swagger: '2.0' info: title: Microsoft Azure Security Center description: API spec for Microsoft.Security (Azure Security Center) resource provider version: 2024-03-01-preview host: management.azure.com schemes: - https consumes: - application/json produces: - application/json security: - azure_auth: - user_impersonation securityDefinitions: azure_auth: type: oauth2 authorizationUrl: https://login.microsoftonline.com/common/oauth2/authorize flow: implicit description: Azure Active Directory OAuth2 Flow scopes: user_impersonation: impersonate your user account paths: /subscriptions/{subscriptionId}/providers/Microsoft.Security/securityConnectors: get: x-ms-examples: List all security connectors of a specified subscription: $ref: >- ./examples/SecurityConnectors/GetSecurityConnectorsSubscription_example.json tags: - SecurityConnectors description: >- Lists all the security connectors in the specified subscription. Use the 'nextLink' property in the response to get the next page of security connectors for the specified subscription. operationId: microsoftAzureSecurityconnectorsList parameters: - $ref: ../../../common/v1/types.json#/parameters/ApiVersion - $ref: ../../../common/v1/types.json#/parameters/SubscriptionId responses: '200': description: OK schema: $ref: '#/definitions/SecurityConnectorsList' default: description: Error response that describes why the operation failed. schema: $ref: ../../../common/v1/types.json#/definitions/CloudError x-ms-pageable: nextLinkName: nextLink summary: >- Microsoft Azure Get Subscriptions Subscriptionid Providers Microsoft Security Securityconnectors /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors: get: x-ms-examples: List all security connectors of a specified resource group: $ref: >- ./examples/SecurityConnectors/GetSecurityConnectorsResourceGroup_example.json tags: - SecurityConnectors description: >- Lists all the security connectors in the specified resource group. Use the 'nextLink' property in the response to get the next page of security connectors for the specified resource group. operationId: microsoftAzureSecurityconnectorsListbyresourcegroup parameters: - $ref: ../../../common/v1/types.json#/parameters/ApiVersion - $ref: ../../../common/v1/types.json#/parameters/SubscriptionId - $ref: ../../../common/v1/types.json#/parameters/ResourceGroupName responses: '200': description: OK schema: $ref: '#/definitions/SecurityConnectorsList' default: description: Error response that describes why the operation failed. schema: $ref: ../../../common/v1/types.json#/definitions/CloudError x-ms-pageable: nextLinkName: nextLink summary: >- Microsoft Azure Get Subscriptions Subscriptionid Resourcegroups Resourcegroupname Providers Microsoft Security Securityconnectors ? /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName} : get: x-ms-examples: Retrieve a security connector: $ref: >- ./examples/SecurityConnectors/GetSecurityConnectorSingleResource_example.json tags: - SecurityConnectors description: Retrieves details of a specific security connector operationId: microsoftAzureSecurityconnectorsGet parameters: - $ref: ../../../common/v1/types.json#/parameters/ApiVersion - $ref: ../../../common/v1/types.json#/parameters/SubscriptionId - $ref: ../../../common/v1/types.json#/parameters/ResourceGroupName - $ref: '#/parameters/securityConnectorName' responses: '200': description: OK schema: $ref: '#/definitions/SecurityConnector' default: description: Error response that describes why the operation failed. schema: $ref: ../../../common/v1/types.json#/definitions/CloudError summary: >- Microsoft Azure Get Subscriptions Subscriptionid Resourcegroups Resourcegroupname Providers Microsoft Security Securityconnectors Securityconnectorname put: x-ms-examples: Create or update a security connector: $ref: ./examples/SecurityConnectors/PutSecurityConnector_example.json tags: - SecurityConnectors description: >- Creates or updates a security connector. If a security connector is already created and a subsequent request is issued for the same security connector id, then it will be updated. operationId: microsoftAzureSecurityconnectorsCreateorupdate parameters: - $ref: ../../../common/v1/types.json#/parameters/ApiVersion - $ref: ../../../common/v1/types.json#/parameters/SubscriptionId - $ref: ../../../common/v1/types.json#/parameters/ResourceGroupName - $ref: '#/parameters/securityConnectorName' - $ref: '#/parameters/securityConnectorInBody' responses: '200': description: OK schema: $ref: '#/definitions/SecurityConnector' '201': description: Created schema: $ref: '#/definitions/SecurityConnector' default: description: Error response that describes why the operation failed. schema: $ref: ../../../common/v1/types.json#/definitions/CloudError summary: >- Microsoft Azure Put Subscriptions Subscriptionid Resourcegroups Resourcegroupname Providers Microsoft Security Securityconnectors Securityconnectorname patch: x-ms-examples: Update a security connector: $ref: ./examples/SecurityConnectors/PatchSecurityConnector_example.json tags: - SecurityConnectors description: Updates a security connector operationId: microsoftAzureSecurityconnectorsUpdate parameters: - $ref: ../../../common/v1/types.json#/parameters/ApiVersion - $ref: ../../../common/v1/types.json#/parameters/SubscriptionId - $ref: ../../../common/v1/types.json#/parameters/ResourceGroupName - $ref: '#/parameters/securityConnectorName' - $ref: '#/parameters/securityConnectorInBody' responses: '200': description: OK schema: $ref: '#/definitions/SecurityConnector' default: description: Error response that describes why the operation failed. schema: $ref: ../../../common/v1/types.json#/definitions/CloudError summary: >- Microsoft Azure Patch Subscriptions Subscriptionid Resourcegroups Resourcegroupname Providers Microsoft Security Securityconnectors Securityconnectorname delete: x-ms-examples: Delete a security connector: $ref: ./examples/SecurityConnectors/DeleteSecurityConnector_example.json tags: - SecurityConnectors operationId: microsoftAzureSecurityconnectorsDelete description: Deletes a security connector. parameters: - $ref: ../../../common/v1/types.json#/parameters/ApiVersion - $ref: ../../../common/v1/types.json#/parameters/SubscriptionId - $ref: ../../../common/v1/types.json#/parameters/ResourceGroupName - $ref: '#/parameters/securityConnectorName' responses: '200': description: The resource was deleted successfully '204': description: NoContent default: description: Error response that describes why the operation failed. schema: $ref: ../../../common/v1/types.json#/definitions/CloudError summary: >- Microsoft Azure Delete Subscriptions Subscriptionid Resourcegroups Resourcegroupname Providers Microsoft Security Securityconnectors Securityconnectorname definitions: SecurityConnectorsList: type: object description: List of security connectors response. required: - value properties: value: type: array description: The list of security connectors under the given scope. items: $ref: '#/definitions/SecurityConnector' nextLink: readOnly: true type: string description: The URI to fetch the next page. SecurityConnector: type: object description: The security connector resource. properties: systemData: readOnly: true type: object description: >- Azure Resource Manager metadata containing createdBy and modifiedBy information. $ref: >- ../../../../../common-types/resource-management/v2/types.json#/definitions/systemData properties: x-ms-client-flatten: true description: Security connector data $ref: '#/definitions/SecurityConnectorProperties' allOf: - $ref: ../../../common/v1/types.json#/definitions/TrackedResource SecurityConnectorProperties: type: object description: A set of properties that defines the security connector configuration. properties: hierarchyIdentifier: type: string description: >- The multi cloud resource identifier (account id in case of AWS connector, project number in case of GCP connector). hierarchyIdentifierTrialEndDate: type: string format: date-time readOnly: true description: >- The date on which the trial period will end, if applicable. Trial period exists for 30 days after upgrading to payed offerings. environmentName: type: string description: The multi cloud resource's cloud name. enum: - Azure - AWS - GCP - Github - AzureDevOps - GitLab x-ms-enum: name: cloudName modelAsString: true offerings: type: array description: A collection of offerings for the security connector. items: $ref: '#/definitions/cloudOffering' x-ms-identifiers: [] environmentData: type: object description: The security connector environment data. $ref: '#/definitions/EnvironmentData' EnvironmentData: type: object description: The security connector environment data. discriminator: environmentType required: - environmentType properties: environmentType: type: string description: The type of the environment data. enum: - AwsAccount - GcpProject - GithubScope - AzureDevOpsScope - GitlabScope x-ms-enum: name: environmentType modelAsString: true AwsEnvironmentData: type: object description: The AWS connector environment data x-ms-discriminator-value: AwsAccount allOf: - $ref: '#/definitions/EnvironmentData' properties: organizationalData: type: object description: The AWS account's organizational data $ref: '#/definitions/AwsOrganizationalData' regions: type: array description: list of regions to scan items: type: string description: AWS regions names accountName: type: string description: The AWS account name readOnly: true scanInterval: type: integer format: int64 description: Scan interval in hours (value should be between 1-hour to 24-hours) AwsOrganizationalData: type: object description: The AWS organization data discriminator: organizationMembershipType required: - organizationMembershipType properties: organizationMembershipType: type: string description: The multi cloud account's membership type in the organization enum: - Member - Organization x-ms-enum: name: organizationMembershipType modelAsString: true AwsOrganizationalDataMaster: type: object description: The AWS organization data for the master account x-ms-discriminator-value: Organization allOf: - $ref: '#/definitions/AwsOrganizationalData' properties: stacksetName: type: string description: >- If the multi cloud account is of membership type organization, this will be the name of the onboarding stackset excludedAccountIds: type: array description: >- If the multi cloud account is of membership type organization, list of accounts excluded from offering items: type: string description: account IDs AwsOrganizationalDataMember: type: object description: The AWS organization data for the member account x-ms-discriminator-value: Member allOf: - $ref: '#/definitions/AwsOrganizationalData' properties: parentHierarchyId: type: string description: >- If the multi cloud account is not of membership type organization, this will be the ID of the account's parent GcpProjectEnvironmentData: type: object description: The GCP project connector environment data x-ms-discriminator-value: GcpProject allOf: - $ref: '#/definitions/EnvironmentData' properties: organizationalData: type: object description: The Gcp project's organizational data $ref: '#/definitions/GcpOrganizationalData' projectDetails: type: object description: The Gcp project's details $ref: '#/definitions/GcpProjectDetails' scanInterval: type: integer format: int64 description: Scan interval in hours (value should be between 1-hour to 24-hours) GcpProjectDetails: type: object description: The details about the project represented by the security connector properties: projectNumber: type: string description: The unique GCP Project number projectId: type: string description: The GCP Project id workloadIdentityPoolId: readOnly: true type: string description: The GCP workload identity federation pool id projectName: readOnly: true type: string description: GCP project name GcpOrganizationalData: type: object description: The gcpOrganization data discriminator: organizationMembershipType required: - organizationMembershipType properties: organizationMembershipType: type: string description: The multi cloud account's membership type in the organization enum: - Member - Organization x-ms-enum: name: organizationMembershipType modelAsString: true GcpOrganizationalDataOrganization: type: object description: The gcpOrganization data for the parent account x-ms-discriminator-value: Organization allOf: - $ref: '#/definitions/GcpOrganizationalData' properties: excludedProjectNumbers: type: array description: >- If the multi cloud account is of membership type organization, list of accounts excluded from offering items: type: string description: account IDs serviceAccountEmailAddress: type: string description: >- The service account email address which represents the organization level permissions container. workloadIdentityProviderId: type: string description: >- The GCP workload identity provider id which represents the permissions required to auto provision security connectors organizationName: readOnly: true type: string description: GCP organization name GcpOrganizationalDataMember: type: object description: The gcpOrganization data for the member account x-ms-discriminator-value: Member allOf: - $ref: '#/definitions/GcpOrganizationalData' properties: parentHierarchyId: type: string description: >- If the multi cloud account is not of membership type organization, this will be the ID of the project's parent managementProjectNumber: type: string description: The GCP management project number from organizational onboarding GithubScopeEnvironmentData: type: object description: The github scope connector's environment data x-ms-discriminator-value: GithubScope allOf: - $ref: '#/definitions/EnvironmentData' properties: {} AzureDevOpsScopeEnvironmentData: type: object description: The AzureDevOps scope connector's environment data x-ms-discriminator-value: AzureDevOpsScope allOf: - $ref: '#/definitions/EnvironmentData' properties: {} GitlabScopeEnvironmentData: type: object description: The GitLab scope connector's environment data x-ms-discriminator-value: GitlabScope allOf: - $ref: '#/definitions/EnvironmentData' properties: {} cloudOffering: type: object description: The security offering details discriminator: offeringType required: - offeringType properties: offeringType: type: string description: The type of the security offering. enum: - CspmMonitorAws - DefenderForContainersAws - DefenderForServersAws - DefenderForDatabasesAws - CspmMonitorGcp - CspmMonitorGithub - CspmMonitorAzureDevOps - DefenderForServersGcp - DefenderForContainersGcp - DefenderForDatabasesGcp - DefenderCspmAws - DefenderCspmGcp - CspmMonitorGitLab x-ms-enum: name: offeringType modelAsString: true description: type: string description: The offering description. readOnly: true cspmMonitorAwsOffering: type: object description: The CSPM monitoring for AWS offering x-ms-discriminator-value: CspmMonitorAws allOf: - $ref: '#/definitions/cloudOffering' properties: nativeCloudConnection: type: object description: The native cloud connection configuration properties: cloudRoleArn: type: string description: The cloud role ARN in AWS for this feature defenderForContainersAwsOffering: type: object description: The Defender for Containers AWS offering x-ms-discriminator-value: DefenderForContainersAws allOf: - $ref: '#/definitions/cloudOffering' properties: kubernetesService: type: object description: The kubernetes service connection configuration properties: cloudRoleArn: type: string description: >- The cloud role ARN in AWS for this feature used for provisioning resources kubernetesDataCollection: type: object description: The kubernetes data collection connection configuration properties: cloudRoleArn: type: string description: The cloud role ARN in AWS for this feature used for reading data cloudWatchToKinesis: type: object description: The cloudwatch to kinesis connection configuration properties: cloudRoleArn: type: string description: >- The cloud role ARN in AWS used by CloudWatch to transfer data into Kinesis kinesisToS3: type: object description: The kinesis to s3 connection configuration properties: cloudRoleArn: type: string description: The cloud role ARN in AWS used by Kinesis to transfer data into S3 enableAuditLogsAutoProvisioning: type: boolean description: Is audit logs data collection enabled enableDefenderAgentAutoProvisioning: type: boolean description: >- Is Microsoft Defender for Cloud Kubernetes agent auto provisioning enabled enablePolicyAgentAutoProvisioning: type: boolean description: Is Policy Kubernetes agent auto provisioning enabled kubeAuditRetentionTime: type: integer format: int64 description: >- The retention time in days of kube audit logs set on the CloudWatch log group dataCollectionExternalId: type: string description: >- The externalId used by the data reader to prevent the confused deputy attack mdcContainersImageAssessment: type: object description: The Microsoft Defender container image assessment configuration properties: enabled: type: boolean description: Is Microsoft Defender container image assessment enabled cloudRoleArn: type: string description: The cloud role ARN in AWS for this feature mdcContainersAgentlessDiscoveryK8s: type: object description: The Microsoft Defender container agentless discovery K8s configuration properties: enabled: type: boolean description: Is Microsoft Defender container agentless discovery K8s enabled cloudRoleArn: type: string description: The cloud role ARN in AWS for this feature vmScanners: type: object description: >- The Microsoft Defender for Container K8s VM host scanning configuration allOf: - $ref: '#/definitions/vmScannersAws' properties: {} defenderForServersAwsOffering: type: object description: The Defender for Servers AWS offering x-ms-discriminator-value: DefenderForServersAws allOf: - $ref: '#/definitions/cloudOffering' properties: defenderForServers: type: object description: The Defender for servers connection configuration properties: cloudRoleArn: type: string description: The cloud role ARN in AWS for this feature arcAutoProvisioning: type: object description: The ARC autoprovisioning configuration allOf: - $ref: '#/definitions/arcAutoProvisioningAws' properties: {} vaAutoProvisioning: type: object description: The Vulnerability Assessment autoprovisioning configuration properties: enabled: type: boolean description: Is Vulnerability Assessment auto provisioning enabled configuration: type: object description: configuration for Vulnerability Assessment autoprovisioning properties: type: type: string description: >- The Vulnerability Assessment solution to be provisioned. Can be either 'TVM' or 'Qualys' enum: - Qualys - TVM x-ms-enum: name: type modelAsString: true mdeAutoProvisioning: type: object description: The Microsoft Defender for Endpoint autoprovisioning configuration properties: enabled: type: boolean description: Is Microsoft Defender for Endpoint auto provisioning enabled configuration: type: object description: configuration for Microsoft Defender for Endpoint autoprovisioning properties: {} subPlan: type: object description: configuration for the servers offering subPlan properties: type: type: string description: The available sub plans enum: - P1 - P2 x-ms-enum: name: subPlan modelAsString: true vmScanners: type: object description: The Microsoft Defender for Server VM scanning configuration allOf: - $ref: '#/definitions/vmScannersAws' properties: {} defenderFoDatabasesAwsOffering: type: object description: The Defender for Databases AWS offering x-ms-discriminator-value: DefenderForDatabasesAws allOf: - $ref: '#/definitions/cloudOffering' properties: arcAutoProvisioning: type: object description: The ARC autoprovisioning configuration allOf: - $ref: '#/definitions/arcAutoProvisioningAws' properties: {} rds: type: object description: The RDS configuration properties: enabled: type: boolean description: Is RDS protection enabled cloudRoleArn: type: string description: The cloud role ARN in AWS for this feature databasesDspm: type: object description: The databases data security posture management (DSPM) configuration properties: enabled: type: boolean description: >- Is databases data security posture management (DSPM) protection enabled cloudRoleArn: type: string description: The cloud role ARN in AWS for this feature cspmMonitorGcpOffering: type: object description: The CSPM monitoring for GCP offering x-ms-discriminator-value: CspmMonitorGcp allOf: - $ref: '#/definitions/cloudOffering' properties: nativeCloudConnection: type: object description: The native cloud connection configuration properties: workloadIdentityProviderId: type: string description: The GCP workload identity provider id for the offering serviceAccountEmailAddress: type: string description: The service account email address in GCP for this offering defenderForServersGcpOffering: type: object description: The Defender for Servers GCP offering configurations x-ms-discriminator-value: DefenderForServersGcp allOf: - $ref: '#/definitions/cloudOffering' properties: defenderForServers: type: object description: The Defender for servers connection configuration properties: workloadIdentityProviderId: type: string description: The workload identity provider id in GCP for this feature serviceAccountEmailAddress: type: string description: The service account email address in GCP for this feature arcAutoProvisioning: type: object description: The ARC autoprovisioning configuration allOf: - $ref: '#/definitions/arcAutoProvisioningGcp' properties: {} vaAutoProvisioning: type: object description: The Vulnerability Assessment autoprovisioning configuration properties: enabled: type: boolean description: Is Vulnerability Assessment auto provisioning enabled configuration: type: object description: configuration for Vulnerability Assessment autoprovisioning properties: type: type: string description: >- The Vulnerability Assessment solution to be provisioned. Can be either 'TVM' or 'Qualys' enum: - Qualys - TVM x-ms-enum: name: type modelAsString: true mdeAutoProvisioning: type: object description: The Microsoft Defender for Endpoint autoprovisioning configuration properties: enabled: type: boolean description: Is Microsoft Defender for Endpoint auto provisioning enabled configuration: type: object description: configuration for Microsoft Defender for Endpoint autoprovisioning properties: {} subPlan: type: object description: configuration for the servers offering subPlan properties: type: type: string description: The available sub plans enum: - P1 - P2 x-ms-enum: name: subPlan modelAsString: true vmScanners: type: object description: The Microsoft Defender for Server VM scanning configuration allOf: - $ref: '#/definitions/vmScannersGcp' properties: {} defenderForDatabasesGcpOffering: type: object description: The Defender for Databases GCP offering configurations x-ms-discriminator-value: DefenderForDatabasesGcp allOf: - $ref: '#/definitions/cloudOffering' properties: arcAutoProvisioning: type: object description: The ARC autoprovisioning configuration allOf: - $ref: '#/definitions/arcAutoProvisioningGcp' properties: {} defenderForDatabasesArcAutoProvisioning: type: object description: The native cloud connection configuration properties: serviceAccountEmailAddress: type: string description: The service account email address in GCP for this offering workloadIdentityProviderId: type: string description: The GCP workload identity provider id for this offering defenderForContainersGcpOffering: type: object description: The containers GCP offering x-ms-discriminator-value: DefenderForContainersGcp allOf: - $ref: '#/definitions/cloudOffering' properties: nativeCloudConnection: type: object description: The native cloud connection configuration properties: serviceAccountEmailAddress: type: string description: The service account email address in GCP for this offering workloadIdentityProviderId: type: string description: The GCP workload identity provider id for this offering dataPipelineNativeCloudConnection: type: object description: The native cloud connection configuration properties: serviceAccountEmailAddress: type: string description: >- The data collection service account email address in GCP for this offering workloadIdentityProviderId: type: string description: >- The data collection GCP workload identity provider id for this offering enableAuditLogsAutoProvisioning: type: boolean description: Is audit logs data collection enabled enableDefenderAgentAutoProvisioning: type: boolean description: >- Is Microsoft Defender for Cloud Kubernetes agent auto provisioning enabled enablePolicyAgentAutoProvisioning: type: boolean description: Is Policy Kubernetes agent auto provisioning enabled mdcContainersImageAssessment: type: object description: The Microsoft Defender Container image assessment configuration properties: enabled: type: boolean description: Is Microsoft Defender container image assessment enabled workloadIdentityProviderId: type: string description: The workload identity provider id in GCP for this feature serviceAccountEmailAddress: type: string description: The service account email address in GCP for this feature mdcContainersAgentlessDiscoveryK8s: type: object description: The Microsoft Defender Container agentless discovery configuration properties: enabled: type: boolean description: Is Microsoft Defender container agentless discovery enabled workloadIdentityProviderId: type: string description: The workload identity provider id in GCP for this feature serviceAccountEmailAddress: type: string description: The service account email address in GCP for this feature vmScanners: type: object description: >- The Microsoft Defender for Container K8s VM host scanning configuration allOf: - $ref: '#/definitions/vmScannersGcp' properties: {} cspmMonitorGithubOffering: type: object description: The CSPM monitoring for github offering x-ms-discriminator-value: CspmMonitorGithub allOf: - $ref: '#/definitions/cloudOffering' properties: {} cspmMonitorAzureDevOpsOffering: type: object description: The CSPM monitoring for AzureDevOps offering x-ms-discriminator-value: CspmMonitorAzureDevOps allOf: - $ref: '#/definitions/cloudOffering' properties: {} defenderCspmAwsOffering: type: object description: The CSPM P1 for AWS offering x-ms-discriminator-value: DefenderCspmAws allOf: - $ref: '#/definitions/cloudOffering' properties: vmScanners: type: object description: The Microsoft Defender for CSPM offering VM scanning configuration allOf: - $ref: '#/definitions/vmScannersAws' properties: {} dataSensitivityDiscovery: type: object description: The Microsoft Defender Data Sensitivity discovery configuration properties: enabled: type: boolean description: Is Microsoft Defender Data Sensitivity discovery enabled cloudRoleArn: type: string description: The cloud role ARN in AWS for this feature databasesDspm: type: object description: The databases DSPM configuration properties: enabled: type: boolean description: Is databases DSPM protection enabled cloudRoleArn: type: string description: The cloud role ARN in AWS for this feature ciem: type: object description: Defenders CSPM Permissions Management offering configurations properties: ciemDiscovery: type: object description: Defender CSPM Permissions Management discovery configuration properties: cloudRoleArn: type: string description: The cloud role ARN in AWS for Permissions Management discovery ciemOidc: type: object description: >- AWS Defender CSPM Permissions Management OIDC (open id connect) connection configurations properties: cloudRoleArn: type: string description: >- The cloud role ARN in AWS for Permissions Management used for oidc connection azureActiveDirectoryAppName: type: string description: >- the azure active directory app name used of authenticating against AWS mdcContainersImageAssessment: type: object description: The Microsoft Defender container image assessment configuration properties: enabled: type: boolean description: Is Microsoft Defender container image assessment enabled cloudRoleArn: type: string description: The cloud role ARN in AWS for this feature mdcContainersAgentlessDiscoveryK8s: type: object description: The Microsoft Defender container agentless discovery K8s configuration properties: enabled: type: boolean description: Is Microsoft Defender container agentless discovery K8s enabled cloudRoleArn: type: string description: The cloud role ARN in AWS for this feature defenderCspmGcpOffering: type: object description: The CSPM P1 for GCP offering x-ms-discriminator-value: DefenderCspmGcp allOf: - $ref: '#/definitions/cloudOffering' properties: ciemDiscovery: type: object description: >- GCP Defenders CSPM Permissions Management OIDC (Open ID connect) connection configurations properties: workloadIdentityProviderId: type: string description: >- The GCP workload identity provider id for Permissions Management offering serviceAccountEmailAddress: type: string description: >- The service account email address in GCP for Permissions Management offering azureActiveDirectoryAppName: type: string description: >- the azure active directory app name used of authenticating against GCP workload identity federation vmScanners: type: object description: The Microsoft Defender for CSPM VM scanning configuration allOf: - $ref: '#/definitions/vmScannersGcp' properties: {} dataSensitivityDiscovery: type: object description: The Microsoft Defender Data Sensitivity discovery configuration properties: enabled: type: boolean description: Is Microsoft Defender Data Sensitivity discovery enabled workloadIdentityProviderId: type: string description: The workload identity provider id in GCP for this feature serviceAccountEmailAddress: type: string description: The service account email address in GCP for this feature mdcContainersImageAssessment: type: object description: The Microsoft Defender Container image assessment configuration properties: enabled: type: boolean description: Is Microsoft Defender container image assessment enabled workloadIdentityProviderId: type: string description: The workload identity provider id in GCP for this feature serviceAccountEmailAddress: type: string description: The service account email address in GCP for this feature mdcContainersAgentlessDiscoveryK8s: type: object description: The Microsoft Defender Container agentless discovery configuration properties: enabled: type: boolean description: Is Microsoft Defender container agentless discovery enabled workloadIdentityProviderId: type: string description: The workload identity provider id in GCP for this feature serviceAccountEmailAddress: type: string description: The service account email address in GCP for this feature cspmMonitorGitLabOffering: type: object description: >- The CSPM (Cloud security posture management) monitoring for gitlab offering x-ms-discriminator-value: CspmMonitorGitLab allOf: - $ref: '#/definitions/cloudOffering' properties: {} vmScannersBase: type: object description: A VM scanning configuration for a security offering of a given environment properties: enabled: type: boolean description: Is VM scanning enabled configuration: type: object description: Configuration for VM scanning properties: scanningMode: type: string description: The scanning mode for the VM scan. enum: - Default x-ms-enum: name: scanningMode modelAsString: true exclusionTags: type: object additionalProperties: type: string description: Tags that indicates that a resource should not be scanned vmScannersGcp: type: object description: A VM scanning configuration for a security offering of a GCP environment properties: {} allOf: - $ref: '#/definitions/vmScannersBase' vmScannersAws: type: object description: A VM scanning configuration for a security offering of a Aws environment properties: cloudRoleArn: type: string description: The cloud role ARN in AWS for this feature allOf: - $ref: '#/definitions/vmScannersBase' arcAutoProvisioning: type: object description: The ARC autoprovisioning configuration properties: enabled: type: boolean description: Is arc auto provisioning enabled configuration: type: object description: >- Configuration for servers Arc auto provisioning for a given environment properties: proxy: type: string description: Optional HTTP proxy endpoint to use for the Arc agent privateLinkScope: type: string description: Optional Arc private link scope resource id to link the Arc agent arcAutoProvisioningGcp: type: object description: The ARC autoprovisioning configuration for an GCP environment properties: {} allOf: - $ref: '#/definitions/arcAutoProvisioning' arcAutoProvisioningAws: type: object description: The ARC autoprovisioning configuration for an AWS environment properties: cloudRoleArn: type: string description: The cloud role ARN in AWS for this feature allOf: - $ref: '#/definitions/arcAutoProvisioning' parameters: securityConnectorName: name: securityConnectorName in: path required: true type: string description: The security connector name. x-ms-parameter-location: method securityConnectorInBody: name: securityConnector in: body required: true description: The security connector resource schema: $ref: '#/definitions/SecurityConnector' x-ms-parameter-location: method tags: - name: SecurityConnectors