• Home
• com.pulumi
• azure-native
• 2.64.0
• source code
• SecuritySettingsArgs.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.pulumi.azurenative.azurestackhci.inputs.SecuritySettingsArgs Maven / Gradle / Ivy

// *** WARNING: this file was generated by pulumi-java-gen. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***

package com.pulumi.azurenative.azurestackhci.inputs;

import com.pulumi.core.Output;
import com.pulumi.core.annotations.Import;
import com.pulumi.core.internal.Codegen;
import java.lang.Boolean;
import java.util.Objects;
import java.util.Optional;
import javax.annotation.Nullable;


/**
 * The SecuritySettings of AzureStackHCI Cluster.
 * 
 */
public final class SecuritySettingsArgs extends com.pulumi.resources.ResourceArgs {

    public static final SecuritySettingsArgs Empty = new SecuritySettingsArgs();

    /**
     * When set to true, BitLocker XTS_AES 256-bit encryption is enabled for all data-at-rest on the OS volume of your Azure Stack HCI cluster. This setting is TPM-hardware dependent.
     * 
     */
    @Import(name="bitlockerBootVolume")
    private @Nullable Output bitlockerBootVolume;

    /**
     * @return When set to true, BitLocker XTS_AES 256-bit encryption is enabled for all data-at-rest on the OS volume of your Azure Stack HCI cluster. This setting is TPM-hardware dependent.
     * 
     */
    public Optional> bitlockerBootVolume() {
        return Optional.ofNullable(this.bitlockerBootVolume);
    }

    /**
     * When set to true, BitLocker XTS-AES 256-bit encryption is enabled for all data-at-rest on your Azure Stack HCI cluster shared volumes.
     * 
     */
    @Import(name="bitlockerDataVolumes")
    private @Nullable Output bitlockerDataVolumes;

    /**
     * @return When set to true, BitLocker XTS-AES 256-bit encryption is enabled for all data-at-rest on your Azure Stack HCI cluster shared volumes.
     * 
     */
    public Optional> bitlockerDataVolumes() {
        return Optional.ofNullable(this.bitlockerDataVolumes);
    }

    /**
     * When set to true, Credential Guard is enabled.
     * 
     */
    @Import(name="credentialGuardEnforced")
    private @Nullable Output credentialGuardEnforced;

    /**
     * @return When set to true, Credential Guard is enabled.
     * 
     */
    public Optional> credentialGuardEnforced() {
        return Optional.ofNullable(this.credentialGuardEnforced);
    }

    /**
     * When set to true, the security baseline is re-applied regularly.
     * 
     */
    @Import(name="driftControlEnforced")
    private @Nullable Output driftControlEnforced;

    /**
     * @return When set to true, the security baseline is re-applied regularly.
     * 
     */
    public Optional> driftControlEnforced() {
        return Optional.ofNullable(this.driftControlEnforced);
    }

    /**
     * By default, Secure Boot is enabled on your Azure HCI cluster. This setting is hardware dependent.
     * 
     */
    @Import(name="drtmProtection")
    private @Nullable Output drtmProtection;

    /**
     * @return By default, Secure Boot is enabled on your Azure HCI cluster. This setting is hardware dependent.
     * 
     */
    public Optional> drtmProtection() {
        return Optional.ofNullable(this.drtmProtection);
    }

    /**
     * By default, Hypervisor-protected Code Integrity is enabled on your Azure HCI cluster.
     * 
     */
    @Import(name="hvciProtection")
    private @Nullable Output hvciProtection;

    /**
     * @return By default, Hypervisor-protected Code Integrity is enabled on your Azure HCI cluster.
     * 
     */
    public Optional> hvciProtection() {
        return Optional.ofNullable(this.hvciProtection);
    }

    /**
     * When set to true, all the side channel mitigations are enabled
     * 
     */
    @Import(name="sideChannelMitigationEnforced")
    private @Nullable Output sideChannelMitigationEnforced;

    /**
     * @return When set to true, all the side channel mitigations are enabled
     * 
     */
    public Optional> sideChannelMitigationEnforced() {
        return Optional.ofNullable(this.sideChannelMitigationEnforced);
    }

    /**
     * When set to true, cluster east-west traffic is encrypted.
     * 
     */
    @Import(name="smbClusterEncryption")
    private @Nullable Output smbClusterEncryption;

    /**
     * @return When set to true, cluster east-west traffic is encrypted.
     * 
     */
    public Optional> smbClusterEncryption() {
        return Optional.ofNullable(this.smbClusterEncryption);
    }

    /**
     * When set to true, the SMB default instance requires sign in for the client and server services.
     * 
     */
    @Import(name="smbSigningEnforced")
    private @Nullable Output smbSigningEnforced;

    /**
     * @return When set to true, the SMB default instance requires sign in for the client and server services.
     * 
     */
    public Optional> smbSigningEnforced() {
        return Optional.ofNullable(this.smbSigningEnforced);
    }

    /**
     * WDAC is enabled by default and limits the applications and the code that you can run on your Azure Stack HCI cluster.
     * 
     */
    @Import(name="wdacEnforced")
    private @Nullable Output wdacEnforced;

    /**
     * @return WDAC is enabled by default and limits the applications and the code that you can run on your Azure Stack HCI cluster.
     * 
     */
    public Optional> wdacEnforced() {
        return Optional.ofNullable(this.wdacEnforced);
    }

    private SecuritySettingsArgs() {}

    private SecuritySettingsArgs(SecuritySettingsArgs $) {
        this.bitlockerBootVolume = $.bitlockerBootVolume;
        this.bitlockerDataVolumes = $.bitlockerDataVolumes;
        this.credentialGuardEnforced = $.credentialGuardEnforced;
        this.driftControlEnforced = $.driftControlEnforced;
        this.drtmProtection = $.drtmProtection;
        this.hvciProtection = $.hvciProtection;
        this.sideChannelMitigationEnforced = $.sideChannelMitigationEnforced;
        this.smbClusterEncryption = $.smbClusterEncryption;
        this.smbSigningEnforced = $.smbSigningEnforced;
        this.wdacEnforced = $.wdacEnforced;
    }

    public static Builder builder() {
        return new Builder();
    }
    public static Builder builder(SecuritySettingsArgs defaults) {
        return new Builder(defaults);
    }

    public static final class Builder {
        private SecuritySettingsArgs $;

        public Builder() {
            $ = new SecuritySettingsArgs();
        }

        public Builder(SecuritySettingsArgs defaults) {
            $ = new SecuritySettingsArgs(Objects.requireNonNull(defaults));
        }

        /**
         * @param bitlockerBootVolume When set to true, BitLocker XTS_AES 256-bit encryption is enabled for all data-at-rest on the OS volume of your Azure Stack HCI cluster. This setting is TPM-hardware dependent.
         * 
         * @return builder
         * 
         */
        public Builder bitlockerBootVolume(@Nullable Output bitlockerBootVolume) {
            $.bitlockerBootVolume = bitlockerBootVolume;
            return this;
        }

        /**
         * @param bitlockerBootVolume When set to true, BitLocker XTS_AES 256-bit encryption is enabled for all data-at-rest on the OS volume of your Azure Stack HCI cluster. This setting is TPM-hardware dependent.
         * 
         * @return builder
         * 
         */
        public Builder bitlockerBootVolume(Boolean bitlockerBootVolume) {
            return bitlockerBootVolume(Output.of(bitlockerBootVolume));
        }

        /**
         * @param bitlockerDataVolumes When set to true, BitLocker XTS-AES 256-bit encryption is enabled for all data-at-rest on your Azure Stack HCI cluster shared volumes.
         * 
         * @return builder
         * 
         */
        public Builder bitlockerDataVolumes(@Nullable Output bitlockerDataVolumes) {
            $.bitlockerDataVolumes = bitlockerDataVolumes;
            return this;
        }

        /**
         * @param bitlockerDataVolumes When set to true, BitLocker XTS-AES 256-bit encryption is enabled for all data-at-rest on your Azure Stack HCI cluster shared volumes.
         * 
         * @return builder
         * 
         */
        public Builder bitlockerDataVolumes(Boolean bitlockerDataVolumes) {
            return bitlockerDataVolumes(Output.of(bitlockerDataVolumes));
        }

        /**
         * @param credentialGuardEnforced When set to true, Credential Guard is enabled.
         * 
         * @return builder
         * 
         */
        public Builder credentialGuardEnforced(@Nullable Output credentialGuardEnforced) {
            $.credentialGuardEnforced = credentialGuardEnforced;
            return this;
        }

        /**
         * @param credentialGuardEnforced When set to true, Credential Guard is enabled.
         * 
         * @return builder
         * 
         */
        public Builder credentialGuardEnforced(Boolean credentialGuardEnforced) {
            return credentialGuardEnforced(Output.of(credentialGuardEnforced));
        }

        /**
         * @param driftControlEnforced When set to true, the security baseline is re-applied regularly.
         * 
         * @return builder
         * 
         */
        public Builder driftControlEnforced(@Nullable Output driftControlEnforced) {
            $.driftControlEnforced = driftControlEnforced;
            return this;
        }

        /**
         * @param driftControlEnforced When set to true, the security baseline is re-applied regularly.
         * 
         * @return builder
         * 
         */
        public Builder driftControlEnforced(Boolean driftControlEnforced) {
            return driftControlEnforced(Output.of(driftControlEnforced));
        }

        /**
         * @param drtmProtection By default, Secure Boot is enabled on your Azure HCI cluster. This setting is hardware dependent.
         * 
         * @return builder
         * 
         */
        public Builder drtmProtection(@Nullable Output drtmProtection) {
            $.drtmProtection = drtmProtection;
            return this;
        }

        /**
         * @param drtmProtection By default, Secure Boot is enabled on your Azure HCI cluster. This setting is hardware dependent.
         * 
         * @return builder
         * 
         */
        public Builder drtmProtection(Boolean drtmProtection) {
            return drtmProtection(Output.of(drtmProtection));
        }

        /**
         * @param hvciProtection By default, Hypervisor-protected Code Integrity is enabled on your Azure HCI cluster.
         * 
         * @return builder
         * 
         */
        public Builder hvciProtection(@Nullable Output hvciProtection) {
            $.hvciProtection = hvciProtection;
            return this;
        }

        /**
         * @param hvciProtection By default, Hypervisor-protected Code Integrity is enabled on your Azure HCI cluster.
         * 
         * @return builder
         * 
         */
        public Builder hvciProtection(Boolean hvciProtection) {
            return hvciProtection(Output.of(hvciProtection));
        }

        /**
         * @param sideChannelMitigationEnforced When set to true, all the side channel mitigations are enabled
         * 
         * @return builder
         * 
         */
        public Builder sideChannelMitigationEnforced(@Nullable Output sideChannelMitigationEnforced) {
            $.sideChannelMitigationEnforced = sideChannelMitigationEnforced;
            return this;
        }

        /**
         * @param sideChannelMitigationEnforced When set to true, all the side channel mitigations are enabled
         * 
         * @return builder
         * 
         */
        public Builder sideChannelMitigationEnforced(Boolean sideChannelMitigationEnforced) {
            return sideChannelMitigationEnforced(Output.of(sideChannelMitigationEnforced));
        }

        /**
         * @param smbClusterEncryption When set to true, cluster east-west traffic is encrypted.
         * 
         * @return builder
         * 
         */
        public Builder smbClusterEncryption(@Nullable Output smbClusterEncryption) {
            $.smbClusterEncryption = smbClusterEncryption;
            return this;
        }

        /**
         * @param smbClusterEncryption When set to true, cluster east-west traffic is encrypted.
         * 
         * @return builder
         * 
         */
        public Builder smbClusterEncryption(Boolean smbClusterEncryption) {
            return smbClusterEncryption(Output.of(smbClusterEncryption));
        }

        /**
         * @param smbSigningEnforced When set to true, the SMB default instance requires sign in for the client and server services.
         * 
         * @return builder
         * 
         */
        public Builder smbSigningEnforced(@Nullable Output smbSigningEnforced) {
            $.smbSigningEnforced = smbSigningEnforced;
            return this;
        }

        /**
         * @param smbSigningEnforced When set to true, the SMB default instance requires sign in for the client and server services.
         * 
         * @return builder
         * 
         */
        public Builder smbSigningEnforced(Boolean smbSigningEnforced) {
            return smbSigningEnforced(Output.of(smbSigningEnforced));
        }

        /**
         * @param wdacEnforced WDAC is enabled by default and limits the applications and the code that you can run on your Azure Stack HCI cluster.
         * 
         * @return builder
         * 
         */
        public Builder wdacEnforced(@Nullable Output wdacEnforced) {
            $.wdacEnforced = wdacEnforced;
            return this;
        }

        /**
         * @param wdacEnforced WDAC is enabled by default and limits the applications and the code that you can run on your Azure Stack HCI cluster.
         * 
         * @return builder
         * 
         */
        public Builder wdacEnforced(Boolean wdacEnforced) {
            return wdacEnforced(Output.of(wdacEnforced));
        }

        public SecuritySettingsArgs build() {
            $.bitlockerBootVolume = Codegen.booleanProp("bitlockerBootVolume").output().arg($.bitlockerBootVolume).def(true).getNullable();
            $.bitlockerDataVolumes = Codegen.booleanProp("bitlockerDataVolumes").output().arg($.bitlockerDataVolumes).def(true).getNullable();
            $.credentialGuardEnforced = Codegen.booleanProp("credentialGuardEnforced").output().arg($.credentialGuardEnforced).def(false).getNullable();
            $.driftControlEnforced = Codegen.booleanProp("driftControlEnforced").output().arg($.driftControlEnforced).def(true).getNullable();
            $.drtmProtection = Codegen.booleanProp("drtmProtection").output().arg($.drtmProtection).def(true).getNullable();
            $.hvciProtection = Codegen.booleanProp("hvciProtection").output().arg($.hvciProtection).def(true).getNullable();
            $.sideChannelMitigationEnforced = Codegen.booleanProp("sideChannelMitigationEnforced").output().arg($.sideChannelMitigationEnforced).def(true).getNullable();
            $.smbClusterEncryption = Codegen.booleanProp("smbClusterEncryption").output().arg($.smbClusterEncryption).def(false).getNullable();
            $.smbSigningEnforced = Codegen.booleanProp("smbSigningEnforced").output().arg($.smbSigningEnforced).def(true).getNullable();
            $.wdacEnforced = Codegen.booleanProp("wdacEnforced").output().arg($.wdacEnforced).def(true).getNullable();
            return $;
        }
    }

}