit from its parent. This field is read only and available only for resource-level pricing.

inherited_from str

The id of the scope inherited from. "Null" if not inherited. This field is only available for resource-level pricing.

name str

Resource name

pricing_tier str

Indicates whether the Defender plan is enabled on the selected scope. Microsoft Defender for Cloud is provided in two pricing tiers: free and standard. The standard tier offers advanced security capabilities, while the free tier offers basic security features.

replaced_by Sequence[str]

Optional. List of plans that replace this plan. This property exists only if this plan is deprecated.

resources_coverage_status str

This field is available for subscription-level only, and reflects the coverage status of the resources under the subscription. Please note: The "pricingTier" field reflects the plan status of the subscription. However, since the plan status can also be defined at the resource level, there might be misalignment between the subscription's plan status and the resource status. This field helps indicate the coverage status of the resources.

type str

Resource type

enforce str

If set to "False", it allows the descendants of this scope to override the pricing configuration set on this scope (allows setting inherited="False"). If set to "True", it prevents overrides and forces this pricing configuration on all the descendants of this scope. This field is only available for subscription-level pricing.

extensions Sequence[ExtensionResponse]

Optional. List of extensions offered under a plan.

sub_plan str

The sub-plan selected for a Standard pricing configuration, when more than one sub-plan is available. Each sub-plan enables a set of security features. When not specified, full plan is applied. For VirtualMachines plan, available sub plans are 'P1' & 'P2', where for resource level only 'P1' sub plan is supported.

deprecated Boolean

Optional. True if the plan is deprecated. If there are replacing plans they will appear in replacedBy property

enablementTime String

Optional. If pricingTier is Standard then this property holds the date of the last time the pricingTier was set to Standard, when available (e.g 2023-03-01T12:42:42.1921106Z).

freeTrialRemainingTime String

The duration left for the subscriptions free trial period - in ISO 8601 format (e.g. P3Y6M4DT12H30M5S).

id String

Resource Id

inherited String

"inherited" = "True" indicates that the current scope inherits its pricing configuration from its parent. The ID of the parent scope that provides the inherited configuration is displayed in the "inheritedFrom" field. On the other hand, "inherited" = "False" indicates that the current scope has its own pricing configuration explicitly set, and does not inherit from its parent. This field is read only and available only for resource-level pricing.

inheritedFrom String

The id of the scope inherited from. "Null" if not inherited. This field is only available for resource-level pricing.

name String

Resource name

pricingTier String

Indicates whether the Defender plan is enabled on the selected scope. Microsoft Defender for Cloud is provided in two pricing tiers: free and standard. The standard tier offers advanced security capabilities, while the free tier offers basic security features.

replacedBy List<String>

Optional. List of plans that replace this plan. This property exists only if this plan is deprecated.

resourcesCoverageStatus String

This field is available for subscription-level only, and reflects the coverage status of the resources under the subscription. Please note: The "pricingTier" field reflects the plan status of the subscription. However, since the plan status can also be defined at the resource level, there might be misalignment between the subscription's plan status and the resource status. This field helps indicate the coverage status of the resources.

type String

Resource type

enforce String

If set to "False", it allows the descendants of this scope to override the pricing configuration set on this scope (allows setting inherited="False"). If set to "True", it prevents overrides and forces this pricing configuration on all the descendants of this scope. This field is only available for subscription-level pricing.

extensions List<Property Map>

Optional. List of extensions offered under a plan.

subPlan String

The sub-plan selected for a Standard pricing configuration, when more than one sub-plan is available. Each sub-plan enables a set of security features. When not specified, full plan is applied. For VirtualMachines plan, available sub plans are 'P1' & 'P2', where for resource level only 'P1' sub plan is supported.

IsEnabled string

Indicates whether the extension is enabled.

Name string

The extension name. Supported values are: AgentlessDiscoveryForKubernetes - Provides zero footprint, API-based discovery of Kubernetes clusters, their configurations and deployments. The collected data is used to create a contextualized security graph for Kubernetes clusters, provide risk hunting capabilities, and visualize risks and threats to Kubernetes environments and workloads.Available for CloudPosture plan and Containers plan.OnUploadMalwareScanning - Limits the GB to be scanned per month for each storage account within the subscription. Once this limit reached on a given storage account, Blobs won't be scanned during current calendar month.Available for StorageAccounts plan (DefenderForStorageV2 sub plans).SensitiveDataDiscovery - Sensitive data discovery identifies Blob storage container with sensitive data such as credentials, credit cards, and more, to help prioritize and investigate security events.Available for StorageAccounts plan (DefenderForStorageV2 sub plan) and CloudPosture plan.ContainerRegistriesVulnerabilityAssessments - Provides vulnerability management for images stored in your container registries.Available for CloudPosture plan and Containers plan.MdeDesignatedSubscription - Direct onboarding is a seamless integration between Defender for Endpoint and Defender for Cloud that doesn’t require extra software deployment on your servers. The onboarded resources will be presented under a designated Azure Subscription you configureAvailable for VirtualMachines plan (P1 and P2 sub plans).AgentlessVmScanning - Scans your machines for installed software, vulnerabilities, malware and secret scanning without relying on agents or impacting machine performance. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-agentless-data-collection.Available for CloudPosture plan, VirtualMachines plan (P2 sub plan) and Containers plan.EntraPermissionsManagement - Permissions Management provides Cloud Infrastructure Entitlement Management (CIEM) capabilities that helps organizations to manage and control user access and entitlements in their cloud infrastructure - important attack vector for cloud environments.Permissions Management analyzes all permissions and active usage, and suggests recommendations to reduce permissions to enforce the principle of least privilege. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/permissions-management.Available for CloudPosture plan. FileIntegrityMonitoring - File integrity monitoring (FIM), examines operating system files.Windows registries, Linux system files, in real time, for changes that might indicate an attack.Available for VirtualMachines plan (P2 sub plan). ContainerSensor - The sensor is based on IG and provides a rich threat detection suite for Kubernetes clusters, nodes, and workloads, powered by Microsoft leading threat intelligence, provides mapping to MITRE ATT&CK framework.Available for Containers plan. AIPromptEvidence - Exposes the prompts passed between the user and the AI model as alert evidence. This helps classify and triage the alerts with relevant user context. The prompt snippets will include only segments of the user prompt or model response that were deemed suspicious and relevant for security classifications. The prompt evidence will be available through Defender portal as part of each alert.Available for AI plan.

OperationStatus Pulumi.AzureNative.Security.Inputs.OperationStatusResponse

Optional. A status describing the success/failure of the extension's enablement/disablement operation.

AdditionalExtensionProperties object

Property values associated with the extension.

IsEnabled string

Indicates whether the extension is enabled.

Name string

The extension name. Supported values are: AgentlessDiscoveryForKubernetes - Provides zero footprint, API-based discovery of Kubernetes clusters, their configurations and deployments. The collected data is used to create a contextualized security graph for Kubernetes clusters, provide risk hunting capabilities, and visualize risks and threats to Kubernetes environments and workloads.Available for CloudPosture plan and Containers plan.OnUploadMalwareScanning - Limits the GB to be scanned per month for each storage account within the subscription. Once this limit reached on a given storage account, Blobs won't be scanned during current calendar month.Available for StorageAccounts plan (DefenderForStorageV2 sub plans).SensitiveDataDiscovery - Sensitive data discovery identifies Blob storage container with sensitive data such as credentials, credit cards, and more, to help prioritize and investigate security events.Available for StorageAccounts plan (DefenderForStorageV2 sub plan) and CloudPosture plan.ContainerRegistriesVulnerabilityAssessments - Provides vulnerability management for images stored in your container registries.Available for CloudPosture plan and Containers plan.MdeDesignatedSubscription - Direct onboarding is a seamless integration between Defender for Endpoint and Defender for Cloud that doesn’t require extra software deployment on your servers. The onboarded resources will be presented under a designated Azure Subscription you configureAvailable for VirtualMachines plan (P1 and P2 sub plans).AgentlessVmScanning - Scans your machines for installed software, vulnerabilities, malware and secret scanning without relying on agents or impacting machine performance. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-agentless-data-collection.Available for CloudPosture plan, VirtualMachines plan (P2 sub plan) and Containers plan.EntraPermissionsManagement - Permissions Management provides Cloud Infrastructure Entitlement Management (CIEM) capabilities that helps organizations to manage and control user access and entitlements in their cloud infrastructure - important attack vector for cloud environments.Permissions Management analyzes all permissions and active usage, and suggests recommendations to reduce permissions to enforce the principle of least privilege. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/permissions-management.Available for CloudPosture plan. FileIntegrityMonitoring - File integrity monitoring (FIM), examines operating system files.Windows registries, Linux system files, in real time, for changes that might indicate an attack.Available for VirtualMachines plan (P2 sub plan). ContainerSensor - The sensor is based on IG and provides a rich threat detection suite for Kubernetes clusters, nodes, and workloads, powered by Microsoft leading threat intelligence, provides mapping to MITRE ATT&CK framework.Available for Containers plan. AIPromptEvidence - Exposes the prompts passed between the user and the AI model as alert evidence. This helps classify and triage the alerts with relevant user context. The prompt snippets will include only segments of the user prompt or model response that were deemed suspicious and relevant for security classifications. The prompt evidence will be available through Defender portal as part of each alert.Available for AI plan.

OperationStatus OperationStatusResponse

Optional. A status describing the success/failure of the extension's enablement/disablement operation.

AdditionalExtensionProperties interface{}

Property values associated with the extension.

isEnabled String

Indicates whether the extension is enabled.

name String

The extension name. Supported values are: AgentlessDiscoveryForKubernetes - Provides zero footprint, API-based discovery of Kubernetes clusters, their configurations and deployments. The collected data is used to create a contextualized security graph for Kubernetes clusters, provide risk hunting capabilities, and visualize risks and threats to Kubernetes environments and workloads.Available for CloudPosture plan and Containers plan.OnUploadMalwareScanning - Limits the GB to be scanned per month for each storage account within the subscription. Once this limit reached on a given storage account, Blobs won't be scanned during current calendar month.Available for StorageAccounts plan (DefenderForStorageV2 sub plans).SensitiveDataDiscovery - Sensitive data discovery identifies Blob storage container with sensitive data such as credentials, credit cards, and more, to help prioritize and investigate security events.Available for StorageAccounts plan (DefenderForStorageV2 sub plan) and CloudPosture plan.ContainerRegistriesVulnerabilityAssessments - Provides vulnerability management for images stored in your container registries.Available for CloudPosture plan and Containers plan.MdeDesignatedSubscription - Direct onboarding is a seamless integration between Defender for Endpoint and Defender for Cloud that doesn’t require extra software deployment on your servers. The onboarded resources will be presented under a designated Azure Subscription you configureAvailable for VirtualMachines plan (P1 and P2 sub plans).AgentlessVmScanning - Scans your machines for installed software, vulnerabilities, malware and secret scanning without relying on agents or impacting machine performance. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-agentless-data-collection.Available for CloudPosture plan, VirtualMachines plan (P2 sub plan) and Containers plan.EntraPermissionsManagement - Permissions Management provides Cloud Infrastructure Entitlement Management (CIEM) capabilities that helps organizations to manage and control user access and entitlements in their cloud infrastructure - important attack vector for cloud environments.Permissions Management analyzes all permissions and active usage, and suggests recommendations to reduce permissions to enforce the principle of least privilege. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/permissions-management.Available for CloudPosture plan. FileIntegrityMonitoring - File integrity monitoring (FIM), examines operating system files.Windows registries, Linux system files, in real time, for changes that might indicate an attack.Available for VirtualMachines plan (P2 sub plan). ContainerSensor - The sensor is based on IG and provides a rich threat detection suite for Kubernetes clusters, nodes, and workloads, powered by Microsoft leading threat intelligence, provides mapping to MITRE ATT&CK framework.Available for Containers plan. AIPromptEvidence - Exposes the prompts passed between the user and the AI model as alert evidence. This helps classify and triage the alerts with relevant user context. The prompt snippets will include only segments of the user prompt or model response that were deemed suspicious and relevant for security classifications. The prompt evidence will be available through Defender portal as part of each alert.Available for AI plan.

operationStatus OperationStatusResponse

Optional. A status describing the success/failure of the extension's enablement/disablement operation.

additionalExtensionProperties Object

Property values associated with the extension.

isEnabled string

Indicates whether the extension is enabled.

name string

The extension name. Supported values are: AgentlessDiscoveryForKubernetes - Provides zero footprint, API-based discovery of Kubernetes clusters, their configurations and deployments. The collected data is used to create a contextualized security graph for Kubernetes clusters, provide risk hunting capabilities, and visualize risks and threats to Kubernetes environments and workloads.Available for CloudPosture plan and Containers plan.OnUploadMalwareScanning - Limits the GB to be scanned per month for each storage account within the subscription. Once this limit reached on a given storage account, Blobs won't be scanned during current calendar month.Available for StorageAccounts plan (DefenderForStorageV2 sub plans).SensitiveDataDiscovery - Sensitive data discovery identifies Blob storage container with sensitive data such as credentials, credit cards, and more, to help prioritize and investigate security events.Available for StorageAccounts plan (DefenderForStorageV2 sub plan) and CloudPosture plan.ContainerRegistriesVulnerabilityAssessments - Provides vulnerability management for images stored in your container registries.Available for CloudPosture plan and Containers plan.MdeDesignatedSubscription - Direct onboarding is a seamless integration between Defender for Endpoint and Defender for Cloud that doesn’t require extra software deployment on your servers. The onboarded resources will be presented under a designated Azure Subscription you configureAvailable for VirtualMachines plan (P1 and P2 sub plans).AgentlessVmScanning - Scans your machines for installed software, vulnerabilities, malware and secret scanning without relying on agents or impacting machine performance. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-agentless-data-collection.Available for CloudPosture plan, VirtualMachines plan (P2 sub plan) and Containers plan.EntraPermissionsManagement - Permissions Management provides Cloud Infrastructure Entitlement Management (CIEM) capabilities that helps organizations to manage and control user access and entitlements in their cloud infrastructure - important attack vector for cloud environments.Permissions Management analyzes all permissions and active usage, and suggests recommendations to reduce permissions to enforce the principle of least privilege. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/permissions-management.Available for CloudPosture plan. FileIntegrityMonitoring - File integrity monitoring (FIM), examines operating system files.Windows registries, Linux system files, in real time, for changes that might indicate an attack.Available for VirtualMachines plan (P2 sub plan). ContainerSensor - The sensor is based on IG and provides a rich threat detection suite for Kubernetes clusters, nodes, and workloads, powered by Microsoft leading threat intelligence, provides mapping to MITRE ATT&CK framework.Available for Containers plan. AIPromptEvidence - Exposes the prompts passed between the user and the AI model as alert evidence. This helps classify and triage the alerts with relevant user context. The prompt snippets will include only segments of the user prompt or model response that were deemed suspicious and relevant for security classifications. The prompt evidence will be available through Defender portal as part of each alert.Available for AI plan.

operationStatus OperationStatusResponse

Optional. A status describing the success/failure of the extension's enablement/disablement operation.

additionalExtensionProperties any

Property values associated with the extension.

is_enabled str

Indicates whether the extension is enabled.

name str

The extension name. Supported values are: AgentlessDiscoveryForKubernetes - Provides zero footprint, API-based discovery of Kubernetes clusters, their configurations and deployments. The collected data is used to create a contextualized security graph for Kubernetes clusters, provide risk hunting capabilities, and visualize risks and threats to Kubernetes environments and workloads.Available for CloudPosture plan and Containers plan.OnUploadMalwareScanning - Limits the GB to be scanned per month for each storage account within the subscription. Once this limit reached on a given storage account, Blobs won't be scanned during current calendar month.Available for StorageAccounts plan (DefenderForStorageV2 sub plans).SensitiveDataDiscovery - Sensitive data discovery identifies Blob storage container with sensitive data such as credentials, credit cards, and more, to help prioritize and investigate security events.Available for StorageAccounts plan (DefenderForStorageV2 sub plan) and CloudPosture plan.ContainerRegistriesVulnerabilityAssessments - Provides vulnerability management for images stored in your container registries.Available for CloudPosture plan and Containers plan.MdeDesignatedSubscription - Direct onboarding is a seamless integration between Defender for Endpoint and Defender for Cloud that doesn’t require extra software deployment on your servers. The onboarded resources will be presented under a designated Azure Subscription you configureAvailable for VirtualMachines plan (P1 and P2 sub plans).AgentlessVmScanning - Scans your machines for installed software, vulnerabilities, malware and secret scanning without relying on agents or impacting machine performance. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-agentless-data-collection.Available for CloudPosture plan, VirtualMachines plan (P2 sub plan) and Containers plan.EntraPermissionsManagement - Permissions Management provides Cloud Infrastructure Entitlement Management (CIEM) capabilities that helps organizations to manage and control user access and entitlements in their cloud infrastructure - important attack vector for cloud environments.Permissions Management analyzes all permissions and active usage, and suggests recommendations to reduce permissions to enforce the principle of least privilege. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/permissions-management.Available for CloudPosture plan. FileIntegrityMonitoring - File integrity monitoring (FIM), examines operating system files.Windows registries, Linux system files, in real time, for changes that might indicate an attack.Available for VirtualMachines plan (P2 sub plan). ContainerSensor - The sensor is based on IG and provides a rich threat detection suite for Kubernetes clusters, nodes, and workloads, powered by Microsoft leading threat intelligence, provides mapping to MITRE ATT&CK framework.Available for Containers plan. AIPromptEvidence - Exposes the prompts passed between the user and the AI model as alert evidence. This helps classify and triage the alerts with relevant user context. The prompt snippets will include only segments of the user prompt or model response that were deemed suspicious and relevant for security classifications. The prompt evidence will be available through Defender portal as part of each alert.Available for AI plan.

operation_status OperationStatusResponse

Optional. A status describing the success/failure of the extension's enablement/disablement operation.

additional_extension_properties Any

Property values associated with the extension.

isEnabled String

Indicates whether the extension is enabled.

name String

The extension name. Supported values are: AgentlessDiscoveryForKubernetes - Provides zero footprint, API-based discovery of Kubernetes clusters, their configurations and deployments. The collected data is used to create a contextualized security graph for Kubernetes clusters, provide risk hunting capabilities, and visualize risks and threats to Kubernetes environments and workloads.Available for CloudPosture plan and Containers plan.OnUploadMalwareScanning - Limits the GB to be scanned per month for each storage account within the subscription. Once this limit reached on a given storage account, Blobs won't be scanned during current calendar month.Available for StorageAccounts plan (DefenderForStorageV2 sub plans).SensitiveDataDiscovery - Sensitive data discovery identifies Blob storage container with sensitive data such as credentials, credit cards, and more, to help prioritize and investigate security events.Available for StorageAccounts plan (DefenderForStorageV2 sub plan) and CloudPosture plan.ContainerRegistriesVulnerabilityAssessments - Provides vulnerability management for images stored in your container registries.Available for CloudPosture plan and Containers plan.MdeDesignatedSubscription - Direct onboarding is a seamless integration between Defender for Endpoint and Defender for Cloud that doesn’t require extra software deployment on your servers. The onboarded resources will be presented under a designated Azure Subscription you configureAvailable for VirtualMachines plan (P1 and P2 sub plans).AgentlessVmScanning - Scans your machines for installed software, vulnerabilities, malware and secret scanning without relying on agents or impacting machine performance. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-agentless-data-collection.Available for CloudPosture plan, VirtualMachines plan (P2 sub plan) and Containers plan.EntraPermissionsManagement - Permissions Management provides Cloud Infrastructure Entitlement Management (CIEM) capabilities that helps organizations to manage and control user access and entitlements in their cloud infrastructure - important attack vector for cloud environments.Permissions Management analyzes all permissions and active usage, and suggests recommendations to reduce permissions to enforce the principle of least privilege. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/permissions-management.Available for CloudPosture plan. FileIntegrityMonitoring - File integrity monitoring (FIM), examines operating system files.Windows registries, Linux system files, in real time, for changes that might indicate an attack.Available for VirtualMachines plan (P2 sub plan). ContainerSensor - The sensor is based on IG and provides a rich threat detection suite for Kubernetes clusters, nodes, and workloads, powered by Microsoft leading threat intelligence, provides mapping to MITRE ATT&CK framework.Available for Containers plan. AIPromptEvidence - Exposes the prompts passed between the user and the AI model as alert evidence. This helps classify and triage the alerts with relevant user context. The prompt snippets will include only segments of the user prompt or model response that were deemed suspicious and relevant for security classifications. The prompt evidence will be available through Defender portal as part of each alert.Available for AI plan.

operationStatus Property Map

Optional. A status describing the success/failure of the extension's enablement/disablement operation.

additionalExtensionProperties Any

Property values associated with the extension.

Code string

The operation status code.

Message string

Additional information regarding the success/failure of the operation.

Code string

The operation status code.

Message string

Additional information regarding the success/failure of the operation.

code String

The operation status code.

message String

Additional information regarding the success/failure of the operation.

code string

The operation status code.

message string

Additional information regarding the success/failure of the operation.

code str

The operation status code.

message str

Additional information regarding the success/failure of the operation.

code String

The operation status code.

message String

Additional information regarding the success/failure of the operation.