Share via

Microsoft.Security assessmentMetadata 2020-01-01

Bicep resource definition

The assessmentMetadata resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Security/assessmentMetadata resource, add the following Bicep to your template.

resource symbolicname 'Microsoft.Security/assessmentMetadata@2020-01-01' = {
  name: 'string'
  properties: {
    assessmentType: 'string'
    categories: [
      'string'
    ]
    description: 'string'
    displayName: 'string'
    implementationEffort: 'string'
    partnerData: {
      partnerName: 'string'
      productName: 'string'
      secret: 'string'
    }
    preview: bool
    remediationDescription: 'string'
    severity: 'string'
    threats: [
      'string'
    ]
    userImpact: 'string'
  }
}

Property Values

Microsoft.Security/assessmentMetadata

Name Description Value
name The resource name string (required)
properties Describes properties of an assessment metadata. SecurityAssessmentMetadataProperties

SecurityAssessmentMetadataPartnerData

Name Description Value
partnerName Name of the company of the partner string (required)
productName Name of the product of the partner that created the assessment string
secret Secret to authenticate the partner and verify it created the assessment - write only string

Constraints:
Sensitive value. Pass in as a secure parameter. (required)

SecurityAssessmentMetadataProperties

Name Description Value
assessmentType BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition 'BuiltIn'
'CustomerManaged'
'CustomPolicy'
'VerifiedPartner' (required)
categories String array containing any of:
'Compute'
'Data'
'IdentityAndAccess'
'IoT'
'Networking'
description Human readable description of the assessment string
displayName User friendly display name of the assessment string (required)
implementationEffort The implementation effort required to remediate this assessment 'High'
'Low'
'Moderate'
partnerData Describes the partner that created the assessment SecurityAssessmentMetadataPartnerData
preview True if this assessment is in preview release status bool
remediationDescription Human readable description of what you should do to mitigate this security issue string
severity The severity level of the assessment 'High'
'Low'
'Medium' (required)
threats String array containing any of:
'accountBreach'
'dataExfiltration'
'dataSpillage'
'denialOfService'
'elevationOfPrivilege'
'maliciousInsider'
'missingCoverage'
'threatResistance'
userImpact The user impact of the assessment 'High'
'Low'
'Moderate'

Usage Examples

Bicep Samples

A basic example of deploying Security Center Assessment Metadata for Azure Security Center.

targetScope = 'subscription'

resource assessmentMetadatum 'Microsoft.Security/assessmentMetadata@2020-01-01' = {
  name: '95c7a001-d595-43af-9754-1310c740d34c'
  properties: {
    assessmentType: 'CustomerManaged'
    description: 'Test Description'
    displayName: 'Test Display Name'
    severity: 'Medium'
  }
}

ARM template resource definition

The assessmentMetadata resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Security/assessmentMetadata resource, add the following JSON to your template.

{
  "type": "Microsoft.Security/assessmentMetadata",
  "apiVersion": "2020-01-01",
  "name": "string",
  "properties": {
    "assessmentType": "string",
    "categories": [ "string" ],
    "description": "string",
    "displayName": "string",
    "implementationEffort": "string",
    "partnerData": {
      "partnerName": "string",
      "productName": "string",
      "secret": "string"
    },
    "preview": "bool",
    "remediationDescription": "string",
    "severity": "string",
    "threats": [ "string" ],
    "userImpact": "string"
  }
}

Property Values

Microsoft.Security/assessmentMetadata

Name Description Value
apiVersion The api version '2020-01-01'
name The resource name string (required)
properties Describes properties of an assessment metadata. SecurityAssessmentMetadataProperties
type The resource type 'Microsoft.Security/assessmentMetadata'

SecurityAssessmentMetadataPartnerData

Name Description Value
partnerName Name of the company of the partner string (required)
productName Name of the product of the partner that created the assessment string
secret Secret to authenticate the partner and verify it created the assessment - write only string

Constraints:
Sensitive value. Pass in as a secure parameter. (required)

SecurityAssessmentMetadataProperties

Name Description Value
assessmentType BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition 'BuiltIn'
'CustomerManaged'
'CustomPolicy'
'VerifiedPartner' (required)
categories String array containing any of:
'Compute'
'Data'
'IdentityAndAccess'
'IoT'
'Networking'
description Human readable description of the assessment string
displayName User friendly display name of the assessment string (required)
implementationEffort The implementation effort required to remediate this assessment 'High'
'Low'
'Moderate'
partnerData Describes the partner that created the assessment SecurityAssessmentMetadataPartnerData
preview True if this assessment is in preview release status bool
remediationDescription Human readable description of what you should do to mitigate this security issue string
severity The severity level of the assessment 'High'
'Low'
'Medium' (required)
threats String array containing any of:
'accountBreach'
'dataExfiltration'
'dataSpillage'
'denialOfService'
'elevationOfPrivilege'
'maliciousInsider'
'missingCoverage'
'threatResistance'
userImpact The user impact of the assessment 'High'
'Low'
'Moderate'

Usage Examples

Terraform (AzAPI provider) resource definition

The assessmentMetadata resource type can be deployed with operations that target:

  • Subscription

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Security/assessmentMetadata resource, add the following Terraform to your template.

resource "azapi_resource" "symbolicname" {
  type = "Microsoft.Security/assessmentMetadata@2020-01-01"
  name = "string"
  parent_id = "string"
  body = {
    properties = {
      assessmentType = "string"
      categories = [
        "string"
      ]
      description = "string"
      displayName = "string"
      implementationEffort = "string"
      partnerData = {
        partnerName = "string"
        productName = "string"
        secret = "string"
      }
      preview = bool
      remediationDescription = "string"
      severity = "string"
      threats = [
        "string"
      ]
      userImpact = "string"
    }
  }
}

Property Values

Microsoft.Security/assessmentMetadata

Name Description Value
name The resource name string (required)
properties Describes properties of an assessment metadata. SecurityAssessmentMetadataProperties
type The resource type "Microsoft.Security/assessmentMetadata@2020-01-01"

SecurityAssessmentMetadataPartnerData

Name Description Value
partnerName Name of the company of the partner string (required)
productName Name of the product of the partner that created the assessment string
secret Secret to authenticate the partner and verify it created the assessment - write only string

Constraints:
Sensitive value. Pass in as a secure parameter. (required)

SecurityAssessmentMetadataProperties

Name Description Value
assessmentType BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition 'BuiltIn'
'CustomerManaged'
'CustomPolicy'
'VerifiedPartner' (required)
categories String array containing any of:
'Compute'
'Data'
'IdentityAndAccess'
'IoT'
'Networking'
description Human readable description of the assessment string
displayName User friendly display name of the assessment string (required)
implementationEffort The implementation effort required to remediate this assessment 'High'
'Low'
'Moderate'
partnerData Describes the partner that created the assessment SecurityAssessmentMetadataPartnerData
preview True if this assessment is in preview release status bool
remediationDescription Human readable description of what you should do to mitigate this security issue string
severity The severity level of the assessment 'High'
'Low'
'Medium' (required)
threats String array containing any of:
'accountBreach'
'dataExfiltration'
'dataSpillage'
'denialOfService'
'elevationOfPrivilege'
'maliciousInsider'
'missingCoverage'
'threatResistance'
userImpact The user impact of the assessment 'High'
'Low'
'Moderate'

Usage Examples

Terraform Samples

A basic example of deploying Security Center Assessment Metadata for Azure Security Center.

terraform {
  required_providers {
    azapi = {
      source = "Azure/azapi"
    }
    azurerm = {
      source = "hashicorp/azurerm"
    }
  }
}

provider "azurerm" {
  features {
  }
}

provider "azapi" {
  skip_provider_registration = false
}

variable "resource_name" {
  type    = string
  default = "acctest0001"
}

variable "location" {
  type    = string
  default = "eastus"
}

data "azurerm_client_config" "current" {
}

resource "azapi_resource" "assessmentMetadatum" {
  type      = "Microsoft.Security/assessmentMetadata@2020-01-01"
  parent_id = "/subscriptions/${data.azurerm_client_config.current.subscription_id}"
  name      = "95c7a001-d595-43af-9754-1310c740d34c"
  body = {
    properties = {
      assessmentType = "CustomerManaged"
      description    = "Test Description"
      displayName    = "Test Display Name"
      severity       = "Medium"
    }
  }
  schema_validation_enabled = false
  response_export_values    = ["*"]
}
  • Last updated on