models Package
Classes
| AdditionalData |
Details of the sub-assessment. You probably want to use the sub-classes and not this class directly. Known sub-classes are: ContainerRegistryVulnerabilityProperties, ServerVulnerabilityProperties, SqlServerVulnerabilityProperties All required parameters must be populated in order to send to server. |
| AlertsSuppressionRule |
Describes the suppression rule. Variables are only populated by the server, and will be ignored when sending a request. |
| AlertsSuppressionRulesList |
Suppression rules list for subscription. Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to server. |
| Automation |
The security automation resource. Variables are only populated by the server, and will be ignored when sending a request. |
| AutomationAction |
The action that should be triggered. You probably want to use the sub-classes and not this class directly. Known sub-classes are: AutomationActionEventHub, AutomationActionLogicApp, AutomationActionWorkspace All required parameters must be populated in order to send to server. |
| AutomationActionEventHub |
The target Event Hub to which event data will be exported. To learn more about Microsoft Defender for Cloud continuous export capabilities, visit https://aka.ms/ASCExportLearnMore. Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to server. |
| AutomationActionLogicApp |
The logic app action that should be triggered. To learn more about Microsoft Defender for Cloud's Workflow Automation capabilities, visit https://aka.ms/ASCWorkflowAutomationLearnMore. All required parameters must be populated in order to send to server. |
| AutomationActionWorkspace |
The Log Analytics Workspace to which event data will be exported. Security alerts data will reside in the 'SecurityAlert' table and the assessments data will reside in the 'SecurityRecommendation' table (under the 'Security'/'SecurityCenterFree' solutions). Note that in order to view the data in the workspace, the Security Center Log Analytics free/standard solution needs to be enabled on that workspace. To learn more about Microsoft Defender for Cloud continuous export capabilities, visit https://aka.ms/ASCExportLearnMore. All required parameters must be populated in order to send to server. |
| AutomationList |
List of security automations response. Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to server. |
| AutomationRuleSet |
A rule set which evaluates all its rules upon an event interception. Only when all the included rules in the rule set will be evaluated as 'true', will the event trigger the defined actions. |
| AutomationScope |
A single automation scope. |
| AutomationSource |
The source event types which evaluate the security automation set of rules. For example - security alerts and security assessments. To learn more about the supported security events data models schemas - please visit https://aka.ms/ASCAutomationSchemas. |
| AutomationTriggeringRule |
A rule which is evaluated upon event interception. The rule is configured by comparing a specific value from the event model to an expected value. This comparison is done by using one of the supported operators set. |
| AutomationValidationStatus |
The security automation model state property bag. |
| AzureResourceDetails |
Details of the Azure resource that was assessed. Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to server. |
| AzureTrackedResourceLocation |
Describes an Azure resource with location. |
| CVE |
CVE details. Variables are only populated by the server, and will be ignored when sending a request. |
| CVSS |
CVSS details. Variables are only populated by the server, and will be ignored when sending a request. |
| CloudErrorBody |
The error detail. Variables are only populated by the server, and will be ignored when sending a request. |
| ContainerRegistryVulnerabilityProperties |
Additional context fields for container registry Vulnerability assessment. Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to server. |
| ETag |
Entity tag is used for comparing two or more entities from the same requested resource. |
| ErrorAdditionalInfo |
The resource management error additional info. Variables are only populated by the server, and will be ignored when sending a request. |
| Kind |
Describes an Azure resource with kind. |
| OnPremiseResourceDetails |
Details of the On Premise resource that was assessed. You probably want to use the sub-classes and not this class directly. Known sub-classes are: OnPremiseSqlResourceDetails All required parameters must be populated in order to send to server. |
| OnPremiseSqlResourceDetails |
Details of the On Premise Sql resource that was assessed. All required parameters must be populated in order to send to server. |
| RegulatoryComplianceAssessment |
Regulatory compliance assessment details and state. Variables are only populated by the server, and will be ignored when sending a request. |
| RegulatoryComplianceAssessmentList |
List of regulatory compliance assessment response. Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to server. |
| RegulatoryComplianceControl |
Regulatory compliance control details and state. Variables are only populated by the server, and will be ignored when sending a request. |
| RegulatoryComplianceControlList |
List of regulatory compliance controls response. Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to server. |
| RegulatoryComplianceStandard |
Regulatory compliance standard details and state. Variables are only populated by the server, and will be ignored when sending a request. |
| RegulatoryComplianceStandardList |
List of regulatory compliance standards response. Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to server. |
| Resource |
Describes an Azure resource. Variables are only populated by the server, and will be ignored when sending a request. |
| ResourceDetails |
Details of the resource that was assessed. You probably want to use the sub-classes and not this class directly. Known sub-classes are: AzureResourceDetails, OnPremiseResourceDetails All required parameters must be populated in order to send to server. |
| ScopeElement |
A more specific scope used to identify the alerts to suppress. |
| SecuritySubAssessment |
Security sub-assessment on a resource. Variables are only populated by the server, and will be ignored when sending a request. |
| SecuritySubAssessmentList |
List of security sub-assessments. Variables are only populated by the server, and will be ignored when sending a request. |
| ServerVulnerabilityProperties |
Additional context fields for server vulnerability assessment. Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to server. |
| SqlServerVulnerabilityProperties |
Details of the resource that was assessed. Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to server. |
| SubAssessmentStatus |
Status of the sub-assessment. Variables are only populated by the server, and will be ignored when sending a request. |
| SuppressionAlertsScope |
SuppressionAlertsScope. All required parameters must be populated in order to send to server. |
| Tags |
A list of key value pairs that describe the resource. |
| TrackedResource |
Describes an Azure tracked resource. Variables are only populated by the server, and will be ignored when sending a request. |
| VendorReference |
Vendor reference. Variables are only populated by the server, and will be ignored when sending a request. |
Enums
| ActionType |
The type of the action that will be triggered by the Automation. |
| AssessedResourceType |
Sub-assessment resource type. |
| EventSource |
A valid event source type. |
| Operator |
A valid comparer operator to use. A case-insensitive comparison will be applied for String PropertyType. |
| PropertyType |
The data type of the compared operands (string, integer, floating point number or a boolean [true/false]]. |
| RuleState |
Possible states of the rule. |
| Severity |
The sub-assessment severity level. |
| Source |
The platform where the assessed resource resides. |
| State |
Aggregative state based on the standard's supported controls states. |
| SubAssessmentStatusCode |
Programmatic code for the status of the assessment. |
