1. Packages
  2. Aquasec
  3. API Docs
  4. getHostRuntimePolicy
Aquasec v0.8.29 published on Monday, Jul 22, 2024 by Pulumiverse

aquasec.getHostRuntimePolicy

Explore with Pulumi AI

aquasec logo
Aquasec v0.8.29 published on Monday, Jul 22, 2024 by Pulumiverse

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as aquasec from "@pulumi/aquasec";
    
    const hostRuntimePolicy = aquasec.getHostRuntimePolicy({
        name: "hostRuntimePolicyName",
    });
    export const hostRuntimePolicyDetails = hostRuntimePolicy;
    
    import pulumi
    import pulumi_aquasec as aquasec
    
    host_runtime_policy = aquasec.get_host_runtime_policy(name="hostRuntimePolicyName")
    pulumi.export("hostRuntimePolicyDetails", host_runtime_policy)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    	"github.com/pulumiverse/pulumi-aquasec/sdk/go/aquasec"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		hostRuntimePolicy, err := aquasec.LookupHostRuntimePolicy(ctx, &aquasec.LookupHostRuntimePolicyArgs{
    			Name: "hostRuntimePolicyName",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		ctx.Export("hostRuntimePolicyDetails", hostRuntimePolicy)
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aquasec = Pulumi.Aquasec;
    
    return await Deployment.RunAsync(() => 
    {
        var hostRuntimePolicy = Aquasec.GetHostRuntimePolicy.Invoke(new()
        {
            Name = "hostRuntimePolicyName",
        });
    
        return new Dictionary<string, object?>
        {
            ["hostRuntimePolicyDetails"] = hostRuntimePolicy,
        };
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aquasec.AquasecFunctions;
    import com.pulumi.aquasec.inputs.GetHostRuntimePolicyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var hostRuntimePolicy = AquasecFunctions.getHostRuntimePolicy(GetHostRuntimePolicyArgs.builder()
                .name("hostRuntimePolicyName")
                .build());
    
            ctx.export("hostRuntimePolicyDetails", hostRuntimePolicy.applyValue(getHostRuntimePolicyResult -> getHostRuntimePolicyResult));
        }
    }
    
    variables:
      hostRuntimePolicy:
        fn::invoke:
          Function: aquasec:getHostRuntimePolicy
          Arguments:
            name: hostRuntimePolicyName
    outputs:
      hostRuntimePolicyDetails: ${hostRuntimePolicy}
    

    Using getHostRuntimePolicy

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getHostRuntimePolicy(args: GetHostRuntimePolicyArgs, opts?: InvokeOptions): Promise<GetHostRuntimePolicyResult>
    function getHostRuntimePolicyOutput(args: GetHostRuntimePolicyOutputArgs, opts?: InvokeOptions): Output<GetHostRuntimePolicyResult>
    def get_host_runtime_policy(auditing: Optional[GetHostRuntimePolicyAuditing] = None,
                                file_integrity_monitorings: Optional[Sequence[GetHostRuntimePolicyFileIntegrityMonitoring]] = None,
                                malware_scan_options: Optional[Sequence[GetHostRuntimePolicyMalwareScanOption]] = None,
                                name: Optional[str] = None,
                                package_blocks: Optional[Sequence[GetHostRuntimePolicyPackageBlock]] = None,
                                opts: Optional[InvokeOptions] = None) -> GetHostRuntimePolicyResult
    def get_host_runtime_policy_output(auditing: Optional[pulumi.Input[GetHostRuntimePolicyAuditingArgs]] = None,
                                file_integrity_monitorings: Optional[pulumi.Input[Sequence[pulumi.Input[GetHostRuntimePolicyFileIntegrityMonitoringArgs]]]] = None,
                                malware_scan_options: Optional[pulumi.Input[Sequence[pulumi.Input[GetHostRuntimePolicyMalwareScanOptionArgs]]]] = None,
                                name: Optional[pulumi.Input[str]] = None,
                                package_blocks: Optional[pulumi.Input[Sequence[pulumi.Input[GetHostRuntimePolicyPackageBlockArgs]]]] = None,
                                opts: Optional[InvokeOptions] = None) -> Output[GetHostRuntimePolicyResult]
    func LookupHostRuntimePolicy(ctx *Context, args *LookupHostRuntimePolicyArgs, opts ...InvokeOption) (*LookupHostRuntimePolicyResult, error)
    func LookupHostRuntimePolicyOutput(ctx *Context, args *LookupHostRuntimePolicyOutputArgs, opts ...InvokeOption) LookupHostRuntimePolicyResultOutput

    > Note: This function is named LookupHostRuntimePolicy in the Go SDK.

    public static class GetHostRuntimePolicy 
    {
        public static Task<GetHostRuntimePolicyResult> InvokeAsync(GetHostRuntimePolicyArgs args, InvokeOptions? opts = null)
        public static Output<GetHostRuntimePolicyResult> Invoke(GetHostRuntimePolicyInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetHostRuntimePolicyResult> getHostRuntimePolicy(GetHostRuntimePolicyArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: aquasec:index/getHostRuntimePolicy:getHostRuntimePolicy
      arguments:
        # arguments dictionary

    The following arguments are supported:

    name String
    Name of the host runtime policy
    auditing Property Map
    fileIntegrityMonitorings List<Property Map>
    Configuration for file integrity monitoring.
    malwareScanOptions List<Property Map>
    Configuration for Real-Time Malware Protection.
    packageBlocks List<Property Map>

    getHostRuntimePolicy Result

    The following output properties are available:

    ApplicationScopes List<string>
    Indicates the application scope of the service.
    AuditAllOsUserActivity bool
    If true, all process activity will be audited.
    AuditBruteForceLogin bool
    Detects brute force login attempts
    AuditFullCommandArguments bool
    If true, full command arguments will be audited.
    AuditHostFailedLoginEvents bool
    If true, host failed logins will be audited.
    AuditHostSuccessfulLoginEvents bool
    If true, host successful logins will be audited.
    AuditUserAccountManagement bool
    If true, account management will be audited.
    Author string
    Username of the account that created the service.
    BlockCryptocurrencyMining bool
    Detect and prevent communication to DNS/IP addresses known to be used for Cryptocurrency Mining
    BlockedFiles List<string>
    List of files that are prevented from being read, modified and executed in the containers.
    Description string
    The description of the host runtime policy
    EnableIpReputation bool
    If true, detect and prevent communication from containers to IP addresses known to have a bad reputation.
    Enabled bool
    Indicates if the runtime policy is enabled or not.
    Enforce bool
    Indicates that policy should effect container execution (not just for audit).
    EnforceAfterDays int
    Indicates the number of days after which the runtime policy will be changed to enforce mode.
    Id string
    The provider-assigned unique ID for this managed resource.
    MonitorSystemLogIntegrity bool
    If true, system log will be monitored.
    MonitorSystemTimeChanges bool
    If true, system time changes will be monitored.
    MonitorWindowsServices bool
    If true, windows service operations will be monitored.
    Name string
    Name of the host runtime policy
    OsGroupsAlloweds List<string>
    List of OS (Linux or Windows) groups that are allowed to authenticate to the host, and block authentication requests from all others. Groups can be either Linux groups or Windows AD groups.
    OsGroupsBlockeds List<string>
    List of OS (Linux or Windows) groups that are not allowed to authenticate to the host, and block authentication requests from all others. Groups can be either Linux groups or Windows AD groups.
    OsUsersAlloweds List<string>
    List of OS (Linux or Windows) users that are allowed to authenticate to the host, and block authentication requests from all others.
    OsUsersBlockeds List<string>
    List of OS (Linux or Windows) users that are not allowed to authenticate to the host, and block authentication requests from all others.
    PortScanningDetection bool
    If true, port scanning behaviors will be audited.
    ScopeExpression string
    Logical expression of how to compute the dependency of the scope variables.
    ScopeVariables List<Pulumiverse.Aquasec.Outputs.GetHostRuntimePolicyScopeVariable>
    List of scope attributes.
    WindowsRegistryMonitorings List<Pulumiverse.Aquasec.Outputs.GetHostRuntimePolicyWindowsRegistryMonitoring>
    Configuration for windows registry monitoring.
    WindowsRegistryProtections List<Pulumiverse.Aquasec.Outputs.GetHostRuntimePolicyWindowsRegistryProtection>
    Configuration for windows registry protection.
    Auditing Pulumiverse.Aquasec.Outputs.GetHostRuntimePolicyAuditing
    FileIntegrityMonitorings List<Pulumiverse.Aquasec.Outputs.GetHostRuntimePolicyFileIntegrityMonitoring>
    Configuration for file integrity monitoring.
    MalwareScanOptions List<Pulumiverse.Aquasec.Outputs.GetHostRuntimePolicyMalwareScanOption>
    Configuration for Real-Time Malware Protection.
    PackageBlocks List<Pulumiverse.Aquasec.Outputs.GetHostRuntimePolicyPackageBlock>
    ApplicationScopes []string
    Indicates the application scope of the service.
    AuditAllOsUserActivity bool
    If true, all process activity will be audited.
    AuditBruteForceLogin bool
    Detects brute force login attempts
    AuditFullCommandArguments bool
    If true, full command arguments will be audited.
    AuditHostFailedLoginEvents bool
    If true, host failed logins will be audited.
    AuditHostSuccessfulLoginEvents bool
    If true, host successful logins will be audited.
    AuditUserAccountManagement bool
    If true, account management will be audited.
    Author string
    Username of the account that created the service.
    BlockCryptocurrencyMining bool
    Detect and prevent communication to DNS/IP addresses known to be used for Cryptocurrency Mining
    BlockedFiles []string
    List of files that are prevented from being read, modified and executed in the containers.
    Description string
    The description of the host runtime policy
    EnableIpReputation bool
    If true, detect and prevent communication from containers to IP addresses known to have a bad reputation.
    Enabled bool
    Indicates if the runtime policy is enabled or not.
    Enforce bool
    Indicates that policy should effect container execution (not just for audit).
    EnforceAfterDays int
    Indicates the number of days after which the runtime policy will be changed to enforce mode.
    Id string
    The provider-assigned unique ID for this managed resource.
    MonitorSystemLogIntegrity bool
    If true, system log will be monitored.
    MonitorSystemTimeChanges bool
    If true, system time changes will be monitored.
    MonitorWindowsServices bool
    If true, windows service operations will be monitored.
    Name string
    Name of the host runtime policy
    OsGroupsAlloweds []string
    List of OS (Linux or Windows) groups that are allowed to authenticate to the host, and block authentication requests from all others. Groups can be either Linux groups or Windows AD groups.
    OsGroupsBlockeds []string
    List of OS (Linux or Windows) groups that are not allowed to authenticate to the host, and block authentication requests from all others. Groups can be either Linux groups or Windows AD groups.
    OsUsersAlloweds []string
    List of OS (Linux or Windows) users that are allowed to authenticate to the host, and block authentication requests from all others.
    OsUsersBlockeds []string
    List of OS (Linux or Windows) users that are not allowed to authenticate to the host, and block authentication requests from all others.
    PortScanningDetection bool
    If true, port scanning behaviors will be audited.
    ScopeExpression string
    Logical expression of how to compute the dependency of the scope variables.
    ScopeVariables []GetHostRuntimePolicyScopeVariable
    List of scope attributes.
    WindowsRegistryMonitorings []GetHostRuntimePolicyWindowsRegistryMonitoring
    Configuration for windows registry monitoring.
    WindowsRegistryProtections []GetHostRuntimePolicyWindowsRegistryProtection
    Configuration for windows registry protection.
    Auditing GetHostRuntimePolicyAuditing
    FileIntegrityMonitorings []GetHostRuntimePolicyFileIntegrityMonitoring
    Configuration for file integrity monitoring.
    MalwareScanOptions []GetHostRuntimePolicyMalwareScanOption
    Configuration for Real-Time Malware Protection.
    PackageBlocks []GetHostRuntimePolicyPackageBlock
    applicationScopes List<String>
    Indicates the application scope of the service.
    auditAllOsUserActivity Boolean
    If true, all process activity will be audited.
    auditBruteForceLogin Boolean
    Detects brute force login attempts
    auditFullCommandArguments Boolean
    If true, full command arguments will be audited.
    auditHostFailedLoginEvents Boolean
    If true, host failed logins will be audited.
    auditHostSuccessfulLoginEvents Boolean
    If true, host successful logins will be audited.
    auditUserAccountManagement Boolean
    If true, account management will be audited.
    author String
    Username of the account that created the service.
    blockCryptocurrencyMining Boolean
    Detect and prevent communication to DNS/IP addresses known to be used for Cryptocurrency Mining
    blockedFiles List<String>
    List of files that are prevented from being read, modified and executed in the containers.
    description String
    The description of the host runtime policy
    enableIpReputation Boolean
    If true, detect and prevent communication from containers to IP addresses known to have a bad reputation.
    enabled Boolean
    Indicates if the runtime policy is enabled or not.
    enforce Boolean
    Indicates that policy should effect container execution (not just for audit).
    enforceAfterDays Integer
    Indicates the number of days after which the runtime policy will be changed to enforce mode.
    id String
    The provider-assigned unique ID for this managed resource.
    monitorSystemLogIntegrity Boolean
    If true, system log will be monitored.
    monitorSystemTimeChanges Boolean
    If true, system time changes will be monitored.
    monitorWindowsServices Boolean
    If true, windows service operations will be monitored.
    name String
    Name of the host runtime policy
    osGroupsAlloweds List<String>
    List of OS (Linux or Windows) groups that are allowed to authenticate to the host, and block authentication requests from all others. Groups can be either Linux groups or Windows AD groups.
    osGroupsBlockeds List<String>
    List of OS (Linux or Windows) groups that are not allowed to authenticate to the host, and block authentication requests from all others. Groups can be either Linux groups or Windows AD groups.
    osUsersAlloweds List<String>
    List of OS (Linux or Windows) users that are allowed to authenticate to the host, and block authentication requests from all others.
    osUsersBlockeds List<String>
    List of OS (Linux or Windows) users that are not allowed to authenticate to the host, and block authentication requests from all others.
    portScanningDetection Boolean
    If true, port scanning behaviors will be audited.
    scopeExpression String
    Logical expression of how to compute the dependency of the scope variables.
    scopeVariables List<GetHostRuntimePolicyScopeVariable>
    List of scope attributes.
    windowsRegistryMonitorings List<GetHostRuntimePolicyWindowsRegistryMonitoring>
    Configuration for windows registry monitoring.
    windowsRegistryProtections List<GetHostRuntimePolicyWindowsRegistryProtection>
    Configuration for windows registry protection.
    auditing GetHostRuntimePolicyAuditing
    fileIntegrityMonitorings List<GetHostRuntimePolicyFileIntegrityMonitoring>
    Configuration for file integrity monitoring.
    malwareScanOptions List<GetHostRuntimePolicyMalwareScanOption>
    Configuration for Real-Time Malware Protection.
    packageBlocks List<GetHostRuntimePolicyPackageBlock>
    applicationScopes string[]
    Indicates the application scope of the service.
    auditAllOsUserActivity boolean
    If true, all process activity will be audited.
    auditBruteForceLogin boolean
    Detects brute force login attempts
    auditFullCommandArguments boolean
    If true, full command arguments will be audited.
    auditHostFailedLoginEvents boolean
    If true, host failed logins will be audited.
    auditHostSuccessfulLoginEvents boolean
    If true, host successful logins will be audited.
    auditUserAccountManagement boolean
    If true, account management will be audited.
    author string
    Username of the account that created the service.
    blockCryptocurrencyMining boolean
    Detect and prevent communication to DNS/IP addresses known to be used for Cryptocurrency Mining
    blockedFiles string[]
    List of files that are prevented from being read, modified and executed in the containers.
    description string
    The description of the host runtime policy
    enableIpReputation boolean
    If true, detect and prevent communication from containers to IP addresses known to have a bad reputation.
    enabled boolean
    Indicates if the runtime policy is enabled or not.
    enforce boolean
    Indicates that policy should effect container execution (not just for audit).
    enforceAfterDays number
    Indicates the number of days after which the runtime policy will be changed to enforce mode.
    id string
    The provider-assigned unique ID for this managed resource.
    monitorSystemLogIntegrity boolean
    If true, system log will be monitored.
    monitorSystemTimeChanges boolean
    If true, system time changes will be monitored.
    monitorWindowsServices boolean
    If true, windows service operations will be monitored.
    name string
    Name of the host runtime policy
    osGroupsAlloweds string[]
    List of OS (Linux or Windows) groups that are allowed to authenticate to the host, and block authentication requests from all others. Groups can be either Linux groups or Windows AD groups.
    osGroupsBlockeds string[]
    List of OS (Linux or Windows) groups that are not allowed to authenticate to the host, and block authentication requests from all others. Groups can be either Linux groups or Windows AD groups.
    osUsersAlloweds string[]
    List of OS (Linux or Windows) users that are allowed to authenticate to the host, and block authentication requests from all others.
    osUsersBlockeds string[]
    List of OS (Linux or Windows) users that are not allowed to authenticate to the host, and block authentication requests from all others.
    portScanningDetection boolean
    If true, port scanning behaviors will be audited.
    scopeExpression string
    Logical expression of how to compute the dependency of the scope variables.
    scopeVariables GetHostRuntimePolicyScopeVariable[]
    List of scope attributes.
    windowsRegistryMonitorings GetHostRuntimePolicyWindowsRegistryMonitoring[]
    Configuration for windows registry monitoring.
    windowsRegistryProtections GetHostRuntimePolicyWindowsRegistryProtection[]
    Configuration for windows registry protection.
    auditing GetHostRuntimePolicyAuditing
    fileIntegrityMonitorings GetHostRuntimePolicyFileIntegrityMonitoring[]
    Configuration for file integrity monitoring.
    malwareScanOptions GetHostRuntimePolicyMalwareScanOption[]
    Configuration for Real-Time Malware Protection.
    packageBlocks GetHostRuntimePolicyPackageBlock[]
    application_scopes Sequence[str]
    Indicates the application scope of the service.
    audit_all_os_user_activity bool
    If true, all process activity will be audited.
    audit_brute_force_login bool
    Detects brute force login attempts
    audit_full_command_arguments bool
    If true, full command arguments will be audited.
    audit_host_failed_login_events bool
    If true, host failed logins will be audited.
    audit_host_successful_login_events bool
    If true, host successful logins will be audited.
    audit_user_account_management bool
    If true, account management will be audited.
    author str
    Username of the account that created the service.
    block_cryptocurrency_mining bool
    Detect and prevent communication to DNS/IP addresses known to be used for Cryptocurrency Mining
    blocked_files Sequence[str]
    List of files that are prevented from being read, modified and executed in the containers.
    description str
    The description of the host runtime policy
    enable_ip_reputation bool
    If true, detect and prevent communication from containers to IP addresses known to have a bad reputation.
    enabled bool
    Indicates if the runtime policy is enabled or not.
    enforce bool
    Indicates that policy should effect container execution (not just for audit).
    enforce_after_days int
    Indicates the number of days after which the runtime policy will be changed to enforce mode.
    id str
    The provider-assigned unique ID for this managed resource.
    monitor_system_log_integrity bool
    If true, system log will be monitored.
    monitor_system_time_changes bool
    If true, system time changes will be monitored.
    monitor_windows_services bool
    If true, windows service operations will be monitored.
    name str
    Name of the host runtime policy
    os_groups_alloweds Sequence[str]
    List of OS (Linux or Windows) groups that are allowed to authenticate to the host, and block authentication requests from all others. Groups can be either Linux groups or Windows AD groups.
    os_groups_blockeds Sequence[str]
    List of OS (Linux or Windows) groups that are not allowed to authenticate to the host, and block authentication requests from all others. Groups can be either Linux groups or Windows AD groups.
    os_users_alloweds Sequence[str]
    List of OS (Linux or Windows) users that are allowed to authenticate to the host, and block authentication requests from all others.
    os_users_blockeds Sequence[str]
    List of OS (Linux or Windows) users that are not allowed to authenticate to the host, and block authentication requests from all others.
    port_scanning_detection bool
    If true, port scanning behaviors will be audited.
    scope_expression str
    Logical expression of how to compute the dependency of the scope variables.
    scope_variables Sequence[GetHostRuntimePolicyScopeVariable]
    List of scope attributes.
    windows_registry_monitorings Sequence[GetHostRuntimePolicyWindowsRegistryMonitoring]
    Configuration for windows registry monitoring.
    windows_registry_protections Sequence[GetHostRuntimePolicyWindowsRegistryProtection]
    Configuration for windows registry protection.
    auditing GetHostRuntimePolicyAuditing
    file_integrity_monitorings Sequence[GetHostRuntimePolicyFileIntegrityMonitoring]
    Configuration for file integrity monitoring.
    malware_scan_options Sequence[GetHostRuntimePolicyMalwareScanOption]
    Configuration for Real-Time Malware Protection.
    package_blocks Sequence[GetHostRuntimePolicyPackageBlock]
    applicationScopes List<String>
    Indicates the application scope of the service.
    auditAllOsUserActivity Boolean
    If true, all process activity will be audited.
    auditBruteForceLogin Boolean
    Detects brute force login attempts
    auditFullCommandArguments Boolean
    If true, full command arguments will be audited.
    auditHostFailedLoginEvents Boolean
    If true, host failed logins will be audited.
    auditHostSuccessfulLoginEvents Boolean
    If true, host successful logins will be audited.
    auditUserAccountManagement Boolean
    If true, account management will be audited.
    author String
    Username of the account that created the service.
    blockCryptocurrencyMining Boolean
    Detect and prevent communication to DNS/IP addresses known to be used for Cryptocurrency Mining
    blockedFiles List<String>
    List of files that are prevented from being read, modified and executed in the containers.
    description String
    The description of the host runtime policy
    enableIpReputation Boolean
    If true, detect and prevent communication from containers to IP addresses known to have a bad reputation.
    enabled Boolean
    Indicates if the runtime policy is enabled or not.
    enforce Boolean
    Indicates that policy should effect container execution (not just for audit).
    enforceAfterDays Number
    Indicates the number of days after which the runtime policy will be changed to enforce mode.
    id String
    The provider-assigned unique ID for this managed resource.
    monitorSystemLogIntegrity Boolean
    If true, system log will be monitored.
    monitorSystemTimeChanges Boolean
    If true, system time changes will be monitored.
    monitorWindowsServices Boolean
    If true, windows service operations will be monitored.
    name String
    Name of the host runtime policy
    osGroupsAlloweds List<String>
    List of OS (Linux or Windows) groups that are allowed to authenticate to the host, and block authentication requests from all others. Groups can be either Linux groups or Windows AD groups.
    osGroupsBlockeds List<String>
    List of OS (Linux or Windows) groups that are not allowed to authenticate to the host, and block authentication requests from all others. Groups can be either Linux groups or Windows AD groups.
    osUsersAlloweds List<String>
    List of OS (Linux or Windows) users that are allowed to authenticate to the host, and block authentication requests from all others.
    osUsersBlockeds List<String>
    List of OS (Linux or Windows) users that are not allowed to authenticate to the host, and block authentication requests from all others.
    portScanningDetection Boolean
    If true, port scanning behaviors will be audited.
    scopeExpression String
    Logical expression of how to compute the dependency of the scope variables.
    scopeVariables List<Property Map>
    List of scope attributes.
    windowsRegistryMonitorings List<Property Map>
    Configuration for windows registry monitoring.
    windowsRegistryProtections List<Property Map>
    Configuration for windows registry protection.
    auditing Property Map
    fileIntegrityMonitorings List<Property Map>
    Configuration for file integrity monitoring.
    malwareScanOptions List<Property Map>
    Configuration for Real-Time Malware Protection.
    packageBlocks List<Property Map>

    Supporting Types

    GetHostRuntimePolicyAuditing

    GetHostRuntimePolicyFileIntegrityMonitoring

    Enabled bool
    If true, file integrity monitoring is enabled.
    ExceptionalMonitoredFiles List<string>
    List of paths to be excluded from monitoring.
    ExceptionalMonitoredFilesProcesses List<string>
    List of processes to be excluded from monitoring.
    ExceptionalMonitoredFilesUsers List<string>
    List of users to be excluded from monitoring.
    MonitoredFiles List<string>
    List of paths to be monitored.
    MonitoredFilesAttributes bool
    Whether to monitor file attribute operations.
    MonitoredFilesCreate bool
    Whether to monitor file create operations.
    MonitoredFilesDelete bool
    Whether to monitor file delete operations.
    MonitoredFilesModify bool
    Whether to monitor file modify operations.
    MonitoredFilesProcesses List<string>
    List of processes associated with monitored files.
    MonitoredFilesRead bool
    Whether to monitor file read operations.
    MonitoredFilesUsers List<string>
    List of users associated with monitored files.
    Enabled bool
    If true, file integrity monitoring is enabled.
    ExceptionalMonitoredFiles []string
    List of paths to be excluded from monitoring.
    ExceptionalMonitoredFilesProcesses []string
    List of processes to be excluded from monitoring.
    ExceptionalMonitoredFilesUsers []string
    List of users to be excluded from monitoring.
    MonitoredFiles []string
    List of paths to be monitored.
    MonitoredFilesAttributes bool
    Whether to monitor file attribute operations.
    MonitoredFilesCreate bool
    Whether to monitor file create operations.
    MonitoredFilesDelete bool
    Whether to monitor file delete operations.
    MonitoredFilesModify bool
    Whether to monitor file modify operations.
    MonitoredFilesProcesses []string
    List of processes associated with monitored files.
    MonitoredFilesRead bool
    Whether to monitor file read operations.
    MonitoredFilesUsers []string
    List of users associated with monitored files.
    enabled Boolean
    If true, file integrity monitoring is enabled.
    exceptionalMonitoredFiles List<String>
    List of paths to be excluded from monitoring.
    exceptionalMonitoredFilesProcesses List<String>
    List of processes to be excluded from monitoring.
    exceptionalMonitoredFilesUsers List<String>
    List of users to be excluded from monitoring.
    monitoredFiles List<String>
    List of paths to be monitored.
    monitoredFilesAttributes Boolean
    Whether to monitor file attribute operations.
    monitoredFilesCreate Boolean
    Whether to monitor file create operations.
    monitoredFilesDelete Boolean
    Whether to monitor file delete operations.
    monitoredFilesModify Boolean
    Whether to monitor file modify operations.
    monitoredFilesProcesses List<String>
    List of processes associated with monitored files.
    monitoredFilesRead Boolean
    Whether to monitor file read operations.
    monitoredFilesUsers List<String>
    List of users associated with monitored files.
    enabled boolean
    If true, file integrity monitoring is enabled.
    exceptionalMonitoredFiles string[]
    List of paths to be excluded from monitoring.
    exceptionalMonitoredFilesProcesses string[]
    List of processes to be excluded from monitoring.
    exceptionalMonitoredFilesUsers string[]
    List of users to be excluded from monitoring.
    monitoredFiles string[]
    List of paths to be monitored.
    monitoredFilesAttributes boolean
    Whether to monitor file attribute operations.
    monitoredFilesCreate boolean
    Whether to monitor file create operations.
    monitoredFilesDelete boolean
    Whether to monitor file delete operations.
    monitoredFilesModify boolean
    Whether to monitor file modify operations.
    monitoredFilesProcesses string[]
    List of processes associated with monitored files.
    monitoredFilesRead boolean
    Whether to monitor file read operations.
    monitoredFilesUsers string[]
    List of users associated with monitored files.
    enabled bool
    If true, file integrity monitoring is enabled.
    exceptional_monitored_files Sequence[str]
    List of paths to be excluded from monitoring.
    exceptional_monitored_files_processes Sequence[str]
    List of processes to be excluded from monitoring.
    exceptional_monitored_files_users Sequence[str]
    List of users to be excluded from monitoring.
    monitored_files Sequence[str]
    List of paths to be monitored.
    monitored_files_attributes bool
    Whether to monitor file attribute operations.
    monitored_files_create bool
    Whether to monitor file create operations.
    monitored_files_delete bool
    Whether to monitor file delete operations.
    monitored_files_modify bool
    Whether to monitor file modify operations.
    monitored_files_processes Sequence[str]
    List of processes associated with monitored files.
    monitored_files_read bool
    Whether to monitor file read operations.
    monitored_files_users Sequence[str]
    List of users associated with monitored files.
    enabled Boolean
    If true, file integrity monitoring is enabled.
    exceptionalMonitoredFiles List<String>
    List of paths to be excluded from monitoring.
    exceptionalMonitoredFilesProcesses List<String>
    List of processes to be excluded from monitoring.
    exceptionalMonitoredFilesUsers List<String>
    List of users to be excluded from monitoring.
    monitoredFiles List<String>
    List of paths to be monitored.
    monitoredFilesAttributes Boolean
    Whether to monitor file attribute operations.
    monitoredFilesCreate Boolean
    Whether to monitor file create operations.
    monitoredFilesDelete Boolean
    Whether to monitor file delete operations.
    monitoredFilesModify Boolean
    Whether to monitor file modify operations.
    monitoredFilesProcesses List<String>
    List of processes associated with monitored files.
    monitoredFilesRead Boolean
    Whether to monitor file read operations.
    monitoredFilesUsers List<String>
    List of users associated with monitored files.

    GetHostRuntimePolicyMalwareScanOption

    Action string
    Set Action, Defaults to 'Alert' when empty
    Enabled bool
    Defines if enabled or not
    ExcludeDirectories List<string>
    List of registry paths to be excluded from being protected.
    ExcludeProcesses List<string>
    List of registry processes to be excluded from being protected.
    IncludeDirectories List<string>
    List of registry paths to be excluded from being protected.
    Action string
    Set Action, Defaults to 'Alert' when empty
    Enabled bool
    Defines if enabled or not
    ExcludeDirectories []string
    List of registry paths to be excluded from being protected.
    ExcludeProcesses []string
    List of registry processes to be excluded from being protected.
    IncludeDirectories []string
    List of registry paths to be excluded from being protected.
    action String
    Set Action, Defaults to 'Alert' when empty
    enabled Boolean
    Defines if enabled or not
    excludeDirectories List<String>
    List of registry paths to be excluded from being protected.
    excludeProcesses List<String>
    List of registry processes to be excluded from being protected.
    includeDirectories List<String>
    List of registry paths to be excluded from being protected.
    action string
    Set Action, Defaults to 'Alert' when empty
    enabled boolean
    Defines if enabled or not
    excludeDirectories string[]
    List of registry paths to be excluded from being protected.
    excludeProcesses string[]
    List of registry processes to be excluded from being protected.
    includeDirectories string[]
    List of registry paths to be excluded from being protected.
    action str
    Set Action, Defaults to 'Alert' when empty
    enabled bool
    Defines if enabled or not
    exclude_directories Sequence[str]
    List of registry paths to be excluded from being protected.
    exclude_processes Sequence[str]
    List of registry processes to be excluded from being protected.
    include_directories Sequence[str]
    List of registry paths to be excluded from being protected.
    action String
    Set Action, Defaults to 'Alert' when empty
    enabled Boolean
    Defines if enabled or not
    excludeDirectories List<String>
    List of registry paths to be excluded from being protected.
    excludeProcesses List<String>
    List of registry processes to be excluded from being protected.
    includeDirectories List<String>
    List of registry paths to be excluded from being protected.

    GetHostRuntimePolicyPackageBlock

    GetHostRuntimePolicyScopeVariable

    Attribute string
    Class of supported scope.
    Name string
    Name assigned to the attribute.
    Value string
    Value assigned to the attribute.
    Attribute string
    Class of supported scope.
    Name string
    Name assigned to the attribute.
    Value string
    Value assigned to the attribute.
    attribute String
    Class of supported scope.
    name String
    Name assigned to the attribute.
    value String
    Value assigned to the attribute.
    attribute string
    Class of supported scope.
    name string
    Name assigned to the attribute.
    value string
    Value assigned to the attribute.
    attribute str
    Class of supported scope.
    name str
    Name assigned to the attribute.
    value str
    Value assigned to the attribute.
    attribute String
    Class of supported scope.
    name String
    Name assigned to the attribute.
    value String
    Value assigned to the attribute.

    GetHostRuntimePolicyWindowsRegistryMonitoring

    ExcludedPaths List<string>
    List of paths to be excluded from being monitored.
    ExcludedProcesses List<string>
    List of registry processes to be excluded from being monitored.
    ExcludedUsers List<string>
    List of registry users to be excluded from being monitored.
    MonitorAttributes bool
    If true, add attributes operations will be monitored.
    MonitorCreate bool
    If true, create operations will be monitored.
    MonitorDelete bool
    If true, deletion operations will be monitored.
    MonitorModify bool
    If true, modification operations will be monitored.
    MonitorRead bool
    If true, read operations will be monitored.
    MonitoredPaths List<string>
    List of paths to be monitored.
    MonitoredProcesses List<string>
    List of registry processes to be monitored.
    MonitoredUsers List<string>
    List of registry users to be monitored.
    ExcludedPaths []string
    List of paths to be excluded from being monitored.
    ExcludedProcesses []string
    List of registry processes to be excluded from being monitored.
    ExcludedUsers []string
    List of registry users to be excluded from being monitored.
    MonitorAttributes bool
    If true, add attributes operations will be monitored.
    MonitorCreate bool
    If true, create operations will be monitored.
    MonitorDelete bool
    If true, deletion operations will be monitored.
    MonitorModify bool
    If true, modification operations will be monitored.
    MonitorRead bool
    If true, read operations will be monitored.
    MonitoredPaths []string
    List of paths to be monitored.
    MonitoredProcesses []string
    List of registry processes to be monitored.
    MonitoredUsers []string
    List of registry users to be monitored.
    excludedPaths List<String>
    List of paths to be excluded from being monitored.
    excludedProcesses List<String>
    List of registry processes to be excluded from being monitored.
    excludedUsers List<String>
    List of registry users to be excluded from being monitored.
    monitorAttributes Boolean
    If true, add attributes operations will be monitored.
    monitorCreate Boolean
    If true, create operations will be monitored.
    monitorDelete Boolean
    If true, deletion operations will be monitored.
    monitorModify Boolean
    If true, modification operations will be monitored.
    monitorRead Boolean
    If true, read operations will be monitored.
    monitoredPaths List<String>
    List of paths to be monitored.
    monitoredProcesses List<String>
    List of registry processes to be monitored.
    monitoredUsers List<String>
    List of registry users to be monitored.
    excludedPaths string[]
    List of paths to be excluded from being monitored.
    excludedProcesses string[]
    List of registry processes to be excluded from being monitored.
    excludedUsers string[]
    List of registry users to be excluded from being monitored.
    monitorAttributes boolean
    If true, add attributes operations will be monitored.
    monitorCreate boolean
    If true, create operations will be monitored.
    monitorDelete boolean
    If true, deletion operations will be monitored.
    monitorModify boolean
    If true, modification operations will be monitored.
    monitorRead boolean
    If true, read operations will be monitored.
    monitoredPaths string[]
    List of paths to be monitored.
    monitoredProcesses string[]
    List of registry processes to be monitored.
    monitoredUsers string[]
    List of registry users to be monitored.
    excluded_paths Sequence[str]
    List of paths to be excluded from being monitored.
    excluded_processes Sequence[str]
    List of registry processes to be excluded from being monitored.
    excluded_users Sequence[str]
    List of registry users to be excluded from being monitored.
    monitor_attributes bool
    If true, add attributes operations will be monitored.
    monitor_create bool
    If true, create operations will be monitored.
    monitor_delete bool
    If true, deletion operations will be monitored.
    monitor_modify bool
    If true, modification operations will be monitored.
    monitor_read bool
    If true, read operations will be monitored.
    monitored_paths Sequence[str]
    List of paths to be monitored.
    monitored_processes Sequence[str]
    List of registry processes to be monitored.
    monitored_users Sequence[str]
    List of registry users to be monitored.
    excludedPaths List<String>
    List of paths to be excluded from being monitored.
    excludedProcesses List<String>
    List of registry processes to be excluded from being monitored.
    excludedUsers List<String>
    List of registry users to be excluded from being monitored.
    monitorAttributes Boolean
    If true, add attributes operations will be monitored.
    monitorCreate Boolean
    If true, create operations will be monitored.
    monitorDelete Boolean
    If true, deletion operations will be monitored.
    monitorModify Boolean
    If true, modification operations will be monitored.
    monitorRead Boolean
    If true, read operations will be monitored.
    monitoredPaths List<String>
    List of paths to be monitored.
    monitoredProcesses List<String>
    List of registry processes to be monitored.
    monitoredUsers List<String>
    List of registry users to be monitored.

    GetHostRuntimePolicyWindowsRegistryProtection

    ExcludedPaths List<string>
    List of registry paths to be excluded from being protected.
    ExcludedProcesses List<string>
    List of registry processes to be excluded from being protected.
    ExcludedUsers List<string>
    List of registry paths to be users from being protected.
    ProtectedPaths List<string>
    List of registry paths to be protected.
    ProtectedProcesses List<string>
    List of registry processes to be protected.
    ProtectedUsers List<string>
    List of registry users to be protected.
    ExcludedPaths []string
    List of registry paths to be excluded from being protected.
    ExcludedProcesses []string
    List of registry processes to be excluded from being protected.
    ExcludedUsers []string
    List of registry paths to be users from being protected.
    ProtectedPaths []string
    List of registry paths to be protected.
    ProtectedProcesses []string
    List of registry processes to be protected.
    ProtectedUsers []string
    List of registry users to be protected.
    excludedPaths List<String>
    List of registry paths to be excluded from being protected.
    excludedProcesses List<String>
    List of registry processes to be excluded from being protected.
    excludedUsers List<String>
    List of registry paths to be users from being protected.
    protectedPaths List<String>
    List of registry paths to be protected.
    protectedProcesses List<String>
    List of registry processes to be protected.
    protectedUsers List<String>
    List of registry users to be protected.
    excludedPaths string[]
    List of registry paths to be excluded from being protected.
    excludedProcesses string[]
    List of registry processes to be excluded from being protected.
    excludedUsers string[]
    List of registry paths to be users from being protected.
    protectedPaths string[]
    List of registry paths to be protected.
    protectedProcesses string[]
    List of registry processes to be protected.
    protectedUsers string[]
    List of registry users to be protected.
    excluded_paths Sequence[str]
    List of registry paths to be excluded from being protected.
    excluded_processes Sequence[str]
    List of registry processes to be excluded from being protected.
    excluded_users Sequence[str]
    List of registry paths to be users from being protected.
    protected_paths Sequence[str]
    List of registry paths to be protected.
    protected_processes Sequence[str]
    List of registry processes to be protected.
    protected_users Sequence[str]
    List of registry users to be protected.
    excludedPaths List<String>
    List of registry paths to be excluded from being protected.
    excludedProcesses List<String>
    List of registry processes to be excluded from being protected.
    excludedUsers List<String>
    List of registry paths to be users from being protected.
    protectedPaths List<String>
    List of registry paths to be protected.
    protectedProcesses List<String>
    List of registry processes to be protected.
    protectedUsers List<String>
    List of registry users to be protected.

    Package Details

    Repository
    aquasec pulumiverse/pulumi-aquasec
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aquasec Terraform Provider.
    aquasec logo
    Aquasec v0.8.29 published on Monday, Jul 22, 2024 by Pulumiverse