Device Security Groups - List

참조

서비스:: Defender for Cloud

API 버전:: 2019-08-01

이 메서드를 사용하여 지정된 IoT Hub 리소스에 대한 디바이스 보안 그룹 목록을 가져옵니다.

GET https://management.azure.com/{resourceId}/providers/Microsoft.Security/deviceSecurityGroups?api-version=2019-08-01

URI 매개 변수

Name	In(다음 안에)	필수	형식	Description
resourceId	path	True	string	리소스의 식별자입니다.
api-version	query	True	string	작업에 대한 API 버전

응답

Name	형식	Description
200 OK	DeviceSecurityGroupList	그래
Other Status Codes	CloudError	작업이 실패한 이유를 설명하는 오류 응답입니다.

보안

azure_auth

Azure Active Directory OAuth2 Flow

형식: oauth2
Flow: implicit
권한 부여 URL: https://login.microsoftonline.com/common/oauth2/authorize

범위

Name	Description
user_impersonation	사용자 계정 가장

예제

List all device security groups for the specified IoT Hub resource

샘플 요청

GET https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub/providers/Microsoft.Security/deviceSecurityGroups?api-version=2019-08-01


/**
 * Samples for DeviceSecurityGroups List.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/security/resource-manager/Microsoft.Security/stable/2019-08-01/examples/DeviceSecurityGroups/
     * ListDeviceSecurityGroups_example.json
     */
    /**
     * Sample code: List all device security groups for the specified IoT Hub resource.
     * 
     * @param manager Entry point to SecurityManager.
     */
    public static void listAllDeviceSecurityGroupsForTheSpecifiedIoTHubResource(
        com.azure.resourcemanager.security.SecurityManager manager) {
        manager.deviceSecurityGroups().list(
            "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub",
            com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

package armsecurity_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/stable/2019-08-01/examples/DeviceSecurityGroups/ListDeviceSecurityGroups_example.json
func ExampleDeviceSecurityGroupsClient_NewListPager() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	pager := clientFactory.NewDeviceSecurityGroupsClient().NewListPager("subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub", nil)
	for pager.More() {
		page, err := pager.NextPage(ctx)
		if err != nil {
			log.Fatalf("failed to advance page: %v", err)
		}
		for _, v := range page.Value {
			// You could use page here. We use blank identifier for just demo purposes.
			_ = v
		}
		// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
		// page.DeviceSecurityGroupList = armsecurity.DeviceSecurityGroupList{
		// 	Value: []*armsecurity.DeviceSecurityGroup{
		// 		{
		// 			Name: to.Ptr("samplesecuritygroup"),
		// 			Type: to.Ptr("Microsoft.Security/deviceSecurityGroups"),
		// 			ID: to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub/providers/Microsoft.Security/deviceSecurityGroups/samplesecuritygroup"),
		// 			Properties: &armsecurity.DeviceSecurityGroupProperties{
		// 				AllowlistRules: []armsecurity.AllowlistCustomAlertRuleClassification{
		// 					&armsecurity.ConnectionToIPNotAllowed{
		// 						Description: to.Ptr("Get an alert when an outbound connection is created between your device and an ip that isn't allowed"),
		// 						DisplayName: to.Ptr("Outbound connection to an ip that isn't allowed"),
		// 						IsEnabled: to.Ptr(false),
		// 						RuleType: to.Ptr("ConnectionToIpNotAllowed"),
		// 						ValueType: to.Ptr(armsecurity.ValueTypeIPCidr),
		// 						AllowlistValues: []*string{
		// 						},
		// 					},
		// 					&armsecurity.LocalUserNotAllowed{
		// 						Description: to.Ptr("Get an alert when a local user that isn't allowed logins to the device"),
		// 						DisplayName: to.Ptr("Login by a local user that isn't allowed"),
		// 						IsEnabled: to.Ptr(false),
		// 						RuleType: to.Ptr("LocalUserNotAllowed"),
		// 						ValueType: to.Ptr(armsecurity.ValueTypeString),
		// 						AllowlistValues: []*string{
		// 						},
		// 					},
		// 					&armsecurity.ProcessNotAllowed{
		// 						Description: to.Ptr("Get an alert when a process that isn't allowed is executed"),
		// 						DisplayName: to.Ptr("Execution of a process that isn't allowed"),
		// 						IsEnabled: to.Ptr(false),
		// 						RuleType: to.Ptr("ProcessNotAllowed"),
		// 						ValueType: to.Ptr(armsecurity.ValueTypeString),
		// 						AllowlistValues: []*string{
		// 						},
		// 				}},
		// 				DenylistRules: []*armsecurity.DenylistCustomAlertRule{
		// 				},
		// 				ThresholdRules: []armsecurity.ThresholdCustomAlertRuleClassification{
		// 				},
		// 				TimeWindowRules: []armsecurity.TimeWindowCustomAlertRuleClassification{
		// 					&armsecurity.ActiveConnectionsNotInAllowedRange{
		// 						Description: to.Ptr("Get an alert when the number of active connections of a device in the time window is not in the allowed range"),
		// 						DisplayName: to.Ptr("Number of active connections is not in allowed range"),
		// 						IsEnabled: to.Ptr(false),
		// 						RuleType: to.Ptr("ActiveConnectionsNotInAllowedRange"),
		// 						MaxThreshold: to.Ptr[int32](0),
		// 						MinThreshold: to.Ptr[int32](0),
		// 						TimeWindowSize: to.Ptr("PT15M"),
		// 					},
		// 					&armsecurity.AmqpC2DMessagesNotInAllowedRange{
		// 						Description: to.Ptr("Get an alert when the number of cloud to device messages (AMQP protocol) in the time window is not in the allowed range"),
		// 						DisplayName: to.Ptr("Number of cloud to device messages (AMQP protocol) is not in allowed range"),
		// 						IsEnabled: to.Ptr(false),
		// 						RuleType: to.Ptr("AmqpC2DMessagesNotInAllowedRange"),
		// 						MaxThreshold: to.Ptr[int32](0),
		// 						MinThreshold: to.Ptr[int32](0),
		// 						TimeWindowSize: to.Ptr("PT15M"),
		// 					},
		// 					&armsecurity.MqttC2DMessagesNotInAllowedRange{
		// 						Description: to.Ptr("Get an alert when the number of cloud to device messages (MQTT protocol) in the time window is not in the allowed range"),
		// 						DisplayName: to.Ptr("Number of cloud to device messages (MQTT protocol) is not in allowed range"),
		// 						IsEnabled: to.Ptr(false),
		// 						RuleType: to.Ptr("MqttC2DMessagesNotInAllowedRange"),
		// 						MaxThreshold: to.Ptr[int32](0),
		// 						MinThreshold: to.Ptr[int32](0),
		// 						TimeWindowSize: to.Ptr("PT15M"),
		// 					},
		// 					&armsecurity.HTTPC2DMessagesNotInAllowedRange{
		// 						Description: to.Ptr("Get an alert when the number of cloud to device messages (HTTP protocol) in the time window is not in the allowed range"),
		// 						DisplayName: to.Ptr("Number of cloud to device messages (HTTP protocol) is not in allowed range"),
		// 						IsEnabled: to.Ptr(false),
		// 						RuleType: to.Ptr("HttpC2DMessagesNotInAllowedRange"),
		// 						MaxThreshold: to.Ptr[int32](0),
		// 						MinThreshold: to.Ptr[int32](0),
		// 						TimeWindowSize: to.Ptr("PT15M"),
		// 					},
		// 					&armsecurity.AmqpC2DRejectedMessagesNotInAllowedRange{
		// 						Description: to.Ptr("Get an alert when the number of cloud to device messages (AMQP protocol) that were rejected by the device in the time window is not in the allowed range"),
		// 						DisplayName: to.Ptr("Number of rejected cloud to device messages (AMQP protocol) is not in allowed range"),
		// 						IsEnabled: to.Ptr(false),
		// 						RuleType: to.Ptr("AmqpC2DRejectedMessagesNotInAllowedRange"),
		// 						MaxThreshold: to.Ptr[int32](0),
		// 						MinThreshold: to.Ptr[int32](0),
		// 						TimeWindowSize: to.Ptr("PT15M"),
		// 					},
		// 					&armsecurity.MqttC2DRejectedMessagesNotInAllowedRange{
		// 						Description: to.Ptr("Get an alert when the number of cloud to device messages (MQTT protocol) that were rejected by the device in the time window is not in the allowed range"),
		// 						DisplayName: to.Ptr("Number of rejected cloud to device messages (MQTT protocol) is not in allowed range"),
		// 						IsEnabled: to.Ptr(false),
		// 						RuleType: to.Ptr("MqttC2DRejectedMessagesNotInAllowedRange"),
		// 						MaxThreshold: to.Ptr[int32](0),
		// 						MinThreshold: to.Ptr[int32](0),
		// 						TimeWindowSize: to.Ptr("PT15M"),
		// 					},
		// 					&armsecurity.HTTPC2DRejectedMessagesNotInAllowedRange{
		// 						Description: to.Ptr("Get an alert when the number of cloud to device messages (HTTP protocol) that were rejected by the device in the time window is not in the allowed range"),
		// 						DisplayName: to.Ptr("Number of rejected cloud to device messages (HTTP protocol) is not in allowed range"),
		// 						IsEnabled: to.Ptr(false),
		// 						RuleType: to.Ptr("HttpC2DRejectedMessagesNotInAllowedRange"),
		// 						MaxThreshold: to.Ptr[int32](0),
		// 						MinThreshold: to.Ptr[int32](0),
		// 						TimeWindowSize: to.Ptr("PT15M"),
		// 					},
		// 					&armsecurity.AmqpD2CMessagesNotInAllowedRange{
		// 						Description: to.Ptr("Get an alert when the number of device to cloud messages (AMQP protocol) in the time window is not in the allowed range"),
		// 						DisplayName: to.Ptr("Number of device to cloud messages (AMQP protocol) is not in allowed range"),
		// 						IsEnabled: to.Ptr(false),
		// 						RuleType: to.Ptr("AmqpD2CMessagesNotInAllowedRange"),
		// 						MaxThreshold: to.Ptr[int32](0),
		// 						MinThreshold: to.Ptr[int32](0),
		// 						TimeWindowSize: to.Ptr("PT15M"),
		// 					},
		// 					&armsecurity.MqttD2CMessagesNotInAllowedRange{
		// 						Description: to.Ptr("Get an alert when the number of device to cloud messages (MQTT protocol) in the time window is not in the allowed range"),
		// 						DisplayName: to.Ptr("Number of device to cloud messages (MQTT protocol) is not in allowed range"),
		// 						IsEnabled: to.Ptr(false),
		// 						RuleType: to.Ptr("MqttD2CMessagesNotInAllowedRange"),
		// 						MaxThreshold: to.Ptr[int32](0),
		// 						MinThreshold: to.Ptr[int32](0),
		// 						TimeWindowSize: to.Ptr("PT15M"),
		// 					},
		// 					&armsecurity.HTTPD2CMessagesNotInAllowedRange{
		// 						Description: to.Ptr("Get an alert when the number of device to cloud messages (HTTP protocol) in the time window is not in the allowed range"),
		// 						DisplayName: to.Ptr("Number of device to cloud messages (HTTP protocol) is not in allowed range"),
		// 						IsEnabled: to.Ptr(false),
		// 						RuleType: to.Ptr("HttpD2CMessagesNotInAllowedRange"),
		// 						MaxThreshold: to.Ptr[int32](0),
		// 						MinThreshold: to.Ptr[int32](0),
		// 						TimeWindowSize: to.Ptr("PT15M"),
		// 					},
		// 					&armsecurity.DirectMethodInvokesNotInAllowedRange{
		// 						Description: to.Ptr("Get an alert when the number of direct method invokes in the time window is not in the allowed range"),
		// 						DisplayName: to.Ptr("Number of direct method invokes is not in allowed range"),
		// 						IsEnabled: to.Ptr(false),
		// 						RuleType: to.Ptr("DirectMethodInvokesNotInAllowedRange"),
		// 						MaxThreshold: to.Ptr[int32](0),
		// 						MinThreshold: to.Ptr[int32](0),
		// 						TimeWindowSize: to.Ptr("PT15M"),
		// 					},
		// 					&armsecurity.FailedLocalLoginsNotInAllowedRange{
		// 						Description: to.Ptr("Get an alert when the number of failed local logins on the device in the time window is not in the allowed range"),
		// 						DisplayName: to.Ptr("Number of failed local logins is not in allowed range"),
		// 						IsEnabled: to.Ptr(false),
		// 						RuleType: to.Ptr("FailedLocalLoginsNotInAllowedRange"),
		// 						MaxThreshold: to.Ptr[int32](0),
		// 						MinThreshold: to.Ptr[int32](0),
		// 						TimeWindowSize: to.Ptr("PT15M"),
		// 					},
		// 					&armsecurity.FileUploadsNotInAllowedRange{
		// 						Description: to.Ptr("Get an alert when the number of file uploads from the device to the cloud in the time window is not in the allowed range"),
		// 						DisplayName: to.Ptr("Number of file uploads is not in allowed range"),
		// 						IsEnabled: to.Ptr(false),
		// 						RuleType: to.Ptr("FileUploadsNotInAllowedRange"),
		// 						MaxThreshold: to.Ptr[int32](0),
		// 						MinThreshold: to.Ptr[int32](0),
		// 						TimeWindowSize: to.Ptr("PT15M"),
		// 					},
		// 					&armsecurity.QueuePurgesNotInAllowedRange{
		// 						Description: to.Ptr("Get an alert when the number of device queue purges in the time window is not in the allowed range"),
		// 						DisplayName: to.Ptr("Number of device queue purges is not in allowed range"),
		// 						IsEnabled: to.Ptr(false),
		// 						RuleType: to.Ptr("QueuePurgesNotInAllowedRange"),
		// 						MaxThreshold: to.Ptr[int32](0),
		// 						MinThreshold: to.Ptr[int32](0),
		// 						TimeWindowSize: to.Ptr("PT15M"),
		// 					},
		// 					&armsecurity.TwinUpdatesNotInAllowedRange{
		// 						Description: to.Ptr("Get an alert when the number of twin updates (by the device or the service) in the time window is not in the allowed range"),
		// 						DisplayName: to.Ptr("Number of twin updates is not in allowed range"),
		// 						IsEnabled: to.Ptr(false),
		// 						RuleType: to.Ptr("TwinUpdatesNotInAllowedRange"),
		// 						MaxThreshold: to.Ptr[int32](0),
		// 						MinThreshold: to.Ptr[int32](0),
		// 						TimeWindowSize: to.Ptr("PT15M"),
		// 					},
		// 					&armsecurity.UnauthorizedOperationsNotInAllowedRange{
		// 						Description: to.Ptr("Get an alert when the number unauthorized operations in the time window is not in the allowed range. Unauthorized operations are operations that affect the device (or done by it) that fail because of an unauthorized error"),
		// 						DisplayName: to.Ptr("Number of unauthorized operations is not in allowed range"),
		// 						IsEnabled: to.Ptr(false),
		// 						RuleType: to.Ptr("UnauthorizedOperationsNotInAllowedRange"),
		// 						MaxThreshold: to.Ptr[int32](0),
		// 						MinThreshold: to.Ptr[int32](0),
		// 						TimeWindowSize: to.Ptr("PT15M"),
		// 				}},
		// 			},
		// 	}},
		// }
	}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Use this method get the list of device security groups for the specified IoT Hub resource.
 *
 * @summary Use this method get the list of device security groups for the specified IoT Hub resource.
 * x-ms-original-file: specification/security/resource-manager/Microsoft.Security/stable/2019-08-01/examples/DeviceSecurityGroups/ListDeviceSecurityGroups_example.json
 */
async function listAllDeviceSecurityGroupsForTheSpecifiedIoTHubResource() {
  const resourceId =
    "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub";
  const credential = new DefaultAzureCredential();
  const client = new SecurityCenter(credential);
  const resArray = new Array();
  for await (let item of client.deviceSecurityGroups.list(resourceId)) {
    resArray.push(item);
  }
  console.log(resArray);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

using System;
using System.Threading.Tasks;
using System.Xml;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.SecurityCenter;
using Azure.ResourceManager.SecurityCenter.Models;

// Generated from example definition: specification/security/resource-manager/Microsoft.Security/stable/2019-08-01/examples/DeviceSecurityGroups/ListDeviceSecurityGroups_example.json
// this example is just showing the usage of "DeviceSecurityGroups_List" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this ArmResource created on azure
// for more information of creating ArmResource, please refer to the document of ArmResource

// get the collection of this DeviceSecurityGroupResource
string resourceId = "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub";
ResourceIdentifier scopeId = new ResourceIdentifier(string.Format("/{0}", resourceId));
DeviceSecurityGroupCollection collection = client.GetDeviceSecurityGroups(scopeId);

// invoke the operation and iterate over the result
await foreach (DeviceSecurityGroupResource item in collection.GetAllAsync())
{
    // the variable item is a resource, you could call other operations on this instance as well
    // but just for demo, we get its data from this resource instance
    DeviceSecurityGroupData resourceData = item.Data;
    // for demo we just print out the id
    Console.WriteLine($"Succeeded on id: {resourceData.Id}");
}

Console.WriteLine($"Succeeded");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

샘플 응답

상태 코드:: 200

{
  "value": [
    {
      "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub/providers/Microsoft.Security/deviceSecurityGroups/samplesecuritygroup",
      "name": "samplesecuritygroup",
      "type": "Microsoft.Security/deviceSecurityGroups",
      "properties": {
        "thresholdRules": [],
        "timeWindowRules": [
          {
            "ruleType": "ActiveConnectionsNotInAllowedRange",
            "displayName": "Number of active connections is not in allowed range",
            "description": "Get an alert when the number of active connections of a device in the time window is not in the allowed range",
            "isEnabled": false,
            "minThreshold": 0,
            "maxThreshold": 0,
            "timeWindowSize": "PT15M"
          },
          {
            "ruleType": "AmqpC2DMessagesNotInAllowedRange",
            "displayName": "Number of cloud to device messages (AMQP protocol) is not in allowed range",
            "description": "Get an alert when the number of cloud to device messages (AMQP protocol) in the time window is not in the allowed range",
            "isEnabled": false,
            "minThreshold": 0,
            "maxThreshold": 0,
            "timeWindowSize": "PT15M"
          },
          {
            "ruleType": "MqttC2DMessagesNotInAllowedRange",
            "displayName": "Number of cloud to device messages (MQTT protocol) is not in allowed range",
            "description": "Get an alert when the number of cloud to device messages (MQTT protocol) in the time window is not in the allowed range",
            "isEnabled": false,
            "minThreshold": 0,
            "maxThreshold": 0,
            "timeWindowSize": "PT15M"
          },
          {
            "ruleType": "HttpC2DMessagesNotInAllowedRange",
            "displayName": "Number of cloud to device messages (HTTP protocol) is not in allowed range",
            "description": "Get an alert when the number of cloud to device messages (HTTP protocol) in the time window is not in the allowed range",
            "isEnabled": false,
            "minThreshold": 0,
            "maxThreshold": 0,
            "timeWindowSize": "PT15M"
          },
          {
            "ruleType": "AmqpC2DRejectedMessagesNotInAllowedRange",
            "displayName": "Number of rejected cloud to device messages (AMQP protocol) is not in allowed range",
            "description": "Get an alert when the number of cloud to device messages (AMQP protocol) that were rejected by the device in the time window is not in the allowed range",
            "isEnabled": false,
            "minThreshold": 0,
            "maxThreshold": 0,
            "timeWindowSize": "PT15M"
          },
          {
            "ruleType": "MqttC2DRejectedMessagesNotInAllowedRange",
            "displayName": "Number of rejected cloud to device messages (MQTT protocol) is not in allowed range",
            "description": "Get an alert when the number of cloud to device messages (MQTT protocol) that were rejected by the device in the time window is not in the allowed range",
            "isEnabled": false,
            "minThreshold": 0,
            "maxThreshold": 0,
            "timeWindowSize": "PT15M"
          },
          {
            "ruleType": "HttpC2DRejectedMessagesNotInAllowedRange",
            "displayName": "Number of rejected cloud to device messages (HTTP protocol) is not in allowed range",
            "description": "Get an alert when the number of cloud to device messages (HTTP protocol) that were rejected by the device in the time window is not in the allowed range",
            "isEnabled": false,
            "minThreshold": 0,
            "maxThreshold": 0,
            "timeWindowSize": "PT15M"
          },
          {
            "ruleType": "AmqpD2CMessagesNotInAllowedRange",
            "displayName": "Number of device to cloud messages (AMQP protocol) is not in allowed range",
            "description": "Get an alert when the number of device to cloud messages (AMQP protocol) in the time window is not in the allowed range",
            "isEnabled": false,
            "minThreshold": 0,
            "maxThreshold": 0,
            "timeWindowSize": "PT15M"
          },
          {
            "ruleType": "MqttD2CMessagesNotInAllowedRange",
            "displayName": "Number of device to cloud messages (MQTT protocol) is not in allowed range",
            "description": "Get an alert when the number of device to cloud messages (MQTT protocol) in the time window is not in the allowed range",
            "isEnabled": false,
            "minThreshold": 0,
            "maxThreshold": 0,
            "timeWindowSize": "PT15M"
          },
          {
            "ruleType": "HttpD2CMessagesNotInAllowedRange",
            "displayName": "Number of device to cloud messages (HTTP protocol) is not in allowed range",
            "description": "Get an alert when the number of device to cloud messages (HTTP protocol) in the time window is not in the allowed range",
            "isEnabled": false,
            "minThreshold": 0,
            "maxThreshold": 0,
            "timeWindowSize": "PT15M"
          },
          {
            "ruleType": "DirectMethodInvokesNotInAllowedRange",
            "displayName": "Number of direct method invokes is not in allowed range",
            "description": "Get an alert when the number of direct method invokes in the time window is not in the allowed range",
            "isEnabled": false,
            "minThreshold": 0,
            "maxThreshold": 0,
            "timeWindowSize": "PT15M"
          },
          {
            "ruleType": "FailedLocalLoginsNotInAllowedRange",
            "displayName": "Number of failed local logins is not in allowed range",
            "description": "Get an alert when the number of failed local logins on the device in the time window is not in the allowed range",
            "isEnabled": false,
            "minThreshold": 0,
            "maxThreshold": 0,
            "timeWindowSize": "PT15M"
          },
          {
            "ruleType": "FileUploadsNotInAllowedRange",
            "displayName": "Number of file uploads is not in allowed range",
            "description": "Get an alert when the number of file uploads from the device to the cloud in the time window is not in the allowed range",
            "isEnabled": false,
            "minThreshold": 0,
            "maxThreshold": 0,
            "timeWindowSize": "PT15M"
          },
          {
            "ruleType": "QueuePurgesNotInAllowedRange",
            "displayName": "Number of device queue purges is not in allowed range",
            "description": "Get an alert when the number of device queue purges in the time window is not in the allowed range",
            "isEnabled": false,
            "minThreshold": 0,
            "maxThreshold": 0,
            "timeWindowSize": "PT15M"
          },
          {
            "ruleType": "TwinUpdatesNotInAllowedRange",
            "displayName": "Number of twin updates is not in allowed range",
            "description": "Get an alert when the number of twin updates (by the device or the service) in the time window is not in the allowed range",
            "isEnabled": false,
            "minThreshold": 0,
            "maxThreshold": 0,
            "timeWindowSize": "PT15M"
          },
          {
            "ruleType": "UnauthorizedOperationsNotInAllowedRange",
            "displayName": "Number of unauthorized operations is not in allowed range",
            "description": "Get an alert when the number unauthorized operations in the time window is not in the allowed range. Unauthorized operations are operations that affect the device (or done by it) that fail because of an unauthorized error",
            "isEnabled": false,
            "minThreshold": 0,
            "maxThreshold": 0,
            "timeWindowSize": "PT15M"
          }
        ],
        "allowlistRules": [
          {
            "ruleType": "ConnectionToIpNotAllowed",
            "displayName": "Outbound connection to an ip that isn't allowed",
            "description": "Get an alert when an outbound connection is created between your device and an ip that isn't allowed",
            "isEnabled": false,
            "valueType": "IpCidr",
            "allowlistValues": []
          },
          {
            "ruleType": "LocalUserNotAllowed",
            "displayName": "Login by a local user that isn't allowed",
            "description": "Get an alert when a local user that isn't allowed logins to the device",
            "isEnabled": false,
            "valueType": "String",
            "allowlistValues": []
          },
          {
            "ruleType": "ProcessNotAllowed",
            "displayName": "Execution of a process that isn't allowed",
            "description": "Get an alert when a process that isn't allowed is executed",
            "isEnabled": false,
            "valueType": "String",
            "allowlistValues": []
          }
        ],
        "denylistRules": []
      }
    }
  ]
}

정의

Name	Description
AllowlistCustomAlertRule	값(사용자 지정 경고 유형에 따라 다름)이 허용되는지 확인하는 사용자 지정 경고 규칙입니다.
CloudError	실패한 작업에 대한 오류 세부 정보를 반환하는 모든 Azure Resource Manager API에 대한 일반적인 오류 응답입니다. 또한 OData 오류 응답 형식을 따릅니다.
CloudErrorBody	오류 세부 정보입니다.
DenylistCustomAlertRule	값(사용자 지정 경고 유형에 따라 다름)이 거부되었는지 확인하는 사용자 지정 경고 규칙입니다.
DeviceSecurityGroup	디바이스 보안 그룹 리소스
DeviceSecurityGroupList	디바이스 보안 그룹 목록
ErrorAdditionalInfo	리소스 관리 오류 추가 정보입니다.
ThresholdCustomAlertRule	값(사용자 지정 경고 유형에 따라 다름)이 지정된 범위 내에 있는지 확인하는 사용자 지정 경고 규칙입니다.
TimeWindowCustomAlertRule	시간 창의 활동 수(사용자 지정 경고 유형에 따라 다름)가 지정된 범위 내에 있는지 확인하는 사용자 지정 경고 규칙입니다.
valueType	목록에 있는 항목의 값 형식입니다.

AllowlistCustomAlertRule

값(사용자 지정 경고 유형에 따라 다름)이 허용되는지 확인하는 사용자 지정 경고 규칙입니다.

Name	형식	Description
allowlistValues	string[]	허용할 값입니다. 값의 형식은 규칙 형식에 따라 달라집니다.
description	string	사용자 지정 경고에 대한 설명입니다.
displayName	string	사용자 지정 경고의 표시 이름입니다.
isEnabled	boolean	사용자 지정 경고의 상태입니다.
ruleType	string	사용자 지정 경고 규칙의 형식입니다.
valueType	valueType	목록에 있는 항목의 값 형식입니다.

CloudError

실패한 작업에 대한 오류 세부 정보를 반환하는 모든 Azure Resource Manager API에 대한 일반적인 오류 응답입니다. 또한 OData 오류 응답 형식을 따릅니다.

Name	형식	Description
error.additionalInfo	ErrorAdditionalInfo[]	오류 추가 정보입니다.
error.code	string	오류 코드입니다.
error.details	CloudErrorBody[]	오류 세부 정보입니다.
error.message	string	오류 메시지입니다.
error.target	string	오류 대상입니다.

CloudErrorBody

오류 세부 정보입니다.

Name	형식	Description
additionalInfo	ErrorAdditionalInfo[]	오류 추가 정보입니다.
code	string	오류 코드입니다.
details	CloudErrorBody[]	오류 세부 정보입니다.
message	string	오류 메시지입니다.
target	string	오류 대상입니다.

DenylistCustomAlertRule

값(사용자 지정 경고 유형에 따라 다름)이 거부되었는지 확인하는 사용자 지정 경고 규칙입니다.

Name	형식	Description
denylistValues	string[]	거부할 값입니다. 값의 형식은 규칙 형식에 따라 달라집니다.
description	string	사용자 지정 경고에 대한 설명입니다.
displayName	string	사용자 지정 경고의 표시 이름입니다.
isEnabled	boolean	사용자 지정 경고의 상태입니다.
ruleType	string	사용자 지정 경고 규칙의 형식입니다.
valueType	valueType	목록에 있는 항목의 값 형식입니다.