Recommended tasks that will help improve the security of the subscription proactively
GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/tasks/{taskName}?api-version=2015-06-01-preview
URI Parameters
| Name |
In |
Required |
Type |
Description |
|
ascLocation
|
path |
True
|
string
|
The location where ASC stores the data of the subscription. can be retrieved from Get locations
|
|
resourceGroupName
|
path |
True
|
string
|
The name of the resource group within the user's subscription. The name is case insensitive.
Regex pattern: ^[-\w\._\(\)]+$
|
|
subscriptionId
|
path |
True
|
string
|
Azure subscription ID
Regex pattern: ^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$
|
|
taskName
|
path |
True
|
string
|
Name of the task object, will be a GUID
|
|
api-version
|
query |
True
|
string
|
API version for the operation
|
Responses
| Name |
Type |
Description |
|
200 OK
|
SecurityTask
|
OK
|
|
Other Status Codes
|
CloudError
|
Error response describing why the operation failed.
|
Security
azure_auth
Azure Active Directory OAuth2 Flow
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
| Name |
Description |
|
user_impersonation
|
impersonate your user account
|
Examples
Get security recommendation task in a resource group
Sample request
GET https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/locations/westeurope/tasks/d55b4dc0-779c-c66c-33e5-d7bce24c4222?api-version=2015-06-01-preview
/**
* Samples for Tasks GetResourceGroupLevelTask.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/
* GetTaskResourceGroupLocation_example.json
*/
/**
* Sample code: Get security recommendation task in a resource group.
*
* @param manager Entry point to SecurityManager.
*/
public static void
getSecurityRecommendationTaskInAResourceGroup(com.azure.resourcemanager.security.SecurityManager manager) {
manager.tasks().getResourceGroupLevelTaskWithResponse("myRg", "westeurope",
"d55b4dc0-779c-c66c-33e5-d7bce24c4222", com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armsecurity_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTaskResourceGroupLocation_example.json
func ExampleTasksClient_GetResourceGroupLevelTask() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewTasksClient().GetResourceGroupLevelTask(ctx, "myRg", "westeurope", "d55b4dc0-779c-c66c-33e5-d7bce24c4222", nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.Task = armsecurity.Task{
// Name: to.Ptr("d55b4dc0-779c-c66c-33e5-d7bce24c4222"),
// Type: to.Ptr("Microsoft.Security/locations/tasks"),
// ID: to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/locations/westeurope/tasks/d55b4dc0-779c-c66c-33e5-d7bce24c4222"),
// Properties: &armsecurity.TaskProperties{
// CreationTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-04-02T11:41:27.054Z"); return t}()),
// LastStateChangeTimeUTC: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-04-02T11:41:27.054Z"); return t}()),
// SecurityTaskParameters: &armsecurity.TaskParameters{
// AdditionalProperties: map[string]any{
// "isDataDiskEncrypted": false,
// "isOsDiskEncrypted": false,
// "resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1",
// "severity": "High",
// "uniqueKey": "EncryptionOnVmTaskParameters_/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1",
// "vmId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1",
// "vmName": "vm1",
// },
// Name: to.Ptr("EncryptionOnVm"),
// },
// State: to.Ptr("Active"),
// SubState: to.Ptr("NA"),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Recommended tasks that will help improve the security of the subscription proactively
*
* @summary Recommended tasks that will help improve the security of the subscription proactively
* x-ms-original-file: specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTaskResourceGroupLocation_example.json
*/
async function getSecurityRecommendationTaskInAResourceGroup() {
const subscriptionId =
process.env["SECURITY_SUBSCRIPTION_ID"] || "20ff7fc3-e762-44dd-bd96-b71116dcdc23";
const resourceGroupName = process.env["SECURITY_RESOURCE_GROUP"] || "myRg";
const ascLocation = "westeurope";
const taskName = "d55b4dc0-779c-c66c-33e5-d7bce24c4222";
const credential = new DefaultAzureCredential();
const client = new SecurityCenter(credential, subscriptionId);
const result = await client.tasks.getResourceGroupLevelTask(
resourceGroupName,
ascLocation,
taskName,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.SecurityCenter;
// Generated from example definition: specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTaskResourceGroupLocation_example.json
// this example is just showing the usage of "Tasks_GetResourceGroupLevelTask" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this ResourceGroupSecurityTaskResource created on azure
// for more information of creating ResourceGroupSecurityTaskResource, please refer to the document of ResourceGroupSecurityTaskResource
string subscriptionId = "20ff7fc3-e762-44dd-bd96-b71116dcdc23";
string resourceGroupName = "myRg";
AzureLocation ascLocation = new AzureLocation("westeurope");
string taskName = "d55b4dc0-779c-c66c-33e5-d7bce24c4222";
ResourceIdentifier resourceGroupSecurityTaskResourceId = ResourceGroupSecurityTaskResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, ascLocation, taskName);
ResourceGroupSecurityTaskResource resourceGroupSecurityTask = client.GetResourceGroupSecurityTaskResource(resourceGroupSecurityTaskResourceId);
// invoke the operation
ResourceGroupSecurityTaskResource result = await resourceGroupSecurityTask.GetAsync();
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
SecurityTaskData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
Sample response
{
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/locations/westeurope/tasks/d55b4dc0-779c-c66c-33e5-d7bce24c4222",
"name": "d55b4dc0-779c-c66c-33e5-d7bce24c4222",
"type": "Microsoft.Security/locations/tasks",
"properties": {
"state": "Active",
"subState": "NA",
"creationTimeUtc": "2018-04-02T11:41:27.0541014Z",
"lastStateChangeTimeUtc": "2018-04-02T11:41:27.0541014Z",
"securityTaskParameters": {
"vmId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1",
"vmName": "vm1",
"severity": "High",
"isOsDiskEncrypted": false,
"isDataDiskEncrypted": false,
"name": "EncryptionOnVm",
"uniqueKey": "EncryptionOnVmTaskParameters_/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1",
"resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1"
}
}
}
Definitions
| Name |
Description |
|
CloudError
|
Common error response for all Azure Resource Manager APIs to return error details for failed operations. (This also follows the OData error response format.).
|
|
CloudErrorBody
|
The error detail.
|
|
ErrorAdditionalInfo
|
The resource management error additional info.
|
|
SecurityTask
|
Security task that we recommend to do in order to strengthen security
|
|
SecurityTaskParameters
|
Changing set of properties, depending on the task type that is derived from the name field
|
CloudError
Common error response for all Azure Resource Manager APIs to return error details for failed operations. (This also follows the OData error response format.).
| Name |
Type |
Description |
|
error.additionalInfo
|
ErrorAdditionalInfo[]
|
The error additional info.
|
|
error.code
|
string
|
The error code.
|
|
error.details
|
CloudErrorBody[]
|
The error details.
|
|
error.message
|
string
|
The error message.
|
|
error.target
|
string
|
The error target.
|
CloudErrorBody
The error detail.
| Name |
Type |
Description |
|
additionalInfo
|
ErrorAdditionalInfo[]
|
The error additional info.
|
|
code
|
string
|
The error code.
|
|
details
|
CloudErrorBody[]
|
The error details.
|
|
message
|
string
|
The error message.
|
|
target
|
string
|
The error target.
|
ErrorAdditionalInfo
The resource management error additional info.
| Name |
Type |
Description |
|
info
|
object
|
The additional info.
|
|
type
|
string
|
The additional info type.
|
SecurityTask
Security task that we recommend to do in order to strengthen security
| Name |
Type |
Description |
|
id
|
string
|
Resource Id
|
|
name
|
string
|
Resource name
|
|
properties.creationTimeUtc
|
string
|
The time this task was discovered in UTC
|
|
properties.lastStateChangeTimeUtc
|
string
|
The time this task's details were last changed in UTC
|
|
properties.securityTaskParameters
|
SecurityTaskParameters
|
Changing set of properties, depending on the task type that is derived from the name field
|
|
properties.state
|
string
|
State of the task (Active, Resolved etc.)
|
|
properties.subState
|
string
|
Additional data on the state of the task
|
|
type
|
string
|
Resource type
|
SecurityTaskParameters
Changing set of properties, depending on the task type that is derived from the name field
| Name |
Type |
Description |
|
name
|
string
|
Name of the task type
|