azure.mgmt.security.models module¶
-
class
azure.mgmt.security.models.
AadConnectivityState
(value)[source]¶ -
An enumeration.
-
connected
= 'Connected'¶
-
discovered
= 'Discovered'¶
-
not_licensed
= 'NotLicensed'¶
-
-
class
azure.mgmt.security.models.
AadConnectivityState1
(*, connectivity_state=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Describes an Azure resource with kind.
- Parameters
connectivity_state (str or AadConnectivityState) – The connectivity state of the external AAD solution . Possible values include: ‘Discovered’, ‘NotLicensed’, ‘Connected’
-
class
azure.mgmt.security.models.
AadExternalSecuritySolution
(*, properties=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.ExternalSecuritySolution
Represents an AAD identity protection solution which sends logs to an OMS workspace.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
-
class
azure.mgmt.security.models.
AadSolutionProperties
(*, device_vendor: str = None, device_type: str = None, workspace=None, connectivity_state=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The external security solution properties for AAD solutions.
- Parameters
device_vendor (str) –
device_type (str) –
workspace (ConnectedWorkspace) –
connectivity_state (str or AadConnectivityState) – The connectivity state of the external AAD solution . Possible values include: ‘Discovered’, ‘NotLicensed’, ‘Connected’
-
class
azure.mgmt.security.models.
ActiveConnectionsNotInAllowedRange
(*, is_enabled: bool, min_threshold: int, max_threshold: int, time_window_size, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.TimeWindowCustomAlertRule
Number of active connections is not in allowed range.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
is_enabled (bool) – Required. Status of the custom alert.
rule_type (str) – Required. Constant filled by server.
min_threshold (int) – Required. The minimum threshold.
max_threshold (int) – Required. The maximum threshold.
time_window_size (timedelta) – Required. The time window size in iso8601 format.
-
class
azure.mgmt.security.models.
AdaptiveNetworkHardening
(*, rules=None, rules_calculation_time=None, effective_network_security_groups=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
The resource whose properties describes the Adaptive Network Hardening settings for some Azure resource.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
- Parameters
rules (list[Rule]) – The security rules which are recommended to be effective on the VM
rules_calculation_time (datetime) – The UTC time on which the rules were calculated
effective_network_security_groups (list[EffectiveNetworkSecurityGroups]) – The Network Security Groups effective on the network interfaces of the protected resource
-
class
azure.mgmt.security.models.
AdaptiveNetworkHardeningEnforceRequest
(*, rules, network_security_groups, **kwargs)[source]¶ Bases:
msrest.serialization.Model
AdaptiveNetworkHardeningEnforceRequest.
All required parameters must be populated in order to send to Azure.
-
class
azure.mgmt.security.models.
AdaptiveNetworkHardeningPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
AdaptiveNetworkHardening
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
AdditionalData
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Details of the sub-assessment.
You probably want to use the sub-classes and not this class directly. Known sub-classes are: SqlServerVulnerabilityProperties, ContainerRegistryVulnerabilityProperties, ServerVulnerabilityProperties
All required parameters must be populated in order to send to Azure.
- Parameters
assessed_resource_type (str) – Required. Constant filled by server.
-
class
azure.mgmt.security.models.
AdvancedThreatProtectionSetting
(*, is_enabled: bool = None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
The Advanced Threat Protection resource.
Variables are only populated by the server, and will be ignored when sending a request.
-
class
azure.mgmt.security.models.
Alert
(*, extended_properties=None, entities=None, confidence_reasons=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Security alert.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
name (str) – Resource name
state (str) – State of the alert (Active, Dismissed etc.)
reported_time_utc (datetime) – The time the incident was reported to Microsoft.Security in UTC
vendor_name (str) – Name of the vendor that discovered the incident
alert_name (str) – Name of the alert type
alert_display_name (str) – Display name of the alert type
detected_time_utc (datetime) – The time the incident was detected by the vendor
description (str) – Description of the incident and what it means
remediation_steps (str) – Recommended steps to reradiate the incident
action_taken (str) – The action that was taken as a response to the alert (Active, Blocked etc.)
reported_severity (str or ReportedSeverity) – Estimated severity of this alert. Possible values include: ‘Informational’, ‘Low’, ‘Medium’, ‘High’
compromised_entity (str) – The entity that the incident happened on
associated_resource (str) – Azure resource ID of the associated resource
system_source (str) – The type of the alerted resource (Azure, Non-Azure)
can_be_investigated (bool) – Whether this alert can be investigated with Azure Security Center
is_incident (bool) – Whether this alert is for incident type or not (otherwise - single alert)
confidence_score (float) – level of confidence we have on the alert
subscription_id (str) – Azure subscription ID of the resource that had the security alert or the subscription ID of the workspace that this resource reports to
instance_id (str) – Instance ID of the alert.
workspace_arm_id (str) – Azure resource ID of the workspace that the alert was reported to.
correlation_key (str) – Alerts with the same CorrelationKey will be grouped together in Ibiza.
- Parameters
entities (list[AlertEntity]) – objects that are related to this alerts
confidence_reasons (list[AlertConfidenceReason]) – reasons the alert got the confidenceScore value
-
class
azure.mgmt.security.models.
AlertConfidenceReason
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Factors that increase our confidence that the alert is a true positive.
Variables are only populated by the server, and will be ignored when sending a request.
-
class
azure.mgmt.security.models.
AlertEntity
(*, additional_properties=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Changing set of properties depending on the entity type.
Variables are only populated by the server, and will be ignored when sending a request.
-
class
azure.mgmt.security.models.
AlertNotifications
(value)[source]¶ -
An enumeration.
-
off
= 'Off'¶ Don’t get notifications on new alerts
-
on
= 'On'¶ Get notifications on new alerts
-
-
class
azure.mgmt.security.models.
AlertPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
Alert
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
AlertsSuppressionRule
(*, alert_type: str, reason: str, state, expiration_date_utc=None, comment: str = None, suppression_alerts_scope=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Describes the suppression rule.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
alert_type (str) – Required. Type of the alert to automatically suppress. For all alert types, use ‘*’
expiration_date_utc (datetime) – Expiration date of the rule, if value is not provided or provided as null this field will default to the maximum allowed expiration date.
reason (str) – Required. The reason for dismissing the alert
state (str or RuleState) – Required. Possible states of the rule. Possible values include: ‘Enabled’, ‘Disabled’, ‘Expired’
comment (str) – Any comment regarding the rule
suppression_alerts_scope (SuppressionAlertsScope) – The suppression conditions
-
class
azure.mgmt.security.models.
AlertsSuppressionRulePaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
AlertsSuppressionRule
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
AlertsToAdmins
(value)[source]¶ -
An enumeration.
-
off
= 'Off'¶ Don’t send notification on new alerts to the subscription’s admins
-
on
= 'On'¶ Send notification on new alerts to the subscription’s admins
-
-
class
azure.mgmt.security.models.
AllowedConnectionsResource
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
The resource whose properties describes the allowed traffic between Azure resources.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
name (str) – Resource name
location (str) – Location where the resource is stored
calculated_date_time (datetime) – The UTC time on which the allowed connections resource was calculated
connectable_resources (list[ConnectableResource]) – List of connectable resources
-
class
azure.mgmt.security.models.
AllowedConnectionsResourcePaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
AllowedConnectionsResource
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
AllowlistCustomAlertRule
(*, is_enabled: bool, allowlist_values, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.ListCustomAlertRule
A custom alert rule that checks if a value (depends on the custom alert type) is allowed.
You probably want to use the sub-classes and not this class directly. Known sub-classes are: ConnectionToIpNotAllowed, LocalUserNotAllowed, ProcessNotAllowed
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
-
class
azure.mgmt.security.models.
AmqpC2DMessagesNotInAllowedRange
(*, is_enabled: bool, min_threshold: int, max_threshold: int, time_window_size, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.TimeWindowCustomAlertRule
Number of cloud to device messages (AMQP protocol) is not in allowed range.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
is_enabled (bool) – Required. Status of the custom alert.
rule_type (str) – Required. Constant filled by server.
min_threshold (int) – Required. The minimum threshold.
max_threshold (int) – Required. The maximum threshold.
time_window_size (timedelta) – Required. The time window size in iso8601 format.
-
class
azure.mgmt.security.models.
AmqpC2DRejectedMessagesNotInAllowedRange
(*, is_enabled: bool, min_threshold: int, max_threshold: int, time_window_size, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.TimeWindowCustomAlertRule
Number of rejected cloud to device messages (AMQP protocol) is not in allowed range.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
is_enabled (bool) – Required. Status of the custom alert.
rule_type (str) – Required. Constant filled by server.
min_threshold (int) – Required. The minimum threshold.
max_threshold (int) – Required. The maximum threshold.
time_window_size (timedelta) – Required. The time window size in iso8601 format.
-
class
azure.mgmt.security.models.
AmqpD2CMessagesNotInAllowedRange
(*, is_enabled: bool, min_threshold: int, max_threshold: int, time_window_size, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.TimeWindowCustomAlertRule
Number of device to cloud messages (AMQP protocol) is not in allowed range.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
is_enabled (bool) – Required. Status of the custom alert.
rule_type (str) – Required. Constant filled by server.
min_threshold (int) – Required. The minimum threshold.
max_threshold (int) – Required. The maximum threshold.
time_window_size (timedelta) – Required. The time window size in iso8601 format.
-
class
azure.mgmt.security.models.
AppWhitelistingGroup
(*, enforcement_mode=None, protection_mode=None, vm_recommendations=None, path_recommendations=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
AppWhitelistingGroup.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
name (str) – Resource name
location (str) – Location where the resource is stored
configuration_status (str or enum) – Possible values include: ‘Configured’, ‘NotConfigured’, ‘InProgress’, ‘Failed’, ‘NoStatus’
recommendation_status (str or enum) – Possible values include: ‘Recommended’, ‘NotRecommended’, ‘NotAvailable’, ‘NoStatus’
issues (list[AppWhitelistingIssueSummary]) –
source_system (str or enum) – Possible values include: ‘Azure_AppLocker’, ‘Azure_AuditD’, ‘NonAzure_AppLocker’, ‘NonAzure_AuditD’, ‘None’
- Parameters
enforcement_mode (str or enum) – Possible values include: ‘Audit’, ‘Enforce’, ‘None’
protection_mode (ProtectionMode) –
vm_recommendations (list[VmRecommendation]) –
path_recommendations (list[PathRecommendation]) –
-
class
azure.mgmt.security.models.
AppWhitelistingGroups
(*, value=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Represents a list of VM/server groups and set of rules that are Recommended by Azure Security Center to be allowed.
- Parameters
value (list[AppWhitelistingGroup]) –
-
class
azure.mgmt.security.models.
AppWhitelistingIssueSummary
(*, issue=None, number_of_vms: float = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Represents a summary of the alerts of the VM/server group.
- Parameters
issue (str or enum) – Possible values include: ‘ViolationsAudited’, ‘ViolationsBlocked’, ‘MsiAndScriptViolationsAudited’, ‘MsiAndScriptViolationsBlocked’, ‘ExecutableViolationsAudited’, ‘RulesViolatedManually’
number_of_vms (float) – The number of machines in the VM/server group that have this alert
-
class
azure.mgmt.security.models.
AscLocation
(*, properties=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
The ASC location of the subscription is in the “name” field.
Variables are only populated by the server, and will be ignored when sending a request.
-
class
azure.mgmt.security.models.
AscLocationPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
AscLocation
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
AssessmentLinks
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Links relevant to the assessment.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
azure_portal_uri (str) – Link to assessment in Azure Portal
-
class
azure.mgmt.security.models.
AssessmentStatus
(*, code, cause: str = None, description: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The result of the assessment.
All required parameters must be populated in order to send to Azure.
- Parameters
code (str or AssessmentStatusCode) – Required. Programmatic code for the status of the assessment. Possible values include: ‘Healthy’, ‘Unhealthy’, ‘NotApplicable’
cause (str) – Programmatic code for the cause of the assessment status
description (str) – Human readable description of the assessment status
-
class
azure.mgmt.security.models.
AssessmentStatusCode
(value)[source]¶ -
An enumeration.
-
healthy
= 'Healthy'¶ The resource is healthy
-
not_applicable
= 'NotApplicable'¶ Assessment for this resource did not happen
-
unhealthy
= 'Unhealthy'¶ The resource has a security issue that needs to be addressed
-
-
class
azure.mgmt.security.models.
AssessmentType
(value)[source]¶ -
An enumeration.
-
built_in
= 'BuiltIn'¶ Azure Security Center managed assessments
-
custom_policy
= 'CustomPolicy'¶ User defined policies that are automatically ingested from Azure Policy to Azure Security Center
-
customer_managed
= 'CustomerManaged'¶ User assessments pushed directly by the user or other third party to Azure Security Center
-
verified_partner
= 'VerifiedPartner'¶ An assessment that was created by a verified 3rd party if the user connected it to ASC
-
-
class
azure.mgmt.security.models.
AtaExternalSecuritySolution
(*, properties=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.ExternalSecuritySolution
Represents an ATA security solution which sends logs to an OMS workspace.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
-
class
azure.mgmt.security.models.
AtaSolutionProperties
(*, additional_properties=None, device_vendor: str = None, device_type: str = None, workspace=None, last_event_received: str = None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.ExternalSecuritySolutionProperties
The external security solution properties for ATA solutions.
-
class
azure.mgmt.security.models.
AutoProvision
(value)[source]¶ -
An enumeration.
-
off
= 'Off'¶ Do not install security agent on the VMs automatically
-
on
= 'On'¶ Install missing security agent on VMs automatically
-
-
class
azure.mgmt.security.models.
AutoProvisioningSetting
(*, auto_provision, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Auto provisioning setting.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
-
class
azure.mgmt.security.models.
AutoProvisioningSettingPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
AutoProvisioningSetting
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
Automation
(*, kind: str = None, etag: str = None, tags=None, description: str = None, is_enabled: bool = None, scopes=None, sources=None, actions=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.TrackedResource
The security automation resource.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
- Parameters
kind (str) – Kind of the resource
etag (str) – Entity tag is used for comparing two or more entities from the same requested resource.
tags (dict[str, str]) – A list of key value pairs that describe the resource.
description (str) – The security automation description.
is_enabled (bool) – Indicates whether the security automation is enabled.
scopes (list[AutomationScope]) – A collection of scopes on which the security automations logic is applied. Supported scopes are the subscription itself or a resource group under that subscription. The automation will only apply on defined scopes.
sources (list[AutomationSource]) – A collection of the source event types which evaluate the security automation set of rules.
actions (list[AutomationAction]) – A collection of the actions which are triggered if all the configured rules evaluations, within at least one rule set, are true.
-
class
azure.mgmt.security.models.
AutomationAction
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
The action that should be triggered.
You probably want to use the sub-classes and not this class directly. Known sub-classes are: AutomationActionLogicApp, AutomationActionEventHub, AutomationActionWorkspace
All required parameters must be populated in order to send to Azure.
- Parameters
action_type (str) – Required. Constant filled by server.
-
class
azure.mgmt.security.models.
AutomationActionEventHub
(*, event_hub_resource_id: str = None, connection_string: str = None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.AutomationAction
The target Event Hub to which event data will be exported. To learn more about Security Center continuous export capabilities, visit https://aka.ms/ASCExportLearnMore.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Parameters
- Variables
sas_policy_name (str) – The target Event Hub SAS policy name.
-
class
azure.mgmt.security.models.
AutomationActionLogicApp
(*, logic_app_resource_id: str = None, uri: str = None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.AutomationAction
The logic app action that should be triggered. To learn more about Security Center’s Workflow Automation capabilities, visit https://aka.ms/ASCWorkflowAutomationLearnMore.
All required parameters must be populated in order to send to Azure.
- Parameters
action_type (str) – Required. Constant filled by server.
logic_app_resource_id (str) – The triggered Logic App Azure Resource ID. This can also reside on other subscriptions, given that you have permissions to trigger the Logic App
uri (str) – The Logic App trigger URI endpoint (it will not be included in any response).
-
class
azure.mgmt.security.models.
AutomationActionWorkspace
(*, workspace_resource_id: str = None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.AutomationAction
The Log Analytics Workspace to which event data will be exported. Security alerts data will reside in the ‘SecurityAlert’ table and the assessments data will reside in the ‘SecurityRecommendation’ table (under the ‘Security’/’SecurityCenterFree’ solutions). Note that in order to view the data in the workspace, the Security Center Log Analytics free/standard solution needs to be enabled on that workspace. To learn more about Security Center continuous export capabilities, visit https://aka.ms/ASCExportLearnMore.
All required parameters must be populated in order to send to Azure.
-
class
azure.mgmt.security.models.
AutomationPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
Automation
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
AutomationRuleSet
(*, rules=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
A rule set which evaluates all its rules upon an event interception. Only when all the included rules in the rule set will be evaluated as ‘true’, will the event trigger the defined actions.
- Parameters
rules (list[AutomationTriggeringRule]) –
-
class
azure.mgmt.security.models.
AutomationScope
(*, description: str = None, scope_path: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
A single automation scope.
-
class
azure.mgmt.security.models.
AutomationSource
(*, event_source=None, rule_sets=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The source event types which evaluate the security automation set of rules. For example - security alerts and security assessments. To learn more about the supported security events data models schemas - please visit https://aka.ms/ASCAutomationSchemas.
- Parameters
event_source (str or EventSource) – A valid event source type. Possible values include: ‘Assessments’, ‘Alerts’
rule_sets (list[AutomationRuleSet]) – A set of rules which evaluate upon event interception. A logical disjunction is applied between defined rule sets (logical ‘or’).
-
class
azure.mgmt.security.models.
AutomationTriggeringRule
(*, property_jpath: str = None, property_type=None, expected_value: str = None, operator=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
A rule which is evaluated upon event interception. The rule is configured by comparing a specific value from the event model to an expected value. This comparison is done by using one of the supported operators set.
- Parameters
property_jpath (str) – The JPath of the entity model property that should be checked.
property_type (str or PropertyType) – The data type of the compared operands (string, integer, floating point number or a boolean [true/false]]. Possible values include: ‘String’, ‘Integer’, ‘Number’, ‘Boolean’
expected_value (str) – The expected value.
operator (str or Operator) – A valid comparer operator to use. A case-insensitive comparison will be applied for String PropertyType. Possible values include: ‘Equals’, ‘GreaterThan’, ‘GreaterThanOrEqualTo’, ‘LesserThan’, ‘LesserThanOrEqualTo’, ‘NotEquals’, ‘Contains’, ‘StartsWith’, ‘EndsWith’
-
class
azure.mgmt.security.models.
AutomationValidationStatus
(*, is_valid: bool = None, message: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The security automation model state property bag.
-
class
azure.mgmt.security.models.
AzureResourceDetails
(**kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.ResourceDetails
Details of the Azure resource that was assessed.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
-
class
azure.mgmt.security.models.
AzureResourceLink
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Describes an Azure resource with kind.
Variables are only populated by the server, and will be ignored when sending a request.
-
class
azure.mgmt.security.models.
CVE
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
CVE details.
Variables are only populated by the server, and will be ignored when sending a request.
-
class
azure.mgmt.security.models.
CVSS
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
CVSS details.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
base (float) – CVSS base
-
class
azure.mgmt.security.models.
Category
(value)[source]¶ -
An enumeration.
-
compute
= 'Compute'¶
-
data
= 'Data'¶
-
identity_and_access
= 'IdentityAndAccess'¶
-
io_t
= 'IoT'¶
-
networking
= 'Networking'¶
-
-
class
azure.mgmt.security.models.
CefExternalSecuritySolution
(*, properties=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.ExternalSecuritySolution
Represents a security solution which sends CEF logs to an OMS workspace.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
-
class
azure.mgmt.security.models.
CefSolutionProperties
(*, additional_properties=None, device_vendor: str = None, device_type: str = None, workspace=None, hostname: str = None, agent: str = None, last_event_received: str = None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.ExternalSecuritySolutionProperties
The external security solution properties for CEF solutions.
-
class
azure.mgmt.security.models.
Compliance
(**kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Compliance of a scope.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
name (str) – Resource name
assessment_timestamp_utc_date (datetime) – The timestamp when the Compliance calculation was conducted.
resource_count (int) – The resource count of the given subscription for which the Compliance calculation was conducted (needed for Management Group Compliance calculation).
assessment_result (list[ComplianceSegment]) – An array of segment, which is the actually the compliance assessment.
-
class
azure.mgmt.security.models.
CompliancePaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
Compliance
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
ComplianceResult
(**kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
a compliance result.
Variables are only populated by the server, and will be ignored when sending a request.
-
class
azure.mgmt.security.models.
ComplianceResultPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
ComplianceResult
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
ComplianceSegment
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
A segment of a compliance assessment.
Variables are only populated by the server, and will be ignored when sending a request.
-
class
azure.mgmt.security.models.
ConnectableResource
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Describes the allowed inbound and outbound traffic of an Azure resource.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
inbound_connected_resources (list[ConnectedResource]) – The list of Azure resources that the resource has inbound allowed connection from
outbound_connected_resources (list[ConnectedResource]) – The list of Azure resources that the resource has outbound allowed connection to
-
class
azure.mgmt.security.models.
ConnectedResource
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Describes properties of a connected resource.
Variables are only populated by the server, and will be ignored when sending a request.
-
class
azure.mgmt.security.models.
ConnectedWorkspace
(*, id: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Represents an OMS workspace to which the solution is connected.
- Parameters
id (str) – Azure resource ID of the connected OMS workspace
-
class
azure.mgmt.security.models.
ConnectionToIpNotAllowed
(*, is_enabled: bool, allowlist_values, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.AllowlistCustomAlertRule
Outbound connection to an ip that isn’t allowed. Allow list consists of ipv4 or ipv6 range in CIDR notation.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
-
class
azure.mgmt.security.models.
ConnectionType
(value)[source]¶ -
An enumeration.
-
external
= 'External'¶
-
internal
= 'Internal'¶
-
-
class
azure.mgmt.security.models.
ContainerRegistryVulnerabilityProperties
(**kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.AdditionalData
Additional context fields for container registry Vulnerability assessment.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Parameters
assessed_resource_type (str) – Required. Constant filled by server.
- Variables
type (str) – Vulnerability Type. e.g: Vulnerability, Potential Vulnerability, Information Gathered, Vulnerability
cvss (dict[str, CVSS]) – Dictionary from cvss version to cvss details object
patchable (bool) – Indicates whether a patch is available or not
published_time (datetime) – Published time
vendor_references (list[VendorReference]) –
repository_name (str) – Name of the repository which the vulnerable image belongs to
image_digest (str) – Digest of the vulnerable image
-
class
azure.mgmt.security.models.
ControlType
(value)[source]¶ -
An enumeration.
-
built_in
= 'BuiltIn'¶ Azure Security Center managed assessments
-
custom
= 'Custom'¶ Non Azure Security Center managed assessments
-
-
class
azure.mgmt.security.models.
CustomAlertRule
(*, is_enabled: bool, **kwargs)[source]¶ Bases:
msrest.serialization.Model
A custom alert rule.
You probably want to use the sub-classes and not this class directly. Known sub-classes are: ThresholdCustomAlertRule, ListCustomAlertRule
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
-
class
azure.mgmt.security.models.
DataExportSettings
(*, enabled: bool, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Setting
Represents a data export setting.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
-
class
azure.mgmt.security.models.
DataSource
(value)[source]¶ -
An enumeration.
-
twin_data
= 'TwinData'¶ Devices twin data
-
-
class
azure.mgmt.security.models.
DenylistCustomAlertRule
(*, is_enabled: bool, denylist_values, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.ListCustomAlertRule
A custom alert rule that checks if a value (depends on the custom alert type) is denied.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
-
class
azure.mgmt.security.models.
DeviceSecurityGroup
(*, threshold_rules=None, time_window_rules=None, allowlist_rules=None, denylist_rules=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
The device security group resource.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
- Parameters
threshold_rules (list[ThresholdCustomAlertRule]) – The list of custom alert threshold rules.
time_window_rules (list[TimeWindowCustomAlertRule]) – The list of custom alert time-window rules.
allowlist_rules (list[AllowlistCustomAlertRule]) – The allow-list custom alert rules.
denylist_rules (list[DenylistCustomAlertRule]) – The deny-list custom alert rules.
-
class
azure.mgmt.security.models.
DeviceSecurityGroupPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
DeviceSecurityGroup
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
DirectMethodInvokesNotInAllowedRange
(*, is_enabled: bool, min_threshold: int, max_threshold: int, time_window_size, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.TimeWindowCustomAlertRule
Number of direct method invokes is not in allowed range.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
is_enabled (bool) – Required. Status of the custom alert.
rule_type (str) – Required. Constant filled by server.
min_threshold (int) – Required. The minimum threshold.
max_threshold (int) – Required. The maximum threshold.
time_window_size (timedelta) – Required. The time window size in iso8601 format.
-
class
azure.mgmt.security.models.
Direction
(value)[source]¶ -
An enumeration.
-
inbound
= 'Inbound'¶
-
outbound
= 'Outbound'¶
-
-
class
azure.mgmt.security.models.
DiscoveredSecuritySolution
(*, security_family, offer: str, publisher: str, sku: str, **kwargs)[source]¶ Bases:
msrest.serialization.Model
DiscoveredSecuritySolution.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
security_family (str or SecurityFamily) – Required. The security family of the discovered solution. Possible values include: ‘Waf’, ‘Ngfw’, ‘SaasWaf’, ‘Va’
offer (str) – Required. The security solutions’ image offer
publisher (str) – Required. The security solutions’ image publisher
sku (str) – Required. The security solutions’ image sku
-
class
azure.mgmt.security.models.
DiscoveredSecuritySolutionPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
DiscoveredSecuritySolution
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
ETag
(*, etag: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Entity tag is used for comparing two or more entities from the same requested resource.
- Parameters
etag (str) – Entity tag is used for comparing two or more entities from the same requested resource.
-
class
azure.mgmt.security.models.
EffectiveNetworkSecurityGroups
(*, network_interface: str = None, network_security_groups=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Describes the Network Security Groups effective on a network interface.
-
class
azure.mgmt.security.models.
EventSource
(value)[source]¶ -
An enumeration.
-
alerts
= 'Alerts'¶
-
assessments
= 'Assessments'¶
-
-
class
azure.mgmt.security.models.
ExpandControlsEnum
(value)[source]¶ -
An enumeration.
-
definition
= 'definition'¶ Add definition object for each control
-
-
class
azure.mgmt.security.models.
ExpandEnum
(value)[source]¶ -
An enumeration.
-
links
= 'links'¶ All links associated with an assessment
-
metadata
= 'metadata'¶ Assessment metadata
-
-
class
azure.mgmt.security.models.
ExportData
(value)[source]¶ -
An enumeration.
-
raw_events
= 'RawEvents'¶ Agent raw events
-
-
class
azure.mgmt.security.models.
ExternalSecuritySolution
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Represents a security solution external to Azure Security Center which sends information to an OMS workspace and whose data is displayed by Azure Security Center.
You probably want to use the sub-classes and not this class directly. Known sub-classes are: CefExternalSecuritySolution, AtaExternalSecuritySolution, AadExternalSecuritySolution
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
-
class
azure.mgmt.security.models.
ExternalSecuritySolutionKind
(value)[source]¶ -
An enumeration.
-
aad
= 'AAD'¶
-
ata
= 'ATA'¶
-
cef
= 'CEF'¶
-
-
class
azure.mgmt.security.models.
ExternalSecuritySolutionKind1
(*, kind=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Describes an Azure resource with kind.
- Parameters
kind (str or ExternalSecuritySolutionKind) – The kind of the external solution. Possible values include: ‘CEF’, ‘ATA’, ‘AAD’
-
class
azure.mgmt.security.models.
ExternalSecuritySolutionPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
ExternalSecuritySolution
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
ExternalSecuritySolutionProperties
(*, additional_properties=None, device_vendor: str = None, device_type: str = None, workspace=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The solution properties (correspond to the solution kind).
-
class
azure.mgmt.security.models.
FailedLocalLoginsNotInAllowedRange
(*, is_enabled: bool, min_threshold: int, max_threshold: int, time_window_size, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.TimeWindowCustomAlertRule
Number of failed local logins is not in allowed range.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
is_enabled (bool) – Required. Status of the custom alert.
rule_type (str) – Required. Constant filled by server.
min_threshold (int) – Required. The minimum threshold.
max_threshold (int) – Required. The maximum threshold.
time_window_size (timedelta) – Required. The time window size in iso8601 format.
-
class
azure.mgmt.security.models.
FileUploadsNotInAllowedRange
(*, is_enabled: bool, min_threshold: int, max_threshold: int, time_window_size, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.TimeWindowCustomAlertRule
Number of file uploads is not in allowed range.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
is_enabled (bool) – Required. Status of the custom alert.
rule_type (str) – Required. Constant filled by server.
min_threshold (int) – Required. The minimum threshold.
max_threshold (int) – Required. The maximum threshold.
time_window_size (timedelta) – Required. The time window size in iso8601 format.
-
class
azure.mgmt.security.models.
HttpC2DMessagesNotInAllowedRange
(*, is_enabled: bool, min_threshold: int, max_threshold: int, time_window_size, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.TimeWindowCustomAlertRule
Number of cloud to device messages (HTTP protocol) is not in allowed range.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
is_enabled (bool) – Required. Status of the custom alert.
rule_type (str) – Required. Constant filled by server.
min_threshold (int) – Required. The minimum threshold.
max_threshold (int) – Required. The maximum threshold.
time_window_size (timedelta) – Required. The time window size in iso8601 format.
-
class
azure.mgmt.security.models.
HttpC2DRejectedMessagesNotInAllowedRange
(*, is_enabled: bool, min_threshold: int, max_threshold: int, time_window_size, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.TimeWindowCustomAlertRule
Number of rejected cloud to device messages (HTTP protocol) is not in allowed range.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
is_enabled (bool) – Required. Status of the custom alert.
rule_type (str) – Required. Constant filled by server.
min_threshold (int) – Required. The minimum threshold.
max_threshold (int) – Required. The maximum threshold.
time_window_size (timedelta) – Required. The time window size in iso8601 format.
-
class
azure.mgmt.security.models.
HttpD2CMessagesNotInAllowedRange
(*, is_enabled: bool, min_threshold: int, max_threshold: int, time_window_size, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.TimeWindowCustomAlertRule
Number of device to cloud messages (HTTP protocol) is not in allowed range.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
is_enabled (bool) – Required. Status of the custom alert.
rule_type (str) – Required. Constant filled by server.
min_threshold (int) – Required. The minimum threshold.
max_threshold (int) – Required. The maximum threshold.
time_window_size (timedelta) – Required. The time window size in iso8601 format.
-
class
azure.mgmt.security.models.
ImplementationEffort
(value)[source]¶ -
An enumeration.
-
high
= 'High'¶
-
low
= 'Low'¶
-
moderate
= 'Moderate'¶
-
-
class
azure.mgmt.security.models.
InformationProtectionKeyword
(*, pattern: str = None, custom: bool = None, can_be_numeric: bool = None, excluded: bool = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The information type keyword.
-
class
azure.mgmt.security.models.
InformationProtectionPolicy
(*, labels=None, information_types=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Information protection policy.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
- Parameters
labels (dict[str, SensitivityLabel]) – Dictionary of sensitivity labels.
information_types (dict[str, InformationType]) – The sensitivity information types.
-
class
azure.mgmt.security.models.
InformationProtectionPolicyPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
InformationProtectionPolicy
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
InformationType
(*, display_name: str = None, description: str = None, order: int = None, recommended_label_id: str = None, enabled: bool = None, custom: bool = None, keywords=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The information type.
- Parameters
display_name (str) – The name of the information type.
description (str) – The description of the information type.
order (int) – The order of the information type.
recommended_label_id (str) – The recommended label id to be associated with this information type.
enabled (bool) – Indicates whether the information type is enabled or not.
custom (bool) – Indicates whether the information type is custom or not.
keywords (list[InformationProtectionKeyword]) – The information type keywords.
-
class
azure.mgmt.security.models.
IoTSecurityAggregatedAlert
(*, tags=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Security Solution Aggregated Alert information.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
name (str) – Resource name
alert_type (str) – Name of the alert type.
alert_display_name (str) – Display name of the alert type.
aggregated_date_utc (date) – Date of detection.
vendor_name (str) – Name of the organization that raised the alert.
reported_severity (str or ReportedSeverity) – Assessed alert severity. Possible values include: ‘Informational’, ‘Low’, ‘Medium’, ‘High’
remediation_steps (str) – Recommended steps for remediation.
description (str) – Description of the suspected vulnerability and meaning.
count (int) – Number of alerts occurrences within the aggregated time window.
effected_resource_type (str) – Azure resource ID of the resource that received the alerts.
system_source (str) – The type of the alerted resource (Azure, Non-Azure).
action_taken (str) – IoT Security solution alert response.
log_analytics_query (str) – Log analytics query for getting the list of affected devices/alerts.
top_devices_list (list[IoTSecurityAggregatedAlertPropertiesTopDevicesListItem]) – 10 devices with the highest number of occurrences of this alert type, on this day.
- Parameters
-
class
azure.mgmt.security.models.
IoTSecurityAggregatedAlertPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
IoTSecurityAggregatedAlert
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
IoTSecurityAggregatedAlertPropertiesTopDevicesListItem
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
IoTSecurityAggregatedAlertPropertiesTopDevicesListItem.
Variables are only populated by the server, and will be ignored when sending a request.
-
class
azure.mgmt.security.models.
IoTSecurityAggregatedRecommendation
(*, tags=None, recommendation_name: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
IoT Security solution recommendation information.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
name (str) – Resource name
recommendation_display_name (str) – Display name of the recommendation type.
description (str) – Description of the suspected vulnerability and meaning.
recommendation_type_id (str) – Recommendation-type GUID.
detected_by (str) – Name of the organization that made the recommendation.
remediation_steps (str) – Recommended steps for remediation
reported_severity (str or ReportedSeverity) – Assessed recommendation severity. Possible values include: ‘Informational’, ‘Low’, ‘Medium’, ‘High’
healthy_devices (int) – Number of healthy devices within the IoT Security solution.
unhealthy_device_count (int) – Number of unhealthy devices within the IoT Security solution.
log_analytics_query (str) – Log analytics query for getting the list of affected devices/alerts.
- Parameters
-
class
azure.mgmt.security.models.
IoTSecurityAggregatedRecommendationPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
IoTSecurityAggregatedRecommendation
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
IoTSecurityAlertedDevice
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Statistical information about the number of alerts per device during last set number of days.
Variables are only populated by the server, and will be ignored when sending a request.
-
class
azure.mgmt.security.models.
IoTSecurityDeviceAlert
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Statistical information about the number of alerts per alert type during last set number of days.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
alert_display_name (str) – Display name of the alert
reported_severity (str or ReportedSeverity) – Assessed Alert severity. Possible values include: ‘Informational’, ‘Low’, ‘Medium’, ‘High’
alerts_count (int) – Number of alerts raised for this alert type.
-
class
azure.mgmt.security.models.
IoTSecurityDeviceRecommendation
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Statistical information about the number of recommendations per device, per recommendation type.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
recommendation_display_name (str) – Display name of the recommendation.
reported_severity (str or ReportedSeverity) – Assessed recommendation severity. Possible values include: ‘Informational’, ‘Low’, ‘Medium’, ‘High’
devices_count (int) – Number of devices with this recommendation.
-
class
azure.mgmt.security.models.
IoTSecuritySolutionAnalyticsModel
(*, top_alerted_devices=None, most_prevalent_device_alerts=None, most_prevalent_device_recommendations=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Security analytics of your IoT Security solution.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
name (str) – Resource name
metrics (IoTSeverityMetrics) – Security analytics of your IoT Security solution.
unhealthy_device_count (int) – Number of unhealthy devices within your IoT Security solution.
devices_metrics (list[IoTSecuritySolutionAnalyticsModelPropertiesDevicesMetricsItem]) – List of device metrics by the aggregation date.
- Parameters
top_alerted_devices (list[IoTSecurityAlertedDevice]) – List of the 3 devices with the most alerts.
most_prevalent_device_alerts (list[IoTSecurityDeviceAlert]) – List of the 3 most prevalent device alerts.
most_prevalent_device_recommendations (list[IoTSecurityDeviceRecommendation]) – List of the 3 most prevalent device recommendations.
-
class
azure.mgmt.security.models.
IoTSecuritySolutionAnalyticsModelList
(*, value, **kwargs)[source]¶ Bases:
msrest.serialization.Model
List of Security analytics of your IoT Security solution.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Parameters
value (list[IoTSecuritySolutionAnalyticsModel]) – Required. List of Security analytics of your IoT Security solution
- Variables
next_link (str) – When there is too much alert data for one page, use this URI to fetch the next page.
-
class
azure.mgmt.security.models.
IoTSecuritySolutionAnalyticsModelPropertiesDevicesMetricsItem
(*, date_property=None, devices_metrics=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
IoTSecuritySolutionAnalyticsModelPropertiesDevicesMetricsItem.
- Parameters
date_property (datetime) – Aggregation of IoT Security solution device alert metrics by date.
devices_metrics (IoTSeverityMetrics) – Device alert count by severity.
-
class
azure.mgmt.security.models.
IoTSecuritySolutionModel
(*, display_name: str, iot_hubs, tags=None, location: str = None, workspace: str = None, status='Enabled', export=None, disabled_data_sources=None, user_defined_resources=None, recommendations_configuration=None, unmasked_ip_logging_status='Disabled', **kwargs)[source]¶ Bases:
msrest.serialization.Model
IoT Security solution configuration and resource information.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
location (str) – The resource location.
workspace (str) – Workspace resource ID
display_name (str) – Required. Resource display name.
status (str or SecuritySolutionStatus) – Status of the IoT Security solution. Possible values include: ‘Enabled’, ‘Disabled’. Default value: “Enabled” .
export (list[str or ExportData]) – List of additional options for exporting to workspace data.
disabled_data_sources (list[str or DataSource]) – Disabled data sources. Disabling these data sources compromises the system.
user_defined_resources (UserDefinedResourcesProperties) –
recommendations_configuration (list[RecommendationConfigurationProperties]) –
unmasked_ip_logging_status (str or UnmaskedIpLoggingStatus) – Unmasked IP address logging status. Possible values include: ‘Disabled’, ‘Enabled’. Default value: “Disabled” .
-
class
azure.mgmt.security.models.
IoTSecuritySolutionModelPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
IoTSecuritySolutionModel
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
IoTSeverityMetrics
(*, high: int = None, medium: int = None, low: int = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
IoT Security solution analytics severity metrics.
-
class
azure.mgmt.security.models.
JitNetworkAccessPolicy
(*, virtual_machines, kind: str = None, requests=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
JitNetworkAccessPolicy.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
kind (str) – Kind of the resource
virtual_machines (list[JitNetworkAccessPolicyVirtualMachine]) – Required. Configurations for Microsoft.Compute/virtualMachines resource type.
requests (list[JitNetworkAccessRequest]) –
-
class
azure.mgmt.security.models.
JitNetworkAccessPolicyInitiatePort
(*, number: int, end_time_utc, allowed_source_address_prefix: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
JitNetworkAccessPolicyInitiatePort.
All required parameters must be populated in order to send to Azure.
-
class
azure.mgmt.security.models.
JitNetworkAccessPolicyInitiateRequest
(*, virtual_machines, justification: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
JitNetworkAccessPolicyInitiateRequest.
All required parameters must be populated in order to send to Azure.
- Parameters
virtual_machines (list[JitNetworkAccessPolicyInitiateVirtualMachine]) – Required. A list of virtual machines & ports to open access for
justification (str) – The justification for making the initiate request
-
class
azure.mgmt.security.models.
JitNetworkAccessPolicyInitiateVirtualMachine
(*, id: str, ports, **kwargs)[source]¶ Bases:
msrest.serialization.Model
JitNetworkAccessPolicyInitiateVirtualMachine.
All required parameters must be populated in order to send to Azure.
- Parameters
id (str) – Required. Resource ID of the virtual machine that is linked to this policy
ports (list[JitNetworkAccessPolicyInitiatePort]) – Required. The ports to open for the resource with the id
-
class
azure.mgmt.security.models.
JitNetworkAccessPolicyPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
JitNetworkAccessPolicy
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
JitNetworkAccessPolicyVirtualMachine
(*, id: str, ports, public_ip_address: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
JitNetworkAccessPolicyVirtualMachine.
All required parameters must be populated in order to send to Azure.
- Parameters
id (str) – Required. Resource ID of the virtual machine that is linked to this policy
ports (list[JitNetworkAccessPortRule]) – Required. Port configurations for the virtual machine
public_ip_address (str) – Public IP address of the Azure Firewall that is linked to this policy, if applicable
-
class
azure.mgmt.security.models.
JitNetworkAccessPortRule
(*, number: int, protocol, max_request_access_duration: str, allowed_source_address_prefix: str = None, allowed_source_address_prefixes=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
JitNetworkAccessPortRule.
All required parameters must be populated in order to send to Azure.
- Parameters
number (int) – Required.
protocol (str or Protocol) – Required. Possible values include: ‘TCP’, ‘UDP’, ‘All’
allowed_source_address_prefix (str) – Mutually exclusive with the “allowedSourceAddressPrefixes” parameter. Should be an IP address or CIDR, for example “192.168.0.3” or “192.168.0.0/16”.
allowed_source_address_prefixes (list[str]) – Mutually exclusive with the “allowedSourceAddressPrefix” parameter.
max_request_access_duration (str) – Required. Maximum duration requests can be made for. In ISO 8601 duration format. Minimum 5 minutes, maximum 1 day
-
class
azure.mgmt.security.models.
JitNetworkAccessRequest
(*, virtual_machines, start_time_utc, requestor: str, justification: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
JitNetworkAccessRequest.
All required parameters must be populated in order to send to Azure.
- Parameters
virtual_machines (list[JitNetworkAccessRequestVirtualMachine]) – Required.
start_time_utc (datetime) – Required. The start time of the request in UTC
requestor (str) – Required. The identity of the person who made the request
justification (str) – The justification for making the initiate request
-
class
azure.mgmt.security.models.
JitNetworkAccessRequestPort
(*, number: int, end_time_utc, status, status_reason, allowed_source_address_prefix: str = None, allowed_source_address_prefixes=None, mapped_port: int = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
JitNetworkAccessRequestPort.
All required parameters must be populated in order to send to Azure.
- Parameters
number (int) – Required.
allowed_source_address_prefix (str) – Mutually exclusive with the “allowedSourceAddressPrefixes” parameter. Should be an IP address or CIDR, for example “192.168.0.3” or “192.168.0.0/16”.
allowed_source_address_prefixes (list[str]) – Mutually exclusive with the “allowedSourceAddressPrefix” parameter.
end_time_utc (datetime) – Required. The date & time at which the request ends in UTC
status (str or Status) – Required. The status of the port. Possible values include: ‘Revoked’, ‘Initiated’
status_reason (str or StatusReason) – Required. A description of why the status has its value. Possible values include: ‘Expired’, ‘UserRequested’, ‘NewerRequestInitiated’
mapped_port (int) – The port which is mapped to this port’s number in the Azure Firewall, if applicable
-
class
azure.mgmt.security.models.
JitNetworkAccessRequestVirtualMachine
(*, id: str, ports, **kwargs)[source]¶ Bases:
msrest.serialization.Model
JitNetworkAccessRequestVirtualMachine.
All required parameters must be populated in order to send to Azure.
- Parameters
id (str) – Required. Resource ID of the virtual machine that is linked to this policy
ports (list[JitNetworkAccessRequestPort]) – Required. The ports that were opened for the virtual machine
-
class
azure.mgmt.security.models.
Kind
(*, kind: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Describes an Azure resource with kind.
- Parameters
kind (str) – Kind of the resource
-
class
azure.mgmt.security.models.
ListCustomAlertRule
(*, is_enabled: bool, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.CustomAlertRule
A List custom alert rule.
You probably want to use the sub-classes and not this class directly. Known sub-classes are: AllowlistCustomAlertRule, DenylistCustomAlertRule
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
-
class
azure.mgmt.security.models.
LocalUserNotAllowed
(*, is_enabled: bool, allowlist_values, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.AllowlistCustomAlertRule
Login by a local user that isn’t allowed. Allow list consists of login names to allow.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
-
class
azure.mgmt.security.models.
Location
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Describes an Azure resource with location.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
location (str) – Location where the resource is stored
-
class
azure.mgmt.security.models.
MqttC2DMessagesNotInAllowedRange
(*, is_enabled: bool, min_threshold: int, max_threshold: int, time_window_size, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.TimeWindowCustomAlertRule
Number of cloud to device messages (MQTT protocol) is not in allowed range.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
is_enabled (bool) – Required. Status of the custom alert.
rule_type (str) – Required. Constant filled by server.
min_threshold (int) – Required. The minimum threshold.
max_threshold (int) – Required. The maximum threshold.
time_window_size (timedelta) – Required. The time window size in iso8601 format.
-
class
azure.mgmt.security.models.
MqttC2DRejectedMessagesNotInAllowedRange
(*, is_enabled: bool, min_threshold: int, max_threshold: int, time_window_size, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.TimeWindowCustomAlertRule
Number of rejected cloud to device messages (MQTT protocol) is not in allowed range.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
is_enabled (bool) – Required. Status of the custom alert.
rule_type (str) – Required. Constant filled by server.
min_threshold (int) – Required. The minimum threshold.
max_threshold (int) – Required. The maximum threshold.
time_window_size (timedelta) – Required. The time window size in iso8601 format.
-
class
azure.mgmt.security.models.
MqttD2CMessagesNotInAllowedRange
(*, is_enabled: bool, min_threshold: int, max_threshold: int, time_window_size, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.TimeWindowCustomAlertRule
Number of device to cloud messages (MQTT protocol) is not in allowed range.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
is_enabled (bool) – Required. Status of the custom alert.
rule_type (str) – Required. Constant filled by server.
min_threshold (int) – Required. The minimum threshold.
max_threshold (int) – Required. The maximum threshold.
time_window_size (timedelta) – Required. The time window size in iso8601 format.
-
class
azure.mgmt.security.models.
OnPremiseResourceDetails
(*, workspace_id: str, vmuuid: str, source_computer_id: str, machine_name: str, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.ResourceDetails
Details of the On Premise resource that was assessed.
All required parameters must be populated in order to send to Azure.
- Parameters
source (str) – Required. Constant filled by server.
workspace_id (str) – Required. Azure resource Id of the workspace the machine is attached to
vmuuid (str) – Required. The unique Id of the machine
source_computer_id (str) – Required. The oms agent Id installed on the machine
machine_name (str) – Required. The name of the machine
-
class
azure.mgmt.security.models.
Operation
(*, display=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Possible operation in the REST API of Microsoft.Security.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
- Parameters
display (OperationDisplay) –
-
class
azure.mgmt.security.models.
OperationDisplay
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Security operation display.
Variables are only populated by the server, and will be ignored when sending a request.
-
class
azure.mgmt.security.models.
OperationPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
Operation
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
Operator
(value)[source]¶ -
An enumeration.
-
contains
= 'Contains'¶
-
ends_with
= 'EndsWith'¶
-
equals
= 'Equals'¶
-
greater_than
= 'GreaterThan'¶
-
greater_than_or_equal_to
= 'GreaterThanOrEqualTo'¶
-
lesser_than
= 'LesserThan'¶
-
lesser_than_or_equal_to
= 'LesserThanOrEqualTo'¶
-
not_equals
= 'NotEquals'¶
-
starts_with
= 'StartsWith'¶
-
-
class
azure.mgmt.security.models.
PathRecommendation
(*, path: str = None, action=None, type=None, publisher_info=None, common: bool = None, user_sids=None, usernames=None, file_type=None, configuration_status=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Represents a path that is recommended to be allowed and its properties.
- Parameters
path (str) – The full path to whitelist
action (str or enum) – Possible values include: ‘Recommended’, ‘Add’, ‘Remove’
type (str or enum) – Possible values include: ‘File’, ‘FileHash’, ‘PublisherSignature’, ‘ProductSignature’, ‘BinarySignature’, ‘VersionAndAboveSignature’
publisher_info (PublisherInfo) –
common (bool) – Whether the path is commonly run on the machine
usernames (list[UserRecommendation]) –
file_type (str or enum) – Possible values include: ‘Exe’, ‘Dll’, ‘Msi’, ‘Script’, ‘Executable’, ‘Unknown’
configuration_status (str or enum) – Possible values include: ‘Configured’, ‘NotConfigured’, ‘InProgress’, ‘Failed’, ‘NoStatus’
-
class
azure.mgmt.security.models.
Pricing
(*, pricing_tier, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
pricing_tier (str or PricingTier) – Required. The pricing tier value. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. Possible values include: ‘Free’, ‘Standard’
-
class
azure.mgmt.security.models.
PricingList
(*, value, **kwargs)[source]¶ Bases:
msrest.serialization.Model
List of pricing configurations response.
All required parameters must be populated in order to send to Azure.
-
class
azure.mgmt.security.models.
PricingTier
(value)[source]¶ -
An enumeration.
-
free
= 'Free'¶ Get free Azure security center experience with basic security features
-
standard
= 'Standard'¶ Get the standard Azure security center experience with advanced security features
-
-
class
azure.mgmt.security.models.
ProcessNotAllowed
(*, is_enabled: bool, allowlist_values, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.AllowlistCustomAlertRule
Execution of a process that isn’t allowed. Allow list consists of process names to allow.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
-
class
azure.mgmt.security.models.
PropertyType
(value)[source]¶ -
An enumeration.
-
boolean
= 'Boolean'¶
-
integer
= 'Integer'¶
-
number
= 'Number'¶
-
string
= 'String'¶
-
-
class
azure.mgmt.security.models.
ProtectionMode
(*, exe=None, msi=None, script=None, executable=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux.
- Parameters
-
class
azure.mgmt.security.models.
Protocol
(value)[source]¶ -
An enumeration.
-
all
= '*'¶
-
tcp
= 'TCP'¶
-
udp
= 'UDP'¶
-
-
class
azure.mgmt.security.models.
PublisherInfo
(*, publisher_name: str = None, product_name: str = None, binary_name: str = None, version: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Represents the publisher information of a process/rule.
- Parameters
publisher_name (str) – The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country
product_name (str) – The product name taken from the file’s version resource
binary_name (str) – The “OriginalName” field taken from the file’s version resource
version (str) – The binary file version taken from the file’s version resource
-
class
azure.mgmt.security.models.
QueuePurgesNotInAllowedRange
(*, is_enabled: bool, min_threshold: int, max_threshold: int, time_window_size, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.TimeWindowCustomAlertRule
Number of device queue purges is not in allowed range.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
is_enabled (bool) – Required. Status of the custom alert.
rule_type (str) – Required. Constant filled by server.
min_threshold (int) – Required. The minimum threshold.
max_threshold (int) – Required. The maximum threshold.
time_window_size (timedelta) – Required. The time window size in iso8601 format.
-
class
azure.mgmt.security.models.
Rank
(value)[source]¶ -
An enumeration.
-
critical
= 'Critical'¶
-
high
= 'High'¶
-
low
= 'Low'¶
-
medium
= 'Medium'¶
-
none
= 'None'¶
-
-
class
azure.mgmt.security.models.
RecommendationConfigStatus
(value)[source]¶ -
An enumeration.
-
disabled
= 'Disabled'¶
-
enabled
= 'Enabled'¶
-
-
class
azure.mgmt.security.models.
RecommendationConfigurationProperties
(*, recommendation_type, status='Enabled', **kwargs)[source]¶ Bases:
msrest.serialization.Model
The type of IoT Security recommendation.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Parameters
recommendation_type (str or RecommendationType) – Required. The type of IoT Security recommendation. Possible values include: ‘IoT_ACRAuthentication’, ‘IoT_AgentSendsUnutilizedMessages’, ‘IoT_Baseline’, ‘IoT_EdgeHubMemOptimize’, ‘IoT_EdgeLoggingOptions’, ‘IoT_InconsistentModuleSettings’, ‘IoT_InstallAgent’, ‘IoT_IPFilter_DenyAll’, ‘IoT_IPFilter_PermissiveRule’, ‘IoT_OpenPorts’, ‘IoT_PermissiveFirewallPolicy’, ‘IoT_PermissiveInputFirewallRules’, ‘IoT_PermissiveOutputFirewallRules’, ‘IoT_PrivilegedDockerOptions’, ‘IoT_SharedCredentials’, ‘IoT_VulnerableTLSCipherSuite’
status (str or RecommendationConfigStatus) – Required. Recommendation status. When the recommendation status is disabled recommendations are not generated. Possible values include: ‘Disabled’, ‘Enabled’. Default value: “Enabled” .
- Variables
name (str) –
-
class
azure.mgmt.security.models.
RecommendationType
(value)[source]¶ -
An enumeration.
-
io_t_acrauthentication
= 'IoT_ACRAuthentication'¶ Authentication schema used for pull an edge module from an ACR repository does not use Service Principal Authentication.
-
io_t_agent_sends_unutilized_messages
= 'IoT_AgentSendsUnutilizedMessages'¶ IoT agent message size capacity is currently underutilized, causing an increase in the number of sent messages. Adjust message intervals for better utilization.
-
io_t_baseline
= 'IoT_Baseline'¶ Identified security related system configuration issues.
-
io_t_edge_hub_mem_optimize
= 'IoT_EdgeHubMemOptimize'¶ You can optimize Edge Hub memory usage by turning off protocol heads for any protocols not used by Edge modules in your solution.
-
io_t_edge_logging_options
= 'IoT_EdgeLoggingOptions'¶ Logging is disabled for this edge module.
-
io_t_inconsistent_module_settings
= 'IoT_InconsistentModuleSettings'¶ A minority within a device security group has inconsistent Edge Module settings with the rest of their group.
-
io_t_install_agent
= 'IoT_InstallAgent'¶ Install the Azure Security of Things Agent.
-
io_t_ipfilter_deny_all
= 'IoT_IPFilter_DenyAll'¶ IP Filter Configuration should have rules defined for allowed traffic and should deny all other traffic by default.
-
io_t_ipfilter_permissive_rule
= 'IoT_IPFilter_PermissiveRule'¶ An Allow IP Filter rules source IP range is too large. Overly permissive rules might expose your IoT hub to malicious intenders.
-
io_t_open_ports
= 'IoT_OpenPorts'¶ A listening endpoint was found on the device.
-
io_t_permissive_firewall_policy
= 'IoT_PermissiveFirewallPolicy'¶ An Allowed firewall policy was found (INPUT/OUTPUT). The policy should Deny all traffic by default and define rules to allow necessary communication to/from the device.
-
io_t_permissive_input_firewall_rules
= 'IoT_PermissiveInputFirewallRules'¶ A rule in the firewall has been found that contains a permissive pattern for a wide range of IP addresses or Ports.
-
io_t_permissive_output_firewall_rules
= 'IoT_PermissiveOutputFirewallRules'¶ A rule in the firewall has been found that contains a permissive pattern for a wide range of IP addresses or Ports.
-
io_t_privileged_docker_options
= 'IoT_PrivilegedDockerOptions'¶ Edge module is configured to run in privileged mode, with extensive Linux capabilities or with host-level network access (send/receive data to host machine).
Same authentication credentials to the IoT Hub used by multiple devices. This could indicate an illegitimate device impersonating a legitimate device. It also exposes the risk of device impersonation by an attacker.
-
io_t_vulnerable_tls_cipher_suite
= 'IoT_VulnerableTLSCipherSuite'¶ Insecure TLS configurations detected. Immediate upgrade recommended.
-
-
class
azure.mgmt.security.models.
RegulatoryComplianceAssessment
(*, state=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Regulatory compliance assessment details and state.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
name (str) – Resource name
description (str) – The description of the regulatory compliance assessment
assessment_type (str) – The expected type of assessment contained in the AssessmentDetailsLink
assessment_details_link (str) – Link to more detailed assessment results data. The response type will be according to the assessmentType field
passed_resources (int) – The given assessment’s related resources count with passed state.
failed_resources (int) – The given assessment’s related resources count with failed state.
skipped_resources (int) – The given assessment’s related resources count with skipped state.
unsupported_resources (int) – The given assessment’s related resources count with unsupported state.
- Parameters
state (str or State) – Aggregative state based on the assessment’s scanned resources states. Possible values include: ‘Passed’, ‘Failed’, ‘Skipped’, ‘Unsupported’
-
class
azure.mgmt.security.models.
RegulatoryComplianceAssessmentPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
RegulatoryComplianceAssessment
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
RegulatoryComplianceControl
(*, state=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Regulatory compliance control details and state.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
name (str) – Resource name
description (str) – The description of the regulatory compliance control
passed_assessments (int) – The number of supported regulatory compliance assessments of the given control with a passed state
failed_assessments (int) – The number of supported regulatory compliance assessments of the given control with a failed state
skipped_assessments (int) – The number of supported regulatory compliance assessments of the given control with a skipped state
- Parameters
state (str or State) – Aggregative state based on the control’s supported assessments states. Possible values include: ‘Passed’, ‘Failed’, ‘Skipped’, ‘Unsupported’
-
class
azure.mgmt.security.models.
RegulatoryComplianceControlPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
RegulatoryComplianceControl
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
RegulatoryComplianceStandard
(*, state=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Regulatory compliance standard details and state.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
name (str) – Resource name
passed_controls (int) – The number of supported regulatory compliance controls of the given standard with a passed state
failed_controls (int) – The number of supported regulatory compliance controls of the given standard with a failed state
skipped_controls (int) – The number of supported regulatory compliance controls of the given standard with a skipped state
unsupported_controls (int) – The number of regulatory compliance controls of the given standard which are unsupported by automated assessments
- Parameters
state (str or State) – Aggregative state based on the standard’s supported controls states. Possible values include: ‘Passed’, ‘Failed’, ‘Skipped’, ‘Unsupported’
-
class
azure.mgmt.security.models.
RegulatoryComplianceStandardPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
RegulatoryComplianceStandard
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
ReportedSeverity
(value)[source]¶ -
An enumeration.
-
high
= 'High'¶
-
informational
= 'Informational'¶
-
low
= 'Low'¶
-
medium
= 'Medium'¶
-
-
class
azure.mgmt.security.models.
Resource
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Describes an Azure resource.
Variables are only populated by the server, and will be ignored when sending a request.
-
class
azure.mgmt.security.models.
ResourceDetails
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Details of the resource that was assessed.
You probably want to use the sub-classes and not this class directly. Known sub-classes are: OnPremiseResourceDetails, AzureResourceDetails
All required parameters must be populated in order to send to Azure.
- Parameters
source (str) – Required. Constant filled by server.
-
class
azure.mgmt.security.models.
ResourceStatus
(value)[source]¶ -
An enumeration.
-
healthy
= 'Healthy'¶ This assessment on the resource is healthy
-
not_applicable
= 'NotApplicable'¶ This assessment is not applicable to this resource
-
not_healthy
= 'NotHealthy'¶ This assessment on the resource is not healthy
-
off_by_policy
= 'OffByPolicy'¶ This assessment is turned off by policy on this subscription
-
-
class
azure.mgmt.security.models.
Rule
(*, name: str = None, direction=None, destination_port: int = None, protocols=None, ip_addresses=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Describes remote addresses that is recommended to communicate with the Azure resource on some (Protocol, Port, Direction). All other remote addresses are recommended to be blocked.
- Parameters
name (str) – The name of the rule
direction (str or Direction) – The rule’s direction. Possible values include: ‘Inbound’, ‘Outbound’
destination_port (int) – The rule’s destination port
protocols (list[str or TransportProtocol]) – The rule’s transport protocols
ip_addresses (list[str]) – The remote IP addresses that should be able to communicate with the Azure resource on the rule’s destination port and protocol
-
class
azure.mgmt.security.models.
RuleState
(value)[source]¶ -
An enumeration.
-
disabled
= 'Disabled'¶
-
enabled
= 'Enabled'¶
-
expired
= 'Expired'¶
-
-
class
azure.mgmt.security.models.
ScopeElement
(*, additional_properties=None, field: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
A more specific scope used to identify the alerts to suppress.
-
class
azure.mgmt.security.models.
SecureScoreControlDefinitionItem
(**kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Information about the security control.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
name (str) – Resource name
display_name (str) – User friendly display name of the control
description (str) – User friendly description of the control
max_score (int) – Maximum control score (0..10)
source (SecureScoreControlDefinitionSource) – Source object from which the control was created
assessment_definitions (list[AzureResourceLink]) – Array of assessments metadata IDs that are included in this security control
-
class
azure.mgmt.security.models.
SecureScoreControlDefinitionItemPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
SecureScoreControlDefinitionItem
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
SecureScoreControlDefinitionSource
(*, source_type=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The type of the security control (For example, BuiltIn).
- Parameters
source_type (str or ControlType) – The type of security control (for example, BuiltIn). Possible values include: ‘BuiltIn’, ‘Custom’
-
class
azure.mgmt.security.models.
SecureScoreControlDetails
(*, definition=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Details of the security control, its score, and the health status of the relevant resources.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
name (str) – Resource name
display_name (str) – User friendly display name of the control
current (float) – Current score
healthy_resource_count (int) – Number of healthy resources in the control
unhealthy_resource_count (int) – Number of unhealthy resources in the control
not_applicable_resource_count (int) – Number of not applicable resources in the control
- Parameters
definition (SecureScoreControlDefinitionItem) –
-
class
azure.mgmt.security.models.
SecureScoreControlDetailsPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
SecureScoreControlDetails
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
SecureScoreControlScore
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Calculation result data.
Variables are only populated by the server, and will be ignored when sending a request.
-
class
azure.mgmt.security.models.
SecureScoreItem
(**kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Secure score item data model.
Variables are only populated by the server, and will be ignored when sending a request.
-
class
azure.mgmt.security.models.
SecureScoreItemPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
SecureScoreItem
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
SecurityAssessment
(*, resource_details, status, additional_data=None, links=None, metadata=None, partners_data=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Security assessment on a resource.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
resource_details (ResourceDetails) – Required.
status (AssessmentStatus) – Required.
additional_data (dict[str, str]) – Additional data regarding the assessment
links (AssessmentLinks) –
metadata (SecurityAssessmentMetadataProperties) –
partners_data (SecurityAssessmentPartnerData) –
-
class
azure.mgmt.security.models.
SecurityAssessmentMetadata
(*, display_name: str, severity, assessment_type, description: str = None, remediation_description: str = None, category=None, user_impact=None, implementation_effort=None, threats=None, preview: bool = None, partner_data=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Security assessment metadata.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
display_name (str) – Required. User friendly display name of the assessment
description (str) – Human readable description of the assessment
remediation_description (str) – Human readable description of what you should do to mitigate this security issue
severity (str or Severity) – Required. The severity level of the assessment. Possible values include: ‘Low’, ‘Medium’, ‘High’
user_impact (str or UserImpact) – The user impact of the assessment. Possible values include: ‘Low’, ‘Moderate’, ‘High’
implementation_effort (str or ImplementationEffort) – The implementation effort required to remediate this assessment. Possible values include: ‘Low’, ‘Moderate’, ‘High’
preview (bool) – True if this assessment is in preview release status
assessment_type (str or AssessmentType) – Required. BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition. Possible values include: ‘BuiltIn’, ‘CustomPolicy’, ‘CustomerManaged’, ‘VerifiedPartner’
partner_data (SecurityAssessmentMetadataPartnerData) –
-
class
azure.mgmt.security.models.
SecurityAssessmentMetadataPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
SecurityAssessmentMetadata
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
SecurityAssessmentMetadataPartnerData
(*, partner_name: str, secret: str, product_name: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Describes the partner that created the assessment.
All required parameters must be populated in order to send to Azure.
-
class
azure.mgmt.security.models.
SecurityAssessmentMetadataProperties
(*, display_name: str, severity, assessment_type, description: str = None, remediation_description: str = None, category=None, user_impact=None, implementation_effort=None, threats=None, preview: bool = None, partner_data=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Describes properties of an assessment metadata.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Parameters
display_name (str) – Required. User friendly display name of the assessment
description (str) – Human readable description of the assessment
remediation_description (str) – Human readable description of what you should do to mitigate this security issue
severity (str or Severity) – Required. The severity level of the assessment. Possible values include: ‘Low’, ‘Medium’, ‘High’
user_impact (str or UserImpact) – The user impact of the assessment. Possible values include: ‘Low’, ‘Moderate’, ‘High’
implementation_effort (str or ImplementationEffort) – The implementation effort required to remediate this assessment. Possible values include: ‘Low’, ‘Moderate’, ‘High’
preview (bool) – True if this assessment is in preview release status
assessment_type (str or AssessmentType) – Required. BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition. Possible values include: ‘BuiltIn’, ‘CustomPolicy’, ‘CustomerManaged’, ‘VerifiedPartner’
partner_data (SecurityAssessmentMetadataPartnerData) –
- Variables
policy_definition_id (str) – Azure resource ID of the policy definition that turns this assessment calculation on
-
class
azure.mgmt.security.models.
SecurityAssessmentPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
SecurityAssessment
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
SecurityAssessmentPartnerData
(*, partner_name: str, secret: str, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Data regarding 3rd party partner integration.
All required parameters must be populated in order to send to Azure.
-
class
azure.mgmt.security.models.
SecurityContact
(*, email: str, alert_notifications, alerts_to_admins, phone: str = None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Contact details for security issues.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
email (str) – Required. The email of this security contact
phone (str) – The phone number of this security contact
alert_notifications (str or AlertNotifications) – Required. Whether to send security alerts notifications to the security contact. Possible values include: ‘On’, ‘Off’
alerts_to_admins (str or AlertsToAdmins) – Required. Whether to send security alerts notifications to subscription admins. Possible values include: ‘On’, ‘Off’
-
class
azure.mgmt.security.models.
SecurityContactPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
SecurityContact
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
SecurityFamily
(value)[source]¶ -
An enumeration.
-
ngfw
= 'Ngfw'¶
-
saas_waf
= 'SaasWaf'¶
-
va
= 'Va'¶
-
waf
= 'Waf'¶
-
-
class
azure.mgmt.security.models.
SecuritySolutionStatus
(value)[source]¶ -
An enumeration.
-
disabled
= 'Disabled'¶
-
enabled
= 'Enabled'¶
-
-
class
azure.mgmt.security.models.
SecuritySubAssessment
(*, status=None, resource_details=None, additional_data=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Security sub-assessment on a resource.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
name (str) – Resource name
security_sub_assessment_id (str) – Vulnerability ID
display_name (str) – User friendly display name of the sub-assessment
remediation (str) – Information on how to remediate this sub-assessment
impact (str) – Description of the impact of this sub-assessment
category (str) – Category of the sub-assessment
description (str) – Human readable description of the assessment status
time_generated (datetime) – The date and time the sub-assessment was generated
- Parameters
status (SubAssessmentStatus) –
resource_details (ResourceDetails) –
additional_data (AdditionalData) –
-
class
azure.mgmt.security.models.
SecuritySubAssessmentPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
SecuritySubAssessment
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
SecurityTask
(*, security_task_parameters=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Security task that we recommend to do in order to strengthen security.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
name (str) – Resource name
state (str) – State of the task (Active, Resolved etc.)
creation_time_utc (datetime) – The time this task was discovered in UTC
last_state_change_time_utc (datetime) – The time this task’s details were last changed in UTC
sub_state (str) – Additional data on the state of the task
- Parameters
security_task_parameters (SecurityTaskParameters) –
-
class
azure.mgmt.security.models.
SecurityTaskPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
SecurityTask
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
SecurityTaskParameters
(*, additional_properties=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Changing set of properties, depending on the task type that is derived from the name field.
Variables are only populated by the server, and will be ignored when sending a request.
-
class
azure.mgmt.security.models.
SensitivityLabel
(*, display_name: str = None, description: str = None, rank=None, order: int = None, enabled: bool = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The sensitivity label.
- Parameters
display_name (str) – The name of the sensitivity label.
description (str) – The description of the sensitivity label.
rank (str or Rank) – The rank of the sensitivity label. Possible values include: ‘None’, ‘Low’, ‘Medium’, ‘High’, ‘Critical’
order (int) – The order of the sensitivity label.
enabled (bool) – Indicates whether the label is enabled or not.
-
class
azure.mgmt.security.models.
ServerVulnerabilityAssessment
(**kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Describes the server vulnerability assessment details on a resource.
Variables are only populated by the server, and will be ignored when sending a request.
-
class
azure.mgmt.security.models.
ServerVulnerabilityAssessmentsList
(*, value=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
List of server vulnerability assessments.
- Parameters
value (list[ServerVulnerabilityAssessment]) –
-
class
azure.mgmt.security.models.
ServerVulnerabilityProperties
(**kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.AdditionalData
Additional context fields for server vulnerability assessment.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Parameters
assessed_resource_type (str) – Required. Constant filled by server.
- Variables
type (str) – Vulnerability Type. e.g: Vulnerability, Potential Vulnerability, Information Gathered
cvss (dict[str, CVSS]) – Dictionary from cvss version to cvss details object
patchable (bool) – Indicates whether a patch is available or not
threat (str) – Threat name
published_time (datetime) – Published time
vendor_references (list[VendorReference]) –
-
class
azure.mgmt.security.models.
Setting
(**kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.SettingResource
Represents a security setting in Azure Security Center.
You probably want to use the sub-classes and not this class directly. Known sub-classes are: DataExportSettings
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
-
class
azure.mgmt.security.models.
SettingPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
Setting
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
SettingResource
(**kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
The kind of the security setting.
You probably want to use the sub-classes and not this class directly. Known sub-classes are: Setting
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
-
class
azure.mgmt.security.models.
Severity
(value)[source]¶ -
An enumeration.
-
high
= 'High'¶
-
low
= 'Low'¶
-
medium
= 'Medium'¶
-
-
class
azure.mgmt.security.models.
SqlServerVulnerabilityProperties
(**kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.AdditionalData
Details of the resource that was assessed.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
-
class
azure.mgmt.security.models.
State
(value)[source]¶ -
An enumeration.
-
failed
= 'Failed'¶ At least one supported regulatory compliance control in the given standard has a state of failed
-
passed
= 'Passed'¶ All supported regulatory compliance controls in the given standard have a passed state
-
skipped
= 'Skipped'¶ All supported regulatory compliance controls in the given standard have a state of skipped
-
unsupported
= 'Unsupported'¶ No supported regulatory compliance data for the given standard
-
-
class
azure.mgmt.security.models.
Status
(value)[source]¶ -
An enumeration.
-
initiated
= 'Initiated'¶
-
revoked
= 'Revoked'¶
-
-
class
azure.mgmt.security.models.
StatusReason
(value)[source]¶ -
An enumeration.
-
expired
= 'Expired'¶
-
newer_request_initiated
= 'NewerRequestInitiated'¶
-
user_requested
= 'UserRequested'¶
-
-
class
azure.mgmt.security.models.
SubAssessmentStatus
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Status of the sub-assessment.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
code (str or SubAssessmentStatusCode) – Programmatic code for the status of the assessment. Possible values include: ‘Healthy’, ‘Unhealthy’, ‘NotApplicable’
cause (str) – Programmatic code for the cause of the assessment status
description (str) – Human readable description of the assessment status
severity (str or Severity) – The sub-assessment severity level. Possible values include: ‘Low’, ‘Medium’, ‘High’
-
class
azure.mgmt.security.models.
SubAssessmentStatusCode
(value)[source]¶ -
An enumeration.
-
healthy
= 'Healthy'¶ The resource is healthy
-
not_applicable
= 'NotApplicable'¶ Assessment for this resource did not happen
-
unhealthy
= 'Unhealthy'¶ The resource has a security issue that needs to be addressed
-
-
class
azure.mgmt.security.models.
SuppressionAlertsScope
(*, all_of, **kwargs)[source]¶ Bases:
msrest.serialization.Model
SuppressionAlertsScope.
All required parameters must be populated in order to send to Azure.
- Parameters
all_of (list[ScopeElement]) – Required. All the conditions inside need to be true in order to suppress the alert
-
class
azure.mgmt.security.models.
Tags
(*, tags=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
A list of key value pairs that describe the resource.
-
class
azure.mgmt.security.models.
TagsResource
(*, tags=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
A container holding only the Tags for a resource, allowing the user to update the tags.
-
class
azure.mgmt.security.models.
Threats
(value)[source]¶ -
An enumeration.
-
account_breach
= 'accountBreach'¶
-
data_exfiltration
= 'dataExfiltration'¶
-
data_spillage
= 'dataSpillage'¶
-
denial_of_service
= 'denialOfService'¶
-
elevation_of_privilege
= 'elevationOfPrivilege'¶
-
malicious_insider
= 'maliciousInsider'¶
-
missing_coverage
= 'missingCoverage'¶
-
threat_resistance
= 'threatResistance'¶
-
-
class
azure.mgmt.security.models.
ThresholdCustomAlertRule
(*, is_enabled: bool, min_threshold: int, max_threshold: int, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.CustomAlertRule
A custom alert rule that checks if a value (depends on the custom alert type) is within the given range.
You probably want to use the sub-classes and not this class directly. Known sub-classes are: TimeWindowCustomAlertRule
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
-
class
azure.mgmt.security.models.
TimeWindowCustomAlertRule
(*, is_enabled: bool, min_threshold: int, max_threshold: int, time_window_size, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.ThresholdCustomAlertRule
A custom alert rule that checks if the number of activities (depends on the custom alert type) in a time window is within the given range.
You probably want to use the sub-classes and not this class directly. Known sub-classes are: ActiveConnectionsNotInAllowedRange, AmqpC2DMessagesNotInAllowedRange, MqttC2DMessagesNotInAllowedRange, HttpC2DMessagesNotInAllowedRange, AmqpC2DRejectedMessagesNotInAllowedRange, MqttC2DRejectedMessagesNotInAllowedRange, HttpC2DRejectedMessagesNotInAllowedRange, AmqpD2CMessagesNotInAllowedRange, MqttD2CMessagesNotInAllowedRange, HttpD2CMessagesNotInAllowedRange, DirectMethodInvokesNotInAllowedRange, FailedLocalLoginsNotInAllowedRange, FileUploadsNotInAllowedRange, QueuePurgesNotInAllowedRange, TwinUpdatesNotInAllowedRange, UnauthorizedOperationsNotInAllowedRange
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
is_enabled (bool) – Required. Status of the custom alert.
rule_type (str) – Required. Constant filled by server.
min_threshold (int) – Required. The minimum threshold.
max_threshold (int) – Required. The maximum threshold.
time_window_size (timedelta) – Required. The time window size in iso8601 format.
-
class
azure.mgmt.security.models.
TopologyResource
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
TopologyResource.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
name (str) – Resource name
location (str) – Location where the resource is stored
calculated_date_time (datetime) – The UTC time on which the topology was calculated
topology_resources (list[TopologySingleResource]) – Azure resources which are part of this topology resource
-
class
azure.mgmt.security.models.
TopologyResourcePaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
TopologyResource
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.
-
class
azure.mgmt.security.models.
TopologySingleResource
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
TopologySingleResource.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
resource_id (str) – Azure resource id
severity (str) – The security severity of the resource
recommendations_exist (bool) – Indicates if the resource has security recommendations
network_zones (str) – Indicates the resource connectivity level to the Internet (InternetFacing, Internal ,etc.)
topology_score (int) – Score of the resource based on its security severity
location (str) – The location of this resource
parents (list[TopologySingleResourceParent]) – Azure resources connected to this resource which are in higher level in the topology view
children (list[TopologySingleResourceChild]) – Azure resources connected to this resource which are in lower level in the topology view
-
class
azure.mgmt.security.models.
TopologySingleResourceChild
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
TopologySingleResourceChild.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
resource_id (str) – Azure resource id which serves as child resource in topology view
-
class
azure.mgmt.security.models.
TopologySingleResourceParent
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
TopologySingleResourceParent.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
resource_id (str) – Azure resource id which serves as parent resource in topology view
-
class
azure.mgmt.security.models.
TrackedResource
(*, kind: str = None, etag: str = None, tags=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Describes an Azure tracked resource.
Variables are only populated by the server, and will be ignored when sending a request.
- Variables
- Parameters
-
class
azure.mgmt.security.models.
TransportProtocol
(value)[source]¶ -
An enumeration.
-
tcp
= 'TCP'¶
-
udp
= 'UDP'¶
-
-
class
azure.mgmt.security.models.
TwinUpdatesNotInAllowedRange
(*, is_enabled: bool, min_threshold: int, max_threshold: int, time_window_size, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.TimeWindowCustomAlertRule
Number of twin updates is not in allowed range.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
is_enabled (bool) – Required. Status of the custom alert.
rule_type (str) – Required. Constant filled by server.
min_threshold (int) – Required. The minimum threshold.
max_threshold (int) – Required. The maximum threshold.
time_window_size (timedelta) – Required. The time window size in iso8601 format.
Bases:
azure.mgmt.security.models._models_py3.TimeWindowCustomAlertRule
Number of unauthorized operations is not in allowed range.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
is_enabled (bool) – Required. Status of the custom alert.
rule_type (str) – Required. Constant filled by server.
min_threshold (int) – Required. The minimum threshold.
max_threshold (int) – Required. The maximum threshold.
time_window_size (timedelta) – Required. The time window size in iso8601 format.
-
class
azure.mgmt.security.models.
UnmaskedIpLoggingStatus
(value)[source]¶ -
An enumeration.
-
disabled
= 'Disabled'¶ Unmasked IP logging is disabled
-
enabled
= 'Enabled'¶ Unmasked IP logging is enabled
-
-
class
azure.mgmt.security.models.
UpdateIotSecuritySolutionData
(*, tags=None, user_defined_resources=None, recommendations_configuration=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.TagsResource
UpdateIotSecuritySolutionData.
- Parameters
user_defined_resources (UserDefinedResourcesProperties) –
recommendations_configuration (list[RecommendationConfigurationProperties]) –
-
class
azure.mgmt.security.models.
UserDefinedResourcesProperties
(*, query: str, query_subscriptions, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Properties of the IoT Security solution’s user defined resources.
All required parameters must be populated in order to send to Azure.
- Parameters
query (str) – Required. Azure Resource Graph query which represents the security solution’s user defined resources. Required to start with “where type != “Microsoft.Devices/IotHubs””
query_subscriptions (list[str]) – Required. List of Azure subscription ids on which the user defined resources query should be executed.
-
class
azure.mgmt.security.models.
UserImpact
(value)[source]¶ -
An enumeration.
-
high
= 'High'¶
-
low
= 'Low'¶
-
moderate
= 'Moderate'¶
-
-
class
azure.mgmt.security.models.
UserRecommendation
(*, username: str = None, recommendation_action=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Represents a user that is recommended to be allowed for a certain rule.
-
class
azure.mgmt.security.models.
ValueType
(value)[source]¶ -
An enumeration.
-
ip_cidr
= 'IpCidr'¶ An IP range in CIDR format (e.g. ‘192.168.0.1/8’).
-
string
= 'String'¶ Any string value.
-
-
class
azure.mgmt.security.models.
VendorReference
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Vendor reference.
Variables are only populated by the server, and will be ignored when sending a request.
-
class
azure.mgmt.security.models.
VmRecommendation
(*, configuration_status=None, recommendation_action=None, resource_id: str = None, enforcement_support=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Represents a machine that is part of a VM/server group.
- Parameters
configuration_status (str or enum) – Possible values include: ‘Configured’, ‘NotConfigured’, ‘InProgress’, ‘Failed’, ‘NoStatus’
recommendation_action (str or enum) – Possible values include: ‘Recommended’, ‘Add’, ‘Remove’
resource_id (str) –
enforcement_support (str or enum) – Possible values include: ‘Supported’, ‘NotSupported’, ‘Unknown’
-
class
azure.mgmt.security.models.
WorkspaceSetting
(*, workspace_id: str, scope: str, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Configures where to store the OMS agent data for workspaces under a scope.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
- Variables
- Parameters
-
class
azure.mgmt.security.models.
WorkspaceSettingPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
WorkspaceSetting
objectBring async to Paging.
“async_command” is mandatory keyword argument for this mixin to work.