Security Standards - Create Or Update

Dienst:

Defender for Cloud

API-Version:

2024-08-01

Erstellt oder aktualisiert einen Sicherheitsstandard über einen bestimmten Bereich

PUT https://management.azure.com/{scope}/providers/Microsoft.Security/securityStandards/{standardId}?api-version=2024-08-01

URI-Parameter

Name	In	Erforderlich	Typ	Beschreibung
scope	path	True	string	Der Umfang des Sicherheitsstandards. Gültige Bereiche sind: Verwaltungsgruppe (Format: 'Providers/Microsoft.Management/managementGroups/{managementGroup}'), Abonnement (Format: 'subscriptions/{subscriptionId}') oder Security Connector (Format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName})'
standardId	path	True	string	Der Sicherheitsstandardschlüssel – eindeutiger Schlüssel für den Standardtyp RegEx-Muster: [{]?[0-9a-fA-F]{8}-(?:[0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}[}]?$
api-version	query	True	string	Die API-Version, die für diesen Vorgang verwendet werden soll.

Anforderungstext

Name	Typ	Beschreibung
properties.assessments	PartialAssessmentProperties[]	Liste der Bewertungsschlüssel, die auf den Standardumfang angewendet werden sollen.
properties.cloudProviders	StandardSupportedCloud[]	Liste aller standardmäßig unterstützten Clouds.
properties.description	string	Beschreibung des Standards
properties.displayName	string	Anzeigename des Standards, entspricht der Standard-ID
properties.metadata	StandardMetadata	Die Sicherheitsstandardmetadaten.
properties.policySetDefinitionId	string	Die dem Standard zugeordnete Richtliniensatzdefinitions-ID.

Antworten

Name	Typ	Beschreibung
200 OK	SecurityStandard	Der Sicherheitsstandard wurde erfolgreich aktualisiert.
201 Created	SecurityStandard	Erstellt
Other Status Codes	ErrorResponse	Fehlerantwort, die beschreibt, warum der Vorgang fehlgeschlagen ist

Sicherheit

azure_auth

Azure Active Directory OAuth2-Fluss

Typ: oauth2
Ablauf: implicit
Autorisierungs-URL: https://login.microsoftonline.com/common/oauth2/authorize

Bereiche

Name	Beschreibung
user_impersonation	Identitätswechsel ihres Benutzerkontos

Beispiele

Create or update security standard over management group scope

Create or update security standard over security connector scope

Create or update security standard over subscription scope

Create or update security standard over management group scope

Beispielanforderung

HTTP

PUT https://management.azure.com/providers/Microsoft.Management/managementGroups/contoso/providers/Microsoft.Security/securityStandards/8bb8be0a-6010-4789-812f-e4d661c4ed0e?api-version=2024-08-01

{
  "properties": {
    "displayName": "Azure Test Security Standard 1",
    "description": "description of Azure Test Security Standard 1",
    "assessments": [
      {
        "assessmentKey": "1195afff-c881-495e-9bc5-1486211ae03f"
      },
      {
        "assessmentKey": "dbd0cb49-b563-45e7-9724-889e799fa648"
      }
    ],
    "cloudProviders": [
      "GCP"
    ],
    "policySetDefinitionId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Authorization/policySetDefinitions/patchorchestration-applicationversions"
  }
}

Java

import com.azure.resourcemanager.security.models.PartialAssessmentProperties;
import com.azure.resourcemanager.security.models.StandardSupportedCloud;
import java.util.Arrays;

/**
 * Samples for SecurityStandards CreateOrUpdate.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/security/resource-manager/Microsoft.Security/stable/2024-08-01/examples/SecurityStandards/
     * PutByManagementGroupSecurityStandard_example.json
     */
    /**
     * Sample code: Create or update security standard over management group scope.
     * 
     * @param manager Entry point to SecurityManager.
     */
    public static void createOrUpdateSecurityStandardOverManagementGroupScope(
        com.azure.resourcemanager.security.SecurityManager manager) {
        manager.securityStandards().define("8bb8be0a-6010-4789-812f-e4d661c4ed0e")
            .withExistingScope("providers/Microsoft.Management/managementGroups/contoso")
            .withDisplayName("Azure Test Security Standard 1")
            .withDescription("description of Azure Test Security Standard 1")
            .withAssessments(Arrays.asList(new PartialAssessmentProperties().withAssessmentKey("fakeTokenPlaceholder"),
                new PartialAssessmentProperties().withAssessmentKey("fakeTokenPlaceholder")))
            .withCloudProviders(Arrays.asList(StandardSupportedCloud.GCP))
            .withPolicySetDefinitionId(
                "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Authorization/policySetDefinitions/patchorchestration-applicationversions")
            .create();
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Beispiel für eine Antwort

Statuscode:

200

{
  "id": "/providers/Microsoft.Management/managementGroups/contoso/resourceGroups/myResourceGroup/provider/Microsoft.Security/securityStandards/8bb8be0a-6010-4789-812f-e4d661c4ed0e",
  "name": "8bb8be0a-6010-4789-812f-e4d661c4ed0e",
  "type": "Microsoft.Security/securityStandards",
  "properties": {
    "displayName": "Azure Test Security Standard 1",
    "standardType": "Custom",
    "description": "description of Azure Test Security Standard 1",
    "assessments": [
      {
        "assessmentKey": "1195afff-c881-495e-9bc5-1486211ae03f"
      },
      {
        "assessmentKey": "dbd0cb49-b563-45e7-9724-889e799fa648"
      }
    ],
    "cloudProviders": [
      "GCP"
    ],
    "policySetDefinitionId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Authorization/policySetDefinitions/patchorchestration-applicationversions",
    "metadata": {
      "createdBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
      "createdOn": "2022-11-10T08:31:26.7993124Z",
      "lastUpdatedBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
      "lastUpdatedOn": "2022-11-10T08:31:26.7993124Z"
    }
  }
}

Statuscode:

201

{
  "id": "/providers/Microsoft.Management/managementGroups/contoso/resourceGroups/myResourceGroup/provider/Microsoft.Security/securityStandards/8bb8be0a-6010-4789-812f-e4d661c4ed0e",
  "name": "8bb8be0a-6010-4789-812f-e4d661c4ed0e",
  "type": "Microsoft.Security/securityStandards",
  "properties": {
    "displayName": "Azure Test Security Standard 1",
    "standardType": "Custom",
    "description": "description of Azure Test Security Standard 1",
    "assessments": [
      {
        "assessmentKey": "1195afff-c881-495e-9bc5-1486211ae03f"
      },
      {
        "assessmentKey": "dbd0cb49-b563-45e7-9724-889e799fa648"
      }
    ],
    "cloudProviders": [
      "GCP"
    ],
    "policySetDefinitionId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Authorization/policySetDefinitions/patchorchestration-applicationversions",
    "metadata": {
      "createdBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
      "createdOn": "2022-11-10T08:31:26.7993124Z",
      "lastUpdatedBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
      "lastUpdatedOn": "2022-11-10T08:31:26.7993124Z"
    }
  }
}

Create or update security standard over security connector scope

Beispielanforderung

HTTP

PUT https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector/providers/Microsoft.Security/securityStandards/8bb8be0a-6010-4789-812f-e4d661c4ed0e?api-version=2024-08-01

{
  "properties": {
    "displayName": "Azure Test Security Standard 1",
    "description": "description of Azure Test Security Standard 1",
    "assessments": [
      {
        "assessmentKey": "1195afff-c881-495e-9bc5-1486211ae03f"
      },
      {
        "assessmentKey": "dbd0cb49-b563-45e7-9724-889e799fa648"
      }
    ],
    "cloudProviders": [
      "GCP"
    ]
  }
}

Java

import com.azure.resourcemanager.security.models.PartialAssessmentProperties;
import com.azure.resourcemanager.security.models.StandardSupportedCloud;
import java.util.Arrays;

/**
 * Samples for SecurityStandards CreateOrUpdate.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/security/resource-manager/Microsoft.Security/stable/2024-08-01/examples/SecurityStandards/
     * PutBySecurityConnectorSecurityStandard_example.json
     */
    /**
     * Sample code: Create or update security standard over security connector scope.
     * 
     * @param manager Entry point to SecurityManager.
     */
    public static void createOrUpdateSecurityStandardOverSecurityConnectorScope(
        com.azure.resourcemanager.security.SecurityManager manager) {
        manager.securityStandards().define("8bb8be0a-6010-4789-812f-e4d661c4ed0e").withExistingScope(
            "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector")
            .withDisplayName("Azure Test Security Standard 1")
            .withDescription("description of Azure Test Security Standard 1")
            .withAssessments(Arrays.asList(new PartialAssessmentProperties().withAssessmentKey("fakeTokenPlaceholder"),
                new PartialAssessmentProperties().withAssessmentKey("fakeTokenPlaceholder")))
            .withCloudProviders(Arrays.asList(StandardSupportedCloud.GCP)).create();
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Beispiel für eine Antwort

Statuscode:

200

{
  "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector/resourceGroups/myResourceGroup/provider/Microsoft.Security/securityStandards/8bb8be0a-6010-4789-812f-e4d661c4ed0e",
  "name": "8bb8be0a-6010-4789-812f-e4d661c4ed0e",
  "type": "Microsoft.Security/securityStandards",
  "properties": {
    "displayName": "Azure Test Security Standard 1",
    "standardType": "Custom",
    "description": "description of Azure Test Security Standard 1",
    "assessments": [
      {
        "assessmentKey": "1195afff-c881-495e-9bc5-1486211ae03f"
      },
      {
        "assessmentKey": "dbd0cb49-b563-45e7-9724-889e799fa648"
      }
    ],
    "cloudProviders": [
      "GCP"
    ],
    "metadata": {
      "createdBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
      "createdOn": "2022-11-10T08:31:26.7993124Z",
      "lastUpdatedBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
      "lastUpdatedOn": "2022-11-10T08:31:26.7993124Z"
    }
  }
}

Statuscode:

201

{
  "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector/resourceGroups/myResourceGroup/provider/Microsoft.Security/securityStandards/8bb8be0a-6010-4789-812f-e4d661c4ed0e",
  "name": "8bb8be0a-6010-4789-812f-e4d661c4ed0e",
  "type": "Microsoft.Security/securityStandards",
  "properties": {
    "displayName": "Azure Test Security Standard 1",
    "description": "description of Azure Test Security Standard 1",
    "assessments": [
      {
        "assessmentKey": "1195afff-c881-495e-9bc5-1486211ae03f"
      },
      {
        "assessmentKey": "dbd0cb49-b563-45e7-9724-889e799fa648"
      }
    ],
    "cloudProviders": [
      "GCP"
    ],
    "metadata": {
      "createdBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
      "createdOn": "2022-11-10T08:31:26.7993124Z",
      "lastUpdatedBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
      "lastUpdatedOn": "2022-11-10T08:31:26.7993124Z"
    }
  }
}

Create or update security standard over subscription scope

Beispielanforderung

HTTP

PUT https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityStandards/8bb8be0a-6010-4789-812f-e4d661c4ed0e?api-version=2024-08-01

{
  "properties": {
    "displayName": "Azure Test Security Standard 1",
    "description": "description of Azure Test Security Standard 1",
    "assessments": [
      {
        "assessmentKey": "1195afff-c881-495e-9bc5-1486211ae03f"
      },
      {
        "assessmentKey": "dbd0cb49-b563-45e7-9724-889e799fa648"
      }
    ],
    "cloudProviders": [
      "GCP"
    ],
    "policySetDefinitionId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Authorization/policySetDefinitions/patchorchestration-applicationversions"
  }
}

Java

import com.azure.resourcemanager.security.models.PartialAssessmentProperties;
import com.azure.resourcemanager.security.models.StandardSupportedCloud;
import java.util.Arrays;

/**
 * Samples for SecurityStandards CreateOrUpdate.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/security/resource-manager/Microsoft.Security/stable/2024-08-01/examples/SecurityStandards/
     * PutBySubscriptionSecurityStandard_example.json
     */
    /**
     * Sample code: Create or update security standard over subscription scope.
     * 
     * @param manager Entry point to SecurityManager.
     */
    public static void createOrUpdateSecurityStandardOverSubscriptionScope(
        com.azure.resourcemanager.security.SecurityManager manager) {
        manager.securityStandards().define("8bb8be0a-6010-4789-812f-e4d661c4ed0e")
            .withExistingScope("subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23")
            .withDisplayName("Azure Test Security Standard 1")
            .withDescription("description of Azure Test Security Standard 1")
            .withAssessments(Arrays.asList(new PartialAssessmentProperties().withAssessmentKey("fakeTokenPlaceholder"),
                new PartialAssessmentProperties().withAssessmentKey("fakeTokenPlaceholder")))
            .withCloudProviders(Arrays.asList(StandardSupportedCloud.GCP))
            .withPolicySetDefinitionId(
                "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Authorization/policySetDefinitions/patchorchestration-applicationversions")
            .create();
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Beispiel für eine Antwort

Statuscode:

200

{
  "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myResourceGroup/provider/Microsoft.Security/securityStandards/8bb8be0a-6010-4789-812f-e4d661c4ed0e",
  "name": "8bb8be0a-6010-4789-812f-e4d661c4ed0e",
  "type": "Microsoft.Security/securityStandards",
  "properties": {
    "displayName": "Azure Test Security Standard 1",
    "standardType": "Custom",
    "description": "description of Azure Test Security Standard 1",
    "assessments": [
      {
        "assessmentKey": "1195afff-c881-495e-9bc5-1486211ae03f"
      },
      {
        "assessmentKey": "dbd0cb49-b563-45e7-9724-889e799fa648"
      }
    ],
    "cloudProviders": [
      "GCP"
    ],
    "policySetDefinitionId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Authorization/policySetDefinitions/patchorchestration-applicationversions",
    "metadata": {
      "createdBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
      "createdOn": "2022-11-10T08:31:26.7993124Z",
      "lastUpdatedBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
      "lastUpdatedOn": "2022-11-10T08:31:26.7993124Z"
    }
  }
}

Statuscode:

201

{
  "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myResourceGroup/provider/Microsoft.Security/securityStandards/8bb8be0a-6010-4789-812f-e4d661c4ed0e",
  "name": "8bb8be0a-6010-4789-812f-e4d661c4ed0e",
  "type": "Microsoft.Security/securityStandards",
  "properties": {
    "displayName": "Azure Test Security Standard 1",
    "standardType": "Custom",
    "description": "description of Azure Test Security Standard 1",
    "assessments": [
      {
        "assessmentKey": "1195afff-c881-495e-9bc5-1486211ae03f"
      },
      {
        "assessmentKey": "dbd0cb49-b563-45e7-9724-889e799fa648"
      }
    ],
    "cloudProviders": [
      "GCP"
    ],
    "policySetDefinitionId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Authorization/policySetDefinitions/patchorchestration-applicationversions",
    "metadata": {
      "createdBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
      "createdOn": "2022-11-10T08:31:26.7993124Z",
      "lastUpdatedBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
      "lastUpdatedOn": "2022-11-10T08:31:26.7993124Z"
    }
  }
}

Definitionen

Name	Beschreibung
ErrorAdditionalInfo	Der Ressourcenverwaltungsfehler zusätzliche Informationen.
ErrorDetail	Das Fehlerdetails.
ErrorResponse	Fehlerantwort
PartialAssessmentProperties	Beschreibt die Eigenschaften einer Bewertung im Zusammenhang mit dem Standard
SecurityStandard	Security Standard für eine Ressource
StandardMetadata	Die Standardmetadaten
StandardSupportedCloud	Die Cloud, auf der der Standard unterstützt wird.
standardType	Standardtyp (derzeit nur benutzerdefiniert oder Standard oder Compliance)

ErrorAdditionalInfo

Der Ressourcenverwaltungsfehler zusätzliche Informationen.

Name	Typ	Beschreibung
info	object	Die zusätzlichen Informationen.
type	string	Der zusätzliche Informationstyp.

ErrorDetail

Das Fehlerdetails.

Name	Typ	Beschreibung
additionalInfo	ErrorAdditionalInfo[]	Die zusätzlichen Informationen des Fehlers.
code	string	Der Fehlercode.
details	ErrorDetail[]	Die Fehlerdetails.
message	string	Die Fehlermeldung.
target	string	Das Fehlerziel.

ErrorResponse

Fehlerantwort

Name	Typ	Beschreibung
error	ErrorDetail	Das Fehlerobjekt.

PartialAssessmentProperties

Beschreibt die Eigenschaften einer Bewertung im Zusammenhang mit dem Standard

Name	Typ	Beschreibung
assessmentKey	string	Der Bewertungsschlüssel

SecurityStandard

Security Standard für eine Ressource

Name	Typ	Beschreibung
id	string	Ressourcen-ID
name	string	Ressourcenname
properties.assessments	PartialAssessmentProperties[]	Liste der Bewertungsschlüssel, die auf den Standardumfang angewendet werden sollen.
properties.cloudProviders	StandardSupportedCloud[]	Liste aller standardmäßig unterstützten Clouds.
properties.description	string	Beschreibung des Standards
properties.displayName	string	Anzeigename des Standards, entspricht der Standard-ID
properties.metadata	StandardMetadata	Die Sicherheitsstandardmetadaten.
properties.policySetDefinitionId	string	Die dem Standard zugeordnete Richtliniensatzdefinitions-ID.
properties.standardType	standardType	Standardtyp (derzeit nur benutzerdefiniert oder Standard oder Compliance)
type	string	Ressourcentyp

StandardMetadata

Die Standardmetadaten

Name	Typ	Beschreibung
createdBy	string	Standard Created by object ID (GUID)
createdOn	string	Standarderstellungsdatum
lastUpdatedBy	string	Standard zuletzt aktualisiert durch Objekt-ID (GUID)
lastUpdatedOn	string	Standarddatum der letzten Aktualisierung

StandardSupportedCloud

Die Cloud, auf der der Standard unterstützt wird.

Name	Typ	Beschreibung
AWS	string
Azure	string
GCP	string

standardType

Standardtyp (derzeit nur benutzerdefiniert oder Standard oder Compliance)

Name	Typ	Beschreibung
Compliance	string
Custom	string
Default	string