New-AzSecurityDefenderForContainersAwsOfferingObject
Create an in-memory object for DefenderForContainersAwsOffering.
Syntax
New-AzSecurityDefenderForContainersAwsOfferingObject
[-AutoProvisioning <Boolean>]
[-CloudWatchToKinesiCloudRoleArn <String>]
[-ContainerVulnerabilityAssessmentCloudRoleArn <String>]
[-ContainerVulnerabilityAssessmentTaskCloudRoleArn <String>]
[-EnableContainerVulnerabilityAssessment <Boolean>]
[-KinesiToS3CloudRoleArn <String>]
[-KubeAuditRetentionTime <Int64>]
[-KuberneteScubaReaderCloudRoleArn <String>]
[-KuberneteServiceCloudRoleArn <String>]
[-MdcContainerAgentlessDiscoveryK8SCloudRoleArn <String>]
[-MdcContainerAgentlessDiscoveryK8SEnabled <Boolean>]
[-MdcContainerImageAssessmentCloudRoleArn <String>]
[-MdcContainerImageAssessmentEnabled <Boolean>]
[-ScubaExternalId <String>]
[<CommonParameters>]
Description
Create an in-memory object for DefenderForContainersAwsOffering.
Examples
Example 1: Create new DefenderForContainersAwsOffering object
$arnPrefix = "arn:aws:iam::123456789012:role"
New-AzSecurityDefenderForContainersAwsOfferingObject `
-AutoProvisioning $true -KuberneteServiceCloudRoleArn "$arnPrefix/DefenderForCloud-Containers-K8s" -KuberneteScubaReaderCloudRoleArn "$arnPrefix/DefenderForCloud-DataCollection" `
-KinesiToS3CloudRoleArn "$arnPrefix/DefenderForCloud-Containers-K8s-kinesis-to-s3" -CloudWatchToKinesiCloudRoleArn "$arnPrefix/DefenderForCloud-Containers-K8s-cloudwatch-to-kinesis" `
-KubeAuditRetentionTime 30 -ScubaExternalId "a47ae0a2-7bf7-482a-897a-7a139d30736c" `
-MdcContainerAgentlessDiscoveryK8SEnabled $true -MdcContainerAgentlessDiscoveryK8SCloudRoleArn "$arnPrefix/MDCContainersAgentlessDiscoveryK8sRole" `
-MdcContainerImageAssessmentEnabled $true -MdcContainerImageAssessmentCloudRoleArn "$arnPrefix/MDCContainersImageAssessmentRole" `
-EnableContainerVulnerabilityAssessment $false
AutoProvisioning : True
CloudWatchToKinesiCloudRoleArn : arn:aws:iam::123456789012:role/DefenderForCloud-Containers-K8s-cloudwatch-to-kinesis
ContainerVulnerabilityAssessmentCloudRoleArn :
ContainerVulnerabilityAssessmentTaskCloudRoleArn :
Description :
EnableContainerVulnerabilityAssessment : False
KinesiToS3CloudRoleArn : arn:aws:iam::123456789012:role/DefenderForCloud-Containers-K8s-kinesis-to-s3
KubeAuditRetentionTime : 30
KuberneteScubaReaderCloudRoleArn : arn:aws:iam::123456789012:role/DefenderForCloud-DataCollection
KuberneteServiceCloudRoleArn : arn:aws:iam::123456789012:role/DefenderForCloud-Containers-K8s
MdcContainerAgentlessDiscoveryK8SCloudRoleArn : arn:aws:iam::123456789012:role/MDCContainersAgentlessDiscoveryK8sRole
MdcContainerAgentlessDiscoveryK8SEnabled : True
MdcContainerImageAssessmentCloudRoleArn : arn:aws:iam::123456789012:role/MDCContainersImageAssessmentRole
MdcContainerImageAssessmentEnabled : True
OfferingType : DefenderForContainersAws
ScubaExternalId : a47ae0a2-7bf7-482a-897a-7a139d30736c
Parameters
-AutoProvisioning
Is audit logs pipeline auto provisioning enabled.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-CloudWatchToKinesiCloudRoleArn
The cloud role ARN in AWS used by CloudWatch to transfer data into Kinesis.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ContainerVulnerabilityAssessmentCloudRoleArn
The cloud role ARN in AWS for this feature.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ContainerVulnerabilityAssessmentTaskCloudRoleArn
The cloud role ARN in AWS for this feature.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-EnableContainerVulnerabilityAssessment
Enable container vulnerability assessment feature.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-KinesiToS3CloudRoleArn
The cloud role ARN in AWS used by Kinesis to transfer data into S3.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-KubeAuditRetentionTime
The retention time in days of kube audit logs set on the CloudWatch log group.
Type: | Int64 |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-KuberneteScubaReaderCloudRoleArn
The cloud role ARN in AWS for this feature used for reading data.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-KuberneteServiceCloudRoleArn
The cloud role ARN in AWS for this feature used for provisioning resources.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MdcContainerAgentlessDiscoveryK8SCloudRoleArn
The cloud role ARN in AWS for this feature.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MdcContainerAgentlessDiscoveryK8SEnabled
Is Microsoft Defender container agentless discovery K8s enabled.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MdcContainerImageAssessmentCloudRoleArn
The cloud role ARN in AWS for this feature.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-MdcContainerImageAssessmentEnabled
Is Microsoft Defender container image assessment enabled.
Type: | Boolean |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
-ScubaExternalId
The externalId used by the data reader to prevent the confused deputy attack.
Type: | String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Outputs
Azure PowerShell