创建或更新安全自动化。 如果已创建安全自动化,并且针对同一自动化 ID 发出后续请求,则会对其进行更新。
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/automations/{automationName}?api-version=2023-12-01-preview
URI 参数
名称 |
在 |
必需 |
类型 |
说明 |
automationName
|
path |
True
|
string
|
安全自动化名称。
|
resourceGroupName
|
path |
True
|
string
|
用户订阅中的资源组的名称。 名称不区分大小写。
正则表达式模式: ^[-\w\._\(\)]+$
|
subscriptionId
|
path |
True
|
string
|
Azure 订阅 ID
正则表达式模式: ^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$
|
api-version
|
query |
True
|
string
|
操作的 API 版本
|
请求正文
名称 |
类型 |
说明 |
etag
|
string
|
实体标记用于比较同一请求资源的两个或多个实体。
|
kind
|
string
|
资源类型
|
location
|
string
|
存储资源的位置
|
properties.actions
|
AutomationAction[]:
|
如果至少一个规则集中所有已配置的规则评估均为 true,则触发的操作集合。
|
properties.description
|
string
|
安全自动化说明。
|
properties.isEnabled
|
boolean
|
指示是否启用安全自动化。
|
properties.scopes
|
AutomationScope[]
|
应用安全自动化逻辑的范围集合。 支持的范围是订阅本身或该订阅下的资源组。 自动化仅适用于定义的范围。
|
properties.sources
|
AutomationSource[]
|
评估安全自动化规则集的源事件类型的集合。
|
tags
|
object
|
描述资源的键值对的列表。
|
响应
安全性
azure_auth
Azure Active Directory OAuth2 Flow
类型:
oauth2
流向:
implicit
授权 URL:
https://login.microsoftonline.com/common/oauth2/authorize
作用域
名称 |
说明 |
user_impersonation
|
模拟用户帐户
|
示例
Create or update a security automation for all assessments (including all severities)
示例请求
PUT https://management.azure.com/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/exampleResourceGroup/providers/Microsoft.Security/automations/exampleAutomation?api-version=2023-12-01-preview
{
"location": "Central US",
"etag": "etag value (must be supplied for update)",
"tags": {},
"properties": {
"description": "An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment",
"isEnabled": true,
"scopes": [
{
"description": "A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5",
"scopePath": "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup"
}
],
"sources": [
{
"eventSource": "Assessments"
}
],
"actions": [
{
"logicAppResourceId": "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
"actionType": "LogicApp",
"uri": "https://exampleTriggerUri1.com"
}
]
}
}
import com.azure.resourcemanager.security.models.AutomationActionLogicApp;
import com.azure.resourcemanager.security.models.AutomationScope;
import com.azure.resourcemanager.security.models.AutomationSource;
import com.azure.resourcemanager.security.models.EventSource;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for Automations CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/security/resource-manager/Microsoft.Security/preview/2023-12-01-preview/examples/Automations/
* PutAutomationAllAssessments_example.json
*/
/**
* Sample code: Create or update a security automation for all assessments (including all severities).
*
* @param manager Entry point to SecurityManager.
*/
public static void createOrUpdateASecurityAutomationForAllAssessmentsIncludingAllSeverities(
com.azure.resourcemanager.security.SecurityManager manager) {
manager.automations().define("exampleAutomation").withRegion("Central US")
.withExistingResourceGroup("exampleResourceGroup").withTags(mapOf())
.withDescription(
"An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment")
.withIsEnabled(true)
.withScopes(Arrays.asList(new AutomationScope().withDescription(
"A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5")
.withScopePath("/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup")))
.withSources(Arrays.asList(new AutomationSource().withEventSource(EventSource.ASSESSMENTS)))
.withActions(Arrays.asList(new AutomationActionLogicApp().withLogicAppResourceId(
"/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1")
.withUri("https://exampleTriggerUri1.com")))
.create();
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armsecurity_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/preview/2023-12-01-preview/examples/Automations/PutAutomationAllAssessments_example.json
func ExampleAutomationsClient_CreateOrUpdate_createOrUpdateASecurityAutomationForAllAssessmentsIncludingAllSeverities() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewAutomationsClient().CreateOrUpdate(ctx, "exampleResourceGroup", "exampleAutomation", armsecurity.Automation{
Location: to.Ptr("Central US"),
Etag: to.Ptr("etag value (must be supplied for update)"),
Tags: map[string]*string{},
Properties: &armsecurity.AutomationProperties{
Description: to.Ptr("An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment"),
Actions: []armsecurity.AutomationActionClassification{
&armsecurity.AutomationActionLogicApp{
ActionType: to.Ptr(armsecurity.ActionTypeLogicApp),
LogicAppResourceID: to.Ptr("/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1"),
URI: to.Ptr("https://exampleTriggerUri1.com"),
}},
IsEnabled: to.Ptr(true),
Scopes: []*armsecurity.AutomationScope{
{
Description: to.Ptr("A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5"),
ScopePath: to.Ptr("/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup"),
}},
Sources: []*armsecurity.AutomationSource{
{
EventSource: to.Ptr(armsecurity.EventSourceAssessments),
}},
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Automation = armsecurity.Automation{
// Location: to.Ptr("Central US"),
// Etag: to.Ptr("new etag value"),
// Name: to.Ptr("exampleAutomation"),
// Type: to.Ptr("Microsoft.Security/automations"),
// ID: to.Ptr("/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/exampleResourceGroup/providers/Microsoft.Security/automations/exampleAutomation"),
// Tags: map[string]*string{
// },
// Properties: &armsecurity.AutomationProperties{
// Description: to.Ptr("An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment"),
// Actions: []armsecurity.AutomationActionClassification{
// &armsecurity.AutomationActionLogicApp{
// ActionType: to.Ptr(armsecurity.ActionTypeLogicApp),
// LogicAppResourceID: to.Ptr("/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1"),
// }},
// IsEnabled: to.Ptr(true),
// Scopes: []*armsecurity.AutomationScope{
// {
// Description: to.Ptr("A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5"),
// ScopePath: to.Ptr("/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup"),
// }},
// Sources: []*armsecurity.AutomationSource{
// {
// EventSource: to.Ptr(armsecurity.EventSourceAssessments),
// RuleSets: []*armsecurity.AutomationRuleSet{
// },
// }},
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a security automation. If a security automation is already created and a subsequent request is issued for the same automation id, then it will be updated.
*
* @summary Creates or updates a security automation. If a security automation is already created and a subsequent request is issued for the same automation id, then it will be updated.
* x-ms-original-file: specification/security/resource-manager/Microsoft.Security/preview/2023-12-01-preview/examples/Automations/PutAutomationAllAssessments_example.json
*/
async function createOrUpdateASecurityAutomationForAllAssessmentsIncludingAllSeverities() {
const subscriptionId =
process.env["SECURITY_SUBSCRIPTION_ID"] || "a5caac9c-5c04-49af-b3d0-e204f40345d5";
const resourceGroupName = process.env["SECURITY_RESOURCE_GROUP"] || "exampleResourceGroup";
const automationName = "exampleAutomation";
const automation = {
description:
"An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment",
actions: [
{
actionType: "LogicApp",
logicAppResourceId:
"/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
uri: "https://exampleTriggerUri1.com",
},
],
etag: "etag value (must be supplied for update)",
isEnabled: true,
location: "Central US",
scopes: [
{
description:
"A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5",
scopePath:
"/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup",
},
],
sources: [{ eventSource: "Assessments" }],
tags: {},
};
const credential = new DefaultAzureCredential();
const client = new SecurityCenter(credential, subscriptionId);
const result = await client.automations.createOrUpdate(
resourceGroupName,
automationName,
automation,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
示例响应
{
"id": "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/exampleResourceGroup/providers/Microsoft.Security/automations/exampleAutomation",
"name": "exampleAutomation",
"type": "Microsoft.Security/automations",
"location": "Central US",
"etag": "new etag value",
"tags": {},
"properties": {
"description": "An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment",
"isEnabled": true,
"scopes": [
{
"description": "A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5",
"scopePath": "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup"
}
],
"sources": [
{
"eventSource": "Assessments",
"ruleSets": []
}
],
"actions": [
{
"logicAppResourceId": "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
"actionType": "LogicApp"
}
]
}
}
{
"id": "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/exampleResourceGroup/providers/Microsoft.Security/SecurityAutomations/exampleAutomation",
"name": "exampleAutomation",
"type": "Microsoft.Security/SecurityAutomations",
"location": "Central US",
"etag": "new etag value",
"tags": {},
"properties": {
"description": "An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment",
"isEnabled": true,
"scopes": [
{
"description": "A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5",
"scopePath": "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup"
}
],
"sources": [
{
"eventSource": "Assessments",
"ruleSets": []
}
],
"actions": [
{
"logicAppResourceId": "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
"actionType": "LogicApp"
}
]
}
}
Create or update a security automation for all high severity assessments
示例请求
PUT https://management.azure.com/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/exampleResourceGroup/providers/Microsoft.Security/automations/exampleAutomation?api-version=2023-12-01-preview
{
"location": "Central US",
"etag": "etag value (must be supplied for update)",
"tags": {},
"properties": {
"description": "An example of a security automation that triggers one LogicApp resource (myTest1) on any high severity security assessment",
"isEnabled": true,
"scopes": [
{
"description": "A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5",
"scopePath": "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup"
}
],
"sources": [
{
"eventSource": "Assessments",
"ruleSets": [
{
"rules": [
{
"propertyJPath": "properties.metadata.severity",
"propertyType": "String",
"expectedValue": "High",
"operator": "Equals"
}
]
}
]
}
],
"actions": [
{
"logicAppResourceId": "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
"actionType": "LogicApp",
"uri": "https://exampleTriggerUri1.com"
}
]
}
}
import com.azure.resourcemanager.security.models.AutomationActionLogicApp;
import com.azure.resourcemanager.security.models.AutomationRuleSet;
import com.azure.resourcemanager.security.models.AutomationScope;
import com.azure.resourcemanager.security.models.AutomationSource;
import com.azure.resourcemanager.security.models.AutomationTriggeringRule;
import com.azure.resourcemanager.security.models.EventSource;
import com.azure.resourcemanager.security.models.Operator;
import com.azure.resourcemanager.security.models.PropertyType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for Automations CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/security/resource-manager/Microsoft.Security/preview/2023-12-01-preview/examples/Automations/
* PutAutomationHighSeverityAssessments_example.json
*/
/**
* Sample code: Create or update a security automation for all high severity assessments.
*
* @param manager Entry point to SecurityManager.
*/
public static void createOrUpdateASecurityAutomationForAllHighSeverityAssessments(
com.azure.resourcemanager.security.SecurityManager manager) {
manager.automations().define("exampleAutomation").withRegion("Central US")
.withExistingResourceGroup("exampleResourceGroup").withTags(mapOf())
.withDescription(
"An example of a security automation that triggers one LogicApp resource (myTest1) on any high severity security assessment")
.withIsEnabled(true)
.withScopes(Arrays.asList(new AutomationScope().withDescription(
"A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5")
.withScopePath("/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup")))
.withSources(Arrays.asList(new AutomationSource().withEventSource(EventSource.ASSESSMENTS).withRuleSets(
Arrays.asList(new AutomationRuleSet().withRules(Arrays.asList(new AutomationTriggeringRule()
.withPropertyJPath("properties.metadata.severity").withPropertyType(PropertyType.STRING)
.withExpectedValue("High").withOperator(Operator.EQUALS)))))))
.withActions(Arrays.asList(new AutomationActionLogicApp().withLogicAppResourceId(
"/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1")
.withUri("https://exampleTriggerUri1.com")))
.create();
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armsecurity_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/preview/2023-12-01-preview/examples/Automations/PutAutomationHighSeverityAssessments_example.json
func ExampleAutomationsClient_CreateOrUpdate_createOrUpdateASecurityAutomationForAllHighSeverityAssessments() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewAutomationsClient().CreateOrUpdate(ctx, "exampleResourceGroup", "exampleAutomation", armsecurity.Automation{
Location: to.Ptr("Central US"),
Etag: to.Ptr("etag value (must be supplied for update)"),
Tags: map[string]*string{},
Properties: &armsecurity.AutomationProperties{
Description: to.Ptr("An example of a security automation that triggers one LogicApp resource (myTest1) on any high severity security assessment"),
Actions: []armsecurity.AutomationActionClassification{
&armsecurity.AutomationActionLogicApp{
ActionType: to.Ptr(armsecurity.ActionTypeLogicApp),
LogicAppResourceID: to.Ptr("/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1"),
URI: to.Ptr("https://exampleTriggerUri1.com"),
}},
IsEnabled: to.Ptr(true),
Scopes: []*armsecurity.AutomationScope{
{
Description: to.Ptr("A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5"),
ScopePath: to.Ptr("/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup"),
}},
Sources: []*armsecurity.AutomationSource{
{
EventSource: to.Ptr(armsecurity.EventSourceAssessments),
RuleSets: []*armsecurity.AutomationRuleSet{
{
Rules: []*armsecurity.AutomationTriggeringRule{
{
ExpectedValue: to.Ptr("High"),
Operator: to.Ptr(armsecurity.OperatorEquals),
PropertyJPath: to.Ptr("properties.metadata.severity"),
PropertyType: to.Ptr(armsecurity.PropertyTypeString),
}},
}},
}},
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Automation = armsecurity.Automation{
// Location: to.Ptr("Central US"),
// Etag: to.Ptr("new etag value"),
// Name: to.Ptr("exampleAutomation"),
// Type: to.Ptr("Microsoft.Security/automations"),
// ID: to.Ptr("/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/exampleResourceGroup/providers/Microsoft.Security/automations/exampleAutomation"),
// Tags: map[string]*string{
// },
// Properties: &armsecurity.AutomationProperties{
// Description: to.Ptr("An example of a security automation that triggers one LogicApp resource (myTest1) on any high severity security assessment"),
// Actions: []armsecurity.AutomationActionClassification{
// &armsecurity.AutomationActionLogicApp{
// ActionType: to.Ptr(armsecurity.ActionTypeLogicApp),
// LogicAppResourceID: to.Ptr("/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1"),
// }},
// IsEnabled: to.Ptr(true),
// Scopes: []*armsecurity.AutomationScope{
// {
// Description: to.Ptr("A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5"),
// ScopePath: to.Ptr("/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup"),
// }},
// Sources: []*armsecurity.AutomationSource{
// {
// EventSource: to.Ptr(armsecurity.EventSourceAssessments),
// RuleSets: []*armsecurity.AutomationRuleSet{
// {
// Rules: []*armsecurity.AutomationTriggeringRule{
// {
// ExpectedValue: to.Ptr("High"),
// Operator: to.Ptr(armsecurity.OperatorEquals),
// PropertyJPath: to.Ptr("properties.metadata.severity"),
// PropertyType: to.Ptr(armsecurity.PropertyTypeString),
// }},
// }},
// }},
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a security automation. If a security automation is already created and a subsequent request is issued for the same automation id, then it will be updated.
*
* @summary Creates or updates a security automation. If a security automation is already created and a subsequent request is issued for the same automation id, then it will be updated.
* x-ms-original-file: specification/security/resource-manager/Microsoft.Security/preview/2023-12-01-preview/examples/Automations/PutAutomationHighSeverityAssessments_example.json
*/
async function createOrUpdateASecurityAutomationForAllHighSeverityAssessments() {
const subscriptionId =
process.env["SECURITY_SUBSCRIPTION_ID"] || "a5caac9c-5c04-49af-b3d0-e204f40345d5";
const resourceGroupName = process.env["SECURITY_RESOURCE_GROUP"] || "exampleResourceGroup";
const automationName = "exampleAutomation";
const automation = {
description:
"An example of a security automation that triggers one LogicApp resource (myTest1) on any high severity security assessment",
actions: [
{
actionType: "LogicApp",
logicAppResourceId:
"/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
uri: "https://exampleTriggerUri1.com",
},
],
etag: "etag value (must be supplied for update)",
isEnabled: true,
location: "Central US",
scopes: [
{
description:
"A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5",
scopePath:
"/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup",
},
],
sources: [
{
eventSource: "Assessments",
ruleSets: [
{
rules: [
{
expectedValue: "High",
operator: "Equals",
propertyJPath: "properties.metadata.severity",
propertyType: "String",
},
],
},
],
},
],
tags: {},
};
const credential = new DefaultAzureCredential();
const client = new SecurityCenter(credential, subscriptionId);
const result = await client.automations.createOrUpdate(
resourceGroupName,
automationName,
automation,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
示例响应
{
"id": "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/exampleResourceGroup/providers/Microsoft.Security/automations/exampleAutomation",
"name": "exampleAutomation",
"type": "Microsoft.Security/automations",
"location": "Central US",
"etag": "new etag value",
"tags": {},
"properties": {
"description": "An example of a security automation that triggers one LogicApp resource (myTest1) on any high severity security assessment",
"isEnabled": true,
"scopes": [
{
"description": "A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5",
"scopePath": "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup"
}
],
"sources": [
{
"eventSource": "Assessments",
"ruleSets": [
{
"rules": [
{
"propertyJPath": "properties.metadata.severity",
"propertyType": "String",
"expectedValue": "High",
"operator": "Equals"
}
]
}
]
}
],
"actions": [
{
"logicAppResourceId": "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
"actionType": "LogicApp"
}
]
}
}
{
"id": "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/exampleResourceGroup/providers/Microsoft.Security/SecurityAutomations/exampleAutomation",
"name": "exampleAutomation",
"type": "Microsoft.Security/SecurityAutomations",
"location": "Central US",
"etag": "new etag value",
"tags": {},
"properties": {
"description": "An example of a security automation that triggers one LogicApp resource (myTest1) on any high severity security assessment",
"isEnabled": true,
"scopes": [
{
"description": "A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5",
"scopePath": "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup"
}
],
"sources": [
{
"eventSource": "Assessments",
"ruleSets": [
{
"rules": [
{
"propertyJPath": "properties.metadata.severity",
"propertyType": "String",
"expectedValue": "High",
"operator": "Equals"
}
]
}
]
}
],
"actions": [
{
"logicAppResourceId": "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
"actionType": "LogicApp"
}
]
}
}
Disable or enable a security automation
示例请求
PUT https://management.azure.com/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/exampleResourceGroup/providers/Microsoft.Security/automations/exampleAutomation?api-version=2023-12-01-preview
{
"location": "Central US",
"etag": "etag value (must be supplied for update)",
"tags": {},
"properties": {
"description": "An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment of type customAssessment",
"isEnabled": false,
"scopes": [
{
"description": "A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5",
"scopePath": "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup"
}
],
"sources": [
{
"eventSource": "Assessments",
"ruleSets": [
{
"rules": [
{
"propertyJPath": "$.Entity.AssessmentType",
"propertyType": "String",
"expectedValue": "customAssessment",
"operator": "Equals"
}
]
}
]
}
],
"actions": [
{
"logicAppResourceId": "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
"actionType": "LogicApp",
"uri": "https://exampleTriggerUri1.com"
}
]
}
}
import com.azure.resourcemanager.security.models.AutomationActionLogicApp;
import com.azure.resourcemanager.security.models.AutomationRuleSet;
import com.azure.resourcemanager.security.models.AutomationScope;
import com.azure.resourcemanager.security.models.AutomationSource;
import com.azure.resourcemanager.security.models.AutomationTriggeringRule;
import com.azure.resourcemanager.security.models.EventSource;
import com.azure.resourcemanager.security.models.Operator;
import com.azure.resourcemanager.security.models.PropertyType;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
/**
* Samples for Automations CreateOrUpdate.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/security/resource-manager/Microsoft.Security/preview/2023-12-01-preview/examples/Automations/
* PutDisableAutomation_example.json
*/
/**
* Sample code: Disable or enable a security automation.
*
* @param manager Entry point to SecurityManager.
*/
public static void disableOrEnableASecurityAutomation(com.azure.resourcemanager.security.SecurityManager manager) {
manager.automations().define("exampleAutomation").withRegion("Central US")
.withExistingResourceGroup("exampleResourceGroup").withTags(mapOf())
.withDescription(
"An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment of type customAssessment")
.withIsEnabled(false)
.withScopes(Arrays.asList(new AutomationScope().withDescription(
"A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5")
.withScopePath("/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup")))
.withSources(Arrays.asList(new AutomationSource().withEventSource(EventSource.ASSESSMENTS).withRuleSets(
Arrays.asList(new AutomationRuleSet().withRules(Arrays.asList(new AutomationTriggeringRule()
.withPropertyJPath("$.Entity.AssessmentType").withPropertyType(PropertyType.STRING)
.withExpectedValue("customAssessment").withOperator(Operator.EQUALS)))))))
.withActions(Arrays.asList(new AutomationActionLogicApp().withLogicAppResourceId(
"/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1")
.withUri("https://exampleTriggerUri1.com")))
.create();
}
// Use "Map.of" if available
@SuppressWarnings("unchecked")
private static <T> Map<String, T> mapOf(Object... inputs) {
Map<String, T> map = new HashMap<>();
for (int i = 0; i < inputs.length; i += 2) {
String key = (String) inputs[i];
T value = (T) inputs[i + 1];
map.put(key, value);
}
return map;
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armsecurity_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/preview/2023-12-01-preview/examples/Automations/PutDisableAutomation_example.json
func ExampleAutomationsClient_CreateOrUpdate_disableOrEnableASecurityAutomation() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewAutomationsClient().CreateOrUpdate(ctx, "exampleResourceGroup", "exampleAutomation", armsecurity.Automation{
Location: to.Ptr("Central US"),
Etag: to.Ptr("etag value (must be supplied for update)"),
Tags: map[string]*string{},
Properties: &armsecurity.AutomationProperties{
Description: to.Ptr("An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment of type customAssessment"),
Actions: []armsecurity.AutomationActionClassification{
&armsecurity.AutomationActionLogicApp{
ActionType: to.Ptr(armsecurity.ActionTypeLogicApp),
LogicAppResourceID: to.Ptr("/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1"),
URI: to.Ptr("https://exampleTriggerUri1.com"),
}},
IsEnabled: to.Ptr(false),
Scopes: []*armsecurity.AutomationScope{
{
Description: to.Ptr("A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5"),
ScopePath: to.Ptr("/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup"),
}},
Sources: []*armsecurity.AutomationSource{
{
EventSource: to.Ptr(armsecurity.EventSourceAssessments),
RuleSets: []*armsecurity.AutomationRuleSet{
{
Rules: []*armsecurity.AutomationTriggeringRule{
{
ExpectedValue: to.Ptr("customAssessment"),
Operator: to.Ptr(armsecurity.OperatorEquals),
PropertyJPath: to.Ptr("$.Entity.AssessmentType"),
PropertyType: to.Ptr(armsecurity.PropertyTypeString),
}},
}},
}},
},
}, nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Automation = armsecurity.Automation{
// Location: to.Ptr("Central US"),
// Etag: to.Ptr("new etag value"),
// Name: to.Ptr("exampleAutomation"),
// Type: to.Ptr("Microsoft.Security/automations"),
// ID: to.Ptr("/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/exampleResourceGroup/providers/Microsoft.Security/automations/exampleAutomation"),
// Tags: map[string]*string{
// },
// Properties: &armsecurity.AutomationProperties{
// Description: to.Ptr("An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment of type customAssessment"),
// Actions: []armsecurity.AutomationActionClassification{
// &armsecurity.AutomationActionLogicApp{
// ActionType: to.Ptr(armsecurity.ActionTypeLogicApp),
// LogicAppResourceID: to.Ptr("/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1"),
// }},
// IsEnabled: to.Ptr(false),
// Scopes: []*armsecurity.AutomationScope{
// {
// Description: to.Ptr("A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5"),
// ScopePath: to.Ptr("/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup"),
// }},
// Sources: []*armsecurity.AutomationSource{
// {
// EventSource: to.Ptr(armsecurity.EventSourceAssessments),
// RuleSets: []*armsecurity.AutomationRuleSet{
// {
// Rules: []*armsecurity.AutomationTriggeringRule{
// {
// ExpectedValue: to.Ptr("customAssessment"),
// Operator: to.Ptr(armsecurity.OperatorEquals),
// PropertyJPath: to.Ptr("$.Entity.AssessmentType"),
// PropertyType: to.Ptr(armsecurity.PropertyTypeString),
// }},
// }},
// }},
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Creates or updates a security automation. If a security automation is already created and a subsequent request is issued for the same automation id, then it will be updated.
*
* @summary Creates or updates a security automation. If a security automation is already created and a subsequent request is issued for the same automation id, then it will be updated.
* x-ms-original-file: specification/security/resource-manager/Microsoft.Security/preview/2023-12-01-preview/examples/Automations/PutDisableAutomation_example.json
*/
async function disableOrEnableASecurityAutomation() {
const subscriptionId =
process.env["SECURITY_SUBSCRIPTION_ID"] || "a5caac9c-5c04-49af-b3d0-e204f40345d5";
const resourceGroupName = process.env["SECURITY_RESOURCE_GROUP"] || "exampleResourceGroup";
const automationName = "exampleAutomation";
const automation = {
description:
"An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment of type customAssessment",
actions: [
{
actionType: "LogicApp",
logicAppResourceId:
"/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
uri: "https://exampleTriggerUri1.com",
},
],
etag: "etag value (must be supplied for update)",
isEnabled: false,
location: "Central US",
scopes: [
{
description:
"A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5",
scopePath:
"/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup",
},
],
sources: [
{
eventSource: "Assessments",
ruleSets: [
{
rules: [
{
expectedValue: "customAssessment",
operator: "Equals",
propertyJPath: "$.Entity.AssessmentType",
propertyType: "String",
},
],
},
],
},
],
tags: {},
};
const credential = new DefaultAzureCredential();
const client = new SecurityCenter(credential, subscriptionId);
const result = await client.automations.createOrUpdate(
resourceGroupName,
automationName,
automation,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
示例响应
{
"id": "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/exampleResourceGroup/providers/Microsoft.Security/automations/exampleAutomation",
"name": "exampleAutomation",
"type": "Microsoft.Security/automations",
"location": "Central US",
"etag": "new etag value",
"tags": {},
"properties": {
"description": "An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment of type customAssessment",
"isEnabled": false,
"scopes": [
{
"description": "A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5",
"scopePath": "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup"
}
],
"sources": [
{
"eventSource": "Assessments",
"ruleSets": [
{
"rules": [
{
"propertyJPath": "$.Entity.AssessmentType",
"propertyType": "String",
"expectedValue": "customAssessment",
"operator": "Equals"
}
]
}
]
}
],
"actions": [
{
"logicAppResourceId": "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
"actionType": "LogicApp"
}
]
}
}
{
"id": "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/exampleResourceGroup/providers/Microsoft.Security/SecurityAutomations/exampleAutomation",
"name": "exampleAutomation",
"type": "Microsoft.Security/SecurityAutomations",
"location": "Central US",
"etag": "new etag value",
"tags": {},
"properties": {
"description": "An example of a security automation that triggers one LogicApp resource (myTest1) on any security assessment of type customAssessment",
"isEnabled": false,
"scopes": [
{
"description": "A description that helps to identify this scope - for example: security assessments that relate to the resource group myResourceGroup within the subscription a5caac9c-5c04-49af-b3d0-e204f40345d5",
"scopePath": "/subscriptions/a5caac9c-5c04-49af-b3d0-e204f40345d5/resourceGroups/myResourceGroup"
}
],
"sources": [
{
"eventSource": "Assessments",
"ruleSets": [
{
"rules": [
{
"propertyJPath": "$.Entity.AssessmentType",
"propertyType": "String",
"expectedValue": "customAssessment",
"operator": "Equals"
}
]
}
]
}
],
"actions": [
{
"logicAppResourceId": "/subscriptions/e54a4a18-5b94-4f90-9471-bd3decad8a2e/resourceGroups/sample/providers/Microsoft.Logic/workflows/MyTest1",
"actionType": "LogicApp"
}
]
}
}
定义
Automation
安全自动化资源。
名称 |
类型 |
说明 |
etag
|
string
|
实体标记用于比较同一请求资源的两个或多个实体。
|
id
|
string
|
资源 ID
|
kind
|
string
|
资源类型
|
location
|
string
|
存储资源的位置
|
name
|
string
|
资源名称
|
properties.actions
|
AutomationAction[]:
|
如果至少一个规则集中所有已配置的规则评估均为 true,则触发的操作集合。
|
properties.description
|
string
|
安全自动化说明。
|
properties.isEnabled
|
boolean
|
指示是否启用安全自动化。
|
properties.scopes
|
AutomationScope[]
|
应用安全自动化逻辑的范围集合。 支持的范围是订阅本身或该订阅下的资源组。 自动化仅适用于定义的范围。
|
properties.sources
|
AutomationSource[]
|
评估安全自动化规则集的源事件类型的集合。
|
tags
|
object
|
描述资源的键值对的列表。
|
type
|
string
|
资源类型
|
AutomationActionEventHub
将导出事件数据的目标事件中心。 若要详细了解 Microsoft Defender for Cloud 连续导出功能,请访问 https://aka.ms/ASCExportLearnMore
名称 |
类型 |
说明 |
actionType
|
string:
EventHub
|
将由自动化触发的操作的类型
|
connectionString
|
string
|
目标事件中心连接字符串(它不会包含在任何响应中)。
|
eventHubResourceId
|
string
|
目标事件中心 Azure 资源 ID。
|
isTrustedServiceEnabled
|
boolean
|
指示是否启用受信任的服务。
|
sasPolicyName
|
string
|
目标事件中心 SAS 策略名称。
|
AutomationActionLogicApp
应触发的逻辑应用操作。 若要详细了解 Microsoft Defender for Cloud 的工作流自动化功能,请访问 https://aka.ms/ASCWorkflowAutomationLearnMore
名称 |
类型 |
说明 |
actionType
|
string:
LogicApp
|
将由自动化触发的操作的类型
|
logicAppResourceId
|
string
|
触发的逻辑应用 Azure 资源 ID。 这也可以驻留在其他订阅上,因为你有权触发逻辑应用
|
uri
|
string
|
逻辑应用触发器 URI 终结点(它不会包含在任何响应中)。
|
AutomationActionWorkspace
将事件数据导出到的 Log Analytics 工作区。 安全警报数据将驻留在“SecurityAlert”表中,评估数据将驻留在“SecurityRecommendation”表(“Security”/“SecurityCenterFree”解决方案下)。 请注意,若要查看工作区中的数据,需要在该工作区上启用安全中心 Log Analytics 免费/标准解决方案。 若要详细了解 Microsoft Defender for Cloud 连续导出功能,请访问 https://aka.ms/ASCExportLearnMore
名称 |
类型 |
说明 |
actionType
|
string:
Workspace
|
将由自动化触发的操作的类型
|
workspaceResourceId
|
string
|
完全限定的 Log Analytics 工作区 Azure 资源 ID。
|
AutomationRuleSet
一个规则集,用于评估事件拦截时的所有规则。 只有当规则集中的所有包含规则都将评估为“true”时,事件才会触发定义的操作。
AutomationScope
单个自动化范围。
名称 |
类型 |
说明 |
description
|
string
|
资源范围说明。
|
scopePath
|
string
|
资源范围路径。 可以是在该订阅下定义自动化的订阅,也可以是该订阅下的资源组(完全限定的 Azure 资源 ID)。
|
AutomationSource
用于评估安全自动化规则集的源事件类型。 例如 - 安全警报和安全评估。 若要详细了解受支持的安全事件数据模型架构 ,请访问 https://aka.ms/ASCAutomationSchemas。
AutomationTriggeringRule
在事件截获时评估的规则。 通过将事件模型中的特定值与预期值进行比较来配置规则。 此比较是使用受支持的运算符集之一完成的。
名称 |
类型 |
说明 |
expectedValue
|
string
|
预期值。
|
operator
|
Operator
|
要使用的有效比较器运算符。 不区分大小写的比较将应用于 String PropertyType。
|
propertyJPath
|
string
|
应检查的实体模型属性的 JPath。
|
propertyType
|
PropertyType
|
比较操作数的数据类型(字符串、整数、浮点数或布尔值 [true/false]]
|
CloudError
所有 Azure 资源管理器 API 的常见错误响应,以返回失败操作的错误详细信息。 (这也遵循 OData 错误响应格式)。
名称 |
类型 |
说明 |
error.additionalInfo
|
ErrorAdditionalInfo[]
|
错误附加信息。
|
error.code
|
string
|
错误代码。
|
error.details
|
CloudErrorBody[]
|
错误详细信息。
|
error.message
|
string
|
错误消息。
|
error.target
|
string
|
错误目标。
|
CloudErrorBody
错误详细信息。
ErrorAdditionalInfo
资源管理错误附加信息。
名称 |
类型 |
说明 |
info
|
object
|
其他信息。
|
type
|
string
|
其他信息类型。
|
EventSource
有效的事件源类型。
名称 |
类型 |
说明 |
Alerts
|
string
|
|
Assessments
|
string
|
|
AssessmentsSnapshot
|
string
|
|
AttackPaths
|
string
|
|
AttackPathsSnapshot
|
string
|
|
RegulatoryComplianceAssessment
|
string
|
|
RegulatoryComplianceAssessmentSnapshot
|
string
|
|
SecureScoreControls
|
string
|
|
SecureScoreControlsSnapshot
|
string
|
|
SecureScores
|
string
|
|
SecureScoresSnapshot
|
string
|
|
SubAssessments
|
string
|
|
SubAssessmentsSnapshot
|
string
|
|
Operator
要使用的有效比较器运算符。 不区分大小写的比较将应用于 String PropertyType。
名称 |
类型 |
说明 |
Contains
|
string
|
仅适用于非十进制操作数
|
EndsWith
|
string
|
仅适用于非十进制操作数
|
Equals
|
string
|
适用于十进制和非十进制操作数
|
GreaterThan
|
string
|
仅适用于十进制操作数
|
GreaterThanOrEqualTo
|
string
|
仅适用于十进制操作数
|
LesserThan
|
string
|
仅适用于十进制操作数
|
LesserThanOrEqualTo
|
string
|
仅适用于十进制操作数
|
NotEquals
|
string
|
适用于十进制和非十进制操作数
|
StartsWith
|
string
|
仅适用于非十进制操作数
|
PropertyType
比较操作数的数据类型(字符串、整数、浮点数或布尔值 [true/false]]
名称 |
类型 |
说明 |
Boolean
|
string
|
|
Integer
|
string
|
|
Number
|
string
|
|
String
|
string
|
|