Docs Home
This is the latest version of Azure Native. Use the Azure Native v2 docs if using the v2 version of this package.
Azure Native v3.1.0 published on Tuesday, Apr 8, 2025 by Pulumi
azure-native.securityinsights.MicrosoftSecurityIncidentCreationAlertRule
Explore with Pulumi AI
This is the latest version of Azure Native. Use the Azure Native v2 docs if using the v2 version of this package.
Azure Native v3.1.0 published on Tuesday, Apr 8, 2025 by Pulumi
- Example Usage
- Creates or updates a Fusion alert rule.
- Creates or updates a MicrosoftSecurityIncidentCreation rule.
- Creates or updates a Scheduled alert rule.
- Create MicrosoftSecurityIncidentCreationAlertRule Resource
- Constructor syntax
- Constructor example
- MicrosoftSecurityIncidentCreationAlertRule Resource Properties
- Inputs
- Outputs
- Supporting Types
- Import
- Package Details
Represents MicrosoftSecurityIncidentCreation rule.
Uses Azure REST API version 2024-09-01. In version 2.x of the Azure Native provider, it used API version 2023-02-01.
Example Usage
Creates or updates a Fusion alert rule.
Creates or updates a MicrosoftSecurityIncidentCreation rule.
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var microsoftSecurityIncidentCreationAlertRule = new AzureNative.SecurityInsights.MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRule", new()
{
DisplayName = "testing displayname",
Enabled = true,
Kind = "MicrosoftSecurityIncidentCreation",
ProductFilter = AzureNative.SecurityInsights.MicrosoftSecurityProductName.Microsoft_Cloud_App_Security,
ResourceGroupName = "myRg",
RuleId = "microsoftSecurityIncidentCreationRuleExample",
WorkspaceName = "myWorkspace",
});
});
package main
import (
securityinsights "github.com/pulumi/pulumi-azure-native-sdk/securityinsights/v3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := securityinsights.NewMicrosoftSecurityIncidentCreationAlertRule(ctx, "microsoftSecurityIncidentCreationAlertRule", &securityinsights.MicrosoftSecurityIncidentCreationAlertRuleArgs{
DisplayName: pulumi.String("testing displayname"),
Enabled: pulumi.Bool(true),
Kind: pulumi.String("MicrosoftSecurityIncidentCreation"),
ProductFilter: pulumi.String(securityinsights.MicrosoftSecurityProductName_Microsoft_Cloud_App_Security),
ResourceGroupName: pulumi.String("myRg"),
RuleId: pulumi.String("microsoftSecurityIncidentCreationRuleExample"),
WorkspaceName: pulumi.String("myWorkspace"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.securityinsights.MicrosoftSecurityIncidentCreationAlertRule;
import com.pulumi.azurenative.securityinsights.MicrosoftSecurityIncidentCreationAlertRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var microsoftSecurityIncidentCreationAlertRule = new MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRule", MicrosoftSecurityIncidentCreationAlertRuleArgs.builder()
.displayName("testing displayname")
.enabled(true)
.kind("MicrosoftSecurityIncidentCreation")
.productFilter("Microsoft Cloud App Security")
.resourceGroupName("myRg")
.ruleId("microsoftSecurityIncidentCreationRuleExample")
.workspaceName("myWorkspace")
.build());
}
}
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const microsoftSecurityIncidentCreationAlertRule = new azure_native.securityinsights.MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRule", {
displayName: "testing displayname",
enabled: true,
kind: "MicrosoftSecurityIncidentCreation",
productFilter: azure_native.securityinsights.MicrosoftSecurityProductName.Microsoft_Cloud_App_Security,
resourceGroupName: "myRg",
ruleId: "microsoftSecurityIncidentCreationRuleExample",
workspaceName: "myWorkspace",
});
import pulumi
import pulumi_azure_native as azure_native
microsoft_security_incident_creation_alert_rule = azure_native.securityinsights.MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRule",
display_name="testing displayname",
enabled=True,
kind="MicrosoftSecurityIncidentCreation",
product_filter=azure_native.securityinsights.MicrosoftSecurityProductName.MICROSOFT_CLOUD_APP_SECURITY,
resource_group_name="myRg",
rule_id="microsoftSecurityIncidentCreationRuleExample",
workspace_name="myWorkspace")
resources:
microsoftSecurityIncidentCreationAlertRule:
type: azure-native:securityinsights:MicrosoftSecurityIncidentCreationAlertRule
properties:
displayName: testing displayname
enabled: true
kind: MicrosoftSecurityIncidentCreation
productFilter: Microsoft Cloud App Security
resourceGroupName: myRg
ruleId: microsoftSecurityIncidentCreationRuleExample
workspaceName: myWorkspace
Creates or updates a Scheduled alert rule.
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var microsoftSecurityIncidentCreationAlertRule = new AzureNative.SecurityInsights.MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRule", new()
{
ResourceGroupName = "myRg",
RuleId = "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
WorkspaceName = "myWorkspace",
});
});
package main
import (
securityinsights "github.com/pulumi/pulumi-azure-native-sdk/securityinsights/v3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := securityinsights.NewMicrosoftSecurityIncidentCreationAlertRule(ctx, "microsoftSecurityIncidentCreationAlertRule", &securityinsights.MicrosoftSecurityIncidentCreationAlertRuleArgs{
ResourceGroupName: pulumi.String("myRg"),
RuleId: pulumi.String("73e01a99-5cd7-4139-a149-9f2736ff2ab5"),
WorkspaceName: pulumi.String("myWorkspace"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.securityinsights.MicrosoftSecurityIncidentCreationAlertRule;
import com.pulumi.azurenative.securityinsights.MicrosoftSecurityIncidentCreationAlertRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var microsoftSecurityIncidentCreationAlertRule = new MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRule", MicrosoftSecurityIncidentCreationAlertRuleArgs.builder()
.resourceGroupName("myRg")
.ruleId("73e01a99-5cd7-4139-a149-9f2736ff2ab5")
.workspaceName("myWorkspace")
.build());
}
}
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const microsoftSecurityIncidentCreationAlertRule = new azure_native.securityinsights.MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRule", {
resourceGroupName: "myRg",
ruleId: "73e01a99-5cd7-4139-a149-9f2736ff2ab5",
workspaceName: "myWorkspace",
});
import pulumi
import pulumi_azure_native as azure_native
microsoft_security_incident_creation_alert_rule = azure_native.securityinsights.MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRule",
resource_group_name="myRg",
rule_id="73e01a99-5cd7-4139-a149-9f2736ff2ab5",
workspace_name="myWorkspace")
resources:
microsoftSecurityIncidentCreationAlertRule:
type: azure-native:securityinsights:MicrosoftSecurityIncidentCreationAlertRule
properties:
resourceGroupName: myRg
ruleId: 73e01a99-5cd7-4139-a149-9f2736ff2ab5
workspaceName: myWorkspace
Create MicrosoftSecurityIncidentCreationAlertRule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new MicrosoftSecurityIncidentCreationAlertRule(name: string, args: MicrosoftSecurityIncidentCreationAlertRuleArgs, opts?: CustomResourceOptions);@overload
def MicrosoftSecurityIncidentCreationAlertRule(resource_name: str,
args: MicrosoftSecurityIncidentCreationAlertRuleArgs,
opts: Optional[ResourceOptions] = None)
@overload
def MicrosoftSecurityIncidentCreationAlertRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
display_name: Optional[str] = None,
enabled: Optional[bool] = None,
product_filter: Optional[Union[str, MicrosoftSecurityProductName]] = None,
resource_group_name: Optional[str] = None,
workspace_name: Optional[str] = None,
alert_rule_template_name: Optional[str] = None,
description: Optional[str] = None,
display_names_exclude_filter: Optional[Sequence[str]] = None,
display_names_filter: Optional[Sequence[str]] = None,
rule_id: Optional[str] = None,
severities_filter: Optional[Sequence[Union[str, AlertSeverity]]] = None)func NewMicrosoftSecurityIncidentCreationAlertRule(ctx *Context, name string, args MicrosoftSecurityIncidentCreationAlertRuleArgs, opts ...ResourceOption) (*MicrosoftSecurityIncidentCreationAlertRule, error)public MicrosoftSecurityIncidentCreationAlertRule(string name, MicrosoftSecurityIncidentCreationAlertRuleArgs args, CustomResourceOptions? opts = null)public MicrosoftSecurityIncidentCreationAlertRule(String name, MicrosoftSecurityIncidentCreationAlertRuleArgs args)
public MicrosoftSecurityIncidentCreationAlertRule(String name, MicrosoftSecurityIncidentCreationAlertRuleArgs args, CustomResourceOptions options)
type: azure-native:securityinsights:MicrosoftSecurityIncidentCreationAlertRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name
This property is required. string - The unique name of the resource.
- args
This property is required. MicrosoftSecurityIncidentCreationAlertRuleArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name
This property is required. str - The unique name of the resource.
- args
This property is required. MicrosoftSecurityIncidentCreationAlertRuleArgs - The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. MicrosoftSecurityIncidentCreationAlertRuleArgs - The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. MicrosoftSecurityIncidentCreationAlertRuleArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name
This property is required. String - The unique name of the resource.
- args
This property is required. MicrosoftSecurityIncidentCreationAlertRuleArgs - The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var microsoftSecurityIncidentCreationAlertRuleResource = new AzureNative.SecurityInsights.MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRuleResource", new()
{
DisplayName = "string",
Enabled = false,
Kind = "string",
ProductFilter = "string",
ResourceGroupName = "string",
WorkspaceName = "string",
AlertRuleTemplateName = "string",
Description = "string",
DisplayNamesExcludeFilter = new[]
{
"string",
},
DisplayNamesFilter = new[]
{
"string",
},
RuleId = "string",
SeveritiesFilter = new[]
{
"string",
},
});
example, err := securityinsights.NewMicrosoftSecurityIncidentCreationAlertRule(ctx, "microsoftSecurityIncidentCreationAlertRuleResource", &securityinsights.MicrosoftSecurityIncidentCreationAlertRuleArgs{
DisplayName: pulumi.String("string"),
Enabled: pulumi.Bool(false),
Kind: pulumi.String("string"),
ProductFilter: pulumi.String("string"),
ResourceGroupName: pulumi.String("string"),
WorkspaceName: pulumi.String("string"),
AlertRuleTemplateName: pulumi.String("string"),
Description: pulumi.String("string"),
DisplayNamesExcludeFilter: pulumi.StringArray{
pulumi.String("string"),
},
DisplayNamesFilter: pulumi.StringArray{
pulumi.String("string"),
},
RuleId: pulumi.String("string"),
SeveritiesFilter: pulumi.StringArray{
pulumi.String("string"),
},
})
var microsoftSecurityIncidentCreationAlertRuleResource = new MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRuleResource", MicrosoftSecurityIncidentCreationAlertRuleArgs.builder()
.displayName("string")
.enabled(false)
.kind("string")
.productFilter("string")
.resourceGroupName("string")
.workspaceName("string")
.alertRuleTemplateName("string")
.description("string")
.displayNamesExcludeFilter("string")
.displayNamesFilter("string")
.ruleId("string")
.severitiesFilter("string")
.build());
microsoft_security_incident_creation_alert_rule_resource = azure_native.securityinsights.MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRuleResource",
display_name="string",
enabled=False,
kind="string",
product_filter="string",
resource_group_name="string",
workspace_name="string",
alert_rule_template_name="string",
description="string",
display_names_exclude_filter=["string"],
display_names_filter=["string"],
rule_id="string",
severities_filter=["string"])
const microsoftSecurityIncidentCreationAlertRuleResource = new azure_native.securityinsights.MicrosoftSecurityIncidentCreationAlertRule("microsoftSecurityIncidentCreationAlertRuleResource", {
displayName: "string",
enabled: false,
kind: "string",
productFilter: "string",
resourceGroupName: "string",
workspaceName: "string",
alertRuleTemplateName: "string",
description: "string",
displayNamesExcludeFilter: ["string"],
displayNamesFilter: ["string"],
ruleId: "string",
severitiesFilter: ["string"],
});
type: azure-native:securityinsights:MicrosoftSecurityIncidentCreationAlertRule
properties:
alertRuleTemplateName: string
description: string
displayName: string
displayNamesExcludeFilter:
- string
displayNamesFilter:
- string
enabled: false
kind: string
productFilter: string
resourceGroupName: string
ruleId: string
severitiesFilter:
- string
workspaceName: string
MicrosoftSecurityIncidentCreationAlertRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The MicrosoftSecurityIncidentCreationAlertRule resource accepts the following input properties:
- Display
Name This property is required. string - The display name for alerts created by this alert rule.
- Enabled
This property is required. bool - Determines whether this alert rule is enabled or disabled.
- Product
Filter This property is required. string | Pulumi.Azure Native. Security Insights. Microsoft Security Product Name - The alerts' productName on which the cases will be generated
- Resource
Group Name stringThis property is required. 
Changes to this property will trigger replacement. - The name of the resource group. The name is case insensitive.
- Workspace
Name stringThis property is required. Changes to this property will trigger replacement. - The name of the workspace.
- Alert
Rule stringTemplate Name - The Name of the alert rule template used to create this rule.
- Description string
- The description of the alert rule.
- Display
Names List<string>Exclude Filter - the alerts' displayNames on which the cases will not be generated
- Display
Names List<string>Filter - the alerts' displayNames on which the cases will be generated
- Rule
Id - Alert rule ID
- Severities
Filter List<Union<string, Pulumi.Azure Native. Security Insights. Alert Severity>> - the alerts' severities on which the cases will be generated
- Display
Name This property is required. string - The display name for alerts created by this alert rule.
- Enabled
This property is required. bool - Determines whether this alert rule is enabled or disabled.
- Product
Filter This property is required. string | MicrosoftSecurity Product Name - The alerts' productName on which the cases will be generated
- Resource
Group Name stringThis property is required. Changes to this property will trigger replacement. - The name of the resource group. The name is case insensitive.
- Workspace
Name stringThis property is required. Changes to this property will trigger replacement. - The name of the workspace.
- Alert
Rule stringTemplate Name - The Name of the alert rule template used to create this rule.
- Description string
- The description of the alert rule.
- Display
Names []stringExclude Filter - the alerts' displayNames on which the cases will not be generated
- Display
Names []stringFilter - the alerts' displayNames on which the cases will be generated
- Rule
Id - Alert rule ID
- Severities
Filter []string - the alerts' severities on which the cases will be generated
- display
Name This property is required. String - The display name for alerts created by this alert rule.
- enabled
This property is required. Boolean - Determines whether this alert rule is enabled or disabled.
- product
Filter This property is required. String | MicrosoftSecurity Product Name - The alerts' productName on which the cases will be generated
- resource
Group Name StringThis property is required. Changes to this property will trigger replacement. - The name of the resource group. The name is case insensitive.
- workspace
Name StringThis property is required. Changes to this property will trigger replacement. - The name of the workspace.
- alert
Rule StringTemplate Name - The Name of the alert rule template used to create this rule.
- description String
- The description of the alert rule.
- display
Names List<String>Exclude Filter - the alerts' displayNames on which the cases will not be generated
- display
Names List<String>Filter - the alerts' displayNames on which the cases will be generated
- rule
Id - Alert rule ID
- severities
Filter List<Either<String,AlertSeverity>> - the alerts' severities on which the cases will be generated
- display
Name This property is required. string - The display name for alerts created by this alert rule.
- enabled
This property is required. boolean - Determines whether this alert rule is enabled or disabled.
- product
Filter This property is required. string | MicrosoftSecurity Product Name - The alerts' productName on which the cases will be generated
- resource
Group Name stringThis property is required. Changes to this property will trigger replacement. - The name of the resource group. The name is case insensitive.
- workspace
Name stringThis property is required. Changes to this property will trigger replacement. - The name of the workspace.
- alert
Rule stringTemplate Name - The Name of the alert rule template used to create this rule.
- description string
- The description of the alert rule.
- display
Names string[]Exclude Filter - the alerts' displayNames on which the cases will not be generated
- display
Names string[]Filter - the alerts' displayNames on which the cases will be generated
- rule
Id - Alert rule ID
- severities
Filter (string | AlertSeverity)[] - the alerts' severities on which the cases will be generated
- display_
name This property is required. str - The display name for alerts created by this alert rule.
- enabled
This property is required. bool - Determines whether this alert rule is enabled or disabled.
- product_
filter This property is required. str | MicrosoftSecurity Product Name - The alerts' productName on which the cases will be generated
- resource_
group_ name strThis property is required. Changes to this property will trigger replacement. - The name of the resource group. The name is case insensitive.
- workspace_
name strThis property is required. Changes to this property will trigger replacement. - The name of the workspace.
- alert_
rule_ strtemplate_ name - The Name of the alert rule template used to create this rule.
- description str
- The description of the alert rule.
- display_
names_ Sequence[str]exclude_ filter - the alerts' displayNames on which the cases will not be generated
- display_
names_ Sequence[str]filter - the alerts' displayNames on which the cases will be generated
- rule_
id - Alert rule ID
- severities_
filter Sequence[Union[str, AlertSeverity]] - the alerts' severities on which the cases will be generated
- display
Name This property is required. String - The display name for alerts created by this alert rule.
- enabled
This property is required. Boolean - Determines whether this alert rule is enabled or disabled.
- product
Filter This property is required. String | "Microsoft Cloud App Security" | "Azure Security Center" | "Azure Advanced Threat Protection" | "Azure Active Directory Identity Protection" | "Azure Security Center for IoT" - The alerts' productName on which the cases will be generated
- resource
Group Name StringThis property is required. Changes to this property will trigger replacement. - The name of the resource group. The name is case insensitive.
- workspace
Name StringThis property is required. Changes to this property will trigger replacement. - The name of the workspace.
- alert
Rule StringTemplate Name - The Name of the alert rule template used to create this rule.
- description String
- The description of the alert rule.
- display
Names List<String>Exclude Filter - the alerts' displayNames on which the cases will not be generated
- display
Names List<String>Filter - the alerts' displayNames on which the cases will be generated
- rule
Id - Alert rule ID
- severities
Filter List<String | "High" | "Medium" | "Low" | "Informational"> - the alerts' severities on which the cases will be generated
Outputs
All input properties are implicitly available as output properties. Additionally, the MicrosoftSecurityIncidentCreationAlertRule resource produces the following output properties:
- Azure
Api stringVersion - The Azure API version of the resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- Last
Modified stringUtc - The last time that this alert has been modified.
- Name string
- The name of the resource
- System
Data Pulumi.Azure Native. Security Insights. Outputs. System Data Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- Type string
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- Etag string
- Etag of the azure resource
- Azure
Api stringVersion - The Azure API version of the resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- Last
Modified stringUtc - The last time that this alert has been modified.
- Name string
- The name of the resource
- System
Data SystemData Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- Type string
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- Etag string
- Etag of the azure resource
- azure
Api StringVersion - The Azure API version of the resource.
- id String
- The provider-assigned unique ID for this managed resource.
- last
Modified StringUtc - The last time that this alert has been modified.
- name String
- The name of the resource
- system
Data SystemData Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type String
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- etag String
- Etag of the azure resource
- azure
Api stringVersion - The Azure API version of the resource.
- id string
- The provider-assigned unique ID for this managed resource.
- last
Modified stringUtc - The last time that this alert has been modified.
- name string
- The name of the resource
- system
Data SystemData Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type string
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- etag string
- Etag of the azure resource
- azure_
api_ strversion - The Azure API version of the resource.
- id str
- The provider-assigned unique ID for this managed resource.
- last_
modified_ strutc - The last time that this alert has been modified.
- name str
- The name of the resource
- system_
data SystemData Response - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type str
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- etag str
- Etag of the azure resource
- azure
Api StringVersion - The Azure API version of the resource.
- id String
- The provider-assigned unique ID for this managed resource.
- last
Modified StringUtc - The last time that this alert has been modified.
- name String
- The name of the resource
- system
Data Property Map - Azure Resource Manager metadata containing createdBy and modifiedBy information.
- type String
- The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts"
- etag String
- Etag of the azure resource
Supporting Types
AlertSeverity, AlertSeverityArgs
, AlertSeverityArgs
- High
- HighHigh severity
- Medium
- MediumMedium severity
- Low
- LowLow severity
- Informational
- InformationalInformational severity
- Alert
Severity High - HighHigh severity
- Alert
Severity Medium - MediumMedium severity
- Alert
Severity Low - LowLow severity
- Alert
Severity Informational - InformationalInformational severity
- High
- HighHigh severity
- Medium
- MediumMedium severity
- Low
- LowLow severity
- Informational
- InformationalInformational severity
- High
- HighHigh severity
- Medium
- MediumMedium severity
- Low
- LowLow severity
- Informational
- InformationalInformational severity
- HIGH
- HighHigh severity
- MEDIUM
- MediumMedium severity
- LOW
- LowLow severity
- INFORMATIONAL
- InformationalInformational severity
- "High"
- HighHigh severity
- "Medium"
- MediumMedium severity
- "Low"
- LowLow severity
- "Informational"
- InformationalInformational severity
MicrosoftSecurityProductName, MicrosoftSecurityProductNameArgs
, MicrosoftSecurityProductNameArgs
- Microsoft_Cloud_App_Security
- Microsoft Cloud App Security
- Azure_Security_Center
- Azure Security Center
- Azure_Advanced_Threat_Protection
- Azure Advanced Threat Protection
- Azure_Active_Directory_Identity_Protection
- Azure Active Directory Identity Protection
- Azure_Security_Center_
for_Io T - Azure Security Center for IoT
- Microsoft
Security Product Name_Microsoft_Cloud_App_Security - Microsoft Cloud App Security
- Microsoft
Security Product Name_Azure_Security_Center - Azure Security Center
- Microsoft
Security Product Name_Azure_Advanced_Threat_Protection - Azure Advanced Threat Protection
- Microsoft
Security Product Name_Azure_Active_Directory_Identity_Protection - Azure Active Directory Identity Protection
- Microsoft
Security Product Name_Azure_Security_Center_ for_Io T - Azure Security Center for IoT
- Microsoft_Cloud_App_Security
- Microsoft Cloud App Security
- Azure_Security_Center
- Azure Security Center
- Azure_Advanced_Threat_Protection
- Azure Advanced Threat Protection
- Azure_Active_Directory_Identity_Protection
- Azure Active Directory Identity Protection
- Azure_Security_Center_
for_Io T - Azure Security Center for IoT
- Microsoft_Cloud_App_Security
- Microsoft Cloud App Security
- Azure_Security_Center
- Azure Security Center
- Azure_Advanced_Threat_Protection
- Azure Advanced Threat Protection
- Azure_Active_Directory_Identity_Protection
- Azure Active Directory Identity Protection
- Azure_Security_Center_
for_Io T - Azure Security Center for IoT
- MICROSOFT_CLOUD_APP_SECURITY
- Microsoft Cloud App Security
- AZURE_SECURITY_CENTER
- Azure Security Center
- AZURE_ADVANCED_THREAT_PROTECTION
- Azure Advanced Threat Protection
- AZURE_ACTIVE_DIRECTORY_IDENTITY_PROTECTION
- Azure Active Directory Identity Protection
- AZURE_SECURITY_CENTER_FOR_IO_T
- Azure Security Center for IoT
- "Microsoft Cloud App Security"
- Microsoft Cloud App Security
- "Azure Security Center"
- Azure Security Center
- "Azure Advanced Threat Protection"
- Azure Advanced Threat Protection
- "Azure Active Directory Identity Protection"
- Azure Active Directory Identity Protection
- "Azure Security Center for Io
T" - Azure Security Center for IoT
SystemDataResponse, SystemDataResponseArgs
, SystemDataResponseArgs
- Created
At string - The timestamp of resource creation (UTC).
- Created
By string - The identity that created the resource.
- Created
By stringType - The type of identity that created the resource.
- Last
Modified stringAt - The timestamp of resource last modification (UTC)
- Last
Modified stringBy - The identity that last modified the resource.
- Last
Modified stringBy Type - The type of identity that last modified the resource.
- Created
At string - The timestamp of resource creation (UTC).
- Created
By string - The identity that created the resource.
- Created
By stringType - The type of identity that created the resource.
- Last
Modified stringAt - The timestamp of resource last modification (UTC)
- Last
Modified stringBy - The identity that last modified the resource.
- Last
Modified stringBy Type - The type of identity that last modified the resource.
- created
At String - The timestamp of resource creation (UTC).
- created
By String - The identity that created the resource.
- created
By StringType - The type of identity that created the resource.
- last
Modified StringAt - The timestamp of resource last modification (UTC)
- last
Modified StringBy - The identity that last modified the resource.
- last
Modified StringBy Type - The type of identity that last modified the resource.
- created
At string - The timestamp of resource creation (UTC).
- created
By string - The identity that created the resource.
- created
By stringType - The type of identity that created the resource.
- last
Modified stringAt - The timestamp of resource last modification (UTC)
- last
Modified stringBy - The identity that last modified the resource.
- last
Modified stringBy Type - The type of identity that last modified the resource.
- created_
at str - The timestamp of resource creation (UTC).
- created_
by str - The identity that created the resource.
- created_
by_ strtype - The type of identity that created the resource.
- last_
modified_ strat - The timestamp of resource last modification (UTC)
- last_
modified_ strby - The identity that last modified the resource.
- last_
modified_ strby_ type - The type of identity that last modified the resource.
- created
At String - The timestamp of resource creation (UTC).
- created
By String - The identity that created the resource.
- created
By StringType - The type of identity that created the resource.
- last
Modified StringAt - The timestamp of resource last modification (UTC)
- last
Modified StringBy - The identity that last modified the resource.
- last
Modified StringBy Type - The type of identity that last modified the resource.
Import
An existing resource can be imported using its type token, name, and identifier, e.g.
$ pulumi import azure-native:securityinsights:MicrosoftSecurityIncidentCreationAlertRule 73e01a99-5cd7-4139-a149-9f2736ff2ab5 /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Azure Native pulumi/pulumi-azure-native
- License
- Apache-2.0
This is the latest version of Azure Native. Use the Azure Native v2 docs if using the v2 version of this package.
Azure Native v3.1.0 published on Tuesday, Apr 8, 2025 by Pulumi
- Example Usage
- Creates or updates a Fusion alert rule.
- Creates or updates a MicrosoftSecurityIncidentCreation rule.
- Creates or updates a Scheduled alert rule.
- Create MicrosoftSecurityIncidentCreationAlertRule Resource
- Constructor syntax
- Constructor example
- MicrosoftSecurityIncidentCreationAlertRule Resource Properties
- Inputs
- Outputs
- Supporting Types
- Import
- Package Details