1# coding=utf-8 2# -------------------------------------------------------------------------- 3# Copyright (c) Microsoft Corporation. All rights reserved. 4# Licensed under the MIT License. See License.txt in the project root for license information. 5# Code generated by Microsoft (R) AutoRest Code Generator. 6# Changes may cause incorrect behavior and will be lost if the code is regenerated. 7# -------------------------------------------------------------------------- 8 9from enum import Enum, EnumMeta 10from six import with_metaclass 11 12class _CaseInsensitiveEnumMeta(EnumMeta): 13 def __getitem__(self, name): 14 return super().__getitem__(name.upper()) 15 16 def __getattr__(cls, name): 17 """Return the enum member matching `name` 18 We use __getattr__ instead of descriptors or inserting into the enum 19 class' __dict__ in order to support `name` and `value` being both 20 properties for enum members (which live in the class' __dict__) and 21 enum members themselves. 22 """ 23 try: 24 return cls._member_map_[name.upper()] 25 except KeyError: 26 raise AttributeError(name) 27 28 29class AadConnectivityStateEnum(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 30 """The connectivity state of the external AAD solution 31 """ 32 33 DISCOVERED = "Discovered" 34 NOT_LICENSED = "NotLicensed" 35 CONNECTED = "Connected" 36 37class ActionType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 38 """The type of the action that will be triggered by the Automation 39 """ 40 41 LOGIC_APP = "LogicApp" 42 EVENT_HUB = "EventHub" 43 WORKSPACE = "Workspace" 44 45class AdaptiveApplicationControlIssue(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 46 """An alert that machines within a group can have 47 """ 48 49 VIOLATIONS_AUDITED = "ViolationsAudited" 50 VIOLATIONS_BLOCKED = "ViolationsBlocked" 51 MSI_AND_SCRIPT_VIOLATIONS_AUDITED = "MsiAndScriptViolationsAudited" 52 MSI_AND_SCRIPT_VIOLATIONS_BLOCKED = "MsiAndScriptViolationsBlocked" 53 EXECUTABLE_VIOLATIONS_AUDITED = "ExecutableViolationsAudited" 54 RULES_VIOLATED_MANUALLY = "RulesViolatedManually" 55 56class AdditionalWorkspaceDataType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 57 """Data types sent to workspace. 58 """ 59 60 ALERTS = "Alerts" 61 RAW_EVENTS = "RawEvents" 62 63class AdditionalWorkspaceType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 64 """Workspace type. 65 """ 66 67 SENTINEL = "Sentinel" 68 69class AlertNotifications(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 70 """Whether to send security alerts notifications to the security contact 71 """ 72 73 #: Get notifications on new alerts. 74 ON = "On" 75 #: Don't get notifications on new alerts. 76 OFF = "Off" 77 78class AlertSeverity(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 79 """The risk level of the threat that was detected. Learn more: 80 https://docs.microsoft.com/en-us/azure/security-center/security-center-alerts-overview#how-are-alerts-classified. 81 """ 82 83 #: Informational. 84 INFORMATIONAL = "Informational" 85 #: Low. 86 LOW = "Low" 87 #: Medium. 88 MEDIUM = "Medium" 89 #: High. 90 HIGH = "High" 91 92class AlertStatus(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 93 """The life cycle status of the alert. 94 """ 95 96 #: An alert which doesn't specify a value is assigned the status 'Active'. 97 ACTIVE = "Active" 98 #: Alert closed after handling. 99 RESOLVED = "Resolved" 100 #: Alert dismissed as false positive. 101 DISMISSED = "Dismissed" 102 103class AlertsToAdmins(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 104 """Whether to send security alerts notifications to subscription admins 105 """ 106 107 #: Send notification on new alerts to the subscription's admins. 108 ON = "On" 109 #: Don't send notification on new alerts to the subscription's admins. 110 OFF = "Off" 111 112class AssessedResourceType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 113 """Sub-assessment resource type 114 """ 115 116 SQL_SERVER_VULNERABILITY = "SqlServerVulnerability" 117 CONTAINER_REGISTRY_VULNERABILITY = "ContainerRegistryVulnerability" 118 SERVER_VULNERABILITY = "ServerVulnerability" 119 120class AssessmentStatusCode(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 121 """Programmatic code for the status of the assessment 122 """ 123 124 #: The resource is healthy. 125 HEALTHY = "Healthy" 126 #: The resource has a security issue that needs to be addressed. 127 UNHEALTHY = "Unhealthy" 128 #: Assessment for this resource did not happen. 129 NOT_APPLICABLE = "NotApplicable" 130 131class AssessmentType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 132 """BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment 133 based on custom Azure Policy definition 134 """ 135 136 #: Azure Security Center managed assessments. 137 BUILT_IN = "BuiltIn" 138 #: User defined policies that are automatically ingested from Azure Policy to Azure Security 139 #: Center. 140 CUSTOM_POLICY = "CustomPolicy" 141 #: User assessments pushed directly by the user or other third party to Azure Security Center. 142 CUSTOMER_MANAGED = "CustomerManaged" 143 #: An assessment that was created by a verified 3rd party if the user connected it to ASC. 144 VERIFIED_PARTNER = "VerifiedPartner" 145 146class AuthenticationProvisioningState(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 147 """State of the multi-cloud connector 148 """ 149 150 #: Valid connector. 151 VALID = "Valid" 152 #: Invalid connector. 153 INVALID = "Invalid" 154 #: the connection has expired. 155 EXPIRED = "Expired" 156 #: Incorrect policy of the connector. 157 INCORRECT_POLICY = "IncorrectPolicy" 158 159class AuthenticationType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 160 """Connect to your cloud account, for AWS use either account credentials or role-based 161 authentication. For GCP use account organization credentials. 162 """ 163 164 #: AWS cloud account connector user credentials authentication. 165 AWS_CREDS = "awsCreds" 166 #: AWS account connector assume role authentication. 167 AWS_ASSUME_ROLE = "awsAssumeRole" 168 #: GCP account connector service to service authentication. 169 GCP_CREDENTIALS = "gcpCredentials" 170 171class AutoProvision(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 172 """Describes what kind of security agent provisioning action to take 173 """ 174 175 #: Install missing security agent on VMs automatically. 176 ON = "On" 177 #: Do not install security agent on the VMs automatically. 178 OFF = "Off" 179 180class BundleType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 181 """Alert Simulator supported bundles. 182 """ 183 184 APP_SERVICES = "AppServices" 185 DNS = "DNS" 186 KEY_VAULTS = "KeyVaults" 187 KUBERNETES_SERVICE = "KubernetesService" 188 RESOURCE_MANAGER = "ResourceManager" 189 SQL_SERVERS = "SqlServers" 190 STORAGE_ACCOUNTS = "StorageAccounts" 191 VIRTUAL_MACHINES = "VirtualMachines" 192 193class Categories(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 194 """The categories of resource that is at risk when the assessment is unhealthy 195 """ 196 197 COMPUTE = "Compute" 198 NETWORKING = "Networking" 199 DATA = "Data" 200 IDENTITY_AND_ACCESS = "IdentityAndAccess" 201 IO_T = "IoT" 202 203class ConfigurationStatus(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 204 """The configuration status of the machines group or machine or rule 205 """ 206 207 CONFIGURED = "Configured" 208 NOT_CONFIGURED = "NotConfigured" 209 IN_PROGRESS = "InProgress" 210 FAILED = "Failed" 211 NO_STATUS = "NoStatus" 212 213class ConnectionType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 214 215 INTERNAL = "Internal" 216 EXTERNAL = "External" 217 218class ControlType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 219 """The type of security control (for example, BuiltIn) 220 """ 221 222 #: Azure Security Center managed assessments. 223 BUILT_IN = "BuiltIn" 224 #: Non Azure Security Center managed assessments. 225 CUSTOM = "Custom" 226 227class CreatedByType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 228 """The type of identity that created the resource. 229 """ 230 231 USER = "User" 232 APPLICATION = "Application" 233 MANAGED_IDENTITY = "ManagedIdentity" 234 KEY = "Key" 235 236class DataSource(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 237 238 #: Devices twin data. 239 TWIN_DATA = "TwinData" 240 241class Direction(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 242 """The rule's direction 243 """ 244 245 INBOUND = "Inbound" 246 OUTBOUND = "Outbound" 247 248class EndOfSupportStatus(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 249 """End of support status. 250 """ 251 252 NONE = "None" 253 NO_LONGER_SUPPORTED = "noLongerSupported" 254 VERSION_NO_LONGER_SUPPORTED = "versionNoLongerSupported" 255 UPCOMING_NO_LONGER_SUPPORTED = "upcomingNoLongerSupported" 256 UPCOMING_VERSION_NO_LONGER_SUPPORTED = "upcomingVersionNoLongerSupported" 257 258class EnforcementMode(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 259 """The application control policy enforcement/protection mode of the machine group 260 """ 261 262 AUDIT = "Audit" 263 ENFORCE = "Enforce" 264 NONE = "None" 265 266class EnforcementSupport(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 267 """The machine supportability of Enforce feature 268 """ 269 270 SUPPORTED = "Supported" 271 NOT_SUPPORTED = "NotSupported" 272 UNKNOWN = "Unknown" 273 274class Enum13(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 275 276 ACTIVATE = "Activate" 277 DISMISS = "Dismiss" 278 START = "Start" 279 RESOLVE = "Resolve" 280 CLOSE = "Close" 281 282class Enum15(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 283 284 EFFECTIVE = "effective" 285 CUSTOM = "custom" 286 287class Enum69(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 288 289 MCAS = "MCAS" 290 WDATP = "WDATP" 291 WDATP_EXCLUDE_LINUX_PUBLIC_PREVIEW = "WDATP_EXCLUDE_LINUX_PUBLIC_PREVIEW" 292 SENTINEL = "Sentinel" 293 294class EventSource(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 295 """A valid event source type. 296 """ 297 298 ASSESSMENTS = "Assessments" 299 SUB_ASSESSMENTS = "SubAssessments" 300 ALERTS = "Alerts" 301 SECURE_SCORES = "SecureScores" 302 SECURE_SCORES_SNAPSHOT = "SecureScoresSnapshot" 303 SECURE_SCORE_CONTROLS = "SecureScoreControls" 304 SECURE_SCORE_CONTROLS_SNAPSHOT = "SecureScoreControlsSnapshot" 305 REGULATORY_COMPLIANCE_ASSESSMENT = "RegulatoryComplianceAssessment" 306 REGULATORY_COMPLIANCE_ASSESSMENT_SNAPSHOT = "RegulatoryComplianceAssessmentSnapshot" 307 308class ExpandControlsEnum(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 309 310 #: Add definition object for each control. 311 DEFINITION = "definition" 312 313class ExpandEnum(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 314 315 #: All links associated with an assessment. 316 LINKS = "links" 317 #: Assessment metadata. 318 METADATA = "metadata" 319 320class ExportData(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 321 322 #: Agent raw events. 323 RAW_EVENTS = "RawEvents" 324 325class ExternalSecuritySolutionKindEnum(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 326 """The kind of the external solution 327 """ 328 329 CEF = "CEF" 330 ATA = "ATA" 331 AAD = "AAD" 332 333class FileType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 334 """The type of the file (for Linux files - Executable is used) 335 """ 336 337 EXE = "Exe" 338 DLL = "Dll" 339 MSI = "Msi" 340 SCRIPT = "Script" 341 EXECUTABLE = "Executable" 342 UNKNOWN = "Unknown" 343 344class HybridComputeProvisioningState(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 345 """State of the service principal and its secret 346 """ 347 348 #: Valid service principal details. 349 VALID = "Valid" 350 #: Invalid service principal details. 351 INVALID = "Invalid" 352 #: the service principal details are expired. 353 EXPIRED = "Expired" 354 355class ImplementationEffort(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 356 """The implementation effort required to remediate this assessment 357 """ 358 359 LOW = "Low" 360 MODERATE = "Moderate" 361 HIGH = "High" 362 363class Intent(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 364 """The kill chain related intent behind the alert. For list of supported values, and explanations 365 of Azure Security Center's supported kill chain intents. 366 """ 367 368 #: Unknown. 369 UNKNOWN = "Unknown" 370 #: PreAttack could be either an attempt to access a certain resource regardless of a malicious 371 #: intent, or a failed attempt to gain access to a target system to gather information prior to 372 #: exploitation. This step is usually detected as an attempt, originating from outside the 373 #: network, to scan the target system and find a way in. Further details on the PreAttack stage 374 #: can be read in `MITRE Pre-Att&ck matrix <https://attack.mitre.org/matrices/pre/>`_. 375 PRE_ATTACK = "PreAttack" 376 #: InitialAccess is the stage where an attacker manages to get foothold on the attacked resource. 377 INITIAL_ACCESS = "InitialAccess" 378 #: Persistence is any access, action, or configuration change to a system that gives a threat 379 #: actor a persistent presence on that system. 380 PERSISTENCE = "Persistence" 381 #: Privilege escalation is the result of actions that allow an adversary to obtain a higher level 382 #: of permissions on a system or network. 383 PRIVILEGE_ESCALATION = "PrivilegeEscalation" 384 #: Defense evasion consists of techniques an adversary may use to evade detection or avoid other 385 #: defenses. 386 DEFENSE_EVASION = "DefenseEvasion" 387 #: Credential access represents techniques resulting in access to or control over system, domain, 388 #: or service credentials that are used within an enterprise environment. 389 CREDENTIAL_ACCESS = "CredentialAccess" 390 #: Discovery consists of techniques that allow the adversary to gain knowledge about the system 391 #: and internal network. 392 DISCOVERY = "Discovery" 393 #: Lateral movement consists of techniques that enable an adversary to access and control remote 394 #: systems on a network and could, but does not necessarily, include execution of tools on remote 395 #: systems. 396 LATERAL_MOVEMENT = "LateralMovement" 397 #: The execution tactic represents techniques that result in execution of adversary-controlled 398 #: code on a local or remote system. 399 EXECUTION = "Execution" 400 #: Collection consists of techniques used to identify and gather information, such as sensitive 401 #: files, from a target network prior to exfiltration. 402 COLLECTION = "Collection" 403 #: Exfiltration refers to techniques and attributes that result or aid in the adversary removing 404 #: files and information from a target network. 405 EXFILTRATION = "Exfiltration" 406 #: The command and control tactic represents how adversaries communicate with systems under their 407 #: control within a target network. 408 COMMAND_AND_CONTROL = "CommandAndControl" 409 #: Impact events primarily try to directly reduce the availability or integrity of a system, 410 #: service, or network; including manipulation of data to impact a business or operational 411 #: process. 412 IMPACT = "Impact" 413 #: Probing could be either an attempt to access a certain resource regardless of a malicious 414 #: intent, or a failed attempt to gain access to a target system to gather information prior to 415 #: exploitation. 416 PROBING = "Probing" 417 #: Exploitation is the stage where an attacker manages to get a foothold on the attacked resource. 418 #: This stage is relevant for compute hosts and resources such as user accounts, certificates etc. 419 EXPLOITATION = "Exploitation" 420 421class KindEnum(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 422 """The kind of alert simulation. 423 """ 424 425 #: Simulate alerts according to bundles. 426 BUNDLES = "Bundles" 427 428class Operator(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 429 """A valid comparer operator to use. A case-insensitive comparison will be applied for String 430 PropertyType. 431 """ 432 433 #: Applies for decimal and non-decimal operands. 434 EQUALS = "Equals" 435 #: Applies only for decimal operands. 436 GREATER_THAN = "GreaterThan" 437 #: Applies only for decimal operands. 438 GREATER_THAN_OR_EQUAL_TO = "GreaterThanOrEqualTo" 439 #: Applies only for decimal operands. 440 LESSER_THAN = "LesserThan" 441 #: Applies only for decimal operands. 442 LESSER_THAN_OR_EQUAL_TO = "LesserThanOrEqualTo" 443 #: Applies for decimal and non-decimal operands. 444 NOT_EQUALS = "NotEquals" 445 #: Applies only for non-decimal operands. 446 CONTAINS = "Contains" 447 #: Applies only for non-decimal operands. 448 STARTS_WITH = "StartsWith" 449 #: Applies only for non-decimal operands. 450 ENDS_WITH = "EndsWith" 451 452class PermissionProperty(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 453 """A permission detected in the cloud account. 454 """ 455 456 #: This permission provides read only access to AWS Security Hub resources. 457 AWS_AWS_SECURITY_HUB_READ_ONLY_ACCESS = "AWS::AWSSecurityHubReadOnlyAccess" 458 #: This permission grants access to read security configuration metadata. 459 AWS_SECURITY_AUDIT = "AWS::SecurityAudit" 460 #: The permission provides for EC2 Automation service to execute activities defined within 461 #: Automation documents. 462 AWS_AMAZON_SSM_AUTOMATION_ROLE = "AWS::AmazonSSMAutomationRole" 463 #: This permission provides read only access to GCP Security Command Center. 464 GCP_SECURITY_CENTER_ADMIN_VIEWER = "GCP::Security Center Admin Viewer" 465 466class PricingTier(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 467 """The pricing tier value. Azure Security Center is provided in two pricing tiers: free and 468 standard, with the standard tier available with a trial period. The standard tier offers 469 advanced security capabilities, while the free tier offers basic security features. 470 """ 471 472 #: Get free Azure security center experience with basic security features. 473 FREE = "Free" 474 #: Get the standard Azure security center experience with advanced security features. 475 STANDARD = "Standard" 476 477class PropertyType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 478 """The data type of the compared operands (string, integer, floating point number or a boolean 479 [true/false]] 480 """ 481 482 STRING = "String" 483 INTEGER = "Integer" 484 NUMBER = "Number" 485 BOOLEAN = "Boolean" 486 487class ProtocolEnum(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 488 489 TCP = "TCP" 490 UDP = "UDP" 491 ALL = "*" 492 493class ProvisioningState(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 494 """The security family provisioning State 495 """ 496 497 SUCCEEDED = "Succeeded" 498 FAILED = "Failed" 499 UPDATING = "Updating" 500 501class Rank(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 502 """The rank of the sensitivity label. 503 """ 504 505 NONE = "None" 506 LOW = "Low" 507 MEDIUM = "Medium" 508 HIGH = "High" 509 CRITICAL = "Critical" 510 511class RecommendationAction(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 512 """The recommendation action of the machine or rule 513 """ 514 515 RECOMMENDED = "Recommended" 516 ADD = "Add" 517 REMOVE = "Remove" 518 519class RecommendationConfigStatus(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 520 """Recommendation status. When the recommendation status is disabled recommendations are not 521 generated. 522 """ 523 524 DISABLED = "Disabled" 525 ENABLED = "Enabled" 526 527class RecommendationStatus(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 528 """The initial recommendation status of the machine group or machine 529 """ 530 531 RECOMMENDED = "Recommended" 532 NOT_RECOMMENDED = "NotRecommended" 533 NOT_AVAILABLE = "NotAvailable" 534 NO_STATUS = "NoStatus" 535 536class RecommendationType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 537 """The type of IoT Security recommendation. 538 """ 539 540 #: Authentication schema used for pull an edge module from an ACR repository does not use Service 541 #: Principal Authentication. 542 IO_T_ACRAUTHENTICATION = "IoT_ACRAuthentication" 543 #: IoT agent message size capacity is currently underutilized, causing an increase in the number 544 #: of sent messages. Adjust message intervals for better utilization. 545 IO_T_AGENT_SENDS_UNUTILIZED_MESSAGES = "IoT_AgentSendsUnutilizedMessages" 546 #: Identified security related system configuration issues. 547 IO_T_BASELINE = "IoT_Baseline" 548 #: You can optimize Edge Hub memory usage by turning off protocol heads for any protocols not used 549 #: by Edge modules in your solution. 550 IO_T_EDGE_HUB_MEM_OPTIMIZE = "IoT_EdgeHubMemOptimize" 551 #: Logging is disabled for this edge module. 552 IO_T_EDGE_LOGGING_OPTIONS = "IoT_EdgeLoggingOptions" 553 #: A minority within a device security group has inconsistent Edge Module settings with the rest 554 #: of their group. 555 IO_T_INCONSISTENT_MODULE_SETTINGS = "IoT_InconsistentModuleSettings" 556 #: Install the Azure Security of Things Agent. 557 IO_T_INSTALL_AGENT = "IoT_InstallAgent" 558 #: IP Filter Configuration should have rules defined for allowed traffic and should deny all other 559 #: traffic by default. 560 IO_T_IPFILTER_DENY_ALL = "IoT_IPFilter_DenyAll" 561 #: An Allow IP Filter rules source IP range is too large. Overly permissive rules might expose 562 #: your IoT hub to malicious intenders. 563 IO_T_IPFILTER_PERMISSIVE_RULE = "IoT_IPFilter_PermissiveRule" 564 #: A listening endpoint was found on the device. 565 IO_T_OPEN_PORTS = "IoT_OpenPorts" 566 #: An Allowed firewall policy was found (INPUT/OUTPUT). The policy should Deny all traffic by 567 #: default and define rules to allow necessary communication to/from the device. 568 IO_T_PERMISSIVE_FIREWALL_POLICY = "IoT_PermissiveFirewallPolicy" 569 #: A rule in the firewall has been found that contains a permissive pattern for a wide range of IP 570 #: addresses or Ports. 571 IO_T_PERMISSIVE_INPUT_FIREWALL_RULES = "IoT_PermissiveInputFirewallRules" 572 #: A rule in the firewall has been found that contains a permissive pattern for a wide range of IP 573 #: addresses or Ports. 574 IO_T_PERMISSIVE_OUTPUT_FIREWALL_RULES = "IoT_PermissiveOutputFirewallRules" 575 #: Edge module is configured to run in privileged mode, with extensive Linux capabilities or with 576 #: host-level network access (send/receive data to host machine). 577 IO_T_PRIVILEGED_DOCKER_OPTIONS = "IoT_PrivilegedDockerOptions" 578 #: Same authentication credentials to the IoT Hub used by multiple devices. This could indicate an 579 #: illegitimate device impersonating a legitimate device. It also exposes the risk of device 580 #: impersonation by an attacker. 581 IO_T_SHARED_CREDENTIALS = "IoT_SharedCredentials" 582 #: Insecure TLS configurations detected. Immediate upgrade recommended. 583 IO_T_VULNERABLE_TLS_CIPHER_SUITE = "IoT_VulnerableTLSCipherSuite" 584 585class ReportedSeverity(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 586 """Assessed alert severity. 587 """ 588 589 INFORMATIONAL = "Informational" 590 LOW = "Low" 591 MEDIUM = "Medium" 592 HIGH = "High" 593 594class ResourceIdentifierType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 595 """There can be multiple identifiers of different type per alert, this field specify the 596 identifier type. 597 """ 598 599 AZURE_RESOURCE = "AzureResource" 600 LOG_ANALYTICS = "LogAnalytics" 601 602class ResourceStatus(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 603 """The status of the resource regarding a single assessment 604 """ 605 606 #: This assessment on the resource is healthy. 607 HEALTHY = "Healthy" 608 #: This assessment is not applicable to this resource. 609 NOT_APPLICABLE = "NotApplicable" 610 #: This assessment is turned off by policy on this subscription. 611 OFF_BY_POLICY = "OffByPolicy" 612 #: This assessment on the resource is not healthy. 613 NOT_HEALTHY = "NotHealthy" 614 615class RuleSeverity(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 616 """The rule severity. 617 """ 618 619 #: High. 620 HIGH = "High" 621 #: Medium. 622 MEDIUM = "Medium" 623 #: Low. 624 LOW = "Low" 625 #: Informational. 626 INFORMATIONAL = "Informational" 627 #: Obsolete. 628 OBSOLETE = "Obsolete" 629 630class RuleState(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 631 """Possible states of the rule 632 """ 633 634 ENABLED = "Enabled" 635 DISABLED = "Disabled" 636 EXPIRED = "Expired" 637 638class RuleStatus(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 639 """The rule result status. 640 """ 641 642 #: NonFinding. 643 NON_FINDING = "NonFinding" 644 #: Finding. 645 FINDING = "Finding" 646 #: InternalError. 647 INTERNAL_ERROR = "InternalError" 648 649class RuleType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 650 """The rule type. 651 """ 652 653 #: Binary. 654 BINARY = "Binary" 655 #: BaselineExpected. 656 BASELINE_EXPECTED = "BaselineExpected" 657 #: PositiveList. 658 POSITIVE_LIST = "PositiveList" 659 #: NegativeList. 660 NEGATIVE_LIST = "NegativeList" 661 662class ScanState(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 663 """The scan status. 664 """ 665 666 #: Failed. 667 FAILED = "Failed" 668 #: FailedToRun. 669 FAILED_TO_RUN = "FailedToRun" 670 #: InProgress. 671 IN_PROGRESS = "InProgress" 672 #: Passed. 673 PASSED = "Passed" 674 675class ScanTriggerType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 676 """The scan trigger type. 677 """ 678 679 #: OnDemand. 680 ON_DEMAND = "OnDemand" 681 #: Recurring. 682 RECURRING = "Recurring" 683 684class SecurityFamily(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 685 """The security family of the discovered solution 686 """ 687 688 WAF = "Waf" 689 NGFW = "Ngfw" 690 SAAS_WAF = "SaasWaf" 691 VA = "Va" 692 693class SecuritySolutionStatus(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 694 """Status of the IoT Security solution. 695 """ 696 697 ENABLED = "Enabled" 698 DISABLED = "Disabled" 699 700class ServerVulnerabilityAssessmentPropertiesProvisioningState(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 701 """The provisioningState of the vulnerability assessment capability on the VM 702 """ 703 704 SUCCEEDED = "Succeeded" 705 FAILED = "Failed" 706 CANCELED = "Canceled" 707 PROVISIONING = "Provisioning" 708 DEPROVISIONING = "Deprovisioning" 709 710class SettingKind(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 711 """the kind of the settings string 712 """ 713 714 DATA_EXPORT_SETTINGS = "DataExportSettings" 715 ALERT_SUPPRESSION_SETTING = "AlertSuppressionSetting" 716 ALERT_SYNC_SETTINGS = "AlertSyncSettings" 717 718class Severity(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 719 """The sub-assessment severity level 720 """ 721 722 LOW = "Low" 723 MEDIUM = "Medium" 724 HIGH = "High" 725 726class Source(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 727 """The platform where the assessed resource resides 728 """ 729 730 #: Resource is in Azure. 731 AZURE = "Azure" 732 #: Resource in an on premise machine connected to Azure cloud. 733 ON_PREMISE = "OnPremise" 734 #: SQL Resource in an on premise machine connected to Azure cloud. 735 ON_PREMISE_SQL = "OnPremiseSql" 736 737class SourceSystem(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 738 """The source type of the machine group 739 """ 740 741 AZURE_APP_LOCKER = "Azure_AppLocker" 742 AZURE_AUDIT_D = "Azure_AuditD" 743 NON_AZURE_APP_LOCKER = "NonAzure_AppLocker" 744 NON_AZURE_AUDIT_D = "NonAzure_AuditD" 745 NONE = "None" 746 747class State(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 748 """Aggregative state based on the standard's supported controls states 749 """ 750 751 #: All supported regulatory compliance controls in the given standard have a passed state. 752 PASSED = "Passed" 753 #: At least one supported regulatory compliance control in the given standard has a state of 754 #: failed. 755 FAILED = "Failed" 756 #: All supported regulatory compliance controls in the given standard have a state of skipped. 757 SKIPPED = "Skipped" 758 #: No supported regulatory compliance data for the given standard. 759 UNSUPPORTED = "Unsupported" 760 761class Status(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 762 """The status of the port 763 """ 764 765 REVOKED = "Revoked" 766 INITIATED = "Initiated" 767 768class StatusReason(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 769 """A description of why the ``status`` has its value 770 """ 771 772 EXPIRED = "Expired" 773 USER_REQUESTED = "UserRequested" 774 NEWER_REQUEST_INITIATED = "NewerRequestInitiated" 775 776class SubAssessmentStatusCode(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 777 """Programmatic code for the status of the assessment 778 """ 779 780 #: The resource is healthy. 781 HEALTHY = "Healthy" 782 #: The resource has a security issue that needs to be addressed. 783 UNHEALTHY = "Unhealthy" 784 #: Assessment for this resource did not happen. 785 NOT_APPLICABLE = "NotApplicable" 786 787class Threats(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 788 """Threats impact of the assessment 789 """ 790 791 ACCOUNT_BREACH = "accountBreach" 792 DATA_EXFILTRATION = "dataExfiltration" 793 DATA_SPILLAGE = "dataSpillage" 794 MALICIOUS_INSIDER = "maliciousInsider" 795 ELEVATION_OF_PRIVILEGE = "elevationOfPrivilege" 796 THREAT_RESISTANCE = "threatResistance" 797 MISSING_COVERAGE = "missingCoverage" 798 DENIAL_OF_SERVICE = "denialOfService" 799 800class TransportProtocol(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 801 802 TCP = "TCP" 803 UDP = "UDP" 804 805class UnmaskedIpLoggingStatus(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 806 """Unmasked IP address logging status 807 """ 808 809 #: Unmasked IP logging is disabled. 810 DISABLED = "Disabled" 811 #: Unmasked IP logging is enabled. 812 ENABLED = "Enabled" 813 814class UserImpact(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 815 """The user impact of the assessment 816 """ 817 818 LOW = "Low" 819 MODERATE = "Moderate" 820 HIGH = "High" 821 822class ValueType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): 823 """The value type of the items in the list. 824 """ 825 826 #: An IP range in CIDR format (e.g. '192.168.0.1/8'). 827 IP_CIDR = "IpCidr" 828 #: Any string value. 829 STRING = "String" 830