New-AzSecurityAutomation

Creates new security automation

Syntax

New-AzSecurityAutomation
   -ResourceGroupName <String>
   -Name <String>
   -Location <String>
   [-Etag <String>]
   [-Tag <Hashtable>]
   [-Description <String>]
   [-IsEnabled <Boolean>]
   -Scope <PSSecurityAutomationScope[]>
   -Source <PSSecurityAutomationSource[]>
   -Action <PSSecurityAutomationAction[]>
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
New-AzSecurityAutomation
   -ResourceId <String>
   -Location <String>
   [-Etag <String>]
   [-Tag <Hashtable>]
   [-Description <String>]
   [-IsEnabled <Boolean>]
   -Scope <PSSecurityAutomationScope[]>
   -Source <PSSecurityAutomationSource[]>
   -Action <PSSecurityAutomationAction[]>
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
New-AzSecurityAutomation
   [-Location <String>]
   [-Etag <String>]
   [-Tag <Hashtable>]
   [-Description <String>]
   [-IsEnabled <Boolean>]
   [-Scope <PSSecurityAutomationScope[]>]
   [-Source <PSSecurityAutomationSource[]>]
   -Action <PSSecurityAutomationAction[]>
   -InputObject <PSSecurityAutomation>
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

Creates new security automation

Examples

Example 1

New-AzSecurityAutomation -Name 'ampleAutomation' -ResourceGroupName 'SampleResourceGroup' -Description 'Sample security automation' -Scope $scopes -Source $sources -Action $actions

Creates new security automation named "SampleAutomation" under resource group named "SampleResourceGroup"

Parameters

-Action

A collection of the actions which are triggered if all the configured rules evaluations, within at least one rule set, are true

Type:PSSecurityAutomationAction[]
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:IAzureContextContainer
Aliases:AzContext, AzureRmContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Description

The security automation description

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Etag

Entity tag is used for comparing two or more entities from the same requested resource

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-InputObject

Input Object.

Type:PSSecurityAutomation
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-IsEnabled

Is rule enabled.

Type:Nullable<T>[Boolean]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Location

Location.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-Name

Resource name.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-ResourceGroupName

Resource group name.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-ResourceId

ID of the security resource that you want to invoke the command on.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Scope

A collection of scopes on which the security automations logic is applied. Supported scopes are the subscription itself or a resource group under that subscription. The automation will only apply on defined scopes

Type:PSSecurityAutomationScope[]
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-Source

A collection of the source event types which evaluate the security automation set of rules

Type:PSSecurityAutomationSource[]
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-Tag

Tags.

Type:Hashtable
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

String

PSSecurityAutomation

Outputs

PSSecurityAutomation