# coding=utf-8
# --------------------------------------------------------------------------
# Copyright (c) Microsoft Corporation. All rights reserved.
# Licensed under the MIT License. See License.txt in the project root for license information.
# Code generated by Microsoft (R) AutoRest Code Generator.
# Changes may cause incorrect behavior and will be lost if the code is regenerated.
# --------------------------------------------------------------------------
from enum import Enum, EnumMeta
from six import with_metaclass
class _CaseInsensitiveEnumMeta(EnumMeta):
def __getitem__(self, name):
return super().__getitem__(name.upper())
def __getattr__(cls, name):
"""Return the enum member matching `name`
We use __getattr__ instead of descriptors or inserting into the enum
class' __dict__ in order to support `name` and `value` being both
properties for enum members (which live in the class' __dict__) and
enum members themselves.
"""
try:
return cls._member_map_[name.upper()]
except KeyError:
raise AttributeError(name)
[docs]class AadConnectivityStateEnum(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The connectivity state of the external AAD solution
"""
DISCOVERED = "Discovered"
NOT_LICENSED = "NotLicensed"
CONNECTED = "Connected"
[docs]class ActionType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The type of the action that will be triggered by the Automation
"""
LOGIC_APP = "LogicApp"
EVENT_HUB = "EventHub"
WORKSPACE = "Workspace"
[docs]class AdaptiveApplicationControlIssue(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""An alert that machines within a group can have
"""
VIOLATIONS_AUDITED = "ViolationsAudited"
VIOLATIONS_BLOCKED = "ViolationsBlocked"
MSI_AND_SCRIPT_VIOLATIONS_AUDITED = "MsiAndScriptViolationsAudited"
MSI_AND_SCRIPT_VIOLATIONS_BLOCKED = "MsiAndScriptViolationsBlocked"
EXECUTABLE_VIOLATIONS_AUDITED = "ExecutableViolationsAudited"
RULES_VIOLATED_MANUALLY = "RulesViolatedManually"
[docs]class AdditionalWorkspaceDataType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""Data types sent to workspace.
"""
ALERTS = "Alerts"
RAW_EVENTS = "RawEvents"
[docs]class AdditionalWorkspaceType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""Workspace type.
"""
SENTINEL = "Sentinel"
[docs]class AlertNotifications(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""Whether to send security alerts notifications to the security contact
"""
#: Get notifications on new alerts.
ON = "On"
#: Don't get notifications on new alerts.
OFF = "Off"
[docs]class AlertSeverity(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The risk level of the threat that was detected. Learn more:
https://docs.microsoft.com/en-us/azure/security-center/security-center-alerts-overview#how-are-alerts-classified.
"""
#: Informational.
INFORMATIONAL = "Informational"
#: Low.
LOW = "Low"
#: Medium.
MEDIUM = "Medium"
#: High.
HIGH = "High"
[docs]class AlertStatus(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The life cycle status of the alert.
"""
#: An alert which doesn't specify a value is assigned the status 'Active'.
ACTIVE = "Active"
#: Alert closed after handling.
RESOLVED = "Resolved"
#: Alert dismissed as false positive.
DISMISSED = "Dismissed"
[docs]class AlertsToAdmins(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""Whether to send security alerts notifications to subscription admins
"""
#: Send notification on new alerts to the subscription's admins.
ON = "On"
#: Don't send notification on new alerts to the subscription's admins.
OFF = "Off"
[docs]class AssessedResourceType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""Sub-assessment resource type
"""
SQL_SERVER_VULNERABILITY = "SqlServerVulnerability"
CONTAINER_REGISTRY_VULNERABILITY = "ContainerRegistryVulnerability"
SERVER_VULNERABILITY = "ServerVulnerability"
[docs]class AssessmentStatusCode(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""Programmatic code for the status of the assessment
"""
#: The resource is healthy.
HEALTHY = "Healthy"
#: The resource has a security issue that needs to be addressed.
UNHEALTHY = "Unhealthy"
#: Assessment for this resource did not happen.
NOT_APPLICABLE = "NotApplicable"
[docs]class AssessmentType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment
based on custom Azure Policy definition
"""
#: Azure Security Center managed assessments.
BUILT_IN = "BuiltIn"
#: User defined policies that are automatically ingested from Azure Policy to Azure Security
#: Center.
CUSTOM_POLICY = "CustomPolicy"
#: User assessments pushed directly by the user or other third party to Azure Security Center.
CUSTOMER_MANAGED = "CustomerManaged"
#: An assessment that was created by a verified 3rd party if the user connected it to ASC.
VERIFIED_PARTNER = "VerifiedPartner"
[docs]class AuthenticationProvisioningState(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""State of the multi-cloud connector
"""
#: Valid connector.
VALID = "Valid"
#: Invalid connector.
INVALID = "Invalid"
#: the connection has expired.
EXPIRED = "Expired"
#: Incorrect policy of the connector.
INCORRECT_POLICY = "IncorrectPolicy"
[docs]class AuthenticationType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""Connect to your cloud account, for AWS use either account credentials or role-based
authentication. For GCP use account organization credentials.
"""
#: AWS cloud account connector user credentials authentication.
AWS_CREDS = "awsCreds"
#: AWS account connector assume role authentication.
AWS_ASSUME_ROLE = "awsAssumeRole"
#: GCP account connector service to service authentication.
GCP_CREDENTIALS = "gcpCredentials"
[docs]class AutoProvision(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""Describes what kind of security agent provisioning action to take
"""
#: Install missing security agent on VMs automatically.
ON = "On"
#: Do not install security agent on the VMs automatically.
OFF = "Off"
[docs]class BundleType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""Alert Simulator supported bundles.
"""
APP_SERVICES = "AppServices"
DNS = "DNS"
KEY_VAULTS = "KeyVaults"
KUBERNETES_SERVICE = "KubernetesService"
RESOURCE_MANAGER = "ResourceManager"
SQL_SERVERS = "SqlServers"
STORAGE_ACCOUNTS = "StorageAccounts"
VIRTUAL_MACHINES = "VirtualMachines"
[docs]class Categories(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The categories of resource that is at risk when the assessment is unhealthy
"""
COMPUTE = "Compute"
NETWORKING = "Networking"
DATA = "Data"
IDENTITY_AND_ACCESS = "IdentityAndAccess"
IO_T = "IoT"
[docs]class ConfigurationStatus(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The configuration status of the machines group or machine or rule
"""
CONFIGURED = "Configured"
NOT_CONFIGURED = "NotConfigured"
IN_PROGRESS = "InProgress"
FAILED = "Failed"
NO_STATUS = "NoStatus"
[docs]class ConnectionType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
INTERNAL = "Internal"
EXTERNAL = "External"
[docs]class ControlType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The type of security control (for example, BuiltIn)
"""
#: Azure Security Center managed assessments.
BUILT_IN = "BuiltIn"
#: Non Azure Security Center managed assessments.
CUSTOM = "Custom"
[docs]class CreatedByType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The type of identity that created the resource.
"""
USER = "User"
APPLICATION = "Application"
MANAGED_IDENTITY = "ManagedIdentity"
KEY = "Key"
[docs]class DataSource(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
#: Devices twin data.
TWIN_DATA = "TwinData"
[docs]class Direction(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The rule's direction
"""
INBOUND = "Inbound"
OUTBOUND = "Outbound"
[docs]class EndOfSupportStatus(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""End of support status.
"""
NONE = "None"
NO_LONGER_SUPPORTED = "noLongerSupported"
VERSION_NO_LONGER_SUPPORTED = "versionNoLongerSupported"
UPCOMING_NO_LONGER_SUPPORTED = "upcomingNoLongerSupported"
UPCOMING_VERSION_NO_LONGER_SUPPORTED = "upcomingVersionNoLongerSupported"
[docs]class EnforcementMode(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The application control policy enforcement/protection mode of the machine group
"""
AUDIT = "Audit"
ENFORCE = "Enforce"
NONE = "None"
[docs]class EnforcementSupport(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The machine supportability of Enforce feature
"""
SUPPORTED = "Supported"
NOT_SUPPORTED = "NotSupported"
UNKNOWN = "Unknown"
[docs]class Enum13(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
ACTIVATE = "Activate"
DISMISS = "Dismiss"
START = "Start"
RESOLVE = "Resolve"
CLOSE = "Close"
[docs]class Enum15(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
EFFECTIVE = "effective"
CUSTOM = "custom"
[docs]class Enum69(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
MCAS = "MCAS"
WDATP = "WDATP"
WDATP_EXCLUDE_LINUX_PUBLIC_PREVIEW = "WDATP_EXCLUDE_LINUX_PUBLIC_PREVIEW"
SENTINEL = "Sentinel"
[docs]class EventSource(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""A valid event source type.
"""
ASSESSMENTS = "Assessments"
SUB_ASSESSMENTS = "SubAssessments"
ALERTS = "Alerts"
SECURE_SCORES = "SecureScores"
SECURE_SCORES_SNAPSHOT = "SecureScoresSnapshot"
SECURE_SCORE_CONTROLS = "SecureScoreControls"
SECURE_SCORE_CONTROLS_SNAPSHOT = "SecureScoreControlsSnapshot"
REGULATORY_COMPLIANCE_ASSESSMENT = "RegulatoryComplianceAssessment"
REGULATORY_COMPLIANCE_ASSESSMENT_SNAPSHOT = "RegulatoryComplianceAssessmentSnapshot"
[docs]class ExpandControlsEnum(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
#: Add definition object for each control.
DEFINITION = "definition"
[docs]class ExpandEnum(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
#: All links associated with an assessment.
LINKS = "links"
#: Assessment metadata.
METADATA = "metadata"
[docs]class ExportData(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
#: Agent raw events.
RAW_EVENTS = "RawEvents"
[docs]class ExternalSecuritySolutionKindEnum(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The kind of the external solution
"""
CEF = "CEF"
ATA = "ATA"
AAD = "AAD"
[docs]class FileType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The type of the file (for Linux files - Executable is used)
"""
EXE = "Exe"
DLL = "Dll"
MSI = "Msi"
SCRIPT = "Script"
EXECUTABLE = "Executable"
UNKNOWN = "Unknown"
[docs]class HybridComputeProvisioningState(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""State of the service principal and its secret
"""
#: Valid service principal details.
VALID = "Valid"
#: Invalid service principal details.
INVALID = "Invalid"
#: the service principal details are expired.
EXPIRED = "Expired"
[docs]class ImplementationEffort(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The implementation effort required to remediate this assessment
"""
LOW = "Low"
MODERATE = "Moderate"
HIGH = "High"
[docs]class Intent(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The kill chain related intent behind the alert. For list of supported values, and explanations
of Azure Security Center's supported kill chain intents.
"""
#: Unknown.
UNKNOWN = "Unknown"
#: PreAttack could be either an attempt to access a certain resource regardless of a malicious
#: intent, or a failed attempt to gain access to a target system to gather information prior to
#: exploitation. This step is usually detected as an attempt, originating from outside the
#: network, to scan the target system and find a way in. Further details on the PreAttack stage
#: can be read in `MITRE Pre-Att&ck matrix <https://attack.mitre.org/matrices/pre/>`_.
PRE_ATTACK = "PreAttack"
#: InitialAccess is the stage where an attacker manages to get foothold on the attacked resource.
INITIAL_ACCESS = "InitialAccess"
#: Persistence is any access, action, or configuration change to a system that gives a threat
#: actor a persistent presence on that system.
PERSISTENCE = "Persistence"
#: Privilege escalation is the result of actions that allow an adversary to obtain a higher level
#: of permissions on a system or network.
PRIVILEGE_ESCALATION = "PrivilegeEscalation"
#: Defense evasion consists of techniques an adversary may use to evade detection or avoid other
#: defenses.
DEFENSE_EVASION = "DefenseEvasion"
#: Credential access represents techniques resulting in access to or control over system, domain,
#: or service credentials that are used within an enterprise environment.
CREDENTIAL_ACCESS = "CredentialAccess"
#: Discovery consists of techniques that allow the adversary to gain knowledge about the system
#: and internal network.
DISCOVERY = "Discovery"
#: Lateral movement consists of techniques that enable an adversary to access and control remote
#: systems on a network and could, but does not necessarily, include execution of tools on remote
#: systems.
LATERAL_MOVEMENT = "LateralMovement"
#: The execution tactic represents techniques that result in execution of adversary-controlled
#: code on a local or remote system.
EXECUTION = "Execution"
#: Collection consists of techniques used to identify and gather information, such as sensitive
#: files, from a target network prior to exfiltration.
COLLECTION = "Collection"
#: Exfiltration refers to techniques and attributes that result or aid in the adversary removing
#: files and information from a target network.
EXFILTRATION = "Exfiltration"
#: The command and control tactic represents how adversaries communicate with systems under their
#: control within a target network.
COMMAND_AND_CONTROL = "CommandAndControl"
#: Impact events primarily try to directly reduce the availability or integrity of a system,
#: service, or network; including manipulation of data to impact a business or operational
#: process.
IMPACT = "Impact"
#: Probing could be either an attempt to access a certain resource regardless of a malicious
#: intent, or a failed attempt to gain access to a target system to gather information prior to
#: exploitation.
PROBING = "Probing"
#: Exploitation is the stage where an attacker manages to get a foothold on the attacked resource.
#: This stage is relevant for compute hosts and resources such as user accounts, certificates etc.
EXPLOITATION = "Exploitation"
[docs]class KindEnum(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The kind of alert simulation.
"""
#: Simulate alerts according to bundles.
BUNDLES = "Bundles"
[docs]class Operator(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""A valid comparer operator to use. A case-insensitive comparison will be applied for String
PropertyType.
"""
#: Applies for decimal and non-decimal operands.
EQUALS = "Equals"
#: Applies only for decimal operands.
GREATER_THAN = "GreaterThan"
#: Applies only for decimal operands.
GREATER_THAN_OR_EQUAL_TO = "GreaterThanOrEqualTo"
#: Applies only for decimal operands.
LESSER_THAN = "LesserThan"
#: Applies only for decimal operands.
LESSER_THAN_OR_EQUAL_TO = "LesserThanOrEqualTo"
#: Applies for decimal and non-decimal operands.
NOT_EQUALS = "NotEquals"
#: Applies only for non-decimal operands.
CONTAINS = "Contains"
#: Applies only for non-decimal operands.
STARTS_WITH = "StartsWith"
#: Applies only for non-decimal operands.
ENDS_WITH = "EndsWith"
[docs]class PermissionProperty(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""A permission detected in the cloud account.
"""
#: This permission provides read only access to AWS Security Hub resources.
AWS_AWS_SECURITY_HUB_READ_ONLY_ACCESS = "AWS::AWSSecurityHubReadOnlyAccess"
#: This permission grants access to read security configuration metadata.
AWS_SECURITY_AUDIT = "AWS::SecurityAudit"
#: The permission provides for EC2 Automation service to execute activities defined within
#: Automation documents.
AWS_AMAZON_SSM_AUTOMATION_ROLE = "AWS::AmazonSSMAutomationRole"
#: This permission provides read only access to GCP Security Command Center.
GCP_SECURITY_CENTER_ADMIN_VIEWER = "GCP::Security Center Admin Viewer"
[docs]class PricingTier(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The pricing tier value. Azure Security Center is provided in two pricing tiers: free and
standard, with the standard tier available with a trial period. The standard tier offers
advanced security capabilities, while the free tier offers basic security features.
"""
#: Get free Azure security center experience with basic security features.
FREE = "Free"
#: Get the standard Azure security center experience with advanced security features.
STANDARD = "Standard"
[docs]class PropertyType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The data type of the compared operands (string, integer, floating point number or a boolean
[true/false]]
"""
STRING = "String"
INTEGER = "Integer"
NUMBER = "Number"
BOOLEAN = "Boolean"
[docs]class ProtocolEnum(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
TCP = "TCP"
UDP = "UDP"
ALL = "*"
[docs]class ProvisioningState(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The security family provisioning State
"""
SUCCEEDED = "Succeeded"
FAILED = "Failed"
UPDATING = "Updating"
[docs]class Rank(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The rank of the sensitivity label.
"""
NONE = "None"
LOW = "Low"
MEDIUM = "Medium"
HIGH = "High"
CRITICAL = "Critical"
[docs]class RecommendationAction(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The recommendation action of the machine or rule
"""
RECOMMENDED = "Recommended"
ADD = "Add"
REMOVE = "Remove"
[docs]class RecommendationConfigStatus(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""Recommendation status. When the recommendation status is disabled recommendations are not
generated.
"""
DISABLED = "Disabled"
ENABLED = "Enabled"
[docs]class RecommendationStatus(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The initial recommendation status of the machine group or machine
"""
RECOMMENDED = "Recommended"
NOT_RECOMMENDED = "NotRecommended"
NOT_AVAILABLE = "NotAvailable"
NO_STATUS = "NoStatus"
[docs]class RecommendationType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The type of IoT Security recommendation.
"""
#: Authentication schema used for pull an edge module from an ACR repository does not use Service
#: Principal Authentication.
IO_T_ACRAUTHENTICATION = "IoT_ACRAuthentication"
#: IoT agent message size capacity is currently underutilized, causing an increase in the number
#: of sent messages. Adjust message intervals for better utilization.
IO_T_AGENT_SENDS_UNUTILIZED_MESSAGES = "IoT_AgentSendsUnutilizedMessages"
#: Identified security related system configuration issues.
IO_T_BASELINE = "IoT_Baseline"
#: You can optimize Edge Hub memory usage by turning off protocol heads for any protocols not used
#: by Edge modules in your solution.
IO_T_EDGE_HUB_MEM_OPTIMIZE = "IoT_EdgeHubMemOptimize"
#: Logging is disabled for this edge module.
IO_T_EDGE_LOGGING_OPTIONS = "IoT_EdgeLoggingOptions"
#: A minority within a device security group has inconsistent Edge Module settings with the rest
#: of their group.
IO_T_INCONSISTENT_MODULE_SETTINGS = "IoT_InconsistentModuleSettings"
#: Install the Azure Security of Things Agent.
IO_T_INSTALL_AGENT = "IoT_InstallAgent"
#: IP Filter Configuration should have rules defined for allowed traffic and should deny all other
#: traffic by default.
IO_T_IPFILTER_DENY_ALL = "IoT_IPFilter_DenyAll"
#: An Allow IP Filter rules source IP range is too large. Overly permissive rules might expose
#: your IoT hub to malicious intenders.
IO_T_IPFILTER_PERMISSIVE_RULE = "IoT_IPFilter_PermissiveRule"
#: A listening endpoint was found on the device.
IO_T_OPEN_PORTS = "IoT_OpenPorts"
#: An Allowed firewall policy was found (INPUT/OUTPUT). The policy should Deny all traffic by
#: default and define rules to allow necessary communication to/from the device.
IO_T_PERMISSIVE_FIREWALL_POLICY = "IoT_PermissiveFirewallPolicy"
#: A rule in the firewall has been found that contains a permissive pattern for a wide range of IP
#: addresses or Ports.
IO_T_PERMISSIVE_INPUT_FIREWALL_RULES = "IoT_PermissiveInputFirewallRules"
#: A rule in the firewall has been found that contains a permissive pattern for a wide range of IP
#: addresses or Ports.
IO_T_PERMISSIVE_OUTPUT_FIREWALL_RULES = "IoT_PermissiveOutputFirewallRules"
#: Edge module is configured to run in privileged mode, with extensive Linux capabilities or with
#: host-level network access (send/receive data to host machine).
IO_T_PRIVILEGED_DOCKER_OPTIONS = "IoT_PrivilegedDockerOptions"
#: Same authentication credentials to the IoT Hub used by multiple devices. This could indicate an
#: illegitimate device impersonating a legitimate device. It also exposes the risk of device
#: impersonation by an attacker.
IO_T_SHARED_CREDENTIALS = "IoT_SharedCredentials"
#: Insecure TLS configurations detected. Immediate upgrade recommended.
IO_T_VULNERABLE_TLS_CIPHER_SUITE = "IoT_VulnerableTLSCipherSuite"
[docs]class ReportedSeverity(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""Assessed alert severity.
"""
INFORMATIONAL = "Informational"
LOW = "Low"
MEDIUM = "Medium"
HIGH = "High"
[docs]class ResourceIdentifierType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""There can be multiple identifiers of different type per alert, this field specify the
identifier type.
"""
AZURE_RESOURCE = "AzureResource"
LOG_ANALYTICS = "LogAnalytics"
[docs]class ResourceStatus(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The status of the resource regarding a single assessment
"""
#: This assessment on the resource is healthy.
HEALTHY = "Healthy"
#: This assessment is not applicable to this resource.
NOT_APPLICABLE = "NotApplicable"
#: This assessment is turned off by policy on this subscription.
OFF_BY_POLICY = "OffByPolicy"
#: This assessment on the resource is not healthy.
NOT_HEALTHY = "NotHealthy"
[docs]class RuleSeverity(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The rule severity.
"""
#: High.
HIGH = "High"
#: Medium.
MEDIUM = "Medium"
#: Low.
LOW = "Low"
#: Informational.
INFORMATIONAL = "Informational"
#: Obsolete.
OBSOLETE = "Obsolete"
[docs]class RuleState(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""Possible states of the rule
"""
ENABLED = "Enabled"
DISABLED = "Disabled"
EXPIRED = "Expired"
[docs]class RuleStatus(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The rule result status.
"""
#: NonFinding.
NON_FINDING = "NonFinding"
#: Finding.
FINDING = "Finding"
#: InternalError.
INTERNAL_ERROR = "InternalError"
[docs]class RuleType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The rule type.
"""
#: Binary.
BINARY = "Binary"
#: BaselineExpected.
BASELINE_EXPECTED = "BaselineExpected"
#: PositiveList.
POSITIVE_LIST = "PositiveList"
#: NegativeList.
NEGATIVE_LIST = "NegativeList"
[docs]class ScanState(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The scan status.
"""
#: Failed.
FAILED = "Failed"
#: FailedToRun.
FAILED_TO_RUN = "FailedToRun"
#: InProgress.
IN_PROGRESS = "InProgress"
#: Passed.
PASSED = "Passed"
[docs]class ScanTriggerType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The scan trigger type.
"""
#: OnDemand.
ON_DEMAND = "OnDemand"
#: Recurring.
RECURRING = "Recurring"
[docs]class SecurityFamily(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The security family of the discovered solution
"""
WAF = "Waf"
NGFW = "Ngfw"
SAAS_WAF = "SaasWaf"
VA = "Va"
[docs]class SecuritySolutionStatus(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""Status of the IoT Security solution.
"""
ENABLED = "Enabled"
DISABLED = "Disabled"
[docs]class ServerVulnerabilityAssessmentPropertiesProvisioningState(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The provisioningState of the vulnerability assessment capability on the VM
"""
SUCCEEDED = "Succeeded"
FAILED = "Failed"
CANCELED = "Canceled"
PROVISIONING = "Provisioning"
DEPROVISIONING = "Deprovisioning"
[docs]class SettingKind(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""the kind of the settings string
"""
DATA_EXPORT_SETTINGS = "DataExportSettings"
ALERT_SUPPRESSION_SETTING = "AlertSuppressionSetting"
ALERT_SYNC_SETTINGS = "AlertSyncSettings"
[docs]class Severity(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The sub-assessment severity level
"""
LOW = "Low"
MEDIUM = "Medium"
HIGH = "High"
[docs]class Source(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The platform where the assessed resource resides
"""
#: Resource is in Azure.
AZURE = "Azure"
#: Resource in an on premise machine connected to Azure cloud.
ON_PREMISE = "OnPremise"
#: SQL Resource in an on premise machine connected to Azure cloud.
ON_PREMISE_SQL = "OnPremiseSql"
[docs]class SourceSystem(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The source type of the machine group
"""
AZURE_APP_LOCKER = "Azure_AppLocker"
AZURE_AUDIT_D = "Azure_AuditD"
NON_AZURE_APP_LOCKER = "NonAzure_AppLocker"
NON_AZURE_AUDIT_D = "NonAzure_AuditD"
NONE = "None"
[docs]class State(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""Aggregative state based on the standard's supported controls states
"""
#: All supported regulatory compliance controls in the given standard have a passed state.
PASSED = "Passed"
#: At least one supported regulatory compliance control in the given standard has a state of
#: failed.
FAILED = "Failed"
#: All supported regulatory compliance controls in the given standard have a state of skipped.
SKIPPED = "Skipped"
#: No supported regulatory compliance data for the given standard.
UNSUPPORTED = "Unsupported"
[docs]class Status(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The status of the port
"""
REVOKED = "Revoked"
INITIATED = "Initiated"
[docs]class StatusReason(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""A description of why the ``status`` has its value
"""
EXPIRED = "Expired"
USER_REQUESTED = "UserRequested"
NEWER_REQUEST_INITIATED = "NewerRequestInitiated"
[docs]class SubAssessmentStatusCode(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""Programmatic code for the status of the assessment
"""
#: The resource is healthy.
HEALTHY = "Healthy"
#: The resource has a security issue that needs to be addressed.
UNHEALTHY = "Unhealthy"
#: Assessment for this resource did not happen.
NOT_APPLICABLE = "NotApplicable"
[docs]class Threats(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""Threats impact of the assessment
"""
ACCOUNT_BREACH = "accountBreach"
DATA_EXFILTRATION = "dataExfiltration"
DATA_SPILLAGE = "dataSpillage"
MALICIOUS_INSIDER = "maliciousInsider"
ELEVATION_OF_PRIVILEGE = "elevationOfPrivilege"
THREAT_RESISTANCE = "threatResistance"
MISSING_COVERAGE = "missingCoverage"
DENIAL_OF_SERVICE = "denialOfService"
[docs]class TransportProtocol(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
TCP = "TCP"
UDP = "UDP"
[docs]class UnmaskedIpLoggingStatus(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""Unmasked IP address logging status
"""
#: Unmasked IP logging is disabled.
DISABLED = "Disabled"
#: Unmasked IP logging is enabled.
ENABLED = "Enabled"
[docs]class UserImpact(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The user impact of the assessment
"""
LOW = "Low"
MODERATE = "Moderate"
HIGH = "High"
[docs]class ValueType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)):
"""The value type of the items in the list.
"""
#: An IP range in CIDR format (e.g. '192.168.0.1/8').
IP_CIDR = "IpCidr"
#: Any string value.
STRING = "String"