New-AzSecurityConnector
Creare un connettore di sicurezza. Se è già stato creato un connettore di sicurezza e viene inviata una richiesta successiva per lo stesso ID connettore di sicurezza, verrà aggiornato.
Sintassi
New-AzSecurityConnector
-Name <String>
-ResourceGroupName <String>
[-SubscriptionId <String>]
[-EnvironmentData <ISecurityConnectorEnvironment>]
[-EnvironmentName <String>]
[-Etag <String>]
[-HierarchyIdentifier <String>]
[-Kind <String>]
[-Location <String>]
[-Offering <ICloudOffering[]>]
[-Tag <Hashtable>]
[-DefaultProfile <PSObject>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Descrizione
Creare un connettore di sicurezza. Se è già stato creato un connettore di sicurezza e viene inviata una richiesta successiva per lo stesso ID connettore di sicurezza, verrà aggiornato.
Esempio
Esempio 1: Creare un connettore di sicurezza AWS
$account = "891376984375"
$arnPrefix = "arn:aws:iam::$($account):role"
$cspmMonitorOffering = New-AzSecurityCspmMonitorAwsOfferingObject -NativeCloudConnectionCloudRoleArn "$arnPrefix/CspmMonitorAws"
$dcspmOffering = New-AzSecurityDefenderCspmAwsOfferingObject `
-VMScannerEnabled $true -ConfigurationScanningMode Default -ConfigurationCloudRoleArn "$arnPrefix/DefenderForCloud-AgentlessScanner" `
-DataSensitivityDiscoveryEnabled $true -DataSensitivityDiscoveryCloudRoleArn "$arnPrefix/SensitiveDataDiscovery" `
-DatabaseDspmEnabled $true -DatabaseDspmCloudRoleArn "$arnPrefix/DefenderForCloud-DataSecurityPostureDB" `
-CiemDiscoveryCloudRoleArn "$arnPrefix/DefenderForCloud-Ciem" -CiemOidcAzureActiveDirectoryAppName "mciem-aws-oidc-connector" -CiemOidcCloudRoleArn "$arnPrefix/DefenderForCloud-OidcCiem" `
-MdcContainerImageAssessmentEnabled $true -MdcContainerImageAssessmentCloudRoleArn "$arnPrefix/MDCContainersImageAssessmentRole" `
-MdcContainerAgentlessDiscoveryK8SEnabled $true -MdcContainerAgentlessDiscoveryK8SCloudRoleArn "$arnPrefix/MDCContainersAgentlessDiscoveryK8sRole"
$defenderForContainersOffering = New-AzSecurityDefenderForContainersAwsOfferingObject `
-AutoProvisioning $true -KuberneteServiceCloudRoleArn "$arnPrefix/DefenderForCloud-Containers-K8s" -KuberneteScubaReaderCloudRoleArn "$arnPrefix/DefenderForCloud-DataCollection" `
-KinesiToS3CloudRoleArn "$arnPrefix/DefenderForCloud-Containers-K8s-kinesis-to-s3" -CloudWatchToKinesiCloudRoleArn "$arnPrefix/DefenderForCloud-Containers-K8s-cloudwatch-to-kinesis" `
-KubeAuditRetentionTime 30 -ScubaExternalId "a47ae0a2-7bf7-482a-897a-7a139d30736c" `
-MdcContainerAgentlessDiscoveryK8SEnabled $true -MdcContainerAgentlessDiscoveryK8SCloudRoleArn "$arnPrefix/MDCContainersAgentlessDiscoveryK8sRole" `
-MdcContainerImageAssessmentEnabled $true -MdcContainerImageAssessmentCloudRoleArn "$arnPrefix/MDCContainersImageAssessmentRole" `
-EnableContainerVulnerabilityAssessment $false
$environment = New-AzSecurityAwsEnvironmentObject -ScanInterval 24
New-AzSecurityConnector -Name "aws-sdktest01" -ResourceGroupName "securityConnectors-tests" `
-EnvironmentData $environment -EnvironmentName AWS -HierarchyIdentifier "$account" `
-Offering @($cspmMonitorOffering, $dcspmOffering, $defenderForContainersOffering) `
-Location "CentralUS"
EnvironmentData : {
"environmentType": "AwsAccount",
"regions": [ ],
"scanInterval": 24
}
EnvironmentName : AWS
Etag :
HierarchyIdentifier : 891376984375
HierarchyIdentifierTrialEndDate : 3/24/2024 12:00:00 AM
Id : /subscriptions/487bb485-b5b0-471e-9c0d-10717612f869/resourcegroups/securityconnectors-tests/providers/Microsoft.Security/securityConnectors/aws-sdktes
t01
Kind :
Location : CentralUS
Name : aws-sdktest01
Offering : {{
"offeringType": "CspmMonitorAws",
"nativeCloudConnection": {
"cloudRoleArn": "arn:aws:iam::891376984375:role/CspmMonitorAws"
}
}, {
"offeringType": "DefenderCspmAws",
"vmScanners": {
"configuration": {
"cloudRoleArn": "arn:aws:iam::891376984375:role/DefenderForCloud-AgentlessScanner",
"scanningMode": "Default"
},
"enabled": true
},
"dataSensitivityDiscovery": {
"enabled": true,
"cloudRoleArn": "arn:aws:iam::891376984375:role/SensitiveDataDiscovery"
},
"databasesDspm": {
"enabled": true,
"cloudRoleArn": "arn:aws:iam::891376984375:role/DefenderForCloud-DataSecurityPostureDB"
},
"ciem": {
"ciemDiscovery": {
"cloudRoleArn": "arn:aws:iam::891376984375:role/DefenderForCloud-Ciem"
},
"ciemOidc": {
"cloudRoleArn": "arn:aws:iam::891376984375:role/DefenderForCloud-OidcCiem",
"azureActiveDirectoryAppName": "mciem-aws-oidc-connector"
}
},
"mdcContainersImageAssessment": {
"enabled": true,
"cloudRoleArn": "arn:aws:iam::891376984375:role/MDCContainersImageAssessmentRole"
},
"mdcContainersAgentlessDiscoveryK8s": {
"enabled": true,
"cloudRoleArn": "arn:aws:iam::891376984375:role/MDCContainersAgentlessDiscoveryK8sRole"
}
}, {
"offeringType": "DefenderForContainersAws",
"kubernetesService": {
"cloudRoleArn": "arn:aws:iam::891376984375:role/DefenderForCloud-Containers-K8s"
},
"kubernetesScubaReader": {
"cloudRoleArn": "arn:aws:iam::891376984375:role/DefenderForCloud-DataCollection"
},
"cloudWatchToKinesis": {
"cloudRoleArn": "arn:aws:iam::891376984375:role/DefenderForCloud-Containers-K8s-cloudwatch-to-kinesis"
},
"kinesisToS3": {
"cloudRoleArn": "arn:aws:iam::891376984375:role/DefenderForCloud-Containers-K8s-kinesis-to-s3"
},
"mdcContainersImageAssessment": {
"enabled": true,
"cloudRoleArn": "arn:aws:iam::891376984375:role/MDCContainersImageAssessmentRole"
},
"mdcContainersAgentlessDiscoveryK8s": {
"enabled": true,
"cloudRoleArn": "arn:aws:iam::891376984375:role/MDCContainersAgentlessDiscoveryK8sRole"
},
"enableContainerVulnerabilityAssessment": false,
"autoProvisioning": true,
"kubeAuditRetentionTime": 30,
"scubaExternalId": "a47ae0a2-7bf7-482a-897a-7a139d30736c"
}}
ResourceGroupName : securityconnectors-tests
SystemDataCreatedAt : 2/22/2024 11:45:53 PM
SystemDataCreatedBy : c3d82ccb-fee1-430c-949e-6c0a217c00a8
SystemDataCreatedByType : Application
SystemDataLastModifiedAt : 2/22/2024 11:45:53 PM
SystemDataLastModifiedBy : c3d82ccb-fee1-430c-949e-6c0a217c00a8
SystemDataLastModifiedByType : Application
Tag : {
}
Type : Microsoft.Security/securityconnectorsEsempio 2: Creare un connettore di sicurezza GCP
$account = "843025268399"
$emailSuffix = "myproject.iam.gserviceaccount.com"
$cspmMonitorOffering = New-AzSecurityCspmMonitorGcpOfferingObject -NativeCloudConnectionServiceAccountEmailAddress "microsoft-defender-cspm@$emailSuffix" -NativeCloudConnectionWorkloadIdentityProviderId "cspm"
$dcspmOffering = New-AzSecurityDefenderCspmGcpOfferingObject `
-VMScannerEnabled $true -ConfigurationScanningMode Default -ConfigurationExclusionTag @{key="value"} `
-MdcContainerAgentlessDiscoveryK8SEnabled $true -MdcContainerAgentlessDiscoveryK8SServiceAccountEmailAddress "mdc-containers-k8s-operator@$emailSuffix" -MdcContainerAgentlessDiscoveryK8SWorkloadIdentityProviderId "containers" `
-MdcContainerImageAssessmentEnabled $true -MdcContainerImageAssessmentServiceAccountEmailAddress "mdc-containers-artifact-assess@$emailSuffix" -MdcContainerImageAssessmentWorkloadIdentityProviderId "containers" `
-DataSensitivityDiscoveryEnabled $true -DataSensitivityDiscoveryServiceAccountEmailAddress "mdc-data-sec-posture-storage@$emailSuffix" -DataSensitivityDiscoveryWorkloadIdentityProviderId "data-security-posture-storage" `
-CiemDiscoveryServiceAccountEmailAddress "microsoft-defender-ciem@$emailSuffix" -CiemDiscoveryAzureActiveDirectoryAppName "mciem-gcp-oidc-app" -CiemDiscoveryWorkloadIdentityProviderId "ciem-discovery"
$defenderForContainersOffering = New-AzSecurityDefenderForContainersGcpOfferingObject `
-NativeCloudConnectionServiceAccountEmailAddress "microsoft-defender-containers@$emailSuffix" -NativeCloudConnectionWorkloadIdentityProviderId "containers" `
-DataPipelineNativeCloudConnectionServiceAccountEmailAddress "ms-defender-containers-stream@$emailSuffix" -DataPipelineNativeCloudConnectionWorkloadIdentityProviderId "containers-streams" `
-AuditLogsAutoProvisioningFlag $true -DefenderAgentAutoProvisioningFlag $true -PolicyAgentAutoProvisioningFlag $true `
-MdcContainerAgentlessDiscoveryK8SEnabled $true -MdcContainerAgentlessDiscoveryK8SWorkloadIdentityProviderId "containers" -MdcContainerAgentlessDiscoveryK8SServiceAccountEmailAddress "mdc-containers-k8s-operator@$emailSuffix" `
-MdcContainerImageAssessmentEnabled $true -MdcContainerImageAssessmentWorkloadIdentityProviderId "containers" -MdcContainerImageAssessmentServiceAccountEmailAddress "mdc-containers-artifact-assess@$emailSuffix"
$environment = New-AzSecurityGcpProjectEnvironmentObject -ScanInterval 24 -ProjectDetailProjectId "asc-sdk-samples" -ProjectDetailProjectNumber "$account"
New-AzSecurityConnector -Name "gcp-sdktest01" -ResourceGroupName "securityConnectors-tests" -EnvironmentData $environment -EnvironmentName GCP -HierarchyIdentifier "$account" `
-Offering @($cspmMonitorOffering, $dcspmOffering, $defenderForContainersOffering) -Location "CentralUS"
EnvironmentData : {
"environmentType": "GcpProject",
"projectDetails": {
"projectNumber": "843025268399",
"projectId": "asc-sdk-samples"
},
"scanInterval": 24
}
EnvironmentName : GCP
Etag :
HierarchyIdentifier : 843025268399
HierarchyIdentifierTrialEndDate : 3/24/2024 12:00:00 AM
Id : /subscriptions/487bb485-b5b0-471e-9c0d-10717612f869/resourcegroups/securityconnectors-tests/providers/Microsoft.Security/securityConnectors/gcp-sdktest01
Kind :
Location : CentralUS
Name : gcp-sdktest01
Offering : {{
"offeringType": "CspmMonitorGcp",
"nativeCloudConnection": {
"workloadIdentityProviderId": "cspm",
"serviceAccountEmailAddress": "microsoft-defender-cspm@myproject.iam.gserviceaccount.com"
}
}, {
"offeringType": "DefenderCspmGcp",
"ciemDiscovery": {
"workloadIdentityProviderId": "ciem-discovery",
"serviceAccountEmailAddress": "microsoft-defender-ciem@myproject.iam.gserviceaccount.com",
"azureActiveDirectoryAppName": "mciem-gcp-oidc-app"
},
"vmScanners": {
"configuration": {
"scanningMode": "Default",
"exclusionTags": {
"key": "value"
}
},
"enabled": true
},
"dataSensitivityDiscovery": {
"enabled": true,
"workloadIdentityProviderId": "data-security-posture-storage",
"serviceAccountEmailAddress": "mdc-data-sec-posture-storage@myproject.iam.gserviceaccount.com"
},
"mdcContainersImageAssessment": {
"enabled": true,
"workloadIdentityProviderId": "containers",
"serviceAccountEmailAddress": "mdc-containers-artifact-assess@myproject.iam.gserviceaccount.com"
},
"mdcContainersAgentlessDiscoveryK8s": {
"enabled": true,
"workloadIdentityProviderId": "containers",
"serviceAccountEmailAddress": "mdc-containers-k8s-operator@myproject.iam.gserviceaccount.com"
}
}, {
"offeringType": "DefenderForContainersGcp",
"nativeCloudConnection": {
"serviceAccountEmailAddress": "microsoft-defender-containers@myproject.iam.gserviceaccount.com",
"workloadIdentityProviderId": "containers"
},
"dataPipelineNativeCloudConnection": {
"serviceAccountEmailAddress": "ms-defender-containers-stream@myproject.iam.gserviceaccount.com",
"workloadIdentityProviderId": "containers-streams"
},
"mdcContainersImageAssessment": {
"enabled": true,
"workloadIdentityProviderId": "containers",
"serviceAccountEmailAddress": "mdc-containers-artifact-assess@myproject.iam.gserviceaccount.com"
},
"mdcContainersAgentlessDiscoveryK8s": {
"enabled": true,
"workloadIdentityProviderId": "containers",
"serviceAccountEmailAddress": "mdc-containers-k8s-operator@myproject.iam.gserviceaccount.com"
},
"auditLogsAutoProvisioningFlag": true,
"defenderAgentAutoProvisioningFlag": true,
"policyAgentAutoProvisioningFlag": true
}}
ResourceGroupName : securityconnectors-tests
SystemDataCreatedAt : 2/22/2024 11:45:53 PM
SystemDataCreatedBy : c3d82ccb-fee1-430c-949e-6c0a217c00a8
SystemDataCreatedByType : Application
SystemDataLastModifiedAt : 2/22/2024 11:45:53 PM
SystemDataLastModifiedBy : c3d82ccb-fee1-430c-949e-6c0a217c00a8
SystemDataLastModifiedByType : Application
Tag : {}
Type : Microsoft.Security/securityconnectorsEsempio 3: Creare un connettore di sicurezza AzureDevOps
New-AzSecurityConnector -ResourceGroupName "securityConnectors-pwsh-tmp" -Name "ado-sdk-pwsh-test03" `
-EnvironmentName AzureDevOps -EnvironmentData (New-AzSecurityAzureDevOpsScopeEnvironmentObject) `
-HierarchyIdentifier ([guid]::NewGuid().ToString()) -Location "CentralUS" `
-Offering @(New-AzSecurityCspmMonitorAzureDevOpsOfferingObject)
EnvironmentData : {
"environmentType": "AzureDevOpsScope"
}
EnvironmentName : AzureDevOps
Etag :
HierarchyIdentifier : 9dd01e19-8aaf-43a2-8dd4-1c5992f4df35
HierarchyIdentifierTrialEndDate :
Id : /subscriptions/487bb485-b5b0-471e-9c0d-10717612f869/resourcegroups/securityconnectors-pwsh-tmp/providers/Microsoft.Security/securityConnectors/ado-sdk-pwsh-test03
Kind :
Location : CentralUS
Name : ado-sdk-pwsh-test03
Offering : {{
"offeringType": "CspmMonitorAzureDevOps"
}}
ResourceGroupName : securityconnectors-pwsh-tmp
SystemDataCreatedAt : 2/24/2024 12:13:11 AM
SystemDataCreatedBy : c3d82ccb-fee1-430c-949e-6c0a217c00a8
SystemDataCreatedByType : Application
SystemDataLastModifiedAt : 2/24/2024 12:13:11 AM
SystemDataLastModifiedBy : c3d82ccb-fee1-430c-949e-6c0a217c00a8
SystemDataLastModifiedByType : Application
Tag : {
}
Type : Microsoft.Security/securityconnectorsEsempio 4: Creare un connettore di sicurezza GitHub
New-AzSecurityConnector -ResourceGroupName "securityConnectors-pwsh-tmp" -Name "gh-sdk-pwsh-test03" `
-EnvironmentName GitHub -EnvironmentData (New-AzSecurityGitHubScopeEnvironmentObject) `
-HierarchyIdentifier ([guid]::NewGuid().ToString()) -Location "CentralUS" `
-Offering @(New-AzSecurityCspmMonitorGithubOfferingObject)
EnvironmentData : {
"environmentType": "GithubScope"
}
EnvironmentName : Github
Etag :
HierarchyIdentifier : e8661d05-8003-46ae-b687-fa83746f44f3
HierarchyIdentifierTrialEndDate :
Id : /subscriptions/487bb485-b5b0-471e-9c0d-10717612f869/resourcegroups/securityconnectors-pwsh-tmp/providers/Microsoft.Security/securityConnectors/gh-sdk-pwsh-test03
Kind :
Location : CentralUS
Name : gh-sdk-pwsh-test03
Offering : {{
"offeringType": "CspmMonitorGithub"
}}
ResourceGroupName : securityconnectors-pwsh-tmp
SystemDataCreatedAt : 2/24/2024 12:55:33 AM
SystemDataCreatedBy : c3d82ccb-fee1-430c-949e-6c0a217c00a8
SystemDataCreatedByType : Application
SystemDataLastModifiedAt : 2/24/2024 12:55:33 AM
SystemDataLastModifiedBy : c3d82ccb-fee1-430c-949e-6c0a217c00a8
SystemDataLastModifiedByType : Application
Tag : {
}
Type : Microsoft.Security/securityconnectorsEsempio 5: Creare un connettore di sicurezza GitLab
New-AzSecurityConnector -ResourceGroupName "securityConnectors-pwsh-tmp" -Name "gl-sdk-pwsh-test03" `
-EnvironmentName GitLab -EnvironmentData (New-AzSecurityGitLabScopeEnvironmentObject) `
-HierarchyIdentifier ([guid]::NewGuid().ToString()) -Location "CentralUS" `
-Offering @(New-AzSecurityCspmMonitorGitLabOfferingObject)
EnvironmentData : {
"environmentType": "GitLabScope"
}
EnvironmentName : GitLab
Etag :
HierarchyIdentifier : e8661d05-8003-46ae-b687-fa83746f44f3
HierarchyIdentifierTrialEndDate :
Id : /subscriptions/487bb485-b5b0-471e-9c0d-10717612f869/resourcegroups/securityconnectors-pwsh-tmp/providers/Microsoft.Security/securityConnectors/gl-sdk-pwsh-test03
Kind :
Location : CentralUS
Name : gl-sdk-pwsh-test03
Offering : {{
"offeringType": "CspmMonitorGitLab"
}}
ResourceGroupName : securityconnectors-pwsh-tmp
SystemDataCreatedAt : 2/24/2024 12:55:33 AM
SystemDataCreatedBy : c3d82ccb-fee1-430c-949e-6c0a217c00a8
SystemDataCreatedByType : Application
SystemDataLastModifiedAt : 2/24/2024 12:55:33 AM
SystemDataLastModifiedBy : c3d82ccb-fee1-430c-949e-6c0a217c00a8
SystemDataLastModifiedByType : Application
Tag : {
}
Type : Microsoft.Security/securityconnectorsParametri
-Confirm
Richiede conferma prima di eseguire il cmdlet.
| Tipo: | SwitchParameter |
| Alias: | cf |
| Posizione: | Named |
| Valore predefinito: | None |
| Necessario: | False |
| Accettare l'input della pipeline: | False |
| Accettare caratteri jolly: | False |
-DefaultProfile
Il parametro DefaultProfile non è funzionale. Usare il parametro SubscriptionId quando disponibile se si esegue il cmdlet su una sottoscrizione diversa.
| Tipo: | PSObject |
| Alias: | AzureRMContext, AzureCredential |
| Posizione: | Named |
| Valore predefinito: | None |
| Necessario: | False |
| Accettare l'input della pipeline: | False |
| Accettare caratteri jolly: | False |
-EnvironmentData
Dati dell'ambiente del connettore di sicurezza.
| Tipo: | ISecurityConnectorEnvironment |
| Posizione: | Named |
| Valore predefinito: | None |
| Necessario: | False |
| Accettare l'input della pipeline: | False |
| Accettare caratteri jolly: | False |
-EnvironmentName
Nome cloud della risorsa multi-cloud.
| Tipo: | String |
| Posizione: | Named |
| Valore predefinito: | None |
| Necessario: | False |
| Accettare l'input della pipeline: | False |
| Accettare caratteri jolly: | False |
-Etag
Il tag di entità viene usato per confrontare due o più entità dalla stessa risorsa richiesta.
| Tipo: | String |
| Posizione: | Named |
| Valore predefinito: | None |
| Necessario: | False |
| Accettare l'input della pipeline: | False |
| Accettare caratteri jolly: | False |
-HierarchyIdentifier
Identificatore di risorsa multi-cloud (ID account nel caso del connettore AWS, numero di progetto nel caso del connettore GCP).
| Tipo: | String |
| Posizione: | Named |
| Valore predefinito: | None |
| Necessario: | False |
| Accettare l'input della pipeline: | False |
| Accettare caratteri jolly: | False |
-Kind
Tipo di risorsa
| Tipo: | String |
| Posizione: | Named |
| Valore predefinito: | None |
| Necessario: | False |
| Accettare l'input della pipeline: | False |
| Accettare caratteri jolly: | False |
-Location
Posizione in cui è archiviata la risorsa
| Tipo: | String |
| Posizione: | Named |
| Valore predefinito: | None |
| Necessario: | False |
| Accettare l'input della pipeline: | False |
| Accettare caratteri jolly: | False |
-Name
Nome del connettore di sicurezza.
| Tipo: | String |
| Alias: | SecurityConnectorName |
| Posizione: | Named |
| Valore predefinito: | None |
| Necessario: | True |
| Accettare l'input della pipeline: | False |
| Accettare caratteri jolly: | False |
-Offering
Raccolta di offerte per il connettore di sicurezza.
| Tipo: | ICloudOffering[] |
| Posizione: | Named |
| Valore predefinito: | None |
| Necessario: | False |
| Accettare l'input della pipeline: | False |
| Accettare caratteri jolly: | False |
-ResourceGroupName
Nome del gruppo di risorse all'interno della sottoscrizione dell'utente. Il nome non fa distinzione tra maiuscole e minuscole.
| Tipo: | String |
| Posizione: | Named |
| Valore predefinito: | None |
| Necessario: | True |
| Accettare l'input della pipeline: | False |
| Accettare caratteri jolly: | False |
-SubscriptionId
ID sottoscrizione di Azure
| Tipo: | String |
| Posizione: | Named |
| Valore predefinito: | (Get-AzContext).Subscription.Id |
| Necessario: | False |
| Accettare l'input della pipeline: | False |
| Accettare caratteri jolly: | False |
-Tag
Elenco di coppie chiave-valore che descrivono la risorsa.
| Tipo: | Hashtable |
| Posizione: | Named |
| Valore predefinito: | None |
| Necessario: | False |
| Accettare l'input della pipeline: | False |
| Accettare caratteri jolly: | False |
-WhatIf
Mostra cosa accadrebbe se il cmdlet viene eseguito. Il cmdlet non viene eseguito.
| Tipo: | SwitchParameter |
| Alias: | wi |
| Posizione: | Named |
| Valore predefinito: | None |
| Necessario: | False |
| Accettare l'input della pipeline: | False |
| Accettare caratteri jolly: | False |
Output
Collabora con noi su GitHub
L'origine di questo contenuto è disponibile in GitHub, in cui è anche possibile creare ed esaminare i problemi e le richieste pull. Per ulteriori informazioni, vedere la guida per i collaboratori.
