Convert Azure Defender dict values into resources

This improves how these work on the shell and give LLMs the information
they need to write these queries.

Signed-off-by: Tim Smith <tsmith84@gmail.com>

Author: tas50

providers/azure/resources/azure.lr

@@ -2590,29 +2590,29 @@ private azure.subscription.cloudDefenderService @defaults("defenderForServers.en
   // Whether the monitoring agent is automatically provisioned on new VMs
   monitoringAgentAutoProvision() bool
   // List of Defender for Servers components and whether they are enabled
-  defenderForServers() dict
+  defenderForServers() azure.subscription.cloudDefenderService.defenderForServers
   // Microsoft Defender for App Service configuration
-  defenderForAppServices() dict
+  defenderForAppServices() azure.subscription.cloudDefenderService.defenderForAppServices
   // Microsoft Defender for SQL servers on machines configuration
-  defenderForSqlServersOnMachines() dict
+  defenderForSqlServersOnMachines() azure.subscription.cloudDefenderService.defenderForSqlServersOnMachines
   // Microsoft Defender for Azure SQL Databases configuration
-  defenderForSqlDatabases() dict
+  defenderForSqlDatabases() azure.subscription.cloudDefenderService.defenderForSqlDatabases
   // Microsoft Defender for open-source relational databases configuration
-  defenderForOpenSourceDatabases() dict
+  defenderForOpenSourceDatabases() azure.subscription.cloudDefenderService.defenderForOpenSourceDatabases
   // Microsoft Defender for Azure Cosmos DB configuration
-  defenderForCosmosDb() dict
+  defenderForCosmosDb() azure.subscription.cloudDefenderService.defenderForCosmosDb
   // Microsoft Defender for Storage Accounts configuration
-  defenderForStorageAccounts() dict
+  defenderForStorageAccounts() azure.subscription.cloudDefenderService.defenderForStorageAccounts
   // Microsoft Defender for Key Vault configuration
-  defenderForKeyVaults() dict
+  defenderForKeyVaults() azure.subscription.cloudDefenderService.defenderForKeyVaults
   // Microsoft Defender for Resource Manager configuration
-  defenderForResourceManager() dict
+  defenderForResourceManager() azure.subscription.cloudDefenderService.defenderForResourceManager
   // Microsoft Defender for APIs configuration
   defenderForApis() azure.subscription.cloudDefenderService.defenderForApis
   // Microsoft Defender Cloud Security Posture Management (CSPM) configuration
   defenderCSPM() azure.subscription.cloudDefenderService.defenderCSPM
   // Defender for Containers components configuration
-  defenderForContainers() dict
+  defenderForContainers() azure.subscription.cloudDefenderService.defenderForContainers
   // List of configured security contacts
   securityContacts() []azure.subscription.cloudDefenderService.securityContact
   // Settings for MCAS
@@ -2669,6 +2669,122 @@ private azure.subscription.cloudDefenderService.defenderCSPM.extension {
   isEnabled bool
 }
 
+// Microsoft Defender for Servers
+private azure.subscription.cloudDefenderService.defenderForServers @defaults("enabled pricingTier") {
+  // Subscription identifier
+  subscriptionId string
+  // Whether Defender for Servers is enabled
+  enabled bool
+  // Pricing tier for Defender for Servers
+  pricingTier string
+  // Name of the vulnerability management tool in use
+  vulnerabilityManagementToolName string
+}
+
+// Microsoft Defender for App Service
+private azure.subscription.cloudDefenderService.defenderForAppServices @defaults("enabled pricingTier") {
+  // Subscription identifier
+  subscriptionId string
+  // Whether Defender for App Service is enabled
+  enabled bool
+  // Pricing tier for Defender for App Service
+  pricingTier string
+}
+
+// Microsoft Defender for SQL servers on machines
+private azure.subscription.cloudDefenderService.defenderForSqlServersOnMachines @defaults("enabled pricingTier") {
+  // Subscription identifier
+  subscriptionId string
+  // Whether Defender for SQL servers on machines is enabled
+  enabled bool
+  // Pricing tier for Defender for SQL servers on machines
+  pricingTier string
+}
+
+// Microsoft Defender for Azure SQL Databases
+private azure.subscription.cloudDefenderService.defenderForSqlDatabases @defaults("enabled pricingTier") {
+  // Subscription identifier
+  subscriptionId string
+  // Whether Defender for Azure SQL Databases is enabled
+  enabled bool
+  // Pricing tier for Defender for Azure SQL Databases
+  pricingTier string
+}
+
+// Microsoft Defender for open-source relational databases
+private azure.subscription.cloudDefenderService.defenderForOpenSourceDatabases @defaults("enabled pricingTier") {
+  // Subscription identifier
+  subscriptionId string
+  // Whether Defender for open-source relational databases is enabled
+  enabled bool
+  // Pricing tier for Defender for open-source relational databases
+  pricingTier string
+}
+
+// Microsoft Defender for Azure Cosmos DB
+private azure.subscription.cloudDefenderService.defenderForCosmosDb @defaults("enabled pricingTier") {
+  // Subscription identifier
+  subscriptionId string
+  // Whether Defender for Azure Cosmos DB is enabled
+  enabled bool
+  // Pricing tier for Defender for Azure Cosmos DB
+  pricingTier string
+}
+
+// Microsoft Defender for Storage Accounts
+private azure.subscription.cloudDefenderService.defenderForStorageAccounts @defaults("enabled pricingTier") {
+  // Subscription identifier
+  subscriptionId string
+  // Whether Defender for Storage Accounts is enabled
+  enabled bool
+  // Pricing tier for Defender for Storage Accounts
+  pricingTier string
+}
+
+// Microsoft Defender for Key Vault
+private azure.subscription.cloudDefenderService.defenderForKeyVaults @defaults("enabled pricingTier") {
+  // Subscription identifier
+  subscriptionId string
+  // Whether Defender for Key Vault is enabled
+  enabled bool
+  // Pricing tier for Defender for Key Vault
+  pricingTier string
+}
+
+// Microsoft Defender for Resource Manager
+private azure.subscription.cloudDefenderService.defenderForResourceManager @defaults("enabled pricingTier") {
+  // Subscription identifier
+  subscriptionId string
+  // Whether Defender for Resource Manager is enabled
+  enabled bool
+  // Pricing tier for Defender for Resource Manager
+  pricingTier string
+}
+
+// Microsoft Defender for Containers
+private azure.subscription.cloudDefenderService.defenderForContainers @defaults("enabled pricingTier") {
+  // Subscription identifier
+  subscriptionId string
+  // Whether Defender for Containers is enabled
+  enabled bool
+  // Pricing tier for Defender for Containers
+  pricingTier string
+  // Whether the Defender DaemonSet is deployed
+  defenderDaemonSet bool
+  // Whether Azure Policy for Kubernetes is enabled
+  azurePolicyForKubernetes bool
+  // Extensions configured for Defender for Containers
+  extensions []azure.subscription.cloudDefenderService.defenderForContainers.extension
+}
+
+// Microsoft Defender for Containers extension
+private azure.subscription.cloudDefenderService.defenderForContainers.extension {
+  // Extension name
+  name string
+  // Whether the extension is enabled
+  isEnabled bool
+}
+
 // Microsoft Defender for Cloud security contact
 private azure.subscription.cloudDefenderService.securityContact @defaults("id name"){
   // ID of the security contact