Security Connectors - Get
Retrieves details of a specific security connector
GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}?api-version=2024-07-01-previewURI Parameters
| Name | In | Required | Type | Description |
|---|---|---|---|---|
|
resource
|
path | True |
string |
The name of the resource group within the user's subscription. The name is case insensitive. Regex pattern: |
|
security
|
path | True |
string |
The security connector name. |
|
subscription
|
path | True |
string |
Azure subscription ID Regex pattern: |
|
api-version
|
query | True |
string |
API version for the operation |
Responses
| Name | Type | Description |
|---|---|---|
| 200 OK |
OK |
|
| Other Status Codes |
Error response that describes why the operation failed. |
Security
azure_auth
Azure Active Directory OAuth2 Flow
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
| Name | Description |
|---|---|
| user_impersonation | impersonate your user account |
Examples
Retrieve a security connector
Sample request
GET https://management.azure.com/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/exampleResourceGroup/providers/Microsoft.Security/securityConnectors/exampleSecurityConnectorName?api-version=2024-07-01-preview
Sample response
{
"id": "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/exampleResourceGroup/providers/Microsoft.Security/securityConnectors/exampleSecurityConnectorName",
"name": "exampleSecurityConnectorName",
"type": "Microsoft.Security/securityConnectors",
"etag": "etag value",
"kind": "",
"location": "Central US",
"tags": {},
"systemData": {
"createdBy": "user@contoso.com",
"createdByType": "User",
"createdAt": "2021-08-31T13:47:50.328Z",
"lastModifiedBy": "user@contoso.com",
"lastModifiedByType": "User",
"lastModifiedAt": "2021-08-31T13:47:50.328Z"
},
"properties": {
"environmentData": {
"environmentType": "AwsAccount",
"scanInterval": 4
},
"hierarchyIdentifier": "exampleHierarchyId",
"environmentName": "AWS",
"offerings": [
{
"offeringType": "CspmMonitorAws",
"nativeCloudConnection": {
"cloudRoleArn": "arn:aws:iam::00000000:role/ASCMonitor"
}
}
]
}
}Definitions
| Name | Description |
|---|---|
|
Access |
The environment authentication details |
|
Arc |
The ARC autoprovisioning configuration |
|
arc |
Configuration for servers Arc auto provisioning for a given environment |
|
Aws |
The AWS connector environment data |
|
Aws |
The AWS organization data for the master account |
|
Aws |
The AWS organization data for the member account |
|
Azure |
The AzureDevOps scope connector's environment data |
| Ciem |
Defenders CSPM Permissions Management offering configurations |
|
Ciem |
GCP Defenders CSPM Permissions Management OIDC (Open ID connect) connection configurations |
|
Ciem |
AWS Defender CSPM Permissions Management OIDC (open id connect) connection configurations |
|
Cloud |
Common error response for all Azure Resource Manager APIs to return error details for failed operations. (This also follows the OData error response format.). |
|
Cloud |
The error detail. |
|
cloud |
The multi cloud resource's cloud name. |
|
Cloud |
The cloudwatch to kinesis connection configuration |
| Configuration |
Configuration for VM scanning |
|
created |
The type of identity that created the resource. |
|
cspm |
The CSPM monitoring for AWS offering |
|
cspm |
The CSPM monitoring for AzureDevOps offering |
|
cspm |
The CSPM (Cloud security posture management) monitoring for Docker Hub offering |
|
cspm |
The CSPM monitoring for GCP offering |
|
cspm |
The CSPM monitoring for github offering |
|
cspm |
The CSPM (Cloud security posture management) monitoring for gitlab offering |
|
Databases |
The databases data security posture management (DSPM) configuration |
|
Data |
The native cloud connection configuration |
|
Data |
The Microsoft Defender Data Sensitivity discovery configuration |
|
defender |
The CSPM P1 for AWS offering |
|
defender |
The Defender for CSPM Docker Hub offering configurations |
|
defender |
The CSPM P1 for GCP offering |
|
defender |
The Defender for Databases AWS offering |
|
defender |
The Defender for Containers AWS offering |
|
defender |
The Defender for containers Docker Hub offering configurations |
|
defender |
The containers GCP offering |
|
Defender |
The native cloud connection configuration |
|
defender |
The Defender for Databases GCP offering configurations |
|
Defender |
The Defender for servers connection configuration |
|
defender |
The Defender for Servers AWS offering |
|
defender |
The Defender for Servers GCP offering configurations |
|
Docker |
The Docker Hub connector environment data |
|
Error |
The resource management error additional info. |
|
Gcp |
The gcpOrganization data for the member account |
|
Gcp |
The gcpOrganization data for the parent account |
|
Gcp |
The details about the project represented by the security connector |
|
Gcp |
The GCP project connector environment data |
|
Github |
The github scope connector's environment data |
|
Gitlab |
The GitLab scope connector's environment data |
|
Kinesis |
The kinesis to s3 connection configuration |
|
Kubernetes |
The kubernetes data collection connection configuration |
|
Kubernetes |
The kubernetes service connection configuration |
|
Mdc |
The Microsoft Defender container agentless discovery K8s configuration |
|
Mdc |
The Microsoft Defender container image assessment configuration |
|
Mde |
The Microsoft Defender for Endpoint autoprovisioning configuration |
|
mde |
configuration for Microsoft Defender for Endpoint autoprovisioning |
|
Native |
The native cloud connection configuration |
| Rds |
The RDS configuration |
|
scanning |
The scanning mode for the VM scan. |
|
Security |
The security connector resource. |
|
Sub |
configuration for the servers offering subPlan |
|
sub |
The available sub plans |
|
system |
Metadata pertaining to creation and last modification of the resource. |
| type |
The Vulnerability Assessment solution to be provisioned. Can be either 'TVM' or 'Qualys' |
|
Va |
The Vulnerability Assessment autoprovisioning configuration |
|
va |
configuration for Vulnerability Assessment autoprovisioning |
|
Vm |
The Microsoft Defender for Container K8s VM host scanning configuration |
AccessTokenAuthentication
The environment authentication details
| Name | Type | Description |
|---|---|---|
| accessToken |
string |
The access token that will be used while authenticating with the onboarded environment |
| authenticationType |
string:
Access |
The authentication type |
| username |
string |
The user name that will be used while authenticating with the onboarded environment |
ArcAutoProvisioning
The ARC autoprovisioning configuration
| Name | Type | Description |
|---|---|---|
| cloudRoleArn |
string |
The cloud role ARN in AWS for this feature |
| configuration |
Configuration for servers Arc auto provisioning for a given environment |
|
| enabled |
boolean |
Is arc auto provisioning enabled |
arcAutoProvisioning.Configuration
Configuration for servers Arc auto provisioning for a given environment
| Name | Type | Description |
|---|---|---|
| privateLinkScope |
string |
Optional Arc private link scope resource id to link the Arc agent |
| proxy |
string |
Optional HTTP proxy endpoint to use for the Arc agent |
AwsEnvironmentData
The AWS connector environment data
| Name | Type | Description |
|---|---|---|
| accountName |
string |
The AWS account name |
| environmentType |
string:
Aws |
The type of the environment data. |
| organizationalData | AwsOrganizationalData: |
The AWS account's organizational data |
| regions |
string[] |
list of regions to scan |
| scanInterval |
integer |
Scan interval in hours (value should be between 1-hour to 24-hours) |
AwsOrganizationalDataMaster
The AWS organization data for the master account
| Name | Type | Description |
|---|---|---|
| excludedAccountIds |
string[] |
If the multi cloud account is of membership type organization, list of accounts excluded from offering |
| organizationMembershipType |
string:
Organization |
The multi cloud account's membership type in the organization |
| stacksetName |
string |
If the multi cloud account is of membership type organization, this will be the name of the onboarding stackset |
AwsOrganizationalDataMember
The AWS organization data for the member account
| Name | Type | Description |
|---|---|---|
| organizationMembershipType |
string:
Member |
The multi cloud account's membership type in the organization |
| parentHierarchyId |
string |
If the multi cloud account is not of membership type organization, this will be the ID of the account's parent |
AzureDevOpsScopeEnvironmentData
The AzureDevOps scope connector's environment data
| Name | Type | Description |
|---|---|---|
| environmentType |
string:
Azure |
The type of the environment data. |
Ciem
Defenders CSPM Permissions Management offering configurations
| Name | Type | Description |
|---|---|---|
| ciemDiscovery |
Defender CSPM Permissions Management discovery configuration |
|
| ciemOidc |
AWS Defender CSPM Permissions Management OIDC (open id connect) connection configurations |
CiemDiscovery
GCP Defenders CSPM Permissions Management OIDC (Open ID connect) connection configurations
| Name | Type | Description |
|---|---|---|
| azureActiveDirectoryAppName |
string |
the azure active directory app name used of authenticating against GCP workload identity federation |
| serviceAccountEmailAddress |
string |
The service account email address in GCP for Permissions Management offering |
| workloadIdentityProviderId |
string |
The GCP workload identity provider id for Permissions Management offering |
CiemOidc
AWS Defender CSPM Permissions Management OIDC (open id connect) connection configurations
| Name | Type | Description |
|---|---|---|
| azureActiveDirectoryAppName |
string |
the azure active directory app name used of authenticating against AWS |
| cloudRoleArn |
string |
The cloud role ARN in AWS for Permissions Management used for oidc connection |
CloudError
Common error response for all Azure Resource Manager APIs to return error details for failed operations. (This also follows the OData error response format.).
| Name | Type | Description |
|---|---|---|
| error.additionalInfo |
The error additional info. |
|
| error.code |
string |
The error code. |
| error.details |
The error details. |
|
| error.message |
string |
The error message. |
| error.target |
string |
The error target. |
CloudErrorBody
The error detail.
| Name | Type | Description |
|---|---|---|
| additionalInfo |
The error additional info. |
|
| code |
string |
The error code. |
| details |
The error details. |
|
| message |
string |
The error message. |
| target |
string |
The error target. |
cloudName
The multi cloud resource's cloud name.
| Name | Type | Description |
|---|---|---|
| AWS |
string |
|
| Azure |
string |
|
| AzureDevOps |
string |
|
| DockerHub |
string |
|
| GCP |
string |
|
| GitLab |
string |
|
| Github |
string |
CloudWatchToKinesis
The cloudwatch to kinesis connection configuration
| Name | Type | Description |
|---|---|---|
| cloudRoleArn |
string |
The cloud role ARN in AWS used by CloudWatch to transfer data into Kinesis |
Configuration
Configuration for VM scanning
| Name | Type | Description |
|---|---|---|
| exclusionTags |
object |
Tags that indicates that a resource should not be scanned |
| scanningMode |
The scanning mode for the VM scan. |
createdByType
The type of identity that created the resource.
| Name | Type | Description |
|---|---|---|
| Application |
string |
|
| Key |
string |
|
| ManagedIdentity |
string |
|
| User |
string |
cspmMonitorAwsOffering
The CSPM monitoring for AWS offering
| Name | Type | Description |
|---|---|---|
| description |
string |
The offering description. |
| nativeCloudConnection |
The native cloud connection configuration |
|
| offeringType |
string:
Cspm |
The type of the security offering. |
cspmMonitorAzureDevOpsOffering
The CSPM monitoring for AzureDevOps offering
| Name | Type | Description |
|---|---|---|
| description |
string |
The offering description. |
| offeringType |
string:
Cspm |
The type of the security offering. |
cspmMonitorDockerHubOffering
The CSPM (Cloud security posture management) monitoring for Docker Hub offering
| Name | Type | Description |
|---|---|---|
| description |
string |
The offering description. |
| offeringType |
string:
Cspm |
The type of the security offering. |
cspmMonitorGcpOffering
The CSPM monitoring for GCP offering
| Name | Type | Description |
|---|---|---|
| description |
string |
The offering description. |
| nativeCloudConnection |
The native cloud connection configuration |
|
| offeringType |
string:
Cspm |
The type of the security offering. |
cspmMonitorGithubOffering
The CSPM monitoring for github offering
| Name | Type | Description |
|---|---|---|
| description |
string |
The offering description. |
| offeringType |
string:
Cspm |
The type of the security offering. |
cspmMonitorGitLabOffering
The CSPM (Cloud security posture management) monitoring for gitlab offering
| Name | Type | Description |
|---|---|---|
| description |
string |
The offering description. |
| offeringType |
string:
Cspm |
The type of the security offering. |
DatabasesDspm
The databases data security posture management (DSPM) configuration
| Name | Type | Description |
|---|---|---|
| cloudRoleArn |
string |
The cloud role ARN in AWS for this feature |
| enabled |
boolean |
Is databases data security posture management (DSPM) protection enabled |
DataPipelineNativeCloudConnection
The native cloud connection configuration
| Name | Type | Description |
|---|---|---|
| serviceAccountEmailAddress |
string |
The data collection service account email address in GCP for this offering |
| workloadIdentityProviderId |
string |
The data collection GCP workload identity provider id for this offering |
DataSensitivityDiscovery
The Microsoft Defender Data Sensitivity discovery configuration
| Name | Type | Description |
|---|---|---|
| cloudRoleArn |
string |
The cloud role ARN in AWS for this feature |
| enabled |
boolean |
Is Microsoft Defender Data Sensitivity discovery enabled |
defenderCspmAwsOffering
The CSPM P1 for AWS offering
| Name | Type | Description |
|---|---|---|
| ciem |
Defenders CSPM Permissions Management offering configurations |
|
| dataSensitivityDiscovery |
The Microsoft Defender Data Sensitivity discovery configuration |
|
| databasesDspm |
The databases DSPM configuration |
|
| description |
string |
The offering description. |
| mdcContainersAgentlessDiscoveryK8s |
The Microsoft Defender container agentless discovery K8s configuration |
|
| mdcContainersImageAssessment |
The Microsoft Defender container image assessment configuration |
|
| offeringType |
string:
Defender |
The type of the security offering. |
| vmScanners |
The Microsoft Defender for CSPM offering VM scanning configuration |
defenderCspmDockerHubOffering
The Defender for CSPM Docker Hub offering configurations
| Name | Type | Description |
|---|---|---|
| description |
string |
The offering description. |
| offeringType |
string:
Defender |
The type of the security offering. |
defenderCspmGcpOffering
The CSPM P1 for GCP offering
| Name | Type | Description |
|---|---|---|
| ciemDiscovery |
GCP Defenders CSPM Permissions Management OIDC (Open ID connect) connection configurations |
|
| dataSensitivityDiscovery |
The Microsoft Defender Data Sensitivity discovery configuration |
|
| description |
string |
The offering description. |
| mdcContainersAgentlessDiscoveryK8s |
The Microsoft Defender Container agentless discovery configuration |
|
| mdcContainersImageAssessment |
The Microsoft Defender Container image assessment configuration |
|
| offeringType |
string:
Defender |
The type of the security offering. |
| vmScanners |
The Microsoft Defender for CSPM VM scanning configuration |
defenderFoDatabasesAwsOffering
The Defender for Databases AWS offering
| Name | Type | Description |
|---|---|---|
| arcAutoProvisioning |
The ARC autoprovisioning configuration |
|
| databasesDspm |
The databases data security posture management (DSPM) configuration |
|
| description |
string |
The offering description. |
| offeringType |
string:
Defender |
The type of the security offering. |
| rds |
The RDS configuration |
defenderForContainersAwsOffering
The Defender for Containers AWS offering
| Name | Type | Description |
|---|---|---|
| cloudWatchToKinesis |
The cloudwatch to kinesis connection configuration |
|
| dataCollectionExternalId |
string |
The externalId used by the data reader to prevent the confused deputy attack |
| description |
string |
The offering description. |
| enableAuditLogsAutoProvisioning |
boolean |
Is audit logs data collection enabled |
| enableDefenderAgentAutoProvisioning |
boolean |
Is Microsoft Defender for Cloud Kubernetes agent auto provisioning enabled |
| enablePolicyAgentAutoProvisioning |
boolean |
Is Policy Kubernetes agent auto provisioning enabled |
| kinesisToS3 |
The kinesis to s3 connection configuration |
|
| kubeAuditRetentionTime |
integer |
The retention time in days of kube audit logs set on the CloudWatch log group |
| kubernetesDataCollection |
The kubernetes data collection connection configuration |
|
| kubernetesService |
The kubernetes service connection configuration |
|
| mdcContainersAgentlessDiscoveryK8s |
The Microsoft Defender container agentless discovery K8s configuration |
|
| mdcContainersImageAssessment |
The Microsoft Defender container image assessment configuration |
|
| offeringType |
string:
Defender |
The type of the security offering. |
| vmScanners |
The Microsoft Defender for Container K8s VM host scanning configuration |
defenderForContainersDockerHubOffering
The Defender for containers Docker Hub offering configurations
| Name | Type | Description |
|---|---|---|
| description |
string |
The offering description. |
| offeringType |
string:
Defender |
The type of the security offering. |
defenderForContainersGcpOffering
The containers GCP offering
| Name | Type | Description |
|---|---|---|
| dataPipelineNativeCloudConnection |
The native cloud connection configuration |
|
| description |
string |
The offering description. |
| enableAuditLogsAutoProvisioning |
boolean |
Is audit logs data collection enabled |
| enableDefenderAgentAutoProvisioning |
boolean |
Is Microsoft Defender for Cloud Kubernetes agent auto provisioning enabled |
| enablePolicyAgentAutoProvisioning |
boolean |
Is Policy Kubernetes agent auto provisioning enabled |
| mdcContainersAgentlessDiscoveryK8s |
The Microsoft Defender Container agentless discovery configuration |
|
| mdcContainersImageAssessment |
The Microsoft Defender Container image assessment configuration |
|
| nativeCloudConnection |
The native cloud connection configuration |
|
| offeringType |
string:
Defender |
The type of the security offering. |
| vmScanners |
The Microsoft Defender for Container K8s VM host scanning configuration |
DefenderForDatabasesArcAutoProvisioning
The native cloud connection configuration
| Name | Type | Description |
|---|---|---|
| serviceAccountEmailAddress |
string |
The service account email address in GCP for this offering |
| workloadIdentityProviderId |
string |
The GCP workload identity provider id for this offering |
defenderForDatabasesGcpOffering
The Defender for Databases GCP offering configurations
| Name | Type | Description |
|---|---|---|
| arcAutoProvisioning |
The ARC autoprovisioning configuration |
|
| defenderForDatabasesArcAutoProvisioning |
The native cloud connection configuration |
|
| description |
string |
The offering description. |
| offeringType |
string:
Defender |
The type of the security offering. |
DefenderForServers
The Defender for servers connection configuration
| Name | Type | Description |
|---|---|---|
| cloudRoleArn |
string |
The cloud role ARN in AWS for this feature |
defenderForServersAwsOffering
The Defender for Servers AWS offering
| Name | Type | Description |
|---|---|---|
| arcAutoProvisioning |
The ARC autoprovisioning configuration |
|
| defenderForServers |
The Defender for servers connection configuration |
|
| description |
string |
The offering description. |
| mdeAutoProvisioning |
The Microsoft Defender for Endpoint autoprovisioning configuration |
|
| offeringType |
string:
Defender |
The type of the security offering. |
| subPlan |
configuration for the servers offering subPlan |
|
| vaAutoProvisioning |
The Vulnerability Assessment autoprovisioning configuration |
|
| vmScanners |
The Microsoft Defender for Server VM scanning configuration |
defenderForServersGcpOffering
The Defender for Servers GCP offering configurations
| Name | Type | Description |
|---|---|---|
| arcAutoProvisioning |
The ARC autoprovisioning configuration |
|
| defenderForServers |
The Defender for servers connection configuration |
|
| description |
string |
The offering description. |
| mdeAutoProvisioning |
The Microsoft Defender for Endpoint autoprovisioning configuration |
|
| offeringType |
string:
Defender |
The type of the security offering. |
| subPlan |
configuration for the servers offering subPlan |
|
| vaAutoProvisioning |
The Vulnerability Assessment autoprovisioning configuration |
|
| vmScanners |
The Microsoft Defender for Server VM scanning configuration |
DockerHubEnvironmentData
The Docker Hub connector environment data
| Name | Type | Description |
|---|---|---|
| authentication | Authentication: |
The Docker Hub organization authentication details |
| environmentType |
string:
Docker |
The type of the environment data. |
| scanInterval |
integer |
Scan interval in hours (value should be between 1-hour to 24-hours) |
ErrorAdditionalInfo
The resource management error additional info.
| Name | Type | Description |
|---|---|---|
| info |
object |
The additional info. |
| type |
string |
The additional info type. |
GcpOrganizationalDataMember
The gcpOrganization data for the member account
| Name | Type | Description |
|---|---|---|
| managementProjectNumber |
string |
The GCP management project number from organizational onboarding |
| organizationMembershipType |
string:
Member |
The multi cloud account's membership type in the organization |
| parentHierarchyId |
string |
If the multi cloud account is not of membership type organization, this will be the ID of the project's parent |
GcpOrganizationalDataOrganization
The gcpOrganization data for the parent account
| Name | Type | Description |
|---|---|---|
| excludedProjectNumbers |
string[] |
If the multi cloud account is of membership type organization, list of accounts excluded from offering |
| organizationMembershipType |
string:
Organization |
The multi cloud account's membership type in the organization |
| organizationName |
string |
GCP organization name |
| serviceAccountEmailAddress |
string |
The service account email address which represents the organization level permissions container. |
| workloadIdentityProviderId |
string |
The GCP workload identity provider id which represents the permissions required to auto provision security connectors |
GcpProjectDetails
The details about the project represented by the security connector
| Name | Type | Description |
|---|---|---|
| projectId |
string |
The GCP Project id |
| projectName |
string |
GCP project name |
| projectNumber |
string |
The unique GCP Project number |
| workloadIdentityPoolId |
string |
The GCP workload identity federation pool id |
GcpProjectEnvironmentData
The GCP project connector environment data
| Name | Type | Description |
|---|---|---|
| environmentType |
string:
Gcp |
The type of the environment data. |
| organizationalData | GcpOrganizationalData: |
The Gcp project's organizational data |
| projectDetails |
The Gcp project's details |
|
| scanInterval |
integer |
Scan interval in hours (value should be between 1-hour to 24-hours) |
GithubScopeEnvironmentData
The github scope connector's environment data
| Name | Type | Description |
|---|---|---|
| environmentType |
string:
Github |
The type of the environment data. |
GitlabScopeEnvironmentData
The GitLab scope connector's environment data
| Name | Type | Description |
|---|---|---|
| environmentType |
string:
Gitlab |
The type of the environment data. |
KinesisToS3
The kinesis to s3 connection configuration
| Name | Type | Description |
|---|---|---|
| cloudRoleArn |
string |
The cloud role ARN in AWS used by Kinesis to transfer data into S3 |
KubernetesDataCollection
The kubernetes data collection connection configuration
| Name | Type | Description |
|---|---|---|
| cloudRoleArn |
string |
The cloud role ARN in AWS for this feature used for reading data |
KubernetesService
The kubernetes service connection configuration
| Name | Type | Description |
|---|---|---|
| cloudRoleArn |
string |
The cloud role ARN in AWS for this feature used for provisioning resources |
MdcContainersAgentlessDiscoveryK8s
The Microsoft Defender container agentless discovery K8s configuration
| Name | Type | Description |
|---|---|---|
| cloudRoleArn |
string |
The cloud role ARN in AWS for this feature |
| enabled |
boolean |
Is Microsoft Defender container agentless discovery K8s enabled |
MdcContainersImageAssessment
The Microsoft Defender container image assessment configuration
| Name | Type | Description |
|---|---|---|
| cloudRoleArn |
string |
The cloud role ARN in AWS for this feature |
| enabled |
boolean |
Is Microsoft Defender container image assessment enabled |
MdeAutoProvisioning
The Microsoft Defender for Endpoint autoprovisioning configuration
| Name | Type | Description |
|---|---|---|
| configuration |
configuration for Microsoft Defender for Endpoint autoprovisioning |
|
| enabled |
boolean |
Is Microsoft Defender for Endpoint auto provisioning enabled |
mdeAutoProvisioning.Configuration
configuration for Microsoft Defender for Endpoint autoprovisioning
NativeCloudConnection
The native cloud connection configuration
| Name | Type | Description |
|---|---|---|
| cloudRoleArn |
string |
The cloud role ARN in AWS for this feature |
Rds
The RDS configuration
| Name | Type | Description |
|---|---|---|
| cloudRoleArn |
string |
The cloud role ARN in AWS for this feature |
| enabled |
boolean |
Is RDS protection enabled |
scanningMode
The scanning mode for the VM scan.
| Name | Type | Description |
|---|---|---|
| Default |
string |
SecurityConnector
The security connector resource.
| Name | Type | Description |
|---|---|---|
| etag |
string |
Entity tag is used for comparing two or more entities from the same requested resource. |
| id |
string |
Resource Id |
| kind |
string |
Kind of the resource |
| location |
string |
Location where the resource is stored |
| name |
string |
Resource name |
| properties.environmentData | EnvironmentData: |
The security connector environment data. |
| properties.environmentName |
The multi cloud resource's cloud name. |
|
| properties.hierarchyIdentifier |
string |
The multi cloud resource identifier (account id in case of AWS connector, project number in case of GCP connector). |
| properties.hierarchyIdentifierTrialEndDate |
string |
The date on which the trial period will end, if applicable. Trial period exists for 30 days after upgrading to payed offerings. |
| properties.offerings |
cloudOffering[]:
|
A collection of offerings for the security connector. |
| systemData |
Azure Resource Manager metadata containing createdBy and modifiedBy information. |
|
| tags |
object |
A list of key value pairs that describe the resource. |
| type |
string |
Resource type |
SubPlan
configuration for the servers offering subPlan
| Name | Type | Description |
|---|---|---|
| type |
The available sub plans |
subPlan
The available sub plans
| Name | Type | Description |
|---|---|---|
| P1 |
string |
|
| P2 |
string |
systemData
Metadata pertaining to creation and last modification of the resource.
| Name | Type | Description |
|---|---|---|
| createdAt |
string |
The timestamp of resource creation (UTC). |
| createdBy |
string |
The identity that created the resource. |
| createdByType |
The type of identity that created the resource. |
|
| lastModifiedAt |
string |
The timestamp of resource last modification (UTC) |
| lastModifiedBy |
string |
The identity that last modified the resource. |
| lastModifiedByType |
The type of identity that last modified the resource. |
type
The Vulnerability Assessment solution to be provisioned. Can be either 'TVM' or 'Qualys'
| Name | Type | Description |
|---|---|---|
| Qualys |
string |
|
| TVM |
string |
VaAutoProvisioning
The Vulnerability Assessment autoprovisioning configuration
| Name | Type | Description |
|---|---|---|
| configuration |
configuration for Vulnerability Assessment autoprovisioning |
|
| enabled |
boolean |
Is Vulnerability Assessment auto provisioning enabled |
vaAutoProvisioning.Configuration
configuration for Vulnerability Assessment autoprovisioning
| Name | Type | Description |
|---|---|---|
| type |
The Vulnerability Assessment solution to be provisioned. Can be either 'TVM' or 'Qualys' |
VmScanners
The Microsoft Defender for Container K8s VM host scanning configuration
| Name | Type | Description |
|---|---|---|
| cloudRoleArn |
string |
The cloud role ARN in AWS for this feature |
| configuration |
Configuration for VM scanning |
|
| enabled |
boolean |
Is VM scanning enabled |