Security Connectors - List
Lists all the security connectors in the specified subscription. Use the 'nextLink' property in the response to get the next page of security connectors for the specified subscription.
GET https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.Security/securityConnectors?api-version=2024-03-01-preview
URI Parameters
Name | In | Required | Type | Description |
---|---|---|---|---|
subscription
|
path | True |
string |
Azure subscription ID Regex pattern: |
api-version
|
query | True |
string |
API version for the operation |
Responses
Name | Type | Description |
---|---|---|
200 OK |
OK |
|
Other Status Codes |
Error response that describes why the operation failed. |
Security
azure_auth
Azure Active Directory OAuth2 Flow
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
Name | Description |
---|---|
user_impersonation | impersonate your user account |
Examples
List all security connectors of a specified subscription
Sample request
Sample response
{
"value": [
{
"id": "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/exampleResourceGroup1/providers/Microsoft.Security/securityConnectors/exampleSecurityConnectorAws",
"name": "exampleSecurityConnectorAws",
"type": "Microsoft.Security/securityConnectors",
"etag": "etag value",
"kind": "",
"location": "Central US",
"tags": {},
"systemData": {
"createdBy": "user@contoso.com",
"createdByType": "User",
"createdAt": "2021-08-31T13:47:50.328Z",
"lastModifiedBy": "user@contoso.com",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-08-31T13:47:50.328Z"
},
"properties": {
"hierarchyIdentifier": "exampleHierarchyId",
"environmentData": {
"environmentType": "AwsAccount",
"scanInterval": 4
},
"environmentName": "AWS",
"offerings": [
{
"offeringType": "CspmMonitorAws",
"nativeCloudConnection": {
"cloudRoleArn": "arn:aws:iam::00000000:role/ASCMonitor"
}
}
]
}
},
{
"id": "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/exampleResourceGroup2/providers/Microsoft.Security/securityConnectors/exampleSecurityConnectorAwsOrganization",
"name": "exampleSecurityConnectorAwsOrganization",
"type": "Microsoft.Security/securityConnectors",
"etag": "etag value",
"kind": "",
"location": "Central US",
"tags": {},
"systemData": {
"createdBy": "user@contoso.com",
"createdByType": "User",
"createdAt": "2021-12-15T13:47:50.328Z",
"lastModifiedBy": "user@contoso.com",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-12-15T13:47:50.328Z"
},
"properties": {
"hierarchyIdentifier": "exampleHierarchyId",
"environmentData": {
"environmentType": "AwsAccount",
"scanInterval": 4,
"organizationalData": {
"organizationMembershipType": "Organization",
"stacksetName": "myStackSetName",
"excludedAccountIds": [
"excludedAccountIdExample"
]
}
},
"environmentName": "AWS",
"offerings": [
{
"offeringType": "CspmMonitorAws",
"nativeCloudConnection": {
"cloudRoleArn": "arn:aws:iam::00000000:role/ASCMonitor"
}
}
]
}
},
{
"id": "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/exampleResourceGroup3/providers/Microsoft.Security/securityConnectors/exampleSecurityConnectorGithub",
"name": "githubTest",
"etag": "etag value",
"type": "Microsoft.Security/securityconnectors",
"location": "centralus",
"kind": "",
"tags": {},
"systemData": {
"createdBy": "user@contoso.com",
"createdByType": "User",
"createdAt": "2021-12-15T13:47:50.328Z",
"lastModifiedBy": "user@contoso.com",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-12-15T13:47:50.328Z"
},
"properties": {
"hierarchyIdentifier": "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/exampleResourceGroup3/providers/Microsoft.SecurityDevops/githubConnectors/exampleGithubConnector",
"environmentName": "Github",
"environmentData": {
"environmentType": "GithubScope"
},
"offerings": [
{
"offeringType": "CspmMonitorGithub"
}
]
}
},
{
"id": "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/exampleResourceGroup3/providers/Microsoft.Security/securityConnectors/exampleSecurityConnectorAzureDevOpsConnectors",
"name": "AzureDevOpsTest",
"etag": "etag value",
"type": "Microsoft.Security/securityconnectors",
"location": "centralus",
"kind": "",
"tags": {},
"systemData": {
"createdBy": "user@contoso.com",
"createdByType": "User",
"createdAt": "2021-12-15T13:47:50.328Z",
"lastModifiedBy": "user@contoso.com",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-12-15T13:47:50.328Z"
},
"properties": {
"hierarchyIdentifier": "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/exampleResourceGroup3/providers/Microsoft.SecurityDevops/azureDevOpsConnectors/exampleAzureDevOpsConnector",
"environmentName": "Github",
"environmentData": {
"environmentType": "GithubScope"
},
"offerings": [
{
"offeringType": "CspmMonitorGithub"
}
]
}
},
{
"id": "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/exampleResourceGroup3/providers/Microsoft.Security/securityConnectors/exampleSecurityConnectorGcp",
"name": "exampleSecurityConnectorGcp",
"type": "Microsoft.Security/securityConnectors",
"etag": "etag value",
"kind": "",
"location": "Central US",
"tags": {},
"systemData": {
"createdBy": "user@contoso.com",
"createdByType": "User",
"createdAt": "2021-12-15T13:47:50.328Z",
"lastModifiedBy": "user@contoso.com",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-12-15T13:47:50.328Z"
},
"properties": {
"hierarchyIdentifier": "exampleHierarchyId",
"environmentData": {
"environmentType": "GcpProject",
"projectDetails": {
"projectNumber": "exampleHierarchyId",
"projectId": "My-0GCP-Project",
"workloadIdentityPoolId": "6c78da41157548d3b1d8b3c72effdf8c"
}
},
"environmentName": "GCP",
"offerings": [
{
"offeringType": "CspmMonitorGcp",
"nativeCloudConnection": {
"workloadIdentityProviderId": "My workload identity provider Id",
"serviceAccountEmailAddress": "capm@projectName.com"
}
}
]
}
}
]
}
Definitions
Name | Description |
---|---|
Arc |
The ARC autoprovisioning configuration |
arc |
Configuration for servers Arc auto provisioning for a given environment |
Aws |
The AWS connector environment data |
Aws |
The AWS organization data for the master account |
Aws |
The AWS organization data for the member account |
Azure |
The AzureDevOps scope connector's environment data |
Ciem |
Defenders CSPM Permissions Management offering configurations |
Ciem |
GCP Defenders CSPM Permissions Management OIDC (Open ID connect) connection configurations |
Ciem |
AWS Defender CSPM Permissions Management OIDC (open id connect) connection configurations |
Cloud |
Common error response for all Azure Resource Manager APIs to return error details for failed operations. (This also follows the OData error response format.). |
Cloud |
The error detail. |
cloud |
The multi cloud resource's cloud name. |
Cloud |
The cloudwatch to kinesis connection configuration |
Configuration |
Configuration for VM scanning |
created |
The type of identity that created the resource. |
cspm |
The CSPM monitoring for AWS offering |
cspm |
The CSPM monitoring for AzureDevOps offering |
cspm |
The CSPM monitoring for GCP offering |
cspm |
The CSPM monitoring for github offering |
cspm |
The CSPM (Cloud security posture management) monitoring for gitlab offering |
Databases |
The databases data security posture management (DSPM) configuration |
Data |
The native cloud connection configuration |
Data |
The Microsoft Defender Data Sensitivity discovery configuration |
defender |
The CSPM P1 for AWS offering |
defender |
The CSPM P1 for GCP offering |
defender |
The Defender for Databases AWS offering |
defender |
The Defender for Containers AWS offering |
defender |
The containers GCP offering |
Defender |
The native cloud connection configuration |
defender |
The Defender for Databases GCP offering configurations |
Defender |
The Defender for servers connection configuration |
defender |
The Defender for Servers AWS offering |
defender |
The Defender for Servers GCP offering configurations |
Error |
The resource management error additional info. |
Gcp |
The gcpOrganization data for the member account |
Gcp |
The gcpOrganization data for the parent account |
Gcp |
The details about the project represented by the security connector |
Gcp |
The GCP project connector environment data |
Github |
The github scope connector's environment data |
Gitlab |
The GitLab scope connector's environment data |
Kinesis |
The kinesis to s3 connection configuration |
Kubernetes |
The kubernetes data collection connection configuration |
Kubernetes |
The kubernetes service connection configuration |
Mdc |
The Microsoft Defender container agentless discovery K8s configuration |
Mdc |
The Microsoft Defender container image assessment configuration |
Mde |
The Microsoft Defender for Endpoint autoprovisioning configuration |
mde |
configuration for Microsoft Defender for Endpoint autoprovisioning |
Native |
The native cloud connection configuration |
Rds |
The RDS configuration |
scanning |
The scanning mode for the VM scan. |
Security |
The security connector resource. |
Security |
List of security connectors response. |
Sub |
configuration for the servers offering subPlan |
sub |
The available sub plans |
system |
Metadata pertaining to creation and last modification of the resource. |
type |
The Vulnerability Assessment solution to be provisioned. Can be either 'TVM' or 'Qualys' |
Va |
The Vulnerability Assessment autoprovisioning configuration |
va |
configuration for Vulnerability Assessment autoprovisioning |
Vm |
The Microsoft Defender for Container K8s VM host scanning configuration |
ArcAutoProvisioning
The ARC autoprovisioning configuration
Name | Type | Description |
---|---|---|
cloudRoleArn |
string |
The cloud role ARN in AWS for this feature |
configuration |
Configuration for servers Arc auto provisioning for a given environment |
|
enabled |
boolean |
Is arc auto provisioning enabled |
arcAutoProvisioning.Configuration
Configuration for servers Arc auto provisioning for a given environment
Name | Type | Description |
---|---|---|
privateLinkScope |
string |
Optional Arc private link scope resource id to link the Arc agent |
proxy |
string |
Optional HTTP proxy endpoint to use for the Arc agent |
AwsEnvironmentData
The AWS connector environment data
Name | Type | Description |
---|---|---|
accountName |
string |
The AWS account name |
environmentType |
string:
Aws |
The type of the environment data. |
organizationalData | AwsOrganizationalData: |
The AWS account's organizational data |
regions |
string[] |
list of regions to scan |
scanInterval |
integer |
Scan interval in hours (value should be between 1-hour to 24-hours) |
AwsOrganizationalDataMaster
The AWS organization data for the master account
Name | Type | Description |
---|---|---|
excludedAccountIds |
string[] |
If the multi cloud account is of membership type organization, list of accounts excluded from offering |
organizationMembershipType |
string:
Organization |
The multi cloud account's membership type in the organization |
stacksetName |
string |
If the multi cloud account is of membership type organization, this will be the name of the onboarding stackset |
AwsOrganizationalDataMember
The AWS organization data for the member account
Name | Type | Description |
---|---|---|
organizationMembershipType |
string:
Member |
The multi cloud account's membership type in the organization |
parentHierarchyId |
string |
If the multi cloud account is not of membership type organization, this will be the ID of the account's parent |
AzureDevOpsScopeEnvironmentData
The AzureDevOps scope connector's environment data
Name | Type | Description |
---|---|---|
environmentType |
string:
Azure |
The type of the environment data. |
Ciem
Defenders CSPM Permissions Management offering configurations
Name | Type | Description |
---|---|---|
ciemDiscovery |
Defender CSPM Permissions Management discovery configuration |
|
ciemOidc |
AWS Defender CSPM Permissions Management OIDC (open id connect) connection configurations |
CiemDiscovery
GCP Defenders CSPM Permissions Management OIDC (Open ID connect) connection configurations
Name | Type | Description |
---|---|---|
azureActiveDirectoryAppName |
string |
the azure active directory app name used of authenticating against GCP workload identity federation |
serviceAccountEmailAddress |
string |
The service account email address in GCP for Permissions Management offering |
workloadIdentityProviderId |
string |
The GCP workload identity provider id for Permissions Management offering |
CiemOidc
AWS Defender CSPM Permissions Management OIDC (open id connect) connection configurations
Name | Type | Description |
---|---|---|
azureActiveDirectoryAppName |
string |
the azure active directory app name used of authenticating against AWS |
cloudRoleArn |
string |
The cloud role ARN in AWS for Permissions Management used for oidc connection |
CloudError
Common error response for all Azure Resource Manager APIs to return error details for failed operations. (This also follows the OData error response format.).
Name | Type | Description |
---|---|---|
error.additionalInfo |
The error additional info. |
|
error.code |
string |
The error code. |
error.details |
The error details. |
|
error.message |
string |
The error message. |
error.target |
string |
The error target. |
CloudErrorBody
The error detail.
Name | Type | Description |
---|---|---|
additionalInfo |
The error additional info. |
|
code |
string |
The error code. |
details |
The error details. |
|
message |
string |
The error message. |
target |
string |
The error target. |
cloudName
The multi cloud resource's cloud name.
Name | Type | Description |
---|---|---|
AWS |
string |
|
Azure |
string |
|
AzureDevOps |
string |
|
GCP |
string |
|
GitLab |
string |
|
Github |
string |
CloudWatchToKinesis
The cloudwatch to kinesis connection configuration
Name | Type | Description |
---|---|---|
cloudRoleArn |
string |
The cloud role ARN in AWS used by CloudWatch to transfer data into Kinesis |
Configuration
Configuration for VM scanning
Name | Type | Description |
---|---|---|
exclusionTags |
object |
Tags that indicates that a resource should not be scanned |
scanningMode |
The scanning mode for the VM scan. |
createdByType
The type of identity that created the resource.
Name | Type | Description |
---|---|---|
Application |
string |
|
Key |
string |
|
ManagedIdentity |
string |
|
User |
string |
cspmMonitorAwsOffering
The CSPM monitoring for AWS offering
Name | Type | Description |
---|---|---|
description |
string |
The offering description. |
nativeCloudConnection |
The native cloud connection configuration |
|
offeringType |
string:
Cspm |
The type of the security offering. |
cspmMonitorAzureDevOpsOffering
The CSPM monitoring for AzureDevOps offering
Name | Type | Description |
---|---|---|
description |
string |
The offering description. |
offeringType |
string:
Cspm |
The type of the security offering. |
cspmMonitorGcpOffering
The CSPM monitoring for GCP offering
Name | Type | Description |
---|---|---|
description |
string |
The offering description. |
nativeCloudConnection |
The native cloud connection configuration |
|
offeringType |
string:
Cspm |
The type of the security offering. |
cspmMonitorGithubOffering
The CSPM monitoring for github offering
Name | Type | Description |
---|---|---|
description |
string |
The offering description. |
offeringType |
string:
Cspm |
The type of the security offering. |
cspmMonitorGitLabOffering
The CSPM (Cloud security posture management) monitoring for gitlab offering
Name | Type | Description |
---|---|---|
description |
string |
The offering description. |
offeringType |
string:
Cspm |
The type of the security offering. |
DatabasesDspm
The databases data security posture management (DSPM) configuration
Name | Type | Description |
---|---|---|
cloudRoleArn |
string |
The cloud role ARN in AWS for this feature |
enabled |
boolean |
Is databases data security posture management (DSPM) protection enabled |
DataPipelineNativeCloudConnection
The native cloud connection configuration
Name | Type | Description |
---|---|---|
serviceAccountEmailAddress |
string |
The data collection service account email address in GCP for this offering |
workloadIdentityProviderId |
string |
The data collection GCP workload identity provider id for this offering |
DataSensitivityDiscovery
The Microsoft Defender Data Sensitivity discovery configuration
Name | Type | Description |
---|---|---|
cloudRoleArn |
string |
The cloud role ARN in AWS for this feature |
enabled |
boolean |
Is Microsoft Defender Data Sensitivity discovery enabled |
defenderCspmAwsOffering
The CSPM P1 for AWS offering
Name | Type | Description |
---|---|---|
ciem |
Defenders CSPM Permissions Management offering configurations |
|
dataSensitivityDiscovery |
The Microsoft Defender Data Sensitivity discovery configuration |
|
databasesDspm |
The databases DSPM configuration |
|
description |
string |
The offering description. |
mdcContainersAgentlessDiscoveryK8s |
The Microsoft Defender container agentless discovery K8s configuration |
|
mdcContainersImageAssessment |
The Microsoft Defender container image assessment configuration |
|
offeringType |
string:
Defender |
The type of the security offering. |
vmScanners |
The Microsoft Defender for CSPM offering VM scanning configuration |
defenderCspmGcpOffering
The CSPM P1 for GCP offering
Name | Type | Description |
---|---|---|
ciemDiscovery |
GCP Defenders CSPM Permissions Management OIDC (Open ID connect) connection configurations |
|
dataSensitivityDiscovery |
The Microsoft Defender Data Sensitivity discovery configuration |
|
description |
string |
The offering description. |
mdcContainersAgentlessDiscoveryK8s |
The Microsoft Defender Container agentless discovery configuration |
|
mdcContainersImageAssessment |
The Microsoft Defender Container image assessment configuration |
|
offeringType |
string:
Defender |
The type of the security offering. |
vmScanners |
The Microsoft Defender for CSPM VM scanning configuration |
defenderFoDatabasesAwsOffering
The Defender for Databases AWS offering
Name | Type | Description |
---|---|---|
arcAutoProvisioning |
The ARC autoprovisioning configuration |
|
databasesDspm |
The databases data security posture management (DSPM) configuration |
|
description |
string |
The offering description. |
offeringType |
string:
Defender |
The type of the security offering. |
rds |
The RDS configuration |
defenderForContainersAwsOffering
The Defender for Containers AWS offering
Name | Type | Description |
---|---|---|
cloudWatchToKinesis |
The cloudwatch to kinesis connection configuration |
|
dataCollectionExternalId |
string |
The externalId used by the data reader to prevent the confused deputy attack |
description |
string |
The offering description. |
enableAuditLogsAutoProvisioning |
boolean |
Is audit logs data collection enabled |
enableDefenderAgentAutoProvisioning |
boolean |
Is Microsoft Defender for Cloud Kubernetes agent auto provisioning enabled |
enablePolicyAgentAutoProvisioning |
boolean |
Is Policy Kubernetes agent auto provisioning enabled |
kinesisToS3 |
The kinesis to s3 connection configuration |
|
kubeAuditRetentionTime |
integer |
The retention time in days of kube audit logs set on the CloudWatch log group |
kubernetesDataCollection |
The kubernetes data collection connection configuration |
|
kubernetesService |
The kubernetes service connection configuration |
|
mdcContainersAgentlessDiscoveryK8s |
The Microsoft Defender container agentless discovery K8s configuration |
|
mdcContainersImageAssessment |
The Microsoft Defender container image assessment configuration |
|
offeringType |
string:
Defender |
The type of the security offering. |
vmScanners |
The Microsoft Defender for Container K8s VM host scanning configuration |
defenderForContainersGcpOffering
The containers GCP offering
Name | Type | Description |
---|---|---|
dataPipelineNativeCloudConnection |
The native cloud connection configuration |
|
description |
string |
The offering description. |
enableAuditLogsAutoProvisioning |
boolean |
Is audit logs data collection enabled |
enableDefenderAgentAutoProvisioning |
boolean |
Is Microsoft Defender for Cloud Kubernetes agent auto provisioning enabled |
enablePolicyAgentAutoProvisioning |
boolean |
Is Policy Kubernetes agent auto provisioning enabled |
mdcContainersAgentlessDiscoveryK8s |
The Microsoft Defender Container agentless discovery configuration |
|
mdcContainersImageAssessment |
The Microsoft Defender Container image assessment configuration |
|
nativeCloudConnection |
The native cloud connection configuration |
|
offeringType |
string:
Defender |
The type of the security offering. |
vmScanners |
The Microsoft Defender for Container K8s VM host scanning configuration |
DefenderForDatabasesArcAutoProvisioning
The native cloud connection configuration
Name | Type | Description |
---|---|---|
serviceAccountEmailAddress |
string |
The service account email address in GCP for this offering |
workloadIdentityProviderId |
string |
The GCP workload identity provider id for this offering |
defenderForDatabasesGcpOffering
The Defender for Databases GCP offering configurations
Name | Type | Description |
---|---|---|
arcAutoProvisioning |
The ARC autoprovisioning configuration |
|
defenderForDatabasesArcAutoProvisioning |
The native cloud connection configuration |
|
description |
string |
The offering description. |
offeringType |
string:
Defender |
The type of the security offering. |
DefenderForServers
The Defender for servers connection configuration
Name | Type | Description |
---|---|---|
cloudRoleArn |
string |
The cloud role ARN in AWS for this feature |
defenderForServersAwsOffering
The Defender for Servers AWS offering
Name | Type | Description |
---|---|---|
arcAutoProvisioning |
The ARC autoprovisioning configuration |
|
defenderForServers |
The Defender for servers connection configuration |
|
description |
string |
The offering description. |
mdeAutoProvisioning |
The Microsoft Defender for Endpoint autoprovisioning configuration |
|
offeringType |
string:
Defender |
The type of the security offering. |
subPlan |
configuration for the servers offering subPlan |
|
vaAutoProvisioning |
The Vulnerability Assessment autoprovisioning configuration |
|
vmScanners |
The Microsoft Defender for Server VM scanning configuration |
defenderForServersGcpOffering
The Defender for Servers GCP offering configurations
Name | Type | Description |
---|---|---|
arcAutoProvisioning |
The ARC autoprovisioning configuration |
|
defenderForServers |
The Defender for servers connection configuration |
|
description |
string |
The offering description. |
mdeAutoProvisioning |
The Microsoft Defender for Endpoint autoprovisioning configuration |
|
offeringType |
string:
Defender |
The type of the security offering. |
subPlan |
configuration for the servers offering subPlan |
|
vaAutoProvisioning |
The Vulnerability Assessment autoprovisioning configuration |
|
vmScanners |
The Microsoft Defender for Server VM scanning configuration |
ErrorAdditionalInfo
The resource management error additional info.
Name | Type | Description |
---|---|---|
info |
object |
The additional info. |
type |
string |
The additional info type. |
GcpOrganizationalDataMember
The gcpOrganization data for the member account
Name | Type | Description |
---|---|---|
managementProjectNumber |
string |
The GCP management project number from organizational onboarding |
organizationMembershipType |
string:
Member |
The multi cloud account's membership type in the organization |
parentHierarchyId |
string |
If the multi cloud account is not of membership type organization, this will be the ID of the project's parent |
GcpOrganizationalDataOrganization
The gcpOrganization data for the parent account
Name | Type | Description |
---|---|---|
excludedProjectNumbers |
string[] |
If the multi cloud account is of membership type organization, list of accounts excluded from offering |
organizationMembershipType |
string:
Organization |
The multi cloud account's membership type in the organization |
organizationName |
string |
GCP organization name |
serviceAccountEmailAddress |
string |
The service account email address which represents the organization level permissions container. |
workloadIdentityProviderId |
string |
The GCP workload identity provider id which represents the permissions required to auto provision security connectors |
GcpProjectDetails
The details about the project represented by the security connector
Name | Type | Description |
---|---|---|
projectId |
string |
The GCP Project id |
projectName |
string |
GCP project name |
projectNumber |
string |
The unique GCP Project number |
workloadIdentityPoolId |
string |
The GCP workload identity federation pool id |
GcpProjectEnvironmentData
The GCP project connector environment data
Name | Type | Description |
---|---|---|
environmentType |
string:
Gcp |
The type of the environment data. |
organizationalData | GcpOrganizationalData: |
The Gcp project's organizational data |
projectDetails |
The Gcp project's details |
|
scanInterval |
integer |
Scan interval in hours (value should be between 1-hour to 24-hours) |
GithubScopeEnvironmentData
The github scope connector's environment data
Name | Type | Description |
---|---|---|
environmentType |
string:
Github |
The type of the environment data. |
GitlabScopeEnvironmentData
The GitLab scope connector's environment data
Name | Type | Description |
---|---|---|
environmentType |
string:
Gitlab |
The type of the environment data. |
KinesisToS3
The kinesis to s3 connection configuration
Name | Type | Description |
---|---|---|
cloudRoleArn |
string |
The cloud role ARN in AWS used by Kinesis to transfer data into S3 |
KubernetesDataCollection
The kubernetes data collection connection configuration
Name | Type | Description |
---|---|---|
cloudRoleArn |
string |
The cloud role ARN in AWS for this feature used for reading data |
KubernetesService
The kubernetes service connection configuration
Name | Type | Description |
---|---|---|
cloudRoleArn |
string |
The cloud role ARN in AWS for this feature used for provisioning resources |
MdcContainersAgentlessDiscoveryK8s
The Microsoft Defender container agentless discovery K8s configuration
Name | Type | Description |
---|---|---|
cloudRoleArn |
string |
The cloud role ARN in AWS for this feature |
enabled |
boolean |
Is Microsoft Defender container agentless discovery K8s enabled |
MdcContainersImageAssessment
The Microsoft Defender container image assessment configuration
Name | Type | Description |
---|---|---|
cloudRoleArn |
string |
The cloud role ARN in AWS for this feature |
enabled |
boolean |
Is Microsoft Defender container image assessment enabled |
MdeAutoProvisioning
The Microsoft Defender for Endpoint autoprovisioning configuration
Name | Type | Description |
---|---|---|
configuration |
configuration for Microsoft Defender for Endpoint autoprovisioning |
|
enabled |
boolean |
Is Microsoft Defender for Endpoint auto provisioning enabled |
mdeAutoProvisioning.Configuration
configuration for Microsoft Defender for Endpoint autoprovisioning
NativeCloudConnection
The native cloud connection configuration
Name | Type | Description |
---|---|---|
cloudRoleArn |
string |
The cloud role ARN in AWS for this feature |
Rds
The RDS configuration
Name | Type | Description |
---|---|---|
cloudRoleArn |
string |
The cloud role ARN in AWS for this feature |
enabled |
boolean |
Is RDS protection enabled |
scanningMode
The scanning mode for the VM scan.
Name | Type | Description |
---|---|---|
Default |
string |
SecurityConnector
The security connector resource.
Name | Type | Description |
---|---|---|
etag |
string |
Entity tag is used for comparing two or more entities from the same requested resource. |
id |
string |
Resource Id |
kind |
string |
Kind of the resource |
location |
string |
Location where the resource is stored |
name |
string |
Resource name |
properties.environmentData | EnvironmentData: |
The security connector environment data. |
properties.environmentName |
The multi cloud resource's cloud name. |
|
properties.hierarchyIdentifier |
string |
The multi cloud resource identifier (account id in case of AWS connector, project number in case of GCP connector). |
properties.hierarchyIdentifierTrialEndDate |
string |
The date on which the trial period will end, if applicable. Trial period exists for 30 days after upgrading to payed offerings. |
properties.offerings |
cloudOffering[]:
|
A collection of offerings for the security connector. |
systemData |
Azure Resource Manager metadata containing createdBy and modifiedBy information. |
|
tags |
object |
A list of key value pairs that describe the resource. |
type |
string |
Resource type |
SecurityConnectorsList
List of security connectors response.
Name | Type | Description |
---|---|---|
nextLink |
string |
The URI to fetch the next page. |
value |
The list of security connectors under the given scope. |
SubPlan
configuration for the servers offering subPlan
Name | Type | Description |
---|---|---|
type |
The available sub plans |
subPlan
The available sub plans
Name | Type | Description |
---|---|---|
P1 |
string |
|
P2 |
string |
systemData
Metadata pertaining to creation and last modification of the resource.
Name | Type | Description |
---|---|---|
createdAt |
string |
The timestamp of resource creation (UTC). |
createdBy |
string |
The identity that created the resource. |
createdByType |
The type of identity that created the resource. |
|
lastModifiedAt |
string |
The timestamp of resource last modification (UTC) |
lastModifiedBy |
string |
The identity that last modified the resource. |
lastModifiedByType |
The type of identity that last modified the resource. |
type
The Vulnerability Assessment solution to be provisioned. Can be either 'TVM' or 'Qualys'
Name | Type | Description |
---|---|---|
Qualys |
string |
|
TVM |
string |
VaAutoProvisioning
The Vulnerability Assessment autoprovisioning configuration
Name | Type | Description |
---|---|---|
configuration |
configuration for Vulnerability Assessment autoprovisioning |
|
enabled |
boolean |
Is Vulnerability Assessment auto provisioning enabled |
vaAutoProvisioning.Configuration
configuration for Vulnerability Assessment autoprovisioning
Name | Type | Description |
---|---|---|
type |
The Vulnerability Assessment solution to be provisioned. Can be either 'TVM' or 'Qualys' |
VmScanners
The Microsoft Defender for Container K8s VM host scanning configuration
Name | Type | Description |
---|---|---|
cloudRoleArn |
string |
The cloud role ARN in AWS for this feature |
configuration |
Configuration for VM scanning |
|
enabled |
boolean |
Is VM scanning enabled |