Microsoft.Security defenderForStorageSettings 2022-12-01-preview

• Latest
• 2022-12-01-preview

Bicep resource definition

The defenderForStorageSettings resource type is an extension resource, which means you can apply it to another resource.

Use the scope property on this resource to set the scope for this resource. See Set scope on extension resources in Bicep.

The defenderForStorageSettings resource type can be deployed with operations that target:

• Resource groups - See resource group deployment commands

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Security/defenderForStorageSettings resource, add the following Bicep to your template.

resource symbolicname 'Microsoft.Security/defenderForStorageSettings@2022-12-01-preview' = {
  name: 'current'
  scope: resourceSymbolicName
  properties: {
    isEnabled: bool
    malwareScanning: {
      onUpload: {
        capGBPerMonth: int
        isEnabled: bool
      }
      scanResultsEventGridTopicResourceId: 'string'
    }
    overrideSubscriptionLevelSettings: bool
    sensitiveDataDiscovery: {
      isEnabled: bool
    }
  }
}

Property values

defenderForStorageSettings

Name	Description	Value
name	The resource name	'current'
scope	Use when creating an extension resource at a scope that is different than the deployment scope.	Target resource For Bicep, set this property to the symbolic name of the resource to apply the extension resource.
properties	Defender for Storage resource properties.	DefenderForStorageSettingProperties

DefenderForStorageSettingProperties

Name	Description	Value
isEnabled	Indicates whether Defender for Storage is enabled on this storage account.	bool
malwareScanning	Properties of Malware Scanning.	MalwareScanningProperties
overrideSubscriptionLevelSettings	Indicates whether the settings defined for this storage account should override the settings defined for the subscription.	bool
sensitiveDataDiscovery	Properties of Sensitive Data Discovery.	SensitiveDataDiscoveryProperties

MalwareScanningProperties

Name	Description	Value
onUpload	Properties of On Upload malware scanning.	OnUploadProperties
scanResultsEventGridTopicResourceId	Optional. Resource id of an Event Grid Topic to send scan results to.	string

OnUploadProperties

Name	Description	Value
capGBPerMonth	Defines the max GB to be scanned per Month. Set to -1 if no capping is needed.	int
isEnabled	Indicates whether On Upload malware scanning should be enabled.	bool

SensitiveDataDiscoveryProperties

Name	Description	Value
isEnabled	Indicates whether Sensitive Data Discovery should be enabled.	bool

ARM template resource definition

The defenderForStorageSettings resource type is an extension resource, which means you can apply it to another resource.

Use the scope property on this resource to set the scope for this resource. See Set scope on extension resources in ARM templates.

The defenderForStorageSettings resource type can be deployed with operations that target:

• Resource groups - See resource group deployment commands

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Security/defenderForStorageSettings resource, add the following JSON to your template.

{
  "type": "Microsoft.Security/defenderForStorageSettings",
  "apiVersion": "2022-12-01-preview",
  "name": "current",
  "scope": "string",
  "properties": {
    "isEnabled": "bool",
    "malwareScanning": {
      "onUpload": {
        "capGBPerMonth": "int",
        "isEnabled": "bool"
      },
      "scanResultsEventGridTopicResourceId": "string"
    },
    "overrideSubscriptionLevelSettings": "bool",
    "sensitiveDataDiscovery": {
      "isEnabled": "bool"
    }
  }
}

Property values

defenderForStorageSettings

Name	Description	Value
type	The resource type	'Microsoft.Security/defenderForStorageSettings'
apiVersion	The resource api version	'2022-12-01-preview'
name	The resource name	'current'
scope	Use when creating an extension resource at a scope that is different than the deployment scope.	Target resource For JSON, set the value to the full name of the resource to apply the extension resource to.
properties	Defender for Storage resource properties.	DefenderForStorageSettingProperties

DefenderForStorageSettingProperties

Name	Description	Value
isEnabled	Indicates whether Defender for Storage is enabled on this storage account.	bool
malwareScanning	Properties of Malware Scanning.	MalwareScanningProperties
overrideSubscriptionLevelSettings	Indicates whether the settings defined for this storage account should override the settings defined for the subscription.	bool
sensitiveDataDiscovery	Properties of Sensitive Data Discovery.	SensitiveDataDiscoveryProperties

MalwareScanningProperties

Name	Description	Value
onUpload	Properties of On Upload malware scanning.	OnUploadProperties
scanResultsEventGridTopicResourceId	Optional. Resource id of an Event Grid Topic to send scan results to.	string

OnUploadProperties

Name	Description	Value
capGBPerMonth	Defines the max GB to be scanned per Month. Set to -1 if no capping is needed.	int
isEnabled	Indicates whether On Upload malware scanning should be enabled.	bool

SensitiveDataDiscoveryProperties

Name	Description	Value
isEnabled	Indicates whether Sensitive Data Discovery should be enabled.	bool

Terraform (AzAPI provider) resource definition

The defenderForStorageSettings resource type is an extension resource, which means you can apply it to another resource.

Use the parent_id property on this resource to set the scope for this resource.

The defenderForStorageSettings resource type can be deployed with operations that target:

• Resource groups

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.Security/defenderForStorageSettings resource, add the following Terraform to your template.

resource "azapi_resource" "symbolicname" {
  type = "Microsoft.Security/defenderForStorageSettings@2022-12-01-preview"
  name = "current"
  parent_id = "string"
  body = jsonencode({
    properties = {
      isEnabled = bool
      malwareScanning = {
        onUpload = {
          capGBPerMonth = int
          isEnabled = bool
        }
        scanResultsEventGridTopicResourceId = "string"
      }
      overrideSubscriptionLevelSettings = bool
      sensitiveDataDiscovery = {
        isEnabled = bool
      }
    }
  })
}

Property values

defenderForStorageSettings

Name	Description	Value
type	The resource type	"Microsoft.Security/defenderForStorageSettings@2022-12-01-preview"
name	The resource name	"current"
parent_id	The ID of the resource to apply this extension resource to.	string (required)
properties	Defender for Storage resource properties.	DefenderForStorageSettingProperties

DefenderForStorageSettingProperties

Name	Description	Value
isEnabled	Indicates whether Defender for Storage is enabled on this storage account.	bool
malwareScanning	Properties of Malware Scanning.	MalwareScanningProperties
overrideSubscriptionLevelSettings	Indicates whether the settings defined for this storage account should override the settings defined for the subscription.	bool
sensitiveDataDiscovery	Properties of Sensitive Data Discovery.	SensitiveDataDiscoveryProperties

MalwareScanningProperties

Name	Description	Value
onUpload	Properties of On Upload malware scanning.	OnUploadProperties
scanResultsEventGridTopicResourceId	Optional. Resource id of an Event Grid Topic to send scan results to.	string

OnUploadProperties

Name	Description	Value
capGBPerMonth	Defines the max GB to be scanned per Month. Set to -1 if no capping is needed.	int
isEnabled	Indicates whether On Upload malware scanning should be enabled.	bool

SensitiveDataDiscoveryProperties

Name	Description	Value
isEnabled	Indicates whether Sensitive Data Discovery should be enabled.	bool