sysdig 1.56.1, May 8 25

sysdig 1.56.1 published on Thursday, May 8, 2025 by sysdiglabs

sysdig.getSecureMalwarePolicy

Explore with Pulumi AI

sysdig 1.56.1 published on Thursday, May 8, 2025 by sysdiglabs

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as sysdig from "@pulumi/sysdig";

const example = sysdig.getSecureMalwarePolicy({
    name: "Sysdig Runtime Threat Detection",
});

import pulumi
import pulumi_sysdig as sysdig

example = sysdig.get_secure_malware_policy(name="Sysdig Runtime Threat Detection")

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/sysdig/sysdig"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := sysdig.LookupSecureMalwarePolicy(ctx, &sysdig.LookupSecureMalwarePolicyArgs{
			Name: "Sysdig Runtime Threat Detection",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Sysdig = Pulumi.Sysdig;

return await Deployment.RunAsync(() => 
{
    var example = Sysdig.GetSecureMalwarePolicy.Invoke(new()
    {
        Name = "Sysdig Runtime Threat Detection",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.sysdig.SysdigFunctions;
import com.pulumi.sysdig.inputs.GetSecureMalwarePolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var example = SysdigFunctions.getSecureMalwarePolicy(GetSecureMalwarePolicyArgs.builder()
            .name("Sysdig Runtime Threat Detection")
            .build());

    }
}

variables:
  example:
    fn::invoke:
      function: sysdig:getSecureMalwarePolicy
      arguments:
        name: Sysdig Runtime Threat Detection

Using getSecureMalwarePolicy

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getSecureMalwarePolicy(args: GetSecureMalwarePolicyArgs, opts?: InvokeOptions): Promise<GetSecureMalwarePolicyResult>
function getSecureMalwarePolicyOutput(args: GetSecureMalwarePolicyOutputArgs, opts?: InvokeOptions): Output<GetSecureMalwarePolicyResult>

def get_secure_malware_policy(id: Optional[str] = None,
                              name: Optional[str] = None,
                              timeouts: Optional[GetSecureMalwarePolicyTimeouts] = None,
                              opts: Optional[InvokeOptions] = None) -> GetSecureMalwarePolicyResult
def get_secure_malware_policy_output(id: Optional[pulumi.Input[str]] = None,
                              name: Optional[pulumi.Input[str]] = None,
                              timeouts: Optional[pulumi.Input[GetSecureMalwarePolicyTimeoutsArgs]] = None,
                              opts: Optional[InvokeOptions] = None) -> Output[GetSecureMalwarePolicyResult]

func LookupSecureMalwarePolicy(ctx *Context, args *LookupSecureMalwarePolicyArgs, opts ...InvokeOption) (*LookupSecureMalwarePolicyResult, error)
func LookupSecureMalwarePolicyOutput(ctx *Context, args *LookupSecureMalwarePolicyOutputArgs, opts ...InvokeOption) LookupSecureMalwarePolicyResultOutput

> Note: This function is named LookupSecureMalwarePolicy in the Go SDK.

public static class GetSecureMalwarePolicy 
{
    public static Task<GetSecureMalwarePolicyResult> InvokeAsync(GetSecureMalwarePolicyArgs args, InvokeOptions? opts = null)
    public static Output<GetSecureMalwarePolicyResult> Invoke(GetSecureMalwarePolicyInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetSecureMalwarePolicyResult> getSecureMalwarePolicy(GetSecureMalwarePolicyArgs args, InvokeOptions options)
public static Output<GetSecureMalwarePolicyResult> getSecureMalwarePolicy(GetSecureMalwarePolicyArgs args, InvokeOptions options)

fn::invoke:
  function: sysdig:index/getSecureMalwarePolicy:getSecureMalwarePolicy
  arguments:
    # arguments dictionary

The following arguments are supported:

Name string: The name of the Secure managed policy.
Id string: The id for the policy.
Timeouts GetSecureMalwarePolicyTimeouts

Name string: The name of the Secure managed policy.
Id string: The id for the policy.
Timeouts GetSecureMalwarePolicyTimeouts

name String: The name of the Secure managed policy.
id String: The id for the policy.
timeouts GetSecureMalwarePolicyTimeouts

name string: The name of the Secure managed policy.
id string: The id for the policy.
timeouts GetSecureMalwarePolicyTimeouts

name str: The name of the Secure managed policy.
id str: The id for the policy.
timeouts GetSecureMalwarePolicyTimeouts

name String: The name of the Secure managed policy.
id String: The id for the policy.
timeouts Property Map

getSecureMalwarePolicy Result

The following output properties are available:

Actions List<GetSecureMalwarePolicyAction>
Description string: (Required) The description of the malware rule.
Enabled bool: Whether the policy is enabled or not.
Id string: The id for the policy.
Name string: (Required) The name of the capture file
NotificationChannels List<double>: IDs of the notification channels to send alerts to when the policy is fired.
Rules List<GetSecureMalwarePolicyRule>
Runbook string: Customer provided url that provides a runbook for a given policy.
Scope string: The application scope for the policy.
Severity double: The severity of Secure policy. The accepted values are: 0, 1, 2, 3 (High), 4, 5 (Medium), 6 (Low) and 7 (Info).
Type string
Version double
Timeouts GetSecureMalwarePolicyTimeouts

Actions []GetSecureMalwarePolicyAction
Description string: (Required) The description of the malware rule.
Enabled bool: Whether the policy is enabled or not.
Id string: The id for the policy.
Name string: (Required) The name of the capture file
NotificationChannels []float64: IDs of the notification channels to send alerts to when the policy is fired.
Rules []GetSecureMalwarePolicyRule
Runbook string: Customer provided url that provides a runbook for a given policy.
Scope string: The application scope for the policy.
Severity float64: The severity of Secure policy. The accepted values are: 0, 1, 2, 3 (High), 4, 5 (Medium), 6 (Low) and 7 (Info).
Type string
Version float64
Timeouts GetSecureMalwarePolicyTimeouts

actions List<GetSecureMalwarePolicyAction>
description String: (Required) The description of the malware rule.
enabled Boolean: Whether the policy is enabled or not.
id String: The id for the policy.
name String: (Required) The name of the capture file
notificationChannels List<Double>: IDs of the notification channels to send alerts to when the policy is fired.
rules List<GetSecureMalwarePolicyRule>
runbook String: Customer provided url that provides a runbook for a given policy.
scope String: The application scope for the policy.
severity Double: The severity of Secure policy. The accepted values are: 0, 1, 2, 3 (High), 4, 5 (Medium), 6 (Low) and 7 (Info).
type String
version Double
timeouts GetSecureMalwarePolicyTimeouts

actions GetSecureMalwarePolicyAction[]
description string: (Required) The description of the malware rule.
enabled boolean: Whether the policy is enabled or not.
id string: The id for the policy.
name string: (Required) The name of the capture file
notificationChannels number[]: IDs of the notification channels to send alerts to when the policy is fired.
rules GetSecureMalwarePolicyRule[]
runbook string: Customer provided url that provides a runbook for a given policy.
scope string: The application scope for the policy.
severity number: The severity of Secure policy. The accepted values are: 0, 1, 2, 3 (High), 4, 5 (Medium), 6 (Low) and 7 (Info).
type string
version number
timeouts GetSecureMalwarePolicyTimeouts

actions Sequence[GetSecureMalwarePolicyAction]
description str: (Required) The description of the malware rule.
enabled bool: Whether the policy is enabled or not.
id str: The id for the policy.
name str: (Required) The name of the capture file
notification_channels Sequence[float]: IDs of the notification channels to send alerts to when the policy is fired.
rules Sequence[GetSecureMalwarePolicyRule]
runbook str: Customer provided url that provides a runbook for a given policy.
scope str: The application scope for the policy.
severity float: The severity of Secure policy. The accepted values are: 0, 1, 2, 3 (High), 4, 5 (Medium), 6 (Low) and 7 (Info).
type str
version float
timeouts GetSecureMalwarePolicyTimeouts

actions List<Property Map>
description String: (Required) The description of the malware rule.
enabled Boolean: Whether the policy is enabled or not.
id String: The id for the policy.
name String: (Required) The name of the capture file
notificationChannels List<Number>: IDs of the notification channels to send alerts to when the policy is fired.
rules List<Property Map>
runbook String: Customer provided url that provides a runbook for a given policy.
scope String: The application scope for the policy.
severity Number: The severity of Secure policy. The accepted values are: 0, 1, 2, 3 (High), 4, 5 (Medium), 6 (Low) and 7 (Info).
type String
version Number
timeouts Property Map

Supporting Types

GetSecureMalwarePolicyAction

Captures List<GetSecureMalwarePolicyActionCapture>: (Optional) Captures with Sysdig the stream of system calls:
Container string: (Optional) The action applied to container when this Policy is triggered. Can be stop, pause or kill. If this is not specified, no action will be applied at the container level.
PreventMalware bool: (Optional) Prevent the execution of detected malware and binaries with known hashes.

Captures []GetSecureMalwarePolicyActionCapture: (Optional) Captures with Sysdig the stream of system calls:
Container string: (Optional) The action applied to container when this Policy is triggered. Can be stop, pause or kill. If this is not specified, no action will be applied at the container level.
PreventMalware bool: (Optional) Prevent the execution of detected malware and binaries with known hashes.

captures List<GetSecureMalwarePolicyActionCapture>: (Optional) Captures with Sysdig the stream of system calls:
container String: (Optional) The action applied to container when this Policy is triggered. Can be stop, pause or kill. If this is not specified, no action will be applied at the container level.
preventMalware Boolean: (Optional) Prevent the execution of detected malware and binaries with known hashes.

captures GetSecureMalwarePolicyActionCapture[]: (Optional) Captures with Sysdig the stream of system calls:
container string: (Optional) The action applied to container when this Policy is triggered. Can be stop, pause or kill. If this is not specified, no action will be applied at the container level.
preventMalware boolean: (Optional) Prevent the execution of detected malware and binaries with known hashes.

captures Sequence[GetSecureMalwarePolicyActionCapture]: (Optional) Captures with Sysdig the stream of system calls:
container str: (Optional) The action applied to container when this Policy is triggered. Can be stop, pause or kill. If this is not specified, no action will be applied at the container level.
prevent_malware bool: (Optional) Prevent the execution of detected malware and binaries with known hashes.

captures List<Property Map>: (Optional) Captures with Sysdig the stream of system calls:
container String: (Optional) The action applied to container when this Policy is triggered. Can be stop, pause or kill. If this is not specified, no action will be applied at the container level.
preventMalware Boolean: (Optional) Prevent the execution of detected malware and binaries with known hashes.

GetSecureMalwarePolicyActionCapture

BucketName string: (Optional) Custom bucket to store capture in, bucket should be onboarded in Integrations > S3 Capture Storage. Default is to use Sysdig Secure Storage
Filter string: (Optional) Additional filter to apply to the capture. For example: proc.name=cat
Folder string: (Optional) Name of folder to store capture inside the bucket. By default we will store the capture file at the root of the bucket
Name string: The name of the Secure managed policy.
SecondsAfterEvent double: (Required) Captures the system calls for the amount of seconds after the policy was triggered.
SecondsBeforeEvent double: (Required) Captures the system calls during the amount of seconds before the policy was triggered.

BucketName string: (Optional) Custom bucket to store capture in, bucket should be onboarded in Integrations > S3 Capture Storage. Default is to use Sysdig Secure Storage
Filter string: (Optional) Additional filter to apply to the capture. For example: proc.name=cat
Folder string: (Optional) Name of folder to store capture inside the bucket. By default we will store the capture file at the root of the bucket
Name string: The name of the Secure managed policy.
SecondsAfterEvent float64: (Required) Captures the system calls for the amount of seconds after the policy was triggered.
SecondsBeforeEvent float64: (Required) Captures the system calls during the amount of seconds before the policy was triggered.

bucketName String: (Optional) Custom bucket to store capture in, bucket should be onboarded in Integrations > S3 Capture Storage. Default is to use Sysdig Secure Storage
filter String: (Optional) Additional filter to apply to the capture. For example: proc.name=cat
folder String: (Optional) Name of folder to store capture inside the bucket. By default we will store the capture file at the root of the bucket
name String: The name of the Secure managed policy.
secondsAfterEvent Double: (Required) Captures the system calls for the amount of seconds after the policy was triggered.
secondsBeforeEvent Double: (Required) Captures the system calls during the amount of seconds before the policy was triggered.

bucketName string: (Optional) Custom bucket to store capture in, bucket should be onboarded in Integrations > S3 Capture Storage. Default is to use Sysdig Secure Storage
filter string: (Optional) Additional filter to apply to the capture. For example: proc.name=cat
folder string: (Optional) Name of folder to store capture inside the bucket. By default we will store the capture file at the root of the bucket
name string: The name of the Secure managed policy.
secondsAfterEvent number: (Required) Captures the system calls for the amount of seconds after the policy was triggered.
secondsBeforeEvent number: (Required) Captures the system calls during the amount of seconds before the policy was triggered.

bucket_name str: (Optional) Custom bucket to store capture in, bucket should be onboarded in Integrations > S3 Capture Storage. Default is to use Sysdig Secure Storage
filter str: (Optional) Additional filter to apply to the capture. For example: proc.name=cat
folder str: (Optional) Name of folder to store capture inside the bucket. By default we will store the capture file at the root of the bucket
name str: The name of the Secure managed policy.
seconds_after_event float: (Required) Captures the system calls for the amount of seconds after the policy was triggered.
seconds_before_event float: (Required) Captures the system calls during the amount of seconds before the policy was triggered.

bucketName String: (Optional) Custom bucket to store capture in, bucket should be onboarded in Integrations > S3 Capture Storage. Default is to use Sysdig Secure Storage
filter String: (Optional) Additional filter to apply to the capture. For example: proc.name=cat
folder String: (Optional) Name of folder to store capture inside the bucket. By default we will store the capture file at the root of the bucket
name String: The name of the Secure managed policy.
secondsAfterEvent Number: (Required) Captures the system calls for the amount of seconds after the policy was triggered.
secondsBeforeEvent Number: (Required) Captures the system calls during the amount of seconds before the policy was triggered.

GetSecureMalwarePolicyRule

AdditionalHashes List<GetSecureMalwarePolicyRuleAdditionalHash>: (Optional) The block contains a single hash that should be matched.
Description string: (Required) The description of the malware rule.
Id double: The id for the policy.
IgnoreHashes List<GetSecureMalwarePolicyRuleIgnoreHash>: (Optional) The block contains a single hash that should be matched.
Name string: The name of the Secure managed policy.
Tags List<string>
UseManagedHashes bool: (Required) Should Sysdig's managed hashes be used? The possible values are true or false.
Version double

AdditionalHashes []GetSecureMalwarePolicyRuleAdditionalHash: (Optional) The block contains a single hash that should be matched.
Description string: (Required) The description of the malware rule.
Id float64: The id for the policy.
IgnoreHashes []GetSecureMalwarePolicyRuleIgnoreHash: (Optional) The block contains a single hash that should be matched.
Name string: The name of the Secure managed policy.
Tags []string
UseManagedHashes bool: (Required) Should Sysdig's managed hashes be used? The possible values are true or false.
Version float64

additionalHashes List<GetSecureMalwarePolicyRuleAdditionalHash>: (Optional) The block contains a single hash that should be matched.
description String: (Required) The description of the malware rule.
id Double: The id for the policy.
ignoreHashes List<GetSecureMalwarePolicyRuleIgnoreHash>: (Optional) The block contains a single hash that should be matched.
name String: The name of the Secure managed policy.
tags List<String>
useManagedHashes Boolean: (Required) Should Sysdig's managed hashes be used? The possible values are true or false.
version Double

additionalHashes GetSecureMalwarePolicyRuleAdditionalHash[]: (Optional) The block contains a single hash that should be matched.
description string: (Required) The description of the malware rule.
id number: The id for the policy.
ignoreHashes GetSecureMalwarePolicyRuleIgnoreHash[]: (Optional) The block contains a single hash that should be matched.
name string: The name of the Secure managed policy.
tags string[]
useManagedHashes boolean: (Required) Should Sysdig's managed hashes be used? The possible values are true or false.
version number

additional_hashes Sequence[GetSecureMalwarePolicyRuleAdditionalHash]: (Optional) The block contains a single hash that should be matched.
description str: (Required) The description of the malware rule.
id float: The id for the policy.
ignore_hashes Sequence[GetSecureMalwarePolicyRuleIgnoreHash]: (Optional) The block contains a single hash that should be matched.
name str: The name of the Secure managed policy.
tags Sequence[str]
use_managed_hashes bool: (Required) Should Sysdig's managed hashes be used? The possible values are true or false.
version float

additionalHashes List<Property Map>: (Optional) The block contains a single hash that should be matched.
description String: (Required) The description of the malware rule.
id Number: The id for the policy.
ignoreHashes List<Property Map>: (Optional) The block contains a single hash that should be matched.
name String: The name of the Secure managed policy.
tags List<String>
useManagedHashes Boolean: (Required) Should Sysdig's managed hashes be used? The possible values are true or false.
version Number

GetSecureMalwarePolicyRuleAdditionalHash

Hash string: (Required) The hash value that should be matched.

Hash string: (Required) The hash value that should be matched.

hash String: (Required) The hash value that should be matched.

hash string: (Required) The hash value that should be matched.

hash str: (Required) The hash value that should be matched.

hash String: (Required) The hash value that should be matched.

GetSecureMalwarePolicyRuleIgnoreHash

Hash string: (Required) The hash value that should be matched.

Hash string: (Required) The hash value that should be matched.

hash String: (Required) The hash value that should be matched.

hash string: (Required) The hash value that should be matched.

hash str: (Required) The hash value that should be matched.

hash String: (Required) The hash value that should be matched.

GetSecureMalwarePolicyTimeouts

Read string

Read string

read String

read string

read str

read String

Package Details

Repository: sysdig sysdiglabs/terraform-provider-sysdig
License
Notes: This Pulumi package is based on the sysdig Terraform Provider.

sysdig 1.56.1 published on Thursday, May 8, 2025 by sysdiglabs

sysdiglabs/terraform-provider-sysdig

sysdig.getSecureMalwarePolicy

On this page

On this page

Example Usage

Using getSecureMalwarePolicy

getSecureMalwarePolicy Result

Supporting Types

GetSecureMalwarePolicyAction

GetSecureMalwarePolicyActionCapture

GetSecureMalwarePolicyRule

GetSecureMalwarePolicyRuleAdditionalHash

GetSecureMalwarePolicyRuleIgnoreHash

GetSecureMalwarePolicyTimeouts

Package Details

On this page

On this page