Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Bicep resource definition
The securityConnectors/devops/azureDevOpsOrgs/projects resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects@2025-11-01-preview' = {
parent: resourceSymbolicName
name: 'string'
properties: {
actionableRemediation: {
branchConfiguration: {
annotateDefaultBranch: 'string'
branchNames: [
'string'
]
}
categoryConfigurations: [
{
category: 'string'
minimumSeverityLevel: 'string'
}
]
inheritFromParentState: 'string'
state: 'string'
}
onboardingState: 'string'
parentOrgName: 'string'
}
}
Property Values
Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) |
| parent | In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource. For more information, see Child resource outside parent resource. |
Symbolic name for resource of type: securityConnectors/devops/azureDevOpsOrgs |
| properties | Azure DevOps Project properties. | AzureDevOpsProjectProperties |
ActionableRemediation
| Name | Description | Value |
|---|---|---|
| branchConfiguration | Repository branch configuration for PR Annotations. | TargetBranchConfiguration |
| categoryConfigurations | Gets or sets list of categories and severity levels. | CategoryConfiguration[] |
| inheritFromParentState | Update Settings. Enabled - Resource should inherit configurations from parent. Disabled - Resource should not inherit configurations from parent. |
'Disabled' 'Enabled' |
| state | ActionableRemediation Setting. None - the setting was never set. Enabled - ActionableRemediation is enabled. Disabled - ActionableRemediation is disabled. |
'Disabled' 'Enabled' 'None' |
AzureDevOpsProjectProperties
| Name | Description | Value |
|---|---|---|
| actionableRemediation | Configuration payload for PR Annotations. | ActionableRemediation |
| onboardingState | Details about resource onboarding status across all connectors. OnboardedByOtherConnector - this resource has already been onboarded to another connector. This is only applicable to top-level resources. Onboarded - this resource has already been onboarded by the specified connector. NotOnboarded - this resource has not been onboarded to any connector. NotApplicable - the onboarding state is not applicable to the current endpoint. |
'NotApplicable' 'NotOnboarded' 'Onboarded' 'OnboardedByOtherConnector' |
| parentOrgName | Gets or sets parent Azure DevOps Organization name. | string |
CategoryConfiguration
| Name | Description | Value |
|---|---|---|
| category | Rule categories. Code - code scanning results. Artifact scanning results. Dependencies scanning results. IaC results. Secrets scanning results. Container scanning results. |
'Artifacts' 'Code' 'Containers' 'Dependencies' 'IaC' 'Secrets' |
| minimumSeverityLevel | Gets or sets minimum severity level for a given category. | string |
TargetBranchConfiguration
| Name | Description | Value |
|---|---|---|
| annotateDefaultBranch | Configuration of PR Annotations on default branch. Enabled - PR Annotations are enabled on the resource's default branch. Disabled - PR Annotations are disabled on the resource's default branch. |
'Disabled' 'Enabled' |
| branchNames | Gets or sets branches that should have annotations. | string[] |
ARM template resource definition
The securityConnectors/devops/azureDevOpsOrgs/projects resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects resource, add the following JSON to your template.
{
"type": "Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects",
"apiVersion": "2025-11-01-preview",
"name": "string",
"properties": {
"actionableRemediation": {
"branchConfiguration": {
"annotateDefaultBranch": "string",
"branchNames": [ "string" ]
},
"categoryConfigurations": [
{
"category": "string",
"minimumSeverityLevel": "string"
}
],
"inheritFromParentState": "string",
"state": "string"
},
"onboardingState": "string",
"parentOrgName": "string"
}
}
Property Values
Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects
| Name | Description | Value |
|---|---|---|
| apiVersion | The api version | '2025-11-01-preview' |
| name | The resource name | string (required) |
| properties | Azure DevOps Project properties. | AzureDevOpsProjectProperties |
| type | The resource type | 'Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects' |
ActionableRemediation
| Name | Description | Value |
|---|---|---|
| branchConfiguration | Repository branch configuration for PR Annotations. | TargetBranchConfiguration |
| categoryConfigurations | Gets or sets list of categories and severity levels. | CategoryConfiguration[] |
| inheritFromParentState | Update Settings. Enabled - Resource should inherit configurations from parent. Disabled - Resource should not inherit configurations from parent. |
'Disabled' 'Enabled' |
| state | ActionableRemediation Setting. None - the setting was never set. Enabled - ActionableRemediation is enabled. Disabled - ActionableRemediation is disabled. |
'Disabled' 'Enabled' 'None' |
AzureDevOpsProjectProperties
| Name | Description | Value |
|---|---|---|
| actionableRemediation | Configuration payload for PR Annotations. | ActionableRemediation |
| onboardingState | Details about resource onboarding status across all connectors. OnboardedByOtherConnector - this resource has already been onboarded to another connector. This is only applicable to top-level resources. Onboarded - this resource has already been onboarded by the specified connector. NotOnboarded - this resource has not been onboarded to any connector. NotApplicable - the onboarding state is not applicable to the current endpoint. |
'NotApplicable' 'NotOnboarded' 'Onboarded' 'OnboardedByOtherConnector' |
| parentOrgName | Gets or sets parent Azure DevOps Organization name. | string |
CategoryConfiguration
| Name | Description | Value |
|---|---|---|
| category | Rule categories. Code - code scanning results. Artifact scanning results. Dependencies scanning results. IaC results. Secrets scanning results. Container scanning results. |
'Artifacts' 'Code' 'Containers' 'Dependencies' 'IaC' 'Secrets' |
| minimumSeverityLevel | Gets or sets minimum severity level for a given category. | string |
TargetBranchConfiguration
| Name | Description | Value |
|---|---|---|
| annotateDefaultBranch | Configuration of PR Annotations on default branch. Enabled - PR Annotations are enabled on the resource's default branch. Disabled - PR Annotations are disabled on the resource's default branch. |
'Disabled' 'Enabled' |
| branchNames | Gets or sets branches that should have annotations. | string[] |
Usage Examples
Terraform (AzAPI provider) resource definition
The securityConnectors/devops/azureDevOpsOrgs/projects resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects@2025-11-01-preview"
name = "string"
parent_id = "string"
body = {
properties = {
actionableRemediation = {
branchConfiguration = {
annotateDefaultBranch = "string"
branchNames = [
"string"
]
}
categoryConfigurations = [
{
category = "string"
minimumSeverityLevel = "string"
}
]
inheritFromParentState = "string"
state = "string"
}
onboardingState = "string"
parentOrgName = "string"
}
}
}
Property Values
Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) |
| parent_id | The ID of the resource that is the parent for this resource. | ID for resource of type: securityConnectors/devops/azureDevOpsOrgs |
| properties | Azure DevOps Project properties. | AzureDevOpsProjectProperties |
| type | The resource type | "Microsoft.Security/securityConnectors/devops/azureDevOpsOrgs/projects@2025-11-01-preview" |
ActionableRemediation
| Name | Description | Value |
|---|---|---|
| branchConfiguration | Repository branch configuration for PR Annotations. | TargetBranchConfiguration |
| categoryConfigurations | Gets or sets list of categories and severity levels. | CategoryConfiguration[] |
| inheritFromParentState | Update Settings. Enabled - Resource should inherit configurations from parent. Disabled - Resource should not inherit configurations from parent. |
'Disabled' 'Enabled' |
| state | ActionableRemediation Setting. None - the setting was never set. Enabled - ActionableRemediation is enabled. Disabled - ActionableRemediation is disabled. |
'Disabled' 'Enabled' 'None' |
AzureDevOpsProjectProperties
| Name | Description | Value |
|---|---|---|
| actionableRemediation | Configuration payload for PR Annotations. | ActionableRemediation |
| onboardingState | Details about resource onboarding status across all connectors. OnboardedByOtherConnector - this resource has already been onboarded to another connector. This is only applicable to top-level resources. Onboarded - this resource has already been onboarded by the specified connector. NotOnboarded - this resource has not been onboarded to any connector. NotApplicable - the onboarding state is not applicable to the current endpoint. |
'NotApplicable' 'NotOnboarded' 'Onboarded' 'OnboardedByOtherConnector' |
| parentOrgName | Gets or sets parent Azure DevOps Organization name. | string |
CategoryConfiguration
| Name | Description | Value |
|---|---|---|
| category | Rule categories. Code - code scanning results. Artifact scanning results. Dependencies scanning results. IaC results. Secrets scanning results. Container scanning results. |
'Artifacts' 'Code' 'Containers' 'Dependencies' 'IaC' 'Secrets' |
| minimumSeverityLevel | Gets or sets minimum severity level for a given category. | string |
TargetBranchConfiguration
| Name | Description | Value |
|---|---|---|
| annotateDefaultBranch | Configuration of PR Annotations on default branch. Enabled - PR Annotations are enabled on the resource's default branch. Disabled - PR Annotations are disabled on the resource's default branch. |
'Disabled' 'Enabled' |
| branchNames | Gets or sets branches that should have annotations. | string[] |