Share via

Microsoft.Security customRecommendations

Bicep resource definition

The customRecommendations resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Security/customRecommendations resource, add the following Bicep to your template.

resource symbolicname 'Microsoft.Security/customRecommendations@2024-08-01' = {
  scope: resourceSymbolicName or scope
  name: 'string'
  properties: {
    cloudProviders: [
      'string'
    ]
    description: 'string'
    displayName: 'string'
    query: 'string'
    remediationDescription: 'string'
    securityIssue: 'string'
    severity: 'string'
  }
}

Property Values

Microsoft.Security/customRecommendations

Name Description Value
name The resource name string

Constraints:
Pattern = [{]?[0-9a-fA-F]{8}-(?:[0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}[}]?$ (required)
properties describes Custom Recommendation properties. CustomRecommendationProperties
scope Use when creating a resource at a scope that is different than the deployment scope. Set this property to the symbolic name of a resource to apply the extension resource.

CustomRecommendationProperties

Name Description Value
cloudProviders List of all standard supported clouds. String array containing any of:
'AWS'
'Azure'
'GCP'
description The description to relate to the assessments generated by this Recommendation. string
displayName The display name of the assessments generated by this Recommendation. string
query KQL query representing the Recommendation results required. string
remediationDescription The remediation description to relate to the assessments generated by this Recommendation. string
securityIssue The severity to relate to the assessments generated by this Recommendation. 'AnonymousAccess'
'BestPractices'
'ExcessivePermissions'
'NetworkExposure'
'TrafficEncryption'
'Vulnerability'
severity The severity to relate to the assessments generated by this Recommendation. 'High'
'Low'
'Medium'

ARM template resource definition

The customRecommendations resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Security/customRecommendations resource, add the following JSON to your template.

{
  "type": "Microsoft.Security/customRecommendations",
  "apiVersion": "2024-08-01",
  "name": "string",
  "properties": {
    "cloudProviders": [ "string" ],
    "description": "string",
    "displayName": "string",
    "query": "string",
    "remediationDescription": "string",
    "securityIssue": "string",
    "severity": "string"
  }
}

Property Values

Microsoft.Security/customRecommendations

Name Description Value
apiVersion The api version '2024-08-01'
name The resource name string

Constraints:
Pattern = [{]?[0-9a-fA-F]{8}-(?:[0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}[}]?$ (required)
properties describes Custom Recommendation properties. CustomRecommendationProperties
type The resource type 'Microsoft.Security/customRecommendations'

CustomRecommendationProperties

Name Description Value
cloudProviders List of all standard supported clouds. String array containing any of:
'AWS'
'Azure'
'GCP'
description The description to relate to the assessments generated by this Recommendation. string
displayName The display name of the assessments generated by this Recommendation. string
query KQL query representing the Recommendation results required. string
remediationDescription The remediation description to relate to the assessments generated by this Recommendation. string
securityIssue The severity to relate to the assessments generated by this Recommendation. 'AnonymousAccess'
'BestPractices'
'ExcessivePermissions'
'NetworkExposure'
'TrafficEncryption'
'Vulnerability'
severity The severity to relate to the assessments generated by this Recommendation. 'High'
'Low'
'Medium'

Usage Examples

Terraform (AzAPI provider) resource definition

The customRecommendations resource type can be deployed with operations that target:

  • Tenant* Management groups* Subscription* Resource groups

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Security/customRecommendations resource, add the following Terraform to your template.

resource "azapi_resource" "symbolicname" {
  type = "Microsoft.Security/customRecommendations@2024-08-01"
  name = "string"
  parent_id = "string"
  body = {
    properties = {
      cloudProviders = [
        "string"
      ]
      description = "string"
      displayName = "string"
      query = "string"
      remediationDescription = "string"
      securityIssue = "string"
      severity = "string"
    }
  }
}

Property Values

Microsoft.Security/customRecommendations

Name Description Value
name The resource name string

Constraints:
Pattern = [{]?[0-9a-fA-F]{8}-(?:[0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}[}]?$ (required)
parent_id The ID of the resource to apply this extension resource to. string (required)
properties describes Custom Recommendation properties. CustomRecommendationProperties
type The resource type "Microsoft.Security/customRecommendations@2024-08-01"

CustomRecommendationProperties

Name Description Value
cloudProviders List of all standard supported clouds. String array containing any of:
'AWS'
'Azure'
'GCP'
description The description to relate to the assessments generated by this Recommendation. string
displayName The display name of the assessments generated by this Recommendation. string
query KQL query representing the Recommendation results required. string
remediationDescription The remediation description to relate to the assessments generated by this Recommendation. string
securityIssue The severity to relate to the assessments generated by this Recommendation. 'AnonymousAccess'
'BestPractices'
'ExcessivePermissions'
'NetworkExposure'
'TrafficEncryption'
'Vulnerability'
severity The severity to relate to the assessments generated by this Recommendation. 'High'
'Low'
'Medium'
  • Last updated on