@gtheocrwd/pulumi-crowdstrike

import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; export interface FilevantagePolicyScheduledExclusion { /** * Description of the scheduled exclusion. */ description?: pulumi.Input<string>; /** * The end date of the scheduled exclusion. Format: YYYY-MM-DD */ endDate?: pulumi.Input<string>; /** * The end time of the scheduled exclusion in 24 hour format. Format: HH:MM */ endTime?: pulumi.Input<string>; /** * Identifier for the scheduled exclusion. */ id?: pulumi.Input<string>; /** * Name of the scheduled exclusion. */ name: pulumi.Input<string>; /** * A comma separated list of processes to exclude changes from. Example: **/run*me.sh excludes changes made by run*me.sh in any location */ processes?: pulumi.Input<string>; /** * Repeated scheduled exclusion */ repeated?: pulumi.Input<inputs.FilevantagePolicyScheduledExclusionRepeated>; /** * The start date of the scheduled exclusion. Format: YYYY-MM-DD */ startDate: pulumi.Input<string>; /** * The start time of the scheduled exclusion in 24 hour format. Format: HH:MM */ startTime: pulumi.Input<string>; /** * The timezone to use for the time fields. See https://en.wikipedia.org/wiki/List*of*tz*database*time_zones. */ timezone: pulumi.Input<string>; /** * A comma separated list of users to exclude changes from. Example: user1,user2,admin* excludes changes made by user1, user2, and any user starting with admin */ users?: pulumi.Input<string>; } export interface FilevantagePolicyScheduledExclusionRepeated { /** * If the exclusion is all day. */ allDay: pulumi.Input<boolean>; /** * The days of the month to allow the exclusion. Required if frequency is set to monthly and monthlyOccurrence is set to days. Options: 1-31 */ daysOfMonths?: pulumi.Input<pulumi.Input<number>[]>; /** * The days of the week to allow the exclusion. Required if frequency is set to weekly or set to monthly and monthlyOccurrence is set to a week. Options: Sunday, Monday, Tuesday, Wednesday, Thursday, Friday, Saturday */ daysOfWeeks?: pulumi.Input<pulumi.Input<string>[]>; /** * The end time to end the scheduled exclusion in 24 hour format. Format: HH:MM required if allDay is false */ endTime?: pulumi.Input<string>; /** * The frequency of the exclusion. Options: daily, weekly, monthly */ frequency: pulumi.Input<string>; /** * The monthly occurrence of the exclusion. Either specify a week (first, second, third, fourth) or set to days to specify days of the month. Options: first, second, third, fourth, days. Required if frequency is set to monthly */ monthlyOccurrence?: pulumi.Input<string>; /** * The start time to allow the scheduled exclusion in 24 hour format. Format: HH:MM required if allDay is false */ startTime?: pulumi.Input<string>; } export interface FilevantageRuleGroupRule { /** * Depth below the base path to monitor. */ depth?: pulumi.Input<string>; /** * Description of the filevantage rule. */ description: pulumi.Input<string>; /** * Enable content capture for the rule. Requires watch*file*write*changes or watch*key*value*set_changes to be enabled. */ enableContentCapture?: pulumi.Input<boolean>; /** * Represents the files, directories, registry keys, or registry values that will be excluded from monitoring. */ exclude?: pulumi.Input<string>; /** * Represents the changes performed by specific processes that will be excluded from monitoring. */ excludeProcesses?: pulumi.Input<string>; /** * Represents the changes performed by specific users that will be excluded from monitoring. */ excludeUsers?: pulumi.Input<string>; /** * List of file names whose content will be monitored. Listed files must match the file include pattern and not match the file exclude pattern. */ fileNames?: pulumi.Input<pulumi.Input<string>[]>; /** * Identifier for the filevantage rule. */ id?: pulumi.Input<string>; /** * Represents the files, directories, registry keys, or registry values that will be monitored. Defaults to all (*) */ include?: pulumi.Input<string>; /** * Represents the changes performed by specific processes that will be monitored. */ includeProcesses?: pulumi.Input<string>; /** * Represents the changes performed by specific users that will be monitored. */ includeUsers?: pulumi.Input<string>; /** * Representing the file system or registry path to monitor. All paths must end with the path separator, e.g. c:\windows\ for windows and /usr/bin/ for linux/mac. */ path: pulumi.Input<string>; /** * Precedence of the rule in the rule group. */ precedence?: pulumi.Input<number>; /** * List of registry values whose content will be monitored. Listed registry values must match the registry include pattern and not match the registry exclude pattern. */ registryValues?: pulumi.Input<pulumi.Input<string>[]>; /** * Severity to categorize change events produced by this rule. */ severity: pulumi.Input<string>; /** * Monitor directory attribute change events. */ watchDirectoryAttributeChanges?: pulumi.Input<boolean>; /** * Monitor directory creation events. */ watchDirectoryCreateChanges?: pulumi.Input<boolean>; /** * Monitor directory deletion events. */ watchDirectoryDeleteChanges?: pulumi.Input<boolean>; /** * Monitor directory permission change events. */ watchDirectoryPermissionChanges?: pulumi.Input<boolean>; /** * Monitor directory rename events. */ watchDirectoryRenameChanges?: pulumi.Input<boolean>; /** * Monitor file attribute change events. */ watchFileAttributeChanges?: pulumi.Input<boolean>; /** * Monitor file creation events. */ watchFileCreateChanges?: pulumi.Input<boolean>; /** * Monitor file deletion events. */ watchFileDeleteChanges?: pulumi.Input<boolean>; /** * Monitor file permission change events. */ watchFilePermissionChanges?: pulumi.Input<boolean>; /** * Monitor file rename events. */ watchFileRenameChanges?: pulumi.Input<boolean>; /** * Monitor file write events. */ watchFileWriteChanges?: pulumi.Input<boolean>; /** * Monitor registry key creation events. */ watchKeyCreateChanges?: pulumi.Input<boolean>; /** * Monitor registry key deletion events. */ watchKeyDeleteChanges?: pulumi.Input<boolean>; /** * Monitor registry key permission change events. */ watchKeyPermissionsChanges?: pulumi.Input<boolean>; /** * Monitor registry key rename events. */ watchKeyRenameChanges?: pulumi.Input<boolean>; /** * Monitor registry value deletion events. */ watchKeyValueDeleteChanges?: pulumi.Input<boolean>; /** * Monitor registry value set events. */ watchKeyValueSetChanges?: pulumi.Input<boolean>; } export interface PreventionPolicyLinuxCloudAntiMalware { /** * Machine learning level for detection. */ detection: pulumi.Input<string>; /** * Machine learning level for prevention. */ prevention: pulumi.Input<string>; } export interface PreventionPolicyLinuxSensorAntiMalware { /** * Machine learning level for detection. */ detection: pulumi.Input<string>; /** * Machine learning level for prevention. */ prevention: pulumi.Input<string>; } export interface PreventionPolicyMacCloudAdwareAndPup { /** * Machine learning level for detection. */ detection: pulumi.Input<string>; /** * Machine learning level for prevention. */ prevention: pulumi.Input<string>; } export interface PreventionPolicyMacCloudAntiMalware { /** * Machine learning level for detection. */ detection: pulumi.Input<string>; /** * Machine learning level for prevention. */ prevention: pulumi.Input<string>; } export interface PreventionPolicyMacSensorAdwareAndPup { /** * Machine learning level for detection. */ detection: pulumi.Input<string>; /** * Machine learning level for prevention. */ prevention: pulumi.Input<string>; } export interface PreventionPolicyMacSensorAntiMalware { /** * Machine learning level for detection. */ detection: pulumi.Input<string>; /** * Machine learning level for prevention. */ prevention: pulumi.Input<string>; } export interface PreventionPolicyWindowsAdwareAndPup { /** * Machine learning level for detection. */ detection: pulumi.Input<string>; /** * Machine learning level for prevention. */ prevention: pulumi.Input<string>; } export interface PreventionPolicyWindowsCloudAntiMalware { /** * Machine learning level for detection. */ detection: pulumi.Input<string>; /** * Machine learning level for prevention. */ prevention: pulumi.Input<string>; } export interface PreventionPolicyWindowsCloudAntiMalwareMicrosoftOfficeFiles { /** * Machine learning level for detection. */ detection: pulumi.Input<string>; /** * Machine learning level for prevention. */ prevention: pulumi.Input<string>; } export interface PreventionPolicyWindowsCloudAntiMalwareUserInitiated { /** * Machine learning level for detection. */ detection: pulumi.Input<string>; /** * Machine learning level for prevention. */ prevention: pulumi.Input<string>; } export interface PreventionPolicyWindowsExtendedUserModeData { /** * Machine learning level for detection. */ detection: pulumi.Input<string>; } export interface PreventionPolicyWindowsSensorAntiMalware { /** * Machine learning level for detection. */ detection: pulumi.Input<string>; /** * Machine learning level for prevention. */ prevention: pulumi.Input<string>; } export interface PreventionPolicyWindowsSensorAntiMalwareUserInitiated { /** * Machine learning level for detection. */ detection: pulumi.Input<string>; /** * Machine learning level for prevention. */ prevention: pulumi.Input<string>; } export interface SensorUpdatePolicySchedule { /** * Enable the scheduler for sensor update policy. */ enabled: pulumi.Input<boolean>; /** * The time block to prevent sensor updates. Only set when enabled is true. */ timeBlocks?: pulumi.Input<pulumi.Input<inputs.SensorUpdatePolicyScheduleTimeBlock>[]>; /** * The time zones that will be used for the time blocks. Only set when enabled is true. */ timezone?: pulumi.Input<string>; } export interface SensorUpdatePolicyScheduleTimeBlock { /** * The days of the week the time block should be active. */ days: pulumi.Input<pulumi.Input<string>[]>; /** * The end time for the time block in 24HR format. Must be atleast 1 hour more than start_time. */ endTime: pulumi.Input<string>; /** * The start time for the time block in 24HR format. Must be atleast 1 hour before end_time. */ startTime: pulumi.Input<string>; }