-
Notifications
You must be signed in to change notification settings - Fork 796
/
zz_generated_constants.go
1977 lines (1728 loc) · 76 KB
/
zz_generated_constants.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
//go:build go1.18
// +build go1.18
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License. See License.txt in the project root for license information.
// Code generated by Microsoft (R) AutoRest Code Generator.
// Changes may cause incorrect behavior and will be lost if the code is regenerated.
package armsecurity
const (
moduleName = "armsecurity"
moduleVersion = "v0.7.0"
)
// AADConnectivityState - The connectivity state of the external AAD solution
type AADConnectivityState string
const (
AADConnectivityStateConnected AADConnectivityState = "Connected"
AADConnectivityStateDiscovered AADConnectivityState = "Discovered"
AADConnectivityStateNotLicensed AADConnectivityState = "NotLicensed"
)
// PossibleAADConnectivityStateValues returns the possible values for the AADConnectivityState const type.
func PossibleAADConnectivityStateValues() []AADConnectivityState {
return []AADConnectivityState{
AADConnectivityStateConnected,
AADConnectivityStateDiscovered,
AADConnectivityStateNotLicensed,
}
}
// ActionType - The type of the action that will be triggered by the Automation
type ActionType string
const (
ActionTypeEventHub ActionType = "EventHub"
ActionTypeLogicApp ActionType = "LogicApp"
ActionTypeWorkspace ActionType = "Workspace"
)
// PossibleActionTypeValues returns the possible values for the ActionType const type.
func PossibleActionTypeValues() []ActionType {
return []ActionType{
ActionTypeEventHub,
ActionTypeLogicApp,
ActionTypeWorkspace,
}
}
// AdaptiveApplicationControlIssue - An alert that machines within a group can have
type AdaptiveApplicationControlIssue string
const (
AdaptiveApplicationControlIssueExecutableViolationsAudited AdaptiveApplicationControlIssue = "ExecutableViolationsAudited"
AdaptiveApplicationControlIssueMsiAndScriptViolationsAudited AdaptiveApplicationControlIssue = "MsiAndScriptViolationsAudited"
AdaptiveApplicationControlIssueMsiAndScriptViolationsBlocked AdaptiveApplicationControlIssue = "MsiAndScriptViolationsBlocked"
AdaptiveApplicationControlIssueRulesViolatedManually AdaptiveApplicationControlIssue = "RulesViolatedManually"
AdaptiveApplicationControlIssueViolationsAudited AdaptiveApplicationControlIssue = "ViolationsAudited"
AdaptiveApplicationControlIssueViolationsBlocked AdaptiveApplicationControlIssue = "ViolationsBlocked"
)
// PossibleAdaptiveApplicationControlIssueValues returns the possible values for the AdaptiveApplicationControlIssue const type.
func PossibleAdaptiveApplicationControlIssueValues() []AdaptiveApplicationControlIssue {
return []AdaptiveApplicationControlIssue{
AdaptiveApplicationControlIssueExecutableViolationsAudited,
AdaptiveApplicationControlIssueMsiAndScriptViolationsAudited,
AdaptiveApplicationControlIssueMsiAndScriptViolationsBlocked,
AdaptiveApplicationControlIssueRulesViolatedManually,
AdaptiveApplicationControlIssueViolationsAudited,
AdaptiveApplicationControlIssueViolationsBlocked,
}
}
// AdditionalWorkspaceDataType - Data types sent to workspace.
type AdditionalWorkspaceDataType string
const (
AdditionalWorkspaceDataTypeAlerts AdditionalWorkspaceDataType = "Alerts"
AdditionalWorkspaceDataTypeRawEvents AdditionalWorkspaceDataType = "RawEvents"
)
// PossibleAdditionalWorkspaceDataTypeValues returns the possible values for the AdditionalWorkspaceDataType const type.
func PossibleAdditionalWorkspaceDataTypeValues() []AdditionalWorkspaceDataType {
return []AdditionalWorkspaceDataType{
AdditionalWorkspaceDataTypeAlerts,
AdditionalWorkspaceDataTypeRawEvents,
}
}
// AdditionalWorkspaceType - Workspace type.
type AdditionalWorkspaceType string
const (
AdditionalWorkspaceTypeSentinel AdditionalWorkspaceType = "Sentinel"
)
// PossibleAdditionalWorkspaceTypeValues returns the possible values for the AdditionalWorkspaceType const type.
func PossibleAdditionalWorkspaceTypeValues() []AdditionalWorkspaceType {
return []AdditionalWorkspaceType{
AdditionalWorkspaceTypeSentinel,
}
}
// AlertNotifications - Whether to send security alerts notifications to the security contact
type AlertNotifications string
const (
// AlertNotificationsOff - Don't get notifications on new alerts
AlertNotificationsOff AlertNotifications = "Off"
// AlertNotificationsOn - Get notifications on new alerts
AlertNotificationsOn AlertNotifications = "On"
)
// PossibleAlertNotificationsValues returns the possible values for the AlertNotifications const type.
func PossibleAlertNotificationsValues() []AlertNotifications {
return []AlertNotifications{
AlertNotificationsOff,
AlertNotificationsOn,
}
}
// AlertSeverity - The risk level of the threat that was detected. Learn more: https://docs.microsoft.com/en-us/azure/security-center/security-center-alerts-overview#how-are-alerts-classified.
type AlertSeverity string
const (
// AlertSeverityHigh - High
AlertSeverityHigh AlertSeverity = "High"
// AlertSeverityInformational - Informational
AlertSeverityInformational AlertSeverity = "Informational"
// AlertSeverityLow - Low
AlertSeverityLow AlertSeverity = "Low"
// AlertSeverityMedium - Medium
AlertSeverityMedium AlertSeverity = "Medium"
)
// PossibleAlertSeverityValues returns the possible values for the AlertSeverity const type.
func PossibleAlertSeverityValues() []AlertSeverity {
return []AlertSeverity{
AlertSeverityHigh,
AlertSeverityInformational,
AlertSeverityLow,
AlertSeverityMedium,
}
}
// AlertStatus - The life cycle status of the alert.
type AlertStatus string
const (
// AlertStatusActive - An alert which doesn't specify a value is assigned the status 'Active'
AlertStatusActive AlertStatus = "Active"
// AlertStatusDismissed - Alert dismissed as false positive
AlertStatusDismissed AlertStatus = "Dismissed"
// AlertStatusResolved - Alert closed after handling
AlertStatusResolved AlertStatus = "Resolved"
)
// PossibleAlertStatusValues returns the possible values for the AlertStatus const type.
func PossibleAlertStatusValues() []AlertStatus {
return []AlertStatus{
AlertStatusActive,
AlertStatusDismissed,
AlertStatusResolved,
}
}
// AlertsToAdmins - Whether to send security alerts notifications to subscription admins
type AlertsToAdmins string
const (
// AlertsToAdminsOff - Don't send notification on new alerts to the subscription's admins
AlertsToAdminsOff AlertsToAdmins = "Off"
// AlertsToAdminsOn - Send notification on new alerts to the subscription's admins
AlertsToAdminsOn AlertsToAdmins = "On"
)
// PossibleAlertsToAdminsValues returns the possible values for the AlertsToAdmins const type.
func PossibleAlertsToAdminsValues() []AlertsToAdmins {
return []AlertsToAdmins{
AlertsToAdminsOff,
AlertsToAdminsOn,
}
}
// AssessedResourceType - Sub-assessment resource type
type AssessedResourceType string
const (
AssessedResourceTypeContainerRegistryVulnerability AssessedResourceType = "ContainerRegistryVulnerability"
AssessedResourceTypeSQLServerVulnerability AssessedResourceType = "SqlServerVulnerability"
AssessedResourceTypeServerVulnerability AssessedResourceType = "ServerVulnerability"
)
// PossibleAssessedResourceTypeValues returns the possible values for the AssessedResourceType const type.
func PossibleAssessedResourceTypeValues() []AssessedResourceType {
return []AssessedResourceType{
AssessedResourceTypeContainerRegistryVulnerability,
AssessedResourceTypeSQLServerVulnerability,
AssessedResourceTypeServerVulnerability,
}
}
// AssessmentStatusCode - Programmatic code for the status of the assessment
type AssessmentStatusCode string
const (
// AssessmentStatusCodeHealthy - The resource is healthy
AssessmentStatusCodeHealthy AssessmentStatusCode = "Healthy"
// AssessmentStatusCodeNotApplicable - Assessment for this resource did not happen
AssessmentStatusCodeNotApplicable AssessmentStatusCode = "NotApplicable"
// AssessmentStatusCodeUnhealthy - The resource has a security issue that needs to be addressed
AssessmentStatusCodeUnhealthy AssessmentStatusCode = "Unhealthy"
)
// PossibleAssessmentStatusCodeValues returns the possible values for the AssessmentStatusCode const type.
func PossibleAssessmentStatusCodeValues() []AssessmentStatusCode {
return []AssessmentStatusCode{
AssessmentStatusCodeHealthy,
AssessmentStatusCodeNotApplicable,
AssessmentStatusCodeUnhealthy,
}
}
// AssessmentType - BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on
// custom Azure Policy definition
type AssessmentType string
const (
// AssessmentTypeBuiltIn - Microsoft Defender for Cloud managed assessments
AssessmentTypeBuiltIn AssessmentType = "BuiltIn"
// AssessmentTypeCustomPolicy - User defined policies that are automatically ingested from Azure Policy to Microsoft Defender
// for Cloud
AssessmentTypeCustomPolicy AssessmentType = "CustomPolicy"
// AssessmentTypeCustomerManaged - User assessments pushed directly by the user or other third party to Microsoft Defender
// for Cloud
AssessmentTypeCustomerManaged AssessmentType = "CustomerManaged"
// AssessmentTypeVerifiedPartner - An assessment that was created by a verified 3rd party if the user connected it to ASC
AssessmentTypeVerifiedPartner AssessmentType = "VerifiedPartner"
)
// PossibleAssessmentTypeValues returns the possible values for the AssessmentType const type.
func PossibleAssessmentTypeValues() []AssessmentType {
return []AssessmentType{
AssessmentTypeBuiltIn,
AssessmentTypeCustomPolicy,
AssessmentTypeCustomerManaged,
AssessmentTypeVerifiedPartner,
}
}
// AuthenticationProvisioningState - State of the multi-cloud connector
type AuthenticationProvisioningState string
const (
// AuthenticationProvisioningStateExpired - the connection has expired
AuthenticationProvisioningStateExpired AuthenticationProvisioningState = "Expired"
// AuthenticationProvisioningStateIncorrectPolicy - Incorrect policy of the connector
AuthenticationProvisioningStateIncorrectPolicy AuthenticationProvisioningState = "IncorrectPolicy"
// AuthenticationProvisioningStateInvalid - Invalid connector
AuthenticationProvisioningStateInvalid AuthenticationProvisioningState = "Invalid"
// AuthenticationProvisioningStateValid - Valid connector
AuthenticationProvisioningStateValid AuthenticationProvisioningState = "Valid"
)
// PossibleAuthenticationProvisioningStateValues returns the possible values for the AuthenticationProvisioningState const type.
func PossibleAuthenticationProvisioningStateValues() []AuthenticationProvisioningState {
return []AuthenticationProvisioningState{
AuthenticationProvisioningStateExpired,
AuthenticationProvisioningStateIncorrectPolicy,
AuthenticationProvisioningStateInvalid,
AuthenticationProvisioningStateValid,
}
}
// AuthenticationType - Connect to your cloud account, for AWS use either account credentials or role-based authentication.
// For GCP use account organization credentials.
type AuthenticationType string
const (
// AuthenticationTypeAwsAssumeRole - AWS account connector assume role authentication
AuthenticationTypeAwsAssumeRole AuthenticationType = "awsAssumeRole"
// AuthenticationTypeAwsCreds - AWS cloud account connector user credentials authentication
AuthenticationTypeAwsCreds AuthenticationType = "awsCreds"
// AuthenticationTypeGcpCredentials - GCP account connector service to service authentication
AuthenticationTypeGcpCredentials AuthenticationType = "gcpCredentials"
)
// PossibleAuthenticationTypeValues returns the possible values for the AuthenticationType const type.
func PossibleAuthenticationTypeValues() []AuthenticationType {
return []AuthenticationType{
AuthenticationTypeAwsAssumeRole,
AuthenticationTypeAwsCreds,
AuthenticationTypeGcpCredentials,
}
}
// AutoProvision - Describes what kind of security agent provisioning action to take
type AutoProvision string
const (
// AutoProvisionOff - Do not install security agent on the VMs automatically
AutoProvisionOff AutoProvision = "Off"
// AutoProvisionOn - Install missing security agent on VMs automatically
AutoProvisionOn AutoProvision = "On"
)
// PossibleAutoProvisionValues returns the possible values for the AutoProvision const type.
func PossibleAutoProvisionValues() []AutoProvision {
return []AutoProvision{
AutoProvisionOff,
AutoProvisionOn,
}
}
// BundleType - Alert Simulator supported bundles.
type BundleType string
const (
BundleTypeAppServices BundleType = "AppServices"
BundleTypeDNS BundleType = "DNS"
BundleTypeKeyVaults BundleType = "KeyVaults"
BundleTypeKubernetesService BundleType = "KubernetesService"
BundleTypeResourceManager BundleType = "ResourceManager"
BundleTypeSQLServers BundleType = "SqlServers"
BundleTypeStorageAccounts BundleType = "StorageAccounts"
BundleTypeVirtualMachines BundleType = "VirtualMachines"
)
// PossibleBundleTypeValues returns the possible values for the BundleType const type.
func PossibleBundleTypeValues() []BundleType {
return []BundleType{
BundleTypeAppServices,
BundleTypeDNS,
BundleTypeKeyVaults,
BundleTypeKubernetesService,
BundleTypeResourceManager,
BundleTypeSQLServers,
BundleTypeStorageAccounts,
BundleTypeVirtualMachines,
}
}
// Categories - The categories of resource that is at risk when the assessment is unhealthy
type Categories string
const (
CategoriesCompute Categories = "Compute"
CategoriesData Categories = "Data"
CategoriesIdentityAndAccess Categories = "IdentityAndAccess"
CategoriesIoT Categories = "IoT"
CategoriesNetworking Categories = "Networking"
)
// PossibleCategoriesValues returns the possible values for the Categories const type.
func PossibleCategoriesValues() []Categories {
return []Categories{
CategoriesCompute,
CategoriesData,
CategoriesIdentityAndAccess,
CategoriesIoT,
CategoriesNetworking,
}
}
// CloudName - The multi cloud resource's cloud name.
type CloudName string
const (
CloudNameAWS CloudName = "AWS"
CloudNameAzure CloudName = "Azure"
CloudNameGCP CloudName = "GCP"
)
// PossibleCloudNameValues returns the possible values for the CloudName const type.
func PossibleCloudNameValues() []CloudName {
return []CloudName{
CloudNameAWS,
CloudNameAzure,
CloudNameGCP,
}
}
// ConfigurationStatus - The configuration status of the machines group or machine or rule
type ConfigurationStatus string
const (
ConfigurationStatusConfigured ConfigurationStatus = "Configured"
ConfigurationStatusFailed ConfigurationStatus = "Failed"
ConfigurationStatusInProgress ConfigurationStatus = "InProgress"
ConfigurationStatusNoStatus ConfigurationStatus = "NoStatus"
ConfigurationStatusNotConfigured ConfigurationStatus = "NotConfigured"
)
// PossibleConfigurationStatusValues returns the possible values for the ConfigurationStatus const type.
func PossibleConfigurationStatusValues() []ConfigurationStatus {
return []ConfigurationStatus{
ConfigurationStatusConfigured,
ConfigurationStatusFailed,
ConfigurationStatusInProgress,
ConfigurationStatusNoStatus,
ConfigurationStatusNotConfigured,
}
}
type ConnectionType string
const (
ConnectionTypeExternal ConnectionType = "External"
ConnectionTypeInternal ConnectionType = "Internal"
)
// PossibleConnectionTypeValues returns the possible values for the ConnectionType const type.
func PossibleConnectionTypeValues() []ConnectionType {
return []ConnectionType{
ConnectionTypeExternal,
ConnectionTypeInternal,
}
}
// ControlType - The type of security control (for example, BuiltIn)
type ControlType string
const (
// ControlTypeBuiltIn - Microsoft Defender for Cloud managed assessments
ControlTypeBuiltIn ControlType = "BuiltIn"
// ControlTypeCustom - Non Microsoft Defender for Cloud managed assessments
ControlTypeCustom ControlType = "Custom"
)
// PossibleControlTypeValues returns the possible values for the ControlType const type.
func PossibleControlTypeValues() []ControlType {
return []ControlType{
ControlTypeBuiltIn,
ControlTypeCustom,
}
}
// CreatedByType - The type of identity that created the resource.
type CreatedByType string
const (
CreatedByTypeApplication CreatedByType = "Application"
CreatedByTypeKey CreatedByType = "Key"
CreatedByTypeManagedIdentity CreatedByType = "ManagedIdentity"
CreatedByTypeUser CreatedByType = "User"
)
// PossibleCreatedByTypeValues returns the possible values for the CreatedByType const type.
func PossibleCreatedByTypeValues() []CreatedByType {
return []CreatedByType{
CreatedByTypeApplication,
CreatedByTypeKey,
CreatedByTypeManagedIdentity,
CreatedByTypeUser,
}
}
type DataSource string
const (
// DataSourceTwinData - Devices twin data
DataSourceTwinData DataSource = "TwinData"
)
// PossibleDataSourceValues returns the possible values for the DataSource const type.
func PossibleDataSourceValues() []DataSource {
return []DataSource{
DataSourceTwinData,
}
}
// Direction - The rule's direction
type Direction string
const (
DirectionInbound Direction = "Inbound"
DirectionOutbound Direction = "Outbound"
)
// PossibleDirectionValues returns the possible values for the Direction const type.
func PossibleDirectionValues() []Direction {
return []Direction{
DirectionInbound,
DirectionOutbound,
}
}
// EndOfSupportStatus - End of support status.
type EndOfSupportStatus string
const (
EndOfSupportStatusNoLongerSupported EndOfSupportStatus = "noLongerSupported"
EndOfSupportStatusNone EndOfSupportStatus = "None"
EndOfSupportStatusUpcomingNoLongerSupported EndOfSupportStatus = "upcomingNoLongerSupported"
EndOfSupportStatusUpcomingVersionNoLongerSupported EndOfSupportStatus = "upcomingVersionNoLongerSupported"
EndOfSupportStatusVersionNoLongerSupported EndOfSupportStatus = "versionNoLongerSupported"
)
// PossibleEndOfSupportStatusValues returns the possible values for the EndOfSupportStatus const type.
func PossibleEndOfSupportStatusValues() []EndOfSupportStatus {
return []EndOfSupportStatus{
EndOfSupportStatusNoLongerSupported,
EndOfSupportStatusNone,
EndOfSupportStatusUpcomingNoLongerSupported,
EndOfSupportStatusUpcomingVersionNoLongerSupported,
EndOfSupportStatusVersionNoLongerSupported,
}
}
// EnforcementMode - The application control policy enforcement/protection mode of the machine group
type EnforcementMode string
const (
EnforcementModeAudit EnforcementMode = "Audit"
EnforcementModeEnforce EnforcementMode = "Enforce"
EnforcementModeNone EnforcementMode = "None"
)
// PossibleEnforcementModeValues returns the possible values for the EnforcementMode const type.
func PossibleEnforcementModeValues() []EnforcementMode {
return []EnforcementMode{
EnforcementModeAudit,
EnforcementModeEnforce,
EnforcementModeNone,
}
}
// EnforcementSupport - The machine supportability of Enforce feature
type EnforcementSupport string
const (
EnforcementSupportNotSupported EnforcementSupport = "NotSupported"
EnforcementSupportSupported EnforcementSupport = "Supported"
EnforcementSupportUnknown EnforcementSupport = "Unknown"
)
// PossibleEnforcementSupportValues returns the possible values for the EnforcementSupport const type.
func PossibleEnforcementSupportValues() []EnforcementSupport {
return []EnforcementSupport{
EnforcementSupportNotSupported,
EnforcementSupportSupported,
EnforcementSupportUnknown,
}
}
// EventSource - A valid event source type.
type EventSource string
const (
EventSourceAlerts EventSource = "Alerts"
EventSourceAssessments EventSource = "Assessments"
EventSourceAssessmentsSnapshot EventSource = "AssessmentsSnapshot"
EventSourceRegulatoryComplianceAssessment EventSource = "RegulatoryComplianceAssessment"
EventSourceRegulatoryComplianceAssessmentSnapshot EventSource = "RegulatoryComplianceAssessmentSnapshot"
EventSourceSecureScoreControls EventSource = "SecureScoreControls"
EventSourceSecureScoreControlsSnapshot EventSource = "SecureScoreControlsSnapshot"
EventSourceSecureScores EventSource = "SecureScores"
EventSourceSecureScoresSnapshot EventSource = "SecureScoresSnapshot"
EventSourceSubAssessments EventSource = "SubAssessments"
EventSourceSubAssessmentsSnapshot EventSource = "SubAssessmentsSnapshot"
)
// PossibleEventSourceValues returns the possible values for the EventSource const type.
func PossibleEventSourceValues() []EventSource {
return []EventSource{
EventSourceAlerts,
EventSourceAssessments,
EventSourceAssessmentsSnapshot,
EventSourceRegulatoryComplianceAssessment,
EventSourceRegulatoryComplianceAssessmentSnapshot,
EventSourceSecureScoreControls,
EventSourceSecureScoreControlsSnapshot,
EventSourceSecureScores,
EventSourceSecureScoresSnapshot,
EventSourceSubAssessments,
EventSourceSubAssessmentsSnapshot,
}
}
type ExpandControlsEnum string
const (
// ExpandControlsEnumDefinition - Add definition object for each control
ExpandControlsEnumDefinition ExpandControlsEnum = "definition"
)
// PossibleExpandControlsEnumValues returns the possible values for the ExpandControlsEnum const type.
func PossibleExpandControlsEnumValues() []ExpandControlsEnum {
return []ExpandControlsEnum{
ExpandControlsEnumDefinition,
}
}
type ExpandEnum string
const (
// ExpandEnumLinks - All links associated with an assessment
ExpandEnumLinks ExpandEnum = "links"
// ExpandEnumMetadata - Assessment metadata
ExpandEnumMetadata ExpandEnum = "metadata"
)
// PossibleExpandEnumValues returns the possible values for the ExpandEnum const type.
func PossibleExpandEnumValues() []ExpandEnum {
return []ExpandEnum{
ExpandEnumLinks,
ExpandEnumMetadata,
}
}
type ExportData string
const (
// ExportDataRawEvents - Agent raw events
ExportDataRawEvents ExportData = "RawEvents"
)
// PossibleExportDataValues returns the possible values for the ExportData const type.
func PossibleExportDataValues() []ExportData {
return []ExportData{
ExportDataRawEvents,
}
}
// ExternalSecuritySolutionKind - The kind of the external solution
type ExternalSecuritySolutionKind string
const (
ExternalSecuritySolutionKindAAD ExternalSecuritySolutionKind = "AAD"
ExternalSecuritySolutionKindATA ExternalSecuritySolutionKind = "ATA"
ExternalSecuritySolutionKindCEF ExternalSecuritySolutionKind = "CEF"
)
// PossibleExternalSecuritySolutionKindValues returns the possible values for the ExternalSecuritySolutionKind const type.
func PossibleExternalSecuritySolutionKindValues() []ExternalSecuritySolutionKind {
return []ExternalSecuritySolutionKind{
ExternalSecuritySolutionKindAAD,
ExternalSecuritySolutionKindATA,
ExternalSecuritySolutionKindCEF,
}
}
// FileType - The type of the file (for Linux files - Executable is used)
type FileType string
const (
FileTypeDll FileType = "Dll"
FileTypeExe FileType = "Exe"
FileTypeExecutable FileType = "Executable"
FileTypeMsi FileType = "Msi"
FileTypeScript FileType = "Script"
FileTypeUnknown FileType = "Unknown"
)
// PossibleFileTypeValues returns the possible values for the FileType const type.
func PossibleFileTypeValues() []FileType {
return []FileType{
FileTypeDll,
FileTypeExe,
FileTypeExecutable,
FileTypeMsi,
FileTypeScript,
FileTypeUnknown,
}
}
// HybridComputeProvisioningState - State of the service principal and its secret
type HybridComputeProvisioningState string
const (
// HybridComputeProvisioningStateExpired - the service principal details are expired
HybridComputeProvisioningStateExpired HybridComputeProvisioningState = "Expired"
// HybridComputeProvisioningStateInvalid - Invalid service principal details.
HybridComputeProvisioningStateInvalid HybridComputeProvisioningState = "Invalid"
// HybridComputeProvisioningStateValid - Valid service principal details.
HybridComputeProvisioningStateValid HybridComputeProvisioningState = "Valid"
)
// PossibleHybridComputeProvisioningStateValues returns the possible values for the HybridComputeProvisioningState const type.
func PossibleHybridComputeProvisioningStateValues() []HybridComputeProvisioningState {
return []HybridComputeProvisioningState{
HybridComputeProvisioningStateExpired,
HybridComputeProvisioningStateInvalid,
HybridComputeProvisioningStateValid,
}
}
// ImplementationEffort - The implementation effort required to remediate this assessment
type ImplementationEffort string
const (
ImplementationEffortHigh ImplementationEffort = "High"
ImplementationEffortLow ImplementationEffort = "Low"
ImplementationEffortModerate ImplementationEffort = "Moderate"
)
// PossibleImplementationEffortValues returns the possible values for the ImplementationEffort const type.
func PossibleImplementationEffortValues() []ImplementationEffort {
return []ImplementationEffort{
ImplementationEffortHigh,
ImplementationEffortLow,
ImplementationEffortModerate,
}
}
type InformationProtectionPolicyName string
const (
InformationProtectionPolicyNameCustom InformationProtectionPolicyName = "custom"
InformationProtectionPolicyNameEffective InformationProtectionPolicyName = "effective"
)
// PossibleInformationProtectionPolicyNameValues returns the possible values for the InformationProtectionPolicyName const type.
func PossibleInformationProtectionPolicyNameValues() []InformationProtectionPolicyName {
return []InformationProtectionPolicyName{
InformationProtectionPolicyNameCustom,
InformationProtectionPolicyNameEffective,
}
}
// Intent - The kill chain related intent behind the alert. For list of supported values, and explanations of Azure Security
// Center's supported kill chain intents.
type Intent string
const (
// IntentCollection - Collection consists of techniques used to identify and gather information, such as sensitive files,
// from a target network prior to exfiltration.
IntentCollection Intent = "Collection"
// IntentCommandAndControl - The command and control tactic represents how adversaries communicate with systems under their
// control within a target network.
IntentCommandAndControl Intent = "CommandAndControl"
// IntentCredentialAccess - Credential access represents techniques resulting in access to or control over system, domain,
// or service credentials that are used within an enterprise environment.
IntentCredentialAccess Intent = "CredentialAccess"
// IntentDefenseEvasion - Defense evasion consists of techniques an adversary may use to evade detection or avoid other defenses.
IntentDefenseEvasion Intent = "DefenseEvasion"
// IntentDiscovery - Discovery consists of techniques that allow the adversary to gain knowledge about the system and internal
// network.
IntentDiscovery Intent = "Discovery"
// IntentExecution - The execution tactic represents techniques that result in execution of adversary-controlled code on a
// local or remote system.
IntentExecution Intent = "Execution"
// IntentExfiltration - Exfiltration refers to techniques and attributes that result or aid in the adversary removing files
// and information from a target network.
IntentExfiltration Intent = "Exfiltration"
// IntentExploitation - Exploitation is the stage where an attacker manages to get a foothold on the attacked resource. This
// stage is relevant for compute hosts and resources such as user accounts, certificates etc.
IntentExploitation Intent = "Exploitation"
// IntentImpact - Impact events primarily try to directly reduce the availability or integrity of a system, service, or network;
// including manipulation of data to impact a business or operational process.
IntentImpact Intent = "Impact"
// IntentInitialAccess - InitialAccess is the stage where an attacker manages to get foothold on the attacked resource.
IntentInitialAccess Intent = "InitialAccess"
// IntentLateralMovement - Lateral movement consists of techniques that enable an adversary to access and control remote systems
// on a network and could, but does not necessarily, include execution of tools on remote systems.
IntentLateralMovement Intent = "LateralMovement"
// IntentPersistence - Persistence is any access, action, or configuration change to a system that gives a threat actor a
// persistent presence on that system.
IntentPersistence Intent = "Persistence"
// IntentPreAttack - PreAttack could be either an attempt to access a certain resource regardless of a malicious intent, or
// a failed attempt to gain access to a target system to gather information prior to exploitation. This step is usually detected
// as an attempt, originating from outside the network, to scan the target system and find a way in. Further details on the
// PreAttack stage can be read in [MITRE Pre-Att&ck matrix](https://attack.mitre.org/matrices/pre/).
IntentPreAttack Intent = "PreAttack"
// IntentPrivilegeEscalation - Privilege escalation is the result of actions that allow an adversary to obtain a higher level
// of permissions on a system or network.
IntentPrivilegeEscalation Intent = "PrivilegeEscalation"
// IntentProbing - Probing could be either an attempt to access a certain resource regardless of a malicious intent, or a
// failed attempt to gain access to a target system to gather information prior to exploitation.
IntentProbing Intent = "Probing"
// IntentUnknown - Unknown
IntentUnknown Intent = "Unknown"
)
// PossibleIntentValues returns the possible values for the Intent const type.
func PossibleIntentValues() []Intent {
return []Intent{
IntentCollection,
IntentCommandAndControl,
IntentCredentialAccess,
IntentDefenseEvasion,
IntentDiscovery,
IntentExecution,
IntentExfiltration,
IntentExploitation,
IntentImpact,
IntentInitialAccess,
IntentLateralMovement,
IntentPersistence,
IntentPreAttack,
IntentPrivilegeEscalation,
IntentProbing,
IntentUnknown,
}
}
// Kind - The kind of alert simulation.
type Kind string
const (
// KindBundles - Simulate alerts according to bundles
KindBundles Kind = "Bundles"
)
// PossibleKindValues returns the possible values for the Kind const type.
func PossibleKindValues() []Kind {
return []Kind{
KindBundles,
}
}
// OfferingType - The type of the security offering.
type OfferingType string
const (
OfferingTypeCspmMonitorAws OfferingType = "CspmMonitorAws"
OfferingTypeDefenderForContainersAws OfferingType = "DefenderForContainersAws"
OfferingTypeDefenderForServersAws OfferingType = "DefenderForServersAws"
OfferingTypeInformationProtectionAws OfferingType = "InformationProtectionAws"
)
// PossibleOfferingTypeValues returns the possible values for the OfferingType const type.
func PossibleOfferingTypeValues() []OfferingType {
return []OfferingType{
OfferingTypeCspmMonitorAws,
OfferingTypeDefenderForContainersAws,
OfferingTypeDefenderForServersAws,
OfferingTypeInformationProtectionAws,
}
}
// Operator - A valid comparer operator to use. A case-insensitive comparison will be applied for String PropertyType.
type Operator string
const (
// OperatorContains - Applies only for non-decimal operands
OperatorContains Operator = "Contains"
// OperatorEndsWith - Applies only for non-decimal operands
OperatorEndsWith Operator = "EndsWith"
// OperatorEquals - Applies for decimal and non-decimal operands
OperatorEquals Operator = "Equals"
// OperatorGreaterThan - Applies only for decimal operands
OperatorGreaterThan Operator = "GreaterThan"
// OperatorGreaterThanOrEqualTo - Applies only for decimal operands
OperatorGreaterThanOrEqualTo Operator = "GreaterThanOrEqualTo"
// OperatorLesserThan - Applies only for decimal operands
OperatorLesserThan Operator = "LesserThan"
// OperatorLesserThanOrEqualTo - Applies only for decimal operands
OperatorLesserThanOrEqualTo Operator = "LesserThanOrEqualTo"
// OperatorNotEquals - Applies for decimal and non-decimal operands
OperatorNotEquals Operator = "NotEquals"
// OperatorStartsWith - Applies only for non-decimal operands
OperatorStartsWith Operator = "StartsWith"
)
// PossibleOperatorValues returns the possible values for the Operator const type.
func PossibleOperatorValues() []Operator {
return []Operator{
OperatorContains,
OperatorEndsWith,
OperatorEquals,
OperatorGreaterThan,
OperatorGreaterThanOrEqualTo,
OperatorLesserThan,
OperatorLesserThanOrEqualTo,
OperatorNotEquals,
OperatorStartsWith,
}
}
// OrganizationMembershipType - The multi cloud account's membership type in the organization
type OrganizationMembershipType string
const (
OrganizationMembershipTypeMember OrganizationMembershipType = "Member"
OrganizationMembershipTypeOrganization OrganizationMembershipType = "Organization"
)
// PossibleOrganizationMembershipTypeValues returns the possible values for the OrganizationMembershipType const type.
func PossibleOrganizationMembershipTypeValues() []OrganizationMembershipType {
return []OrganizationMembershipType{
OrganizationMembershipTypeMember,
OrganizationMembershipTypeOrganization,
}
}
// PermissionProperty - A permission detected in the cloud account.
type PermissionProperty string
const (
// PermissionPropertyAWSAWSSecurityHubReadOnlyAccess - This permission provides read only access to AWS Security Hub resources.
PermissionPropertyAWSAWSSecurityHubReadOnlyAccess PermissionProperty = "AWS::AWSSecurityHubReadOnlyAccess"
// PermissionPropertyAWSAmazonSSMAutomationRole - The permission provides for EC2 Automation service to execute activities
// defined within Automation documents.
PermissionPropertyAWSAmazonSSMAutomationRole PermissionProperty = "AWS::AmazonSSMAutomationRole"
// PermissionPropertyAWSSecurityAudit - This permission grants access to read security configuration metadata.
PermissionPropertyAWSSecurityAudit PermissionProperty = "AWS::SecurityAudit"
// PermissionPropertyGCPSecurityCenterAdminViewer - This permission provides read only access to GCP Security Command Center.
PermissionPropertyGCPSecurityCenterAdminViewer PermissionProperty = "GCP::Security Center Admin Viewer"
)
// PossiblePermissionPropertyValues returns the possible values for the PermissionProperty const type.
func PossiblePermissionPropertyValues() []PermissionProperty {
return []PermissionProperty{
PermissionPropertyAWSAWSSecurityHubReadOnlyAccess,
PermissionPropertyAWSAmazonSSMAutomationRole,
PermissionPropertyAWSSecurityAudit,
PermissionPropertyGCPSecurityCenterAdminViewer,
}
}
// PricingTier - The pricing tier value. Microsoft Defender for Cloud is provided in two pricing tiers: free and standard,
// with the standard tier available with a trial period. The standard tier offers advanced
// security capabilities, while the free tier offers basic security features.
type PricingTier string
const (
// PricingTierFree - Get free Microsoft Defender for Cloud experience with basic security features
PricingTierFree PricingTier = "Free"
// PricingTierStandard - Get the standard Microsoft Defender for Cloud experience with advanced security features
PricingTierStandard PricingTier = "Standard"
)
// PossiblePricingTierValues returns the possible values for the PricingTier const type.
func PossiblePricingTierValues() []PricingTier {
return []PricingTier{
PricingTierFree,
PricingTierStandard,
}
}
// PropertyType - The data type of the compared operands (string, integer, floating point number or a boolean [true/false]]
type PropertyType string
const (
PropertyTypeBoolean PropertyType = "Boolean"
PropertyTypeInteger PropertyType = "Integer"
PropertyTypeNumber PropertyType = "Number"
PropertyTypeString PropertyType = "String"
)
// PossiblePropertyTypeValues returns the possible values for the PropertyType const type.
func PossiblePropertyTypeValues() []PropertyType {
return []PropertyType{
PropertyTypeBoolean,
PropertyTypeInteger,
PropertyTypeNumber,
PropertyTypeString,
}
}
type Protocol string
const (
ProtocolAll Protocol = "*"
ProtocolTCP Protocol = "TCP"
ProtocolUDP Protocol = "UDP"
)
// PossibleProtocolValues returns the possible values for the Protocol const type.
func PossibleProtocolValues() []Protocol {
return []Protocol{
ProtocolAll,
ProtocolTCP,
ProtocolUDP,
}
}
// ProvisioningState - The security family provisioning State
type ProvisioningState string
const (
ProvisioningStateFailed ProvisioningState = "Failed"
ProvisioningStateSucceeded ProvisioningState = "Succeeded"
ProvisioningStateUpdating ProvisioningState = "Updating"
)
// PossibleProvisioningStateValues returns the possible values for the ProvisioningState const type.
func PossibleProvisioningStateValues() []ProvisioningState {
return []ProvisioningState{
ProvisioningStateFailed,
ProvisioningStateSucceeded,
ProvisioningStateUpdating,
}
}
// Rank - The rank of the sensitivity label.
type Rank string
const (
RankNone Rank = "None"
RankLow Rank = "Low"
RankMedium Rank = "Medium"
RankHigh Rank = "High"
RankCritical Rank = "Critical"
)
// PossibleRankValues returns the possible values for the Rank const type.