com.pulumi.azure.sentinel.ThreatIntelligenceIndicator Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of azure Show documentation
Show all versions of azure Show documentation
A Pulumi package for creating and managing Microsoft Azure cloud resources, based on the Terraform azurerm provider. We recommend using the [Azure Native provider](https://github.com/pulumi/pulumi-azure-native) to provision Azure infrastructure. Azure Native provides complete coverage of Azure resources and same-day access to new resources and resource updates.
// *** WARNING: this file was generated by pulumi-java-gen. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
package com.pulumi.azure.sentinel;
import com.pulumi.azure.Utilities;
import com.pulumi.azure.sentinel.ThreatIntelligenceIndicatorArgs;
import com.pulumi.azure.sentinel.inputs.ThreatIntelligenceIndicatorState;
import com.pulumi.azure.sentinel.outputs.ThreatIntelligenceIndicatorExternalReference;
import com.pulumi.azure.sentinel.outputs.ThreatIntelligenceIndicatorGranularMarking;
import com.pulumi.azure.sentinel.outputs.ThreatIntelligenceIndicatorKillChainPhase;
import com.pulumi.azure.sentinel.outputs.ThreatIntelligenceIndicatorParsedPattern;
import com.pulumi.core.Output;
import com.pulumi.core.annotations.Export;
import com.pulumi.core.annotations.ResourceType;
import com.pulumi.core.internal.Codegen;
import java.lang.Boolean;
import java.lang.Integer;
import java.lang.String;
import java.util.List;
import java.util.Optional;
import javax.annotation.Nullable;
/**
* Manages a Sentinel Threat Intelligence Indicator.
*
* ## Example Usage
*
* <!--Start PulumiCodeChooser -->
*
* {@code
* package generated_program;
*
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.core.ResourceGroup;
* import com.pulumi.azure.core.ResourceGroupArgs;
* import com.pulumi.azure.operationalinsights.AnalyticsWorkspace;
* import com.pulumi.azure.operationalinsights.AnalyticsWorkspaceArgs;
* import com.pulumi.azure.sentinel.LogAnalyticsWorkspaceOnboarding;
* import com.pulumi.azure.sentinel.LogAnalyticsWorkspaceOnboardingArgs;
* import com.pulumi.azure.sentinel.ThreatIntelligenceIndicator;
* import com.pulumi.azure.sentinel.ThreatIntelligenceIndicatorArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
*
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
*
* public static void stack(Context ctx) {
* var example = new ResourceGroup("example", ResourceGroupArgs.builder()
* .name("example-rg")
* .location("east us")
* .build());
*
* var exampleAnalyticsWorkspace = new AnalyticsWorkspace("exampleAnalyticsWorkspace", AnalyticsWorkspaceArgs.builder()
* .name("example-law")
* .location(example.location())
* .resourceGroupName(example.name())
* .sku("PerGB2018")
* .retentionInDays(30)
* .build());
*
* var exampleLogAnalyticsWorkspaceOnboarding = new LogAnalyticsWorkspaceOnboarding("exampleLogAnalyticsWorkspaceOnboarding", LogAnalyticsWorkspaceOnboardingArgs.builder()
* .workspaceId(exampleAnalyticsWorkspace.id())
* .build());
*
* var exampleThreatIntelligenceIndicator = new ThreatIntelligenceIndicator("exampleThreatIntelligenceIndicator", ThreatIntelligenceIndicatorArgs.builder()
* .workspaceId(exampleLogAnalyticsWorkspaceOnboarding.workspaceId())
* .patternType("domain-name")
* .pattern("http://example.com")
* .source("Microsoft Sentinel")
* .validateFromUtc("2022-12-14T16:00:00Z")
* .displayName("example-indicator")
* .build());
*
* }
* }
* }
*
* <!--End PulumiCodeChooser -->
*
* ## Import
*
* Sentinel Threat Intelligence Indicators can be imported using the `resource id`, e.g.
*
* ```sh
* $ pulumi import azure:sentinel/threatIntelligenceIndicator:ThreatIntelligenceIndicator example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resourcegroup1/providers/Microsoft.OperationalInsights/workspaces/workspace1/providers/Microsoft.SecurityInsights/threatIntelligence/main/indicators/indicator1
* ```
*
*/
@ResourceType(type="azure:sentinel/threatIntelligenceIndicator:ThreatIntelligenceIndicator")
public class ThreatIntelligenceIndicator extends com.pulumi.resources.CustomResource {
/**
* Confidence levels of the Threat Intelligence Indicator.
*
*/
@Export(name="confidence", refs={Integer.class}, tree="[0]")
private Output confidence;
/**
* @return Confidence levels of the Threat Intelligence Indicator.
*
*/
public Output> confidence() {
return Codegen.optional(this.confidence);
}
/**
* The creator of the Threat Intelligence Indicator.
*
*/
@Export(name="createdBy", refs={String.class}, tree="[0]")
private Output createdBy;
/**
* @return The creator of the Threat Intelligence Indicator.
*
*/
public Output> createdBy() {
return Codegen.optional(this.createdBy);
}
/**
* The date of this Threat Intelligence Indicator created.
*
*/
@Export(name="createdOn", refs={String.class}, tree="[0]")
private Output createdOn;
/**
* @return The date of this Threat Intelligence Indicator created.
*
*/
public Output createdOn() {
return this.createdOn;
}
/**
* Whether the Threat Intelligence entity is defanged?
*
*/
@Export(name="defanged", refs={Boolean.class}, tree="[0]")
private Output defanged;
/**
* @return Whether the Threat Intelligence entity is defanged?
*
*/
public Output defanged() {
return this.defanged;
}
/**
* The description of the Threat Intelligence Indicator.
*
*/
@Export(name="description", refs={String.class}, tree="[0]")
private Output description;
/**
* @return The description of the Threat Intelligence Indicator.
*
*/
public Output> description() {
return Codegen.optional(this.description);
}
/**
* The display name of the Threat Intelligence Indicator.
*
*/
@Export(name="displayName", refs={String.class}, tree="[0]")
private Output displayName;
/**
* @return The display name of the Threat Intelligence Indicator.
*
*/
public Output displayName() {
return this.displayName;
}
/**
* The extension config of the Threat Intelligence Indicator in JSON format.
*
*/
@Export(name="extension", refs={String.class}, tree="[0]")
private Output extension;
/**
* @return The extension config of the Threat Intelligence Indicator in JSON format.
*
*/
public Output extension() {
return this.extension;
}
/**
* The external ID of the Threat Intelligence Indicator.
*
*/
@Export(name="externalId", refs={String.class}, tree="[0]")
private Output externalId;
/**
* @return The external ID of the Threat Intelligence Indicator.
*
*/
public Output externalId() {
return this.externalId;
}
/**
* the External last updated time in UTC.
*
*/
@Export(name="externalLastUpdatedTimeUtc", refs={String.class}, tree="[0]")
private Output externalLastUpdatedTimeUtc;
/**
* @return the External last updated time in UTC.
*
*/
public Output externalLastUpdatedTimeUtc() {
return this.externalLastUpdatedTimeUtc;
}
/**
* One or more `external_reference` blocks as defined below.
*
*/
@Export(name="externalReferences", refs={List.class,ThreatIntelligenceIndicatorExternalReference.class}, tree="[0,1]")
private Output> externalReferences;
/**
* @return One or more `external_reference` blocks as defined below.
*
*/
public Output>> externalReferences() {
return Codegen.optional(this.externalReferences);
}
/**
* One or more `granular_marking` blocks as defined below.
*
*/
@Export(name="granularMarkings", refs={List.class,ThreatIntelligenceIndicatorGranularMarking.class}, tree="[0,1]")
private Output> granularMarkings;
/**
* @return One or more `granular_marking` blocks as defined below.
*
*/
public Output>> granularMarkings() {
return Codegen.optional(this.granularMarkings);
}
/**
* The guid of this Sentinel Threat Intelligence Indicator.
*
*/
@Export(name="guid", refs={String.class}, tree="[0]")
private Output guid;
/**
* @return The guid of this Sentinel Threat Intelligence Indicator.
*
*/
public Output guid() {
return this.guid;
}
/**
* A list of indicator types of this Threat Intelligence Indicator.
*
*/
@Export(name="indicatorTypes", refs={List.class,String.class}, tree="[0,1]")
private Output> indicatorTypes;
/**
* @return A list of indicator types of this Threat Intelligence Indicator.
*
*/
public Output> indicatorTypes() {
return this.indicatorTypes;
}
/**
* One or more `kill_chain_phase` blocks as defined below.
*
*/
@Export(name="killChainPhases", refs={List.class,ThreatIntelligenceIndicatorKillChainPhase.class}, tree="[0,1]")
private Output> killChainPhases;
/**
* @return One or more `kill_chain_phase` blocks as defined below.
*
*/
public Output>> killChainPhases() {
return Codegen.optional(this.killChainPhases);
}
/**
* The language of the Threat Intelligence Indicator.
*
*/
@Export(name="language", refs={String.class}, tree="[0]")
private Output language;
/**
* @return The language of the Threat Intelligence Indicator.
*
*/
public Output> language() {
return Codegen.optional(this.language);
}
/**
* The last updated time of the Threat Intelligence Indicator in UTC.
*
*/
@Export(name="lastUpdatedTimeUtc", refs={String.class}, tree="[0]")
private Output lastUpdatedTimeUtc;
/**
* @return The last updated time of the Threat Intelligence Indicator in UTC.
*
*/
public Output lastUpdatedTimeUtc() {
return this.lastUpdatedTimeUtc;
}
/**
* Specifies a list of Threat Intelligence marking references.
*
*/
@Export(name="objectMarkingRefs", refs={List.class,String.class}, tree="[0,1]")
private Output> objectMarkingRefs;
/**
* @return Specifies a list of Threat Intelligence marking references.
*
*/
public Output>> objectMarkingRefs() {
return Codegen.optional(this.objectMarkingRefs);
}
/**
* A `parsed_pattern` block as defined below.
*
*/
@Export(name="parsedPatterns", refs={List.class,ThreatIntelligenceIndicatorParsedPattern.class}, tree="[0,1]")
private Output> parsedPatterns;
/**
* @return A `parsed_pattern` block as defined below.
*
*/
public Output> parsedPatterns() {
return this.parsedPatterns;
}
/**
* The pattern used by the Threat Intelligence Indicator. When `pattern_type` set to `file`, `pattern` must be specified with `<HashName>:<Value>` format, such as `MD5:78ecc5c05cd8b79af480df2f8fba0b9d`.
*
*/
@Export(name="pattern", refs={String.class}, tree="[0]")
private Output pattern;
/**
* @return The pattern used by the Threat Intelligence Indicator. When `pattern_type` set to `file`, `pattern` must be specified with `<HashName>:<Value>` format, such as `MD5:78ecc5c05cd8b79af480df2f8fba0b9d`.
*
*/
public Output pattern() {
return this.pattern;
}
/**
* The type of pattern used by the Threat Intelligence Indicator. Possible values are `domain-name`, `file`, `ipv4-addr`, `ipv6-addr` and `url`.
*
*/
@Export(name="patternType", refs={String.class}, tree="[0]")
private Output patternType;
/**
* @return The type of pattern used by the Threat Intelligence Indicator. Possible values are `domain-name`, `file`, `ipv4-addr`, `ipv6-addr` and `url`.
*
*/
public Output patternType() {
return this.patternType;
}
/**
* The version of a Threat Intelligence entity.
*
*/
@Export(name="patternVersion", refs={String.class}, tree="[0]")
private Output patternVersion;
/**
* @return The version of a Threat Intelligence entity.
*
*/
public Output> patternVersion() {
return Codegen.optional(this.patternVersion);
}
/**
* Whether the Threat Intelligence entity revoked.
*
*/
@Export(name="revoked", refs={Boolean.class}, tree="[0]")
private Output revoked;
/**
* @return Whether the Threat Intelligence entity revoked.
*
*/
public Output> revoked() {
return Codegen.optional(this.revoked);
}
/**
* Source of the Threat Intelligence Indicator. Changing this forces a new resource to be created.
*
*/
@Export(name="source", refs={String.class}, tree="[0]")
private Output source;
/**
* @return Source of the Threat Intelligence Indicator. Changing this forces a new resource to be created.
*
*/
public Output source() {
return this.source;
}
/**
* Specifies a list of tags of the Threat Intelligence Indicator.
*
*/
@Export(name="tags", refs={List.class,String.class}, tree="[0,1]")
private Output> tags;
/**
* @return Specifies a list of tags of the Threat Intelligence Indicator.
*
*/
public Output>> tags() {
return Codegen.optional(this.tags);
}
/**
* Specifies a list of threat types of this Threat Intelligence Indicator.
*
*/
@Export(name="threatTypes", refs={List.class,String.class}, tree="[0,1]")
private Output> threatTypes;
/**
* @return Specifies a list of threat types of this Threat Intelligence Indicator.
*
*/
public Output>> threatTypes() {
return Codegen.optional(this.threatTypes);
}
/**
* The start of validate date in RFC3339.
*
*/
@Export(name="validateFromUtc", refs={String.class}, tree="[0]")
private Output validateFromUtc;
/**
* @return The start of validate date in RFC3339.
*
*/
public Output validateFromUtc() {
return this.validateFromUtc;
}
/**
* The end of validate date of the Threat Intelligence Indicator in RFC3339 format.
*
*/
@Export(name="validateUntilUtc", refs={String.class}, tree="[0]")
private Output validateUntilUtc;
/**
* @return The end of validate date of the Threat Intelligence Indicator in RFC3339 format.
*
*/
public Output> validateUntilUtc() {
return Codegen.optional(this.validateUntilUtc);
}
/**
* The ID of the Log Analytics Workspace. Changing this forces a new Sentinel Threat Intelligence Indicator to be created.
*
*/
@Export(name="workspaceId", refs={String.class}, tree="[0]")
private Output workspaceId;
/**
* @return The ID of the Log Analytics Workspace. Changing this forces a new Sentinel Threat Intelligence Indicator to be created.
*
*/
public Output workspaceId() {
return this.workspaceId;
}
/**
*
* @param name The _unique_ name of the resulting resource.
*/
public ThreatIntelligenceIndicator(java.lang.String name) {
this(name, ThreatIntelligenceIndicatorArgs.Empty);
}
/**
*
* @param name The _unique_ name of the resulting resource.
* @param args The arguments to use to populate this resource's properties.
*/
public ThreatIntelligenceIndicator(java.lang.String name, ThreatIntelligenceIndicatorArgs args) {
this(name, args, null);
}
/**
*
* @param name The _unique_ name of the resulting resource.
* @param args The arguments to use to populate this resource's properties.
* @param options A bag of options that control this resource's behavior.
*/
public ThreatIntelligenceIndicator(java.lang.String name, ThreatIntelligenceIndicatorArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) {
super("azure:sentinel/threatIntelligenceIndicator:ThreatIntelligenceIndicator", name, makeArgs(args, options), makeResourceOptions(options, Codegen.empty()), false);
}
private ThreatIntelligenceIndicator(java.lang.String name, Output id, @Nullable ThreatIntelligenceIndicatorState state, @Nullable com.pulumi.resources.CustomResourceOptions options) {
super("azure:sentinel/threatIntelligenceIndicator:ThreatIntelligenceIndicator", name, state, makeResourceOptions(options, id), false);
}
private static ThreatIntelligenceIndicatorArgs makeArgs(ThreatIntelligenceIndicatorArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) {
if (options != null && options.getUrn().isPresent()) {
return null;
}
return args == null ? ThreatIntelligenceIndicatorArgs.Empty : args;
}
private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) {
var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder()
.version(Utilities.getVersion())
.build();
return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id);
}
/**
* Get an existing Host resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state
* @param options Optional settings to control the behavior of the CustomResource.
*/
public static ThreatIntelligenceIndicator get(java.lang.String name, Output id, @Nullable ThreatIntelligenceIndicatorState state, @Nullable com.pulumi.resources.CustomResourceOptions options) {
return new ThreatIntelligenceIndicator(name, id, state, options);
}
}