azure.mgmt.security.models module¶
-
class
azure.mgmt.security.models.
AadConnectivityState1
(*, connectivity_state=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Describes an Azure resource with kind.
Parameters: connectivity_state (str or AadConnectivityState) – The connectivity state of the external AAD solution . Possible values include: ‘Discovered’, ‘NotLicensed’, ‘Connected’
-
class
azure.mgmt.security.models.
AadExternalSecuritySolution
(*, properties=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.ExternalSecuritySolution
Represents an AAD identity protection solution which sends logs to an OMS workspace.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
Variables: Parameters: - kind (str) – Required. Constant filled by server.
- properties (AadSolutionProperties) –
-
class
azure.mgmt.security.models.
AadSolutionProperties
(*, device_vendor: str = None, device_type: str = None, workspace=None, connectivity_state=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The external security solution properties for AAD solutions.
Parameters: - device_vendor (str) –
- device_type (str) –
- workspace (ConnectedWorkspace) –
- connectivity_state (str or AadConnectivityState) – The connectivity state of the external AAD solution . Possible values include: ‘Discovered’, ‘NotLicensed’, ‘Connected’
-
class
azure.mgmt.security.models.
AdvancedThreatProtectionSetting
(*, is_enabled: bool = None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
The Advanced Threat Protection resource.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: Parameters: is_enabled (bool) – Indicates whether Advanced Threat Protection is enabled.
-
class
azure.mgmt.security.models.
Alert
(*, extended_properties=None, entities=None, confidence_reasons=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Security alert.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: - id (str) – Resource Id
- name (str) – Resource name
- type (str) – Resource type
- state (str) – State of the alert (Active, Dismissed etc.)
- reported_time_utc (datetime) – The time the incident was reported to Microsoft.Security in UTC
- vendor_name (str) – Name of the vendor that discovered the incident
- alert_name (str) – Name of the alert type
- alert_display_name (str) – Display name of the alert type
- detected_time_utc (datetime) – The time the incident was detected by the vendor
- description (str) – Description of the incident and what it means
- remediation_steps (str) – Recommended steps to reradiate the incident
- action_taken (str) – The action that was taken as a response to the alert (Active, Blocked etc.)
- reported_severity (str or ReportedSeverity) – Estimated severity of this alert. Possible values include: ‘Informational’, ‘Low’, ‘Medium’, ‘High’
- compromised_entity (str) – The entity that the incident happened on
- associated_resource (str) – Azure resource ID of the associated resource
- system_source (str) – The type of the alerted resource (Azure, Non-Azure)
- can_be_investigated (bool) – Whether this alert can be investigated with Azure Security Center
- is_incident (bool) – Whether this alert is for incident type or not (otherwise - single alert)
- confidence_score (float) – level of confidence we have on the alert
- subscription_id (str) – Azure subscription ID of the resource that had the security alert or the subscription ID of the workspace that this resource reports to
- instance_id (str) – Instance ID of the alert.
- workspace_arm_id (str) – Azure resource ID of the workspace that the alert was reported to.
- correlation_key (str) – Alerts with the same CorrelationKey will be grouped together in Ibiza.
Parameters: - extended_properties (dict[str, object]) –
- entities (list[AlertEntity]) – objects that are related to this alerts
- confidence_reasons (list[AlertConfidenceReason]) – reasons the alert got the confidenceScore value
-
class
azure.mgmt.security.models.
AlertConfidenceReason
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Factors that increase our confidence that the alert is a true positive.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: - type (str) – Type of confidence factor
- reason (str) – description of the confidence reason
-
class
azure.mgmt.security.models.
AlertEntity
(*, additional_properties=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Changing set of properties depending on the entity type.
Variables are only populated by the server, and will be ignored when sending a request.
Parameters: additional_properties (dict[str, object]) – Unmatched properties from the message are deserialized this collection Variables: type (str) – Type of entity
-
class
azure.mgmt.security.models.
AllowedConnectionsResource
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
The resource whose properties describes the allowed traffic between Azure resources.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: - id (str) – Resource Id
- name (str) – Resource name
- type (str) – Resource type
- location (str) – Location where the resource is stored
- calculated_date_time (datetime) – The UTC time on which the allowed connections resource was calculated
- connectable_resources (list[ConnectableResource]) – List of connectable resources
-
class
azure.mgmt.security.models.
AppWhitelistingGroup
(*, enforcement_mode=None, configuration_status=None, recommendation_status=None, issues=None, source_system=None, vm_recommendations=None, path_recommendations=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
AppWhitelistingGroup.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: Parameters: - enforcement_mode (str or enum) – Possible values include: ‘Audit’, ‘Enforce’
- configuration_status (str or enum) – Possible values include: ‘Configured’, ‘NotConfigured’, ‘InProgress’, ‘Failed’, ‘NoStatus’
- recommendation_status (str or enum) – Possible values include: ‘Recommended’, ‘NotRecommended’, ‘NotAvailable’, ‘NoStatus’
- issues (list[AppWhitelistingIssueSummary]) –
- source_system (str or enum) – Possible values include: ‘Azure_AppLocker’, ‘Azure_AuditD’, ‘NonAzure_AppLocker’, ‘NonAzure_AuditD’, ‘None’
- vm_recommendations (list[VmRecommendation]) –
- path_recommendations (list[PathRecommendation]) –
-
class
azure.mgmt.security.models.
AppWhitelistingGroups
(*, value=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Represents a list of VM/server groups and set of rules that are Recommended by Azure Security Center to be allowed.
Parameters: value (list[AppWhitelistingGroup]) –
-
class
azure.mgmt.security.models.
AppWhitelistingIssueSummary
(*, issue=None, number_of_vms: float = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Represents a summary of the alerts of the VM/server group.
Parameters: - issue (str or enum) – Possible values include: ‘ViolationsAudited’, ‘ViolationsBlocked’, ‘MsiAndScriptViolationsAudited’, ‘MsiAndScriptViolationsBlocked’, ‘ExecutableViolationsAudited’, ‘RulesViolatedManually’
- number_of_vms (float) – The number of machines in the VM/server group that have this alert
-
class
azure.mgmt.security.models.
AppWhitelistingPutGroupData
(*, enforcement_mode=None, vm_recommendations=None, path_recommendations=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The altered data of the recommended VM/server group policy.
Parameters: - enforcement_mode (str or enum) – Possible values include: ‘Audit’, ‘Enforce’
- vm_recommendations (list[VmRecommendation]) –
- path_recommendations (list[PathRecommendation]) –
-
class
azure.mgmt.security.models.
AscLocation
(*, properties=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
The ASC location of the subscription is in the “name” field.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: Parameters: properties (object) –
-
class
azure.mgmt.security.models.
AtaExternalSecuritySolution
(*, properties=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.ExternalSecuritySolution
Represents an ATA security solution which sends logs to an OMS workspace.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
Variables: Parameters: - kind (str) – Required. Constant filled by server.
- properties (AtaSolutionProperties) –
-
class
azure.mgmt.security.models.
AtaSolutionProperties
(*, additional_properties=None, device_vendor: str = None, device_type: str = None, workspace=None, last_event_received: str = None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.ExternalSecuritySolutionProperties
The external security solution properties for ATA solutions.
Parameters: - additional_properties (dict[str, object]) – Unmatched properties from the message are deserialized this collection
- device_vendor (str) –
- device_type (str) –
- workspace (ConnectedWorkspace) –
- last_event_received (str) –
-
class
azure.mgmt.security.models.
AutoProvisioningSetting
(*, auto_provision, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Auto provisioning setting.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
Variables: Parameters: auto_provision (str or AutoProvision) – Required. Describes what kind of security agent provisioning action to take. Possible values include: ‘On’, ‘Off’
-
class
azure.mgmt.security.models.
CefExternalSecuritySolution
(*, properties=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.ExternalSecuritySolution
Represents a security solution which sends CEF logs to an OMS workspace.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
Variables: Parameters: - kind (str) – Required. Constant filled by server.
- properties (CefSolutionProperties) –
-
class
azure.mgmt.security.models.
CefSolutionProperties
(*, additional_properties=None, device_vendor: str = None, device_type: str = None, workspace=None, hostname: str = None, agent: str = None, last_event_received: str = None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.ExternalSecuritySolutionProperties
The external security solution properties for CEF solutions.
Parameters: - additional_properties (dict[str, object]) – Unmatched properties from the message are deserialized this collection
- device_vendor (str) –
- device_type (str) –
- workspace (ConnectedWorkspace) –
- hostname (str) –
- agent (str) –
- last_event_received (str) –
-
class
azure.mgmt.security.models.
Compliance
(**kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Compliance of a scope.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: - id (str) – Resource Id
- name (str) – Resource name
- type (str) – Resource type
- assessment_timestamp_utc_date (datetime) – The timestamp when the Compliance calculation was conducted.
- resource_count (int) – The resource count of the given subscription for which the Compliance calculation was conducted (needed for Management Group Compliance calculation).
- assessment_result (list[ComplianceSegment]) – An array of segment, which is the actually the compliance assessment.
-
class
azure.mgmt.security.models.
ComplianceResult
(**kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
a compliance result.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: - id (str) – Resource Id
- name (str) – Resource name
- type (str) – Resource type
- resource_status (str or ResourceStatus) – The status of the resource regarding a single assessment. Possible values include: ‘Healthy’, ‘NotApplicable’, ‘OffByPolicy’, ‘NotHealthy’
-
class
azure.mgmt.security.models.
ComplianceSegment
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
A segment of a compliance assessment.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: - segment_type (str) – The segment type, e.g. compliant, non-compliance, insufficient coverage, N/A, etc.
- percentage (float) – The size (%) of the segment.
-
class
azure.mgmt.security.models.
ConnectableResource
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Describes the allowed inbound and outbound traffic of an Azure resource.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: - id (str) – The Azure resource id
- inbound_connected_resources (list[ConnectedResource]) – The list of Azure resources that the resource has inbound allowed connection from
- outbound_connected_resources (list[ConnectedResource]) – The list of Azure resources that the resource has outbound allowed connection to
-
class
azure.mgmt.security.models.
ConnectedResource
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Describes properties of a connected resource.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: - connected_resource_id (str) – The Azure resource id of the connected resource
- tcp_ports (str) – The allowed tcp ports
- udp_ports (str) – The allowed udp ports
-
class
azure.mgmt.security.models.
ConnectedWorkspace
(*, id: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Represents an OMS workspace to which the solution is connected.
Parameters: id (str) – Azure resource ID of the connected OMS workspace
-
class
azure.mgmt.security.models.
DataExportSetting
(*, kind, enabled: bool, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Setting
Represents a data export setting.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
Variables: Parameters: - kind (str or SettingKind) – Required. the kind of the settings string (DataExportSetting). Possible values include: ‘DataExportSetting’, ‘AlertSuppressionSetting’
- enabled (bool) – Required. Is the data export setting is enabled
-
class
azure.mgmt.security.models.
DiscoveredSecuritySolution
(*, security_family, offer: str, publisher: str, sku: str, **kwargs)[source]¶ Bases:
msrest.serialization.Model
DiscoveredSecuritySolution.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
Variables: Parameters: - security_family (str or SecurityFamily) – Required. The security family of the discovered solution. Possible values include: ‘Waf’, ‘Ngfw’, ‘SaasWaf’, ‘Va’
- offer (str) – Required. The security solutions’ image offer
- publisher (str) – Required. The security solutions’ image publisher
- sku (str) – Required. The security solutions’ image sku
-
class
azure.mgmt.security.models.
ExternalSecuritySolution
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Represents a security solution external to Azure Security Center which sends information to an OMS workspace and whose data is displayed by Azure Security Center.
You probably want to use the sub-classes and not this class directly. Known sub-classes are: CefExternalSecuritySolution, AtaExternalSecuritySolution, AadExternalSecuritySolution
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
Variables: Parameters: kind (str) – Required. Constant filled by server.
-
class
azure.mgmt.security.models.
ExternalSecuritySolutionKind1
(*, kind=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Describes an Azure resource with kind.
Parameters: kind (str or ExternalSecuritySolutionKind) – The kind of the external solution. Possible values include: ‘CEF’, ‘ATA’, ‘AAD’
-
class
azure.mgmt.security.models.
ExternalSecuritySolutionProperties
(*, additional_properties=None, device_vendor: str = None, device_type: str = None, workspace=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The solution properties (correspond to the solution kind).
Parameters: - additional_properties (dict[str, object]) – Unmatched properties from the message are deserialized this collection
- device_vendor (str) –
- device_type (str) –
- workspace (ConnectedWorkspace) –
-
class
azure.mgmt.security.models.
InformationProtectionKeyword
(*, pattern: str = None, custom: bool = None, can_be_numeric: bool = None, excluded: bool = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The information type keyword.
Parameters: - pattern (str) – The keyword pattern.
- custom (bool) – Indicates whether the keyword is custom or not.
- can_be_numeric (bool) – Indicates whether the keyword can be applied on numeric types or not.
- excluded (bool) – Indicates whether the keyword is excluded or not.
-
class
azure.mgmt.security.models.
InformationProtectionPolicy
(*, labels=None, information_types=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Information protection policy.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: Parameters: - labels (dict[str, SensitivityLabel]) – Dictionary of sensitivity labels.
- information_types (dict[str, InformationType]) – The sensitivity information types.
-
class
azure.mgmt.security.models.
InformationType
(*, display_name: str = None, order: float = None, recommended_label_id: str = None, enabled: bool = None, custom: bool = None, keywords=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The information type.
Parameters: - display_name (str) – The name of the information type.
- order (float) – The order of the information type.
- recommended_label_id (str) – The recommended label id to be associated with this information type.
- enabled (bool) – Indicates whether the information type is enabled or not.
- custom (bool) – Indicates whether the information type is custom or not.
- keywords (list[InformationProtectionKeyword]) – The information type keywords.
-
class
azure.mgmt.security.models.
IoTSecurityAggregatedAlert
(*, tags=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Security Solution Aggregated Alert information.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: - id (str) – Resource Id
- name (str) – Resource name
- type (str) – Resource type
- alert_type (str) – Name of the alert type
- alert_display_name (str) – Display name of the alert type
- aggregated_date_utc (date) – The date the incidents were detected by the vendor
- vendor_name (str) – Name of the vendor that discovered the incident
- reported_severity (str or ReportedSeverity) – Estimated severity of this alert. Possible values include: ‘Informational’, ‘Low’, ‘Medium’, ‘High’
- remediation_steps (str) – Recommended steps for remediation
- description (str) – Description of the incident and what it means
- count (int) – Occurrence number of the alert within the aggregated date
- effected_resource_type (str) – Azure resource ID of the resource that got the alerts
- system_source (str) – The type of the alerted resource (Azure, Non-Azure)
- action_taken (str) – The action that was taken as a response to the alert (Active, Blocked etc.)
- log_analytics_query (str) – query in log analytics to get the list of affected devices/alerts
Parameters: tags (dict[str, str]) – Resource tags
-
class
azure.mgmt.security.models.
IoTSecurityAggregatedRecommendation
(*, tags=None, recommendation_name: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Security Solution Recommendation Information.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: - id (str) – Resource Id
- name (str) – Resource name
- type (str) – Resource type
- recommendation_display_name (str) – Display name of the recommendation type.
- description (str) – Description of the incident and what it means
- recommendation_type_id (str) – The recommendation-type GUID.
- detected_by (str) – Name of the vendor that discovered the issue
- remediation_steps (str) – Recommended steps for remediation
- reported_severity (str or ReportedSeverity) – Estimated severity of this recommendation. Possible values include: ‘Informational’, ‘Low’, ‘Medium’, ‘High’
- healthy_devices (int) – the number of the healthy devices within the solution
- unhealthy_device_count (int) – the number of the unhealthy devices within the solution
- log_analytics_query (str) – query in log analytics to get the list of affected devices/alerts
Parameters: - tags (dict[str, str]) – Resource tags
- recommendation_name (str) – Name of the recommendation
-
class
azure.mgmt.security.models.
IoTSecurityAlertedDevice
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Statistic information about the number of alerts per device during the last period.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: - device_id (str) – Name of the alert type
- alerts_count (int) – the number of alerts raised for this device
-
class
azure.mgmt.security.models.
IoTSecurityAlertedDevicesList
(*, value, **kwargs)[source]¶ Bases:
msrest.serialization.Model
List of devices with the count of raised alerts.
All required parameters must be populated in order to send to Azure.
Parameters: value (list[IoTSecurityAlertedDevice]) – Required. List of aggregated alerts data
-
class
azure.mgmt.security.models.
IoTSecurityDeviceAlert
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Statistic information about the number of alerts per alert type during the last period.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: - alert_display_name (str) – Display name of the alert
- reported_severity (str or ReportedSeverity) – Estimated severity of this alert. Possible values include: ‘Informational’, ‘Low’, ‘Medium’, ‘High’
- alerts_count (int) – the number of alerts raised for this alert type
-
class
azure.mgmt.security.models.
IoTSecurityDeviceAlertsList
(*, value, **kwargs)[source]¶ Bases:
msrest.serialization.Model
List of alerts with the count of raised alerts.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
Parameters: value (list[IoTSecurityDeviceAlert]) – Required. List of top alerts data Variables: next_link (str) – The URI to fetch the next page.
-
class
azure.mgmt.security.models.
IoTSecurityDeviceRecommendation
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Statistic information about the number of recommendations per recommendation type.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: - recommendation_display_name (str) – Display name of the recommendation
- reported_severity (str or ReportedSeverity) – Estimated severity of this recommendation. Possible values include: ‘Informational’, ‘Low’, ‘Medium’, ‘High’
- devices_count (int) – the number of device with this recommendation
-
class
azure.mgmt.security.models.
IoTSecurityDeviceRecommendationsList
(*, value, **kwargs)[source]¶ Bases:
msrest.serialization.Model
List of recommendations with the count of devices.
All required parameters must be populated in order to send to Azure.
Parameters: value (list[IoTSecurityDeviceRecommendation]) – Required. List of aggregated recommendation data
-
class
azure.mgmt.security.models.
IoTSecuritySolutionAnalyticsModel
(*, top_alerted_devices=None, most_prevalent_device_alerts=None, most_prevalent_device_recommendations=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Security Analytics of a security solution.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: - id (str) – Resource Id
- name (str) – Resource name
- type (str) – Resource type
- metrics (IoTSeverityMetrics) – Security Analytics of a security solution
- unhealthy_device_count (int) – number of unhealthy devices
- devices_metrics (list[IoTSecuritySolutionAnalyticsModelPropertiesDevicesMetricsItem]) – The list of devices metrics by the aggregated date.
Parameters: - top_alerted_devices (IoTSecurityAlertedDevicesList) – The list of top 3 devices with the most attacked.
- most_prevalent_device_alerts (IoTSecurityDeviceAlertsList) – The list of most prevalent 3 alerts.
- most_prevalent_device_recommendations (IoTSecurityDeviceRecommendationsList) – The list of most prevalent 3 recommendations.
-
class
azure.mgmt.security.models.
IoTSecuritySolutionAnalyticsModelList
(*, value, **kwargs)[source]¶ Bases:
msrest.serialization.Model
List of Security Analytics of a security solution.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
Parameters: value (list[IoTSecuritySolutionAnalyticsModel]) – Required. List of Security Analytics of a security solution Variables: next_link (str) – The URI to fetch the next page.
-
class
azure.mgmt.security.models.
IoTSecuritySolutionAnalyticsModelPropertiesDevicesMetricsItem
(*, date_property=None, devices_metrics=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
IoTSecuritySolutionAnalyticsModelPropertiesDevicesMetricsItem.
Parameters: - date_property (datetime) – the date of the metrics
- devices_metrics (IoTSeverityMetrics) – devices alerts count by severity.
-
class
azure.mgmt.security.models.
IoTSecuritySolutionModel
(*, workspace: str, display_name: str, iot_hubs, tags=None, location: str = None, status='Enabled', export=None, disabled_data_sources=None, user_defined_resources=None, recommendations_configuration=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Security Solution.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
Variables: Parameters: - tags (dict[str, str]) – Resource tags
- location (str) – The resource location.
- workspace (str) – Required. Workspace resource ID
- display_name (str) – Required. Resource display name.
- status (str or SecuritySolutionStatus) – Security solution status. Possible values include: ‘Enabled’, ‘Disabled’. Default value: “Enabled” .
- export (list[str or ExportData]) – List of additional export to workspace data options
- disabled_data_sources (list[str or DataSource]) – Disabled data sources. Disabling these data sources compromises the system.
- iot_hubs (list[str]) – Required. IoT Hub resource IDs
- user_defined_resources (UserDefinedResourcesProperties) –
- recommendations_configuration (list[RecommendationConfigurationProperties]) –
-
class
azure.mgmt.security.models.
IoTSeverityMetrics
(*, high: int = None, medium: int = None, low: int = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Severity metrics.
Parameters: - high (int) – count of high severity items
- medium (int) – count of medium severity items
- low (int) – count of low severity items
-
class
azure.mgmt.security.models.
JitNetworkAccessPolicy
(*, virtual_machines, kind: str = None, requests=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
JitNetworkAccessPolicy.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
Variables: Parameters: - kind (str) – Kind of the resource
- virtual_machines (list[JitNetworkAccessPolicyVirtualMachine]) – Required. Configurations for Microsoft.Compute/virtualMachines resource type.
- requests (list[JitNetworkAccessRequest]) –
-
class
azure.mgmt.security.models.
JitNetworkAccessPolicyInitiatePort
(*, number: int, end_time_utc, allowed_source_address_prefix: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
JitNetworkAccessPolicyInitiatePort.
All required parameters must be populated in order to send to Azure.
Parameters: - number (int) – Required.
- allowed_source_address_prefix (str) – Source of the allowed traffic. If omitted, the request will be for the source IP address of the initiate request.
- end_time_utc (datetime) – Required. The time to close the request in UTC
-
class
azure.mgmt.security.models.
JitNetworkAccessPolicyInitiateRequest
(*, virtual_machines, **kwargs)[source]¶ Bases:
msrest.serialization.Model
JitNetworkAccessPolicyInitiateRequest.
All required parameters must be populated in order to send to Azure.
Parameters: virtual_machines (list[JitNetworkAccessPolicyInitiateVirtualMachine]) – Required. A list of virtual machines & ports to open access for
-
class
azure.mgmt.security.models.
JitNetworkAccessPolicyInitiateVirtualMachine
(*, id: str, ports, **kwargs)[source]¶ Bases:
msrest.serialization.Model
JitNetworkAccessPolicyInitiateVirtualMachine.
All required parameters must be populated in order to send to Azure.
Parameters: - id (str) – Required. Resource ID of the virtual machine that is linked to this policy
- ports (list[JitNetworkAccessPolicyInitiatePort]) – Required. The ports to open for the resource with the id
-
class
azure.mgmt.security.models.
JitNetworkAccessPolicyVirtualMachine
(*, id: str, ports, public_ip_address: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
JitNetworkAccessPolicyVirtualMachine.
All required parameters must be populated in order to send to Azure.
Parameters: - id (str) – Required. Resource ID of the virtual machine that is linked to this policy
- ports (list[JitNetworkAccessPortRule]) – Required. Port configurations for the virtual machine
- public_ip_address (str) – Public IP address of the Azure Firewall that is linked to this policy, if applicable
-
class
azure.mgmt.security.models.
JitNetworkAccessPortRule
(*, number: int, protocol, max_request_access_duration: str, allowed_source_address_prefix: str = None, allowed_source_address_prefixes=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
JitNetworkAccessPortRule.
All required parameters must be populated in order to send to Azure.
Parameters: - number (int) – Required.
- protocol (str or Protocol) – Required. Possible values include: ‘TCP’, ‘UDP’, ‘All’
- allowed_source_address_prefix (str) – Mutually exclusive with the “allowedSourceAddressPrefixes” parameter. Should be an IP address or CIDR, for example “192.168.0.3” or “192.168.0.0/16”.
- allowed_source_address_prefixes (list[str]) – Mutually exclusive with the “allowedSourceAddressPrefix” parameter.
- max_request_access_duration (str) – Required. Maximum duration requests can be made for. In ISO 8601 duration format. Minimum 5 minutes, maximum 1 day
-
class
azure.mgmt.security.models.
JitNetworkAccessRequest
(*, virtual_machines, start_time_utc, requestor: str, **kwargs)[source]¶ Bases:
msrest.serialization.Model
JitNetworkAccessRequest.
All required parameters must be populated in order to send to Azure.
Parameters: - virtual_machines (list[JitNetworkAccessRequestVirtualMachine]) – Required.
- start_time_utc (datetime) – Required. The start time of the request in UTC
- requestor (str) – Required. The identity of the person who made the request
-
class
azure.mgmt.security.models.
JitNetworkAccessRequestPort
(*, number: int, end_time_utc, status, status_reason, allowed_source_address_prefix: str = None, allowed_source_address_prefixes=None, mapped_port: int = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
JitNetworkAccessRequestPort.
All required parameters must be populated in order to send to Azure.
Parameters: - number (int) – Required.
- allowed_source_address_prefix (str) – Mutually exclusive with the “allowedSourceAddressPrefixes” parameter. Should be an IP address or CIDR, for example “192.168.0.3” or “192.168.0.0/16”.
- allowed_source_address_prefixes (list[str]) – Mutually exclusive with the “allowedSourceAddressPrefix” parameter.
- end_time_utc (datetime) – Required. The date & time at which the request ends in UTC
- status (str or Status) – Required. The status of the port. Possible values include: ‘Revoked’, ‘Initiated’
- status_reason (str or StatusReason) – Required. A description of why the status has its value. Possible values include: ‘Expired’, ‘UserRequested’, ‘NewerRequestInitiated’
- mapped_port (int) – The port which is mapped to this port’s number in the Azure Firewall, if applicable
-
class
azure.mgmt.security.models.
JitNetworkAccessRequestVirtualMachine
(*, id: str, ports, **kwargs)[source]¶ Bases:
msrest.serialization.Model
JitNetworkAccessRequestVirtualMachine.
All required parameters must be populated in order to send to Azure.
Parameters: - id (str) – Required. Resource ID of the virtual machine that is linked to this policy
- ports (list[JitNetworkAccessRequestPort]) – Required. The ports that were opened for the virtual machine
-
class
azure.mgmt.security.models.
Kind
(*, kind: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Describes an Azure resource with kind.
Parameters: kind (str) – Kind of the resource
-
class
azure.mgmt.security.models.
Location
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Describes an Azure resource with location.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: location (str) – Location where the resource is stored
-
class
azure.mgmt.security.models.
Operation
(*, display=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Possible operation in the REST API of Microsoft.Security.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: - name (str) – Name of the operation
- origin (str) – Where the operation is originated
Parameters: display (OperationDisplay) –
-
class
azure.mgmt.security.models.
OperationDisplay
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Security operation display.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: - provider (str) – The resource provider for the operation.
- resource (str) – The display name of the resource the operation applies to.
- operation (str) – The display name of the security operation.
- description (str) – The description of the operation.
-
class
azure.mgmt.security.models.
PathRecommendation
(*, path: str = None, action=None, type=None, publisher_info=None, common: bool = None, user_sids=None, usernames=None, file_type=None, configuration_status=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Represents a path that is recommended to be allowed and its properties.
Parameters: - path (str) – The full path to whitelist
- action (str or enum) – Possible values include: ‘Recommended’, ‘Add’, ‘Remove’
- type (str or enum) – Possible values include: ‘File’, ‘FileHash’, ‘PublisherSignature’, ‘ProductSignature’, ‘BinarySignature’, ‘VersionAndAboveSignature’
- publisher_info (PublisherInfo) –
- common (bool) – Whether the path is commonly run on the machine
- user_sids (list[str]) –
- usernames (list[UserRecommendation]) –
- file_type (str or enum) – Possible values include: ‘Exe’, ‘Dll’, ‘Msi’, ‘Script’, ‘Executable’, ‘Unknown’
- configuration_status (str or enum) – Possible values include: ‘Configured’, ‘NotConfigured’, ‘InProgress’, ‘Failed’, ‘NoStatus’
-
class
azure.mgmt.security.models.
Pricing
(*, pricing_tier, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Pricing tier will be applied for the scope based on the resource ID.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
Variables: Parameters: pricing_tier (str or PricingTier) – Required. The pricing tier value. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. Possible values include: ‘Free’, ‘Standard’
-
class
azure.mgmt.security.models.
PricingList
(*, value, **kwargs)[source]¶ Bases:
msrest.serialization.Model
List of pricing configurations response.
All required parameters must be populated in order to send to Azure.
Parameters: value (list[Pricing]) – Required. List of pricing configurations
-
class
azure.mgmt.security.models.
PublisherInfo
(*, publisher_name: str = None, product_name: str = None, binary_name: str = None, version: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Represents the publisher information of a process/rule.
Parameters: - publisher_name (str) – The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country
- product_name (str) – The product name taken from the file’s version resource
- binary_name (str) – The “OriginalName” field taken from the file’s version resource
- version (str) – The binary file version taken from the file’s version resource
-
class
azure.mgmt.security.models.
RecommendationConfigurationProperties
(*, recommendation_type, status='Enabled', **kwargs)[source]¶ Bases:
msrest.serialization.Model
Recommendation configuration.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
Parameters: - recommendation_type (str or RecommendationType) – Required. The recommendation type. Possible values include: ‘IoT_ACRAuthentication’, ‘IoT_AgentSendsUnutilizedMessages’, ‘IoT_Baseline’, ‘IoT_EdgeHubMemOptimize’, ‘IoT_EdgeLoggingOptions’, ‘IoT_InconsistentModuleSettings’, ‘IoT_InstallAgent’, ‘IoT_IPFilter_DenyAll’, ‘IoT_IPFilter_PermissiveRule’, ‘IoT_OpenPorts’, ‘IoT_PermissiveFirewallPolicy’, ‘IoT_PermissiveInputFirewallRules’, ‘IoT_PermissiveOutputFirewallRules’, ‘IoT_PrivilegedDockerOptions’, ‘IoT_SharedCredentials’, ‘IoT_VulnerableTLSCipherSuite’
- status (str or RecommendationConfigStatus) – Required. Recommendation status. The recommendation is not generated when the status is disabled. Possible values include: ‘Disabled’, ‘Enabled’. Default value: “Enabled” .
Variables: name (str) –
-
class
azure.mgmt.security.models.
RegulatoryComplianceAssessment
(*, state=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Regulatory compliance assessment details and state.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: - id (str) – Resource Id
- name (str) – Resource name
- type (str) – Resource type
- description (str) – The description of the regulatory compliance assessment
- assessment_type (str) – The expected type of assessment contained in the AssessmentDetailsLink
- assessment_details_link (str) – Link to more detailed assessment results data. The response type will be according to the assessmentType field
- passed_resources (int) – The given assessment’s related resources count with passed state.
- failed_resources (int) – The given assessment’s related resources count with failed state.
- skipped_resources (int) – The given assessment’s related resources count with skipped state.
- unsupported_resources (int) – The given assessment’s related resources count with unsupported state.
Parameters: state (str or State) – Aggregative state based on the assessment’s scanned resources states. Possible values include: ‘Passed’, ‘Failed’, ‘Skipped’, ‘Unsupported’
-
class
azure.mgmt.security.models.
RegulatoryComplianceControl
(*, state=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Regulatory compliance control details and state.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: - id (str) – Resource Id
- name (str) – Resource name
- type (str) – Resource type
- description (str) – The description of the regulatory compliance control
- passed_assessments (int) – The number of supported regulatory compliance assessments of the given control with a passed state
- failed_assessments (int) – The number of supported regulatory compliance assessments of the given control with a failed state
- skipped_assessments (int) – The number of supported regulatory compliance assessments of the given control with a skipped state
Parameters: state (str or State) – Aggregative state based on the control’s supported assessments states. Possible values include: ‘Passed’, ‘Failed’, ‘Skipped’, ‘Unsupported’
-
class
azure.mgmt.security.models.
RegulatoryComplianceStandard
(*, state=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Regulatory compliance standard details and state.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: - id (str) – Resource Id
- name (str) – Resource name
- type (str) – Resource type
- passed_controls (int) – The number of supported regulatory compliance controls of the given standard with a passed state
- failed_controls (int) – The number of supported regulatory compliance controls of the given standard with a failed state
- skipped_controls (int) – The number of supported regulatory compliance controls of the given standard with a skipped state
- unsupported_controls (int) – The number of regulatory compliance controls of the given standard which are unsupported by automated assessments
Parameters: state (str or State) – Aggregative state based on the standard’s supported controls states. Possible values include: ‘Passed’, ‘Failed’, ‘Skipped’, ‘Unsupported’
-
class
azure.mgmt.security.models.
Resource
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
Describes an Azure resource.
Variables are only populated by the server, and will be ignored when sending a request.
Variables:
-
class
azure.mgmt.security.models.
SecurityContact
(*, email: str, alert_notifications, alerts_to_admins, phone: str = None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Contact details for security issues.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
Variables: Parameters: - email (str) – Required. The email of this security contact
- phone (str) – The phone number of this security contact
- alert_notifications (str or AlertNotifications) – Required. Whether to send security alerts notifications to the security contact. Possible values include: ‘On’, ‘Off’
- alerts_to_admins (str or AlertsToAdmins) – Required. Whether to send security alerts notifications to subscription admins. Possible values include: ‘On’, ‘Off’
-
class
azure.mgmt.security.models.
SecurityTask
(*, security_task_parameters=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Security task that we recommend to do in order to strengthen security.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: - id (str) – Resource Id
- name (str) – Resource name
- type (str) – Resource type
- state (str) – State of the task (Active, Resolved etc.)
- creation_time_utc (datetime) – The time this task was discovered in UTC
- last_state_change_time_utc (datetime) – The time this task’s details were last changed in UTC
- sub_state (str) – Additional data on the state of the task
Parameters: security_task_parameters (SecurityTaskParameters) –
-
class
azure.mgmt.security.models.
SecurityTaskParameters
(*, additional_properties=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Changing set of properties, depending on the task type that is derived from the name field.
Variables are only populated by the server, and will be ignored when sending a request.
Parameters: additional_properties (dict[str, object]) – Unmatched properties from the message are deserialized this collection Variables: name (str) – Name of the task type
-
class
azure.mgmt.security.models.
SensitivityLabel
(*, display_name: str = None, order: float = None, enabled: bool = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
The sensitivity label.
Parameters: - display_name (str) – The name of the sensitivity label.
- order (float) – The order of the sensitivity label.
- enabled (bool) – Indicates whether the label is enabled or not.
-
class
azure.mgmt.security.models.
ServerVulnerabilityAssessment
(**kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Describes the server vulnerability assessment details on a resource.
Variables are only populated by the server, and will be ignored when sending a request.
Variables:
-
class
azure.mgmt.security.models.
ServerVulnerabilityAssessmentsList
(*, value=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
List of server vulnerability assessments.
Parameters: value (list[ServerVulnerabilityAssessment]) –
-
class
azure.mgmt.security.models.
Setting
(*, kind, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.SettingResource
Represents a security setting in Azure Security Center.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
Variables: Parameters: kind (str or SettingKind) – Required. the kind of the settings string (DataExportSetting). Possible values include: ‘DataExportSetting’, ‘AlertSuppressionSetting’
-
class
azure.mgmt.security.models.
SettingResource
(*, kind, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
The kind of the security setting.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
Variables: Parameters: kind (str or SettingKind) – Required. the kind of the settings string (DataExportSetting). Possible values include: ‘DataExportSetting’, ‘AlertSuppressionSetting’
-
class
azure.mgmt.security.models.
TagsResource
(*, tags=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
A container holding only the Tags for a resource, allowing the user to update the tags.
Parameters: tags (dict[str, str]) – Resource tags
-
class
azure.mgmt.security.models.
TopologyResource
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
TopologyResource.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: - id (str) – Resource Id
- name (str) – Resource name
- type (str) – Resource type
- location (str) – Location where the resource is stored
- calculated_date_time (datetime) – The UTC time on which the topology was calculated
- topology_resources (list[TopologySingleResource]) – Azure resources which are part of this topology resource
-
class
azure.mgmt.security.models.
TopologySingleResource
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
TopologySingleResource.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: - resource_id (str) – Azure resource id
- severity (str) – The security severity of the resource
- recommendations_exist (bool) – Indicates if the resource has security recommendations
- network_zones (str) – Indicates the resource connectivity level to the Internet (InternetFacing, Internal ,etc.)
- topology_score (int) – Score of the resource based on its security severity
- location (str) – The location of this resource
- parents (list[TopologySingleResourceParent]) – Azure resources connected to this resource which are in higher level in the topology view
- children (list[TopologySingleResourceChild]) – Azure resources connected to this resource which are in lower level in the topology view
-
class
azure.mgmt.security.models.
TopologySingleResourceChild
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
TopologySingleResourceChild.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: resource_id (str) – Azure resource id which serves as child resource in topology view
-
class
azure.mgmt.security.models.
TopologySingleResourceParent
(**kwargs)[source]¶ Bases:
msrest.serialization.Model
TopologySingleResourceParent.
Variables are only populated by the server, and will be ignored when sending a request.
Variables: resource_id (str) – Azure resource id which serves as parent resource in topology view
-
class
azure.mgmt.security.models.
UpdateIotSecuritySolutionData
(*, tags=None, user_defined_resources=None, recommendations_configuration=None, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.TagsResource
UpdateIotSecuritySolutionData.
Parameters: - tags (dict[str, str]) – Resource tags
- user_defined_resources (UserDefinedResourcesProperties) –
- recommendations_configuration (list[RecommendationConfigurationProperties]) –
-
class
azure.mgmt.security.models.
UserDefinedResourcesProperties
(*, query: str, query_subscriptions, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Properties of the solution’s user defined resources.
All required parameters must be populated in order to send to Azure.
Parameters: - query (str) – Required. Azure Resource Graph query which represents the security solution’s user defined resources. Required to start with “where type != “Microsoft.Devices/IotHubs””
- query_subscriptions (list[str]) – Required. List of Azure subscription ids on which the user defined resources query should be executed.
-
class
azure.mgmt.security.models.
UserRecommendation
(*, username: str = None, recommendation_action=None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Represents a user that is recommended to be allowed for a certain rule.
Parameters: - username (str) – Represents a user that is recommended to be allowed for a certain rule
- recommendation_action (str or enum) – Possible values include: ‘Recommended’, ‘Add’, ‘Remove’
-
class
azure.mgmt.security.models.
VmRecommendation
(*, configuration_status=None, recommendation_action=None, resource_id: str = None, **kwargs)[source]¶ Bases:
msrest.serialization.Model
Represents a machine that is part of a VM/server group.
Parameters: - configuration_status (str or enum) – Possible values include: ‘Configured’, ‘NotConfigured’, ‘InProgress’, ‘Failed’, ‘NoStatus’
- recommendation_action (str or enum) – Possible values include: ‘Recommended’, ‘Add’, ‘Remove’
- resource_id (str) –
-
class
azure.mgmt.security.models.
WorkspaceSetting
(*, workspace_id: str, scope: str, **kwargs)[source]¶ Bases:
azure.mgmt.security.models._models_py3.Resource
Configures where to store the OMS agent data for workspaces under a scope.
Variables are only populated by the server, and will be ignored when sending a request.
All required parameters must be populated in order to send to Azure.
Variables: Parameters: - workspace_id (str) – Required. The full Azure ID of the workspace to save the data in
- scope (str) – Required. All the VMs in this scope will send their security data to the mentioned workspace unless overridden by a setting with more specific scope
-
class
azure.mgmt.security.models.
ComplianceResultPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
ComplianceResult
object
-
class
azure.mgmt.security.models.
AlertPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
Alert
object
-
class
azure.mgmt.security.models.
SettingPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
Setting
object
-
class
azure.mgmt.security.models.
IoTSecuritySolutionModelPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
IoTSecuritySolutionModel
object
-
class
azure.mgmt.security.models.
IoTSecurityAggregatedAlertPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
IoTSecurityAggregatedAlert
object
-
class
azure.mgmt.security.models.
IoTSecurityAggregatedRecommendationPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
IoTSecurityAggregatedRecommendation
object
-
class
azure.mgmt.security.models.
AllowedConnectionsResourcePaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
AllowedConnectionsResource
object
-
class
azure.mgmt.security.models.
DiscoveredSecuritySolutionPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
DiscoveredSecuritySolution
object
-
class
azure.mgmt.security.models.
ExternalSecuritySolutionPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
ExternalSecuritySolution
object
-
class
azure.mgmt.security.models.
JitNetworkAccessPolicyPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
JitNetworkAccessPolicy
object
-
class
azure.mgmt.security.models.
AscLocationPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
AscLocation
object
-
class
azure.mgmt.security.models.
OperationPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
Operation
object
-
class
azure.mgmt.security.models.
SecurityTaskPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
SecurityTask
object
-
class
azure.mgmt.security.models.
TopologyResourcePaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
TopologyResource
object
-
class
azure.mgmt.security.models.
AutoProvisioningSettingPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
AutoProvisioningSetting
object
-
class
azure.mgmt.security.models.
CompliancePaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
Compliance
object
-
class
azure.mgmt.security.models.
InformationProtectionPolicyPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
InformationProtectionPolicy
object
-
class
azure.mgmt.security.models.
SecurityContactPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
SecurityContact
object
-
class
azure.mgmt.security.models.
WorkspaceSettingPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
WorkspaceSetting
object
-
class
azure.mgmt.security.models.
RegulatoryComplianceStandardPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
RegulatoryComplianceStandard
object
-
class
azure.mgmt.security.models.
RegulatoryComplianceControlPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
RegulatoryComplianceControl
object
-
class
azure.mgmt.security.models.
RegulatoryComplianceAssessmentPaged
(*args, **kwargs)[source]¶ Bases:
msrest.paging.Paged
A paging container for iterating over a list of
RegulatoryComplianceAssessment
object
-
class
azure.mgmt.security.models.
ResourceStatus
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
healthy
= 'Healthy'¶ This assessment on the resource is healthy
-
not_applicable
= 'NotApplicable'¶ This assessment is not applicable to this resource
-
not_healthy
= 'NotHealthy'¶ This assessment on the resource is not healthy
-
off_by_policy
= 'OffByPolicy'¶ This assessment is turned off by policy on this subscription
-
-
class
azure.mgmt.security.models.
PricingTier
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
free
= 'Free'¶ Get free Azure security center experience with basic security features
-
standard
= 'Standard'¶ Get the standard Azure security center experience with advanced security features
-
-
class
azure.mgmt.security.models.
ReportedSeverity
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
high
= 'High'¶
-
informational
= 'Informational'¶
-
low
= 'Low'¶
-
medium
= 'Medium'¶
-
-
class
azure.mgmt.security.models.
SettingKind
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
alert_suppression_setting
= 'AlertSuppressionSetting'¶
-
data_export_setting
= 'DataExportSetting'¶
-
-
class
azure.mgmt.security.models.
SecuritySolutionStatus
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
disabled
= 'Disabled'¶
-
enabled
= 'Enabled'¶
-
-
class
azure.mgmt.security.models.
ExportData
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
raw_events
= 'RawEvents'¶ Agent raw events
-
-
class
azure.mgmt.security.models.
DataSource
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
twin_data
= 'TwinData'¶ Devices twin data
-
-
class
azure.mgmt.security.models.
RecommendationType
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
io_t_acrauthentication
= 'IoT_ACRAuthentication'¶ Authentication schema used for pull an edge module from an ACR repository does not use Service Principal Authentication.
-
io_t_agent_sends_unutilized_messages
= 'IoT_AgentSendsUnutilizedMessages'¶ IoT agent message size capacity is currently underutilized, causing an increase in the number of sent messages. Adjust message intervals for better utilization.
-
io_t_baseline
= 'IoT_Baseline'¶ Identified security related system configuration issues.
-
io_t_edge_hub_mem_optimize
= 'IoT_EdgeHubMemOptimize'¶ You can optimize Edge Hub memory usage by turning off protocol heads for any protocols not used by Edge modules in your solution.
-
io_t_edge_logging_options
= 'IoT_EdgeLoggingOptions'¶ Logging is disabled for this edge module.
-
io_t_inconsistent_module_settings
= 'IoT_InconsistentModuleSettings'¶ A minority within a device security group has inconsistent Edge Module settings with the rest of their group.
-
io_t_install_agent
= 'IoT_InstallAgent'¶ Install the Azure Security of Things Agent.
-
io_t_ipfilter_deny_all
= 'IoT_IPFilter_DenyAll'¶ IP Filter Configuration should have rules defined for allowed traffic and should deny all other traffic by default.
-
io_t_ipfilter_permissive_rule
= 'IoT_IPFilter_PermissiveRule'¶ An Allow IP Filter rules source IP range is too large. Overly permissive rules might expose your IoT hub to malicious intenders.
-
io_t_open_ports
= 'IoT_OpenPorts'¶ A listening endpoint was found on the device.
-
io_t_permissive_firewall_policy
= 'IoT_PermissiveFirewallPolicy'¶ An Allowed firewall policy was found (INPUT/OUTPUT). The policy should Deny all traffic by default and define rules to allow necessary communication to/from the device.
-
io_t_permissive_input_firewall_rules
= 'IoT_PermissiveInputFirewallRules'¶ A rule in the firewall has been found that contains a permissive pattern for a wide range of IP addresses or Ports.
-
io_t_permissive_output_firewall_rules
= 'IoT_PermissiveOutputFirewallRules'¶ A rule in the firewall has been found that contains a permissive pattern for a wide range of IP addresses or Ports.
-
io_t_privileged_docker_options
= 'IoT_PrivilegedDockerOptions'¶ Edge module is configured to run in privileged mode, with extensive Linux capabilities or with host-level network access (send/receive data to host machine).
Same authentication credentials to the IoT Hub used by multiple devices. This could indicate an illegitimate device impersonating a legitimate device. It also exposes the risk of device impersonation by an attacker.
-
io_t_vulnerable_tls_cipher_suite
= 'IoT_VulnerableTLSCipherSuite'¶ Insecure TLS configurations detected. Immediate upgrade recommended.
-
-
class
azure.mgmt.security.models.
RecommendationConfigStatus
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
disabled
= 'Disabled'¶
-
enabled
= 'Enabled'¶
-
-
class
azure.mgmt.security.models.
SecurityFamily
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
ngfw
= 'Ngfw'¶
-
saas_waf
= 'SaasWaf'¶
-
va
= 'Va'¶
-
waf
= 'Waf'¶
-
-
class
azure.mgmt.security.models.
AadConnectivityState
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
connected
= 'Connected'¶
-
discovered
= 'Discovered'¶
-
not_licensed
= 'NotLicensed'¶
-
-
class
azure.mgmt.security.models.
ExternalSecuritySolutionKind
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
aad
= 'AAD'¶
-
ata
= 'ATA'¶
-
cef
= 'CEF'¶
-
-
class
azure.mgmt.security.models.
Protocol
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
all
= '*'¶
-
tcp
= 'TCP'¶
-
udp
= 'UDP'¶
-
-
class
azure.mgmt.security.models.
Status
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
initiated
= 'Initiated'¶
-
revoked
= 'Revoked'¶
-
-
class
azure.mgmt.security.models.
StatusReason
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
expired
= 'Expired'¶
-
newer_request_initiated
= 'NewerRequestInitiated'¶
-
user_requested
= 'UserRequested'¶
-
-
class
azure.mgmt.security.models.
AutoProvision
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
off
= 'Off'¶ Do not install security agent on the VMs automatically
-
on
= 'On'¶ Install missing security agent on VMs automatically
-
-
class
azure.mgmt.security.models.
AlertNotifications
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
off
= 'Off'¶ Don’t get notifications on new alerts
-
on
= 'On'¶ Get notifications on new alerts
-
-
class
azure.mgmt.security.models.
AlertsToAdmins
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
off
= 'Off'¶ Don’t send notification on new alerts to the subscription’s admins
-
on
= 'On'¶ Send notification on new alerts to the subscription’s admins
-
-
class
azure.mgmt.security.models.
State
[source]¶ Bases:
str
,enum.Enum
An enumeration.
-
failed
= 'Failed'¶ At least one supported regulatory compliance control in the given standard has a state of failed
-
passed
= 'Passed'¶ All supported regulatory compliance controls in the given standard have a passed state
-
skipped
= 'Skipped'¶ All supported regulatory compliance controls in the given standard have a state of skipped
-
unsupported
= 'Unsupported'¶ No supported regulatory compliance data for the given standard
-