Docs Home Pulumi IaC Pulumi ESC Pulumi Insights Pulumi Cloud Packages Tutorials
  1. Packages
  2. Azure Native v2
  3. API Docs
  4. security
  5. Pricing
These are the docs for Azure Native v2. We recommenend using the latest version, Azure Native v3.
Azure Native v2 v2.90.0 published on Thursday, Mar 27, 2025 by Pulumi
pulumi/pulumi-azure-native

azure-native-v2.security.Pricing

Explore with Pulumi AI

These are the docs for Azure Native v2. We recommenend using the latest version, Azure Native v3.
Azure Native v2 v2.90.0 published on Thursday, Mar 27, 2025 by Pulumi
pulumi/pulumi-azure-native

Microsoft Defender for Cloud is provided in two pricing tiers: free and standard. The standard tier offers advanced security capabilities, while the free tier offers basic security features. Azure REST API version: 2024-01-01.

Example Usage

Update pricing on resource (example for VirtualMachines plan)

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;

return await Deployment.RunAsync(() => 
{
    var pricing = new AzureNative.Security.Pricing("pricing", new()
    {
        PricingName = "virtualMachines",
        PricingTier = AzureNative.Security.PricingTier.Standard,
        ScopeId = "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/DEMO/providers/Microsoft.Compute/virtualMachines/VM-1",
        SubPlan = "P1",
    });

});
Copy
package main

import (
	security "github.com/pulumi/pulumi-azure-native-sdk/security/v2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := security.NewPricing(ctx, "pricing", &security.PricingArgs{
			PricingName: pulumi.String("virtualMachines"),
			PricingTier: pulumi.String(security.PricingTierStandard),
			ScopeId:     pulumi.String("subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/DEMO/providers/Microsoft.Compute/virtualMachines/VM-1"),
			SubPlan:     pulumi.String("P1"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.Pricing;
import com.pulumi.azurenative.security.PricingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var pricing = new Pricing("pricing", PricingArgs.builder()
            .pricingName("virtualMachines")
            .pricingTier("Standard")
            .scopeId("subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/DEMO/providers/Microsoft.Compute/virtualMachines/VM-1")
            .subPlan("P1")
            .build());

    }
}
Copy
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";

const pricing = new azure_native.security.Pricing("pricing", {
    pricingName: "virtualMachines",
    pricingTier: azure_native.security.PricingTier.Standard,
    scopeId: "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/DEMO/providers/Microsoft.Compute/virtualMachines/VM-1",
    subPlan: "P1",
});
Copy
import pulumi
import pulumi_azure_native as azure_native

pricing = azure_native.security.Pricing("pricing",
    pricing_name="virtualMachines",
    pricing_tier=azure_native.security.PricingTier.STANDARD,
    scope_id="subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/DEMO/providers/Microsoft.Compute/virtualMachines/VM-1",
    sub_plan="P1")
Copy
resources:
  pricing:
    type: azure-native:security:Pricing
    properties:
      pricingName: virtualMachines
      pricingTier: Standard
      scopeId: subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/DEMO/providers/Microsoft.Compute/virtualMachines/VM-1
      subPlan: P1
Copy

Update pricing on subscription (example for CloudPosture plan)

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;

return await Deployment.RunAsync(() => 
{
    var pricing = new AzureNative.Security.Pricing("pricing", new()
    {
        PricingName = "CloudPosture",
        PricingTier = AzureNative.Security.PricingTier.Standard,
        ScopeId = "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23",
    });

});
Copy
package main

import (
	security "github.com/pulumi/pulumi-azure-native-sdk/security/v2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := security.NewPricing(ctx, "pricing", &security.PricingArgs{
			PricingName: pulumi.String("CloudPosture"),
			PricingTier: pulumi.String(security.PricingTierStandard),
			ScopeId:     pulumi.String("subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.Pricing;
import com.pulumi.azurenative.security.PricingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var pricing = new Pricing("pricing", PricingArgs.builder()
            .pricingName("CloudPosture")
            .pricingTier("Standard")
            .scopeId("subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23")
            .build());

    }
}
Copy
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";

const pricing = new azure_native.security.Pricing("pricing", {
    pricingName: "CloudPosture",
    pricingTier: azure_native.security.PricingTier.Standard,
    scopeId: "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23",
});
Copy
import pulumi
import pulumi_azure_native as azure_native

pricing = azure_native.security.Pricing("pricing",
    pricing_name="CloudPosture",
    pricing_tier=azure_native.security.PricingTier.STANDARD,
    scope_id="subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23")
Copy
resources:
  pricing:
    type: azure-native:security:Pricing
    properties:
      pricingName: CloudPosture
      pricingTier: Standard
      scopeId: subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23
Copy

Update pricing on subscription (example for CloudPosture plan) - partial success

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;

return await Deployment.RunAsync(() => 
{
    var pricing = new AzureNative.Security.Pricing("pricing", new()
    {
        PricingName = "CloudPosture",
        PricingTier = AzureNative.Security.PricingTier.Standard,
        ScopeId = "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23",
    });

});
Copy
package main

import (
	security "github.com/pulumi/pulumi-azure-native-sdk/security/v2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := security.NewPricing(ctx, "pricing", &security.PricingArgs{
			PricingName: pulumi.String("CloudPosture"),
			PricingTier: pulumi.String(security.PricingTierStandard),
			ScopeId:     pulumi.String("subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.Pricing;
import com.pulumi.azurenative.security.PricingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var pricing = new Pricing("pricing", PricingArgs.builder()
            .pricingName("CloudPosture")
            .pricingTier("Standard")
            .scopeId("subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23")
            .build());

    }
}
Copy
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";

const pricing = new azure_native.security.Pricing("pricing", {
    pricingName: "CloudPosture",
    pricingTier: azure_native.security.PricingTier.Standard,
    scopeId: "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23",
});
Copy
import pulumi
import pulumi_azure_native as azure_native

pricing = azure_native.security.Pricing("pricing",
    pricing_name="CloudPosture",
    pricing_tier=azure_native.security.PricingTier.STANDARD,
    scope_id="subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23")
Copy
resources:
  pricing:
    type: azure-native:security:Pricing
    properties:
      pricingName: CloudPosture
      pricingTier: Standard
      scopeId: subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23
Copy

Update pricing on subscription (example for VirtualMachines plan)

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;

return await Deployment.RunAsync(() => 
{
    var pricing = new AzureNative.Security.Pricing("pricing", new()
    {
        Enforce = AzureNative.Security.Enforce.True,
        PricingName = "VirtualMachines",
        PricingTier = AzureNative.Security.PricingTier.Standard,
        ScopeId = "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23",
        SubPlan = "P2",
    });

});
Copy
package main

import (
	security "github.com/pulumi/pulumi-azure-native-sdk/security/v2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := security.NewPricing(ctx, "pricing", &security.PricingArgs{
			Enforce:     pulumi.String(security.EnforceTrue),
			PricingName: pulumi.String("VirtualMachines"),
			PricingTier: pulumi.String(security.PricingTierStandard),
			ScopeId:     pulumi.String("subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23"),
			SubPlan:     pulumi.String("P2"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.security.Pricing;
import com.pulumi.azurenative.security.PricingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var pricing = new Pricing("pricing", PricingArgs.builder()
            .enforce("True")
            .pricingName("VirtualMachines")
            .pricingTier("Standard")
            .scopeId("subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23")
            .subPlan("P2")
            .build());

    }
}
Copy
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";

const pricing = new azure_native.security.Pricing("pricing", {
    enforce: azure_native.security.Enforce.True,
    pricingName: "VirtualMachines",
    pricingTier: azure_native.security.PricingTier.Standard,
    scopeId: "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23",
    subPlan: "P2",
});
Copy
import pulumi
import pulumi_azure_native as azure_native

pricing = azure_native.security.Pricing("pricing",
    enforce=azure_native.security.Enforce.TRUE,
    pricing_name="VirtualMachines",
    pricing_tier=azure_native.security.PricingTier.STANDARD,
    scope_id="subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23",
    sub_plan="P2")
Copy
resources:
  pricing:
    type: azure-native:security:Pricing
    properties:
      enforce: True
      pricingName: VirtualMachines
      pricingTier: Standard
      scopeId: subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23
      subPlan: P2
Copy

Create Pricing Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Pricing(name: string, args: PricingArgs, opts?: CustomResourceOptions);
@overload
def Pricing(resource_name: str,
            args: PricingArgs,
            opts: Optional[ResourceOptions] = None)

@overload
def Pricing(resource_name: str,
            opts: Optional[ResourceOptions] = None,
            pricing_tier: Optional[Union[str, PricingTier]] = None,
            scope_id: Optional[str] = None,
            enforce: Optional[Union[str, Enforce]] = None,
            extensions: Optional[Sequence[ExtensionArgs]] = None,
            pricing_name: Optional[str] = None,
            sub_plan: Optional[str] = None)
func NewPricing(ctx *Context, name string, args PricingArgs, opts ...ResourceOption) (*Pricing, error)
public Pricing(string name, PricingArgs args, CustomResourceOptions? opts = null)
public Pricing(String name, PricingArgs args)
public Pricing(String name, PricingArgs args, CustomResourceOptions options)

type: azure-native:security:Pricing
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args This property is required. PricingArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args This property is required. PricingArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args This property is required. PricingArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args This property is required. PricingArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. PricingArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var pricingResource = new AzureNative.Security.Pricing("pricingResource", new()
{
    PricingTier = "string",
    ScopeId = "string",
    Enforce = "string",
    Extensions = new[]
    {
        
        {
            { "isEnabled", "string" },
            { "name", "string" },
            { "additionalExtensionProperties", "any" },
        },
    },
    PricingName = "string",
    SubPlan = "string",
});
Copy
example, err := security.NewPricing(ctx, "pricingResource", &security.PricingArgs{
	PricingTier: "string",
	ScopeId:     "string",
	Enforce:     "string",
	Extensions: []map[string]interface{}{
		map[string]interface{}{
			"isEnabled":                     "string",
			"name":                          "string",
			"additionalExtensionProperties": "any",
		},
	},
	PricingName: "string",
	SubPlan:     "string",
})
Copy
var pricingResource = new Pricing("pricingResource", PricingArgs.builder()
    .pricingTier("string")
    .scopeId("string")
    .enforce("string")
    .extensions(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
    .pricingName("string")
    .subPlan("string")
    .build());
Copy
pricing_resource = azure_native.security.Pricing("pricingResource",
    pricing_tier=string,
    scope_id=string,
    enforce=string,
    extensions=[{
        isEnabled: string,
        name: string,
        additionalExtensionProperties: any,
    }],
    pricing_name=string,
    sub_plan=string)
Copy
const pricingResource = new azure_native.security.Pricing("pricingResource", {
    pricingTier: "string",
    scopeId: "string",
    enforce: "string",
    extensions: [{
        isEnabled: "string",
        name: "string",
        additionalExtensionProperties: "any",
    }],
    pricingName: "string",
    subPlan: "string",
});
Copy
type: azure-native:security:Pricing
properties:
    enforce: string
    extensions:
        - additionalExtensionProperties: any
          isEnabled: string
          name: string
    pricingName: string
    pricingTier: string
    scopeId: string
    subPlan: string
Copy

Pricing Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Pricing resource accepts the following input properties:

PricingTier This property is required. string | Pulumi.AzureNative.Security.PricingTier
Indicates whether the Defender plan is enabled on the selected scope. Microsoft Defender for Cloud is provided in two pricing tiers: free and standard. The standard tier offers advanced security capabilities, while the free tier offers basic security features.
ScopeId
This property is required.
Changes to this property will trigger replacement.
string
The scope id of the pricing. Valid scopes are: subscription (format: 'subscriptions/{subscriptionId}'), or a specific resource (format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}) - Supported resources are (VirtualMachines)
Enforce string | Pulumi.AzureNative.Security.Enforce
If set to "False", it allows the descendants of this scope to override the pricing configuration set on this scope (allows setting inherited="False"). If set to "True", it prevents overrides and forces this pricing configuration on all the descendants of this scope. This field is only available for subscription-level pricing.
Extensions List<Pulumi.AzureNative.Security.Inputs.Extension>
Optional. List of extensions offered under a plan.
PricingName Changes to this property will trigger replacement. string
name of the pricing configuration
SubPlan string
The sub-plan selected for a Standard pricing configuration, when more than one sub-plan is available. Each sub-plan enables a set of security features. When not specified, full plan is applied. For VirtualMachines plan, available sub plans are 'P1' & 'P2', where for resource level only 'P1' sub plan is supported.
PricingTier This property is required. string | PricingTier
Indicates whether the Defender plan is enabled on the selected scope. Microsoft Defender for Cloud is provided in two pricing tiers: free and standard. The standard tier offers advanced security capabilities, while the free tier offers basic security features.
ScopeId
This property is required.
Changes to this property will trigger replacement.
string
The scope id of the pricing. Valid scopes are: subscription (format: 'subscriptions/{subscriptionId}'), or a specific resource (format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}) - Supported resources are (VirtualMachines)
Enforce string | Enforce
If set to "False", it allows the descendants of this scope to override the pricing configuration set on this scope (allows setting inherited="False"). If set to "True", it prevents overrides and forces this pricing configuration on all the descendants of this scope. This field is only available for subscription-level pricing.
Extensions []ExtensionArgs
Optional. List of extensions offered under a plan.
PricingName Changes to this property will trigger replacement. string
name of the pricing configuration
SubPlan string
The sub-plan selected for a Standard pricing configuration, when more than one sub-plan is available. Each sub-plan enables a set of security features. When not specified, full plan is applied. For VirtualMachines plan, available sub plans are 'P1' & 'P2', where for resource level only 'P1' sub plan is supported.
pricingTier This property is required. String | PricingTier
Indicates whether the Defender plan is enabled on the selected scope. Microsoft Defender for Cloud is provided in two pricing tiers: free and standard. The standard tier offers advanced security capabilities, while the free tier offers basic security features.
scopeId
This property is required.
Changes to this property will trigger replacement.
String
The scope id of the pricing. Valid scopes are: subscription (format: 'subscriptions/{subscriptionId}'), or a specific resource (format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}) - Supported resources are (VirtualMachines)
enforce String | Enforce
If set to "False", it allows the descendants of this scope to override the pricing configuration set on this scope (allows setting inherited="False"). If set to "True", it prevents overrides and forces this pricing configuration on all the descendants of this scope. This field is only available for subscription-level pricing.
extensions List<Extension>
Optional. List of extensions offered under a plan.
pricingName Changes to this property will trigger replacement. String
name of the pricing configuration
subPlan String
The sub-plan selected for a Standard pricing configuration, when more than one sub-plan is available. Each sub-plan enables a set of security features. When not specified, full plan is applied. For VirtualMachines plan, available sub plans are 'P1' & 'P2', where for resource level only 'P1' sub plan is supported.
pricingTier This property is required. string | PricingTier
Indicates whether the Defender plan is enabled on the selected scope. Microsoft Defender for Cloud is provided in two pricing tiers: free and standard. The standard tier offers advanced security capabilities, while the free tier offers basic security features.
scopeId
This property is required.
Changes to this property will trigger replacement.
string
The scope id of the pricing. Valid scopes are: subscription (format: 'subscriptions/{subscriptionId}'), or a specific resource (format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}) - Supported resources are (VirtualMachines)
enforce string | Enforce
If set to "False", it allows the descendants of this scope to override the pricing configuration set on this scope (allows setting inherited="False"). If set to "True", it prevents overrides and forces this pricing configuration on all the descendants of this scope. This field is only available for subscription-level pricing.
extensions Extension[]
Optional. List of extensions offered under a plan.
pricingName Changes to this property will trigger replacement. string
name of the pricing configuration
subPlan string
The sub-plan selected for a Standard pricing configuration, when more than one sub-plan is available. Each sub-plan enables a set of security features. When not specified, full plan is applied. For VirtualMachines plan, available sub plans are 'P1' & 'P2', where for resource level only 'P1' sub plan is supported.
pricing_tier This property is required. str | PricingTier
Indicates whether the Defender plan is enabled on the selected scope. Microsoft Defender for Cloud is provided in two pricing tiers: free and standard. The standard tier offers advanced security capabilities, while the free tier offers basic security features.
scope_id
This property is required.
Changes to this property will trigger replacement.
str
The scope id of the pricing. Valid scopes are: subscription (format: 'subscriptions/{subscriptionId}'), or a specific resource (format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}) - Supported resources are (VirtualMachines)
enforce str | Enforce
If set to "False", it allows the descendants of this scope to override the pricing configuration set on this scope (allows setting inherited="False"). If set to "True", it prevents overrides and forces this pricing configuration on all the descendants of this scope. This field is only available for subscription-level pricing.
extensions Sequence[ExtensionArgs]
Optional. List of extensions offered under a plan.
pricing_name Changes to this property will trigger replacement. str
name of the pricing configuration
sub_plan str
The sub-plan selected for a Standard pricing configuration, when more than one sub-plan is available. Each sub-plan enables a set of security features. When not specified, full plan is applied. For VirtualMachines plan, available sub plans are 'P1' & 'P2', where for resource level only 'P1' sub plan is supported.
pricingTier This property is required. String | "Free" | "Standard"
Indicates whether the Defender plan is enabled on the selected scope. Microsoft Defender for Cloud is provided in two pricing tiers: free and standard. The standard tier offers advanced security capabilities, while the free tier offers basic security features.
scopeId
This property is required.
Changes to this property will trigger replacement.
String
The scope id of the pricing. Valid scopes are: subscription (format: 'subscriptions/{subscriptionId}'), or a specific resource (format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}) - Supported resources are (VirtualMachines)
enforce String | "False" | "True"
If set to "False", it allows the descendants of this scope to override the pricing configuration set on this scope (allows setting inherited="False"). If set to "True", it prevents overrides and forces this pricing configuration on all the descendants of this scope. This field is only available for subscription-level pricing.
extensions List<Property Map>
Optional. List of extensions offered under a plan.
pricingName Changes to this property will trigger replacement. String
name of the pricing configuration
subPlan String
The sub-plan selected for a Standard pricing configuration, when more than one sub-plan is available. Each sub-plan enables a set of security features. When not specified, full plan is applied. For VirtualMachines plan, available sub plans are 'P1' & 'P2', where for resource level only 'P1' sub plan is supported.

Outputs

All input properties are implicitly available as output properties. Additionally, the Pricing resource produces the following output properties:

Deprecated bool
Optional. True if the plan is deprecated. If there are replacing plans they will appear in replacedBy property
EnablementTime string
Optional. If pricingTier is Standard then this property holds the date of the last time the pricingTier was set to Standard, when available (e.g 2023-03-01T12:42:42.1921106Z).
FreeTrialRemainingTime string
The duration left for the subscriptions free trial period - in ISO 8601 format (e.g. P3Y6M4DT12H30M5S).
Id string
The provider-assigned unique ID for this managed resource.
Inherited string
"inherited" = "True" indicates that the current scope inherits its pricing configuration from its parent. The ID of the parent scope that provides the inherited configuration is displayed in the "inheritedFrom" field. On the other hand, "inherited" = "False" indicates that the current scope has its own pricing configuration explicitly set, and does not inherit from its parent. This field is read only and available only for resource-level pricing.
InheritedFrom string
The id of the scope inherited from. "Null" if not inherited. This field is only available for resource-level pricing.
Name string
Resource name
ReplacedBy List<string>
Optional. List of plans that replace this plan. This property exists only if this plan is deprecated.
ResourcesCoverageStatus string
This field is available for subscription-level only, and reflects the coverage status of the resources under the subscription. Please note: The "pricingTier" field reflects the plan status of the subscription. However, since the plan status can also be defined at the resource level, there might be misalignment between the subscription's plan status and the resource status. This field helps indicate the coverage status of the resources.
Type string
Resource type
Deprecated bool
Optional. True if the plan is deprecated. If there are replacing plans they will appear in replacedBy property
EnablementTime string
Optional. If pricingTier is Standard then this property holds the date of the last time the pricingTier was set to Standard, when available (e.g 2023-03-01T12:42:42.1921106Z).
FreeTrialRemainingTime string
The duration left for the subscriptions free trial period - in ISO 8601 format (e.g. P3Y6M4DT12H30M5S).
Id string
The provider-assigned unique ID for this managed resource.
Inherited string
"inherited" = "True" indicates that the current scope inherits its pricing configuration from its parent. The ID of the parent scope that provides the inherited configuration is displayed in the "inheritedFrom" field. On the other hand, "inherited" = "False" indicates that the current scope has its own pricing configuration explicitly set, and does not inherit from its parent. This field is read only and available only for resource-level pricing.
InheritedFrom string
The id of the scope inherited from. "Null" if not inherited. This field is only available for resource-level pricing.
Name string
Resource name
ReplacedBy []string
Optional. List of plans that replace this plan. This property exists only if this plan is deprecated.
ResourcesCoverageStatus string
This field is available for subscription-level only, and reflects the coverage status of the resources under the subscription. Please note: The "pricingTier" field reflects the plan status of the subscription. However, since the plan status can also be defined at the resource level, there might be misalignment between the subscription's plan status and the resource status. This field helps indicate the coverage status of the resources.
Type string
Resource type
deprecated Boolean
Optional. True if the plan is deprecated. If there are replacing plans they will appear in replacedBy property
enablementTime String
Optional. If pricingTier is Standard then this property holds the date of the last time the pricingTier was set to Standard, when available (e.g 2023-03-01T12:42:42.1921106Z).
freeTrialRemainingTime String
The duration left for the subscriptions free trial period - in ISO 8601 format (e.g. P3Y6M4DT12H30M5S).
id String
The provider-assigned unique ID for this managed resource.
inherited String
"inherited" = "True" indicates that the current scope inherits its pricing configuration from its parent. The ID of the parent scope that provides the inherited configuration is displayed in the "inheritedFrom" field. On the other hand, "inherited" = "False" indicates that the current scope has its own pricing configuration explicitly set, and does not inherit from its parent. This field is read only and available only for resource-level pricing.
inheritedFrom String
The id of the scope inherited from. "Null" if not inherited. This field is only available for resource-level pricing.
name String
Resource name
replacedBy List<String>
Optional. List of plans that replace this plan. This property exists only if this plan is deprecated.
resourcesCoverageStatus String
This field is available for subscription-level only, and reflects the coverage status of the resources under the subscription. Please note: The "pricingTier" field reflects the plan status of the subscription. However, since the plan status can also be defined at the resource level, there might be misalignment between the subscription's plan status and the resource status. This field helps indicate the coverage status of the resources.
type String
Resource type
deprecated boolean
Optional. True if the plan is deprecated. If there are replacing plans they will appear in replacedBy property
enablementTime string
Optional. If pricingTier is Standard then this property holds the date of the last time the pricingTier was set to Standard, when available (e.g 2023-03-01T12:42:42.1921106Z).
freeTrialRemainingTime string
The duration left for the subscriptions free trial period - in ISO 8601 format (e.g. P3Y6M4DT12H30M5S).
id string
The provider-assigned unique ID for this managed resource.
inherited string
"inherited" = "True" indicates that the current scope inherits its pricing configuration from its parent. The ID of the parent scope that provides the inherited configuration is displayed in the "inheritedFrom" field. On the other hand, "inherited" = "False" indicates that the current scope has its own pricing configuration explicitly set, and does not inherit from its parent. This field is read only and available only for resource-level pricing.
inheritedFrom string
The id of the scope inherited from. "Null" if not inherited. This field is only available for resource-level pricing.
name string
Resource name
replacedBy string[]
Optional. List of plans that replace this plan. This property exists only if this plan is deprecated.
resourcesCoverageStatus string
This field is available for subscription-level only, and reflects the coverage status of the resources under the subscription. Please note: The "pricingTier" field reflects the plan status of the subscription. However, since the plan status can also be defined at the resource level, there might be misalignment between the subscription's plan status and the resource status. This field helps indicate the coverage status of the resources.
type string
Resource type
deprecated bool
Optional. True if the plan is deprecated. If there are replacing plans they will appear in replacedBy property
enablement_time str
Optional. If pricingTier is Standard then this property holds the date of the last time the pricingTier was set to Standard, when available (e.g 2023-03-01T12:42:42.1921106Z).
free_trial_remaining_time str
The duration left for the subscriptions free trial period - in ISO 8601 format (e.g. P3Y6M4DT12H30M5S).
id str
The provider-assigned unique ID for this managed resource.
inherited str
"inherited" = "True" indicates that the current scope inherits its pricing configuration from its parent. The ID of the parent scope that provides the inherited configuration is displayed in the "inheritedFrom" field. On the other hand, "inherited" = "False" indicates that the current scope has its own pricing configuration explicitly set, and does not inherit from its parent. This field is read only and available only for resource-level pricing.
inherited_from str
The id of the scope inherited from. "Null" if not inherited. This field is only available for resource-level pricing.
name str
Resource name
replaced_by Sequence[str]
Optional. List of plans that replace this plan. This property exists only if this plan is deprecated.
resources_coverage_status str
This field is available for subscription-level only, and reflects the coverage status of the resources under the subscription. Please note: The "pricingTier" field reflects the plan status of the subscription. However, since the plan status can also be defined at the resource level, there might be misalignment between the subscription's plan status and the resource status. This field helps indicate the coverage status of the resources.
type str
Resource type
deprecated Boolean
Optional. True if the plan is deprecated. If there are replacing plans they will appear in replacedBy property
enablementTime String
Optional. If pricingTier is Standard then this property holds the date of the last time the pricingTier was set to Standard, when available (e.g 2023-03-01T12:42:42.1921106Z).
freeTrialRemainingTime String
The duration left for the subscriptions free trial period - in ISO 8601 format (e.g. P3Y6M4DT12H30M5S).
id String
The provider-assigned unique ID for this managed resource.
inherited String
"inherited" = "True" indicates that the current scope inherits its pricing configuration from its parent. The ID of the parent scope that provides the inherited configuration is displayed in the "inheritedFrom" field. On the other hand, "inherited" = "False" indicates that the current scope has its own pricing configuration explicitly set, and does not inherit from its parent. This field is read only and available only for resource-level pricing.
inheritedFrom String
The id of the scope inherited from. "Null" if not inherited. This field is only available for resource-level pricing.
name String
Resource name
replacedBy List<String>
Optional. List of plans that replace this plan. This property exists only if this plan is deprecated.
resourcesCoverageStatus String
This field is available for subscription-level only, and reflects the coverage status of the resources under the subscription. Please note: The "pricingTier" field reflects the plan status of the subscription. However, since the plan status can also be defined at the resource level, there might be misalignment between the subscription's plan status and the resource status. This field helps indicate the coverage status of the resources.
type String
Resource type

Supporting Types

Enforce
, EnforceArgs

False
FalseAllows the descendants of this scope to override the pricing configuration set on this scope (allows setting inherited="False")
True
TruePrevents overrides and forces the current scope's pricing configuration to all descendants
EnforceFalse
FalseAllows the descendants of this scope to override the pricing configuration set on this scope (allows setting inherited="False")
EnforceTrue
TruePrevents overrides and forces the current scope's pricing configuration to all descendants
False
FalseAllows the descendants of this scope to override the pricing configuration set on this scope (allows setting inherited="False")
True
TruePrevents overrides and forces the current scope's pricing configuration to all descendants
False
FalseAllows the descendants of this scope to override the pricing configuration set on this scope (allows setting inherited="False")
True
TruePrevents overrides and forces the current scope's pricing configuration to all descendants
FALSE
FalseAllows the descendants of this scope to override the pricing configuration set on this scope (allows setting inherited="False")
TRUE
TruePrevents overrides and forces the current scope's pricing configuration to all descendants
"False"
FalseAllows the descendants of this scope to override the pricing configuration set on this scope (allows setting inherited="False")
"True"
TruePrevents overrides and forces the current scope's pricing configuration to all descendants

Extension
, ExtensionArgs

IsEnabled This property is required. string | Pulumi.AzureNative.Security.IsEnabled
Indicates whether the extension is enabled.
Name This property is required. string
The extension name. Supported values are: AgentlessDiscoveryForKubernetes - Provides zero footprint, API-based discovery of Kubernetes clusters, their configurations and deployments. The collected data is used to create a contextualized security graph for Kubernetes clusters, provide risk hunting capabilities, and visualize risks and threats to Kubernetes environments and workloads.Available for CloudPosture plan and Containers plan.OnUploadMalwareScanning - Limits the GB to be scanned per month for each storage account within the subscription. Once this limit reached on a given storage account, Blobs won't be scanned during current calendar month.Available for StorageAccounts plan (DefenderForStorageV2 sub plans).SensitiveDataDiscovery - Sensitive data discovery identifies Blob storage container with sensitive data such as credentials, credit cards, and more, to help prioritize and investigate security events.Available for StorageAccounts plan (DefenderForStorageV2 sub plan) and CloudPosture plan.ContainerRegistriesVulnerabilityAssessments - Provides vulnerability management for images stored in your container registries.Available for CloudPosture plan and Containers plan.MdeDesignatedSubscription - Direct onboarding is a seamless integration between Defender for Endpoint and Defender for Cloud that doesn’t require extra software deployment on your servers. The onboarded resources will be presented under a designated Azure Subscription you configureAvailable for VirtualMachines plan (P1 and P2 sub plans).AgentlessVmScanning - Scans your machines for installed software, vulnerabilities, malware and secret scanning without relying on agents or impacting machine performance. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-agentless-data-collection.Available for CloudPosture plan, VirtualMachines plan (P2 sub plan) and Containers plan.EntraPermissionsManagement - Permissions Management provides Cloud Infrastructure Entitlement Management (CIEM) capabilities that helps organizations to manage and control user access and entitlements in their cloud infrastructure - important attack vector for cloud environments.Permissions Management analyzes all permissions and active usage, and suggests recommendations to reduce permissions to enforce the principle of least privilege. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/permissions-management.Available for CloudPosture plan. FileIntegrityMonitoring - File integrity monitoring (FIM), examines operating system files.Windows registries, Linux system files, in real time, for changes that might indicate an attack.Available for VirtualMachines plan (P2 sub plan). ContainerSensor - The sensor is based on IG and provides a rich threat detection suite for Kubernetes clusters, nodes, and workloads, powered by Microsoft leading threat intelligence, provides mapping to MITRE ATT&CK framework.Available for Containers plan. AIPromptEvidence - Exposes the prompts passed between the user and the AI model as alert evidence. This helps classify and triage the alerts with relevant user context. The prompt snippets will include only segments of the user prompt or model response that were deemed suspicious and relevant for security classifications. The prompt evidence will be available through Defender portal as part of each alert.Available for AI plan.
AdditionalExtensionProperties object
Property values associated with the extension.
IsEnabled This property is required. string | IsEnabled
Indicates whether the extension is enabled.
Name This property is required. string
The extension name. Supported values are: AgentlessDiscoveryForKubernetes - Provides zero footprint, API-based discovery of Kubernetes clusters, their configurations and deployments. The collected data is used to create a contextualized security graph for Kubernetes clusters, provide risk hunting capabilities, and visualize risks and threats to Kubernetes environments and workloads.Available for CloudPosture plan and Containers plan.OnUploadMalwareScanning - Limits the GB to be scanned per month for each storage account within the subscription. Once this limit reached on a given storage account, Blobs won't be scanned during current calendar month.Available for StorageAccounts plan (DefenderForStorageV2 sub plans).SensitiveDataDiscovery - Sensitive data discovery identifies Blob storage container with sensitive data such as credentials, credit cards, and more, to help prioritize and investigate security events.Available for StorageAccounts plan (DefenderForStorageV2 sub plan) and CloudPosture plan.ContainerRegistriesVulnerabilityAssessments - Provides vulnerability management for images stored in your container registries.Available for CloudPosture plan and Containers plan.MdeDesignatedSubscription - Direct onboarding is a seamless integration between Defender for Endpoint and Defender for Cloud that doesn’t require extra software deployment on your servers. The onboarded resources will be presented under a designated Azure Subscription you configureAvailable for VirtualMachines plan (P1 and P2 sub plans).AgentlessVmScanning - Scans your machines for installed software, vulnerabilities, malware and secret scanning without relying on agents or impacting machine performance. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-agentless-data-collection.Available for CloudPosture plan, VirtualMachines plan (P2 sub plan) and Containers plan.EntraPermissionsManagement - Permissions Management provides Cloud Infrastructure Entitlement Management (CIEM) capabilities that helps organizations to manage and control user access and entitlements in their cloud infrastructure - important attack vector for cloud environments.Permissions Management analyzes all permissions and active usage, and suggests recommendations to reduce permissions to enforce the principle of least privilege. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/permissions-management.Available for CloudPosture plan. FileIntegrityMonitoring - File integrity monitoring (FIM), examines operating system files.Windows registries, Linux system files, in real time, for changes that might indicate an attack.Available for VirtualMachines plan (P2 sub plan). ContainerSensor - The sensor is based on IG and provides a rich threat detection suite for Kubernetes clusters, nodes, and workloads, powered by Microsoft leading threat intelligence, provides mapping to MITRE ATT&CK framework.Available for Containers plan. AIPromptEvidence - Exposes the prompts passed between the user and the AI model as alert evidence. This helps classify and triage the alerts with relevant user context. The prompt snippets will include only segments of the user prompt or model response that were deemed suspicious and relevant for security classifications. The prompt evidence will be available through Defender portal as part of each alert.Available for AI plan.
AdditionalExtensionProperties interface{}
Property values associated with the extension.
isEnabled This property is required. String | IsEnabled
Indicates whether the extension is enabled.
name This property is required. String
The extension name. Supported values are: AgentlessDiscoveryForKubernetes - Provides zero footprint, API-based discovery of Kubernetes clusters, their configurations and deployments. The collected data is used to create a contextualized security graph for Kubernetes clusters, provide risk hunting capabilities, and visualize risks and threats to Kubernetes environments and workloads.Available for CloudPosture plan and Containers plan.OnUploadMalwareScanning - Limits the GB to be scanned per month for each storage account within the subscription. Once this limit reached on a given storage account, Blobs won't be scanned during current calendar month.Available for StorageAccounts plan (DefenderForStorageV2 sub plans).SensitiveDataDiscovery - Sensitive data discovery identifies Blob storage container with sensitive data such as credentials, credit cards, and more, to help prioritize and investigate security events.Available for StorageAccounts plan (DefenderForStorageV2 sub plan) and CloudPosture plan.ContainerRegistriesVulnerabilityAssessments - Provides vulnerability management for images stored in your container registries.Available for CloudPosture plan and Containers plan.MdeDesignatedSubscription - Direct onboarding is a seamless integration between Defender for Endpoint and Defender for Cloud that doesn’t require extra software deployment on your servers. The onboarded resources will be presented under a designated Azure Subscription you configureAvailable for VirtualMachines plan (P1 and P2 sub plans).AgentlessVmScanning - Scans your machines for installed software, vulnerabilities, malware and secret scanning without relying on agents or impacting machine performance. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-agentless-data-collection.Available for CloudPosture plan, VirtualMachines plan (P2 sub plan) and Containers plan.EntraPermissionsManagement - Permissions Management provides Cloud Infrastructure Entitlement Management (CIEM) capabilities that helps organizations to manage and control user access and entitlements in their cloud infrastructure - important attack vector for cloud environments.Permissions Management analyzes all permissions and active usage, and suggests recommendations to reduce permissions to enforce the principle of least privilege. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/permissions-management.Available for CloudPosture plan. FileIntegrityMonitoring - File integrity monitoring (FIM), examines operating system files.Windows registries, Linux system files, in real time, for changes that might indicate an attack.Available for VirtualMachines plan (P2 sub plan). ContainerSensor - The sensor is based on IG and provides a rich threat detection suite for Kubernetes clusters, nodes, and workloads, powered by Microsoft leading threat intelligence, provides mapping to MITRE ATT&CK framework.Available for Containers plan. AIPromptEvidence - Exposes the prompts passed between the user and the AI model as alert evidence. This helps classify and triage the alerts with relevant user context. The prompt snippets will include only segments of the user prompt or model response that were deemed suspicious and relevant for security classifications. The prompt evidence will be available through Defender portal as part of each alert.Available for AI plan.
additionalExtensionProperties Object
Property values associated with the extension.
isEnabled This property is required. string | IsEnabled
Indicates whether the extension is enabled.
name This property is required. string
The extension name. Supported values are: AgentlessDiscoveryForKubernetes - Provides zero footprint, API-based discovery of Kubernetes clusters, their configurations and deployments. The collected data is used to create a contextualized security graph for Kubernetes clusters, provide risk hunting capabilities, and visualize risks and threats to Kubernetes environments and workloads.Available for CloudPosture plan and Containers plan.OnUploadMalwareScanning - Limits the GB to be scanned per month for each storage account within the subscription. Once this limit reached on a given storage account, Blobs won't be scanned during current calendar month.Available for StorageAccounts plan (DefenderForStorageV2 sub plans).SensitiveDataDiscovery - Sensitive data discovery identifies Blob storage container with sensitive data such as credentials, credit cards, and more, to help prioritize and investigate security events.Available for StorageAccounts plan (DefenderForStorageV2 sub plan) and CloudPosture plan.ContainerRegistriesVulnerabilityAssessments - Provides vulnerability management for images stored in your container registries.Available for CloudPosture plan and Containers plan.MdeDesignatedSubscription - Direct onboarding is a seamless integration between Defender for Endpoint and Defender for Cloud that doesn’t require extra software deployment on your servers. The onboarded resources will be presented under a designated Azure Subscription you configureAvailable for VirtualMachines plan (P1 and P2 sub plans).AgentlessVmScanning - Scans your machines for installed software, vulnerabilities, malware and secret scanning without relying on agents or impacting machine performance. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-agentless-data-collection.Available for CloudPosture plan, VirtualMachines plan (P2 sub plan) and Containers plan.EntraPermissionsManagement - Permissions Management provides Cloud Infrastructure Entitlement Management (CIEM) capabilities that helps organizations to manage and control user access and entitlements in their cloud infrastructure - important attack vector for cloud environments.Permissions Management analyzes all permissions and active usage, and suggests recommendations to reduce permissions to enforce the principle of least privilege. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/permissions-management.Available for CloudPosture plan. FileIntegrityMonitoring - File integrity monitoring (FIM), examines operating system files.Windows registries, Linux system files, in real time, for changes that might indicate an attack.Available for VirtualMachines plan (P2 sub plan). ContainerSensor - The sensor is based on IG and provides a rich threat detection suite for Kubernetes clusters, nodes, and workloads, powered by Microsoft leading threat intelligence, provides mapping to MITRE ATT&CK framework.Available for Containers plan. AIPromptEvidence - Exposes the prompts passed between the user and the AI model as alert evidence. This helps classify and triage the alerts with relevant user context. The prompt snippets will include only segments of the user prompt or model response that were deemed suspicious and relevant for security classifications. The prompt evidence will be available through Defender portal as part of each alert.Available for AI plan.
additionalExtensionProperties any
Property values associated with the extension.
is_enabled This property is required. str | IsEnabled
Indicates whether the extension is enabled.
name This property is required. str
The extension name. Supported values are: AgentlessDiscoveryForKubernetes - Provides zero footprint, API-based discovery of Kubernetes clusters, their configurations and deployments. The collected data is used to create a contextualized security graph for Kubernetes clusters, provide risk hunting capabilities, and visualize risks and threats to Kubernetes environments and workloads.Available for CloudPosture plan and Containers plan.OnUploadMalwareScanning - Limits the GB to be scanned per month for each storage account within the subscription. Once this limit reached on a given storage account, Blobs won't be scanned during current calendar month.Available for StorageAccounts plan (DefenderForStorageV2 sub plans).SensitiveDataDiscovery - Sensitive data discovery identifies Blob storage container with sensitive data such as credentials, credit cards, and more, to help prioritize and investigate security events.Available for StorageAccounts plan (DefenderForStorageV2 sub plan) and CloudPosture plan.ContainerRegistriesVulnerabilityAssessments - Provides vulnerability management for images stored in your container registries.Available for CloudPosture plan and Containers plan.MdeDesignatedSubscription - Direct onboarding is a seamless integration between Defender for Endpoint and Defender for Cloud that doesn’t require extra software deployment on your servers. The onboarded resources will be presented under a designated Azure Subscription you configureAvailable for VirtualMachines plan (P1 and P2 sub plans).AgentlessVmScanning - Scans your machines for installed software, vulnerabilities, malware and secret scanning without relying on agents or impacting machine performance. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-agentless-data-collection.Available for CloudPosture plan, VirtualMachines plan (P2 sub plan) and Containers plan.EntraPermissionsManagement - Permissions Management provides Cloud Infrastructure Entitlement Management (CIEM) capabilities that helps organizations to manage and control user access and entitlements in their cloud infrastructure - important attack vector for cloud environments.Permissions Management analyzes all permissions and active usage, and suggests recommendations to reduce permissions to enforce the principle of least privilege. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/permissions-management.Available for CloudPosture plan. FileIntegrityMonitoring - File integrity monitoring (FIM), examines operating system files.Windows registries, Linux system files, in real time, for changes that might indicate an attack.Available for VirtualMachines plan (P2 sub plan). ContainerSensor - The sensor is based on IG and provides a rich threat detection suite for Kubernetes clusters, nodes, and workloads, powered by Microsoft leading threat intelligence, provides mapping to MITRE ATT&CK framework.Available for Containers plan. AIPromptEvidence - Exposes the prompts passed between the user and the AI model as alert evidence. This helps classify and triage the alerts with relevant user context. The prompt snippets will include only segments of the user prompt or model response that were deemed suspicious and relevant for security classifications. The prompt evidence will be available through Defender portal as part of each alert.Available for AI plan.
additional_extension_properties Any
Property values associated with the extension.
isEnabled This property is required. String | "True" | "False"
Indicates whether the extension is enabled.
name This property is required. String
The extension name. Supported values are: AgentlessDiscoveryForKubernetes - Provides zero footprint, API-based discovery of Kubernetes clusters, their configurations and deployments. The collected data is used to create a contextualized security graph for Kubernetes clusters, provide risk hunting capabilities, and visualize risks and threats to Kubernetes environments and workloads.Available for CloudPosture plan and Containers plan.OnUploadMalwareScanning - Limits the GB to be scanned per month for each storage account within the subscription. Once this limit reached on a given storage account, Blobs won't be scanned during current calendar month.Available for StorageAccounts plan (DefenderForStorageV2 sub plans).SensitiveDataDiscovery - Sensitive data discovery identifies Blob storage container with sensitive data such as credentials, credit cards, and more, to help prioritize and investigate security events.Available for StorageAccounts plan (DefenderForStorageV2 sub plan) and CloudPosture plan.ContainerRegistriesVulnerabilityAssessments - Provides vulnerability management for images stored in your container registries.Available for CloudPosture plan and Containers plan.MdeDesignatedSubscription - Direct onboarding is a seamless integration between Defender for Endpoint and Defender for Cloud that doesn’t require extra software deployment on your servers. The onboarded resources will be presented under a designated Azure Subscription you configureAvailable for VirtualMachines plan (P1 and P2 sub plans).AgentlessVmScanning - Scans your machines for installed software, vulnerabilities, malware and secret scanning without relying on agents or impacting machine performance. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-agentless-data-collection.Available for CloudPosture plan, VirtualMachines plan (P2 sub plan) and Containers plan.EntraPermissionsManagement - Permissions Management provides Cloud Infrastructure Entitlement Management (CIEM) capabilities that helps organizations to manage and control user access and entitlements in their cloud infrastructure - important attack vector for cloud environments.Permissions Management analyzes all permissions and active usage, and suggests recommendations to reduce permissions to enforce the principle of least privilege. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/permissions-management.Available for CloudPosture plan. FileIntegrityMonitoring - File integrity monitoring (FIM), examines operating system files.Windows registries, Linux system files, in real time, for changes that might indicate an attack.Available for VirtualMachines plan (P2 sub plan). ContainerSensor - The sensor is based on IG and provides a rich threat detection suite for Kubernetes clusters, nodes, and workloads, powered by Microsoft leading threat intelligence, provides mapping to MITRE ATT&CK framework.Available for Containers plan. AIPromptEvidence - Exposes the prompts passed between the user and the AI model as alert evidence. This helps classify and triage the alerts with relevant user context. The prompt snippets will include only segments of the user prompt or model response that were deemed suspicious and relevant for security classifications. The prompt evidence will be available through Defender portal as part of each alert.Available for AI plan.
additionalExtensionProperties Any
Property values associated with the extension.

ExtensionResponse
, ExtensionResponseArgs

IsEnabled This property is required. string
Indicates whether the extension is enabled.
Name This property is required. string
The extension name. Supported values are: AgentlessDiscoveryForKubernetes - Provides zero footprint, API-based discovery of Kubernetes clusters, their configurations and deployments. The collected data is used to create a contextualized security graph for Kubernetes clusters, provide risk hunting capabilities, and visualize risks and threats to Kubernetes environments and workloads.Available for CloudPosture plan and Containers plan.OnUploadMalwareScanning - Limits the GB to be scanned per month for each storage account within the subscription. Once this limit reached on a given storage account, Blobs won't be scanned during current calendar month.Available for StorageAccounts plan (DefenderForStorageV2 sub plans).SensitiveDataDiscovery - Sensitive data discovery identifies Blob storage container with sensitive data such as credentials, credit cards, and more, to help prioritize and investigate security events.Available for StorageAccounts plan (DefenderForStorageV2 sub plan) and CloudPosture plan.ContainerRegistriesVulnerabilityAssessments - Provides vulnerability management for images stored in your container registries.Available for CloudPosture plan and Containers plan.MdeDesignatedSubscription - Direct onboarding is a seamless integration between Defender for Endpoint and Defender for Cloud that doesn’t require extra software deployment on your servers. The onboarded resources will be presented under a designated Azure Subscription you configureAvailable for VirtualMachines plan (P1 and P2 sub plans).AgentlessVmScanning - Scans your machines for installed software, vulnerabilities, malware and secret scanning without relying on agents or impacting machine performance. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-agentless-data-collection.Available for CloudPosture plan, VirtualMachines plan (P2 sub plan) and Containers plan.EntraPermissionsManagement - Permissions Management provides Cloud Infrastructure Entitlement Management (CIEM) capabilities that helps organizations to manage and control user access and entitlements in their cloud infrastructure - important attack vector for cloud environments.Permissions Management analyzes all permissions and active usage, and suggests recommendations to reduce permissions to enforce the principle of least privilege. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/permissions-management.Available for CloudPosture plan. FileIntegrityMonitoring - File integrity monitoring (FIM), examines operating system files.Windows registries, Linux system files, in real time, for changes that might indicate an attack.Available for VirtualMachines plan (P2 sub plan). ContainerSensor - The sensor is based on IG and provides a rich threat detection suite for Kubernetes clusters, nodes, and workloads, powered by Microsoft leading threat intelligence, provides mapping to MITRE ATT&CK framework.Available for Containers plan. AIPromptEvidence - Exposes the prompts passed between the user and the AI model as alert evidence. This helps classify and triage the alerts with relevant user context. The prompt snippets will include only segments of the user prompt or model response that were deemed suspicious and relevant for security classifications. The prompt evidence will be available through Defender portal as part of each alert.Available for AI plan.
OperationStatus This property is required. Pulumi.AzureNative.Security.Inputs.OperationStatusResponse
Optional. A status describing the success/failure of the extension's enablement/disablement operation.
AdditionalExtensionProperties object
Property values associated with the extension.
IsEnabled This property is required. string
Indicates whether the extension is enabled.
Name This property is required. string
The extension name. Supported values are: AgentlessDiscoveryForKubernetes - Provides zero footprint, API-based discovery of Kubernetes clusters, their configurations and deployments. The collected data is used to create a contextualized security graph for Kubernetes clusters, provide risk hunting capabilities, and visualize risks and threats to Kubernetes environments and workloads.Available for CloudPosture plan and Containers plan.OnUploadMalwareScanning - Limits the GB to be scanned per month for each storage account within the subscription. Once this limit reached on a given storage account, Blobs won't be scanned during current calendar month.Available for StorageAccounts plan (DefenderForStorageV2 sub plans).SensitiveDataDiscovery - Sensitive data discovery identifies Blob storage container with sensitive data such as credentials, credit cards, and more, to help prioritize and investigate security events.Available for StorageAccounts plan (DefenderForStorageV2 sub plan) and CloudPosture plan.ContainerRegistriesVulnerabilityAssessments - Provides vulnerability management for images stored in your container registries.Available for CloudPosture plan and Containers plan.MdeDesignatedSubscription - Direct onboarding is a seamless integration between Defender for Endpoint and Defender for Cloud that doesn’t require extra software deployment on your servers. The onboarded resources will be presented under a designated Azure Subscription you configureAvailable for VirtualMachines plan (P1 and P2 sub plans).AgentlessVmScanning - Scans your machines for installed software, vulnerabilities, malware and secret scanning without relying on agents or impacting machine performance. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-agentless-data-collection.Available for CloudPosture plan, VirtualMachines plan (P2 sub plan) and Containers plan.EntraPermissionsManagement - Permissions Management provides Cloud Infrastructure Entitlement Management (CIEM) capabilities that helps organizations to manage and control user access and entitlements in their cloud infrastructure - important attack vector for cloud environments.Permissions Management analyzes all permissions and active usage, and suggests recommendations to reduce permissions to enforce the principle of least privilege. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/permissions-management.Available for CloudPosture plan. FileIntegrityMonitoring - File integrity monitoring (FIM), examines operating system files.Windows registries, Linux system files, in real time, for changes that might indicate an attack.Available for VirtualMachines plan (P2 sub plan). ContainerSensor - The sensor is based on IG and provides a rich threat detection suite for Kubernetes clusters, nodes, and workloads, powered by Microsoft leading threat intelligence, provides mapping to MITRE ATT&CK framework.Available for Containers plan. AIPromptEvidence - Exposes the prompts passed between the user and the AI model as alert evidence. This helps classify and triage the alerts with relevant user context. The prompt snippets will include only segments of the user prompt or model response that were deemed suspicious and relevant for security classifications. The prompt evidence will be available through Defender portal as part of each alert.Available for AI plan.
OperationStatus This property is required. OperationStatusResponse
Optional. A status describing the success/failure of the extension's enablement/disablement operation.
AdditionalExtensionProperties interface{}
Property values associated with the extension.
isEnabled This property is required. String
Indicates whether the extension is enabled.
name This property is required. String
The extension name. Supported values are: AgentlessDiscoveryForKubernetes - Provides zero footprint, API-based discovery of Kubernetes clusters, their configurations and deployments. The collected data is used to create a contextualized security graph for Kubernetes clusters, provide risk hunting capabilities, and visualize risks and threats to Kubernetes environments and workloads.Available for CloudPosture plan and Containers plan.OnUploadMalwareScanning - Limits the GB to be scanned per month for each storage account within the subscription. Once this limit reached on a given storage account, Blobs won't be scanned during current calendar month.Available for StorageAccounts plan (DefenderForStorageV2 sub plans).SensitiveDataDiscovery - Sensitive data discovery identifies Blob storage container with sensitive data such as credentials, credit cards, and more, to help prioritize and investigate security events.Available for StorageAccounts plan (DefenderForStorageV2 sub plan) and CloudPosture plan.ContainerRegistriesVulnerabilityAssessments - Provides vulnerability management for images stored in your container registries.Available for CloudPosture plan and Containers plan.MdeDesignatedSubscription - Direct onboarding is a seamless integration between Defender for Endpoint and Defender for Cloud that doesn’t require extra software deployment on your servers. The onboarded resources will be presented under a designated Azure Subscription you configureAvailable for VirtualMachines plan (P1 and P2 sub plans).AgentlessVmScanning - Scans your machines for installed software, vulnerabilities, malware and secret scanning without relying on agents or impacting machine performance. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-agentless-data-collection.Available for CloudPosture plan, VirtualMachines plan (P2 sub plan) and Containers plan.EntraPermissionsManagement - Permissions Management provides Cloud Infrastructure Entitlement Management (CIEM) capabilities that helps organizations to manage and control user access and entitlements in their cloud infrastructure - important attack vector for cloud environments.Permissions Management analyzes all permissions and active usage, and suggests recommendations to reduce permissions to enforce the principle of least privilege. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/permissions-management.Available for CloudPosture plan. FileIntegrityMonitoring - File integrity monitoring (FIM), examines operating system files.Windows registries, Linux system files, in real time, for changes that might indicate an attack.Available for VirtualMachines plan (P2 sub plan). ContainerSensor - The sensor is based on IG and provides a rich threat detection suite for Kubernetes clusters, nodes, and workloads, powered by Microsoft leading threat intelligence, provides mapping to MITRE ATT&CK framework.Available for Containers plan. AIPromptEvidence - Exposes the prompts passed between the user and the AI model as alert evidence. This helps classify and triage the alerts with relevant user context. The prompt snippets will include only segments of the user prompt or model response that were deemed suspicious and relevant for security classifications. The prompt evidence will be available through Defender portal as part of each alert.Available for AI plan.
operationStatus This property is required. OperationStatusResponse
Optional. A status describing the success/failure of the extension's enablement/disablement operation.
additionalExtensionProperties Object
Property values associated with the extension.
isEnabled This property is required. string
Indicates whether the extension is enabled.
name This property is required. string
The extension name. Supported values are: AgentlessDiscoveryForKubernetes - Provides zero footprint, API-based discovery of Kubernetes clusters, their configurations and deployments. The collected data is used to create a contextualized security graph for Kubernetes clusters, provide risk hunting capabilities, and visualize risks and threats to Kubernetes environments and workloads.Available for CloudPosture plan and Containers plan.OnUploadMalwareScanning - Limits the GB to be scanned per month for each storage account within the subscription. Once this limit reached on a given storage account, Blobs won't be scanned during current calendar month.Available for StorageAccounts plan (DefenderForStorageV2 sub plans).SensitiveDataDiscovery - Sensitive data discovery identifies Blob storage container with sensitive data such as credentials, credit cards, and more, to help prioritize and investigate security events.Available for StorageAccounts plan (DefenderForStorageV2 sub plan) and CloudPosture plan.ContainerRegistriesVulnerabilityAssessments - Provides vulnerability management for images stored in your container registries.Available for CloudPosture plan and Containers plan.MdeDesignatedSubscription - Direct onboarding is a seamless integration between Defender for Endpoint and Defender for Cloud that doesn’t require extra software deployment on your servers. The onboarded resources will be presented under a designated Azure Subscription you configureAvailable for VirtualMachines plan (P1 and P2 sub plans).AgentlessVmScanning - Scans your machines for installed software, vulnerabilities, malware and secret scanning without relying on agents or impacting machine performance. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-agentless-data-collection.Available for CloudPosture plan, VirtualMachines plan (P2 sub plan) and Containers plan.EntraPermissionsManagement - Permissions Management provides Cloud Infrastructure Entitlement Management (CIEM) capabilities that helps organizations to manage and control user access and entitlements in their cloud infrastructure - important attack vector for cloud environments.Permissions Management analyzes all permissions and active usage, and suggests recommendations to reduce permissions to enforce the principle of least privilege. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/permissions-management.Available for CloudPosture plan. FileIntegrityMonitoring - File integrity monitoring (FIM), examines operating system files.Windows registries, Linux system files, in real time, for changes that might indicate an attack.Available for VirtualMachines plan (P2 sub plan). ContainerSensor - The sensor is based on IG and provides a rich threat detection suite for Kubernetes clusters, nodes, and workloads, powered by Microsoft leading threat intelligence, provides mapping to MITRE ATT&CK framework.Available for Containers plan. AIPromptEvidence - Exposes the prompts passed between the user and the AI model as alert evidence. This helps classify and triage the alerts with relevant user context. The prompt snippets will include only segments of the user prompt or model response that were deemed suspicious and relevant for security classifications. The prompt evidence will be available through Defender portal as part of each alert.Available for AI plan.
operationStatus This property is required. OperationStatusResponse
Optional. A status describing the success/failure of the extension's enablement/disablement operation.
additionalExtensionProperties any
Property values associated with the extension.
is_enabled This property is required. str
Indicates whether the extension is enabled.
name This property is required. str
The extension name. Supported values are: AgentlessDiscoveryForKubernetes - Provides zero footprint, API-based discovery of Kubernetes clusters, their configurations and deployments. The collected data is used to create a contextualized security graph for Kubernetes clusters, provide risk hunting capabilities, and visualize risks and threats to Kubernetes environments and workloads.Available for CloudPosture plan and Containers plan.OnUploadMalwareScanning - Limits the GB to be scanned per month for each storage account within the subscription. Once this limit reached on a given storage account, Blobs won't be scanned during current calendar month.Available for StorageAccounts plan (DefenderForStorageV2 sub plans).SensitiveDataDiscovery - Sensitive data discovery identifies Blob storage container with sensitive data such as credentials, credit cards, and more, to help prioritize and investigate security events.Available for StorageAccounts plan (DefenderForStorageV2 sub plan) and CloudPosture plan.ContainerRegistriesVulnerabilityAssessments - Provides vulnerability management for images stored in your container registries.Available for CloudPosture plan and Containers plan.MdeDesignatedSubscription - Direct onboarding is a seamless integration between Defender for Endpoint and Defender for Cloud that doesn’t require extra software deployment on your servers. The onboarded resources will be presented under a designated Azure Subscription you configureAvailable for VirtualMachines plan (P1 and P2 sub plans).AgentlessVmScanning - Scans your machines for installed software, vulnerabilities, malware and secret scanning without relying on agents or impacting machine performance. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-agentless-data-collection.Available for CloudPosture plan, VirtualMachines plan (P2 sub plan) and Containers plan.EntraPermissionsManagement - Permissions Management provides Cloud Infrastructure Entitlement Management (CIEM) capabilities that helps organizations to manage and control user access and entitlements in their cloud infrastructure - important attack vector for cloud environments.Permissions Management analyzes all permissions and active usage, and suggests recommendations to reduce permissions to enforce the principle of least privilege. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/permissions-management.Available for CloudPosture plan. FileIntegrityMonitoring - File integrity monitoring (FIM), examines operating system files.Windows registries, Linux system files, in real time, for changes that might indicate an attack.Available for VirtualMachines plan (P2 sub plan). ContainerSensor - The sensor is based on IG and provides a rich threat detection suite for Kubernetes clusters, nodes, and workloads, powered by Microsoft leading threat intelligence, provides mapping to MITRE ATT&CK framework.Available for Containers plan. AIPromptEvidence - Exposes the prompts passed between the user and the AI model as alert evidence. This helps classify and triage the alerts with relevant user context. The prompt snippets will include only segments of the user prompt or model response that were deemed suspicious and relevant for security classifications. The prompt evidence will be available through Defender portal as part of each alert.Available for AI plan.
operation_status This property is required. OperationStatusResponse
Optional. A status describing the success/failure of the extension's enablement/disablement operation.
additional_extension_properties Any
Property values associated with the extension.
isEnabled This property is required. String
Indicates whether the extension is enabled.
name This property is required. String
The extension name. Supported values are: AgentlessDiscoveryForKubernetes - Provides zero footprint, API-based discovery of Kubernetes clusters, their configurations and deployments. The collected data is used to create a contextualized security graph for Kubernetes clusters, provide risk hunting capabilities, and visualize risks and threats to Kubernetes environments and workloads.Available for CloudPosture plan and Containers plan.OnUploadMalwareScanning - Limits the GB to be scanned per month for each storage account within the subscription. Once this limit reached on a given storage account, Blobs won't be scanned during current calendar month.Available for StorageAccounts plan (DefenderForStorageV2 sub plans).SensitiveDataDiscovery - Sensitive data discovery identifies Blob storage container with sensitive data such as credentials, credit cards, and more, to help prioritize and investigate security events.Available for StorageAccounts plan (DefenderForStorageV2 sub plan) and CloudPosture plan.ContainerRegistriesVulnerabilityAssessments - Provides vulnerability management for images stored in your container registries.Available for CloudPosture plan and Containers plan.MdeDesignatedSubscription - Direct onboarding is a seamless integration between Defender for Endpoint and Defender for Cloud that doesn’t require extra software deployment on your servers. The onboarded resources will be presented under a designated Azure Subscription you configureAvailable for VirtualMachines plan (P1 and P2 sub plans).AgentlessVmScanning - Scans your machines for installed software, vulnerabilities, malware and secret scanning without relying on agents or impacting machine performance. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-agentless-data-collection.Available for CloudPosture plan, VirtualMachines plan (P2 sub plan) and Containers plan.EntraPermissionsManagement - Permissions Management provides Cloud Infrastructure Entitlement Management (CIEM) capabilities that helps organizations to manage and control user access and entitlements in their cloud infrastructure - important attack vector for cloud environments.Permissions Management analyzes all permissions and active usage, and suggests recommendations to reduce permissions to enforce the principle of least privilege. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/permissions-management.Available for CloudPosture plan. FileIntegrityMonitoring - File integrity monitoring (FIM), examines operating system files.Windows registries, Linux system files, in real time, for changes that might indicate an attack.Available for VirtualMachines plan (P2 sub plan). ContainerSensor - The sensor is based on IG and provides a rich threat detection suite for Kubernetes clusters, nodes, and workloads, powered by Microsoft leading threat intelligence, provides mapping to MITRE ATT&CK framework.Available for Containers plan. AIPromptEvidence - Exposes the prompts passed between the user and the AI model as alert evidence. This helps classify and triage the alerts with relevant user context. The prompt snippets will include only segments of the user prompt or model response that were deemed suspicious and relevant for security classifications. The prompt evidence will be available through Defender portal as part of each alert.Available for AI plan.
operationStatus This property is required. Property Map
Optional. A status describing the success/failure of the extension's enablement/disablement operation.
additionalExtensionProperties Any
Property values associated with the extension.

IsEnabled
, IsEnabledArgs

True
TrueIndicates the extension is enabled
False
FalseIndicates the extension is disabled
IsEnabledTrue
TrueIndicates the extension is enabled
IsEnabledFalse
FalseIndicates the extension is disabled
True
TrueIndicates the extension is enabled
False
FalseIndicates the extension is disabled
True
TrueIndicates the extension is enabled
False
FalseIndicates the extension is disabled
TRUE
TrueIndicates the extension is enabled
FALSE
FalseIndicates the extension is disabled
"True"
TrueIndicates the extension is enabled
"False"
FalseIndicates the extension is disabled

OperationStatusResponse
, OperationStatusResponseArgs

Code string
The operation status code.
Message string
Additional information regarding the success/failure of the operation.
Code string
The operation status code.
Message string
Additional information regarding the success/failure of the operation.
code String
The operation status code.
message String
Additional information regarding the success/failure of the operation.
code string
The operation status code.
message string
Additional information regarding the success/failure of the operation.
code str
The operation status code.
message str
Additional information regarding the success/failure of the operation.
code String
The operation status code.
message String
Additional information regarding the success/failure of the operation.

PricingTier
, PricingTierArgs

Free
FreeGet free Microsoft Defender for Cloud experience with basic security features
Standard
StandardGet the standard Microsoft Defender for Cloud experience with advanced security features
PricingTierFree
FreeGet free Microsoft Defender for Cloud experience with basic security features
PricingTierStandard
StandardGet the standard Microsoft Defender for Cloud experience with advanced security features
Free
FreeGet free Microsoft Defender for Cloud experience with basic security features
Standard
StandardGet the standard Microsoft Defender for Cloud experience with advanced security features
Free
FreeGet free Microsoft Defender for Cloud experience with basic security features
Standard
StandardGet the standard Microsoft Defender for Cloud experience with advanced security features
FREE
FreeGet free Microsoft Defender for Cloud experience with basic security features
STANDARD
StandardGet the standard Microsoft Defender for Cloud experience with advanced security features
"Free"
FreeGet free Microsoft Defender for Cloud experience with basic security features
"Standard"
StandardGet the standard Microsoft Defender for Cloud experience with advanced security features

Import

An existing resource can be imported using its type token, name, and identifier, e.g.

$ pulumi import azure-native:security:Pricing VirtualMachines /{scopeId}/providers/Microsoft.Security/pricings/{pricingName}
Copy

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository
azure-native-v2 pulumi/pulumi-azure-native
License
Apache-2.0
These are the docs for Azure Native v2. We recommenend using the latest version, Azure Native v3.
Azure Native v2 v2.90.0 published on Thursday, Mar 27, 2025 by Pulumi
pulumi/pulumi-azure-native