Security Connector Application - Create Or Update

참조

서비스:: Defender for Cloud

API 버전:: 2022-07-01-preview

지정된 보안 커넥터에서 보안 애플리케이션을 만들거나 업데이트합니다.

PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/providers/Microsoft.Security/applications/{applicationId}?api-version=2022-07-01-preview

URI 매개 변수

Name	In(다음 안에)	필수	형식	Description
applicationId	path	True	string	보안 애플리케이션 키 - 표준 애플리케이션에 대한 고유 키
resourceGroupName	path	True	string	사용자의 구독 내에 있는 리소스 그룹의 이름입니다. 이름은 대/소문자를 구분하지 않습니다. regex 패턴: `^[-\w\._]+$`
securityConnectorName	path	True	string	보안 커넥터 이름입니다.
subscriptionId	path	True	string	Azure 구독 ID regex 패턴: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`
api-version	query	True	string	작업에 대한 API 버전

요청 본문

Name	필수	형식	Description
properties.conditionSets	True	ApplicationCondition[]	애플리케이션 조건 집합 - 예제 참조
properties.sourceResourceType	True	ApplicationSourceResourceType	애플리케이션 원본, 영향을 미치는 내용(예: 평가)
properties.description		string	애플리케이션에 대한 설명
properties.displayName		string	애플리케이션의 표시 이름

응답

Name	형식	Description
200 OK	Application	확인 - 업데이트됨
201 Created	Application	만든
Other Status Codes	CloudError	작업이 실패한 이유를 설명하는 오류 응답

보안

azure_auth

Azure Active Directory OAuth2 Flow

형식: oauth2
Flow: implicit
권한 부여 URL: https://login.microsoftonline.com/common/oauth2/authorize

범위

Name	Description
user_impersonation	사용자 계정 가장

예제

Create Application

샘플 요청

PUT https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector/providers/Microsoft.Security/applications/ad9a8e26-29d9-4829-bb30-e597a58cdbb8?api-version=2022-07-01-preview

{
  "properties": {
    "displayName": "GCP Admin's application",
    "description": "An application on critical GCP recommendations",
    "sourceResourceType": "Assessments",
    "conditionSets": [
      {
        "conditions": [
          {
            "property": "$.Id",
            "value": "-prod-",
            "operator": "contains"
          }
        ]
      }
    ]
  }
}


import com.azure.core.management.serializer.SerializerFactory;
import com.azure.core.util.serializer.SerializerEncoding;
import com.azure.resourcemanager.security.fluent.models.ApplicationInner;
import com.azure.resourcemanager.security.models.ApplicationSourceResourceType;
import java.io.IOException;
import java.util.Arrays;

/**
 * Samples for SecurityConnectorApplicationOperation CreateOrUpdate.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/security/resource-manager/Microsoft.Security/preview/2022-07-01-preview/examples/Applications/
     * PutSecurityConnectorApplication_example.json
     */
    /**
     * Sample code: Create Application.
     * 
     * @param manager Entry point to SecurityManager.
     */
    public static void createApplication(com.azure.resourcemanager.security.SecurityManager manager)
        throws IOException {
        manager.securityConnectorApplicationOperations().createOrUpdateWithResponse("gcpResourceGroup", "gcpconnector",
            "ad9a8e26-29d9-4829-bb30-e597a58cdbb8",
            new ApplicationInner().withDisplayName("GCP Admin's application")
                .withDescription("An application on critical GCP recommendations")
                .withSourceResourceType(ApplicationSourceResourceType.ASSESSMENTS).withConditionSets(
                    Arrays.asList(SerializerFactory.createDefaultManagementSerializerAdapter().deserialize(
                        "{\"conditions\":[{\"operator\":\"contains\",\"property\":\"$.Id\",\"value\":\"-prod-\"}]}",
                        Object.class, SerializerEncoding.JSON))),
            com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

package armsecurity_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/preview/2022-07-01-preview/examples/Applications/PutSecurityConnectorApplication_example.json
func ExampleConnectorApplicationClient_CreateOrUpdate() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	res, err := clientFactory.NewConnectorApplicationClient().CreateOrUpdate(ctx, "gcpResourceGroup", "gcpconnector", "ad9a8e26-29d9-4829-bb30-e597a58cdbb8", armsecurity.Application{
		Properties: &armsecurity.ApplicationProperties{
			Description: to.Ptr("An application on critical GCP recommendations"),
			ConditionSets: []any{
				map[string]any{
					"conditions": []any{
						map[string]any{
							"operator": "contains",
							"property": "$.Id",
							"value":    "-prod-",
						},
					},
				}},
			DisplayName:        to.Ptr("GCP Admin's application"),
			SourceResourceType: to.Ptr(armsecurity.ApplicationSourceResourceTypeAssessments),
		},
	}, nil)
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
	// You could use response here. We use blank identifier for just demo purposes.
	_ = res
	// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
	// res.Application = armsecurity.Application{
	// 	Name: to.Ptr("1f3afdf9-d0c9-4c3d-847f-89da613e70a8"),
	// 	Type: to.Ptr("Microsoft.Security/applications"),
	// 	ID: to.Ptr("subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector/providers/Microsoft.Security/applications/ad9a8e26-29d9-4829-bb30-e597a58cdbb8"),
	// 	Properties: &armsecurity.ApplicationProperties{
	// 		Description: to.Ptr("An application on critical GCP recommendations"),
	// 		ConditionSets: []any{
	// 			map[string]any{
	// 				"conditions":[]any{
	// 					map[string]any{
	// 						"operator": "contains",
	// 						"property": "$.Id",
	// 						"value": "-bil-",
	// 					},
	// 				},
	// 		}},
	// 		DisplayName: to.Ptr("GCP Admin's application"),
	// 		SourceResourceType: to.Ptr(armsecurity.ApplicationSourceResourceTypeAssessments),
	// 	},
	// }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Creates or update a security Application on the given security connector.
 *
 * @summary Creates or update a security Application on the given security connector.
 * x-ms-original-file: specification/security/resource-manager/Microsoft.Security/preview/2022-07-01-preview/examples/Applications/PutSecurityConnectorApplication_example.json
 */
async function createApplication() {
  const subscriptionId =
    process.env["SECURITY_SUBSCRIPTION_ID"] || "20ff7fc3-e762-44dd-bd96-b71116dcdc23";
  const resourceGroupName = process.env["SECURITY_RESOURCE_GROUP"] || "gcpResourceGroup";
  const securityConnectorName = "gcpconnector";
  const applicationId = "ad9a8e26-29d9-4829-bb30-e597a58cdbb8";
  const application = {
    description: "An application on critical GCP recommendations",
    conditionSets: [
      {
        conditions: [{ operator: "contains", property: "$.Id", value: "-prod-" }],
      },
    ],
    displayName: "GCP Admin's application",
    sourceResourceType: "Assessments",
  };
  const credential = new DefaultAzureCredential();
  const client = new SecurityCenter(credential, subscriptionId);
  const result = await client.securityConnectorApplication.createOrUpdate(
    resourceGroupName,
    securityConnectorName,
    applicationId,
    application,
  );
  console.log(result);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.SecurityCenter;
using Azure.ResourceManager.SecurityCenter.Models;

// Generated from example definition: specification/security/resource-manager/Microsoft.Security/preview/2022-07-01-preview/examples/Applications/PutSecurityConnectorApplication_example.json
// this example is just showing the usage of "SecurityConnectorApplications_CreateOrUpdate" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this SecurityConnectorApplicationResource created on azure
// for more information of creating SecurityConnectorApplicationResource, please refer to the document of SecurityConnectorApplicationResource
string subscriptionId = "20ff7fc3-e762-44dd-bd96-b71116dcdc23";
string resourceGroupName = "gcpResourceGroup";
string securityConnectorName = "gcpconnector";
string applicationId = "ad9a8e26-29d9-4829-bb30-e597a58cdbb8";
ResourceIdentifier securityConnectorApplicationResourceId = SecurityConnectorApplicationResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, securityConnectorName, applicationId);
SecurityConnectorApplicationResource securityConnectorApplication = client.GetSecurityConnectorApplicationResource(securityConnectorApplicationResourceId);

// invoke the operation
SecurityApplicationData data = new SecurityApplicationData()
{
    DisplayName = "GCP Admin's application",
    Description = "An application on critical GCP recommendations",
    SourceResourceType = ApplicationSourceResourceType.Assessments,
    ConditionSets =
    {
    BinaryData.FromObjectAsJson(new Dictionary<string, object>()
    {
    ["conditions"] = new object[] { new Dictionary<string, object>()
    {
    ["operator"] = "contains",
    ["property"] = "$.Id",
    ["value"] = "-prod-"} }})
    },
};
ArmOperation<SecurityConnectorApplicationResource> lro = await securityConnectorApplication.UpdateAsync(WaitUntil.Completed, data);
SecurityConnectorApplicationResource result = lro.Value;

// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
SecurityApplicationData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

샘플 응답

상태 코드:: 200

{
  "id": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector/providers/Microsoft.Security/applications/ad9a8e26-29d9-4829-bb30-e597a58cdbb8",
  "name": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
  "type": "Microsoft.Security/applications",
  "properties": {
    "displayName": "GCP Admin's application",
    "description": "An application on critical GCP recommendations",
    "sourceResourceType": "Assessments",
    "conditionSets": [
      {
        "conditions": [
          {
            "property": "$.Id",
            "value": "-bil-",
            "operator": "contains"
          }
        ]
      }
    ]
  }
}

상태 코드:: 201

{
  "id": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector/providers/Microsoft.Security/applications/ad9a8e26-29d9-4829-bb30-e597a58cdbb8",
  "name": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8",
  "type": "Microsoft.Security/applications",
  "properties": {
    "displayName": "GCP Admin's application",
    "description": "An application on critical GCP recommendations",
    "sourceResourceType": "Assessments",
    "conditionSets": [
      {
        "conditions": [
          {
            "property": "$.Id",
            "value": "-pricing-",
            "operator": "contains"
          }
        ]
      }
    ]
  }
}

정의

Name	Description
Application	지정된 범위에 대한 보안 애플리케이션
ApplicationCondition	애플리케이션의 조건
ApplicationConditionOperator	애플리케이션 조건의 연산자(예: ID에 대한 포함 또는 가능한 ID 목록에 대한 In 포함)는 예제를 참조하세요.
ApplicationSourceResourceType	애플리케이션 원본, 영향을 미치는 내용(예: 평가)
CloudError	실패한 작업에 대한 오류 세부 정보를 반환하는 모든 Azure Resource Manager API에 대한 일반적인 오류 응답입니다. 또한 OData 오류 응답 형식을 따릅니다.
CloudErrorBody	오류 세부 정보입니다.
ErrorAdditionalInfo	리소스 관리 오류 추가 정보입니다.

Application

지정된 범위에 대한 보안 애플리케이션

Name	형식	Description
id	string	리소스 ID
name	string	리소스 이름
properties.conditionSets	ApplicationCondition[]	애플리케이션 조건 집합 - 예제 참조
properties.description	string	애플리케이션에 대한 설명
properties.displayName	string	애플리케이션의 표시 이름
properties.sourceResourceType	ApplicationSourceResourceType	애플리케이션 원본, 영향을 미치는 내용(예: 평가)
type	string	리소스 종류

ApplicationCondition

애플리케이션의 조건

Name	형식	Description
operator	ApplicationConditionOperator	애플리케이션 조건의 연산자(예: ID에 대한 포함 또는 가능한 ID 목록에 대한 In 포함)는 예제를 참조하세요.
property	string	애플리케이션 조건의 속성(예: ID)은 예제를 참조하세요.
value	string	일부 문자열을 포함하는 ID와 같은 애플리케이션 조건의 값은 예제를 참조하세요.

ApplicationConditionOperator

애플리케이션 조건의 연산자(예: ID에 대한 포함 또는 가능한 ID 목록에 대한 In 포함)는 예제를 참조하세요.

Name	형식	Description
Contains	string	속성에 정의된 데이터의 문자열 값에 지정된 값이 포함되어 있는지 확인합니다.
Equals	string	속성에 정의된 데이터의 문자열 값이 지정된 값과 같은지 확인합니다.
In	string	속성에 정의된 데이터의 문자열 값이 지정된 값(정확한 맞춤)과 같은지 확인합니다.

ApplicationSourceResourceType

애플리케이션 원본, 영향을 미치는 내용(예: 평가)

Name	형식	Description
Assessments	string	애플리케이션의 원본은 평가입니다.

CloudError

실패한 작업에 대한 오류 세부 정보를 반환하는 모든 Azure Resource Manager API에 대한 일반적인 오류 응답입니다. 또한 OData 오류 응답 형식을 따릅니다.

Name	형식	Description
error.additionalInfo	ErrorAdditionalInfo[]	오류 추가 정보입니다.
error.code	string	오류 코드입니다.
error.details	CloudErrorBody[]	오류 세부 정보입니다.
error.message	string	오류 메시지입니다.
error.target	string	오류 대상입니다.

CloudErrorBody

오류 세부 정보입니다.

Name	형식	Description
additionalInfo	ErrorAdditionalInfo[]	오류 추가 정보입니다.
code	string	오류 코드입니다.
details	CloudErrorBody[]	오류 세부 정보입니다.
message	string	오류 메시지입니다.
target	string	오류 대상입니다.

ErrorAdditionalInfo

리소스 관리 오류 추가 정보입니다.

Name	형식	Description
info	object	추가 정보입니다.
type	string	추가 정보 유형입니다.

다음을 통해 공유

Security Connector Application - Create Or Update

URI 매개 변수

요청 본문

응답

보안

azure_auth

범위

예제

Create Application

샘플 요청

샘플 응답

정의

Application

ApplicationCondition

ApplicationConditionOperator

ApplicationSourceResourceType

CloudError

CloudErrorBody

ErrorAdditionalInfo

추가 리소스