The watchlists/watchlistItems resource type can be deployed to:
For a list of changed properties in each API version, see change log.
To create a Microsoft.SecurityInsights/watchlists/watchlistItems resource, add the following JSON to your template.
{
"type": "Microsoft.SecurityInsights/watchlists/watchlistItems",
"apiVersion": "2023-02-01-preview",
"name": "string",
"etag": "string",
"properties": {
"created": "string",
"createdBy": {
"objectId": "string"
},
"entityMapping": {},
"isDeleted": "bool",
"itemsKeyValue": {},
"tenantId": "string",
"updated": "string",
"updatedBy": {
"objectId": "string"
},
"watchlistItemId": "string",
"watchlistItemType": "string"
}
}
Name | Description | Value |
---|---|---|
type | The resource type | 'Microsoft.SecurityInsights/watchlists/watchlistItems' |
apiVersion | The resource api version | '2023-02-01-preview' |
name | The resource name See how to set names and types for child resources in JSON ARM templates. |
string (required) |
etag | Etag of the azure resource | string |
properties | Watchlist Item properties | WatchlistItemProperties |
Name | Description | Value |
---|---|---|
created | The time the watchlist item was created | string |
createdBy | Describes a user that created the watchlist item | UserInfo |
entityMapping | key-value pairs for a watchlist item entity mapping | object |
isDeleted | A flag that indicates if the watchlist item is deleted or not | bool |
itemsKeyValue | key-value pairs for a watchlist item | object (required) |
tenantId | The tenantId to which the watchlist item belongs to | string |
updated | The last time the watchlist item was updated | string |
updatedBy | Describes a user that updated the watchlist item | UserInfo |
watchlistItemId | The id (a Guid) of the watchlist item | string |
watchlistItemType | The type of the watchlist item | string |
Name | Description | Value |
---|---|---|
objectId | The object id of the user. | string |