Share via

Microsoft.Security assessments 2019-01-01-preview

  • Article

Bicep resource definition

The assessments resource type is an extension resource, which means you can apply it to another resource.

Use the scope property on this resource to set the scope for this resource. See Set scope on extension resources in Bicep.

The assessments resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Security/assessments resource, add the following Bicep to your template.

resource symbolicname 'Microsoft.Security/assessments@2019-01-01-preview' = {
  name: 'string'
  scope: resourceSymbolicName
  properties: {
    additionalData: {
      {customized property}: 'string'
    }
    resourceDetails: {
      source: 'string'
      // For remaining properties, see ResourceDetails objects
    }
    status: {
      cause: 'string'
      code: 'string'
      description: 'string'
    }
  }
}

ResourceDetails objects

Set the source property to specify the type of object.

For Azure, use:

  source: 'Azure'

For OnPremiseSql, use:

  source: 'OnPremiseSql'
  databaseName: 'string'
  machineName: 'string'
  serverName: 'string'
  sourceComputerId: 'string'
  vmuuid: 'string'
  workspaceId: 'string'

Property values

assessments

Name Description Value
name The resource name string (required)

Character limit: 1-260

Valid characters:
Alphanumerics, underscores, and hyphens.
scope Use when creating an extension resource at a scope that is different than the deployment scope. Target resource

For Bicep, set this property to the symbolic name of the resource to apply the extension resource.
properties Describes properties of an assessment. SecurityAssessmentProperties

SecurityAssessmentProperties

Name Description Value
additionalData Additional data regarding the assessment SecurityAssessmentPropertiesAdditionalData
resourceDetails Details of the resource that was assessed ResourceDetails (required)
status The result of the assessment AssessmentStatus (required)

SecurityAssessmentPropertiesAdditionalData

Name Description Value
{customized property} string

ResourceDetails

Name Description Value
source Set the object type Azure
OnPremiseSql (required)

AzureResourceDetails

Name Description Value
source The platform where the assessed resource resides 'Azure' (required)

OnPremiseSqlResourceDetails

Name Description Value
source The platform where the assessed resource resides 'OnPremiseSql' (required)
databaseName The Sql database name installed on the machine string (required)
machineName The name of the machine string (required)
serverName The Sql server name installed on the machine string (required)
sourceComputerId The oms agent Id installed on the machine string (required)
vmuuid The unique Id of the machine string (required)
workspaceId Azure resource Id of the workspace the machine is attached to string (required)

AssessmentStatus

Name Description Value
cause Programmatic code for the cause of the assessment status string
code Programmatic code for the status of the assessment 'Healthy'
'NotApplicable'
'Unhealthy' (required)
description Human readable description of the assessment status string

ARM template resource definition

The assessments resource type is an extension resource, which means you can apply it to another resource.

Use the scope property on this resource to set the scope for this resource. See Set scope on extension resources in ARM templates.

The assessments resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Security/assessments resource, add the following JSON to your template.

{
  "type": "Microsoft.Security/assessments",
  "apiVersion": "2019-01-01-preview",
  "name": "string",
  "scope": "string",
  "properties": {
    "additionalData": {
      "{customized property}": "string"
    },
    "resourceDetails": {
      "source": "string"
      // For remaining properties, see ResourceDetails objects
    },
    "status": {
      "cause": "string",
      "code": "string",
      "description": "string"
    }
  }
}

ResourceDetails objects

Set the source property to specify the type of object.

For Azure, use:

  "source": "Azure"

For OnPremiseSql, use:

  "source": "OnPremiseSql",
  "databaseName": "string",
  "machineName": "string",
  "serverName": "string",
  "sourceComputerId": "string",
  "vmuuid": "string",
  "workspaceId": "string"

Property values

assessments

Name Description Value
type The resource type 'Microsoft.Security/assessments'
apiVersion The resource api version '2019-01-01-preview'
name The resource name string (required)

Character limit: 1-260

Valid characters:
Alphanumerics, underscores, and hyphens.
scope Use when creating an extension resource at a scope that is different than the deployment scope. Target resource

For JSON, set the value to the full name of the resource to apply the extension resource to.
properties Describes properties of an assessment. SecurityAssessmentProperties

SecurityAssessmentProperties

Name Description Value
additionalData Additional data regarding the assessment SecurityAssessmentPropertiesAdditionalData
resourceDetails Details of the resource that was assessed ResourceDetails (required)
status The result of the assessment AssessmentStatus (required)

SecurityAssessmentPropertiesAdditionalData

Name Description Value
{customized property} string

ResourceDetails

Name Description Value
source Set the object type Azure
OnPremiseSql (required)

AzureResourceDetails

Name Description Value
source The platform where the assessed resource resides 'Azure' (required)

OnPremiseSqlResourceDetails

Name Description Value
source The platform where the assessed resource resides 'OnPremiseSql' (required)
databaseName The Sql database name installed on the machine string (required)
machineName The name of the machine string (required)
serverName The Sql server name installed on the machine string (required)
sourceComputerId The oms agent Id installed on the machine string (required)
vmuuid The unique Id of the machine string (required)
workspaceId Azure resource Id of the workspace the machine is attached to string (required)

AssessmentStatus

Name Description Value
cause Programmatic code for the cause of the assessment status string
code Programmatic code for the status of the assessment 'Healthy'
'NotApplicable'
'Unhealthy' (required)
description Human readable description of the assessment status string

Terraform (AzAPI provider) resource definition

The assessments resource type is an extension resource, which means you can apply it to another resource.

Use the parent_id property on this resource to set the scope for this resource.

The assessments resource type can be deployed with operations that target:

  • Resource groups

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Security/assessments resource, add the following Terraform to your template.

resource "azapi_resource" "symbolicname" {
  type = "Microsoft.Security/assessments@2019-01-01-preview"
  name = "string"
  parent_id = "string"
  body = jsonencode({
    properties = {
      additionalData = {
        {customized property} = "string"
      }
      resourceDetails = {
        source = "string"
        // For remaining properties, see ResourceDetails objects
      }
      status = {
        cause = "string"
        code = "string"
        description = "string"
      }
    }
  })
}

ResourceDetails objects

Set the source property to specify the type of object.

For Azure, use:

  source = "Azure"

For OnPremiseSql, use:

  source = "OnPremiseSql"
  databaseName = "string"
  machineName = "string"
  serverName = "string"
  sourceComputerId = "string"
  vmuuid = "string"
  workspaceId = "string"

Property values

assessments

Name Description Value
type The resource type "Microsoft.Security/assessments@2019-01-01-preview"
name The resource name string (required)

Character limit: 1-260

Valid characters:
Alphanumerics, underscores, and hyphens.
parent_id The ID of the resource to apply this extension resource to. string (required)
properties Describes properties of an assessment. SecurityAssessmentProperties

SecurityAssessmentProperties

Name Description Value
additionalData Additional data regarding the assessment SecurityAssessmentPropertiesAdditionalData
resourceDetails Details of the resource that was assessed ResourceDetails (required)
status The result of the assessment AssessmentStatus (required)

SecurityAssessmentPropertiesAdditionalData

Name Description Value
{customized property} string

ResourceDetails

Name Description Value
source Set the object type Azure
OnPremiseSql (required)

AzureResourceDetails

Name Description Value
source The platform where the assessed resource resides "Azure" (required)

OnPremiseSqlResourceDetails

Name Description Value
source The platform where the assessed resource resides "OnPremiseSql" (required)
databaseName The Sql database name installed on the machine string (required)
machineName The name of the machine string (required)
serverName The Sql server name installed on the machine string (required)
sourceComputerId The oms agent Id installed on the machine string (required)
vmuuid The unique Id of the machine string (required)
workspaceId Azure resource Id of the workspace the machine is attached to string (required)

AssessmentStatus

Name Description Value
cause Programmatic code for the cause of the assessment status string
code Programmatic code for the status of the assessment "Healthy"
"NotApplicable"
"Unhealthy" (required)
description Human readable description of the assessment status string