New-AzSecurityDefenderCspmGcpOfferingObject
Create an in-memory object for DefenderCspmGcpOffering.
Syntax
New-AzSecurityDefenderCspmGcpOfferingObject
[-CiemDiscoveryAzureActiveDirectoryAppName <String>]
[-CiemDiscoveryServiceAccountEmailAddress <String>]
[-CiemDiscoveryWorkloadIdentityProviderId <String>]
[-ConfigurationExclusionTag <IDefenderCspmGcpOfferingVMScannersConfigurationExclusionTags>]
[-ConfigurationScanningMode <String>]
[-DataSensitivityDiscoveryEnabled <Boolean>]
[-DataSensitivityDiscoveryServiceAccountEmailAddress <String>]
[-DataSensitivityDiscoveryWorkloadIdentityProviderId <String>]
[-MdcContainerAgentlessDiscoveryK8SEnabled <Boolean>]
[-MdcContainerAgentlessDiscoveryK8SServiceAccountEmailAddress <String>]
[-MdcContainerAgentlessDiscoveryK8SWorkloadIdentityProviderId <String>]
[-MdcContainerImageAssessmentEnabled <Boolean>]
[-MdcContainerImageAssessmentServiceAccountEmailAddress <String>]
[-MdcContainerImageAssessmentWorkloadIdentityProviderId <String>]
[-VMScannerEnabled <Boolean>]
[<CommonParameters>] Description
Create an in-memory object for DefenderCspmGcpOffering.
Examples
Example 1: Create new DefenderCspmGcpOffering object
$emailSuffix = "myproject.iam.gserviceaccount.com"
New-AzSecurityDefenderCspmGcpOfferingObject `
-VMScannerEnabled $true -ConfigurationScanningMode Default -ConfigurationExclusionTag @{key="value"} `
-MdcContainerAgentlessDiscoveryK8SEnabled $true -MdcContainerAgentlessDiscoveryK8SServiceAccountEmailAddress "mdc-containers-k8s-operator@$emailSuffix" -MdcContainerAgentlessDiscoveryK8SWorkloadIdentityProviderId "containers" `
-MdcContainerImageAssessmentEnabled $true -MdcContainerImageAssessmentServiceAccountEmailAddress "mdc-containers-artifact-assess@$emailSuffix" -MdcContainerImageAssessmentWorkloadIdentityProviderId "containers" `
-DataSensitivityDiscoveryEnabled $true -DataSensitivityDiscoveryServiceAccountEmailAddress "mdc-data-sec-posture-storage@$emailSuffix" -DataSensitivityDiscoveryWorkloadIdentityProviderId "data-security-posture-storage" `
-CiemDiscoveryServiceAccountEmailAddress "microsoft-defender-ciem@$emailSuffix" -CiemDiscoveryAzureActiveDirectoryAppName "mciem-gcp-oidc-app" -CiemDiscoveryWorkloadIdentityProviderId "ciem-discovery"
CiemDiscoveryAzureActiveDirectoryAppName : mciem-gcp-oidc-app
CiemDiscoveryServiceAccountEmailAddress : microsoft-defender-ciem@myproject.iam.gserviceaccount.com
CiemDiscoveryWorkloadIdentityProviderId : ciem-discovery
ConfigurationExclusionTag : {
"key": "value"
}
ConfigurationScanningMode : Default
DataSensitivityDiscoveryEnabled : True
DataSensitivityDiscoveryServiceAccountEmailAddress : mdc-data-sec-posture-storage@myproject.iam.gserviceaccount.com
DataSensitivityDiscoveryWorkloadIdentityProviderId : data-security-posture-storage
Description :
MdcContainerAgentlessDiscoveryK8SEnabled : True
MdcContainerAgentlessDiscoveryK8SServiceAccountEmailAddress : mdc-containers-k8s-operator@myproject.iam.gserviceaccount.com
MdcContainerAgentlessDiscoveryK8SWorkloadIdentityProviderId : containers
MdcContainerImageAssessmentEnabled : True
MdcContainerImageAssessmentServiceAccountEmailAddress : mdc-containers-artifact-assess@myproject.iam.gserviceaccount.com
MdcContainerImageAssessmentWorkloadIdentityProviderId : containers
OfferingType : DefenderCspmGcp
VMScannerEnabled : TrueParameters
-CiemDiscoveryAzureActiveDirectoryAppName
the azure active directory app name used of authenticating against GCP workload identity federation.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-CiemDiscoveryServiceAccountEmailAddress
The service account email address in GCP for CIEM discovery offering.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-CiemDiscoveryWorkloadIdentityProviderId
The GCP workload identity provider id for CIEM discovery offering.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ConfigurationExclusionTag
VM tags that indicates that VM should not be scanned.
| Type: | IDefenderCspmGcpOfferingVMScannersConfigurationExclusionTags |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ConfigurationScanningMode
The scanning mode for the VM scan.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DataSensitivityDiscoveryEnabled
Is Microsoft Defender Data Sensitivity discovery enabled.
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DataSensitivityDiscoveryServiceAccountEmailAddress
The service account email address in GCP for this feature.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DataSensitivityDiscoveryWorkloadIdentityProviderId
The workload identity provider id in GCP for this feature.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-MdcContainerAgentlessDiscoveryK8SEnabled
Is Microsoft Defender container agentless discovery enabled.
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-MdcContainerAgentlessDiscoveryK8SServiceAccountEmailAddress
The service account email address in GCP for this feature.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-MdcContainerAgentlessDiscoveryK8SWorkloadIdentityProviderId
The workload identity provider id in GCP for this feature.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-MdcContainerImageAssessmentEnabled
Is Microsoft Defender container image assessment enabled.
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-MdcContainerImageAssessmentServiceAccountEmailAddress
The service account email address in GCP for this feature.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-MdcContainerImageAssessmentWorkloadIdentityProviderId
The workload identity provider id in GCP for this feature.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-VMScannerEnabled
Is Microsoft Defender for Server VM scanning enabled.
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Outputs
Samarbeta med oss på GitHub
Källan för det här innehållet finns på GitHub, där du även kan skapa och granska ärenden och pull-begäranden. Se vår deltagarguide för mer information.
Azure PowerShell