azure.mgmt.security.models module

class azure.mgmt.security.models.AadConnectivityState1(*, connectivity_state=None, **kwargs)[source]

Bases: msrest.serialization.Model

Describes an Azure resource with kind.

Parameters

connectivity_state (str or AadConnectivityState) – The connectivity state of the external AAD solution . Possible values include: ‘Discovered’, ‘NotLicensed’, ‘Connected’

class azure.mgmt.security.models.AadExternalSecuritySolution(*, properties=None, **kwargs)[source]

Bases: azure.mgmt.security.models._models_py3.ExternalSecuritySolution

Represents an AAD identity protection solution which sends logs to an OMS workspace.

Variables are only populated by the server, and will be ignored when sending a request.

All required parameters must be populated in order to send to Azure.

Variables
Parameters
class azure.mgmt.security.models.AadSolutionProperties(*, device_vendor: str = None, device_type: str = None, workspace=None, connectivity_state=None, **kwargs)[source]

Bases: msrest.serialization.Model

The external security solution properties for AAD solutions.

Parameters
  • device_vendor (str) –

  • device_type (str) –

  • workspace (ConnectedWorkspace) –

  • connectivity_state (str or AadConnectivityState) – The connectivity state of the external AAD solution . Possible values include: ‘Discovered’, ‘NotLicensed’, ‘Connected’

class azure.mgmt.security.models.AdvancedThreatProtectionSetting(*, is_enabled: bool = None, **kwargs)[source]

Bases: azure.mgmt.security.models._models_py3.Resource

The Advanced Threat Protection resource.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
Parameters

is_enabled (bool) – Indicates whether Advanced Threat Protection is enabled.

class azure.mgmt.security.models.Alert(*, extended_properties=None, entities=None, confidence_reasons=None, **kwargs)[source]

Bases: azure.mgmt.security.models._models_py3.Resource

Security alert.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
  • id (str) – Resource Id

  • name (str) – Resource name

  • type (str) – Resource type

  • state (str) – State of the alert (Active, Dismissed etc.)

  • reported_time_utc (datetime) – The time the incident was reported to Microsoft.Security in UTC

  • vendor_name (str) – Name of the vendor that discovered the incident

  • alert_name (str) – Name of the alert type

  • alert_display_name (str) – Display name of the alert type

  • detected_time_utc (datetime) – The time the incident was detected by the vendor

  • description (str) – Description of the incident and what it means

  • remediation_steps (str) – Recommended steps to reradiate the incident

  • action_taken (str) – The action that was taken as a response to the alert (Active, Blocked etc.)

  • reported_severity (str or ReportedSeverity) – Estimated severity of this alert. Possible values include: ‘Informational’, ‘Low’, ‘Medium’, ‘High’

  • compromised_entity (str) – The entity that the incident happened on

  • associated_resource (str) – Azure resource ID of the associated resource

  • system_source (str) – The type of the alerted resource (Azure, Non-Azure)

  • can_be_investigated (bool) – Whether this alert can be investigated with Azure Security Center

  • is_incident (bool) – Whether this alert is for incident type or not (otherwise - single alert)

  • confidence_score (float) – level of confidence we have on the alert

  • subscription_id (str) – Azure subscription ID of the resource that had the security alert or the subscription ID of the workspace that this resource reports to

  • instance_id (str) – Instance ID of the alert.

  • workspace_arm_id (str) – Azure resource ID of the workspace that the alert was reported to.

  • correlation_key (str) – Alerts with the same CorrelationKey will be grouped together in Ibiza.

Parameters
class azure.mgmt.security.models.AlertConfidenceReason(**kwargs)[source]

Bases: msrest.serialization.Model

Factors that increase our confidence that the alert is a true positive.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
  • type (str) – Type of confidence factor

  • reason (str) – description of the confidence reason

class azure.mgmt.security.models.AlertEntity(*, additional_properties=None, **kwargs)[source]

Bases: msrest.serialization.Model

Changing set of properties depending on the entity type.

Variables are only populated by the server, and will be ignored when sending a request.

Parameters

additional_properties (dict[str, object]) – Unmatched properties from the message are deserialized this collection

Variables

type (str) – Type of entity

class azure.mgmt.security.models.AllowedConnectionsResource(**kwargs)[source]

Bases: msrest.serialization.Model

The resource whose properties describes the allowed traffic between Azure resources.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
  • id (str) – Resource Id

  • name (str) – Resource name

  • type (str) – Resource type

  • location (str) – Location where the resource is stored

  • calculated_date_time (datetime) – The UTC time on which the allowed connections resource was calculated

  • connectable_resources (list[ConnectableResource]) – List of connectable resources

class azure.mgmt.security.models.AppWhitelistingGroup(*, enforcement_mode=None, configuration_status=None, recommendation_status=None, issues=None, source_system=None, vm_recommendations=None, path_recommendations=None, **kwargs)[source]

Bases: msrest.serialization.Model

AppWhitelistingGroup.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
Parameters
  • enforcement_mode (str or enum) – Possible values include: ‘Audit’, ‘Enforce’

  • configuration_status (str or enum) – Possible values include: ‘Configured’, ‘NotConfigured’, ‘InProgress’, ‘Failed’, ‘NoStatus’

  • recommendation_status (str or enum) – Possible values include: ‘Recommended’, ‘NotRecommended’, ‘NotAvailable’, ‘NoStatus’

  • issues (list[AppWhitelistingIssueSummary]) –

  • source_system (str or enum) – Possible values include: ‘Azure_AppLocker’, ‘Azure_AuditD’, ‘NonAzure_AppLocker’, ‘NonAzure_AuditD’, ‘None’

  • vm_recommendations (list[VmRecommendation]) –

  • path_recommendations (list[PathRecommendation]) –

class azure.mgmt.security.models.AppWhitelistingGroups(*, value=None, **kwargs)[source]

Bases: msrest.serialization.Model

Represents a list of VM/server groups and set of rules that are Recommended by Azure Security Center to be allowed.

Parameters

value (list[AppWhitelistingGroup]) –

class azure.mgmt.security.models.AppWhitelistingIssueSummary(*, issue=None, number_of_vms: float = None, **kwargs)[source]

Bases: msrest.serialization.Model

Represents a summary of the alerts of the VM/server group.

Parameters
  • issue (str or enum) – Possible values include: ‘ViolationsAudited’, ‘ViolationsBlocked’, ‘MsiAndScriptViolationsAudited’, ‘MsiAndScriptViolationsBlocked’, ‘ExecutableViolationsAudited’, ‘RulesViolatedManually’

  • number_of_vms (float) – The number of machines in the VM/server group that have this alert

class azure.mgmt.security.models.AppWhitelistingPutGroupData(*, enforcement_mode=None, vm_recommendations=None, path_recommendations=None, **kwargs)[source]

Bases: msrest.serialization.Model

The altered data of the recommended VM/server group policy.

Parameters
class azure.mgmt.security.models.AscLocation(*, properties=None, **kwargs)[source]

Bases: azure.mgmt.security.models._models_py3.Resource

The ASC location of the subscription is in the “name” field.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
Parameters

properties (object) –

class azure.mgmt.security.models.AtaExternalSecuritySolution(*, properties=None, **kwargs)[source]

Bases: azure.mgmt.security.models._models_py3.ExternalSecuritySolution

Represents an ATA security solution which sends logs to an OMS workspace.

Variables are only populated by the server, and will be ignored when sending a request.

All required parameters must be populated in order to send to Azure.

Variables
Parameters
class azure.mgmt.security.models.AtaSolutionProperties(*, additional_properties=None, device_vendor: str = None, device_type: str = None, workspace=None, last_event_received: str = None, **kwargs)[source]

Bases: azure.mgmt.security.models._models_py3.ExternalSecuritySolutionProperties

The external security solution properties for ATA solutions.

Parameters
  • additional_properties (dict[str, object]) – Unmatched properties from the message are deserialized this collection

  • device_vendor (str) –

  • device_type (str) –

  • workspace (ConnectedWorkspace) –

  • last_event_received (str) –

class azure.mgmt.security.models.AutoProvisioningSetting(*, auto_provision, **kwargs)[source]

Bases: azure.mgmt.security.models._models_py3.Resource

Auto provisioning setting.

Variables are only populated by the server, and will be ignored when sending a request.

All required parameters must be populated in order to send to Azure.

Variables
Parameters

auto_provision (str or AutoProvision) – Required. Describes what kind of security agent provisioning action to take. Possible values include: ‘On’, ‘Off’

class azure.mgmt.security.models.CefExternalSecuritySolution(*, properties=None, **kwargs)[source]

Bases: azure.mgmt.security.models._models_py3.ExternalSecuritySolution

Represents a security solution which sends CEF logs to an OMS workspace.

Variables are only populated by the server, and will be ignored when sending a request.

All required parameters must be populated in order to send to Azure.

Variables
Parameters
class azure.mgmt.security.models.CefSolutionProperties(*, additional_properties=None, device_vendor: str = None, device_type: str = None, workspace=None, hostname: str = None, agent: str = None, last_event_received: str = None, **kwargs)[source]

Bases: azure.mgmt.security.models._models_py3.ExternalSecuritySolutionProperties

The external security solution properties for CEF solutions.

Parameters
  • additional_properties (dict[str, object]) – Unmatched properties from the message are deserialized this collection

  • device_vendor (str) –

  • device_type (str) –

  • workspace (ConnectedWorkspace) –

  • hostname (str) –

  • agent (str) –

  • last_event_received (str) –

class azure.mgmt.security.models.Compliance(**kwargs)[source]

Bases: azure.mgmt.security.models._models_py3.Resource

Compliance of a scope.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
  • id (str) – Resource Id

  • name (str) – Resource name

  • type (str) – Resource type

  • assessment_timestamp_utc_date (datetime) – The timestamp when the Compliance calculation was conducted.

  • resource_count (int) – The resource count of the given subscription for which the Compliance calculation was conducted (needed for Management Group Compliance calculation).

  • assessment_result (list[ComplianceSegment]) – An array of segment, which is the actually the compliance assessment.

class azure.mgmt.security.models.ComplianceResult(**kwargs)[source]

Bases: azure.mgmt.security.models._models_py3.Resource

a compliance result.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
  • id (str) – Resource Id

  • name (str) – Resource name

  • type (str) – Resource type

  • resource_status (str or ResourceStatus) – The status of the resource regarding a single assessment. Possible values include: ‘Healthy’, ‘NotApplicable’, ‘OffByPolicy’, ‘NotHealthy’

class azure.mgmt.security.models.ComplianceSegment(**kwargs)[source]

Bases: msrest.serialization.Model

A segment of a compliance assessment.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
  • segment_type (str) – The segment type, e.g. compliant, non-compliance, insufficient coverage, N/A, etc.

  • percentage (float) – The size (%) of the segment.

class azure.mgmt.security.models.ConnectableResource(**kwargs)[source]

Bases: msrest.serialization.Model

Describes the allowed inbound and outbound traffic of an Azure resource.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
  • id (str) – The Azure resource id

  • inbound_connected_resources (list[ConnectedResource]) – The list of Azure resources that the resource has inbound allowed connection from

  • outbound_connected_resources (list[ConnectedResource]) – The list of Azure resources that the resource has outbound allowed connection to

class azure.mgmt.security.models.ConnectedResource(**kwargs)[source]

Bases: msrest.serialization.Model

Describes properties of a connected resource.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
  • connected_resource_id (str) – The Azure resource id of the connected resource

  • tcp_ports (str) – The allowed tcp ports

  • udp_ports (str) – The allowed udp ports

class azure.mgmt.security.models.ConnectedWorkspace(*, id: str = None, **kwargs)[source]

Bases: msrest.serialization.Model

Represents an OMS workspace to which the solution is connected.

Parameters

id (str) – Azure resource ID of the connected OMS workspace

class azure.mgmt.security.models.DataExportSetting(*, kind, enabled: bool, **kwargs)[source]

Bases: azure.mgmt.security.models._models_py3.Setting

Represents a data export setting.

Variables are only populated by the server, and will be ignored when sending a request.

All required parameters must be populated in order to send to Azure.

Variables
Parameters
  • kind (str or SettingKind) – Required. the kind of the settings string (DataExportSetting). Possible values include: ‘DataExportSetting’, ‘AlertSuppressionSetting’

  • enabled (bool) – Required. Is the data export setting is enabled

class azure.mgmt.security.models.DiscoveredSecuritySolution(*, security_family, offer: str, publisher: str, sku: str, **kwargs)[source]

Bases: msrest.serialization.Model

DiscoveredSecuritySolution.

Variables are only populated by the server, and will be ignored when sending a request.

All required parameters must be populated in order to send to Azure.

Variables
Parameters
  • security_family (str or SecurityFamily) – Required. The security family of the discovered solution. Possible values include: ‘Waf’, ‘Ngfw’, ‘SaasWaf’, ‘Va’

  • offer (str) – Required. The security solutions’ image offer

  • publisher (str) – Required. The security solutions’ image publisher

  • sku (str) – Required. The security solutions’ image sku

class azure.mgmt.security.models.ExternalSecuritySolution(**kwargs)[source]

Bases: msrest.serialization.Model

Represents a security solution external to Azure Security Center which sends information to an OMS workspace and whose data is displayed by Azure Security Center.

You probably want to use the sub-classes and not this class directly. Known sub-classes are: CefExternalSecuritySolution, AtaExternalSecuritySolution, AadExternalSecuritySolution

Variables are only populated by the server, and will be ignored when sending a request.

All required parameters must be populated in order to send to Azure.

Variables
Parameters

kind (str) – Required. Constant filled by server.

class azure.mgmt.security.models.ExternalSecuritySolutionKind1(*, kind=None, **kwargs)[source]

Bases: msrest.serialization.Model

Describes an Azure resource with kind.

Parameters

kind (str or ExternalSecuritySolutionKind) – The kind of the external solution. Possible values include: ‘CEF’, ‘ATA’, ‘AAD’

class azure.mgmt.security.models.ExternalSecuritySolutionProperties(*, additional_properties=None, device_vendor: str = None, device_type: str = None, workspace=None, **kwargs)[source]

Bases: msrest.serialization.Model

The solution properties (correspond to the solution kind).

Parameters
  • additional_properties (dict[str, object]) – Unmatched properties from the message are deserialized this collection

  • device_vendor (str) –

  • device_type (str) –

  • workspace (ConnectedWorkspace) –

class azure.mgmt.security.models.InformationProtectionKeyword(*, pattern: str = None, custom: bool = None, can_be_numeric: bool = None, excluded: bool = None, **kwargs)[source]

Bases: msrest.serialization.Model

The information type keyword.

Parameters
  • pattern (str) – The keyword pattern.

  • custom (bool) – Indicates whether the keyword is custom or not.

  • can_be_numeric (bool) – Indicates whether the keyword can be applied on numeric types or not.

  • excluded (bool) – Indicates whether the keyword is excluded or not.

class azure.mgmt.security.models.InformationProtectionPolicy(*, labels=None, information_types=None, **kwargs)[source]

Bases: azure.mgmt.security.models._models_py3.Resource

Information protection policy.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
  • id (str) – Resource Id

  • name (str) – Resource name

  • type (str) – Resource type

  • last_modified_utc (datetime) – Describes the last UTC time the policy was modified.

Parameters
class azure.mgmt.security.models.InformationType(*, display_name: str = None, order: float = None, recommended_label_id: str = None, enabled: bool = None, custom: bool = None, keywords=None, **kwargs)[source]

Bases: msrest.serialization.Model

The information type.

Parameters
  • display_name (str) – The name of the information type.

  • order (float) – The order of the information type.

  • recommended_label_id (str) – The recommended label id to be associated with this information type.

  • enabled (bool) – Indicates whether the information type is enabled or not.

  • custom (bool) – Indicates whether the information type is custom or not.

  • keywords (list[InformationProtectionKeyword]) – The information type keywords.

class azure.mgmt.security.models.IoTSecurityAggregatedAlert(*, tags=None, **kwargs)[source]

Bases: msrest.serialization.Model

Security Solution Aggregated Alert information.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
  • id (str) – Resource Id

  • name (str) – Resource name

  • type (str) – Resource type

  • alert_type (str) – Name of the alert type

  • alert_display_name (str) – Display name of the alert type

  • aggregated_date_utc (date) – The date the incidents were detected by the vendor

  • vendor_name (str) – Name of the vendor that discovered the incident

  • reported_severity (str or ReportedSeverity) – Estimated severity of this alert. Possible values include: ‘Informational’, ‘Low’, ‘Medium’, ‘High’

  • remediation_steps (str) – Recommended steps for remediation

  • description (str) – Description of the incident and what it means

  • count (int) – Occurrence number of the alert within the aggregated date

  • effected_resource_type (str) – Azure resource ID of the resource that got the alerts

  • system_source (str) – The type of the alerted resource (Azure, Non-Azure)

  • action_taken (str) – The action that was taken as a response to the alert (Active, Blocked etc.)

  • log_analytics_query (str) – query in log analytics to get the list of affected devices/alerts

Parameters

tags (dict[str, str]) – Resource tags

class azure.mgmt.security.models.IoTSecurityAggregatedRecommendation(*, tags=None, recommendation_name: str = None, **kwargs)[source]

Bases: msrest.serialization.Model

Security Solution Recommendation Information.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
  • id (str) – Resource Id

  • name (str) – Resource name

  • type (str) – Resource type

  • recommendation_display_name (str) – Display name of the recommendation type.

  • description (str) – Description of the incident and what it means

  • recommendation_type_id (str) – The recommendation-type GUID.

  • detected_by (str) – Name of the vendor that discovered the issue

  • remediation_steps (str) – Recommended steps for remediation

  • reported_severity (str or ReportedSeverity) – Estimated severity of this recommendation. Possible values include: ‘Informational’, ‘Low’, ‘Medium’, ‘High’

  • healthy_devices (int) – the number of the healthy devices within the solution

  • unhealthy_device_count (int) – the number of the unhealthy devices within the solution

  • log_analytics_query (str) – query in log analytics to get the list of affected devices/alerts

Parameters
  • tags (dict[str, str]) – Resource tags

  • recommendation_name (str) – Name of the recommendation

class azure.mgmt.security.models.IoTSecurityAlertedDevice(**kwargs)[source]

Bases: msrest.serialization.Model

Statistic information about the number of alerts per device during the last period.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
  • device_id (str) – Name of the alert type

  • alerts_count (int) – the number of alerts raised for this device

class azure.mgmt.security.models.IoTSecurityAlertedDevicesList(*, value, **kwargs)[source]

Bases: msrest.serialization.Model

List of devices with the count of raised alerts.

All required parameters must be populated in order to send to Azure.

Parameters

value (list[IoTSecurityAlertedDevice]) – Required. List of aggregated alerts data

class azure.mgmt.security.models.IoTSecurityDeviceAlert(**kwargs)[source]

Bases: msrest.serialization.Model

Statistic information about the number of alerts per alert type during the last period.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
  • alert_display_name (str) – Display name of the alert

  • reported_severity (str or ReportedSeverity) – Estimated severity of this alert. Possible values include: ‘Informational’, ‘Low’, ‘Medium’, ‘High’

  • alerts_count (int) – the number of alerts raised for this alert type

class azure.mgmt.security.models.IoTSecurityDeviceAlertsList(*, value, **kwargs)[source]

Bases: msrest.serialization.Model

List of alerts with the count of raised alerts.

Variables are only populated by the server, and will be ignored when sending a request.

All required parameters must be populated in order to send to Azure.

Parameters

value (list[IoTSecurityDeviceAlert]) – Required. List of top alerts data

Variables

next_link (str) – The URI to fetch the next page.

class azure.mgmt.security.models.IoTSecurityDeviceRecommendation(**kwargs)[source]

Bases: msrest.serialization.Model

Statistic information about the number of recommendations per recommendation type.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
  • recommendation_display_name (str) – Display name of the recommendation

  • reported_severity (str or ReportedSeverity) – Estimated severity of this recommendation. Possible values include: ‘Informational’, ‘Low’, ‘Medium’, ‘High’

  • devices_count (int) – the number of device with this recommendation

class azure.mgmt.security.models.IoTSecurityDeviceRecommendationsList(*, value, **kwargs)[source]

Bases: msrest.serialization.Model

List of recommendations with the count of devices.

All required parameters must be populated in order to send to Azure.

Parameters

value (list[IoTSecurityDeviceRecommendation]) – Required. List of aggregated recommendation data

class azure.mgmt.security.models.IoTSecuritySolutionAnalyticsModel(*, top_alerted_devices=None, most_prevalent_device_alerts=None, most_prevalent_device_recommendations=None, **kwargs)[source]

Bases: azure.mgmt.security.models._models_py3.Resource

Security Analytics of a security solution.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
Parameters
class azure.mgmt.security.models.IoTSecuritySolutionAnalyticsModelList(*, value, **kwargs)[source]

Bases: msrest.serialization.Model

List of Security Analytics of a security solution.

Variables are only populated by the server, and will be ignored when sending a request.

All required parameters must be populated in order to send to Azure.

Parameters

value (list[IoTSecuritySolutionAnalyticsModel]) – Required. List of Security Analytics of a security solution

Variables

next_link (str) – The URI to fetch the next page.

class azure.mgmt.security.models.IoTSecuritySolutionAnalyticsModelPropertiesDevicesMetricsItem(*, date_property=None, devices_metrics=None, **kwargs)[source]

Bases: msrest.serialization.Model

IoTSecuritySolutionAnalyticsModelPropertiesDevicesMetricsItem.

Parameters
  • date_property (datetime) – the date of the metrics

  • devices_metrics (IoTSeverityMetrics) – devices alerts count by severity.

class azure.mgmt.security.models.IoTSecuritySolutionModel(*, workspace: str, display_name: str, iot_hubs, tags=None, location: str = None, status='Enabled', export=None, disabled_data_sources=None, user_defined_resources=None, recommendations_configuration=None, **kwargs)[source]

Bases: msrest.serialization.Model

Security Solution.

Variables are only populated by the server, and will be ignored when sending a request.

All required parameters must be populated in order to send to Azure.

Variables
  • id (str) – Resource Id

  • name (str) – Resource name

  • type (str) – Resource type

  • auto_discovered_resources (list[str]) – List of resources that were automatically discovered as relevant to the security solution.

Parameters
class azure.mgmt.security.models.IoTSeverityMetrics(*, high: int = None, medium: int = None, low: int = None, **kwargs)[source]

Bases: msrest.serialization.Model

Severity metrics.

Parameters
  • high (int) – count of high severity items

  • medium (int) – count of medium severity items

  • low (int) – count of low severity items

class azure.mgmt.security.models.JitNetworkAccessPolicy(*, virtual_machines, kind: str = None, requests=None, **kwargs)[source]

Bases: msrest.serialization.Model

JitNetworkAccessPolicy.

Variables are only populated by the server, and will be ignored when sending a request.

All required parameters must be populated in order to send to Azure.

Variables
  • id (str) – Resource Id

  • name (str) – Resource name

  • type (str) – Resource type

  • location (str) – Location where the resource is stored

  • provisioning_state (str) – Gets the provisioning state of the Just-in-Time policy.

Parameters
class azure.mgmt.security.models.JitNetworkAccessPolicyInitiatePort(*, number: int, end_time_utc, allowed_source_address_prefix: str = None, **kwargs)[source]

Bases: msrest.serialization.Model

JitNetworkAccessPolicyInitiatePort.

All required parameters must be populated in order to send to Azure.

Parameters
  • number (int) – Required.

  • allowed_source_address_prefix (str) – Source of the allowed traffic. If omitted, the request will be for the source IP address of the initiate request.

  • end_time_utc (datetime) – Required. The time to close the request in UTC

class azure.mgmt.security.models.JitNetworkAccessPolicyInitiateRequest(*, virtual_machines, **kwargs)[source]

Bases: msrest.serialization.Model

JitNetworkAccessPolicyInitiateRequest.

All required parameters must be populated in order to send to Azure.

Parameters

virtual_machines (list[JitNetworkAccessPolicyInitiateVirtualMachine]) – Required. A list of virtual machines & ports to open access for

class azure.mgmt.security.models.JitNetworkAccessPolicyInitiateVirtualMachine(*, id: str, ports, **kwargs)[source]

Bases: msrest.serialization.Model

JitNetworkAccessPolicyInitiateVirtualMachine.

All required parameters must be populated in order to send to Azure.

Parameters
class azure.mgmt.security.models.JitNetworkAccessPolicyVirtualMachine(*, id: str, ports, public_ip_address: str = None, **kwargs)[source]

Bases: msrest.serialization.Model

JitNetworkAccessPolicyVirtualMachine.

All required parameters must be populated in order to send to Azure.

Parameters
  • id (str) – Required. Resource ID of the virtual machine that is linked to this policy

  • ports (list[JitNetworkAccessPortRule]) – Required. Port configurations for the virtual machine

  • public_ip_address (str) – Public IP address of the Azure Firewall that is linked to this policy, if applicable

class azure.mgmt.security.models.JitNetworkAccessPortRule(*, number: int, protocol, max_request_access_duration: str, allowed_source_address_prefix: str = None, allowed_source_address_prefixes=None, **kwargs)[source]

Bases: msrest.serialization.Model

JitNetworkAccessPortRule.

All required parameters must be populated in order to send to Azure.

Parameters
  • number (int) – Required.

  • protocol (str or Protocol) – Required. Possible values include: ‘TCP’, ‘UDP’, ‘All’

  • allowed_source_address_prefix (str) – Mutually exclusive with the “allowedSourceAddressPrefixes” parameter. Should be an IP address or CIDR, for example “192.168.0.3” or “192.168.0.0/16”.

  • allowed_source_address_prefixes (list[str]) – Mutually exclusive with the “allowedSourceAddressPrefix” parameter.

  • max_request_access_duration (str) – Required. Maximum duration requests can be made for. In ISO 8601 duration format. Minimum 5 minutes, maximum 1 day

class azure.mgmt.security.models.JitNetworkAccessRequest(*, virtual_machines, start_time_utc, requestor: str, **kwargs)[source]

Bases: msrest.serialization.Model

JitNetworkAccessRequest.

All required parameters must be populated in order to send to Azure.

Parameters
  • virtual_machines (list[JitNetworkAccessRequestVirtualMachine]) – Required.

  • start_time_utc (datetime) – Required. The start time of the request in UTC

  • requestor (str) – Required. The identity of the person who made the request

class azure.mgmt.security.models.JitNetworkAccessRequestPort(*, number: int, end_time_utc, status, status_reason, allowed_source_address_prefix: str = None, allowed_source_address_prefixes=None, mapped_port: int = None, **kwargs)[source]

Bases: msrest.serialization.Model

JitNetworkAccessRequestPort.

All required parameters must be populated in order to send to Azure.

Parameters
  • number (int) – Required.

  • allowed_source_address_prefix (str) – Mutually exclusive with the “allowedSourceAddressPrefixes” parameter. Should be an IP address or CIDR, for example “192.168.0.3” or “192.168.0.0/16”.

  • allowed_source_address_prefixes (list[str]) – Mutually exclusive with the “allowedSourceAddressPrefix” parameter.

  • end_time_utc (datetime) – Required. The date & time at which the request ends in UTC

  • status (str or Status) – Required. The status of the port. Possible values include: ‘Revoked’, ‘Initiated’

  • status_reason (str or StatusReason) – Required. A description of why the status has its value. Possible values include: ‘Expired’, ‘UserRequested’, ‘NewerRequestInitiated’

  • mapped_port (int) – The port which is mapped to this port’s number in the Azure Firewall, if applicable

class azure.mgmt.security.models.JitNetworkAccessRequestVirtualMachine(*, id: str, ports, **kwargs)[source]

Bases: msrest.serialization.Model

JitNetworkAccessRequestVirtualMachine.

All required parameters must be populated in order to send to Azure.

Parameters
  • id (str) – Required. Resource ID of the virtual machine that is linked to this policy

  • ports (list[JitNetworkAccessRequestPort]) – Required. The ports that were opened for the virtual machine

class azure.mgmt.security.models.Kind(*, kind: str = None, **kwargs)[source]

Bases: msrest.serialization.Model

Describes an Azure resource with kind.

Parameters

kind (str) – Kind of the resource

class azure.mgmt.security.models.Location(**kwargs)[source]

Bases: msrest.serialization.Model

Describes an Azure resource with location.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

location (str) – Location where the resource is stored

class azure.mgmt.security.models.Operation(*, display=None, **kwargs)[source]

Bases: msrest.serialization.Model

Possible operation in the REST API of Microsoft.Security.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
  • name (str) – Name of the operation

  • origin (str) – Where the operation is originated

Parameters

display (OperationDisplay) –

class azure.mgmt.security.models.OperationDisplay(**kwargs)[source]

Bases: msrest.serialization.Model

Security operation display.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
  • provider (str) – The resource provider for the operation.

  • resource (str) – The display name of the resource the operation applies to.

  • operation (str) – The display name of the security operation.

  • description (str) – The description of the operation.

class azure.mgmt.security.models.PathRecommendation(*, path: str = None, action=None, type=None, publisher_info=None, common: bool = None, user_sids=None, usernames=None, file_type=None, configuration_status=None, **kwargs)[source]

Bases: msrest.serialization.Model

Represents a path that is recommended to be allowed and its properties.

Parameters
  • path (str) – The full path to whitelist

  • action (str or enum) – Possible values include: ‘Recommended’, ‘Add’, ‘Remove’

  • type (str or enum) – Possible values include: ‘File’, ‘FileHash’, ‘PublisherSignature’, ‘ProductSignature’, ‘BinarySignature’, ‘VersionAndAboveSignature’

  • publisher_info (PublisherInfo) –

  • common (bool) – Whether the path is commonly run on the machine

  • user_sids (list[str]) –

  • usernames (list[UserRecommendation]) –

  • file_type (str or enum) – Possible values include: ‘Exe’, ‘Dll’, ‘Msi’, ‘Script’, ‘Executable’, ‘Unknown’

  • configuration_status (str or enum) – Possible values include: ‘Configured’, ‘NotConfigured’, ‘InProgress’, ‘Failed’, ‘NoStatus’

class azure.mgmt.security.models.Pricing(*, pricing_tier, **kwargs)[source]

Bases: azure.mgmt.security.models._models_py3.Resource

Pricing tier will be applied for the scope based on the resource ID.

Variables are only populated by the server, and will be ignored when sending a request.

All required parameters must be populated in order to send to Azure.

Variables
  • id (str) – Resource Id

  • name (str) – Resource name

  • type (str) – Resource type

  • free_trial_remaining_time (timedelta) – The duration left for the subscriptions free trial period - in ISO 8601 format (e.g. P3Y6M4DT12H30M5S).

Parameters

pricing_tier (str or PricingTier) – Required. The pricing tier value. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. Possible values include: ‘Free’, ‘Standard’

class azure.mgmt.security.models.PricingList(*, value, **kwargs)[source]

Bases: msrest.serialization.Model

List of pricing configurations response.

All required parameters must be populated in order to send to Azure.

Parameters

value (list[Pricing]) – Required. List of pricing configurations

class azure.mgmt.security.models.PublisherInfo(*, publisher_name: str = None, product_name: str = None, binary_name: str = None, version: str = None, **kwargs)[source]

Bases: msrest.serialization.Model

Represents the publisher information of a process/rule.

Parameters
  • publisher_name (str) – The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country

  • product_name (str) – The product name taken from the file’s version resource

  • binary_name (str) – The “OriginalName” field taken from the file’s version resource

  • version (str) – The binary file version taken from the file’s version resource

class azure.mgmt.security.models.RecommendationConfigurationProperties(*, recommendation_type, status='Enabled', **kwargs)[source]

Bases: msrest.serialization.Model

Recommendation configuration.

Variables are only populated by the server, and will be ignored when sending a request.

All required parameters must be populated in order to send to Azure.

Parameters
  • recommendation_type (str or RecommendationType) – Required. The recommendation type. Possible values include: ‘IoT_ACRAuthentication’, ‘IoT_AgentSendsUnutilizedMessages’, ‘IoT_Baseline’, ‘IoT_EdgeHubMemOptimize’, ‘IoT_EdgeLoggingOptions’, ‘IoT_InconsistentModuleSettings’, ‘IoT_InstallAgent’, ‘IoT_IPFilter_DenyAll’, ‘IoT_IPFilter_PermissiveRule’, ‘IoT_OpenPorts’, ‘IoT_PermissiveFirewallPolicy’, ‘IoT_PermissiveInputFirewallRules’, ‘IoT_PermissiveOutputFirewallRules’, ‘IoT_PrivilegedDockerOptions’, ‘IoT_SharedCredentials’, ‘IoT_VulnerableTLSCipherSuite’

  • status (str or RecommendationConfigStatus) – Required. Recommendation status. The recommendation is not generated when the status is disabled. Possible values include: ‘Disabled’, ‘Enabled’. Default value: “Enabled” .

Variables

name (str) –

class azure.mgmt.security.models.RegulatoryComplianceAssessment(*, state=None, **kwargs)[source]

Bases: azure.mgmt.security.models._models_py3.Resource

Regulatory compliance assessment details and state.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
  • id (str) – Resource Id

  • name (str) – Resource name

  • type (str) – Resource type

  • description (str) – The description of the regulatory compliance assessment

  • assessment_type (str) – The expected type of assessment contained in the AssessmentDetailsLink

  • assessment_details_link (str) – Link to more detailed assessment results data. The response type will be according to the assessmentType field

  • passed_resources (int) – The given assessment’s related resources count with passed state.

  • failed_resources (int) – The given assessment’s related resources count with failed state.

  • skipped_resources (int) – The given assessment’s related resources count with skipped state.

  • unsupported_resources (int) – The given assessment’s related resources count with unsupported state.

Parameters

state (str or State) – Aggregative state based on the assessment’s scanned resources states. Possible values include: ‘Passed’, ‘Failed’, ‘Skipped’, ‘Unsupported’

class azure.mgmt.security.models.RegulatoryComplianceControl(*, state=None, **kwargs)[source]

Bases: azure.mgmt.security.models._models_py3.Resource

Regulatory compliance control details and state.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
  • id (str) – Resource Id

  • name (str) – Resource name

  • type (str) – Resource type

  • description (str) – The description of the regulatory compliance control

  • passed_assessments (int) – The number of supported regulatory compliance assessments of the given control with a passed state

  • failed_assessments (int) – The number of supported regulatory compliance assessments of the given control with a failed state

  • skipped_assessments (int) – The number of supported regulatory compliance assessments of the given control with a skipped state

Parameters

state (str or State) – Aggregative state based on the control’s supported assessments states. Possible values include: ‘Passed’, ‘Failed’, ‘Skipped’, ‘Unsupported’

class azure.mgmt.security.models.RegulatoryComplianceStandard(*, state=None, **kwargs)[source]

Bases: azure.mgmt.security.models._models_py3.Resource

Regulatory compliance standard details and state.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
  • id (str) – Resource Id

  • name (str) – Resource name

  • type (str) – Resource type

  • passed_controls (int) – The number of supported regulatory compliance controls of the given standard with a passed state

  • failed_controls (int) – The number of supported regulatory compliance controls of the given standard with a failed state

  • skipped_controls (int) – The number of supported regulatory compliance controls of the given standard with a skipped state

  • unsupported_controls (int) – The number of regulatory compliance controls of the given standard which are unsupported by automated assessments

Parameters

state (str or State) – Aggregative state based on the standard’s supported controls states. Possible values include: ‘Passed’, ‘Failed’, ‘Skipped’, ‘Unsupported’

class azure.mgmt.security.models.Resource(**kwargs)[source]

Bases: msrest.serialization.Model

Describes an Azure resource.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
class azure.mgmt.security.models.SecurityContact(*, email: str, alert_notifications, alerts_to_admins, phone: str = None, **kwargs)[source]

Bases: azure.mgmt.security.models._models_py3.Resource

Contact details for security issues.

Variables are only populated by the server, and will be ignored when sending a request.

All required parameters must be populated in order to send to Azure.

Variables
Parameters
  • email (str) – Required. The email of this security contact

  • phone (str) – The phone number of this security contact

  • alert_notifications (str or AlertNotifications) – Required. Whether to send security alerts notifications to the security contact. Possible values include: ‘On’, ‘Off’

  • alerts_to_admins (str or AlertsToAdmins) – Required. Whether to send security alerts notifications to subscription admins. Possible values include: ‘On’, ‘Off’

class azure.mgmt.security.models.SecurityTask(*, security_task_parameters=None, **kwargs)[source]

Bases: azure.mgmt.security.models._models_py3.Resource

Security task that we recommend to do in order to strengthen security.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
  • id (str) – Resource Id

  • name (str) – Resource name

  • type (str) – Resource type

  • state (str) – State of the task (Active, Resolved etc.)

  • creation_time_utc (datetime) – The time this task was discovered in UTC

  • last_state_change_time_utc (datetime) – The time this task’s details were last changed in UTC

  • sub_state (str) – Additional data on the state of the task

Parameters

security_task_parameters (SecurityTaskParameters) –

class azure.mgmt.security.models.SecurityTaskParameters(*, additional_properties=None, **kwargs)[source]

Bases: msrest.serialization.Model

Changing set of properties, depending on the task type that is derived from the name field.

Variables are only populated by the server, and will be ignored when sending a request.

Parameters

additional_properties (dict[str, object]) – Unmatched properties from the message are deserialized this collection

Variables

name (str) – Name of the task type

class azure.mgmt.security.models.SensitivityLabel(*, display_name: str = None, order: float = None, enabled: bool = None, **kwargs)[source]

Bases: msrest.serialization.Model

The sensitivity label.

Parameters
  • display_name (str) – The name of the sensitivity label.

  • order (float) – The order of the sensitivity label.

  • enabled (bool) – Indicates whether the label is enabled or not.

class azure.mgmt.security.models.ServerVulnerabilityAssessment(**kwargs)[source]

Bases: azure.mgmt.security.models._models_py3.Resource

Describes the server vulnerability assessment details on a resource.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
  • id (str) – Resource Id

  • name (str) – Resource name

  • type (str) – Resource type

  • provisioning_state (str or enum) – The provisioningState of the vulnerability assessment capability on the VM. Possible values include: ‘Succeeded’, ‘Failed’, ‘Canceled’, ‘Provisioning’, ‘Deprovisioning’

class azure.mgmt.security.models.ServerVulnerabilityAssessmentsList(*, value=None, **kwargs)[source]

Bases: msrest.serialization.Model

List of server vulnerability assessments.

Parameters

value (list[ServerVulnerabilityAssessment]) –

class azure.mgmt.security.models.Setting(*, kind, **kwargs)[source]

Bases: azure.mgmt.security.models._models_py3.SettingResource

Represents a security setting in Azure Security Center.

Variables are only populated by the server, and will be ignored when sending a request.

All required parameters must be populated in order to send to Azure.

Variables
Parameters

kind (str or SettingKind) – Required. the kind of the settings string (DataExportSetting). Possible values include: ‘DataExportSetting’, ‘AlertSuppressionSetting’

class azure.mgmt.security.models.SettingResource(*, kind, **kwargs)[source]

Bases: azure.mgmt.security.models._models_py3.Resource

The kind of the security setting.

Variables are only populated by the server, and will be ignored when sending a request.

All required parameters must be populated in order to send to Azure.

Variables
Parameters

kind (str or SettingKind) – Required. the kind of the settings string (DataExportSetting). Possible values include: ‘DataExportSetting’, ‘AlertSuppressionSetting’

class azure.mgmt.security.models.TagsResource(*, tags=None, **kwargs)[source]

Bases: msrest.serialization.Model

A container holding only the Tags for a resource, allowing the user to update the tags.

Parameters

tags (dict[str, str]) – Resource tags

class azure.mgmt.security.models.TopologyResource(**kwargs)[source]

Bases: msrest.serialization.Model

TopologyResource.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
  • id (str) – Resource Id

  • name (str) – Resource name

  • type (str) – Resource type

  • location (str) – Location where the resource is stored

  • calculated_date_time (datetime) – The UTC time on which the topology was calculated

  • topology_resources (list[TopologySingleResource]) – Azure resources which are part of this topology resource

class azure.mgmt.security.models.TopologySingleResource(**kwargs)[source]

Bases: msrest.serialization.Model

TopologySingleResource.

Variables are only populated by the server, and will be ignored when sending a request.

Variables
  • resource_id (str) – Azure resource id

  • severity (str) – The security severity of the resource

  • recommendations_exist (bool) – Indicates if the resource has security recommendations

  • network_zones (str) – Indicates the resource connectivity level to the Internet (InternetFacing, Internal ,etc.)

  • topology_score (int) – Score of the resource based on its security severity

  • location (str) – The location of this resource

  • parents (list[TopologySingleResourceParent]) – Azure resources connected to this resource which are in higher level in the topology view

  • children (list[TopologySingleResourceChild]) – Azure resources connected to this resource which are in lower level in the topology view

class azure.mgmt.security.models.TopologySingleResourceChild(**kwargs)[source]

Bases: msrest.serialization.Model

TopologySingleResourceChild.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

resource_id (str) – Azure resource id which serves as child resource in topology view

class azure.mgmt.security.models.TopologySingleResourceParent(**kwargs)[source]

Bases: msrest.serialization.Model

TopologySingleResourceParent.

Variables are only populated by the server, and will be ignored when sending a request.

Variables

resource_id (str) – Azure resource id which serves as parent resource in topology view

class azure.mgmt.security.models.UpdateIotSecuritySolutionData(*, tags=None, user_defined_resources=None, recommendations_configuration=None, **kwargs)[source]

Bases: azure.mgmt.security.models._models_py3.TagsResource

UpdateIotSecuritySolutionData.

Parameters
class azure.mgmt.security.models.UserDefinedResourcesProperties(*, query: str, query_subscriptions, **kwargs)[source]

Bases: msrest.serialization.Model

Properties of the solution’s user defined resources.

All required parameters must be populated in order to send to Azure.

Parameters
  • query (str) – Required. Azure Resource Graph query which represents the security solution’s user defined resources. Required to start with “where type != “Microsoft.Devices/IotHubs””

  • query_subscriptions (list[str]) – Required. List of Azure subscription ids on which the user defined resources query should be executed.

class azure.mgmt.security.models.UserRecommendation(*, username: str = None, recommendation_action=None, **kwargs)[source]

Bases: msrest.serialization.Model

Represents a user that is recommended to be allowed for a certain rule.

Parameters
  • username (str) – Represents a user that is recommended to be allowed for a certain rule

  • recommendation_action (str or enum) – Possible values include: ‘Recommended’, ‘Add’, ‘Remove’

class azure.mgmt.security.models.VmRecommendation(*, configuration_status=None, recommendation_action=None, resource_id: str = None, **kwargs)[source]

Bases: msrest.serialization.Model

Represents a machine that is part of a VM/server group.

Parameters
  • configuration_status (str or enum) – Possible values include: ‘Configured’, ‘NotConfigured’, ‘InProgress’, ‘Failed’, ‘NoStatus’

  • recommendation_action (str or enum) – Possible values include: ‘Recommended’, ‘Add’, ‘Remove’

  • resource_id (str) –

class azure.mgmt.security.models.WorkspaceSetting(*, workspace_id: str, scope: str, **kwargs)[source]

Bases: azure.mgmt.security.models._models_py3.Resource

Configures where to store the OMS agent data for workspaces under a scope.

Variables are only populated by the server, and will be ignored when sending a request.

All required parameters must be populated in order to send to Azure.

Variables
Parameters
  • workspace_id (str) – Required. The full Azure ID of the workspace to save the data in

  • scope (str) – Required. All the VMs in this scope will send their security data to the mentioned workspace unless overridden by a setting with more specific scope

class azure.mgmt.security.models.ComplianceResultPaged(*args, **kwargs)[source]

Bases: msrest.paging.Paged

A paging container for iterating over a list of ComplianceResult object

Bring async to Paging.

“async_command” is mandatory keyword argument for this mixin to work.

class azure.mgmt.security.models.AlertPaged(*args, **kwargs)[source]

Bases: msrest.paging.Paged

A paging container for iterating over a list of Alert object

Bring async to Paging.

“async_command” is mandatory keyword argument for this mixin to work.

class azure.mgmt.security.models.SettingPaged(*args, **kwargs)[source]

Bases: msrest.paging.Paged

A paging container for iterating over a list of Setting object

Bring async to Paging.

“async_command” is mandatory keyword argument for this mixin to work.

class azure.mgmt.security.models.IoTSecuritySolutionModelPaged(*args, **kwargs)[source]

Bases: msrest.paging.Paged

A paging container for iterating over a list of IoTSecuritySolutionModel object

Bring async to Paging.

“async_command” is mandatory keyword argument for this mixin to work.

class azure.mgmt.security.models.IoTSecurityAggregatedAlertPaged(*args, **kwargs)[source]

Bases: msrest.paging.Paged

A paging container for iterating over a list of IoTSecurityAggregatedAlert object

Bring async to Paging.

“async_command” is mandatory keyword argument for this mixin to work.

class azure.mgmt.security.models.IoTSecurityAggregatedRecommendationPaged(*args, **kwargs)[source]

Bases: msrest.paging.Paged

A paging container for iterating over a list of IoTSecurityAggregatedRecommendation object

Bring async to Paging.

“async_command” is mandatory keyword argument for this mixin to work.

class azure.mgmt.security.models.AllowedConnectionsResourcePaged(*args, **kwargs)[source]

Bases: msrest.paging.Paged

A paging container for iterating over a list of AllowedConnectionsResource object

Bring async to Paging.

“async_command” is mandatory keyword argument for this mixin to work.

class azure.mgmt.security.models.DiscoveredSecuritySolutionPaged(*args, **kwargs)[source]

Bases: msrest.paging.Paged

A paging container for iterating over a list of DiscoveredSecuritySolution object

Bring async to Paging.

“async_command” is mandatory keyword argument for this mixin to work.

class azure.mgmt.security.models.ExternalSecuritySolutionPaged(*args, **kwargs)[source]

Bases: msrest.paging.Paged

A paging container for iterating over a list of ExternalSecuritySolution object

Bring async to Paging.

“async_command” is mandatory keyword argument for this mixin to work.

class azure.mgmt.security.models.JitNetworkAccessPolicyPaged(*args, **kwargs)[source]

Bases: msrest.paging.Paged

A paging container for iterating over a list of JitNetworkAccessPolicy object

Bring async to Paging.

“async_command” is mandatory keyword argument for this mixin to work.

class azure.mgmt.security.models.AscLocationPaged(*args, **kwargs)[source]

Bases: msrest.paging.Paged

A paging container for iterating over a list of AscLocation object

Bring async to Paging.

“async_command” is mandatory keyword argument for this mixin to work.

class azure.mgmt.security.models.OperationPaged(*args, **kwargs)[source]

Bases: msrest.paging.Paged

A paging container for iterating over a list of Operation object

Bring async to Paging.

“async_command” is mandatory keyword argument for this mixin to work.

class azure.mgmt.security.models.SecurityTaskPaged(*args, **kwargs)[source]

Bases: msrest.paging.Paged

A paging container for iterating over a list of SecurityTask object

Bring async to Paging.

“async_command” is mandatory keyword argument for this mixin to work.

class azure.mgmt.security.models.TopologyResourcePaged(*args, **kwargs)[source]

Bases: msrest.paging.Paged

A paging container for iterating over a list of TopologyResource object

Bring async to Paging.

“async_command” is mandatory keyword argument for this mixin to work.

class azure.mgmt.security.models.AutoProvisioningSettingPaged(*args, **kwargs)[source]

Bases: msrest.paging.Paged

A paging container for iterating over a list of AutoProvisioningSetting object

Bring async to Paging.

“async_command” is mandatory keyword argument for this mixin to work.

class azure.mgmt.security.models.CompliancePaged(*args, **kwargs)[source]

Bases: msrest.paging.Paged

A paging container for iterating over a list of Compliance object

Bring async to Paging.

“async_command” is mandatory keyword argument for this mixin to work.

class azure.mgmt.security.models.InformationProtectionPolicyPaged(*args, **kwargs)[source]

Bases: msrest.paging.Paged

A paging container for iterating over a list of InformationProtectionPolicy object

Bring async to Paging.

“async_command” is mandatory keyword argument for this mixin to work.

class azure.mgmt.security.models.SecurityContactPaged(*args, **kwargs)[source]

Bases: msrest.paging.Paged

A paging container for iterating over a list of SecurityContact object

Bring async to Paging.

“async_command” is mandatory keyword argument for this mixin to work.

class azure.mgmt.security.models.WorkspaceSettingPaged(*args, **kwargs)[source]

Bases: msrest.paging.Paged

A paging container for iterating over a list of WorkspaceSetting object

Bring async to Paging.

“async_command” is mandatory keyword argument for this mixin to work.

class azure.mgmt.security.models.RegulatoryComplianceStandardPaged(*args, **kwargs)[source]

Bases: msrest.paging.Paged

A paging container for iterating over a list of RegulatoryComplianceStandard object

Bring async to Paging.

“async_command” is mandatory keyword argument for this mixin to work.

class azure.mgmt.security.models.RegulatoryComplianceControlPaged(*args, **kwargs)[source]

Bases: msrest.paging.Paged

A paging container for iterating over a list of RegulatoryComplianceControl object

Bring async to Paging.

“async_command” is mandatory keyword argument for this mixin to work.

class azure.mgmt.security.models.RegulatoryComplianceAssessmentPaged(*args, **kwargs)[source]

Bases: msrest.paging.Paged

A paging container for iterating over a list of RegulatoryComplianceAssessment object

Bring async to Paging.

“async_command” is mandatory keyword argument for this mixin to work.

class azure.mgmt.security.models.ResourceStatus[source]

Bases: str, enum.Enum

An enumeration.

healthy = 'Healthy'

This assessment on the resource is healthy

not_applicable = 'NotApplicable'

This assessment is not applicable to this resource

not_healthy = 'NotHealthy'

This assessment on the resource is not healthy

off_by_policy = 'OffByPolicy'

This assessment is turned off by policy on this subscription

class azure.mgmt.security.models.PricingTier[source]

Bases: str, enum.Enum

An enumeration.

free = 'Free'

Get free Azure security center experience with basic security features

standard = 'Standard'

Get the standard Azure security center experience with advanced security features

class azure.mgmt.security.models.ReportedSeverity[source]

Bases: str, enum.Enum

An enumeration.

high = 'High'
informational = 'Informational'
low = 'Low'
medium = 'Medium'
class azure.mgmt.security.models.SettingKind[source]

Bases: str, enum.Enum

An enumeration.

alert_suppression_setting = 'AlertSuppressionSetting'
data_export_setting = 'DataExportSetting'
class azure.mgmt.security.models.SecuritySolutionStatus[source]

Bases: str, enum.Enum

An enumeration.

disabled = 'Disabled'
enabled = 'Enabled'
class azure.mgmt.security.models.ExportData[source]

Bases: str, enum.Enum

An enumeration.

raw_events = 'RawEvents'

Agent raw events

class azure.mgmt.security.models.DataSource[source]

Bases: str, enum.Enum

An enumeration.

twin_data = 'TwinData'

Devices twin data

class azure.mgmt.security.models.RecommendationType[source]

Bases: str, enum.Enum

An enumeration.

io_t_acrauthentication = 'IoT_ACRAuthentication'

Authentication schema used for pull an edge module from an ACR repository does not use Service Principal Authentication.

io_t_agent_sends_unutilized_messages = 'IoT_AgentSendsUnutilizedMessages'

IoT agent message size capacity is currently underutilized, causing an increase in the number of sent messages. Adjust message intervals for better utilization.

io_t_baseline = 'IoT_Baseline'

Identified security related system configuration issues.

io_t_edge_hub_mem_optimize = 'IoT_EdgeHubMemOptimize'

You can optimize Edge Hub memory usage by turning off protocol heads for any protocols not used by Edge modules in your solution.

io_t_edge_logging_options = 'IoT_EdgeLoggingOptions'

Logging is disabled for this edge module.

io_t_inconsistent_module_settings = 'IoT_InconsistentModuleSettings'

A minority within a device security group has inconsistent Edge Module settings with the rest of their group.

io_t_install_agent = 'IoT_InstallAgent'

Install the Azure Security of Things Agent.

io_t_ipfilter_deny_all = 'IoT_IPFilter_DenyAll'

IP Filter Configuration should have rules defined for allowed traffic and should deny all other traffic by default.

io_t_ipfilter_permissive_rule = 'IoT_IPFilter_PermissiveRule'

An Allow IP Filter rules source IP range is too large. Overly permissive rules might expose your IoT hub to malicious intenders.

io_t_open_ports = 'IoT_OpenPorts'

A listening endpoint was found on the device.

io_t_permissive_firewall_policy = 'IoT_PermissiveFirewallPolicy'

An Allowed firewall policy was found (INPUT/OUTPUT). The policy should Deny all traffic by default and define rules to allow necessary communication to/from the device.

io_t_permissive_input_firewall_rules = 'IoT_PermissiveInputFirewallRules'

A rule in the firewall has been found that contains a permissive pattern for a wide range of IP addresses or Ports.

io_t_permissive_output_firewall_rules = 'IoT_PermissiveOutputFirewallRules'

A rule in the firewall has been found that contains a permissive pattern for a wide range of IP addresses or Ports.

io_t_privileged_docker_options = 'IoT_PrivilegedDockerOptions'

Edge module is configured to run in privileged mode, with extensive Linux capabilities or with host-level network access (send/receive data to host machine).

io_t_shared_credentials = 'IoT_SharedCredentials'

Same authentication credentials to the IoT Hub used by multiple devices. This could indicate an illegitimate device impersonating a legitimate device. It also exposes the risk of device impersonation by an attacker.

io_t_vulnerable_tls_cipher_suite = 'IoT_VulnerableTLSCipherSuite'

Insecure TLS configurations detected. Immediate upgrade recommended.

class azure.mgmt.security.models.RecommendationConfigStatus[source]

Bases: str, enum.Enum

An enumeration.

disabled = 'Disabled'
enabled = 'Enabled'
class azure.mgmt.security.models.SecurityFamily[source]

Bases: str, enum.Enum

An enumeration.

ngfw = 'Ngfw'
saas_waf = 'SaasWaf'
va = 'Va'
waf = 'Waf'
class azure.mgmt.security.models.AadConnectivityState[source]

Bases: str, enum.Enum

An enumeration.

connected = 'Connected'
discovered = 'Discovered'
not_licensed = 'NotLicensed'
class azure.mgmt.security.models.ExternalSecuritySolutionKind[source]

Bases: str, enum.Enum

An enumeration.

aad = 'AAD'
ata = 'ATA'
cef = 'CEF'
class azure.mgmt.security.models.Protocol[source]

Bases: str, enum.Enum

An enumeration.

all = '*'
tcp = 'TCP'
udp = 'UDP'
class azure.mgmt.security.models.Status[source]

Bases: str, enum.Enum

An enumeration.

initiated = 'Initiated'
revoked = 'Revoked'
class azure.mgmt.security.models.StatusReason[source]

Bases: str, enum.Enum

An enumeration.

expired = 'Expired'
newer_request_initiated = 'NewerRequestInitiated'
user_requested = 'UserRequested'
class azure.mgmt.security.models.AutoProvision[source]

Bases: str, enum.Enum

An enumeration.

off = 'Off'

Do not install security agent on the VMs automatically

on = 'On'

Install missing security agent on VMs automatically

class azure.mgmt.security.models.AlertNotifications[source]

Bases: str, enum.Enum

An enumeration.

off = 'Off'

Don’t get notifications on new alerts

on = 'On'

Get notifications on new alerts

class azure.mgmt.security.models.AlertsToAdmins[source]

Bases: str, enum.Enum

An enumeration.

off = 'Off'

Don’t send notification on new alerts to the subscription’s admins

on = 'On'

Send notification on new alerts to the subscription’s admins

class azure.mgmt.security.models.State[source]

Bases: str, enum.Enum

An enumeration.

failed = 'Failed'

At least one supported regulatory compliance control in the given standard has a state of failed

passed = 'Passed'

All supported regulatory compliance controls in the given standard have a passed state

skipped = 'Skipped'

All supported regulatory compliance controls in the given standard have a state of skipped

unsupported = 'Unsupported'

No supported regulatory compliance data for the given standard

class azure.mgmt.security.models.ConnectionType[source]

Bases: str, enum.Enum

An enumeration.

external = 'External'
internal = 'Internal'