com.pulumi.azure.sentinel.kotlin.AlertRuleAnomalyBuiltIn.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-azure-kotlin Show documentation
Show all versions of pulumi-azure-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.azure.sentinel.kotlin
import com.pulumi.azure.sentinel.kotlin.outputs.AlertRuleAnomalyBuiltInMultiSelectObservation
import com.pulumi.azure.sentinel.kotlin.outputs.AlertRuleAnomalyBuiltInPrioritizedExcludeObservation
import com.pulumi.azure.sentinel.kotlin.outputs.AlertRuleAnomalyBuiltInRequiredDataConnector
import com.pulumi.azure.sentinel.kotlin.outputs.AlertRuleAnomalyBuiltInSingleSelectObservation
import com.pulumi.azure.sentinel.kotlin.outputs.AlertRuleAnomalyBuiltInThresholdObservation
import com.pulumi.core.Output
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Boolean
import kotlin.Int
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
import com.pulumi.azure.sentinel.kotlin.outputs.AlertRuleAnomalyBuiltInMultiSelectObservation.Companion.toKotlin as alertRuleAnomalyBuiltInMultiSelectObservationToKotlin
import com.pulumi.azure.sentinel.kotlin.outputs.AlertRuleAnomalyBuiltInPrioritizedExcludeObservation.Companion.toKotlin as alertRuleAnomalyBuiltInPrioritizedExcludeObservationToKotlin
import com.pulumi.azure.sentinel.kotlin.outputs.AlertRuleAnomalyBuiltInRequiredDataConnector.Companion.toKotlin as alertRuleAnomalyBuiltInRequiredDataConnectorToKotlin
import com.pulumi.azure.sentinel.kotlin.outputs.AlertRuleAnomalyBuiltInSingleSelectObservation.Companion.toKotlin as alertRuleAnomalyBuiltInSingleSelectObservationToKotlin
import com.pulumi.azure.sentinel.kotlin.outputs.AlertRuleAnomalyBuiltInThresholdObservation.Companion.toKotlin as alertRuleAnomalyBuiltInThresholdObservationToKotlin
/**
* Builder for [AlertRuleAnomalyBuiltIn].
*/
@PulumiTagMarker
public class AlertRuleAnomalyBuiltInResourceBuilder internal constructor() {
public var name: String? = null
public var args: AlertRuleAnomalyBuiltInArgs = AlertRuleAnomalyBuiltInArgs()
public var opts: CustomResourceOptions = CustomResourceOptions()
/**
* @param name The _unique_ name of the resulting resource.
*/
public fun name(`value`: String) {
this.name = value
}
/**
* @param block The arguments to use to populate this resource's properties.
*/
public suspend fun args(block: suspend AlertRuleAnomalyBuiltInArgsBuilder.() -> Unit) {
val builder = AlertRuleAnomalyBuiltInArgsBuilder()
block(builder)
this.args = builder.build()
}
/**
* @param block A bag of options that control this resource's behavior.
*/
public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
}
internal fun build(): AlertRuleAnomalyBuiltIn {
val builtJavaResource =
com.pulumi.azure.sentinel.AlertRuleAnomalyBuiltIn(
this.name,
this.args.toJava(),
this.opts.toJava(),
)
return AlertRuleAnomalyBuiltIn(builtJavaResource)
}
}
/**
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as azure from "@pulumi/azure";
* const exampleResourceGroup = new azure.core.ResourceGroup("example", {
* name: "example-resources",
* location: "West Europe",
* });
* const exampleAnalyticsWorkspace = new azure.operationalinsights.AnalyticsWorkspace("example", {
* name: "example-law",
* location: exampleResourceGroup.location,
* resourceGroupName: exampleResourceGroup.name,
* sku: "PerGB2018",
* });
* const exampleLogAnalyticsWorkspaceOnboarding = new azure.sentinel.LogAnalyticsWorkspaceOnboarding("example", {
* workspaceId: exampleAnalyticsWorkspace.id,
* customerManagedKeyEnabled: false,
* });
* const example = azure.sentinel.getAlertRuleAnomalyOutput({
* logAnalyticsWorkspaceId: exampleLogAnalyticsWorkspaceOnboarding.workspaceId,
* displayName: "Potential data staging",
* });
* const exampleAlertRuleAnomalyBuiltIn = new azure.sentinel.AlertRuleAnomalyBuiltIn("example", {
* displayName: "Potential data staging",
* logAnalyticsWorkspaceId: exampleAnalyticsWorkspace.id,
* mode: "Production",
* enabled: false,
* });
* ```
* ```python
* import pulumi
* import pulumi_azure as azure
* example_resource_group = azure.core.ResourceGroup("example",
* name="example-resources",
* location="West Europe")
* example_analytics_workspace = azure.operationalinsights.AnalyticsWorkspace("example",
* name="example-law",
* location=example_resource_group.location,
* resource_group_name=example_resource_group.name,
* sku="PerGB2018")
* example_log_analytics_workspace_onboarding = azure.sentinel.LogAnalyticsWorkspaceOnboarding("example",
* workspace_id=example_analytics_workspace.id,
* customer_managed_key_enabled=False)
* example = azure.sentinel.get_alert_rule_anomaly_output(log_analytics_workspace_id=example_log_analytics_workspace_onboarding.workspace_id,
* display_name="Potential data staging")
* example_alert_rule_anomaly_built_in = azure.sentinel.AlertRuleAnomalyBuiltIn("example",
* display_name="Potential data staging",
* log_analytics_workspace_id=example_analytics_workspace.id,
* mode="Production",
* enabled=False)
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Azure = Pulumi.Azure;
* return await Deployment.RunAsync(() =>
* {
* var exampleResourceGroup = new Azure.Core.ResourceGroup("example", new()
* {
* Name = "example-resources",
* Location = "West Europe",
* });
* var exampleAnalyticsWorkspace = new Azure.OperationalInsights.AnalyticsWorkspace("example", new()
* {
* Name = "example-law",
* Location = exampleResourceGroup.Location,
* ResourceGroupName = exampleResourceGroup.Name,
* Sku = "PerGB2018",
* });
* var exampleLogAnalyticsWorkspaceOnboarding = new Azure.Sentinel.LogAnalyticsWorkspaceOnboarding("example", new()
* {
* WorkspaceId = exampleAnalyticsWorkspace.Id,
* CustomerManagedKeyEnabled = false,
* });
* var example = Azure.Sentinel.GetAlertRuleAnomaly.Invoke(new()
* {
* LogAnalyticsWorkspaceId = exampleLogAnalyticsWorkspaceOnboarding.WorkspaceId,
* DisplayName = "Potential data staging",
* });
* var exampleAlertRuleAnomalyBuiltIn = new Azure.Sentinel.AlertRuleAnomalyBuiltIn("example", new()
* {
* DisplayName = "Potential data staging",
* LogAnalyticsWorkspaceId = exampleAnalyticsWorkspace.Id,
* Mode = "Production",
* Enabled = false,
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/operationalinsights"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/sentinel"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* exampleResourceGroup, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
* Name: pulumi.String("example-resources"),
* Location: pulumi.String("West Europe"),
* })
* if err != nil {
* return err
* }
* exampleAnalyticsWorkspace, err := operationalinsights.NewAnalyticsWorkspace(ctx, "example", &operationalinsights.AnalyticsWorkspaceArgs{
* Name: pulumi.String("example-law"),
* Location: exampleResourceGroup.Location,
* ResourceGroupName: exampleResourceGroup.Name,
* Sku: pulumi.String("PerGB2018"),
* })
* if err != nil {
* return err
* }
* exampleLogAnalyticsWorkspaceOnboarding, err := sentinel.NewLogAnalyticsWorkspaceOnboarding(ctx, "example", &sentinel.LogAnalyticsWorkspaceOnboardingArgs{
* WorkspaceId: exampleAnalyticsWorkspace.ID(),
* CustomerManagedKeyEnabled: pulumi.Bool(false),
* })
* if err != nil {
* return err
* }
* _ = sentinel.GetAlertRuleAnomalyOutput(ctx, sentinel.GetAlertRuleAnomalyOutputArgs{
* LogAnalyticsWorkspaceId: exampleLogAnalyticsWorkspaceOnboarding.WorkspaceId,
* DisplayName: pulumi.String("Potential data staging"),
* }, nil)
* _, err = sentinel.NewAlertRuleAnomalyBuiltIn(ctx, "example", &sentinel.AlertRuleAnomalyBuiltInArgs{
* DisplayName: pulumi.String("Potential data staging"),
* LogAnalyticsWorkspaceId: exampleAnalyticsWorkspace.ID(),
* Mode: pulumi.String("Production"),
* Enabled: pulumi.Bool(false),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.core.ResourceGroup;
* import com.pulumi.azure.core.ResourceGroupArgs;
* import com.pulumi.azure.operationalinsights.AnalyticsWorkspace;
* import com.pulumi.azure.operationalinsights.AnalyticsWorkspaceArgs;
* import com.pulumi.azure.sentinel.LogAnalyticsWorkspaceOnboarding;
* import com.pulumi.azure.sentinel.LogAnalyticsWorkspaceOnboardingArgs;
* import com.pulumi.azure.sentinel.SentinelFunctions;
* import com.pulumi.azure.sentinel.inputs.GetAlertRuleAnomalyArgs;
* import com.pulumi.azure.sentinel.AlertRuleAnomalyBuiltIn;
* import com.pulumi.azure.sentinel.AlertRuleAnomalyBuiltInArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
* .name("example-resources")
* .location("West Europe")
* .build());
* var exampleAnalyticsWorkspace = new AnalyticsWorkspace("exampleAnalyticsWorkspace", AnalyticsWorkspaceArgs.builder()
* .name("example-law")
* .location(exampleResourceGroup.location())
* .resourceGroupName(exampleResourceGroup.name())
* .sku("PerGB2018")
* .build());
* var exampleLogAnalyticsWorkspaceOnboarding = new LogAnalyticsWorkspaceOnboarding("exampleLogAnalyticsWorkspaceOnboarding", LogAnalyticsWorkspaceOnboardingArgs.builder()
* .workspaceId(exampleAnalyticsWorkspace.id())
* .customerManagedKeyEnabled(false)
* .build());
* final var example = SentinelFunctions.getAlertRuleAnomaly(GetAlertRuleAnomalyArgs.builder()
* .logAnalyticsWorkspaceId(exampleLogAnalyticsWorkspaceOnboarding.workspaceId())
* .displayName("Potential data staging")
* .build());
* var exampleAlertRuleAnomalyBuiltIn = new AlertRuleAnomalyBuiltIn("exampleAlertRuleAnomalyBuiltIn", AlertRuleAnomalyBuiltInArgs.builder()
* .displayName("Potential data staging")
* .logAnalyticsWorkspaceId(exampleAnalyticsWorkspace.id())
* .mode("Production")
* .enabled(false)
* .build());
* }
* }
* ```
* ```yaml
* resources:
* exampleResourceGroup:
* type: azure:core:ResourceGroup
* name: example
* properties:
* name: example-resources
* location: West Europe
* exampleAnalyticsWorkspace:
* type: azure:operationalinsights:AnalyticsWorkspace
* name: example
* properties:
* name: example-law
* location: ${exampleResourceGroup.location}
* resourceGroupName: ${exampleResourceGroup.name}
* sku: PerGB2018
* exampleLogAnalyticsWorkspaceOnboarding:
* type: azure:sentinel:LogAnalyticsWorkspaceOnboarding
* name: example
* properties:
* workspaceId: ${exampleAnalyticsWorkspace.id}
* customerManagedKeyEnabled: false
* exampleAlertRuleAnomalyBuiltIn:
* type: azure:sentinel:AlertRuleAnomalyBuiltIn
* name: example
* properties:
* displayName: Potential data staging
* logAnalyticsWorkspaceId: ${exampleAnalyticsWorkspace.id}
* mode: Production
* enabled: false
* variables:
* example:
* fn::invoke:
* Function: azure:sentinel:getAlertRuleAnomaly
* Arguments:
* logAnalyticsWorkspaceId: ${exampleLogAnalyticsWorkspaceOnboarding.workspaceId}
* displayName: Potential data staging
* ```
*
* ## Import
* Built In Anomaly Alert Rules can be imported using the `resource id`, e.g.
* ```sh
* $ pulumi import azure:sentinel/alertRuleAnomalyBuiltIn:AlertRuleAnomalyBuiltIn example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.OperationalInsights/workspaces/workspace1/providers/Microsoft.SecurityInsights/securityMLAnalyticsSettings/setting1
* ```
*/
public class AlertRuleAnomalyBuiltIn internal constructor(
override val javaResource: com.pulumi.azure.sentinel.AlertRuleAnomalyBuiltIn,
) : KotlinCustomResource(javaResource, AlertRuleAnomalyBuiltInMapper) {
/**
* The version of the Anomaly Security ML Analytics Settings.
*/
public val anomalySettingsVersion: Output
get() = javaResource.anomalySettingsVersion().applyValue({ args0 -> args0 })
/**
* The anomaly version of the Anomaly Alert Rule.
*/
public val anomalyVersion: Output
get() = javaResource.anomalyVersion().applyValue({ args0 -> args0 })
/**
* The description of the threshold observation.
*/
public val description: Output
get() = javaResource.description().applyValue({ args0 -> args0 })
/**
* The Display Name of the built-in Anomaly Alert Rule.
* > **Note:** One of `name` or `display_name` block must be specified.
*/
public val displayName: Output
get() = javaResource.displayName().applyValue({ args0 -> args0 })
/**
* Should the Built-in Anomaly Alert Rule be enabled?
*/
public val enabled: Output
get() = javaResource.enabled().applyValue({ args0 -> args0 })
/**
* The frequency the Anomaly Alert Rule will be run.
*/
public val frequency: Output
get() = javaResource.frequency().applyValue({ args0 -> args0 })
/**
* The ID of the Log Analytics Workspace. Changing this forces a new Built-in Anomaly Alert Rule to be created.
*/
public val logAnalyticsWorkspaceId: Output
get() = javaResource.logAnalyticsWorkspaceId().applyValue({ args0 -> args0 })
/**
* mode of the Built-in Anomaly Alert Rule. Possible Values are `Production` and `Flighting`.
*/
public val mode: Output
get() = javaResource.mode().applyValue({ args0 -> args0 })
/**
* A list of `multi_select_observation` blocks as defined below.
*/
public val multiSelectObservations: Output>
get() = javaResource.multiSelectObservations().applyValue({ args0 ->
args0.map({ args0 ->
args0.let({ args0 -> alertRuleAnomalyBuiltInMultiSelectObservationToKotlin(args0) })
})
})
/**
* The Name of the built-in Anomaly Alert Rule.
*/
public val name: Output
get() = javaResource.name().applyValue({ args0 -> args0 })
/**
* A list of `prioritized_exclude_observation` blocks as defined below.
*/
public val prioritizedExcludeObservations:
Output>
get() = javaResource.prioritizedExcludeObservations().applyValue({ args0 ->
args0.map({ args0 ->
args0.let({ args0 ->
alertRuleAnomalyBuiltInPrioritizedExcludeObservationToKotlin(args0)
})
})
})
/**
* A `required_data_connector` block as defined below.
*/
public val requiredDataConnectors: Output>
get() = javaResource.requiredDataConnectors().applyValue({ args0 ->
args0.map({ args0 ->
args0.let({ args0 -> alertRuleAnomalyBuiltInRequiredDataConnectorToKotlin(args0) })
})
})
/**
* The ID of the anomaly settings definition Id.
*/
public val settingsDefinitionId: Output
get() = javaResource.settingsDefinitionId().applyValue({ args0 -> args0 })
/**
* A list of `single_select_observation` blocks as defined below.
*/
public val singleSelectObservations: Output>
get() = javaResource.singleSelectObservations().applyValue({ args0 ->
args0.map({ args0 ->
args0.let({ args0 -> alertRuleAnomalyBuiltInSingleSelectObservationToKotlin(args0) })
})
})
/**
* A list of categories of attacks by which to classify the rule.
*/
public val tactics: Output>
get() = javaResource.tactics().applyValue({ args0 -> args0.map({ args0 -> args0 }) })
/**
* A list of techniques of attacks by which to classify the rule.
*/
public val techniques: Output>
get() = javaResource.techniques().applyValue({ args0 -> args0.map({ args0 -> args0 }) })
/**
* A list of `threshold_observation` blocks as defined below.
*/
public val thresholdObservations: Output>
get() = javaResource.thresholdObservations().applyValue({ args0 ->
args0.map({ args0 ->
args0.let({ args0 -> alertRuleAnomalyBuiltInThresholdObservationToKotlin(args0) })
})
})
}
public object AlertRuleAnomalyBuiltInMapper : ResourceMapper {
override fun supportsMappingOfType(javaResource: Resource): Boolean =
com.pulumi.azure.sentinel.AlertRuleAnomalyBuiltIn::class == javaResource::class
override fun map(javaResource: Resource): AlertRuleAnomalyBuiltIn =
AlertRuleAnomalyBuiltIn(javaResource as com.pulumi.azure.sentinel.AlertRuleAnomalyBuiltIn)
}
/**
* @see [AlertRuleAnomalyBuiltIn].
* @param name The _unique_ name of the resulting resource.
* @param block Builder for [AlertRuleAnomalyBuiltIn].
*/
public suspend fun alertRuleAnomalyBuiltIn(
name: String,
block: suspend AlertRuleAnomalyBuiltInResourceBuilder.() -> Unit,
): AlertRuleAnomalyBuiltIn {
val builder = AlertRuleAnomalyBuiltInResourceBuilder()
builder.name(name)
block(builder)
return builder.build()
}
/**
* @see [AlertRuleAnomalyBuiltIn].
* @param name The _unique_ name of the resulting resource.
*/
public fun alertRuleAnomalyBuiltIn(name: String): AlertRuleAnomalyBuiltIn {
val builder = AlertRuleAnomalyBuiltInResourceBuilder()
builder.name(name)
return builder.build()
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy