Health Reports - Get

參考

服務:: Defender for Cloud

API 版本:: 2023-05-01-preview

取得資源的健康情況報告

GET https://management.azure.com/{resourceId}/providers/Microsoft.Security/healthReports/{healthReportName}?api-version=2023-05-01-preview

URI 參數

名稱位於必要類型 Description

名稱	位於	必要	類型	Description
healthReportName	path	True	string	健康情況報告索引鍵 - 健康情況報告類型的唯一索引鍵 Regex 模式: `[{]?[0-9a-fA-F]{8}-(?:[0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}[}]?$`
resourceId	path	True	string	資源的標識碼。
api-version	query	True	string	要用於這項作業的 API 版本。

healthReportName

path

True

string

健康情況報告索引鍵 - 健康情況報告類型的唯一索引鍵

Regex 模式: [{]?[0-9a-fA-F]{8}-(?:[0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}[}]?$

resourceId

path

True

string

資源的標識碼。

api-version

query

True

string

要用於這項作業的 API 版本。

回應

名稱	類型	Description
200 OK	HealthReport	還行
Other Status Codes	ErrorResponse	所有 Azure Resource Manager API 的常見錯誤回應，以傳回失敗作業的錯誤詳細數據。

安全性

azure_auth

Azure Active Directory OAuth2 Flow

類型: oauth2
Flow: implicit
授權 URL: https://login.microsoftonline.com/common/oauth2/authorize

範圍

名稱	Description
user_impersonation	模擬您的用戶帳戶

範例

Get health report of resource

範例要求

GET https://management.azure.com/subscriptions/a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2/resourcegroups/E2E-IBB0WX/providers/Microsoft.Security/securityconnectors/AwsConnectorAllOfferings/providers/Microsoft.Security/healthReports/909c629a-bf39-4521-8e4f-10b443a0bc02?api-version=2023-05-01-preview


/**
 * Samples for HealthReports Get.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/security/resource-manager/Microsoft.Security/preview/2023-05-01-preview/examples/HealthReports/
     * GetHealthReports_example.json
     */
    /**
     * Sample code: Get health report of resource.
     * 
     * @param manager Entry point to SecurityManager.
     */
    public static void getHealthReportOfResource(com.azure.resourcemanager.security.SecurityManager manager) {
        manager.healthReports().getWithResponse(
            "subscriptions/a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2/resourcegroups/E2E-IBB0WX/providers/Microsoft.Security/securityconnectors/AwsConnectorAllOfferings",
            "909c629a-bf39-4521-8e4f-10b443a0bc02", com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

package armsecurity_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/preview/2023-05-01-preview/examples/HealthReports/GetHealthReports_example.json
func ExampleHealthReportsClient_Get() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	res, err := clientFactory.NewHealthReportsClient().Get(ctx, "subscriptions/a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2/resourcegroups/E2E-IBB0WX/providers/Microsoft.Security/securityconnectors/AwsConnectorAllOfferings", "909c629a-bf39-4521-8e4f-10b443a0bc02", nil)
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
	// You could use response here. We use blank identifier for just demo purposes.
	_ = res
	// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
	// res.HealthReport = armsecurity.HealthReport{
	// 	Name: to.Ptr("909c629a-bf39-4521-8e4f-10b443a0bc02"),
	// 	Type: to.Ptr("Microsoft.Security/healthReports"),
	// 	ID: to.Ptr("/subscriptions/a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2/resourcegroups/E2E-IBB0WX/providers/Microsoft.Security/securityconnectors/AwsConnectorAllOfferings/providers/Microsoft.Security/healthReports/909c629a-bf39-4521-8e4f-10b443a0bc02"),
	// 	Properties: &armsecurity.HealthReportProperties{
	// 		AffectedDefendersPlans: []*string{
	// 		},
	// 		EnvironmentDetails: &armsecurity.EnvironmentDetails{
	// 			EnvironmentHierarchyID: to.Ptr("a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2"),
	// 			NativeResourceID: to.Ptr("arn:aws:iam::827098768879"),
	// 			OrganizationalHierarchyID: to.Ptr("e81b978c-11be-449f-a392-42c0ed96bb91"),
	// 			SubscriptionID: to.Ptr("a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2"),
	// 			TenantID: to.Ptr("a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2"),
	// 		},
	// 		HealthDataClassification: &armsecurity.HealthDataClassification{
	// 			Component: to.Ptr("Connectivity"),
	// 			Scope: to.Ptr("Connectors"),
	// 		},
	// 		Issues: []*armsecurity.Issue{
	// 			{
	// 				IssueAdditionalData: map[string]*string{
	// 					"StacksetName": to.Ptr("ProdStackSet"),
	// 				},
	// 				IssueDescription: to.Ptr("A problem was identified with the AWS CloudFormation StackSet. The StackSet is used to create stacks across multiple accounts. To grant Defender for Cloud access to your member accounts, there is a need to run the StackSet on the member accounts."),
	// 				IssueKey: to.Ptr("414af15d-207e-4c63-b8eb-624d1b652e45"),
	// 				IssueName: to.Ptr("AWS CloudFormation StackSet name invalid or does not exist"),
	// 				RemediationScript: to.Ptr(""),
	// 				RemediationSteps: to.Ptr("Validate that the StackSet name in AWS matches the name provided in the onboarding set up: StackSet name can be found in AWS Management Console  -> CloudFormation -> StackSets -> StackSet name In case the names do not match, update the StackSet name to match the StackSet name provided in the onboarding set up.  In case the StackSet does not exist, re-run the CloudFormation template only for StackSet. Navigate to CloudFormation 'StackSets' in AWS Management Console -> Click 'Create StackSet' -> Choose 'Upload a template file', `Choose file` and select the downloaded template. Make sure to enter the exact StackSet name as it was provided in the onboarding set up. Download template link "),
	// 				SecurityValues: []*string{
	// 					to.Ptr("Connectivity to AWS member accounts")},
	// 			}},
	// 			ResourceDetails: &armsecurity.ResourceDetailsAutoGenerated{
	// 				ConnectorID: to.Ptr("bb7ad9cc-26b6-48ec-a5b4-23fc23be2733"),
	// 				ID: to.Ptr("/subscriptions/a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2/resourcegroups/E2E-IBB0WX/providers/Microsoft.Security/securityconnectors/AwsConnectorAllOfferings"),
	// 				Source: to.Ptr(armsecurity.Source("Aws")),
	// 			},
	// 			Status: &armsecurity.StatusAutoGenerated{
	// 				Code: to.Ptr(armsecurity.StatusNameNotHealthy),
	// 				FirstEvaluationDate: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2023-01-12T09:07:18.675Z"); return t}()),
	// 				LastScannedDate: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2023-04-25T09:02:20.134Z"); return t}()),
	// 				StatusChangeDate: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2023-01-12T09:07:18.675Z"); return t}()),
	// 			},
	// 		},
	// 	}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Get health report of resource
 *
 * @summary Get health report of resource
 * x-ms-original-file: specification/security/resource-manager/Microsoft.Security/preview/2023-05-01-preview/examples/HealthReports/GetHealthReports_example.json
 */
async function getHealthReportOfResource() {
  const resourceId =
    "subscriptions/a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2/resourcegroups/E2E-IBB0WX/providers/Microsoft.Security/securityconnectors/AwsConnectorAllOfferings";
  const healthReportName = "909c629a-bf39-4521-8e4f-10b443a0bc02";
  const credential = new DefaultAzureCredential();
  const client = new SecurityCenter(credential);
  const result = await client.healthReports.get(resourceId, healthReportName);
  console.log(result);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

using System;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.SecurityCenter;

// Generated from example definition: specification/security/resource-manager/Microsoft.Security/preview/2023-05-01-preview/examples/HealthReports/GetHealthReports_example.json
// this example is just showing the usage of "HealthReports_Get" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this ArmResource created on azure
// for more information of creating ArmResource, please refer to the document of ArmResource

// get the collection of this SecurityHealthReportResource
string resourceId = "subscriptions/a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2/resourcegroups/E2E-IBB0WX/providers/Microsoft.Security/securityconnectors/AwsConnectorAllOfferings";
ResourceIdentifier scopeId = new ResourceIdentifier(string.Format("/{0}", resourceId));
SecurityHealthReportCollection collection = client.GetSecurityHealthReports(scopeId);

// invoke the operation
string healthReportName = "909c629a-bf39-4521-8e4f-10b443a0bc02";
NullableResponse<SecurityHealthReportResource> response = await collection.GetIfExistsAsync(healthReportName);
SecurityHealthReportResource result = response.HasValue ? response.Value : null;

if (result == null)
{
    Console.WriteLine($"Succeeded with null as result");
}
else
{
    // the variable result is a resource, you could call other operations on this instance as well
    // but just for demo, we get its data from this resource instance
    SecurityHealthReportData resourceData = result.Data;
    // for demo we just print out the id
    Console.WriteLine($"Succeeded on id: {resourceData.Id}");
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

範例回覆

狀態碼:: 200

{
  "id": "/subscriptions/a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2/resourcegroups/E2E-IBB0WX/providers/Microsoft.Security/securityconnectors/AwsConnectorAllOfferings/providers/Microsoft.Security/healthReports/909c629a-bf39-4521-8e4f-10b443a0bc02",
  "name": "909c629a-bf39-4521-8e4f-10b443a0bc02",
  "type": "Microsoft.Security/healthReports",
  "properties": {
    "resourceDetails": {
      "source": "Aws",
      "id": "/subscriptions/a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2/resourcegroups/E2E-IBB0WX/providers/Microsoft.Security/securityconnectors/AwsConnectorAllOfferings",
      "connectorId": "bb7ad9cc-26b6-48ec-a5b4-23fc23be2733"
    },
    "environmentDetails": {
      "nativeResourceId": "arn:aws:iam::827098768879",
      "environmentHierarchyId": "a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2",
      "organizationalHierarchyId": "e81b978c-11be-449f-a392-42c0ed96bb91",
      "subscriptionId": "a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2",
      "tenantId": "a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2"
    },
    "healthDataClassification": {
      "component": "Connectivity",
      "scope": "Connectors"
    },
    "status": {
      "code": "NotHealthy",
      "statusChangeDate": "2023-01-12T09:07:18.6759138Z",
      "firstEvaluationDate": "2023-01-12T09:07:18.6759138Z",
      "lastScannedDate": "2023-04-25T09:02:20.1349133Z"
    },
    "affectedDefendersPlans": [],
    "issues": [
      {
        "issueKey": "414af15d-207e-4c63-b8eb-624d1b652e45",
        "issueName": "AWS CloudFormation StackSet name invalid or does not exist",
        "securityValues": [
          "Connectivity to AWS member accounts"
        ],
        "issueDescription": "A problem was identified with the AWS CloudFormation StackSet. The StackSet is used to create stacks across multiple accounts. To grant Defender for Cloud access to your member accounts, there is a need to run the StackSet on the member accounts.",
        "remediationSteps": "Validate that the StackSet name in AWS matches the name provided in the onboarding set up: StackSet name can be found in AWS Management Console  -> CloudFormation -> StackSets -> StackSet name In case the names do not match, update the StackSet name to match the StackSet name provided in the onboarding set up.  In case the StackSet does not exist, re-run the CloudFormation template only for StackSet. Navigate to CloudFormation 'StackSets' in AWS Management Console -> Click 'Create StackSet' -> Choose 'Upload a template file', `Choose file` and select the downloaded template. Make sure to enter the exact StackSet name as it was provided in the onboarding set up. Download template link ",
        "remediationScript": "",
        "issueAdditionalData": {
          "StacksetName": "ProdStackSet"
        }
      }
    ]
  }
}

定義

名稱	Description
environmentDetails	資源的環境詳細數據
ErrorAdditionalInfo	資源管理錯誤其他資訊。
ErrorDetail	錯誤詳細數據。
ErrorResponse	錯誤回應
healthDataClassification	健康情況報告的分類
HealthReport	健康情況報告資源
issue	造成資源狀況不良的問題
resourceDetails	健康情況報告的資源詳細數據
source	健康情況報告的狀態
status	健康情況報告的狀態
statusName	健康情況報告的狀態

environmentDetails

資源的環境詳細數據

名稱	類型	Description
environmentHierarchyId	string	連接器的階層識別碼（如果是 Azure - 訂用帳戶標識碼，則為 MC - hierarchyId 識別符）
nativeResourceId	string	資源的原生資源識別碼（如果是 Azure - 資源識別符，則為 MC - 原生資源識別碼）
organizationalHierarchyId	string	連接器的組織階層標識碼（如果是 Azure - 訂用帳戶標識元，若為 MC - 組織 hierarchyId 識別碼）
subscriptionId	string	訂用帳戶標識碼
tenantId	string	租用戶標識碼

ErrorAdditionalInfo

資源管理錯誤其他資訊。

名稱	類型	Description
info	object	其他資訊。
type	string	其他信息類型。

ErrorDetail

錯誤詳細數據。

名稱	類型	Description
additionalInfo	ErrorAdditionalInfo[]	錯誤其他資訊。
code	string	錯誤碼。
details	ErrorDetail[]	錯誤詳細數據。
message	string	錯誤訊息。
target	string	錯誤目標。

ErrorResponse

錯誤回應

名稱	類型	Description
error	ErrorDetail	error 物件。

healthDataClassification

健康情況報告的分類

名稱	類型	Description
component	string	元件描述掃描問題的代理程式/服務名稱
scenario	string	此案例描述元件的健全狀況案例問題
scope	string	健康情況報告的資源範圍

HealthReport

健康情況報告資源

名稱	類型	Description
id	string	資源標識碼
name	string	資源名稱
properties.affectedDefendersPlans	string[]	受狀況不良報告影響的 Defender 計劃
properties.affectedDefendersSubPlans	string[]	受影響的 Defender 子計畫由狀況不良報告
properties.environmentDetails	environmentDetails	資源的環境詳細數據
properties.healthDataClassification	healthDataClassification	健康情況報告的分類
properties.issues	issue[]	報表中問題的集合
properties.reportAdditionalData	object	指定健康情況報告的其他數據，此字段可以包含資源與健康情況案例的詳細數據。
properties.resourceDetails	resourceDetails	健康情況報告的資源詳細數據
properties.status	status	健康情況報告的狀態
type	string	資源類型

issue

造成資源狀況不良的問題

名稱	類型	Description
issueAdditionalData	object	指定問題的其他數據。其他數據取決於問題類型
issueDescription	string	問題描述
issueKey	string	唯一的問題索引鍵
issueName	string	問題名稱
remediationScript	string	解決此問題的補救腳本
remediationSteps	string	人類可讀的關於您應該執行哪些動作來減輕此健康情況問題的描述
securityValues	string[]	MDC 提供受問題影響的受影響安全性值，例如：建議、警示等

resourceDetails

健康情況報告的資源詳細數據

名稱	類型	Description
connectorId	string	連接器的識別碼
id	string	資源的 Azure 識別碼
source	source	健康情況報告的狀態

source

健康情況報告的狀態

名稱	類型	Description
Aws	string
Azure	string
Gcp	string

status

健康情況報告的狀態

名稱	類型	Description
code	statusName	健康情況報告的狀態
firstEvaluationDate	string	第一次掃描健康情況報告資源的日期
lastScannedDate	string	上次掃描資源的日期
reason	string	指定狀態的原因
statusChangeDate	string	上次健康情況報告狀態變更的日期

statusName

健康情況報告的狀態

名稱	類型	Description
Healthy	string
NotApplicable	string
NotHealthy	string

共用方式為

Health Reports - Get

URI 參數

回應

安全性

azure_auth

範圍

範例

Get health report of resource

範例要求

範例回覆

定義

environmentDetails

ErrorAdditionalInfo

ErrorDetail

ErrorResponse

healthDataClassification

HealthReport

issue

resourceDetails

source

status

statusName

其他資源