1. Packages
  2. Azure Classic
  3. API Docs
  4. securitycenter
  5. StorageDefender

We recommend using Azure Native.

Azure Classic v5.81.0 published on Monday, Jun 24, 2024 by Pulumi

azure.securitycenter.StorageDefender

Explore with Pulumi AI

azure logo

We recommend using Azure Native.

Azure Classic v5.81.0 published on Monday, Jun 24, 2024 by Pulumi

    Manages the Defender for Storage.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as azure from "@pulumi/azure";
    
    const example = new azure.core.ResourceGroup("example", {
        name: "example-rg",
        location: "westus2",
    });
    const exampleAccount = new azure.storage.Account("example", {
        name: "exampleacc",
        resourceGroupName: example.name,
        location: example.location,
        accountTier: "Standard",
        accountReplicationType: "LRS",
    });
    const exampleStorageDefender = new azure.securitycenter.StorageDefender("example", {storageAccountId: exampleAccount.id});
    
    import pulumi
    import pulumi_azure as azure
    
    example = azure.core.ResourceGroup("example",
        name="example-rg",
        location="westus2")
    example_account = azure.storage.Account("example",
        name="exampleacc",
        resource_group_name=example.name,
        location=example.location,
        account_tier="Standard",
        account_replication_type="LRS")
    example_storage_defender = azure.securitycenter.StorageDefender("example", storage_account_id=example_account.id)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
    	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/securitycenter"
    	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/storage"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
    			Name:     pulumi.String("example-rg"),
    			Location: pulumi.String("westus2"),
    		})
    		if err != nil {
    			return err
    		}
    		exampleAccount, err := storage.NewAccount(ctx, "example", &storage.AccountArgs{
    			Name:                   pulumi.String("exampleacc"),
    			ResourceGroupName:      example.Name,
    			Location:               example.Location,
    			AccountTier:            pulumi.String("Standard"),
    			AccountReplicationType: pulumi.String("LRS"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = securitycenter.NewStorageDefender(ctx, "example", &securitycenter.StorageDefenderArgs{
    			StorageAccountId: exampleAccount.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Azure = Pulumi.Azure;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Azure.Core.ResourceGroup("example", new()
        {
            Name = "example-rg",
            Location = "westus2",
        });
    
        var exampleAccount = new Azure.Storage.Account("example", new()
        {
            Name = "exampleacc",
            ResourceGroupName = example.Name,
            Location = example.Location,
            AccountTier = "Standard",
            AccountReplicationType = "LRS",
        });
    
        var exampleStorageDefender = new Azure.SecurityCenter.StorageDefender("example", new()
        {
            StorageAccountId = exampleAccount.Id,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azure.core.ResourceGroup;
    import com.pulumi.azure.core.ResourceGroupArgs;
    import com.pulumi.azure.storage.Account;
    import com.pulumi.azure.storage.AccountArgs;
    import com.pulumi.azure.securitycenter.StorageDefender;
    import com.pulumi.azure.securitycenter.StorageDefenderArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new ResourceGroup("example", ResourceGroupArgs.builder()
                .name("example-rg")
                .location("westus2")
                .build());
    
            var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
                .name("exampleacc")
                .resourceGroupName(example.name())
                .location(example.location())
                .accountTier("Standard")
                .accountReplicationType("LRS")
                .build());
    
            var exampleStorageDefender = new StorageDefender("exampleStorageDefender", StorageDefenderArgs.builder()
                .storageAccountId(exampleAccount.id())
                .build());
    
        }
    }
    
    resources:
      example:
        type: azure:core:ResourceGroup
        properties:
          name: example-rg
          location: westus2
      exampleAccount:
        type: azure:storage:Account
        name: example
        properties:
          name: exampleacc
          resourceGroupName: ${example.name}
          location: ${example.location}
          accountTier: Standard
          accountReplicationType: LRS
      exampleStorageDefender:
        type: azure:securitycenter:StorageDefender
        name: example
        properties:
          storageAccountId: ${exampleAccount.id}
    

    Create StorageDefender Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new StorageDefender(name: string, args: StorageDefenderArgs, opts?: CustomResourceOptions);
    @overload
    def StorageDefender(resource_name: str,
                        args: StorageDefenderArgs,
                        opts: Optional[ResourceOptions] = None)
    
    @overload
    def StorageDefender(resource_name: str,
                        opts: Optional[ResourceOptions] = None,
                        storage_account_id: Optional[str] = None,
                        malware_scanning_on_upload_cap_gb_per_month: Optional[int] = None,
                        malware_scanning_on_upload_enabled: Optional[bool] = None,
                        override_subscription_settings_enabled: Optional[bool] = None,
                        sensitive_data_discovery_enabled: Optional[bool] = None)
    func NewStorageDefender(ctx *Context, name string, args StorageDefenderArgs, opts ...ResourceOption) (*StorageDefender, error)
    public StorageDefender(string name, StorageDefenderArgs args, CustomResourceOptions? opts = null)
    public StorageDefender(String name, StorageDefenderArgs args)
    public StorageDefender(String name, StorageDefenderArgs args, CustomResourceOptions options)
    
    type: azure:securitycenter:StorageDefender
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args StorageDefenderArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args StorageDefenderArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args StorageDefenderArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args StorageDefenderArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args StorageDefenderArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var storageDefenderResource = new Azure.SecurityCenter.StorageDefender("storageDefenderResource", new()
    {
        StorageAccountId = "string",
        MalwareScanningOnUploadCapGbPerMonth = 0,
        MalwareScanningOnUploadEnabled = false,
        OverrideSubscriptionSettingsEnabled = false,
        SensitiveDataDiscoveryEnabled = false,
    });
    
    example, err := securitycenter.NewStorageDefender(ctx, "storageDefenderResource", &securitycenter.StorageDefenderArgs{
    	StorageAccountId:                     pulumi.String("string"),
    	MalwareScanningOnUploadCapGbPerMonth: pulumi.Int(0),
    	MalwareScanningOnUploadEnabled:       pulumi.Bool(false),
    	OverrideSubscriptionSettingsEnabled:  pulumi.Bool(false),
    	SensitiveDataDiscoveryEnabled:        pulumi.Bool(false),
    })
    
    var storageDefenderResource = new StorageDefender("storageDefenderResource", StorageDefenderArgs.builder()
        .storageAccountId("string")
        .malwareScanningOnUploadCapGbPerMonth(0)
        .malwareScanningOnUploadEnabled(false)
        .overrideSubscriptionSettingsEnabled(false)
        .sensitiveDataDiscoveryEnabled(false)
        .build());
    
    storage_defender_resource = azure.securitycenter.StorageDefender("storageDefenderResource",
        storage_account_id="string",
        malware_scanning_on_upload_cap_gb_per_month=0,
        malware_scanning_on_upload_enabled=False,
        override_subscription_settings_enabled=False,
        sensitive_data_discovery_enabled=False)
    
    const storageDefenderResource = new azure.securitycenter.StorageDefender("storageDefenderResource", {
        storageAccountId: "string",
        malwareScanningOnUploadCapGbPerMonth: 0,
        malwareScanningOnUploadEnabled: false,
        overrideSubscriptionSettingsEnabled: false,
        sensitiveDataDiscoveryEnabled: false,
    });
    
    type: azure:securitycenter:StorageDefender
    properties:
        malwareScanningOnUploadCapGbPerMonth: 0
        malwareScanningOnUploadEnabled: false
        overrideSubscriptionSettingsEnabled: false
        sensitiveDataDiscoveryEnabled: false
        storageAccountId: string
    

    StorageDefender Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The StorageDefender resource accepts the following input properties:

    StorageAccountId string
    The ID of the storage account the defender applied to. Changing this forces a new resource to be created.
    MalwareScanningOnUploadCapGbPerMonth int
    The max GB to be scanned per Month. Must be -1 or above 0. Omit this property or set to -1 if no capping is needed. Defaults to -1.
    MalwareScanningOnUploadEnabled bool
    Whether On Upload malware scanning should be enabled. Defaults to false.
    OverrideSubscriptionSettingsEnabled bool
    Whether the settings defined for this storage account should override the settings defined for the subscription. Defaults to false.
    SensitiveDataDiscoveryEnabled bool
    Whether Sensitive Data Discovery should be enabled. Defaults to false.
    StorageAccountId string
    The ID of the storage account the defender applied to. Changing this forces a new resource to be created.
    MalwareScanningOnUploadCapGbPerMonth int
    The max GB to be scanned per Month. Must be -1 or above 0. Omit this property or set to -1 if no capping is needed. Defaults to -1.
    MalwareScanningOnUploadEnabled bool
    Whether On Upload malware scanning should be enabled. Defaults to false.
    OverrideSubscriptionSettingsEnabled bool
    Whether the settings defined for this storage account should override the settings defined for the subscription. Defaults to false.
    SensitiveDataDiscoveryEnabled bool
    Whether Sensitive Data Discovery should be enabled. Defaults to false.
    storageAccountId String
    The ID of the storage account the defender applied to. Changing this forces a new resource to be created.
    malwareScanningOnUploadCapGbPerMonth Integer
    The max GB to be scanned per Month. Must be -1 or above 0. Omit this property or set to -1 if no capping is needed. Defaults to -1.
    malwareScanningOnUploadEnabled Boolean
    Whether On Upload malware scanning should be enabled. Defaults to false.
    overrideSubscriptionSettingsEnabled Boolean
    Whether the settings defined for this storage account should override the settings defined for the subscription. Defaults to false.
    sensitiveDataDiscoveryEnabled Boolean
    Whether Sensitive Data Discovery should be enabled. Defaults to false.
    storageAccountId string
    The ID of the storage account the defender applied to. Changing this forces a new resource to be created.
    malwareScanningOnUploadCapGbPerMonth number
    The max GB to be scanned per Month. Must be -1 or above 0. Omit this property or set to -1 if no capping is needed. Defaults to -1.
    malwareScanningOnUploadEnabled boolean
    Whether On Upload malware scanning should be enabled. Defaults to false.
    overrideSubscriptionSettingsEnabled boolean
    Whether the settings defined for this storage account should override the settings defined for the subscription. Defaults to false.
    sensitiveDataDiscoveryEnabled boolean
    Whether Sensitive Data Discovery should be enabled. Defaults to false.
    storage_account_id str
    The ID of the storage account the defender applied to. Changing this forces a new resource to be created.
    malware_scanning_on_upload_cap_gb_per_month int
    The max GB to be scanned per Month. Must be -1 or above 0. Omit this property or set to -1 if no capping is needed. Defaults to -1.
    malware_scanning_on_upload_enabled bool
    Whether On Upload malware scanning should be enabled. Defaults to false.
    override_subscription_settings_enabled bool
    Whether the settings defined for this storage account should override the settings defined for the subscription. Defaults to false.
    sensitive_data_discovery_enabled bool
    Whether Sensitive Data Discovery should be enabled. Defaults to false.
    storageAccountId String
    The ID of the storage account the defender applied to. Changing this forces a new resource to be created.
    malwareScanningOnUploadCapGbPerMonth Number
    The max GB to be scanned per Month. Must be -1 or above 0. Omit this property or set to -1 if no capping is needed. Defaults to -1.
    malwareScanningOnUploadEnabled Boolean
    Whether On Upload malware scanning should be enabled. Defaults to false.
    overrideSubscriptionSettingsEnabled Boolean
    Whether the settings defined for this storage account should override the settings defined for the subscription. Defaults to false.
    sensitiveDataDiscoveryEnabled Boolean
    Whether Sensitive Data Discovery should be enabled. Defaults to false.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the StorageDefender resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing StorageDefender Resource

    Get an existing StorageDefender resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: StorageDefenderState, opts?: CustomResourceOptions): StorageDefender
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            malware_scanning_on_upload_cap_gb_per_month: Optional[int] = None,
            malware_scanning_on_upload_enabled: Optional[bool] = None,
            override_subscription_settings_enabled: Optional[bool] = None,
            sensitive_data_discovery_enabled: Optional[bool] = None,
            storage_account_id: Optional[str] = None) -> StorageDefender
    func GetStorageDefender(ctx *Context, name string, id IDInput, state *StorageDefenderState, opts ...ResourceOption) (*StorageDefender, error)
    public static StorageDefender Get(string name, Input<string> id, StorageDefenderState? state, CustomResourceOptions? opts = null)
    public static StorageDefender get(String name, Output<String> id, StorageDefenderState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    MalwareScanningOnUploadCapGbPerMonth int
    The max GB to be scanned per Month. Must be -1 or above 0. Omit this property or set to -1 if no capping is needed. Defaults to -1.
    MalwareScanningOnUploadEnabled bool
    Whether On Upload malware scanning should be enabled. Defaults to false.
    OverrideSubscriptionSettingsEnabled bool
    Whether the settings defined for this storage account should override the settings defined for the subscription. Defaults to false.
    SensitiveDataDiscoveryEnabled bool
    Whether Sensitive Data Discovery should be enabled. Defaults to false.
    StorageAccountId string
    The ID of the storage account the defender applied to. Changing this forces a new resource to be created.
    MalwareScanningOnUploadCapGbPerMonth int
    The max GB to be scanned per Month. Must be -1 or above 0. Omit this property or set to -1 if no capping is needed. Defaults to -1.
    MalwareScanningOnUploadEnabled bool
    Whether On Upload malware scanning should be enabled. Defaults to false.
    OverrideSubscriptionSettingsEnabled bool
    Whether the settings defined for this storage account should override the settings defined for the subscription. Defaults to false.
    SensitiveDataDiscoveryEnabled bool
    Whether Sensitive Data Discovery should be enabled. Defaults to false.
    StorageAccountId string
    The ID of the storage account the defender applied to. Changing this forces a new resource to be created.
    malwareScanningOnUploadCapGbPerMonth Integer
    The max GB to be scanned per Month. Must be -1 or above 0. Omit this property or set to -1 if no capping is needed. Defaults to -1.
    malwareScanningOnUploadEnabled Boolean
    Whether On Upload malware scanning should be enabled. Defaults to false.
    overrideSubscriptionSettingsEnabled Boolean
    Whether the settings defined for this storage account should override the settings defined for the subscription. Defaults to false.
    sensitiveDataDiscoveryEnabled Boolean
    Whether Sensitive Data Discovery should be enabled. Defaults to false.
    storageAccountId String
    The ID of the storage account the defender applied to. Changing this forces a new resource to be created.
    malwareScanningOnUploadCapGbPerMonth number
    The max GB to be scanned per Month. Must be -1 or above 0. Omit this property or set to -1 if no capping is needed. Defaults to -1.
    malwareScanningOnUploadEnabled boolean
    Whether On Upload malware scanning should be enabled. Defaults to false.
    overrideSubscriptionSettingsEnabled boolean
    Whether the settings defined for this storage account should override the settings defined for the subscription. Defaults to false.
    sensitiveDataDiscoveryEnabled boolean
    Whether Sensitive Data Discovery should be enabled. Defaults to false.
    storageAccountId string
    The ID of the storage account the defender applied to. Changing this forces a new resource to be created.
    malware_scanning_on_upload_cap_gb_per_month int
    The max GB to be scanned per Month. Must be -1 or above 0. Omit this property or set to -1 if no capping is needed. Defaults to -1.
    malware_scanning_on_upload_enabled bool
    Whether On Upload malware scanning should be enabled. Defaults to false.
    override_subscription_settings_enabled bool
    Whether the settings defined for this storage account should override the settings defined for the subscription. Defaults to false.
    sensitive_data_discovery_enabled bool
    Whether Sensitive Data Discovery should be enabled. Defaults to false.
    storage_account_id str
    The ID of the storage account the defender applied to. Changing this forces a new resource to be created.
    malwareScanningOnUploadCapGbPerMonth Number
    The max GB to be scanned per Month. Must be -1 or above 0. Omit this property or set to -1 if no capping is needed. Defaults to -1.
    malwareScanningOnUploadEnabled Boolean
    Whether On Upload malware scanning should be enabled. Defaults to false.
    overrideSubscriptionSettingsEnabled Boolean
    Whether the settings defined for this storage account should override the settings defined for the subscription. Defaults to false.
    sensitiveDataDiscoveryEnabled Boolean
    Whether Sensitive Data Discovery should be enabled. Defaults to false.
    storageAccountId String
    The ID of the storage account the defender applied to. Changing this forces a new resource to be created.

    Import

    The setting can be imported using the resource id, e.g.

    $ pulumi import azure:securitycenter/storageDefender:StorageDefender example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Storage/storageAccounts/storageacc
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Azure Classic pulumi/pulumi-azure
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the azurerm Terraform Provider.
    azure logo

    We recommend using Azure Native.

    Azure Classic v5.81.0 published on Monday, Jun 24, 2024 by Pulumi