Microsoft.Security locations/applicationWhitelistings 2020-01-01
Bicep resource definition
The locations/applicationWhitelistings resource type can be deployed with operations that target:
- Subscriptions - See subscription deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Security/locations/applicationWhitelistings resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.Security/locations/applicationWhitelistings@2020-01-01' = {
name: 'string'
parent: resourceSymbolicName
properties: {
enforcementMode: 'string'
pathRecommendations: [
{
action: 'string'
common: bool
configurationStatus: 'string'
fileType: 'string'
path: 'string'
publisherInfo: {
binaryName: 'string'
productName: 'string'
publisherName: 'string'
version: 'string'
}
type: 'string'
usernames: [
{
recommendationAction: 'string'
username: 'string'
}
]
userSids: [
'string'
]
}
]
protectionMode: {
exe: 'string'
executable: 'string'
msi: 'string'
script: 'string'
}
vmRecommendations: [
{
configurationStatus: 'string'
enforcementSupport: 'string'
recommendationAction: 'string'
resourceId: 'string'
}
]
}
}
Property values
locations/applicationWhitelistings
| Name | Description | Value |
|---|---|---|
| name | The resource name See how to set names and types for child resources in Bicep. |
string (required) Character limit: 1-260 Valid characters: Alphanumerics, underscores, and hyphens. |
| parent | In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource. For more information, see Child resource outside parent resource. |
Symbolic name for resource of type: locations |
| properties | Represents a machines group and set of rules to be allowed running on a machine | AdaptiveApplicationControlGroupData (required) |
AdaptiveApplicationControlGroupData
| Name | Description | Value |
|---|---|---|
| enforcementMode | The application control policy enforcement/protection mode of the machine group | 'Audit' 'Enforce' 'None' |
| pathRecommendations | PathRecommendation[] | |
| protectionMode | The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux. | ProtectionMode |
| vmRecommendations | VmRecommendation[] |
PathRecommendation
| Name | Description | Value |
|---|---|---|
| action | The recommendation action of the machine or rule | 'Add' 'Recommended' 'Remove' |
| common | Whether the application is commonly run on the machine | bool |
| configurationStatus | The configuration status of the machines group or machine or rule | 'Configured' 'Failed' 'InProgress' 'NoStatus' 'NotConfigured' |
| fileType | The type of the file (for Linux files - Executable is used) | 'Dll' 'Exe' 'Executable' 'Msi' 'Script' 'Unknown' |
| path | The full path of the file, or an identifier of the application | string |
| publisherInfo | Represents the publisher information of a process/rule | PublisherInfo |
| type | The type of the rule to be allowed | 'BinarySignature' 'File' 'FileHash' 'ProductSignature' 'PublisherSignature' 'VersionAndAboveSignature' |
| usernames | UserRecommendation[] | |
| userSids | string[] |
PublisherInfo
| Name | Description | Value |
|---|---|---|
| binaryName | The "OriginalName" field taken from the file's version resource | string |
| productName | The product name taken from the file's version resource | string |
| publisherName | The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country | string |
| version | The binary file version taken from the file's version resource | string |
UserRecommendation
| Name | Description | Value |
|---|---|---|
| recommendationAction | The recommendation action of the machine or rule | 'Add' 'Recommended' 'Remove' |
| username | Represents a user that is recommended to be allowed for a certain rule | string |
ProtectionMode
| Name | Description | Value |
|---|---|---|
| exe | The application control policy enforcement/protection mode of the machine group | 'Audit' 'Enforce' 'None' |
| executable | The application control policy enforcement/protection mode of the machine group | 'Audit' 'Enforce' 'None' |
| msi | The application control policy enforcement/protection mode of the machine group | 'Audit' 'Enforce' 'None' |
| script | The application control policy enforcement/protection mode of the machine group | 'Audit' 'Enforce' 'None' |
VmRecommendation
| Name | Description | Value |
|---|---|---|
| configurationStatus | The configuration status of the machines group or machine or rule | 'Configured' 'Failed' 'InProgress' 'NoStatus' 'NotConfigured' |
| enforcementSupport | The machine supportability of Enforce feature | 'NotSupported' 'Supported' 'Unknown' |
| recommendationAction | The recommendation action of the machine or rule | 'Add' 'Recommended' 'Remove' |
| resourceId | The full resource id of the machine | string |
ARM template resource definition
The locations/applicationWhitelistings resource type can be deployed with operations that target:
- Subscriptions - See subscription deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Security/locations/applicationWhitelistings resource, add the following JSON to your template.
{
"type": "Microsoft.Security/locations/applicationWhitelistings",
"apiVersion": "2020-01-01",
"name": "string",
"properties": {
"enforcementMode": "string",
"pathRecommendations": [
{
"action": "string",
"common": "bool",
"configurationStatus": "string",
"fileType": "string",
"path": "string",
"publisherInfo": {
"binaryName": "string",
"productName": "string",
"publisherName": "string",
"version": "string"
},
"type": "string",
"usernames": [
{
"recommendationAction": "string",
"username": "string"
}
],
"userSids": [ "string" ]
}
],
"protectionMode": {
"exe": "string",
"executable": "string",
"msi": "string",
"script": "string"
},
"vmRecommendations": [
{
"configurationStatus": "string",
"enforcementSupport": "string",
"recommendationAction": "string",
"resourceId": "string"
}
]
}
}
Property values
locations/applicationWhitelistings
| Name | Description | Value |
|---|---|---|
| type | The resource type | 'Microsoft.Security/locations/applicationWhitelistings' |
| apiVersion | The resource api version | '2020-01-01' |
| name | The resource name See how to set names and types for child resources in JSON ARM templates. |
string (required) Character limit: 1-260 Valid characters: Alphanumerics, underscores, and hyphens. |
| properties | Represents a machines group and set of rules to be allowed running on a machine | AdaptiveApplicationControlGroupData (required) |
AdaptiveApplicationControlGroupData
| Name | Description | Value |
|---|---|---|
| enforcementMode | The application control policy enforcement/protection mode of the machine group | 'Audit' 'Enforce' 'None' |
| pathRecommendations | PathRecommendation[] | |
| protectionMode | The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux. | ProtectionMode |
| vmRecommendations | VmRecommendation[] |
PathRecommendation
| Name | Description | Value |
|---|---|---|
| action | The recommendation action of the machine or rule | 'Add' 'Recommended' 'Remove' |
| common | Whether the application is commonly run on the machine | bool |
| configurationStatus | The configuration status of the machines group or machine or rule | 'Configured' 'Failed' 'InProgress' 'NoStatus' 'NotConfigured' |
| fileType | The type of the file (for Linux files - Executable is used) | 'Dll' 'Exe' 'Executable' 'Msi' 'Script' 'Unknown' |
| path | The full path of the file, or an identifier of the application | string |
| publisherInfo | Represents the publisher information of a process/rule | PublisherInfo |
| type | The type of the rule to be allowed | 'BinarySignature' 'File' 'FileHash' 'ProductSignature' 'PublisherSignature' 'VersionAndAboveSignature' |
| usernames | UserRecommendation[] | |
| userSids | string[] |
PublisherInfo
| Name | Description | Value |
|---|---|---|
| binaryName | The "OriginalName" field taken from the file's version resource | string |
| productName | The product name taken from the file's version resource | string |
| publisherName | The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country | string |
| version | The binary file version taken from the file's version resource | string |
UserRecommendation
| Name | Description | Value |
|---|---|---|
| recommendationAction | The recommendation action of the machine or rule | 'Add' 'Recommended' 'Remove' |
| username | Represents a user that is recommended to be allowed for a certain rule | string |
ProtectionMode
| Name | Description | Value |
|---|---|---|
| exe | The application control policy enforcement/protection mode of the machine group | 'Audit' 'Enforce' 'None' |
| executable | The application control policy enforcement/protection mode of the machine group | 'Audit' 'Enforce' 'None' |
| msi | The application control policy enforcement/protection mode of the machine group | 'Audit' 'Enforce' 'None' |
| script | The application control policy enforcement/protection mode of the machine group | 'Audit' 'Enforce' 'None' |
VmRecommendation
| Name | Description | Value |
|---|---|---|
| configurationStatus | The configuration status of the machines group or machine or rule | 'Configured' 'Failed' 'InProgress' 'NoStatus' 'NotConfigured' |
| enforcementSupport | The machine supportability of Enforce feature | 'NotSupported' 'Supported' 'Unknown' |
| recommendationAction | The recommendation action of the machine or rule | 'Add' 'Recommended' 'Remove' |
| resourceId | The full resource id of the machine | string |
Terraform (AzAPI provider) resource definition
The locations/applicationWhitelistings resource type can be deployed with operations that target:
- Subscriptions
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Security/locations/applicationWhitelistings resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.Security/locations/applicationWhitelistings@2020-01-01"
name = "string"
parent_id = "string"
body = jsonencode({
properties = {
enforcementMode = "string"
pathRecommendations = [
{
action = "string"
common = bool
configurationStatus = "string"
fileType = "string"
path = "string"
publisherInfo = {
binaryName = "string"
productName = "string"
publisherName = "string"
version = "string"
}
type = "string"
usernames = [
{
recommendationAction = "string"
username = "string"
}
]
userSids = [
"string"
]
}
]
protectionMode = {
exe = "string"
executable = "string"
msi = "string"
script = "string"
}
vmRecommendations = [
{
configurationStatus = "string"
enforcementSupport = "string"
recommendationAction = "string"
resourceId = "string"
}
]
}
})
}
Property values
locations/applicationWhitelistings
| Name | Description | Value |
|---|---|---|
| type | The resource type | "Microsoft.Security/locations/applicationWhitelistings@2020-01-01" |
| name | The resource name | string (required) Character limit: 1-260 Valid characters: Alphanumerics, underscores, and hyphens. |
| parent_id | The ID of the resource that is the parent for this resource. | ID for resource of type: locations |
| properties | Represents a machines group and set of rules to be allowed running on a machine | AdaptiveApplicationControlGroupData (required) |
AdaptiveApplicationControlGroupData
| Name | Description | Value |
|---|---|---|
| enforcementMode | The application control policy enforcement/protection mode of the machine group | "Audit" "Enforce" "None" |
| pathRecommendations | PathRecommendation[] | |
| protectionMode | The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux. | ProtectionMode |
| vmRecommendations | VmRecommendation[] |
PathRecommendation
| Name | Description | Value |
|---|---|---|
| action | The recommendation action of the machine or rule | "Add" "Recommended" "Remove" |
| common | Whether the application is commonly run on the machine | bool |
| configurationStatus | The configuration status of the machines group or machine or rule | "Configured" "Failed" "InProgress" "NoStatus" "NotConfigured" |
| fileType | The type of the file (for Linux files - Executable is used) | "Dll" "Exe" "Executable" "Msi" "Script" "Unknown" |
| path | The full path of the file, or an identifier of the application | string |
| publisherInfo | Represents the publisher information of a process/rule | PublisherInfo |
| type | The type of the rule to be allowed | "BinarySignature" "File" "FileHash" "ProductSignature" "PublisherSignature" "VersionAndAboveSignature" |
| usernames | UserRecommendation[] | |
| userSids | string[] |
PublisherInfo
| Name | Description | Value |
|---|---|---|
| binaryName | The "OriginalName" field taken from the file's version resource | string |
| productName | The product name taken from the file's version resource | string |
| publisherName | The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country | string |
| version | The binary file version taken from the file's version resource | string |
UserRecommendation
| Name | Description | Value |
|---|---|---|
| recommendationAction | The recommendation action of the machine or rule | "Add" "Recommended" "Remove" |
| username | Represents a user that is recommended to be allowed for a certain rule | string |
ProtectionMode
| Name | Description | Value |
|---|---|---|
| exe | The application control policy enforcement/protection mode of the machine group | "Audit" "Enforce" "None" |
| executable | The application control policy enforcement/protection mode of the machine group | "Audit" "Enforce" "None" |
| msi | The application control policy enforcement/protection mode of the machine group | "Audit" "Enforce" "None" |
| script | The application control policy enforcement/protection mode of the machine group | "Audit" "Enforce" "None" |
VmRecommendation
| Name | Description | Value |
|---|---|---|
| configurationStatus | The configuration status of the machines group or machine or rule | "Configured" "Failed" "InProgress" "NoStatus" "NotConfigured" |
| enforcementSupport | The machine supportability of Enforce feature | "NotSupported" "Supported" "Unknown" |
| recommendationAction | The recommendation action of the machine or rule | "Add" "Recommended" "Remove" |
| resourceId | The full resource id of the machine | string |
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for