pspulumiyaml.azurenative.security.psm1
|
using module pspulumiyaml function Invoke-AzureNativeFunctionSecurityGetIngestionSetting { param ( [parameter(mandatory=$False,HelpMessage='Name of the ingestion setting)')] [string] $ingestionSettingName ) process { $arguments = @{} $arguments["ingestionSettingName"] = $ingestionSettingName $functionObject = Invoke-PulumiFunction -Name azure-native:security:getIngestionSetting -variableName $([guid]::NewGuid().Guid) -Arguments $arguments return $functionObject } } function Invoke-AzureNativeFunctionSecurityGetConnector { param ( [parameter(mandatory=$False,HelpMessage='Name of the cloud account connector)')] [string] $connectorName ) process { $arguments = @{} $arguments["connectorName"] = $connectorName $functionObject = Invoke-PulumiFunction -Name azure-native:security:getConnector -variableName $([guid]::NewGuid().Guid) -Arguments $arguments return $functionObject } } function Invoke-AzureNativeFunctionSecurityGetAlertsSuppressionRule { param ( [parameter(mandatory=$False,HelpMessage='The unique name of the suppression alert rule)')] [string] $alertsSuppressionRuleName ) process { $arguments = @{} $arguments["alertsSuppressionRuleName"] = $alertsSuppressionRuleName $functionObject = Invoke-PulumiFunction -Name azure-native:security:getAlertsSuppressionRule -variableName $([guid]::NewGuid().Guid) -Arguments $arguments return $functionObject } } function Invoke-AzureNativeFunctionSecurityGetCustomAssessmentAutomation { param ( [parameter(mandatory=$False,HelpMessage='Name of the Custom Assessment Automation.)')] [string] $customAssessmentAutomationName, [parameter(mandatory=$False,HelpMessage='The name of the resource group within the user''s subscription. The name is case insensitive.)')] [string] $resourceGroupName ) process { $arguments = @{} $arguments["customAssessmentAutomationName"] = $customAssessmentAutomationName $arguments["resourceGroupName"] = $resourceGroupName $functionObject = Invoke-PulumiFunction -Name azure-native:security:getCustomAssessmentAutomation -variableName $([guid]::NewGuid().Guid) -Arguments $arguments return $functionObject } } function Invoke-AzureNativeFunctionSecurityGetAssessment { param ( [parameter(mandatory=$False,HelpMessage='The Assessment Key - Unique key for the assessment type)')] [string] $assessmentName, [parameter(mandatory=$False,HelpMessage='OData expand. Optional.)')] [string] $expand, [parameter(mandatory=$False,HelpMessage='The identifier of the resource.)')] [string] $resourceId ) process { $arguments = @{} $arguments["assessmentName"] = $assessmentName $arguments["resourceId"] = $resourceId if($PSBoundParameters.Keys -icontains 'expand') { $arguments["expand"] = $expand } $functionObject = Invoke-PulumiFunction -Name azure-native:security:getAssessment -variableName $([guid]::NewGuid().Guid) -Arguments $arguments return $functionObject } } function Invoke-AzureNativeFunctionSecurityGetIotSecuritySolution { param ( [parameter(mandatory=$False,HelpMessage='The name of the resource group within the user''s subscription. The name is case insensitive.)')] [string] $resourceGroupName, [parameter(mandatory=$False,HelpMessage='The name of the IoT Security solution.)')] [string] $solutionName ) process { $arguments = @{} $arguments["resourceGroupName"] = $resourceGroupName $arguments["solutionName"] = $solutionName $functionObject = Invoke-PulumiFunction -Name azure-native:security:getIotSecuritySolution -variableName $([guid]::NewGuid().Guid) -Arguments $arguments return $functionObject } } function Invoke-AzureNativeFunctionSecurityGetAdvancedThreatProtection { param ( [parameter(mandatory=$False,HelpMessage='Advanced Threat Protection setting name.)')] [string] $settingName, [parameter(mandatory=$False,HelpMessage='The identifier of the resource.)')] [string] $resourceId ) process { $arguments = @{} $arguments["resourceId"] = $resourceId $arguments["settingName"] = $settingName $functionObject = Invoke-PulumiFunction -Name azure-native:security:getAdvancedThreatProtection -variableName $([guid]::NewGuid().Guid) -Arguments $arguments return $functionObject } } function Invoke-AzureNativeFunctionSecurityGetSqlVulnerabilityAssessmentBaselineRule { param ( [parameter(mandatory=$False,HelpMessage='The workspace Id.)')] [string] $workspaceId, [parameter(mandatory=$False,HelpMessage='The rule Id.)')] [string] $ruleId, [parameter(mandatory=$False,HelpMessage='The identifier of the resource.)')] [string] $resourceId ) process { $arguments = @{} $arguments["resourceId"] = $resourceId $arguments["ruleId"] = $ruleId $arguments["workspaceId"] = $workspaceId $functionObject = Invoke-PulumiFunction -Name azure-native:security:getSqlVulnerabilityAssessmentBaselineRule -variableName $([guid]::NewGuid().Guid) -Arguments $arguments return $functionObject } } function Invoke-AzureNativeFunctionSecurityGetAutomation { param ( [parameter(mandatory=$False,HelpMessage='The security automation name.)')] [string] $automationName, [parameter(mandatory=$False,HelpMessage='The name of the resource group within the user''s subscription. The name is case insensitive.)')] [string] $resourceGroupName ) process { $arguments = @{} $arguments["automationName"] = $automationName $arguments["resourceGroupName"] = $resourceGroupName $functionObject = Invoke-PulumiFunction -Name azure-native:security:getAutomation -variableName $([guid]::NewGuid().Guid) -Arguments $arguments return $functionObject } } function Invoke-AzureNativeFunctionSecurityListIngestionSettingConnectionStrings { param ( [parameter(mandatory=$False,HelpMessage='Name of the ingestion setting)')] [string] $ingestionSettingName ) process { $arguments = @{} $arguments["ingestionSettingName"] = $ingestionSettingName $functionObject = Invoke-PulumiFunction -Name azure-native:security:listIngestionSettingConnectionStrings -variableName $([guid]::NewGuid().Guid) -Arguments $arguments return $functionObject } } function Invoke-AzureNativeFunctionSecurityGetAssignment { param ( [parameter(mandatory=$False,HelpMessage='The name of the resource group within the user''s subscription. The name is case insensitive.)')] [string] $resourceGroupName, [parameter(mandatory=$False,HelpMessage='The security assignment key - unique key for the standard assignment)')] [string] $assignmentId ) process { $arguments = @{} $arguments["assignmentId"] = $assignmentId $arguments["resourceGroupName"] = $resourceGroupName $functionObject = Invoke-PulumiFunction -Name azure-native:security:getAssignment -variableName $([guid]::NewGuid().Guid) -Arguments $arguments return $functionObject } } function Invoke-AzureNativeFunctionSecurityGetSecurityConnector { param ( [parameter(mandatory=$False,HelpMessage='The name of the resource group within the user''s subscription. The name is case insensitive.)')] [string] $resourceGroupName, [parameter(mandatory=$False,HelpMessage='The security connector name.)')] [string] $securityConnectorName ) process { $arguments = @{} $arguments["resourceGroupName"] = $resourceGroupName $arguments["securityConnectorName"] = $securityConnectorName $functionObject = Invoke-PulumiFunction -Name azure-native:security:getSecurityConnector -variableName $([guid]::NewGuid().Guid) -Arguments $arguments return $functionObject } } function Invoke-AzureNativeFunctionSecurityGetCustomEntityStoreAssignment { param ( [parameter(mandatory=$False,HelpMessage='Name of the custom entity store assignment. Generated name is GUID.)')] [string] $customEntityStoreAssignmentName, [parameter(mandatory=$False,HelpMessage='The name of the resource group within the user''s subscription. The name is case insensitive.)')] [string] $resourceGroupName ) process { $arguments = @{} $arguments["customEntityStoreAssignmentName"] = $customEntityStoreAssignmentName $arguments["resourceGroupName"] = $resourceGroupName $functionObject = Invoke-PulumiFunction -Name azure-native:security:getCustomEntityStoreAssignment -variableName $([guid]::NewGuid().Guid) -Arguments $arguments return $functionObject } } function Invoke-AzureNativeFunctionSecurityGetDeviceSecurityGroup { param ( [parameter(mandatory=$False,HelpMessage='The name of the device security group. Note that the name of the device security group is case insensitive.)')] [string] $deviceSecurityGroupName, [parameter(mandatory=$False,HelpMessage='The identifier of the resource.)')] [string] $resourceId ) process { $arguments = @{} $arguments["deviceSecurityGroupName"] = $deviceSecurityGroupName $arguments["resourceId"] = $resourceId $functionObject = Invoke-PulumiFunction -Name azure-native:security:getDeviceSecurityGroup -variableName $([guid]::NewGuid().Guid) -Arguments $arguments return $functionObject } } function Invoke-AzureNativeFunctionSecurityGetWorkspaceSetting { param ( [parameter(mandatory=$False,HelpMessage='Name of the security setting)')] [string] $workspaceSettingName ) process { $arguments = @{} $arguments["workspaceSettingName"] = $workspaceSettingName $functionObject = Invoke-PulumiFunction -Name azure-native:security:getWorkspaceSetting -variableName $([guid]::NewGuid().Guid) -Arguments $arguments return $functionObject } } function Invoke-AzureNativeFunctionSecurityListIngestionSettingTokens { param ( [parameter(mandatory=$False,HelpMessage='Name of the ingestion setting)')] [string] $ingestionSettingName ) process { $arguments = @{} $arguments["ingestionSettingName"] = $ingestionSettingName $functionObject = Invoke-PulumiFunction -Name azure-native:security:listIngestionSettingTokens -variableName $([guid]::NewGuid().Guid) -Arguments $arguments return $functionObject } } function Invoke-AzureNativeFunctionSecurityGetSecurityContact { param ( [parameter(mandatory=$False,HelpMessage='Name of the security contact object)')] [string] $securityContactName ) process { $arguments = @{} $arguments["securityContactName"] = $securityContactName $functionObject = Invoke-PulumiFunction -Name azure-native:security:getSecurityContact -variableName $([guid]::NewGuid().Guid) -Arguments $arguments return $functionObject } } function Invoke-AzureNativeFunctionSecurityGetJitNetworkAccessPolicy { param ( [parameter(mandatory=$False,HelpMessage='The location where ASC stores the data of the subscription. can be retrieved from Get locations)')] [string] $ascLocation, [parameter(mandatory=$False,HelpMessage='The name of the resource group within the user''s subscription. The name is case insensitive.)')] [string] $resourceGroupName, [parameter(mandatory=$False,HelpMessage='Name of a Just-in-Time access configuration policy.)')] [string] $jitNetworkAccessPolicyName ) process { $arguments = @{} $arguments["ascLocation"] = $ascLocation $arguments["jitNetworkAccessPolicyName"] = $jitNetworkAccessPolicyName $arguments["resourceGroupName"] = $resourceGroupName $functionObject = Invoke-PulumiFunction -Name azure-native:security:getJitNetworkAccessPolicy -variableName $([guid]::NewGuid().Guid) -Arguments $arguments return $functionObject } } function Invoke-AzureNativeFunctionSecurityGetServerVulnerabilityAssessment { param ( [parameter(mandatory=$False,HelpMessage='Name of the resource.)')] [string] $resourceName, [parameter(mandatory=$False,HelpMessage='The type of the resource.)')] [string] $resourceType, [parameter(mandatory=$False,HelpMessage='ServerVulnerabilityAssessment status. only a ''default'' value is supported.)')] [string] $serverVulnerabilityAssessment, [parameter(mandatory=$False,HelpMessage='The Namespace of the resource.)')] [string] $resourceNamespace, [parameter(mandatory=$False,HelpMessage='The name of the resource group within the user''s subscription. The name is case insensitive.)')] [string] $resourceGroupName ) process { $arguments = @{} $arguments["resourceGroupName"] = $resourceGroupName $arguments["resourceName"] = $resourceName $arguments["resourceNamespace"] = $resourceNamespace $arguments["resourceType"] = $resourceType $arguments["serverVulnerabilityAssessment"] = $serverVulnerabilityAssessment $functionObject = Invoke-PulumiFunction -Name azure-native:security:getServerVulnerabilityAssessment -variableName $([guid]::NewGuid().Guid) -Arguments $arguments return $functionObject } } function Invoke-AzureNativeFunctionSecurityGetAssessmentMetadataInSubscription { param ( [parameter(mandatory=$False,HelpMessage='The Assessment Key - Unique key for the assessment type)')] [string] $assessmentMetadataName ) process { $arguments = @{} $arguments["assessmentMetadataName"] = $assessmentMetadataName $functionObject = Invoke-PulumiFunction -Name azure-native:security:getAssessmentMetadataInSubscription -variableName $([guid]::NewGuid().Guid) -Arguments $arguments return $functionObject } } function Invoke-AzureNativeFunctionSecurityGetStandard { param ( [parameter(mandatory=$False,HelpMessage='The name of the resource group within the user''s subscription. The name is case insensitive.)')] [string] $resourceGroupName, [parameter(mandatory=$False,HelpMessage='The Security Standard key - unique key for the standard type)')] [string] $standardId ) process { $arguments = @{} $arguments["resourceGroupName"] = $resourceGroupName $arguments["standardId"] = $standardId $functionObject = Invoke-PulumiFunction -Name azure-native:security:getStandard -variableName $([guid]::NewGuid().Guid) -Arguments $arguments return $functionObject } } function Invoke-AzureNativeFunctionSecurityGetAdaptiveApplicationControl { param ( [parameter(mandatory=$False,HelpMessage='The location where ASC stores the data of the subscription. can be retrieved from Get locations)')] [string] $ascLocation, [parameter(mandatory=$False,HelpMessage='Name of an application control machine group)')] [string] $groupName ) process { $arguments = @{} $arguments["ascLocation"] = $ascLocation $arguments["groupName"] = $groupName $functionObject = Invoke-PulumiFunction -Name azure-native:security:getAdaptiveApplicationControl -variableName $([guid]::NewGuid().Guid) -Arguments $arguments return $functionObject } } class AssessmentStatus { [ArgumentCompletions('Healthy', 'Unhealthy', 'NotApplicable')] [string] $code [string] $description [string] $cause } function New-AzureNativeTypeSecurityAssessmentStatus { param ( [parameter(mandatory=$False,HelpMessage='Programmatic code for the status of the assessment)')] [string] [ValidateSet('Healthy', 'Unhealthy', 'NotApplicable')] $code, [parameter(mandatory=$False,HelpMessage='Human readable description of the assessment status)')] [string] $description, [parameter(mandatory=$False,HelpMessage='Programmatic code for the cause of the assessment status)')] [string] $cause ) process { return $([AssessmentStatus]$PSBoundParameters) } } class SecurityAssessmentPartnerData { [string] $secret [string] $partnerName } function New-AzureNativeTypeSecuritySecurityAssessmentPartnerData { param ( [parameter(mandatory=$False,HelpMessage='secret to authenticate the partner - write only)')] [string] $secret, [parameter(mandatory=$False,HelpMessage='Name of the company of the partner)')] [string] $partnerName ) process { return $([SecurityAssessmentPartnerData]$PSBoundParameters) } } class SecurityAssessmentMetadataPartnerData { [string] $productName [string] $secret [string] $partnerName } function New-AzureNativeTypeSecuritySecurityAssessmentMetadataPartnerData { param ( [parameter(mandatory=$False,HelpMessage='Name of the product of the partner that created the assessment)')] [string] $productName, [parameter(mandatory=$False,HelpMessage='Secret to authenticate the partner and verify it created the assessment - write only)')] [string] $secret, [parameter(mandatory=$False,HelpMessage='Name of the company of the partner)')] [string] $partnerName ) process { return $([SecurityAssessmentMetadataPartnerData]$PSBoundParameters) } } class SecurityAssessmentMetadataProperties { [string[]] $threats [SecurityAssessmentMetadataPartnerData] $partnerData [ArgumentCompletions('Low', 'Moderate', 'High')] [string] $userImpact [ArgumentCompletions('BuiltIn', 'CustomPolicy', 'CustomerManaged', 'VerifiedPartner')] [string] $assessmentType [string] $remediationDescription [string] $displayName [bool] $preview [ArgumentCompletions('Low', 'Moderate', 'High')] [string] $implementationEffort [string] $description [string[]] $categories [ArgumentCompletions('Low', 'Medium', 'High')] [string] $severity } function New-AzureNativeTypeSecuritySecurityAssessmentMetadataProperties { param ( [parameter(mandatory=$False,HelpMessage=')')] $threats, [parameter(mandatory=$False,HelpMessage='Describes the partner that created the assessment)')] [SecurityAssessmentMetadataPartnerData] $partnerData, [parameter(mandatory=$False,HelpMessage='The user impact of the assessment)')] [string] [ValidateSet('Low', 'Moderate', 'High')] $userImpact, [parameter(mandatory=$False,HelpMessage='BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition)')] [string] [ValidateSet('BuiltIn', 'CustomPolicy', 'CustomerManaged', 'VerifiedPartner')] $assessmentType, [parameter(mandatory=$False,HelpMessage='Human readable description of what you should do to mitigate this security issue)')] [string] $remediationDescription, [parameter(mandatory=$False,HelpMessage='User friendly display name of the assessment)')] [string] $displayName, [parameter(mandatory=$False,HelpMessage='True if this assessment is in preview release status)')] [bool] $preview, [parameter(mandatory=$False,HelpMessage='The implementation effort required to remediate this assessment)')] [string] [ValidateSet('Low', 'Moderate', 'High')] $implementationEffort, [parameter(mandatory=$False,HelpMessage='Human readable description of the assessment)')] [string] $description, [parameter(mandatory=$False,HelpMessage=')')] $categories, [parameter(mandatory=$False,HelpMessage='The severity level of the assessment)')] [string] [ValidateSet('Low', 'Medium', 'High')] $severity ) process { return $([SecurityAssessmentMetadataProperties]$PSBoundParameters) } } class OnPremiseSqlResourceDetails { [string] $databaseName [string] $serverName [string] $machineName [string] $source [string] $sourceComputerId [string] $vmuuid [string] $workspaceId } function New-AzureNativeTypeSecurityOnPremiseSqlResourceDetails { param ( [parameter(mandatory=$False,HelpMessage='The Sql database name installed on the machine)')] [string] $databaseName, [parameter(mandatory=$False,HelpMessage='The Sql server name installed on the machine)')] [string] $serverName, [parameter(mandatory=$False,HelpMessage='The name of the machine)')] [string] $machineName, [parameter(mandatory=$False,HelpMessage='The platform where the assessed resource resides Expected value is ''OnPremiseSql''.)')] [string] $source, [parameter(mandatory=$False,HelpMessage='The oms agent Id installed on the machine)')] [string] $sourceComputerId, [parameter(mandatory=$False,HelpMessage='The unique Id of the machine)')] [string] $vmuuid, [parameter(mandatory=$False,HelpMessage='Azure resource Id of the workspace the machine is attached to)')] [string] $workspaceId ) process { return $([OnPremiseSqlResourceDetails]$PSBoundParameters) } } function New-AzureNativeSecurityAssessment { [Alias('azure_native_security_assessment')] param ( [parameter(mandatory=$False,HelpMessage='The Assessment Key - Unique key for the assessment type)')] [string] $assessmentName, [parameter(mandatory=$False,HelpMessage='The result of the assessment)')] [AssessmentStatus] $status, [parameter(mandatory=$False,HelpMessage='Data regarding 3rd party partner integration)')] [SecurityAssessmentPartnerData] $partnersData, [parameter(mandatory=$False,HelpMessage='Describes properties of an assessment metadata.)')] [SecurityAssessmentMetadataProperties] $metadata, [parameter(mandatory=$False,HelpMessage='The identifier of the resource.)')] [string] $resourceId, [parameter(mandatory=$False,HelpMessage='Details of the resource that was assessed)')] [OnPremiseSqlResourceDetails] $resourceDetails, [parameter(mandatory=$False,HelpMessage='Additional data regarding the assessment)')] [hashtable] $additionalData, [parameter(mandatory,HelpMessage='The reference to call when you want to make a dependency to another resource')] [string] $pulumiid, [parameter(mandatory,HelpMessage='Pass in the resources you make to make this resource dependant on')] [object] $DependsOn ) process { $resource = [pulumiresource]::new($pulumiid, "azure-native:security:Assessment") foreach($Dependency in $DependsOn) { if($Dependency -is [pulumiresource]) { $resource.dependson += $Dependency.Reference() } else { $resource.dependson += $Dependency } } $resource.properties["resourceDetails"] = $resourceDetails $resource.properties["resourceId"] = $resourceId $resource.properties["status"] = $status if($PSBoundParameters.Keys -icontains 'assessmentName') { $resource.properties["assessmentName"] = $assessmentName } if($PSBoundParameters.Keys -icontains 'partnersData') { $resource.properties["partnersData"] = $partnersData } if($PSBoundParameters.Keys -icontains 'metadata') { $resource.properties["metadata"] = $metadata } if($PSBoundParameters.Keys -icontains 'additionalData') { $resource.properties["additionalData"] = $additionalData } $global:pulumiresources += $resource return $resource } } function New-AzureNativeSecurityJitNetworkAccessPolicy { [Alias('azure_native_security_jitnetworkaccesspolicy')] param ( [parameter(mandatory=$False,HelpMessage='Kind of the resource)')] [string] $kind, [parameter(mandatory=$False,HelpMessage='Name of a Just-in-Time access configuration policy.)')] [string] $jitNetworkAccessPolicyName, [parameter(mandatory=$False,HelpMessage='The location where ASC stores the data of the subscription. can be retrieved from Get locations)')] [string] $ascLocation, [parameter(mandatory=$False,HelpMessage='Configurations for Microsoft.Compute/virtualMachines resource type.)')] $virtualMachines, [parameter(mandatory=$False,HelpMessage='The name of the resource group within the user''s subscription. The name is case insensitive.)')] [string] $resourceGroupName, [parameter(mandatory=$False,HelpMessage=')')] $requests, [parameter(mandatory,HelpMessage='The reference to call when you want to make a dependency to another resource')] [string] $pulumiid, [parameter(mandatory,HelpMessage='Pass in the resources you make to make this resource dependant on')] [object] $DependsOn ) process { $resource = [pulumiresource]::new($pulumiid, "azure-native:security:JitNetworkAccessPolicy") foreach($Dependency in $DependsOn) { if($Dependency -is [pulumiresource]) { $resource.dependson += $Dependency.Reference() } else { $resource.dependson += $Dependency } } $resource.properties["ascLocation"] = $ascLocation $resource.properties["resourceGroupName"] = $resourceGroupName $resource.properties["virtualMachines"] = $virtualMachines if($PSBoundParameters.Keys -icontains 'kind') { $resource.properties["kind"] = $kind } if($PSBoundParameters.Keys -icontains 'jitNetworkAccessPolicyName') { $resource.properties["jitNetworkAccessPolicyName"] = $jitNetworkAccessPolicyName } if($PSBoundParameters.Keys -icontains 'requests') { $resource.properties["requests"] = $requests } $global:pulumiresources += $resource return $resource } } function New-AzureNativeSecurityAssessmentMetadataInSubscription { [Alias('azure_native_security_assessmentmetadatainsubscription')] param ( [parameter(mandatory=$False,HelpMessage='The severity level of the assessment)')] [string] [ValidateSet('Low', 'Medium', 'High')] $severity, [parameter(mandatory=$False,HelpMessage='Describes the partner that created the assessment)')] [SecurityAssessmentMetadataPartnerData] $partnerData, [parameter(mandatory=$False,HelpMessage='The user impact of the assessment)')] [string] [ValidateSet('Low', 'Moderate', 'High')] $userImpact, [parameter(mandatory=$False,HelpMessage='BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition)')] [string] [ValidateSet('BuiltIn', 'CustomPolicy', 'CustomerManaged', 'VerifiedPartner')] $assessmentType, [parameter(mandatory=$False,HelpMessage=')')] $threats, [parameter(mandatory=$False,HelpMessage='Human readable description of what you should do to mitigate this security issue)')] [string] $remediationDescription, [parameter(mandatory=$False,HelpMessage='User friendly display name of the assessment)')] [string] $displayName, [parameter(mandatory=$False,HelpMessage='True if this assessment is in preview release status)')] [bool] $preview, [parameter(mandatory=$False,HelpMessage='The implementation effort required to remediate this assessment)')] [string] [ValidateSet('Low', 'Moderate', 'High')] $implementationEffort, [parameter(mandatory=$False,HelpMessage='Human readable description of the assessment)')] [string] $description, [parameter(mandatory=$False,HelpMessage=')')] $categories, [parameter(mandatory=$False,HelpMessage='The Assessment Key - Unique key for the assessment type)')] [string] $assessmentMetadataName, [parameter(mandatory,HelpMessage='The reference to call when you want to make a dependency to another resource')] [string] $pulumiid, [parameter(mandatory,HelpMessage='Pass in the resources you make to make this resource dependant on')] [object] $DependsOn ) process { $resource = [pulumiresource]::new($pulumiid, "azure-native:security:AssessmentMetadataInSubscription") foreach($Dependency in $DependsOn) { if($Dependency -is [pulumiresource]) { $resource.dependson += $Dependency.Reference() } else { $resource.dependson += $Dependency } } $resource.properties["assessmentType"] = $assessmentType $resource.properties["displayName"] = $displayName $resource.properties["severity"] = $severity if($PSBoundParameters.Keys -icontains 'partnerData') { $resource.properties["partnerData"] = $partnerData } if($PSBoundParameters.Keys -icontains 'userImpact') { $resource.properties["userImpact"] = $userImpact } if($PSBoundParameters.Keys -icontains 'threats') { $resource.properties["threats"] = $threats } if($PSBoundParameters.Keys -icontains 'remediationDescription') { $resource.properties["remediationDescription"] = $remediationDescription } if($PSBoundParameters.Keys -icontains 'preview') { $resource.properties["preview"] = $preview } if($PSBoundParameters.Keys -icontains 'implementationEffort') { $resource.properties["implementationEffort"] = $implementationEffort } if($PSBoundParameters.Keys -icontains 'description') { $resource.properties["description"] = $description } if($PSBoundParameters.Keys -icontains 'categories') { $resource.properties["categories"] = $categories } if($PSBoundParameters.Keys -icontains 'assessmentMetadataName') { $resource.properties["assessmentMetadataName"] = $assessmentMetadataName } $global:pulumiresources += $resource return $resource } } function New-AzureNativeSecurityIngestionSetting { [Alias('azure_native_security_ingestionsetting')] param ( [parameter(mandatory=$False,HelpMessage='Name of the ingestion setting)')] [string] $ingestionSettingName, [parameter(mandatory,HelpMessage='The reference to call when you want to make a dependency to another resource')] [string] $pulumiid, [parameter(mandatory,HelpMessage='Pass in the resources you make to make this resource dependant on')] [object] $DependsOn ) process { $resource = [pulumiresource]::new($pulumiid, "azure-native:security:IngestionSetting") foreach($Dependency in $DependsOn) { if($Dependency -is [pulumiresource]) { $resource.dependson += $Dependency.Reference() } else { $resource.dependson += $Dependency } } if($PSBoundParameters.Keys -icontains 'ingestionSettingName') { $resource.properties["ingestionSettingName"] = $ingestionSettingName } $global:pulumiresources += $resource return $resource } } function New-AzureNativeSecurityWorkspaceSetting { [Alias('azure_native_security_workspacesetting')] param ( [parameter(mandatory=$False,HelpMessage='The full Azure ID of the workspace to save the data in)')] [string] $workspaceId, [parameter(mandatory=$False,HelpMessage='All the VMs in this scope will send their security data to the mentioned workspace unless overridden by a setting with more specific scope)')] [string] $scope, [parameter(mandatory=$False,HelpMessage='Name of the security setting)')] [string] $workspaceSettingName, [parameter(mandatory,HelpMessage='The reference to call when you want to make a dependency to another resource')] [string] $pulumiid, [parameter(mandatory,HelpMessage='Pass in the resources you make to make this resource dependant on')] [object] $DependsOn ) process { $resource = [pulumiresource]::new($pulumiid, "azure-native:security:WorkspaceSetting") foreach($Dependency in $DependsOn) { if($Dependency -is [pulumiresource]) { $resource.dependson += $Dependency.Reference() } else { $resource.dependson += $Dependency } } $resource.properties["scope"] = $scope $resource.properties["workspaceId"] = $workspaceId if($PSBoundParameters.Keys -icontains 'workspaceSettingName') { $resource.properties["workspaceSettingName"] = $workspaceSettingName } $global:pulumiresources += $resource return $resource } } function New-AzureNativeSecurityDeviceSecurityGroup { [Alias('azure_native_security_devicesecuritygroup')] param ( [parameter(mandatory=$False,HelpMessage='The list of custom alert threshold rules.)')] $thresholdRules, [parameter(mandatory=$False,HelpMessage='The name of the device security group. Note that the name of the device security group is case insensitive.)')] [string] $deviceSecurityGroupName, [parameter(mandatory=$False,HelpMessage='The identifier of the resource.)')] [string] $resourceId, [parameter(mandatory=$False,HelpMessage='The deny-list custom alert rules.)')] $denylistRules, [parameter(mandatory=$False,HelpMessage='The allow-list custom alert rules.)')] $allowlistRules, [parameter(mandatory=$False,HelpMessage='The list of custom alert time-window rules.)')] $timeWindowRules, [parameter(mandatory,HelpMessage='The reference to call when you want to make a dependency to another resource')] [string] $pulumiid, [parameter(mandatory,HelpMessage='Pass in the resources you make to make this resource dependant on')] [object] $DependsOn ) process { $resource = [pulumiresource]::new($pulumiid, "azure-native:security:DeviceSecurityGroup") foreach($Dependency in $DependsOn) { if($Dependency -is [pulumiresource]) { $resource.dependson += $Dependency.Reference() } else { $resource.dependson += $Dependency } } $resource.properties["resourceId"] = $resourceId if($PSBoundParameters.Keys -icontains 'thresholdRules') { $resource.properties["thresholdRules"] = $thresholdRules } if($PSBoundParameters.Keys -icontains 'deviceSecurityGroupName') { $resource.properties["deviceSecurityGroupName"] = $deviceSecurityGroupName } if($PSBoundParameters.Keys -icontains 'denylistRules') { $resource.properties["denylistRules"] = $denylistRules } if($PSBoundParameters.Keys -icontains 'allowlistRules') { $resource.properties["allowlistRules"] = $allowlistRules } if($PSBoundParameters.Keys -icontains 'timeWindowRules') { $resource.properties["timeWindowRules"] = $timeWindowRules } $global:pulumiresources += $resource return $resource } } class UserDefinedResourcesProperties { [string] $query [string[]] $querySubscriptions } function New-AzureNativeTypeSecurityUserDefinedResourcesProperties { param ( [parameter(mandatory=$False,HelpMessage='Azure Resource Graph query which represents the security solution''s user defined resources. Required to start with "where type != "Microsoft.Devices/IotHubs"")')] [string] $query, [parameter(mandatory=$False,HelpMessage='List of Azure subscription ids on which the user defined resources query should be executed.)')] [string[]] $querySubscriptions ) process { return $([UserDefinedResourcesProperties]$PSBoundParameters) } } function New-AzureNativeSecurityIotSecuritySolution { [Alias('azure_native_security_iotsecuritysolution')] param ( [parameter(mandatory=$False,HelpMessage='Resource display name.)')] [string] $displayName, [parameter(mandatory=$False,HelpMessage='List of the configuration status for each recommendation type.)')] $recommendationsConfiguration, [parameter(mandatory=$False,HelpMessage='List of additional workspaces)')] $additionalWorkspaces, [parameter(mandatory=$False,HelpMessage='Resource tags)')] [hashtable] $tags, [parameter(mandatory=$False,HelpMessage='The name of the IoT Security solution.)')] [string] $solutionName, [parameter(mandatory=$False,HelpMessage='List of additional options for exporting to workspace data.)')] $export, [parameter(mandatory=$False,HelpMessage='Properties of the IoT Security solution''s user defined resources.)')] [UserDefinedResourcesProperties] $userDefinedResources, [parameter(mandatory=$False,HelpMessage='Unmasked IP address logging status)')] [string] [ValidateSet('Disabled', 'Enabled')] $unmaskedIpLoggingStatus, [parameter(mandatory=$False,HelpMessage='The resource location.)')] [string] $location, [parameter(mandatory=$False,HelpMessage='Status of the IoT Security solution.)')] [string] [ValidateSet('Enabled', 'Disabled')] $status, [parameter(mandatory=$False,HelpMessage='The name of the resource group within the user''s subscription. The name is case insensitive.)')] [string] $resourceGroupName, [parameter(mandatory=$False,HelpMessage='Workspace resource ID)')] [string] $workspace, [parameter(mandatory=$False,HelpMessage='IoT Hub resource IDs)')] [string[]] $iotHubs, [parameter(mandatory=$False,HelpMessage='Disabled data sources. Disabling these data sources compromises the system.)')] $disabledDataSources, [parameter(mandatory,HelpMessage='The reference to call when you want to make a dependency to another resource')] [string] $pulumiid, [parameter(mandatory,HelpMessage='Pass in the resources you make to make this resource dependant on')] [object] $DependsOn ) process { $resource = [pulumiresource]::new($pulumiid, "azure-native:security:IotSecuritySolution") foreach($Dependency in $DependsOn) { if($Dependency -is [pulumiresource]) { $resource.dependson += $Dependency.Reference() } else { $resource.dependson += $Dependency } } $resource.properties["displayName"] = $displayName $resource.properties["iotHubs"] = $iotHubs $resource.properties["resourceGroupName"] = $resourceGroupName if($PSBoundParameters.Keys -icontains 'recommendationsConfiguration') { $resource.properties["recommendationsConfiguration"] = $recommendationsConfiguration } if($PSBoundParameters.Keys -icontains 'additionalWorkspaces') { $resource.properties["additionalWorkspaces"] = $additionalWorkspaces } if($PSBoundParameters.Keys -icontains 'tags') { $resource.properties["tags"] = $tags } if($PSBoundParameters.Keys -icontains 'solutionName') { $resource.properties["solutionName"] = $solutionName } if($PSBoundParameters.Keys -icontains 'export') { $resource.properties["export"] = $export } if($PSBoundParameters.Keys -icontains 'userDefinedResources') { $resource.properties["userDefinedResources"] = $userDefinedResources } if($PSBoundParameters.Keys -icontains 'unmaskedIpLoggingStatus') { $resource.properties["unmaskedIpLoggingStatus"] = $unmaskedIpLoggingStatus } if($PSBoundParameters.Keys -icontains 'location') { $resource.properties["location"] = $location } if($PSBoundParameters.Keys -icontains 'status') { $resource.properties["status"] = $status } if($PSBoundParameters.Keys -icontains 'workspace') { $resource.properties["workspace"] = $workspace } if($PSBoundParameters.Keys -icontains 'disabledDataSources') { $resource.properties["disabledDataSources"] = $disabledDataSources } $global:pulumiresources += $resource return $resource } } class SecurityConnectorPropertiesOrganizationalData { [string] $parentHierarchyId [string[]] $excludedAccountIds [string] $stacksetName [ArgumentCompletions('Member', 'Organization')] [string] $organizationMembershipType } function New-AzureNativeTypeSecuritySecurityConnectorPropertiesOrganizationalData { param ( [parameter(mandatory=$False,HelpMessage='If the multi cloud account is not of membership type organization, this will be the ID of the account''s parent)')] [string] $parentHierarchyId, [parameter(mandatory=$False,HelpMessage='If the multi cloud account is of membership type organization, list of accounts excluded from offering)')] [string[]] $excludedAccountIds, [parameter(mandatory=$False,HelpMessage='If the multi cloud account is of membership type organization, this will be the name of the onboarding stackset)')] [string] $stacksetName, [parameter(mandatory=$False,HelpMessage='The multi cloud account''s membership type in the organization)')] [string] [ValidateSet('Member', 'Organization')] $organizationMembershipType ) process { return $([SecurityConnectorPropertiesOrganizationalData]$PSBoundParameters) } } function New-AzureNativeSecuritySecurityConnector { [Alias('azure_native_security_securityconnector')] param ( [parameter(mandatory=$False,HelpMessage='A collection of offerings for the security connector.)')] $offerings, [parameter(mandatory=$False,HelpMessage='The multi cloud resource identifier (account id in case of AWS connector).)')] [string] $hierarchyIdentifier, [parameter(mandatory=$False,HelpMessage='The multi cloud account''s organizational data)')] [SecurityConnectorPropertiesOrganizationalData] $organizationalData, [parameter(mandatory=$False,HelpMessage='The name of the resource group within the user''s subscription. The name is case insensitive.)')] [string] $resourceGroupName, [parameter(mandatory=$False,HelpMessage='The security connector name.)')] [string] $securityConnectorName, [parameter(mandatory=$False,HelpMessage='A list of key value pairs that describe the resource.)')] [hashtable] $tags, [parameter(mandatory=$False,HelpMessage='The multi cloud resource''s cloud name.)')] [string] [ValidateSet('Azure', 'AWS', 'GCP')] $cloudName, [parameter(mandatory=$False,HelpMessage='Location where the resource is stored)')] [string] $location, [parameter(mandatory=$False,HelpMessage='Kind of the resource)')] [string] $kind, [parameter(mandatory,HelpMessage='The reference to call when you want to make a dependency to another resource')] [string] $pulumiid, [parameter(mandatory,HelpMessage='Pass in the resources you make to make this resource dependant on')] [object] $DependsOn ) process { $resource = [pulumiresource]::new($pulumiid, "azure-native:security:SecurityConnector") foreach($Dependency in $DependsOn) { if($Dependency -is [pulumiresource]) { $resource.dependson += $Dependency.Reference() } else { $resource.dependson += $Dependency } } $resource.properties["resourceGroupName"] = $resourceGroupName if($PSBoundParameters.Keys -icontains 'offerings') { $resource.properties["offerings"] = $offerings } if($PSBoundParameters.Keys -icontains 'hierarchyIdentifier') { $resource.properties["hierarchyIdentifier"] = $hierarchyIdentifier } if($PSBoundParameters.Keys -icontains 'organizationalData') { $resource.properties["organizationalData"] = $organizationalData } if($PSBoundParameters.Keys -icontains 'securityConnectorName') { $resource.properties["securityConnectorName"] = $securityConnectorName } if($PSBoundParameters.Keys -icontains 'tags') { $resource.properties["tags"] = $tags } if($PSBoundParameters.Keys -icontains 'cloudName') { $resource.properties["cloudName"] = $cloudName } if($PSBoundParameters.Keys -icontains 'location') { $resource.properties["location"] = $location } if($PSBoundParameters.Keys -icontains 'kind') { $resource.properties["kind"] = $kind } $global:pulumiresources += $resource return $resource } } function New-AzureNativeSecurityAutomation { [Alias('azure_native_security_automation')] param ( [parameter(mandatory=$False,HelpMessage='A collection of the source event types which evaluate the security automation set of rules.)')] $sources, [parameter(mandatory=$False,HelpMessage='A collection of the actions which are triggered if all the configured rules evaluations, within at least one rule set, are true.)')] $actions, [parameter(mandatory=$False,HelpMessage='Indicates whether the security automation is enabled.)')] [bool] $isEnabled, [parameter(mandatory=$False,HelpMessage='A list of key value pairs that describe the resource.)')] [hashtable] $tags, [parameter(mandatory=$False,HelpMessage='A collection of scopes on which the security automations logic is applied. Supported scopes are the subscription itself or a resource group under that subscription. The automation will only apply on defined scopes.)')] $scopes, [parameter(mandatory=$False,HelpMessage='The name of the resource group within the user''s subscription. The name is case insensitive.)')] [string] $resourceGroupName, [parameter(mandatory=$False,HelpMessage='The security automation name.)')] [string] $automationName, [parameter(mandatory=$False,HelpMessage='Location where the resource is stored)')] [string] $location, [parameter(mandatory=$False,HelpMessage='The security automation description.)')] [string] $description, [parameter(mandatory=$False,HelpMessage='Kind of the resource)')] [string] $kind, [parameter(mandatory,HelpMessage='The reference to call when you want to make a dependency to another resource')] [string] $pulumiid, [parameter(mandatory,HelpMessage='Pass in the resources you make to make this resource dependant on')] [object] $DependsOn ) process { $resource = [pulumiresource]::new($pulumiid, "azure-native:security:Automation") foreach($Dependency in $DependsOn) { if($Dependency -is [pulumiresource]) { $resource.dependson += $Dependency.Reference() } else { $resource.dependson += $Dependency } } $resource.properties["resourceGroupName"] = $resourceGroupName if($PSBoundParameters.Keys -icontains 'sources') { $resource.properties["sources"] = $sources } if($PSBoundParameters.Keys -icontains 'actions') { $resource.properties["actions"] = $actions } if($PSBoundParameters.Keys -icontains 'isEnabled') { $resource.properties["isEnabled"] = $isEnabled } if($PSBoundParameters.Keys -icontains 'tags') { $resource.properties["tags"] = $tags } if($PSBoundParameters.Keys -icontains 'scopes') { $resource.properties["scopes"] = $scopes } if($PSBoundParameters.Keys -icontains 'automationName') { $resource.properties["automationName"] = $automationName } if($PSBoundParameters.Keys -icontains 'location') { $resource.properties["location"] = $location } if($PSBoundParameters.Keys -icontains 'description') { $resource.properties["description"] = $description } if($PSBoundParameters.Keys -icontains 'kind') { $resource.properties["kind"] = $kind } $global:pulumiresources += $resource return $resource } } class ProtectionMode { [string] $exe [string] $msi [string] $script [string] $executable } function New-AzureNativeTypeSecurityProtectionMode { param ( [parameter(mandatory=$False,HelpMessage='The application control policy enforcement/protection mode of the machine group)')] [string] $exe, [parameter(mandatory=$False,HelpMessage='The application control policy enforcement/protection mode of the machine group)')] [string] $msi, [parameter(mandatory=$False,HelpMessage='The application control policy enforcement/protection mode of the machine group)')] [string] $script, [parameter(mandatory=$False,HelpMessage='The application control policy enforcement/protection mode of the machine group)')] [string] $executable ) process { return $([ProtectionMode]$PSBoundParameters) } } function New-AzureNativeSecurityAdaptiveApplicationControl { [Alias('azure_native_security_adaptiveapplicationcontrol')] param ( [parameter(mandatory=$False,HelpMessage='The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux.)')] [ProtectionMode] $protectionMode, [parameter(mandatory=$False,HelpMessage=')')] $vmRecommendations, [parameter(mandatory=$False,HelpMessage='The location where ASC stores the data of the subscription. can be retrieved from Get locations)')] [string] $ascLocation, [parameter(mandatory=$False,HelpMessage=')')] $pathRecommendations, [parameter(mandatory=$False,HelpMessage='The application control policy enforcement/protection mode of the machine group)')] [string] $enforcementMode, [parameter(mandatory=$False,HelpMessage='Name of an application control machine group)')] [string] $groupName, [parameter(mandatory,HelpMessage='The reference to call when you want to make a dependency to another resource')] [string] $pulumiid, [parameter(mandatory,HelpMessage='Pass in the resources you make to make this resource dependant on')] [object] $DependsOn ) process { $resource = [pulumiresource]::new($pulumiid, "azure-native:security:AdaptiveApplicationControl") foreach($Dependency in $DependsOn) { if($Dependency -is [pulumiresource]) { $resource.dependson += $Dependency.Reference() } else { $resource.dependson += $Dependency } } $resource.properties["ascLocation"] = $ascLocation if($PSBoundParameters.Keys -icontains 'protectionMode') { $resource.properties["protectionMode"] = $protectionMode } if($PSBoundParameters.Keys -icontains 'vmRecommendations') { $resource.properties["vmRecommendations"] = $vmRecommendations } if($PSBoundParameters.Keys -icontains 'pathRecommendations') { $resource.properties["pathRecommendations"] = $pathRecommendations } if($PSBoundParameters.Keys -icontains 'enforcementMode') { $resource.properties["enforcementMode"] = $enforcementMode } if($PSBoundParameters.Keys -icontains 'groupName') { $resource.properties["groupName"] = $groupName } $global:pulumiresources += $resource return $resource } } function New-AzureNativeSecurityStandard { [Alias('azure_native_security_standard')] param ( [parameter(mandatory=$False,HelpMessage='category of the standard provided)')] [string] $category, [parameter(mandatory=$False,HelpMessage='The Security Standard key - unique key for the standard type)')] [string] $standardId, [parameter(mandatory=$False,HelpMessage='The name of the resource group within the user''s subscription. The name is case insensitive.)')] [string] $resourceGroupName, [parameter(mandatory=$False,HelpMessage='List of all standard supported clouds.)')] $supportedClouds, [parameter(mandatory=$False,HelpMessage='A list of key value pairs that describe the resource.)')] [hashtable] $tags, [parameter(mandatory=$False,HelpMessage='List of component objects containing component unique keys (such as assessment keys) to apply to standard scope. Currently only supports assessment keys.)')] $components, [parameter(mandatory=$False,HelpMessage='display name of the standard, equivalent to the standardId)')] [string] $displayName, [parameter(mandatory=$False,HelpMessage='Location where the resource is stored)')] [string] $location, [parameter(mandatory=$False,HelpMessage='description of the standard)')] [string] $description, [parameter(mandatory=$False,HelpMessage='Kind of the resource)')] [string] $kind, [parameter(mandatory,HelpMessage='The reference to call when you want to make a dependency to another resource')] [string] $pulumiid, [parameter(mandatory,HelpMessage='Pass in the resources you make to make this resource dependant on')] [object] $DependsOn ) process { $resource = [pulumiresource]::new($pulumiid, "azure-native:security:Standard") foreach($Dependency in $DependsOn) { if($Dependency -is [pulumiresource]) { $resource.dependson += $Dependency.Reference() } else { $resource.dependson += $Dependency } } $resource.properties["resourceGroupName"] = $resourceGroupName if($PSBoundParameters.Keys -icontains 'category') { $resource.properties["category"] = $category } if($PSBoundParameters.Keys -icontains 'standardId') { $resource.properties["standardId"] = $standardId } if($PSBoundParameters.Keys -icontains 'supportedClouds') { $resource.properties["supportedClouds"] = $supportedClouds } if($PSBoundParameters.Keys -icontains 'tags') { $resource.properties["tags"] = $tags } if($PSBoundParameters.Keys -icontains 'components') { $resource.properties["components"] = $components } if($PSBoundParameters.Keys -icontains 'displayName') { $resource.properties["displayName"] = $displayName } if($PSBoundParameters.Keys -icontains 'location') { $resource.properties["location"] = $location } if($PSBoundParameters.Keys -icontains 'description') { $resource.properties["description"] = $description } if($PSBoundParameters.Keys -icontains 'kind') { $resource.properties["kind"] = $kind } $global:pulumiresources += $resource return $resource } } function New-AzureNativeSecurityCustomAssessmentAutomation { [Alias('azure_native_security_customassessmentautomation')] param ( [parameter(mandatory=$False,HelpMessage='The display name of the assessments generated by this assessment automation.)')] [string] $displayName, [parameter(mandatory=$False,HelpMessage='The description to relate to the assessments generated by this assessment automation.)')] [string] $description, [parameter(mandatory=$False,HelpMessage='Relevant cloud for the custom assessment automation.)')] [string] [ValidateSet('AWS', 'GCP')] $supportedCloud, [parameter(mandatory=$False,HelpMessage='Base 64 encoded KQL query representing the assessment automation results required.)')] [string] $compressedQuery, [parameter(mandatory=$False,HelpMessage='The remediation description to relate to the assessments generated by this assessment automation.)')] [string] $remediationDescription, [parameter(mandatory=$False,HelpMessage='Name of the Custom Assessment Automation.)')] [string] $customAssessmentAutomationName, [parameter(mandatory=$False,HelpMessage='The name of the resource group within the user''s subscription. The name is case insensitive.)')] [string] $resourceGroupName, [parameter(mandatory=$False,HelpMessage='The severity to relate to the assessments generated by this assessment automation.)')] [string] [ValidateSet('High', 'Medium', 'Low')] $severity, [parameter(mandatory,HelpMessage='The reference to call when you want to make a dependency to another resource')] [string] $pulumiid, [parameter(mandatory,HelpMessage='Pass in the resources you make to make this resource dependant on')] [object] $DependsOn ) process { $resource = [pulumiresource]::new($pulumiid, "azure-native:security:CustomAssessmentAutomation") foreach($Dependency in $DependsOn) { if($Dependency -is [pulumiresource]) { $resource.dependson += $Dependency.Reference() } else { $resource.dependson += $Dependency } } $resource.properties["resourceGroupName"] = $resourceGroupName if($PSBoundParameters.Keys -icontains 'displayName') { $resource.properties["displayName"] = $displayName } if($PSBoundParameters.Keys -icontains 'description') { $resource.properties["description"] = $description } if($PSBoundParameters.Keys -icontains 'supportedCloud') { $resource.properties["supportedCloud"] = $supportedCloud } if($PSBoundParameters.Keys -icontains 'compressedQuery') { $resource.properties["compressedQuery"] = $compressedQuery } if($PSBoundParameters.Keys -icontains 'remediationDescription') { $resource.properties["remediationDescription"] = $remediationDescription } if($PSBoundParameters.Keys -icontains 'customAssessmentAutomationName') { $resource.properties["customAssessmentAutomationName"] = $customAssessmentAutomationName } if($PSBoundParameters.Keys -icontains 'severity') { $resource.properties["severity"] = $severity } $global:pulumiresources += $resource return $resource } } function New-AzureNativeSecuritySqlVulnerabilityAssessmentBaselineRule { [Alias('azure_native_security_sqlvulnerabilityassessmentbaselinerule')] param ( [parameter(mandatory=$False,HelpMessage='The workspace Id.)')] [string] $workspaceId, [parameter(mandatory=$False,HelpMessage='Take results from latest scan.)')] [bool] $latestScan, [parameter(mandatory=$False,HelpMessage='Expected results to be inserted into the baseline. Leave this field empty it LatestScan == true.)')] [array[]] $results, [parameter(mandatory=$False,HelpMessage='The rule Id.)')] [string] $ruleId, [parameter(mandatory=$False,HelpMessage='The identifier of the resource.)')] [string] $resourceId, [parameter(mandatory,HelpMessage='The reference to call when you want to make a dependency to another resource')] [string] $pulumiid, [parameter(mandatory,HelpMessage='Pass in the resources you make to make this resource dependant on')] [object] $DependsOn ) process { $resource = [pulumiresource]::new($pulumiid, "azure-native:security:SqlVulnerabilityAssessmentBaselineRule") foreach($Dependency in $DependsOn) { if($Dependency -is [pulumiresource]) { $resource.dependson += $Dependency.Reference() } else { $resource.dependson += $Dependency } } $resource.properties["resourceId"] = $resourceId $resource.properties["workspaceId"] = $workspaceId if($PSBoundParameters.Keys -icontains 'latestScan') { $resource.properties["latestScan"] = $latestScan } if($PSBoundParameters.Keys -icontains 'results') { $resource.properties["results"] = $results } if($PSBoundParameters.Keys -icontains 'ruleId') { $resource.properties["ruleId"] = $ruleId } $global:pulumiresources += $resource return $resource } } class SecurityContactPropertiesAlertNotifications { [ArgumentCompletions('On', 'Off')] [string] $state [ArgumentCompletions('High', 'Medium', 'Low')] [string] $minimalSeverity } function New-AzureNativeTypeSecuritySecurityContactPropertiesAlertNotifications { param ( [parameter(mandatory=$False,HelpMessage='Defines if email notifications will be sent about new security alerts)')] [string] [ValidateSet('On', 'Off')] $state, [parameter(mandatory=$False,HelpMessage='Defines the minimal alert severity which will be sent as email notifications)')] [string] [ValidateSet('High', 'Medium', 'Low')] $minimalSeverity ) process { return $([SecurityContactPropertiesAlertNotifications]$PSBoundParameters) } } class SecurityContactPropertiesNotificationsByRole { [string[]] $roles [ArgumentCompletions('On', 'Off')] [string] $state } function New-AzureNativeTypeSecuritySecurityContactPropertiesNotificationsByRole { param ( [parameter(mandatory=$False,HelpMessage='Defines which RBAC roles will get email notifications from Microsoft Defender for Cloud. List of allowed RBAC roles: )')] $roles, [parameter(mandatory=$False,HelpMessage='Defines whether to send email notifications from AMicrosoft Defender for Cloud to persons with specific RBAC roles on the subscription.)')] [string] [ValidateSet('On', 'Off')] $state ) process { return $([SecurityContactPropertiesNotificationsByRole]$PSBoundParameters) } } function New-AzureNativeSecuritySecurityContact { [Alias('azure_native_security_securitycontact')] param ( [parameter(mandatory=$False,HelpMessage='Name of the security contact object)')] [string] $securityContactName, [parameter(mandatory=$False,HelpMessage='List of email addresses which will get notifications from Microsoft Defender for Cloud by the configurations defined in this security contact.)')] [string] $emails, [parameter(mandatory=$False,HelpMessage='Defines whether to send email notifications about new security alerts)')] [SecurityContactPropertiesAlertNotifications] $alertNotifications, [parameter(mandatory=$False,HelpMessage='The security contact''s phone number)')] [string] $phone, [parameter(mandatory=$False,HelpMessage='Defines whether to send email notifications from Microsoft Defender for Cloud to persons with specific RBAC roles on the subscription.)')] [SecurityContactPropertiesNotificationsByRole] $notificationsByRole, [parameter(mandatory,HelpMessage='The reference to call when you want to make a dependency to another resource')] [string] $pulumiid, [parameter(mandatory,HelpMessage='Pass in the resources you make to make this resource dependant on')] [object] $DependsOn ) process { $resource = [pulumiresource]::new($pulumiid, "azure-native:security:SecurityContact") foreach($Dependency in $DependsOn) { if($Dependency -is [pulumiresource]) { $resource.dependson += $Dependency.Reference() } else { $resource.dependson += $Dependency } } if($PSBoundParameters.Keys -icontains 'securityContactName') { $resource.properties["securityContactName"] = $securityContactName } if($PSBoundParameters.Keys -icontains 'emails') { $resource.properties["emails"] = $emails } if($PSBoundParameters.Keys -icontains 'alertNotifications') { $resource.properties["alertNotifications"] = $alertNotifications } if($PSBoundParameters.Keys -icontains 'phone') { $resource.properties["phone"] = $phone } if($PSBoundParameters.Keys -icontains 'notificationsByRole') { $resource.properties["notificationsByRole"] = $notificationsByRole } $global:pulumiresources += $resource return $resource } } function New-AzureNativeSecurityServerVulnerabilityAssessment { [Alias('azure_native_security_servervulnerabilityassessment')] param ( [parameter(mandatory=$False,HelpMessage='Name of the resource.)')] [string] $resourceName, [parameter(mandatory=$False,HelpMessage='The type of the resource.)')] [string] $resourceType, [parameter(mandatory=$False,HelpMessage='ServerVulnerabilityAssessment status. only a ''default'' value is supported.)')] [string] $serverVulnerabilityAssessment, [parameter(mandatory=$False,HelpMessage='The Namespace of the resource.)')] [string] $resourceNamespace, [parameter(mandatory=$False,HelpMessage='The name of the resource group within the user''s subscription. The name is case insensitive.)')] [string] $resourceGroupName, [parameter(mandatory,HelpMessage='The reference to call when you want to make a dependency to another resource')] [string] $pulumiid, [parameter(mandatory,HelpMessage='Pass in the resources you make to make this resource dependant on')] [object] $DependsOn ) process { $resource = [pulumiresource]::new($pulumiid, "azure-native:security:ServerVulnerabilityAssessment") foreach($Dependency in $DependsOn) { if($Dependency -is [pulumiresource]) { $resource.dependson += $Dependency.Reference() } else { $resource.dependson += $Dependency } } $resource.properties["resourceGroupName"] = $resourceGroupName $resource.properties["resourceName"] = $resourceName $resource.properties["resourceNamespace"] = $resourceNamespace $resource.properties["resourceType"] = $resourceType if($PSBoundParameters.Keys -icontains 'serverVulnerabilityAssessment') { $resource.properties["serverVulnerabilityAssessment"] = $serverVulnerabilityAssessment } $global:pulumiresources += $resource return $resource } } function New-AzureNativeSecurityCustomEntityStoreAssignment { [Alias('azure_native_security_customentitystoreassignment')] param ( [parameter(mandatory=$False,HelpMessage='The principal assigned with entity store. If not provided, will use caller principal. Format of principal is: [AAD type]=[PrincipalObjectId];[TenantId])')] [string] $principal, [parameter(mandatory=$False,HelpMessage='Name of the custom entity store assignment. Generated name is GUID.)')] [string] $customEntityStoreAssignmentName, [parameter(mandatory=$False,HelpMessage='The name of the resource group within the user''s subscription. The name is case insensitive.)')] [string] $resourceGroupName, [parameter(mandatory,HelpMessage='The reference to call when you want to make a dependency to another resource')] [string] $pulumiid, [parameter(mandatory,HelpMessage='Pass in the resources you make to make this resource dependant on')] [object] $DependsOn ) process { $resource = [pulumiresource]::new($pulumiid, "azure-native:security:CustomEntityStoreAssignment") foreach($Dependency in $DependsOn) { if($Dependency -is [pulumiresource]) { $resource.dependson += $Dependency.Reference() } else { $resource.dependson += $Dependency } } $resource.properties["resourceGroupName"] = $resourceGroupName if($PSBoundParameters.Keys -icontains 'principal') { $resource.properties["principal"] = $principal } if($PSBoundParameters.Keys -icontains 'customEntityStoreAssignmentName') { $resource.properties["customEntityStoreAssignmentName"] = $customEntityStoreAssignmentName } $global:pulumiresources += $resource return $resource } } class ScopeElement { [string] $field } function New-AzureNativeTypeSecurityScopeElement { param ( [parameter(mandatory=$False,HelpMessage='The alert entity type to suppress by.)')] [string] $field ) process { return $([ScopeElement]$PSBoundParameters) } } class SuppressionAlertsScope { [ScopeElement[]] $allOf } function New-AzureNativeTypeSecuritySuppressionAlertsScope { param ( [parameter(mandatory=$False,HelpMessage='All the conditions inside need to be true in order to suppress the alert)')] $allOf ) process { return $([SuppressionAlertsScope]$PSBoundParameters) } } function New-AzureNativeSecurityAlertsSuppressionRule { [Alias('azure_native_security_alertssuppressionrule')] param ( [parameter(mandatory=$False,HelpMessage='The suppression conditions)')] [SuppressionAlertsScope] $suppressionAlertsScope, [parameter(mandatory=$False,HelpMessage='Any comment regarding the rule)')] [string] $comment, [parameter(mandatory=$False,HelpMessage='Expiration date of the rule, if value is not provided or provided as null this field will default to the maximum allowed expiration date.)')] [string] $expirationDateUtc, [parameter(mandatory=$False,HelpMessage='The reason for dismissing the alert)')] [string] $reason, [parameter(mandatory=$False,HelpMessage='The unique name of the suppression alert rule)')] [string] $alertsSuppressionRuleName, [parameter(mandatory=$False,HelpMessage='Possible states of the rule)')] [string] [ValidateSet('Enabled', 'Disabled', 'Expired')] $state, [parameter(mandatory=$False,HelpMessage='Type of the alert to automatically suppress. For all alert types, use ''*'')')] [string] $alertType, [parameter(mandatory,HelpMessage='The reference to call when you want to make a dependency to another resource')] [string] $pulumiid, [parameter(mandatory,HelpMessage='Pass in the resources you make to make this resource dependant on')] [object] $DependsOn ) process { $resource = [pulumiresource]::new($pulumiid, "azure-native:security:AlertsSuppressionRule") foreach($Dependency in $DependsOn) { if($Dependency -is [pulumiresource]) { $resource.dependson += $Dependency.Reference() } else { $resource.dependson += $Dependency } } $resource.properties["alertType"] = $alertType $resource.properties["reason"] = $reason $resource.properties["state"] = $state if($PSBoundParameters.Keys -icontains 'suppressionAlertsScope') { $resource.properties["suppressionAlertsScope"] = $suppressionAlertsScope } if($PSBoundParameters.Keys -icontains 'comment') { $resource.properties["comment"] = $comment } if($PSBoundParameters.Keys -icontains 'expirationDateUtc') { $resource.properties["expirationDateUtc"] = $expirationDateUtc } if($PSBoundParameters.Keys -icontains 'alertsSuppressionRuleName') { $resource.properties["alertsSuppressionRuleName"] = $alertsSuppressionRuleName } $global:pulumiresources += $resource return $resource } } class GcpCredentialsDetailsProperties { [string] $clientId [string] $authUri [string] $organizationId [string] $privateKey [string] $privateKeyId [string] $type [string] $authenticationType [string] $clientX509CertUrl [string] $clientEmail [string] $tokenUri [string] $projectId [string] $authProviderX509CertUrl } function New-AzureNativeTypeSecurityGcpCredentialsDetailsProperties { param ( [parameter(mandatory=$False,HelpMessage='Client ID field of the API key (write only))')] [string] $clientId, [parameter(mandatory=$False,HelpMessage='Auth URI field of the API key (write only))')] [string] $authUri, [parameter(mandatory=$False,HelpMessage='The organization ID of the GCP cloud account)')] [string] $organizationId, [parameter(mandatory=$False,HelpMessage='Private key field of the API key (write only))')] [string] $privateKey, [parameter(mandatory=$False,HelpMessage='Private key ID field of the API key (write only))')] [string] $privateKeyId, [parameter(mandatory=$False,HelpMessage='Type field of the API key (write only))')] [string] $type, [parameter(mandatory=$False,HelpMessage='Connect to your cloud account, for AWS use either account credentials or role-based authentication. For GCP use account organization credentials. Expected value is ''gcpCredentials''.)')] [string] $authenticationType, [parameter(mandatory=$False,HelpMessage='Client x509 certificate URL field of the API key (write only))')] [string] $clientX509CertUrl, [parameter(mandatory=$False,HelpMessage='Client email field of the API key (write only))')] [string] $clientEmail, [parameter(mandatory=$False,HelpMessage='Token URI field of the API key (write only))')] [string] $tokenUri, [parameter(mandatory=$False,HelpMessage='Project ID field of the API key (write only))')] [string] $projectId, [parameter(mandatory=$False,HelpMessage='Auth provider x509 certificate URL field of the API key (write only))')] [string] $authProviderX509CertUrl ) process { return $([GcpCredentialsDetailsProperties]$PSBoundParameters) } } class ProxyServerProperties { [string] $port [string] $ip } function New-AzureNativeTypeSecurityProxyServerProperties { param ( [parameter(mandatory=$False,HelpMessage='Proxy server port)')] [string] $port, [parameter(mandatory=$False,HelpMessage='Proxy server IP)')] [string] $ip ) process { return $([ProxyServerProperties]$PSBoundParameters) } } class ServicePrincipalProperties { [string] $applicationId [string] $secret } function New-AzureNativeTypeSecurityServicePrincipalProperties { param ( [parameter(mandatory=$False,HelpMessage='Application ID of service principal.)')] [string] $applicationId, [parameter(mandatory=$False,HelpMessage='A secret string that the application uses to prove its identity, also can be referred to as application password (write only).)')] [string] $secret ) process { return $([ServicePrincipalProperties]$PSBoundParameters) } } class HybridComputeSettingsProperties { [ProxyServerProperties] $proxyServer [ArgumentCompletions('On', 'Off')] [string] $autoProvision [ServicePrincipalProperties] $servicePrincipal [string] $resourceGroupName [string] $region } function New-AzureNativeTypeSecurityHybridComputeSettingsProperties { param ( [parameter(mandatory=$False,HelpMessage='For a non-Azure machine that is not connected directly to the internet, specify a proxy server that the non-Azure machine can use.)')] [ProxyServerProperties] $proxyServer, [parameter(mandatory=$False,HelpMessage='Whether or not to automatically install Azure Arc (hybrid compute) agents on machines)')] [string] [ValidateSet('On', 'Off')] $autoProvision, [parameter(mandatory=$False,HelpMessage='An object to access resources that are secured by an Azure AD tenant.)')] [ServicePrincipalProperties] $servicePrincipal, [parameter(mandatory=$False,HelpMessage='The name of the resource group where Arc (Hybrid Compute) connectors are connected.)')] [string] $resourceGroupName, [parameter(mandatory=$False,HelpMessage='The location where the metadata of machines will be stored)')] [string] $region ) process { return $([HybridComputeSettingsProperties]$PSBoundParameters) } } function New-AzureNativeSecurityConnector { [Alias('azure_native_security_connector')] param ( [parameter(mandatory=$False,HelpMessage='Settings for authentication management, these settings are relevant only for the cloud connector.)')] [GcpCredentialsDetailsProperties] $authenticationDetails, [parameter(mandatory=$False,HelpMessage='Name of the cloud account connector)')] [string] $connectorName, [parameter(mandatory=$False,HelpMessage='Settings for hybrid compute management. These settings are relevant only for Arc autoProvision (Hybrid Compute).)')] [HybridComputeSettingsProperties] $hybridComputeSettings, [parameter(mandatory,HelpMessage='The reference to call when you want to make a dependency to another resource')] [string] $pulumiid, [parameter(mandatory,HelpMessage='Pass in the resources you make to make this resource dependant on')] [object] $DependsOn ) process { $resource = [pulumiresource]::new($pulumiid, "azure-native:security:Connector") foreach($Dependency in $DependsOn) { if($Dependency -is [pulumiresource]) { $resource.dependson += $Dependency.Reference() } else { $resource.dependson += $Dependency } } if($PSBoundParameters.Keys -icontains 'authenticationDetails') { $resource.properties["authenticationDetails"] = $authenticationDetails } if($PSBoundParameters.Keys -icontains 'connectorName') { $resource.properties["connectorName"] = $connectorName } if($PSBoundParameters.Keys -icontains 'hybridComputeSettings') { $resource.properties["hybridComputeSettings"] = $hybridComputeSettings } $global:pulumiresources += $resource return $resource } } function New-AzureNativeSecurityAdvancedThreatProtection { [Alias('azure_native_security_advancedthreatprotection')] param ( [parameter(mandatory=$False,HelpMessage='Advanced Threat Protection setting name.)')] [string] $settingName, [parameter(mandatory=$False,HelpMessage='Indicates whether Advanced Threat Protection is enabled.)')] [bool] $isEnabled, [parameter(mandatory=$False,HelpMessage='The identifier of the resource.)')] [string] $resourceId, [parameter(mandatory,HelpMessage='The reference to call when you want to make a dependency to another resource')] [string] $pulumiid, [parameter(mandatory,HelpMessage='Pass in the resources you make to make this resource dependant on')] [object] $DependsOn ) process { $resource = [pulumiresource]::new($pulumiid, "azure-native:security:AdvancedThreatProtection") foreach($Dependency in $DependsOn) { if($Dependency -is [pulumiresource]) { $resource.dependson += $Dependency.Reference() } else { $resource.dependson += $Dependency } } $resource.properties["resourceId"] = $resourceId if($PSBoundParameters.Keys -icontains 'settingName') { $resource.properties["settingName"] = $settingName } if($PSBoundParameters.Keys -icontains 'isEnabled') { $resource.properties["isEnabled"] = $isEnabled } $global:pulumiresources += $resource return $resource } } class AssignedStandardItem { [string] $id } function New-AzureNativeTypeSecurityAssignedStandardItem { param ( [parameter(mandatory=$False,HelpMessage='full resourceId of the Microsoft.Security/standard object)')] [string] $id ) process { return $([AssignedStandardItem]$PSBoundParameters) } } class AssignmentPropertiesAdditionalData { [string] $exemptionCategory } function New-AzureNativeTypeSecurityAssignmentPropertiesAdditionalData { param ( [parameter(mandatory=$False,HelpMessage='Exemption category of this assignment)')] [string] $exemptionCategory ) process { return $([AssignmentPropertiesAdditionalData]$PSBoundParameters) } } class AssignedComponentItem { [string] $key } function New-AzureNativeTypeSecurityAssignedComponentItem { param ( [parameter(mandatory=$False,HelpMessage='unique key to a security assessment object)')] [string] $key ) process { return $([AssignedComponentItem]$PSBoundParameters) } } function New-AzureNativeSecurityAssignment { [Alias('azure_native_security_assignment')] param ( [parameter(mandatory=$False,HelpMessage='display name of the standardAssignment)')] [string] $displayName, [parameter(mandatory=$False,HelpMessage='Standard item with key as applied to this standard assignment over the given scope)')] [AssignedStandardItem] $assignedStandard, [parameter(mandatory=$False,HelpMessage='description of the standardAssignment)')] [string] $description, [parameter(mandatory=$False,HelpMessage='A list of key value pairs that describe the resource.)')] [hashtable] $tags, [parameter(mandatory=$False,HelpMessage='expected effect of this assignment (Disable/Exempt/etc))')] [string] $effect, [parameter(mandatory=$False,HelpMessage='Additional data about the assignment)')] [AssignmentPropertiesAdditionalData] $additionalData, [parameter(mandatory=$False,HelpMessage='The security assignment key - unique key for the standard assignment)')] [string] $assignmentId, [parameter(mandatory=$False,HelpMessage='Scope to which the standardAssignment applies - can be a subscription path or a resource group under that subscription)')] [string] $scope, [parameter(mandatory=$False,HelpMessage='Location where the resource is stored)')] [string] $location, [parameter(mandatory=$False,HelpMessage='The assignment metadata. Metadata is an open ended object and is typically a collection of key value pairs.)')] $metadata, [parameter(mandatory=$False,HelpMessage='The name of the resource group within the user''s subscription. The name is case insensitive.)')] [string] $resourceGroupName, [parameter(mandatory=$False,HelpMessage='Component item with key as applied to this standard assignment over the given scope)')] [AssignedComponentItem] $assignedComponent, [parameter(mandatory=$False,HelpMessage='Kind of the resource)')] [string] $kind, [parameter(mandatory=$False,HelpMessage='Expiration date of this assignment as a full ISO date)')] [string] $expiresOn, [parameter(mandatory,HelpMessage='The reference to call when you want to make a dependency to another resource')] [string] $pulumiid, [parameter(mandatory,HelpMessage='Pass in the resources you make to make this resource dependant on')] [object] $DependsOn ) process { $resource = [pulumiresource]::new($pulumiid, "azure-native:security:Assignment") foreach($Dependency in $DependsOn) { if($Dependency -is [pulumiresource]) { $resource.dependson += $Dependency.Reference() } else { $resource.dependson += $Dependency } } $resource.properties["resourceGroupName"] = $resourceGroupName if($PSBoundParameters.Keys -icontains 'displayName') { $resource.properties["displayName"] = $displayName } if($PSBoundParameters.Keys -icontains 'assignedStandard') { $resource.properties["assignedStandard"] = $assignedStandard } if($PSBoundParameters.Keys -icontains 'description') { $resource.properties["description"] = $description } if($PSBoundParameters.Keys -icontains 'tags') { $resource.properties["tags"] = $tags } if($PSBoundParameters.Keys -icontains 'effect') { $resource.properties["effect"] = $effect } if($PSBoundParameters.Keys -icontains 'additionalData') { $resource.properties["additionalData"] = $additionalData } if($PSBoundParameters.Keys -icontains 'assignmentId') { $resource.properties["assignmentId"] = $assignmentId } if($PSBoundParameters.Keys -icontains 'scope') { $resource.properties["scope"] = $scope } if($PSBoundParameters.Keys -icontains 'location') { $resource.properties["location"] = $location } if($PSBoundParameters.Keys -icontains 'metadata') { $resource.properties["metadata"] = $metadata } if($PSBoundParameters.Keys -icontains 'assignedComponent') { $resource.properties["assignedComponent"] = $assignedComponent } if($PSBoundParameters.Keys -icontains 'kind') { $resource.properties["kind"] = $kind } if($PSBoundParameters.Keys -icontains 'expiresOn') { $resource.properties["expiresOn"] = $expiresOn } $global:pulumiresources += $resource return $resource } } |