Defender updates (#19665)

* Defender updates * sample * remove old description
Azure · Jul 20, 2022 · 84159c9 · 84159c9
1 parent a434c79
commit 84159c9
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 19 deletions.
diff --git a/...ft.ContainerService/stable/2022-06-01/examples/ManagedClustersCreate_SecurityProfile.json b/...ft.ContainerService/stable/2022-06-01/examples/ManagedClustersCreate_SecurityProfile.json
@@ -48,9 +48,11 @@
           }
         },
         "securityProfile": {
-          "azureDefender": {
-            "enabled": true,
-            "logAnalyticsWorkspaceResourceId": "/subscriptions/SUB_ID/resourcegroups/RG_NAME/providers/microsoft.operationalinsights/workspaces/WORKSPACE_NAME"
+          "defender": {
+            "logAnalyticsWorkspaceResourceId": "/subscriptions/SUB_ID/resourcegroups/RG_NAME/providers/microsoft.operationalinsights/workspaces/WORKSPACE_NAME",
+            "securityMonitoring": {
+              "enabled": true
+            }
           }
         }
       }
@@ -144,9 +146,11 @@
             }
           },
           "securityProfile": {
-            "azureDefender": {
-              "enabled": true,
-              "logAnalyticsWorkspaceResourceId": "/subscriptions/SUB_ID/resourcegroups/RG_NAME/providers/microsoft.operationalinsights/workspaces/WORKSPACE_NAME"
+            "defender": {
+              "logAnalyticsWorkspaceResourceId": "/subscriptions/SUB_ID/resourcegroups/RG_NAME/providers/microsoft.operationalinsights/workspaces/WORKSPACE_NAME",
+              "securityMonitoring": {
+                "enabled": true
+              }
             }
           }
         }
@@ -237,9 +241,11 @@
             }
           },
           "securityProfile": {
-            "azureDefender": {
-              "enabled": true,
-              "logAnalyticsWorkspaceResourceId": "/subscriptions/SUB_ID/resourcegroups/RG_NAME/providers/microsoft.operationalinsights/workspaces/WORKSPACE_NAME"
+            "defender": {
+              "logAnalyticsWorkspaceResourceId": "/subscriptions/SUB_ID/resourcegroups/RG_NAME/providers/microsoft.operationalinsights/workspaces/WORKSPACE_NAME",
+              "securityMonitoring": {
+                "enabled": true
+              }
             }
           }
         }

diff --git a/...ervice/resource-manager/Microsoft.ContainerService/stable/2022-06-01/managedClusters.json b/...ervice/resource-manager/Microsoft.ContainerService/stable/2022-06-01/managedClusters.json
@@ -5466,9 +5466,9 @@
     "ManagedClusterSecurityProfile": {
       "type": "object",
       "properties": {
-        "azureDefender": {
-          "$ref": "#/definitions/ManagedClusterSecurityProfileAzureDefender",
-          "description": "Azure Defender settings for the security profile."
+        "defender": {
+          "$ref": "#/definitions/ManagedClusterSecurityProfileDefender",
+          "description": "Microsoft Defender settings for the security profile."
         },
         "azureKeyVaultKms": {
           "$ref": "#/definitions/AzureKeyVaultKms",
@@ -5527,19 +5527,29 @@
       },
       "description": "Storage profile for the container service cluster."
     },
-    "ManagedClusterSecurityProfileAzureDefender": {
+    "ManagedClusterSecurityProfileDefender": {
       "type": "object",
       "properties": {
-        "enabled": {
-          "type": "boolean",
-          "description": "Whether to enable Azure Defender"
-        },
         "logAnalyticsWorkspaceResourceId": {
           "type": "string",
-          "description": "Resource ID of the Log Analytics workspace to be associated with Azure Defender.  When Azure Defender is enabled, this field is required and must be a valid workspace resource ID. When Azure Defender is disabled, leave the field empty."
+          "description": "Resource ID of the Log Analytics workspace to be associated with Microsoft Defender. When Microsoft Defender is enabled, this field is required and must be a valid workspace resource ID. When Microsoft Defender is disabled, leave the field empty."
+        },
+        "securityMonitoring": {
+          "$ref": "#/definitions/ManagedClusterSecurityProfileDefenderSecurityMonitoring",
+          "description": "Microsoft Defender threat detection for Cloud settings for the security profile."
+        }
+      },
+      "description": "Microsoft Defender settings for the security profile."
+    },
+    "ManagedClusterSecurityProfileDefenderSecurityMonitoring": {
+      "type": "object",
+      "properties": {
+        "enabled": {
+          "type": "boolean",
+          "description": "Whether to enable Defender threat detection"
         }
       },
-      "description": "Azure Defender settings for the security profile."
+      "description": "Microsoft Defender settings for the security profile threat detection."
     },
     "ManagedClusterStorageProfileDiskCSIDriver": {
       "type": "object",