Docs Home
Datadog v4.47.0 published on Thursday, Mar 20, 2025 by Pulumi
datadog.SecurityNotificationRule
Explore with Pulumi AI
Provides a Datadog Security Monitoring Notification Rule API resource for creating and managing Datadog security notification rules.
Example Usage
Coming soon!
Coming soon!
Coming soon!
Coming soon!
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.datadog.SecurityNotificationRule;
import com.pulumi.datadog.SecurityNotificationRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var signalRule = new SecurityNotificationRule("signalRule", SecurityNotificationRuleArgs.builder()
.name("My signal notification rule")
.selectors(SecurityNotificationRuleSelectorsArgs.builder()
.triggerSource("security_signals")
.ruleTypes("workload_security")
.query("env:prod")
.build())
.enabled(false)
.targets(
"@bob@email.com",
"@alice@email.com")
.build());
var vulnerabilityRule = new SecurityNotificationRule("vulnerabilityRule", SecurityNotificationRuleArgs.builder()
.name("My vulnerability notification rule")
.selectors(SecurityNotificationRuleSelectorsArgs.builder()
.triggerSource("security_findings")
.ruleTypes(
"application_library_vulnerability",
"identity_risk")
.severities(
"critical",
"high")
.build())
.timeAggregation(36000)
.targets("@john@email.com")
.build());
}
}
resources:
signalRule:
type: datadog:SecurityNotificationRule
name: signal_rule
properties:
name: My signal notification rule
selectors:
- triggerSource: security_signals
ruleTypes:
- workload_security
query: env:prod
enabled: false
targets:
- '@bob@email.com'
- '@alice@email.com'
vulnerabilityRule:
type: datadog:SecurityNotificationRule
name: vulnerability_rule
properties:
name: My vulnerability notification rule
selectors:
- triggerSource: security_findings
ruleTypes:
- application_library_vulnerability
- identity_risk
severities:
- critical
- high
timeAggregation: 36000
targets:
- '@john@email.com'
Create SecurityNotificationRule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new SecurityNotificationRule(name: string, args: SecurityNotificationRuleArgs, opts?: CustomResourceOptions);@overload
def SecurityNotificationRule(resource_name: str,
args: SecurityNotificationRuleArgs,
opts: Optional[ResourceOptions] = None)
@overload
def SecurityNotificationRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
name: Optional[str] = None,
targets: Optional[Sequence[str]] = None,
enabled: Optional[bool] = None,
selectors: Optional[SecurityNotificationRuleSelectorsArgs] = None,
time_aggregation: Optional[int] = None)func NewSecurityNotificationRule(ctx *Context, name string, args SecurityNotificationRuleArgs, opts ...ResourceOption) (*SecurityNotificationRule, error)public SecurityNotificationRule(string name, SecurityNotificationRuleArgs args, CustomResourceOptions? opts = null)
public SecurityNotificationRule(String name, SecurityNotificationRuleArgs args)
public SecurityNotificationRule(String name, SecurityNotificationRuleArgs args, CustomResourceOptions options)
type: datadog:SecurityNotificationRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args SecurityNotificationRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args SecurityNotificationRuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args SecurityNotificationRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SecurityNotificationRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args SecurityNotificationRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var securityNotificationRuleResource = new Datadog.SecurityNotificationRule("securityNotificationRuleResource", new()
{
Name = "string",
Targets = new[]
{
"string",
},
Enabled = false,
Selectors = new Datadog.Inputs.SecurityNotificationRuleSelectorsArgs
{
RuleTypes = new[]
{
"string",
},
TriggerSource = "string",
Query = "string",
Severities = new[]
{
"string",
},
},
TimeAggregation = 0,
});
example, err := datadog.NewSecurityNotificationRule(ctx, "securityNotificationRuleResource", &datadog.SecurityNotificationRuleArgs{
Name: pulumi.String("string"),
Targets: pulumi.StringArray{
pulumi.String("string"),
},
Enabled: pulumi.Bool(false),
Selectors: &datadog.SecurityNotificationRuleSelectorsArgs{
RuleTypes: pulumi.StringArray{
pulumi.String("string"),
},
TriggerSource: pulumi.String("string"),
Query: pulumi.String("string"),
Severities: pulumi.StringArray{
pulumi.String("string"),
},
},
TimeAggregation: pulumi.Int(0),
})
var securityNotificationRuleResource = new SecurityNotificationRule("securityNotificationRuleResource", SecurityNotificationRuleArgs.builder()
.name("string")
.targets("string")
.enabled(false)
.selectors(SecurityNotificationRuleSelectorsArgs.builder()
.ruleTypes("string")
.triggerSource("string")
.query("string")
.severities("string")
.build())
.timeAggregation(0)
.build());
security_notification_rule_resource = datadog.SecurityNotificationRule("securityNotificationRuleResource",
name="string",
targets=["string"],
enabled=False,
selectors={
"rule_types": ["string"],
"trigger_source": "string",
"query": "string",
"severities": ["string"],
},
time_aggregation=0)
const securityNotificationRuleResource = new datadog.SecurityNotificationRule("securityNotificationRuleResource", {
name: "string",
targets: ["string"],
enabled: false,
selectors: {
ruleTypes: ["string"],
triggerSource: "string",
query: "string",
severities: ["string"],
},
timeAggregation: 0,
});
type: datadog:SecurityNotificationRule
properties:
enabled: false
name: string
selectors:
query: string
ruleTypes:
- string
severities:
- string
triggerSource: string
targets:
- string
timeAggregation: 0
SecurityNotificationRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The SecurityNotificationRule resource accepts the following input properties:
- Name string
- The name of the rule (must be unique).
- Targets List<string>
- The list of handle targets for the notifications. A target must be prefixed with an @. It can be an email address (@bob@email.com), or any installed integration. For example, a Slack recipient (@slack-ops), or a Teams recipient (@teams-ops).
- Enabled bool
- Indicates whether the rule is enabled. Defaults to
true. - Selectors
Security
Notification Rule Selectors - Defines selectors to filter security issues that generate notifications.
- Time
Aggregation int - Specifies the time period, in seconds, used to aggregate the notification. Defaults to
0.
- Name string
- The name of the rule (must be unique).
- Targets []string
- The list of handle targets for the notifications. A target must be prefixed with an @. It can be an email address (@bob@email.com), or any installed integration. For example, a Slack recipient (@slack-ops), or a Teams recipient (@teams-ops).
- Enabled bool
- Indicates whether the rule is enabled. Defaults to
true. - Selectors
Security
Notification Rule Selectors Args - Defines selectors to filter security issues that generate notifications.
- Time
Aggregation int - Specifies the time period, in seconds, used to aggregate the notification. Defaults to
0.
- name String
- The name of the rule (must be unique).
- targets List<String>
- The list of handle targets for the notifications. A target must be prefixed with an @. It can be an email address (@bob@email.com), or any installed integration. For example, a Slack recipient (@slack-ops), or a Teams recipient (@teams-ops).
- enabled Boolean
- Indicates whether the rule is enabled. Defaults to
true. - selectors
Security
Notification Rule Selectors - Defines selectors to filter security issues that generate notifications.
- time
Aggregation Integer - Specifies the time period, in seconds, used to aggregate the notification. Defaults to
0.
- name string
- The name of the rule (must be unique).
- targets string[]
- The list of handle targets for the notifications. A target must be prefixed with an @. It can be an email address (@bob@email.com), or any installed integration. For example, a Slack recipient (@slack-ops), or a Teams recipient (@teams-ops).
- enabled boolean
- Indicates whether the rule is enabled. Defaults to
true. - selectors
Security
Notification Rule Selectors - Defines selectors to filter security issues that generate notifications.
- time
Aggregation number - Specifies the time period, in seconds, used to aggregate the notification. Defaults to
0.
- name str
- The name of the rule (must be unique).
- targets Sequence[str]
- The list of handle targets for the notifications. A target must be prefixed with an @. It can be an email address (@bob@email.com), or any installed integration. For example, a Slack recipient (@slack-ops), or a Teams recipient (@teams-ops).
- enabled bool
- Indicates whether the rule is enabled. Defaults to
true. - selectors
Security
Notification Rule Selectors Args - Defines selectors to filter security issues that generate notifications.
- time_
aggregation int - Specifies the time period, in seconds, used to aggregate the notification. Defaults to
0.
- name String
- The name of the rule (must be unique).
- targets List<String>
- The list of handle targets for the notifications. A target must be prefixed with an @. It can be an email address (@bob@email.com), or any installed integration. For example, a Slack recipient (@slack-ops), or a Teams recipient (@teams-ops).
- enabled Boolean
- Indicates whether the rule is enabled. Defaults to
true. - selectors Property Map
- Defines selectors to filter security issues that generate notifications.
- time
Aggregation Number - Specifies the time period, in seconds, used to aggregate the notification. Defaults to
0.
Outputs
All input properties are implicitly available as output properties. Additionally, the SecurityNotificationRule resource produces the following output properties:
- Created
At int - Indicates when this rule was created.
- Created
By stringHandle - The handle of the rule creator.
- Created
By stringName - The name of the rule creator.
- Id string
- The provider-assigned unique ID for this managed resource.
- Modified
At int - Indicates when this rule was last modified.
- Modified
By stringHandle - The handle of the rule last modifier.
- Modified
By stringName - The name of the rule last modifier.
- Version int
- The rule version (incremented at each update).
- Created
At int - Indicates when this rule was created.
- Created
By stringHandle - The handle of the rule creator.
- Created
By stringName - The name of the rule creator.
- Id string
- The provider-assigned unique ID for this managed resource.
- Modified
At int - Indicates when this rule was last modified.
- Modified
By stringHandle - The handle of the rule last modifier.
- Modified
By stringName - The name of the rule last modifier.
- Version int
- The rule version (incremented at each update).
- created
At Integer - Indicates when this rule was created.
- created
By StringHandle - The handle of the rule creator.
- created
By StringName - The name of the rule creator.
- id String
- The provider-assigned unique ID for this managed resource.
- modified
At Integer - Indicates when this rule was last modified.
- modified
By StringHandle - The handle of the rule last modifier.
- modified
By StringName - The name of the rule last modifier.
- version Integer
- The rule version (incremented at each update).
- created
At number - Indicates when this rule was created.
- created
By stringHandle - The handle of the rule creator.
- created
By stringName - The name of the rule creator.
- id string
- The provider-assigned unique ID for this managed resource.
- modified
At number - Indicates when this rule was last modified.
- modified
By stringHandle - The handle of the rule last modifier.
- modified
By stringName - The name of the rule last modifier.
- version number
- The rule version (incremented at each update).
- created_
at int - Indicates when this rule was created.
- created_
by_ strhandle - The handle of the rule creator.
- created_
by_ strname - The name of the rule creator.
- id str
- The provider-assigned unique ID for this managed resource.
- modified_
at int - Indicates when this rule was last modified.
- modified_
by_ strhandle - The handle of the rule last modifier.
- modified_
by_ strname - The name of the rule last modifier.
- version int
- The rule version (incremented at each update).
- created
At Number - Indicates when this rule was created.
- created
By StringHandle - The handle of the rule creator.
- created
By StringName - The name of the rule creator.
- id String
- The provider-assigned unique ID for this managed resource.
- modified
At Number - Indicates when this rule was last modified.
- modified
By StringHandle - The handle of the rule last modifier.
- modified
By StringName - The name of the rule last modifier.
- version Number
- The rule version (incremented at each update).
Look up Existing SecurityNotificationRule Resource
Get an existing SecurityNotificationRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: SecurityNotificationRuleState, opts?: CustomResourceOptions): SecurityNotificationRule@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
created_at: Optional[int] = None,
created_by_handle: Optional[str] = None,
created_by_name: Optional[str] = None,
enabled: Optional[bool] = None,
modified_at: Optional[int] = None,
modified_by_handle: Optional[str] = None,
modified_by_name: Optional[str] = None,
name: Optional[str] = None,
selectors: Optional[SecurityNotificationRuleSelectorsArgs] = None,
targets: Optional[Sequence[str]] = None,
time_aggregation: Optional[int] = None,
version: Optional[int] = None) -> SecurityNotificationRulefunc GetSecurityNotificationRule(ctx *Context, name string, id IDInput, state *SecurityNotificationRuleState, opts ...ResourceOption) (*SecurityNotificationRule, error)public static SecurityNotificationRule Get(string name, Input<string> id, SecurityNotificationRuleState? state, CustomResourceOptions? opts = null)public static SecurityNotificationRule get(String name, Output<String> id, SecurityNotificationRuleState state, CustomResourceOptions options)resources: _: type: datadog:SecurityNotificationRule get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Created
At int - Indicates when this rule was created.
- Created
By stringHandle - The handle of the rule creator.
- Created
By stringName - The name of the rule creator.
- Enabled bool
- Indicates whether the rule is enabled. Defaults to
true. - Modified
At int - Indicates when this rule was last modified.
- Modified
By stringHandle - The handle of the rule last modifier.
- Modified
By stringName - The name of the rule last modifier.
- Name string
- The name of the rule (must be unique).
- Selectors
Security
Notification Rule Selectors - Defines selectors to filter security issues that generate notifications.
- Targets List<string>
- The list of handle targets for the notifications. A target must be prefixed with an @. It can be an email address (@bob@email.com), or any installed integration. For example, a Slack recipient (@slack-ops), or a Teams recipient (@teams-ops).
- Time
Aggregation int - Specifies the time period, in seconds, used to aggregate the notification. Defaults to
0. - Version int
- The rule version (incremented at each update).
- Created
At int - Indicates when this rule was created.
- Created
By stringHandle - The handle of the rule creator.
- Created
By stringName - The name of the rule creator.
- Enabled bool
- Indicates whether the rule is enabled. Defaults to
true. - Modified
At int - Indicates when this rule was last modified.
- Modified
By stringHandle - The handle of the rule last modifier.
- Modified
By stringName - The name of the rule last modifier.
- Name string
- The name of the rule (must be unique).
- Selectors
Security
Notification Rule Selectors Args - Defines selectors to filter security issues that generate notifications.
- Targets []string
- The list of handle targets for the notifications. A target must be prefixed with an @. It can be an email address (@bob@email.com), or any installed integration. For example, a Slack recipient (@slack-ops), or a Teams recipient (@teams-ops).
- Time
Aggregation int - Specifies the time period, in seconds, used to aggregate the notification. Defaults to
0. - Version int
- The rule version (incremented at each update).
- created
At Integer - Indicates when this rule was created.
- created
By StringHandle - The handle of the rule creator.
- created
By StringName - The name of the rule creator.
- enabled Boolean
- Indicates whether the rule is enabled. Defaults to
true. - modified
At Integer - Indicates when this rule was last modified.
- modified
By StringHandle - The handle of the rule last modifier.
- modified
By StringName - The name of the rule last modifier.
- name String
- The name of the rule (must be unique).
- selectors
Security
Notification Rule Selectors - Defines selectors to filter security issues that generate notifications.
- targets List<String>
- The list of handle targets for the notifications. A target must be prefixed with an @. It can be an email address (@bob@email.com), or any installed integration. For example, a Slack recipient (@slack-ops), or a Teams recipient (@teams-ops).
- time
Aggregation Integer - Specifies the time period, in seconds, used to aggregate the notification. Defaults to
0. - version Integer
- The rule version (incremented at each update).
- created
At number - Indicates when this rule was created.
- created
By stringHandle - The handle of the rule creator.
- created
By stringName - The name of the rule creator.
- enabled boolean
- Indicates whether the rule is enabled. Defaults to
true. - modified
At number - Indicates when this rule was last modified.
- modified
By stringHandle - The handle of the rule last modifier.
- modified
By stringName - The name of the rule last modifier.
- name string
- The name of the rule (must be unique).
- selectors
Security
Notification Rule Selectors - Defines selectors to filter security issues that generate notifications.
- targets string[]
- The list of handle targets for the notifications. A target must be prefixed with an @. It can be an email address (@bob@email.com), or any installed integration. For example, a Slack recipient (@slack-ops), or a Teams recipient (@teams-ops).
- time
Aggregation number - Specifies the time period, in seconds, used to aggregate the notification. Defaults to
0. - version number
- The rule version (incremented at each update).
- created_
at int - Indicates when this rule was created.
- created_
by_ strhandle - The handle of the rule creator.
- created_
by_ strname - The name of the rule creator.
- enabled bool
- Indicates whether the rule is enabled. Defaults to
true. - modified_
at int - Indicates when this rule was last modified.
- modified_
by_ strhandle - The handle of the rule last modifier.
- modified_
by_ strname - The name of the rule last modifier.
- name str
- The name of the rule (must be unique).
- selectors
Security
Notification Rule Selectors Args - Defines selectors to filter security issues that generate notifications.
- targets Sequence[str]
- The list of handle targets for the notifications. A target must be prefixed with an @. It can be an email address (@bob@email.com), or any installed integration. For example, a Slack recipient (@slack-ops), or a Teams recipient (@teams-ops).
- time_
aggregation int - Specifies the time period, in seconds, used to aggregate the notification. Defaults to
0. - version int
- The rule version (incremented at each update).
- created
At Number - Indicates when this rule was created.
- created
By StringHandle - The handle of the rule creator.
- created
By StringName - The name of the rule creator.
- enabled Boolean
- Indicates whether the rule is enabled. Defaults to
true. - modified
At Number - Indicates when this rule was last modified.
- modified
By StringHandle - The handle of the rule last modifier.
- modified
By StringName - The name of the rule last modifier.
- name String
- The name of the rule (must be unique).
- selectors Property Map
- Defines selectors to filter security issues that generate notifications.
- targets List<String>
- The list of handle targets for the notifications. A target must be prefixed with an @. It can be an email address (@bob@email.com), or any installed integration. For example, a Slack recipient (@slack-ops), or a Teams recipient (@teams-ops).
- time
Aggregation Number - Specifies the time period, in seconds, used to aggregate the notification. Defaults to
0. - version Number
- The rule version (incremented at each update).
Supporting Types
SecurityNotificationRuleSelectors, SecurityNotificationRuleSelectorsArgs
- Rule
Types List<string> - Specifies security rule types for filtering signals and vulnerabilities that generate notifications.
- Trigger
Source string - The type of security issues the rule applies to. Use
security_signalsfor rules based on security signals andsecurity_findingsfor those based on vulnerabilities. - Query string
- Comprises one or several key:value pairs for filtering security issues based on tags and attributes. Defaults to
"". - Severities List<string>
- The security rules severities to consider.
- Rule
Types []string - Specifies security rule types for filtering signals and vulnerabilities that generate notifications.
- Trigger
Source string - The type of security issues the rule applies to. Use
security_signalsfor rules based on security signals andsecurity_findingsfor those based on vulnerabilities. - Query string
- Comprises one or several key:value pairs for filtering security issues based on tags and attributes. Defaults to
"". - Severities []string
- The security rules severities to consider.
- rule
Types List<String> - Specifies security rule types for filtering signals and vulnerabilities that generate notifications.
- trigger
Source String - The type of security issues the rule applies to. Use
security_signalsfor rules based on security signals andsecurity_findingsfor those based on vulnerabilities. - query String
- Comprises one or several key:value pairs for filtering security issues based on tags and attributes. Defaults to
"". - severities List<String>
- The security rules severities to consider.
- rule
Types string[] - Specifies security rule types for filtering signals and vulnerabilities that generate notifications.
- trigger
Source string - The type of security issues the rule applies to. Use
security_signalsfor rules based on security signals andsecurity_findingsfor those based on vulnerabilities. - query string
- Comprises one or several key:value pairs for filtering security issues based on tags and attributes. Defaults to
"". - severities string[]
- The security rules severities to consider.
- rule_
types Sequence[str] - Specifies security rule types for filtering signals and vulnerabilities that generate notifications.
- trigger_
source str - The type of security issues the rule applies to. Use
security_signalsfor rules based on security signals andsecurity_findingsfor those based on vulnerabilities. - query str
- Comprises one or several key:value pairs for filtering security issues based on tags and attributes. Defaults to
"". - severities Sequence[str]
- The security rules severities to consider.
- rule
Types List<String> - Specifies security rule types for filtering signals and vulnerabilities that generate notifications.
- trigger
Source String - The type of security issues the rule applies to. Use
security_signalsfor rules based on security signals andsecurity_findingsfor those based on vulnerabilities. - query String
- Comprises one or several key:value pairs for filtering security issues based on tags and attributes. Defaults to
"". - severities List<String>
- The security rules severities to consider.
Import
$ pulumi import datadog:index/securityNotificationRule:SecurityNotificationRule signal_rule yq9-t9l-bso
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Datadog pulumi/pulumi-datadog
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
datadogTerraform Provider.