Compartir a través de

Get-AzDeviceSecurityGroup

  • Referencia
Módulo:
Az.Security

Obtención del grupo de seguridad de dispositivos (seguridad de IoT Hub)

Sintaxis

Get-AzDeviceSecurityGroup
   -HubResourceId <String>
   [-DefaultProfile <IAzureContextContainer>]
   [<CommonParameters>]
Get-AzDeviceSecurityGroup
   -HubResourceId <String>
   -Name <String>
   [-DefaultProfile <IAzureContextContainer>]
   [<CommonParameters>]

Description

El cmdlet Get-AzDeviceSecurityGroup devuelve un grupo de seguridad de dispositivos definido en la solución de seguridad iot.

Ejemplos

Ejemplo 1

Get-AzDeviceSecurityGroup -HubResourceId "/subscriptions/XXXXXXXX-XXXX-XXXXX-XXXX-XXXXXXXXXXXX/resourceGroups/MyResourceGroup/providers/Microsoft.Devices/IotHubs/MyHub" -Name "MySecurityGroup"

Id: "/subscriptions/XXXXXXXX-XXXX-XXXXX-XXXX-XXXXXXXXXXXX/resourceGroups/MyResourceGroup/providers/Microsoft.Devices/IotHubs/MyHub/providers/Microsoft.Security/deviceSecurityGroups/MySecurityGroup"
Name: "MySecurityGroup"
Type: "Microsoft.Security/deviceSecurityGroups"
ThresholdRules: []
TimeWindowRules: [
			{
              RuleType: "ActiveConnectionsNotInAllowedRange"
              DisplayName: "Number of active connections is not in allowed range"
              Description: "Get an alert when the number of active connections of a device in the time window is not in the allowed range"
              IsEnabled: false
              MinThreshold: 0
              MaxThreshold: 0
              TimeWindowSize: "PT15M"
            }
            {
              RuleType: "AmqpC2DMessagesNotInAllowedRange"
              DisplayName: "Number of cloud to device messages (AMQP protocol) is not in allowed range"
              Description: "Get an alert when the number of cloud to device messages (AMQP protocol) in the time window is not in the allowed range"
              IsEnabled: false
              MinThreshold: 0
              MaxThreshold: 0
              TimeWindowSize: "PT15M"
            }]
AllowlistRules: [
			{
              RuleType": "ConnectionToIpNotAllowed",
              DisplayName: "Outbound connection to an ip that isn't allowed"
              Description: "Get an alert when an outbound connection is created between your device and an ip that isn't allowed"
              IsEnabled: false
              ValueType: "IpCidr"
              AllowlistValues: []
            },
            {
              RuleType: "LocalUserNotAllowed"
              DisplayName: "Login by a local user that isn't allowed"
              Description: "Get an alert when a local user that isn't allowed logins to the device"
              IsEnabled: false
              ValueType: "String"
              AllowlistValues: []
            }]
DenylistRules: []

Obtenga el grupo de seguridad de dispositivos "MySecurityGroup" en IoT Hub con el identificador reasource "/subscriptions/XXXXXXXX-XXXX-XXXXX-XXXXXXXXXXXX/resourceGroups/MyResourceGroup/providers/Microsoft.Devices/IotHubs/MyHubs"

Ejemplo 2

Get-AzDeviceSecurityGroup -HubResourceId "/subscriptions/XXXXXXXX-XXXX-XXXXX-XXXX-XXXXXXXXXXXX/resourceGroups/MyResourceGroup/providers/Microsoft.Devices/IotHubs/MyHub"

Array of security group items like the item returned in example 1

Obtenga la lista del grupo de seguridad de dispositivos en IoT Hub con el identificador de recurso "/subscriptions/XXXXXXXX-XXXX-XXXXX-XXXX-XXXXXXXXXXXX/resourceGroups/MyResourceGroup/providers/Microsoft.Devices/IotHubs/MyHub".

Parámetros

-DefaultProfile

Las credenciales, la cuenta, el inquilino y la suscripción que se usan para la comunicación con Azure.

Tipo:IAzureContextContainer
Alias:AzContext, AzureRmContext, AzureCredential
Posición:Named
Valor predeterminado:None
Requerido:False
Aceptar entrada de canalización:False
Aceptar caracteres comodín:False

-HubResourceId

Identificador del recurso de seguridad en el que desea invocar el comando.

Tipo:String
Posición:Named
Valor predeterminado:None
Requerido:True
Aceptar entrada de canalización:False
Aceptar caracteres comodín:False

-Name

Nombre del recurso.

Tipo:String
Posición:Named
Valor predeterminado:None
Requerido:True
Aceptar entrada de canalización:False
Aceptar caracteres comodín:False

Entradas

None

Salidas

PSDeviceSecurityGroup