Docs
PackagesWe recommend using Azure Native.
Azure Classic v5.81.0 published on Monday, Jun 24, 2024 by Pulumi
azure.securitycenter.StorageDefender
Explore with Pulumi AI
Manages the Defender for Storage.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = new azure.core.ResourceGroup("example", {
name: "example-rg",
location: "westus2",
});
const exampleAccount = new azure.storage.Account("example", {
name: "exampleacc",
resourceGroupName: example.name,
location: example.location,
accountTier: "Standard",
accountReplicationType: "LRS",
});
const exampleStorageDefender = new azure.securitycenter.StorageDefender("example", {storageAccountId: exampleAccount.id});
import pulumi
import pulumi_azure as azure
example = azure.core.ResourceGroup("example",
name="example-rg",
location="westus2")
example_account = azure.storage.Account("example",
name="exampleacc",
resource_group_name=example.name,
location=example.location,
account_tier="Standard",
account_replication_type="LRS")
example_storage_defender = azure.securitycenter.StorageDefender("example", storage_account_id=example_account.id)
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/securitycenter"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/storage"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("example-rg"),
Location: pulumi.String("westus2"),
})
if err != nil {
return err
}
exampleAccount, err := storage.NewAccount(ctx, "example", &storage.AccountArgs{
Name: pulumi.String("exampleacc"),
ResourceGroupName: example.Name,
Location: example.Location,
AccountTier: pulumi.String("Standard"),
AccountReplicationType: pulumi.String("LRS"),
})
if err != nil {
return err
}
_, err = securitycenter.NewStorageDefender(ctx, "example", &securitycenter.StorageDefenderArgs{
StorageAccountId: exampleAccount.ID(),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var example = new Azure.Core.ResourceGroup("example", new()
{
Name = "example-rg",
Location = "westus2",
});
var exampleAccount = new Azure.Storage.Account("example", new()
{
Name = "exampleacc",
ResourceGroupName = example.Name,
Location = example.Location,
AccountTier = "Standard",
AccountReplicationType = "LRS",
});
var exampleStorageDefender = new Azure.SecurityCenter.StorageDefender("example", new()
{
StorageAccountId = exampleAccount.Id,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.storage.Account;
import com.pulumi.azure.storage.AccountArgs;
import com.pulumi.azure.securitycenter.StorageDefender;
import com.pulumi.azure.securitycenter.StorageDefenderArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.name("example-rg")
.location("westus2")
.build());
var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
.name("exampleacc")
.resourceGroupName(example.name())
.location(example.location())
.accountTier("Standard")
.accountReplicationType("LRS")
.build());
var exampleStorageDefender = new StorageDefender("exampleStorageDefender", StorageDefenderArgs.builder()
.storageAccountId(exampleAccount.id())
.build());
}
}
resources:
example:
type: azure:core:ResourceGroup
properties:
name: example-rg
location: westus2
exampleAccount:
type: azure:storage:Account
name: example
properties:
name: exampleacc
resourceGroupName: ${example.name}
location: ${example.location}
accountTier: Standard
accountReplicationType: LRS
exampleStorageDefender:
type: azure:securitycenter:StorageDefender
name: example
properties:
storageAccountId: ${exampleAccount.id}
Create StorageDefender Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new StorageDefender(name: string, args: StorageDefenderArgs, opts?: CustomResourceOptions);@overload
def StorageDefender(resource_name: str,
args: StorageDefenderArgs,
opts: Optional[ResourceOptions] = None)
@overload
def StorageDefender(resource_name: str,
opts: Optional[ResourceOptions] = None,
storage_account_id: Optional[str] = None,
malware_scanning_on_upload_cap_gb_per_month: Optional[int] = None,
malware_scanning_on_upload_enabled: Optional[bool] = None,
override_subscription_settings_enabled: Optional[bool] = None,
sensitive_data_discovery_enabled: Optional[bool] = None)func NewStorageDefender(ctx *Context, name string, args StorageDefenderArgs, opts ...ResourceOption) (*StorageDefender, error)public StorageDefender(string name, StorageDefenderArgs args, CustomResourceOptions? opts = null)
public StorageDefender(String name, StorageDefenderArgs args)
public StorageDefender(String name, StorageDefenderArgs args, CustomResourceOptions options)
type: azure:securitycenter:StorageDefender
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args StorageDefenderArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args StorageDefenderArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args StorageDefenderArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args StorageDefenderArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args StorageDefenderArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var storageDefenderResource = new Azure.SecurityCenter.StorageDefender("storageDefenderResource", new()
{
StorageAccountId = "string",
MalwareScanningOnUploadCapGbPerMonth = 0,
MalwareScanningOnUploadEnabled = false,
OverrideSubscriptionSettingsEnabled = false,
SensitiveDataDiscoveryEnabled = false,
});
example, err := securitycenter.NewStorageDefender(ctx, "storageDefenderResource", &securitycenter.StorageDefenderArgs{
StorageAccountId: pulumi.String("string"),
MalwareScanningOnUploadCapGbPerMonth: pulumi.Int(0),
MalwareScanningOnUploadEnabled: pulumi.Bool(false),
OverrideSubscriptionSettingsEnabled: pulumi.Bool(false),
SensitiveDataDiscoveryEnabled: pulumi.Bool(false),
})
var storageDefenderResource = new StorageDefender("storageDefenderResource", StorageDefenderArgs.builder()
.storageAccountId("string")
.malwareScanningOnUploadCapGbPerMonth(0)
.malwareScanningOnUploadEnabled(false)
.overrideSubscriptionSettingsEnabled(false)
.sensitiveDataDiscoveryEnabled(false)
.build());
storage_defender_resource = azure.securitycenter.StorageDefender("storageDefenderResource",
storage_account_id="string",
malware_scanning_on_upload_cap_gb_per_month=0,
malware_scanning_on_upload_enabled=False,
override_subscription_settings_enabled=False,
sensitive_data_discovery_enabled=False)
const storageDefenderResource = new azure.securitycenter.StorageDefender("storageDefenderResource", {
storageAccountId: "string",
malwareScanningOnUploadCapGbPerMonth: 0,
malwareScanningOnUploadEnabled: false,
overrideSubscriptionSettingsEnabled: false,
sensitiveDataDiscoveryEnabled: false,
});
type: azure:securitycenter:StorageDefender
properties:
malwareScanningOnUploadCapGbPerMonth: 0
malwareScanningOnUploadEnabled: false
overrideSubscriptionSettingsEnabled: false
sensitiveDataDiscoveryEnabled: false
storageAccountId: string
StorageDefender Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The StorageDefender resource accepts the following input properties:
- Storage
Account stringId - The ID of the storage account the defender applied to. Changing this forces a new resource to be created.
- Malware
Scanning intOn Upload Cap Gb Per Month - The max GB to be scanned per Month. Must be
-1or above0. Omit this property or set to-1if no capping is needed. Defaults to-1. - Malware
Scanning boolOn Upload Enabled - Whether On Upload malware scanning should be enabled. Defaults to
false. - Override
Subscription boolSettings Enabled - Whether the settings defined for this storage account should override the settings defined for the subscription. Defaults to
false. - Sensitive
Data boolDiscovery Enabled - Whether Sensitive Data Discovery should be enabled. Defaults to
false.
- Storage
Account stringId - The ID of the storage account the defender applied to. Changing this forces a new resource to be created.
- Malware
Scanning intOn Upload Cap Gb Per Month - The max GB to be scanned per Month. Must be
-1or above0. Omit this property or set to-1if no capping is needed. Defaults to-1. - Malware
Scanning boolOn Upload Enabled - Whether On Upload malware scanning should be enabled. Defaults to
false. - Override
Subscription boolSettings Enabled - Whether the settings defined for this storage account should override the settings defined for the subscription. Defaults to
false. - Sensitive
Data boolDiscovery Enabled - Whether Sensitive Data Discovery should be enabled. Defaults to
false.
- storage
Account StringId - The ID of the storage account the defender applied to. Changing this forces a new resource to be created.
- malware
Scanning IntegerOn Upload Cap Gb Per Month - The max GB to be scanned per Month. Must be
-1or above0. Omit this property or set to-1if no capping is needed. Defaults to-1. - malware
Scanning BooleanOn Upload Enabled - Whether On Upload malware scanning should be enabled. Defaults to
false. - override
Subscription BooleanSettings Enabled - Whether the settings defined for this storage account should override the settings defined for the subscription. Defaults to
false. - sensitive
Data BooleanDiscovery Enabled - Whether Sensitive Data Discovery should be enabled. Defaults to
false.
- storage
Account stringId - The ID of the storage account the defender applied to. Changing this forces a new resource to be created.
- malware
Scanning numberOn Upload Cap Gb Per Month - The max GB to be scanned per Month. Must be
-1or above0. Omit this property or set to-1if no capping is needed. Defaults to-1. - malware
Scanning booleanOn Upload Enabled - Whether On Upload malware scanning should be enabled. Defaults to
false. - override
Subscription booleanSettings Enabled - Whether the settings defined for this storage account should override the settings defined for the subscription. Defaults to
false. - sensitive
Data booleanDiscovery Enabled - Whether Sensitive Data Discovery should be enabled. Defaults to
false.
- storage_
account_ strid - The ID of the storage account the defender applied to. Changing this forces a new resource to be created.
- malware_
scanning_ inton_ upload_ cap_ gb_ per_ month - The max GB to be scanned per Month. Must be
-1or above0. Omit this property or set to-1if no capping is needed. Defaults to-1. - malware_
scanning_ boolon_ upload_ enabled - Whether On Upload malware scanning should be enabled. Defaults to
false. - override_
subscription_ boolsettings_ enabled - Whether the settings defined for this storage account should override the settings defined for the subscription. Defaults to
false. - sensitive_
data_ booldiscovery_ enabled - Whether Sensitive Data Discovery should be enabled. Defaults to
false.
- storage
Account StringId - The ID of the storage account the defender applied to. Changing this forces a new resource to be created.
- malware
Scanning NumberOn Upload Cap Gb Per Month - The max GB to be scanned per Month. Must be
-1or above0. Omit this property or set to-1if no capping is needed. Defaults to-1. - malware
Scanning BooleanOn Upload Enabled - Whether On Upload malware scanning should be enabled. Defaults to
false. - override
Subscription BooleanSettings Enabled - Whether the settings defined for this storage account should override the settings defined for the subscription. Defaults to
false. - sensitive
Data BooleanDiscovery Enabled - Whether Sensitive Data Discovery should be enabled. Defaults to
false.
Outputs
All input properties are implicitly available as output properties. Additionally, the StorageDefender resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing StorageDefender Resource
Get an existing StorageDefender resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: StorageDefenderState, opts?: CustomResourceOptions): StorageDefender@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
malware_scanning_on_upload_cap_gb_per_month: Optional[int] = None,
malware_scanning_on_upload_enabled: Optional[bool] = None,
override_subscription_settings_enabled: Optional[bool] = None,
sensitive_data_discovery_enabled: Optional[bool] = None,
storage_account_id: Optional[str] = None) -> StorageDefenderfunc GetStorageDefender(ctx *Context, name string, id IDInput, state *StorageDefenderState, opts ...ResourceOption) (*StorageDefender, error)public static StorageDefender Get(string name, Input<string> id, StorageDefenderState? state, CustomResourceOptions? opts = null)public static StorageDefender get(String name, Output<String> id, StorageDefenderState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Malware
Scanning intOn Upload Cap Gb Per Month - The max GB to be scanned per Month. Must be
-1or above0. Omit this property or set to-1if no capping is needed. Defaults to-1. - Malware
Scanning boolOn Upload Enabled - Whether On Upload malware scanning should be enabled. Defaults to
false. - Override
Subscription boolSettings Enabled - Whether the settings defined for this storage account should override the settings defined for the subscription. Defaults to
false. - Sensitive
Data boolDiscovery Enabled - Whether Sensitive Data Discovery should be enabled. Defaults to
false. - Storage
Account stringId - The ID of the storage account the defender applied to. Changing this forces a new resource to be created.
- Malware
Scanning intOn Upload Cap Gb Per Month - The max GB to be scanned per Month. Must be
-1or above0. Omit this property or set to-1if no capping is needed. Defaults to-1. - Malware
Scanning boolOn Upload Enabled - Whether On Upload malware scanning should be enabled. Defaults to
false. - Override
Subscription boolSettings Enabled - Whether the settings defined for this storage account should override the settings defined for the subscription. Defaults to
false. - Sensitive
Data boolDiscovery Enabled - Whether Sensitive Data Discovery should be enabled. Defaults to
false. - Storage
Account stringId - The ID of the storage account the defender applied to. Changing this forces a new resource to be created.
- malware
Scanning IntegerOn Upload Cap Gb Per Month - The max GB to be scanned per Month. Must be
-1or above0. Omit this property or set to-1if no capping is needed. Defaults to-1. - malware
Scanning BooleanOn Upload Enabled - Whether On Upload malware scanning should be enabled. Defaults to
false. - override
Subscription BooleanSettings Enabled - Whether the settings defined for this storage account should override the settings defined for the subscription. Defaults to
false. - sensitive
Data BooleanDiscovery Enabled - Whether Sensitive Data Discovery should be enabled. Defaults to
false. - storage
Account StringId - The ID of the storage account the defender applied to. Changing this forces a new resource to be created.
- malware
Scanning numberOn Upload Cap Gb Per Month - The max GB to be scanned per Month. Must be
-1or above0. Omit this property or set to-1if no capping is needed. Defaults to-1. - malware
Scanning booleanOn Upload Enabled - Whether On Upload malware scanning should be enabled. Defaults to
false. - override
Subscription booleanSettings Enabled - Whether the settings defined for this storage account should override the settings defined for the subscription. Defaults to
false. - sensitive
Data booleanDiscovery Enabled - Whether Sensitive Data Discovery should be enabled. Defaults to
false. - storage
Account stringId - The ID of the storage account the defender applied to. Changing this forces a new resource to be created.
- malware_
scanning_ inton_ upload_ cap_ gb_ per_ month - The max GB to be scanned per Month. Must be
-1or above0. Omit this property or set to-1if no capping is needed. Defaults to-1. - malware_
scanning_ boolon_ upload_ enabled - Whether On Upload malware scanning should be enabled. Defaults to
false. - override_
subscription_ boolsettings_ enabled - Whether the settings defined for this storage account should override the settings defined for the subscription. Defaults to
false. - sensitive_
data_ booldiscovery_ enabled - Whether Sensitive Data Discovery should be enabled. Defaults to
false. - storage_
account_ strid - The ID of the storage account the defender applied to. Changing this forces a new resource to be created.
- malware
Scanning NumberOn Upload Cap Gb Per Month - The max GB to be scanned per Month. Must be
-1or above0. Omit this property or set to-1if no capping is needed. Defaults to-1. - malware
Scanning BooleanOn Upload Enabled - Whether On Upload malware scanning should be enabled. Defaults to
false. - override
Subscription BooleanSettings Enabled - Whether the settings defined for this storage account should override the settings defined for the subscription. Defaults to
false. - sensitive
Data BooleanDiscovery Enabled - Whether Sensitive Data Discovery should be enabled. Defaults to
false. - storage
Account StringId - The ID of the storage account the defender applied to. Changing this forces a new resource to be created.
Import
The setting can be imported using the resource id, e.g.
$ pulumi import azure:securitycenter/storageDefender:StorageDefender example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Storage/storageAccounts/storageacc
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Azure Classic pulumi/pulumi-azure
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
azurermTerraform Provider.