azurermSecurityCenterAssessmentPolicy
Manages the Security Center Assessment Metadata for Azure Security Center.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
new azurerm.securityCenterAssessmentPolicy.SecurityCenterAssessmentPolicy(
this,
"example",
{
description: "Test Description",
display_name: "Test Display Name",
severity: "Medium",
}
);
Arguments Reference
The following arguments are supported:
-
description
- (Required) The description of the Security Center Assessment. -
displayName
- (Required) The user-friendly display name of the Security Center Assessment. -
severity
- (Optional) The severity level of the Security Center Assessment. Possible values arelow
,medium
andhigh
. Defaults tomedium
.
-
categories
- (Optional) A list of the categories of resource that is at risk when the Security Center Assessment is unhealthy. Possible values areunknown
,compute
,data
,identityAndAccess
,ioT
andnetworking
. -
implementationEffort
- (Optional) The implementation effort which is used to remediate the Security Center Assessment. Possible values arelow
,moderate
andhigh
. -
remediationDescription
- (Optional) The description which is used to mitigate the security issue. -
threats
- (Optional) A list of the threat impacts for the Security Center Assessment. Possible values areaccountBreach
,dataExfiltration
,dataSpillage
,denialOfService
,elevationOfPrivilege
,maliciousInsider
,missingCoverage
andthreatResistance
. -
userImpact
- (Optional) The user impact of the Security Center Assessment. Possible values arelow
,moderate
andhigh
.
Attributes Reference
In addition to the Arguments listed above - the following Attributes are exported:
-
id
- The ID of the Security Center Assessment Policy. -
name
- The GUID as the name of the Security Center Assessment Policy.
Timeouts
The timeouts
block allows you to specify timeouts for certain actions:
create
- (Defaults to 30 minutes) Used when creating the Security Center Assessment Policy.read
- (Defaults to 5 minutes) Used when retrieving the Security Center Assessment Policy.update
- (Defaults to 30 minutes) Used when updating the Security Center Assessment Policy.delete
- (Defaults to 30 minutes) Used when deleting the Security Center Assessment Policy.
Import
Security Assessments Policy can be imported using the resourceId
, e.g.