com.pulumi.azure.sentinel.kotlin.AlertRuleFusionArgs.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-azure-kotlin Show documentation
Show all versions of pulumi-azure-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.azure.sentinel.kotlin
import com.pulumi.azure.sentinel.AlertRuleFusionArgs.builder
import com.pulumi.azure.sentinel.kotlin.inputs.AlertRuleFusionSourceArgs
import com.pulumi.azure.sentinel.kotlin.inputs.AlertRuleFusionSourceArgsBuilder
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.applySuspend
import kotlin.Boolean
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
import kotlin.jvm.JvmName
/**
* Manages a Sentinel Fusion Alert Rule.
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as azure from "@pulumi/azure";
* const example = new azure.core.ResourceGroup("example", {
* name: "example-resources",
* location: "West Europe",
* });
* const exampleAnalyticsWorkspace = new azure.operationalinsights.AnalyticsWorkspace("example", {
* name: "example-workspace",
* location: example.location,
* resourceGroupName: example.name,
* sku: "PerGB2018",
* });
* const exampleAnalyticsSolution = new azure.operationalinsights.AnalyticsSolution("example", {
* solutionName: "SecurityInsights",
* location: example.location,
* resourceGroupName: example.name,
* workspaceResourceId: exampleAnalyticsWorkspace.id,
* workspaceName: exampleAnalyticsWorkspace.name,
* plan: {
* publisher: "Microsoft",
* product: "OMSGallery/SecurityInsights",
* },
* });
* const exampleAlertRuleFusion = new azure.sentinel.AlertRuleFusion("example", {
* name: "example-fusion-alert-rule",
* logAnalyticsWorkspaceId: exampleAnalyticsSolution.workspaceResourceId,
* alertRuleTemplateGuid: "f71aba3d-28fb-450b-b192-4e76a83015c8",
* });
* ```
* ```python
* import pulumi
* import pulumi_azure as azure
* example = azure.core.ResourceGroup("example",
* name="example-resources",
* location="West Europe")
* example_analytics_workspace = azure.operationalinsights.AnalyticsWorkspace("example",
* name="example-workspace",
* location=example.location,
* resource_group_name=example.name,
* sku="PerGB2018")
* example_analytics_solution = azure.operationalinsights.AnalyticsSolution("example",
* solution_name="SecurityInsights",
* location=example.location,
* resource_group_name=example.name,
* workspace_resource_id=example_analytics_workspace.id,
* workspace_name=example_analytics_workspace.name,
* plan=azure.operationalinsights.AnalyticsSolutionPlanArgs(
* publisher="Microsoft",
* product="OMSGallery/SecurityInsights",
* ))
* example_alert_rule_fusion = azure.sentinel.AlertRuleFusion("example",
* name="example-fusion-alert-rule",
* log_analytics_workspace_id=example_analytics_solution.workspace_resource_id,
* alert_rule_template_guid="f71aba3d-28fb-450b-b192-4e76a83015c8")
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Azure = Pulumi.Azure;
* return await Deployment.RunAsync(() =>
* {
* var example = new Azure.Core.ResourceGroup("example", new()
* {
* Name = "example-resources",
* Location = "West Europe",
* });
* var exampleAnalyticsWorkspace = new Azure.OperationalInsights.AnalyticsWorkspace("example", new()
* {
* Name = "example-workspace",
* Location = example.Location,
* ResourceGroupName = example.Name,
* Sku = "PerGB2018",
* });
* var exampleAnalyticsSolution = new Azure.OperationalInsights.AnalyticsSolution("example", new()
* {
* SolutionName = "SecurityInsights",
* Location = example.Location,
* ResourceGroupName = example.Name,
* WorkspaceResourceId = exampleAnalyticsWorkspace.Id,
* WorkspaceName = exampleAnalyticsWorkspace.Name,
* Plan = new Azure.OperationalInsights.Inputs.AnalyticsSolutionPlanArgs
* {
* Publisher = "Microsoft",
* Product = "OMSGallery/SecurityInsights",
* },
* });
* var exampleAlertRuleFusion = new Azure.Sentinel.AlertRuleFusion("example", new()
* {
* Name = "example-fusion-alert-rule",
* LogAnalyticsWorkspaceId = exampleAnalyticsSolution.WorkspaceResourceId,
* AlertRuleTemplateGuid = "f71aba3d-28fb-450b-b192-4e76a83015c8",
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/operationalinsights"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/sentinel"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
* Name: pulumi.String("example-resources"),
* Location: pulumi.String("West Europe"),
* })
* if err != nil {
* return err
* }
* exampleAnalyticsWorkspace, err := operationalinsights.NewAnalyticsWorkspace(ctx, "example", &operationalinsights.AnalyticsWorkspaceArgs{
* Name: pulumi.String("example-workspace"),
* Location: example.Location,
* ResourceGroupName: example.Name,
* Sku: pulumi.String("PerGB2018"),
* })
* if err != nil {
* return err
* }
* exampleAnalyticsSolution, err := operationalinsights.NewAnalyticsSolution(ctx, "example", &operationalinsights.AnalyticsSolutionArgs{
* SolutionName: pulumi.String("SecurityInsights"),
* Location: example.Location,
* ResourceGroupName: example.Name,
* WorkspaceResourceId: exampleAnalyticsWorkspace.ID(),
* WorkspaceName: exampleAnalyticsWorkspace.Name,
* Plan: &operationalinsights.AnalyticsSolutionPlanArgs{
* Publisher: pulumi.String("Microsoft"),
* Product: pulumi.String("OMSGallery/SecurityInsights"),
* },
* })
* if err != nil {
* return err
* }
* _, err = sentinel.NewAlertRuleFusion(ctx, "example", &sentinel.AlertRuleFusionArgs{
* Name: pulumi.String("example-fusion-alert-rule"),
* LogAnalyticsWorkspaceId: exampleAnalyticsSolution.WorkspaceResourceId,
* AlertRuleTemplateGuid: pulumi.String("f71aba3d-28fb-450b-b192-4e76a83015c8"),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.core.ResourceGroup;
* import com.pulumi.azure.core.ResourceGroupArgs;
* import com.pulumi.azure.operationalinsights.AnalyticsWorkspace;
* import com.pulumi.azure.operationalinsights.AnalyticsWorkspaceArgs;
* import com.pulumi.azure.operationalinsights.AnalyticsSolution;
* import com.pulumi.azure.operationalinsights.AnalyticsSolutionArgs;
* import com.pulumi.azure.operationalinsights.inputs.AnalyticsSolutionPlanArgs;
* import com.pulumi.azure.sentinel.AlertRuleFusion;
* import com.pulumi.azure.sentinel.AlertRuleFusionArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var example = new ResourceGroup("example", ResourceGroupArgs.builder()
* .name("example-resources")
* .location("West Europe")
* .build());
* var exampleAnalyticsWorkspace = new AnalyticsWorkspace("exampleAnalyticsWorkspace", AnalyticsWorkspaceArgs.builder()
* .name("example-workspace")
* .location(example.location())
* .resourceGroupName(example.name())
* .sku("PerGB2018")
* .build());
* var exampleAnalyticsSolution = new AnalyticsSolution("exampleAnalyticsSolution", AnalyticsSolutionArgs.builder()
* .solutionName("SecurityInsights")
* .location(example.location())
* .resourceGroupName(example.name())
* .workspaceResourceId(exampleAnalyticsWorkspace.id())
* .workspaceName(exampleAnalyticsWorkspace.name())
* .plan(AnalyticsSolutionPlanArgs.builder()
* .publisher("Microsoft")
* .product("OMSGallery/SecurityInsights")
* .build())
* .build());
* var exampleAlertRuleFusion = new AlertRuleFusion("exampleAlertRuleFusion", AlertRuleFusionArgs.builder()
* .name("example-fusion-alert-rule")
* .logAnalyticsWorkspaceId(exampleAnalyticsSolution.workspaceResourceId())
* .alertRuleTemplateGuid("f71aba3d-28fb-450b-b192-4e76a83015c8")
* .build());
* }
* }
* ```
* ```yaml
* resources:
* example:
* type: azure:core:ResourceGroup
* properties:
* name: example-resources
* location: West Europe
* exampleAnalyticsWorkspace:
* type: azure:operationalinsights:AnalyticsWorkspace
* name: example
* properties:
* name: example-workspace
* location: ${example.location}
* resourceGroupName: ${example.name}
* sku: PerGB2018
* exampleAnalyticsSolution:
* type: azure:operationalinsights:AnalyticsSolution
* name: example
* properties:
* solutionName: SecurityInsights
* location: ${example.location}
* resourceGroupName: ${example.name}
* workspaceResourceId: ${exampleAnalyticsWorkspace.id}
* workspaceName: ${exampleAnalyticsWorkspace.name}
* plan:
* publisher: Microsoft
* product: OMSGallery/SecurityInsights
* exampleAlertRuleFusion:
* type: azure:sentinel:AlertRuleFusion
* name: example
* properties:
* name: example-fusion-alert-rule
* logAnalyticsWorkspaceId: ${exampleAnalyticsSolution.workspaceResourceId}
* alertRuleTemplateGuid: f71aba3d-28fb-450b-b192-4e76a83015c8
* ```
*
* ## Import
* Sentinel Fusion Alert Rules can be imported using the `resource id`, e.g.
* ```sh
* $ pulumi import azure:sentinel/alertRuleFusion:AlertRuleFusion example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.OperationalInsights/workspaces/workspace1/providers/Microsoft.SecurityInsights/alertRules/rule1
* ```
* @property alertRuleTemplateGuid The GUID of the alert rule template which is used for this Sentinel Fusion Alert Rule. Changing this forces a new Sentinel Fusion Alert Rule to be created.
* @property enabled Should this Sentinel Fusion Alert Rule be enabled? Defaults to `true`.
* @property logAnalyticsWorkspaceId The ID of the Log Analytics Workspace this Sentinel Fusion Alert Rule belongs to. Changing this forces a new Sentinel Fusion Alert Rule to be created.
* @property name The name which should be used for this Sentinel Fusion Alert Rule. Changing this forces a new Sentinel Fusion Alert Rule to be created.
* @property sources One or more `source` blocks as defined below.
*/
public data class AlertRuleFusionArgs(
public val alertRuleTemplateGuid: Output? = null,
public val enabled: Output? = null,
public val logAnalyticsWorkspaceId: Output? = null,
public val name: Output? = null,
public val sources: Output>? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.azure.sentinel.AlertRuleFusionArgs =
com.pulumi.azure.sentinel.AlertRuleFusionArgs.builder()
.alertRuleTemplateGuid(alertRuleTemplateGuid?.applyValue({ args0 -> args0 }))
.enabled(enabled?.applyValue({ args0 -> args0 }))
.logAnalyticsWorkspaceId(logAnalyticsWorkspaceId?.applyValue({ args0 -> args0 }))
.name(name?.applyValue({ args0 -> args0 }))
.sources(
sources?.applyValue({ args0 ->
args0.map({ args0 ->
args0.let({ args0 ->
args0.toJava()
})
})
}),
).build()
}
/**
* Builder for [AlertRuleFusionArgs].
*/
@PulumiTagMarker
public class AlertRuleFusionArgsBuilder internal constructor() {
private var alertRuleTemplateGuid: Output? = null
private var enabled: Output? = null
private var logAnalyticsWorkspaceId: Output? = null
private var name: Output? = null
private var sources: Output>? = null
/**
* @param value The GUID of the alert rule template which is used for this Sentinel Fusion Alert Rule. Changing this forces a new Sentinel Fusion Alert Rule to be created.
*/
@JvmName("ypgjkhanibwthlku")
public suspend fun alertRuleTemplateGuid(`value`: Output) {
this.alertRuleTemplateGuid = value
}
/**
* @param value Should this Sentinel Fusion Alert Rule be enabled? Defaults to `true`.
*/
@JvmName("muifthjoexryjhme")
public suspend fun enabled(`value`: Output) {
this.enabled = value
}
/**
* @param value The ID of the Log Analytics Workspace this Sentinel Fusion Alert Rule belongs to. Changing this forces a new Sentinel Fusion Alert Rule to be created.
*/
@JvmName("riqmvgkwifdmbnym")
public suspend fun logAnalyticsWorkspaceId(`value`: Output) {
this.logAnalyticsWorkspaceId = value
}
/**
* @param value The name which should be used for this Sentinel Fusion Alert Rule. Changing this forces a new Sentinel Fusion Alert Rule to be created.
*/
@JvmName("hastdohhhkldtaor")
public suspend fun name(`value`: Output) {
this.name = value
}
/**
* @param value One or more `source` blocks as defined below.
*/
@JvmName("rlvwvbeobjeiyfqv")
public suspend fun sources(`value`: Output>) {
this.sources = value
}
@JvmName("lvasydedyleiilhh")
public suspend fun sources(vararg values: Output) {
this.sources = Output.all(values.asList())
}
/**
* @param values One or more `source` blocks as defined below.
*/
@JvmName("uhdbvwvhbwpybeij")
public suspend fun sources(values: List>) {
this.sources = Output.all(values)
}
/**
* @param value The GUID of the alert rule template which is used for this Sentinel Fusion Alert Rule. Changing this forces a new Sentinel Fusion Alert Rule to be created.
*/
@JvmName("dwduaophlniqspum")
public suspend fun alertRuleTemplateGuid(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.alertRuleTemplateGuid = mapped
}
/**
* @param value Should this Sentinel Fusion Alert Rule be enabled? Defaults to `true`.
*/
@JvmName("obwqejeggmnimdkm")
public suspend fun enabled(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.enabled = mapped
}
/**
* @param value The ID of the Log Analytics Workspace this Sentinel Fusion Alert Rule belongs to. Changing this forces a new Sentinel Fusion Alert Rule to be created.
*/
@JvmName("vklowurymsymvyvn")
public suspend fun logAnalyticsWorkspaceId(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.logAnalyticsWorkspaceId = mapped
}
/**
* @param value The name which should be used for this Sentinel Fusion Alert Rule. Changing this forces a new Sentinel Fusion Alert Rule to be created.
*/
@JvmName("jpkjbkigfhyrghmy")
public suspend fun name(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.name = mapped
}
/**
* @param value One or more `source` blocks as defined below.
*/
@JvmName("yxoqgkobdpsybuoo")
public suspend fun sources(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.sources = mapped
}
/**
* @param argument One or more `source` blocks as defined below.
*/
@JvmName("umandrnnhwimdqhv")
public suspend fun sources(argument: List Unit>) {
val toBeMapped = argument.toList().map {
AlertRuleFusionSourceArgsBuilder().applySuspend {
it()
}.build()
}
val mapped = of(toBeMapped)
this.sources = mapped
}
/**
* @param argument One or more `source` blocks as defined below.
*/
@JvmName("fwaaqifkpkoskgvj")
public suspend fun sources(vararg argument: suspend AlertRuleFusionSourceArgsBuilder.() -> Unit) {
val toBeMapped = argument.toList().map {
AlertRuleFusionSourceArgsBuilder().applySuspend {
it()
}.build()
}
val mapped = of(toBeMapped)
this.sources = mapped
}
/**
* @param argument One or more `source` blocks as defined below.
*/
@JvmName("lusnulkiyuyhaxtx")
public suspend fun sources(argument: suspend AlertRuleFusionSourceArgsBuilder.() -> Unit) {
val toBeMapped = listOf(AlertRuleFusionSourceArgsBuilder().applySuspend { argument() }.build())
val mapped = of(toBeMapped)
this.sources = mapped
}
/**
* @param values One or more `source` blocks as defined below.
*/
@JvmName("iqibkoigsriojhmb")
public suspend fun sources(vararg values: AlertRuleFusionSourceArgs) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.sources = mapped
}
internal fun build(): AlertRuleFusionArgs = AlertRuleFusionArgs(
alertRuleTemplateGuid = alertRuleTemplateGuid,
enabled = enabled,
logAnalyticsWorkspaceId = logAnalyticsWorkspaceId,
name = name,
sources = sources,
)
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy