Azure.ResourceManager.SecurityCenter.Models Namespace

Classes

AadExternalSecuritySolution	Represents an AAD identity protection solution which sends logs to an OMS workspace.
AadSolutionProperties	The external security solution properties for AAD solutions.
ActiveConnectionsNotInAllowedRange	Number of active connections is not in allowed range.
AdaptiveApplicationControlIssueSummary	Represents a summary of the alerts of the machine group.
AdaptiveNetworkHardeningEnforceContent	The AdaptiveNetworkHardeningEnforceContent.
AdditionalWorkspacesProperties	Properties of the additional workspaces.
AllowlistCustomAlertRule	A custom alert rule that checks if a value (depends on the custom alert type) is allowed. Please note AllowlistCustomAlertRule is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. The available derived classes include ConnectionFromIPNotAllowed, ConnectionToIPNotAllowed, LocalUserNotAllowed and ProcessNotAllowed.
AmqpC2DMessagesNotInAllowedRange	Number of cloud to device messages (AMQP protocol) is not in allowed range.
AmqpC2DRejectedMessagesNotInAllowedRange	Number of rejected cloud to device messages (AMQP protocol) is not in allowed range.
AmqpD2CMessagesNotInAllowedRange	Number of device to cloud messages (AMQP protocol) is not in allowed range.
AtaExternalSecuritySolution	Represents an ATA security solution which sends logs to an OMS workspace.
AtaSolutionProperties	The external security solution properties for ATA solutions.
AuthenticationDetailsProperties	Settings for cloud authentication management Please note AuthenticationDetailsProperties is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. The available derived classes include AwsAssumeRoleAuthenticationDetailsProperties, AwsCredsAuthenticationDetailsProperties and GcpCredentialsDetailsProperties.
AwsAssumeRoleAuthenticationDetailsProperties	AWS cloud account connector based assume role, the role enables delegating access to your AWS resources. The role is composed of role Amazon Resource Name (ARN) and external ID. For more details, refer to <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user.html">Creating a Role to Delegate Permissions to an IAM User (write only)</a>.
AwsCredsAuthenticationDetailsProperties	AWS cloud account connector based credentials, the credentials is composed of access key ID and secret key, for more details, refer to <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html">Creating an IAM User in Your AWS Account (write only)</a>.
AwsEnvironment	The AWS connector environment data.
AwsOrganizationalDataMaster	The AWS organization data for the master account.
AwsOrganizationalDataMember	The AWS organization data for the member account.
AwsOrganizationalInfo	The AWS organization data Please note AwsOrganizationalInfo is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. The available derived classes include AwsOrganizationalDataMember and AwsOrganizationalDataMaster.
AzureDevOpsScopeEnvironment	The AzureDevOps scope connector's environment data.
AzureResourceDetails	Details of the Azure resource that was assessed.
AzureResourceIdentifier	Azure resource identifier.
BaselineAdjustedResult	The rule result adjusted with baseline.
BenchmarkReference	The benchmark references.
CefExternalSecuritySolution	Represents a security solution which sends CEF logs to an OMS workspace.
CefSolutionProperties	The external security solution properties for CEF solutions.
ComplianceSegment	A segment of a compliance assessment.
ConnectableResourceInfo	Describes the allowed inbound and outbound traffic of an Azure resource.
ConnectedResourceInfo	Describes properties of a connected resource.
ConnectionFromIPNotAllowed	Inbound connection from an ip that isn't allowed. Allow list consists of ipv4 or ipv6 range in CIDR notation.
ConnectionToIPNotAllowed	Outbound connection to an ip that isn't allowed. Allow list consists of ipv4 or ipv6 range in CIDR notation.
ContainerRegistryVulnerabilityProperties	Additional context fields for container registry Vulnerability assessment.
CspmMonitorAwsOffering	The CSPM monitoring for AWS offering.
CspmMonitorAzureDevOpsOffering	The CSPM monitoring for AzureDevOps offering.
CspmMonitorGcpOffering	The CSPM monitoring for GCP offering.
CspmMonitorGcpOfferingNativeCloudConnection	The native cloud connection configuration.
CspmMonitorGithubOffering	The CSPM monitoring for github offering.
CustomAlertRule	A custom alert rule. Please note CustomAlertRule is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. The available derived classes include AllowlistCustomAlertRule, AmqpC2DMessagesNotInAllowedRange, AmqpC2DRejectedMessagesNotInAllowedRange, AmqpD2CMessagesNotInAllowedRange, ConnectionFromIPNotAllowed, ConnectionToIPNotAllowed, DenylistCustomAlertRule, DirectMethodInvokesNotInAllowedRange, FailedLocalLoginsNotInAllowedRange, FileUploadsNotInAllowedRange, HttpC2DMessagesNotInAllowedRange, HttpC2DRejectedMessagesNotInAllowedRange, HttpD2CMessagesNotInAllowedRange, ListCustomAlertRule, LocalUserNotAllowed, MqttC2DMessagesNotInAllowedRange, MqttC2DRejectedMessagesNotInAllowedRange, MqttD2CMessagesNotInAllowedRange, ProcessNotAllowed, QueuePurgesNotInAllowedRange, TwinUpdatesNotInAllowedRange, UnauthorizedOperationsNotInAllowedRange, ActiveConnectionsNotInAllowedRange, TimeWindowCustomAlertRule and ThresholdCustomAlertRule.
CustomAssessmentAutomationCreateOrUpdateContent	Custom Assessment Automation request.
CustomEntityStoreAssignmentCreateOrUpdateContent	describes the custom entity store assignment request.
DataExportSettings	Represents a data export setting.
DefenderCspmAwsOffering	The CSPM P1 for AWS offering.
DefenderCspmAwsOfferingVmScanners	The Microsoft Defender for Server VM scanning configuration.
DefenderCspmAwsOfferingVmScannersConfiguration	configuration for Microsoft Defender for Server VM scanning.
DefenderCspmGcpOffering	The CSPM P1 for GCP offering.
DefenderForContainersAwsOffering	The Defender for Containers AWS offering.
DefenderForContainersGcpOffering	The containers GCP offering.
DefenderForContainersGcpOfferingDataPipelineNativeCloudConnection	The native cloud connection configuration.
DefenderForContainersGcpOfferingNativeCloudConnection	The native cloud connection configuration.
DefenderForDatabasesAwsOffering	The Defender for Databases AWS offering.
DefenderForDatabasesAwsOfferingArcAutoProvisioning	The ARC autoprovisioning configuration.
DefenderForDatabasesAwsOfferingRds	The RDS configuration.
DefenderForDatabasesGcpOffering	The Defender for Databases GCP offering configurations.
DefenderForDevOpsAzureDevOpsOffering	The Defender for DevOps for Azure DevOps offering.
DefenderForDevOpsGithubOffering	The Defender for DevOps for Github offering.
DefenderForServersAwsOffering	The Defender for Servers AWS offering.
DefenderForServersAwsOfferingArcAutoProvisioning	The ARC autoprovisioning configuration.
DefenderForServersAwsOfferingMdeAutoProvisioning	The Microsoft Defender for Endpoint autoprovisioning configuration.
DefenderForServersAwsOfferingVmScanners	The Microsoft Defender for Server VM scanning configuration.
DefenderForServersAwsOfferingVmScannersConfiguration	configuration for Microsoft Defender for Server VM scanning.
DefenderForServersAwsOfferingVulnerabilityAssessmentAutoProvisioning	The Vulnerability Assessment autoprovisioning configuration.
DefenderForServersGcpOffering	The Defender for Servers GCP offering configurations.
DefenderForServersGcpOfferingMdeAutoProvisioning	The Microsoft Defender for Endpoint autoprovisioning configuration.
DefenderForServersGcpOfferingVulnerabilityAssessmentAutoProvisioning	The Vulnerability Assessment autoprovisioning configuration.
DenylistCustomAlertRule	A custom alert rule that checks if a value (depends on the custom alert type) is denied.
DirectMethodInvokesNotInAllowedRange	Number of direct method invokes is not in allowed range.
DiscoveredSecuritySolution	The DiscoveredSecuritySolution.
EffectiveNetworkSecurityGroups	Describes the Network Security Groups effective on a network interface.
ExecuteGovernanceRuleParams	Governance rule execution parameters.
ExecuteRuleStatus	Execute status of Security GovernanceRule over a given scope Serialized Name: ExecuteRuleStatus
ExternalSecuritySolution	Represents a security solution external to Microsoft Defender for Cloud which sends information to an OMS workspace and whose data is displayed by Microsoft Defender for Cloud. Please note ExternalSecuritySolution is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. The available derived classes include AadExternalSecuritySolution, AtaExternalSecuritySolution and CefExternalSecuritySolution.
ExternalSecuritySolutionProperties	The solution properties (correspond to the solution kind).
FailedLocalLoginsNotInAllowedRange	Number of failed local logins is not in allowed range.
FileUploadsNotInAllowedRange	Number of file uploads is not in allowed range.
GcpCredentialsDetailsProperties	GCP cloud account connector based service to service credentials, the credentials are composed of the organization ID and a JSON API key (write only).
GcpDefenderForDatabasesArcAutoProvisioning	The native cloud connection configuration.
GcpDefenderForServersInfo	The Defender for servers connection configuration.
GcpMemberOrganizationalInfo	The gcpOrganization data for the member account.
GcpOrganizationalInfo	The gcpOrganization data Please note GcpOrganizationalInfo is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. The available derived classes include GcpMemberOrganizationalInfo and GcpParentOrganizationalInfo.
GcpParentOrganizationalInfo	The gcpOrganization data for the parent account.
GcpProjectDetails	The details about the project represented by the security connector.
GcpProjectEnvironment	The GCP project connector environment data.
GithubScopeEnvironment	The github scope connector's environment data.
GovernanceAssignmentAdditionalInfo	Describe the additional data of governance assignment - optional.
GovernanceEmailNotification	The governance email weekly notification configuration.
GovernanceRuleEmailNotification	The governance email weekly notification configuration.
GovernanceRuleOwnerSource	Describe the owner source of governance rule.
HttpC2DMessagesNotInAllowedRange	Number of cloud to device messages (HTTP protocol) is not in allowed range.
HttpC2DRejectedMessagesNotInAllowedRange	Number of rejected cloud to device messages (HTTP protocol) is not in allowed range.
HttpD2CMessagesNotInAllowedRange	Number of device to cloud messages (HTTP protocol) is not in allowed range.
HybridComputeSettingsProperties	Settings for hybrid compute management.
InformationProtectionAwsOffering	The information protection for AWS offering.
IngestionConnectionString	Connection string for ingesting security data and logs.
IngestionSettingToken	Configures how to correlate scan data and logs with resources associated with the subscription.
IotSecurityAggregatedAlertTopDevice	The IotSecurityAggregatedAlertTopDevice.
IotSecurityAlertedDevice	Statistical information about the number of alerts per device during last set number of days.
IotSecurityDeviceAlert	Statistical information about the number of alerts per alert type during last set number of days.
IotSecurityDeviceRecommendation	Statistical information about the number of recommendations per device, per recommendation type.
IotSecuritySolutionAnalyticsModelDevicesMetrics	The IotSecuritySolutionAnalyticsModelDevicesMetrics.
IotSecuritySolutionPatch	The IotSecuritySolutionPatch.
IotSeverityMetrics	IoT Security solution analytics severity metrics.
JitNetworkAccessPolicyInitiateContent	The JitNetworkAccessPolicyInitiateContent.
JitNetworkAccessPolicyInitiatePort	The JitNetworkAccessPolicyInitiatePort.
JitNetworkAccessPolicyInitiateVirtualMachine	The JitNetworkAccessPolicyInitiateVirtualMachine.
JitNetworkAccessPolicyVirtualMachine	The JitNetworkAccessPolicyVirtualMachine.
JitNetworkAccessPortRule	The JitNetworkAccessPortRule.
JitNetworkAccessRequestInfo	The JitNetworkAccessRequestInfo.
JitNetworkAccessRequestPort	The JitNetworkAccessRequestPort.
JitNetworkAccessRequestVirtualMachine	The JitNetworkAccessRequestVirtualMachine.
ListCustomAlertRule	A List custom alert rule. Please note ListCustomAlertRule is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. The available derived classes include AllowlistCustomAlertRule, ConnectionFromIPNotAllowed, ConnectionToIPNotAllowed, DenylistCustomAlertRule, LocalUserNotAllowed and ProcessNotAllowed.
LocalUserNotAllowed	Login by a local user that isn't allowed. Allow list consists of login names to allow.
LogAnalyticsIdentifier	Represents a Log Analytics workspace scope identifier.
MdeOnboarding	The resource of the configuration or data needed to onboard the machine to MDE.
MqttC2DMessagesNotInAllowedRange	Number of cloud to device messages (MQTT protocol) is not in allowed range.
MqttC2DRejectedMessagesNotInAllowedRange	Number of rejected cloud to device messages (MQTT protocol) is not in allowed range.
MqttD2CMessagesNotInAllowedRange	Number of device to cloud messages (MQTT protocol) is not in allowed range.
OnPremiseResourceDetails	Details of the On Premise resource that was assessed Please note OnPremiseResourceDetails is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. The available derived classes include OnPremiseSqlResourceDetails.
OnPremiseSqlResourceDetails	Details of the On Premise Sql resource that was assessed.
PathRecommendation	Represents a path that is recommended to be allowed and its properties.
ProcessNotAllowed	Execution of a process that isn't allowed. Allow list consists of process names to allow.
ProxyServerProperties	For a non-Azure machine that is not connected directly to the internet, specify a proxy server that the non-Azure machine can use.
QueuePurgesNotInAllowedRange	Number of device queue purges is not in allowed range.
RecommendationConfigurationProperties	The type of IoT Security recommendation.
RecommendedSecurityRule	Describes remote addresses that is recommended to communicate with the Azure resource on some (Protocol, Port, Direction). All other remote addresses are recommended to be blocked.
RemediationEta	The ETA (estimated time of arrival) for remediation.
RulesResultsContent	Rules results input.
SecureScoreControlDefinitionItem	Information about the security control.
SecureScoreControlDetails	Details of the security control, its score, and the health status of the relevant resources.
SecurityAlertEntity	Changing set of properties depending on the entity type.
SecurityAlertResourceIdentifier	A resource identifier for an alert which can be used to direct the alert to the right product exposure group (tenant, workspace, subscription etc.). Please note SecurityAlertResourceIdentifier is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. The available derived classes include AzureResourceIdentifier and LogAnalyticsIdentifier.
SecurityAlertSimulatorBundlesRequestProperties	Simulate alerts according to this bundles.
SecurityAlertSimulatorContent	Alert Simulator request body.
SecurityAlertSimulatorRequestProperties	Describes properties of an alert simulation request Please note SecurityAlertSimulatorRequestProperties is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. The available derived classes include SecurityAlertSimulatorBundlesRequestProperties.
SecurityAlertSupportingEvidence	Changing set of properties depending on the supportingEvidence type.
SecurityAlertSyncSettings	Represents an alert sync setting.
SecurityAssessmentCreateOrUpdateContent	Security assessment on a resource.
SecurityAssessmentMetadataPartner	Describes the partner that created the assessment.
SecurityAssessmentMetadataProperties	Describes properties of an assessment metadata.
SecurityAssessmentPartner	Data regarding 3rd party partner integration.
SecurityAssessmentPublishDates	The SecurityAssessmentPublishDates.
SecurityAssessmentStatus	The result of the assessment.
SecurityAssessmentStatusResult	The result of the assessment.
SecurityAutomationAction	The action that should be triggered. Please note SecurityAutomationAction is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. The available derived classes include SecurityAutomationActionEventHub, SecurityAutomationActionLogicApp and SecurityAutomationActionWorkspace.
SecurityAutomationActionEventHub	The target Event Hub to which event data will be exported. To learn more about Microsoft Defender for Cloud continuous export capabilities, visit https://aka.ms/ASCExportLearnMore.
SecurityAutomationActionLogicApp	The logic app action that should be triggered. To learn more about Microsoft Defender for Cloud's Workflow Automation capabilities, visit https://aka.ms/ASCWorkflowAutomationLearnMore.
SecurityAutomationActionWorkspace	The Log Analytics Workspace to which event data will be exported. Security alerts data will reside in the 'SecurityAlert' table and the assessments data will reside in the 'SecurityRecommendation' table (under the 'Security'/'SecurityCenterFree' solutions). Note that in order to view the data in the workspace, the Security Center Log Analytics free/standard solution needs to be enabled on that workspace. To learn more about Microsoft Defender for Cloud continuous export capabilities, visit https://aka.ms/ASCExportLearnMore.
SecurityAutomationRuleSet	A rule set which evaluates all its rules upon an event interception. Only when all the included rules in the rule set will be evaluated as 'true', will the event trigger the defined actions.
SecurityAutomationScope	A single automation scope.
SecurityAutomationSource	The source event types which evaluate the security automation set of rules. For example - security alerts and security assessments. To learn more about the supported security events data models schemas - please visit https://aka.ms/ASCAutomationSchemas.
SecurityAutomationTriggeringRule	A rule which is evaluated upon event interception. The rule is configured by comparing a specific value from the event model to an expected value. This comparison is done by using one of the supported operators set.
SecurityAutomationValidationStatus	The security automation model state property bag.
SecurityCenterAllowedConnection	The resource whose properties describes the allowed traffic between Azure resources.
SecurityCenterCloudOffering	The security offering details Please note SecurityCenterCloudOffering is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. The available derived classes include CspmMonitorAwsOffering, CspmMonitorAzureDevOpsOffering, CspmMonitorGcpOffering, CspmMonitorGitLabOffering, CspmMonitorGithubOffering, DefenderCspmAwsOffering, DefenderCspmGcpOffering, DefenderForContainersAwsOffering, DefenderForContainersGcpOffering, DefenderForDatabasesAwsOffering, DefenderForDatabasesGcpOffering, DefenderForDevOpsAzureDevOpsOffering, DefenderForDevOpsGitLabOffering, DefenderForDevOpsGithubOffering, DefenderForServersAwsOffering, DefenderForServersGcpOffering and InformationProtectionAwsOffering.
SecurityCenterFileProtectionMode	The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux.
SecurityCenterPublisherInfo	Represents the publisher information of a process/rule.
SecurityCenterResourceDetails	Details of the resource that was assessed Please note SecurityCenterResourceDetails is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. The available derived classes include AzureResourceDetails, OnPremiseResourceDetails and OnPremiseSqlResourceDetails.
SecurityCenterTagsResourceInfo	A container holding only the Tags for a resource, allowing the user to update the tags.
SecurityConnectorEnvironment	The security connector environment data. Please note SecurityConnectorEnvironment is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. The available derived classes include AwsEnvironment, AzureDevOpsScopeEnvironment, GcpProjectEnvironment, GithubScopeEnvironment and GitlabScopeEnvironment.
SecurityContactPropertiesAlertNotifications	Defines whether to send email notifications about new security alerts.
SecurityContactPropertiesNotificationsByRole	Defines whether to send email notifications from Microsoft Defender for Cloud to persons with specific RBAC roles on the subscription.
SecurityCve	CVE details.
SecurityCvss	CVSS details.
SecuritySolution	The SecuritySolution.
SecuritySolutionsReferenceData	The SecuritySolutionsReferenceData.
SecuritySubAssessmentAdditionalInfo	Details of the sub-assessment Please note SecuritySubAssessmentAdditionalInfo is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. The available derived classes include ContainerRegistryVulnerabilityProperties, ServerVulnerabilityProperties and SqlServerVulnerabilityProperties.
SecurityTaskProperties	Changing set of properties, depending on the task type that is derived from the name field.
SecurityTopologyResource	The SecurityTopologyResource.
ServerVulnerabilityProperties	Additional context fields for server vulnerability assessment.
ServicePrincipalProperties	Details of the service principal.
SqlServerVulnerabilityProperties	Details of the resource that was assessed.
SqlVulnerabilityAssessmentBaseline	Baseline details.
SqlVulnerabilityAssessmentBaselineRuleCreateOrUpdateContent	Rule results input.
SqlVulnerabilityAssessmentRemediation	Remediation details.
SqlVulnerabilityAssessmentScanProperties	A vulnerability assessment scan record properties.
SqlVulnerabilityAssessmentScanResult	A vulnerability assessment scan result for a single rule.
SqlVulnerabilityAssessmentScanResultProperties	A vulnerability assessment scan result properties for a single rule.
SubAssessmentStatus	Status of the sub-assessment.
SuppressionAlertsScopeElement	A more specific scope used to identify the alerts to suppress.
ThresholdCustomAlertRule	A custom alert rule that checks if a value (depends on the custom alert type) is within the given range. Please note ThresholdCustomAlertRule is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. The available derived classes include ActiveConnectionsNotInAllowedRange, AmqpC2DMessagesNotInAllowedRange, AmqpC2DRejectedMessagesNotInAllowedRange, AmqpD2CMessagesNotInAllowedRange, DirectMethodInvokesNotInAllowedRange, FailedLocalLoginsNotInAllowedRange, FileUploadsNotInAllowedRange, HttpC2DMessagesNotInAllowedRange, HttpC2DRejectedMessagesNotInAllowedRange, HttpD2CMessagesNotInAllowedRange, MqttC2DMessagesNotInAllowedRange, MqttC2DRejectedMessagesNotInAllowedRange, MqttD2CMessagesNotInAllowedRange, QueuePurgesNotInAllowedRange, TimeWindowCustomAlertRule, TwinUpdatesNotInAllowedRange and UnauthorizedOperationsNotInAllowedRange.
TimeWindowCustomAlertRule	A custom alert rule that checks if the number of activities (depends on the custom alert type) in a time window is within the given range. Please note TimeWindowCustomAlertRule is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. The available derived classes include ActiveConnectionsNotInAllowedRange, AmqpC2DMessagesNotInAllowedRange, AmqpC2DRejectedMessagesNotInAllowedRange, AmqpD2CMessagesNotInAllowedRange, DirectMethodInvokesNotInAllowedRange, FailedLocalLoginsNotInAllowedRange, FileUploadsNotInAllowedRange, HttpC2DMessagesNotInAllowedRange, HttpC2DRejectedMessagesNotInAllowedRange, HttpD2CMessagesNotInAllowedRange, MqttC2DMessagesNotInAllowedRange, MqttC2DRejectedMessagesNotInAllowedRange, MqttD2CMessagesNotInAllowedRange, QueuePurgesNotInAllowedRange, TwinUpdatesNotInAllowedRange and UnauthorizedOperationsNotInAllowedRange.
TopologySingleResource	The TopologySingleResource.
TopologySingleResourceChild	The TopologySingleResourceChild.
TopologySingleResourceParent	The TopologySingleResourceParent.
TwinUpdatesNotInAllowedRange	Number of twin updates is not in allowed range.
UnauthorizedOperationsNotInAllowedRange	Number of unauthorized operations is not in allowed range.
UserDefinedResourcesProperties	Properties of the IoT Security solution's user defined resources.
UserRecommendation	Represents a user that is recommended to be allowed for a certain rule.
VendorReference	Vendor reference.
VmRecommendation	Represents a machine that is part of a machine group.
VulnerabilityAssessmentRule	vulnerability assessment rule metadata details.
VulnerabilityAssessmentRuleQueryCheck	The rule query details.

Structs

AadConnectivityStateType	The connectivity state of the external AAD solution.
AdaptiveApplicationControlEnforcementMode	The application control policy enforcement/protection mode of the machine group.
AdaptiveApplicationControlGroupSourceSystem	The source type of the machine group.
AdaptiveApplicationControlIssue	An alert that machines within a group can have.
AdditionalWorkspaceDataType	Data types sent to workspace.
AdditionalWorkspaceType	Workspace type.
ApplicationSourceResourceType	The application source, what it affects, e.g. Assessments.
AuthenticationProvisioningState	State of the multi-cloud connector.
AutomationTriggeringRuleOperator	A valid comparer operator to use. A case-insensitive comparison will be applied for String PropertyType.
AutomationTriggeringRulePropertyType	The data type of the compared operands (string, integer, floating point number or a boolean [true/false]].
AutoProvisionState	Describes what kind of security agent provisioning action to take.
AvailableSubPlanType	The available sub plans.
CustomAssessmentAutomationSupportedCloud	Relevant cloud for the custom assessment automation.
CustomAssessmentSeverity	The severity to relate to the assessments generated by this assessment automation.
DefenderForServersScanningMode	The scanning mode for the VM scan.
EndOfSupportStatus	End of support status.
ExternalSecuritySolutionKind	The kind of the external solution.
GovernanceRuleOwnerSourceType	The owner type for the governance rule owner source.
GovernanceRuleSourceResourceType	The governance rule source, what the rule affects, e.g. Assessments.
GovernanceRuleType	The rule type of the governance rule, defines the source of the rule e.g. Integrated.
HybridComputeProvisioningState	State of the service principal and its secret.
ImplementationEffort	The implementation effort required to remediate this assessment.
IotSecurityRecommendationType	The type of IoT Security recommendation.
IotSecuritySolutionDataSource	The IotSecuritySolutionDataSource.
IotSecuritySolutionExportOption	The IotSecuritySolutionExportOption.
JitNetworkAccessPortProtocol	The JitNetworkAccessPortProtocol.
JitNetworkAccessPortStatus	The status of the port.
JitNetworkAccessPortStatusReason	A description of why the status has its value.
KillChainIntent	The kill chain related intent behind the alert. For list of supported values, and explanations of Azure Security Center's supported kill chain intents.
PathRecommendationFileType	The type of the file (for Linux files - Executable is used).
RecommendationAction	The recommendation action of the machine or rule.
RecommendationConfigStatus	Recommendation status. When the recommendation status is disabled recommendations are not generated.
RecommendationStatus	The initial recommendation status of the machine group or machine.
RegulatoryComplianceState	Aggregative state based on the standard's supported controls states.
ReportedSeverity	Assessed alert severity.
RuleSeverity	The rule severity.
SecurityAlertMinimalSeverity	Defines the minimal alert severity which will be sent as email notifications.
SecurityAlertNotificationByRoleState	Defines whether to send email notifications from AMicrosoft Defender for Cloud to persons with specific RBAC roles on the subscription.
SecurityAlertNotificationState	Defines if email notifications will be sent about new security alerts.
SecurityAlertReceivingRole	A possible role to configure sending security notification alerts to.
SecurityAlertSeverity	The risk level of the threat that was detected. Learn more: https://docs.microsoft.com/en-us/azure/security-center/security-center-alerts-overview#how-are-alerts-classified.
SecurityAlertSimulatorBundleType	Alert Simulator supported bundles.
SecurityAlertStatus	The life cycle status of the alert.
SecurityAssessmentODataExpand	The SecurityAssessmentODataExpand.
SecurityAssessmentResourceCategory	The categories of resource that is at risk when the assessment is unhealthy.
SecurityAssessmentResourceStatus	The status of the resource regarding a single assessment.
SecurityAssessmentSeverity	The sub-assessment severity level.
SecurityAssessmentStatusCode	Programmatic code for the status of the assessment.
SecurityAssessmentTactic	Tactic of the assessment.
SecurityAssessmentTechnique	Techniques of the assessment.
SecurityAssessmentType	BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition.
SecurityAssessmentUserImpact	The user impact of the assessment.
SecurityCenterCloudName	The multi cloud resource's cloud name.
SecurityCenterCloudPermission	A permission detected in the cloud account.
SecurityCenterConfigurationStatus	The configuration status of the machines group or machine or rule.
SecurityCenterConnectionType	The SecurityCenterConnectionType.
SecurityCenterPricingTier	The pricing tier value. Microsoft Defender for Cloud is provided in two pricing tiers: free and standard. The standard tier offers advanced security capabilities, while the free tier offers basic security features.
SecurityCenterVmEnforcementSupportState	The machine supportability of Enforce feature.
SecurityControlType	The type of security control (for example, BuiltIn).
SecurityEventSource	A valid event source type.
SecurityFamily	The security family of the discovered solution.
SecurityFamilyProvisioningState	The security family provisioning State.
SecurityScoreODataExpand	The SecurityScoreODataExpand.
SecuritySettingName	The SecuritySettingName.
SecuritySolutionStatus	Status of the IoT Security solution.
SecurityThreat	Threats impact of the assessment.
SecurityTrafficDirection	The rule's direction.
SecurityTransportProtocol	The SecurityTransportProtocol.
SecurityValueType	The value type of the items in the list.
ServerVulnerabilityAssessmentPropertiesProvisioningState	The provisioningState of the vulnerability assessment capability on the VM.
SqlVulnerabilityAssessmentScanResultRuleStatus	The rule result status.
SqlVulnerabilityAssessmentScanState	The scan status.
SqlVulnerabilityAssessmentScanTriggerType	The scan trigger type.
SubAssessmentStatusCode	Programmatic code for the status of the assessment.
UnmaskedIPLoggingStatus	Unmasked IP address logging status.
VulnerabilityAssessmentAutoProvisioningType	The Vulnerability Assessment solution to be provisioned. Can be either 'TVM' or 'Qualys'.
VulnerabilityAssessmentRuleType	The rule type.

Enums

SecurityAlertsSuppressionRuleState

Possible states of the rule.