New-AzSecurityConnector
보안 커넥터를 만듭니다. 보안 커넥터가 이미 만들어지고 동일한 보안 커넥터 ID에 대한 후속 요청이 실행되면 업데이트됩니다.
구문
New-AzSecurityConnector
-Name <String>
-ResourceGroupName <String>
[-SubscriptionId <String>]
[-EnvironmentData <ISecurityConnectorEnvironment>]
[-EnvironmentName <String>]
[-Etag <String>]
[-HierarchyIdentifier <String>]
[-Kind <String>]
[-Location <String>]
[-Offering <ICloudOffering[]>]
[-Tag <Hashtable>]
[-DefaultProfile <PSObject>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
보안 커넥터를 만듭니다. 보안 커넥터가 이미 만들어지고 동일한 보안 커넥터 ID에 대한 후속 요청이 실행되면 업데이트됩니다.
예제
예제 1: AWS 보안 커넥터 만들기
$account = "891376984375"
$arnPrefix = "arn:aws:iam::$($account):role"
$cspmMonitorOffering = New-AzSecurityCspmMonitorAwsOfferingObject -NativeCloudConnectionCloudRoleArn "$arnPrefix/CspmMonitorAws"
$dcspmOffering = New-AzSecurityDefenderCspmAwsOfferingObject `
-VMScannerEnabled $true -ConfigurationScanningMode Default -ConfigurationCloudRoleArn "$arnPrefix/DefenderForCloud-AgentlessScanner" `
-DataSensitivityDiscoveryEnabled $true -DataSensitivityDiscoveryCloudRoleArn "$arnPrefix/SensitiveDataDiscovery" `
-DatabaseDspmEnabled $true -DatabaseDspmCloudRoleArn "$arnPrefix/DefenderForCloud-DataSecurityPostureDB" `
-CiemDiscoveryCloudRoleArn "$arnPrefix/DefenderForCloud-Ciem" -CiemOidcAzureActiveDirectoryAppName "mciem-aws-oidc-connector" -CiemOidcCloudRoleArn "$arnPrefix/DefenderForCloud-OidcCiem" `
-MdcContainerImageAssessmentEnabled $true -MdcContainerImageAssessmentCloudRoleArn "$arnPrefix/MDCContainersImageAssessmentRole" `
-MdcContainerAgentlessDiscoveryK8SEnabled $true -MdcContainerAgentlessDiscoveryK8SCloudRoleArn "$arnPrefix/MDCContainersAgentlessDiscoveryK8sRole"
$defenderForContainersOffering = New-AzSecurityDefenderForContainersAwsOfferingObject `
-AutoProvisioning $true -KuberneteServiceCloudRoleArn "$arnPrefix/DefenderForCloud-Containers-K8s" -KuberneteScubaReaderCloudRoleArn "$arnPrefix/DefenderForCloud-DataCollection" `
-KinesiToS3CloudRoleArn "$arnPrefix/DefenderForCloud-Containers-K8s-kinesis-to-s3" -CloudWatchToKinesiCloudRoleArn "$arnPrefix/DefenderForCloud-Containers-K8s-cloudwatch-to-kinesis" `
-KubeAuditRetentionTime 30 -ScubaExternalId "a47ae0a2-7bf7-482a-897a-7a139d30736c" `
-MdcContainerAgentlessDiscoveryK8SEnabled $true -MdcContainerAgentlessDiscoveryK8SCloudRoleArn "$arnPrefix/MDCContainersAgentlessDiscoveryK8sRole" `
-MdcContainerImageAssessmentEnabled $true -MdcContainerImageAssessmentCloudRoleArn "$arnPrefix/MDCContainersImageAssessmentRole" `
-EnableContainerVulnerabilityAssessment $false
$environment = New-AzSecurityAwsEnvironmentObject -ScanInterval 24
New-AzSecurityConnector -Name "aws-sdktest01" -ResourceGroupName "securityConnectors-tests" `
-EnvironmentData $environment -EnvironmentName AWS -HierarchyIdentifier "$account" `
-Offering @($cspmMonitorOffering, $dcspmOffering, $defenderForContainersOffering) `
-Location "CentralUS"
EnvironmentData : {
"environmentType": "AwsAccount",
"regions": [ ],
"scanInterval": 24
}
EnvironmentName : AWS
Etag :
HierarchyIdentifier : 891376984375
HierarchyIdentifierTrialEndDate : 3/24/2024 12:00:00 AM
Id : /subscriptions/487bb485-b5b0-471e-9c0d-10717612f869/resourcegroups/securityconnectors-tests/providers/Microsoft.Security/securityConnectors/aws-sdktes
t01
Kind :
Location : CentralUS
Name : aws-sdktest01
Offering : {{
"offeringType": "CspmMonitorAws",
"nativeCloudConnection": {
"cloudRoleArn": "arn:aws:iam::891376984375:role/CspmMonitorAws"
}
}, {
"offeringType": "DefenderCspmAws",
"vmScanners": {
"configuration": {
"cloudRoleArn": "arn:aws:iam::891376984375:role/DefenderForCloud-AgentlessScanner",
"scanningMode": "Default"
},
"enabled": true
},
"dataSensitivityDiscovery": {
"enabled": true,
"cloudRoleArn": "arn:aws:iam::891376984375:role/SensitiveDataDiscovery"
},
"databasesDspm": {
"enabled": true,
"cloudRoleArn": "arn:aws:iam::891376984375:role/DefenderForCloud-DataSecurityPostureDB"
},
"ciem": {
"ciemDiscovery": {
"cloudRoleArn": "arn:aws:iam::891376984375:role/DefenderForCloud-Ciem"
},
"ciemOidc": {
"cloudRoleArn": "arn:aws:iam::891376984375:role/DefenderForCloud-OidcCiem",
"azureActiveDirectoryAppName": "mciem-aws-oidc-connector"
}
},
"mdcContainersImageAssessment": {
"enabled": true,
"cloudRoleArn": "arn:aws:iam::891376984375:role/MDCContainersImageAssessmentRole"
},
"mdcContainersAgentlessDiscoveryK8s": {
"enabled": true,
"cloudRoleArn": "arn:aws:iam::891376984375:role/MDCContainersAgentlessDiscoveryK8sRole"
}
}, {
"offeringType": "DefenderForContainersAws",
"kubernetesService": {
"cloudRoleArn": "arn:aws:iam::891376984375:role/DefenderForCloud-Containers-K8s"
},
"kubernetesScubaReader": {
"cloudRoleArn": "arn:aws:iam::891376984375:role/DefenderForCloud-DataCollection"
},
"cloudWatchToKinesis": {
"cloudRoleArn": "arn:aws:iam::891376984375:role/DefenderForCloud-Containers-K8s-cloudwatch-to-kinesis"
},
"kinesisToS3": {
"cloudRoleArn": "arn:aws:iam::891376984375:role/DefenderForCloud-Containers-K8s-kinesis-to-s3"
},
"mdcContainersImageAssessment": {
"enabled": true,
"cloudRoleArn": "arn:aws:iam::891376984375:role/MDCContainersImageAssessmentRole"
},
"mdcContainersAgentlessDiscoveryK8s": {
"enabled": true,
"cloudRoleArn": "arn:aws:iam::891376984375:role/MDCContainersAgentlessDiscoveryK8sRole"
},
"enableContainerVulnerabilityAssessment": false,
"autoProvisioning": true,
"kubeAuditRetentionTime": 30,
"scubaExternalId": "a47ae0a2-7bf7-482a-897a-7a139d30736c"
}}
ResourceGroupName : securityconnectors-tests
SystemDataCreatedAt : 2/22/2024 11:45:53 PM
SystemDataCreatedBy : c3d82ccb-fee1-430c-949e-6c0a217c00a8
SystemDataCreatedByType : Application
SystemDataLastModifiedAt : 2/22/2024 11:45:53 PM
SystemDataLastModifiedBy : c3d82ccb-fee1-430c-949e-6c0a217c00a8
SystemDataLastModifiedByType : Application
Tag : {
}
Type : Microsoft.Security/securityconnectors예제 2: GCP 보안 커넥터 만들기
$account = "843025268399"
$emailSuffix = "myproject.iam.gserviceaccount.com"
$cspmMonitorOffering = New-AzSecurityCspmMonitorGcpOfferingObject -NativeCloudConnectionServiceAccountEmailAddress "microsoft-defender-cspm@$emailSuffix" -NativeCloudConnectionWorkloadIdentityProviderId "cspm"
$dcspmOffering = New-AzSecurityDefenderCspmGcpOfferingObject `
-VMScannerEnabled $true -ConfigurationScanningMode Default -ConfigurationExclusionTag @{key="value"} `
-MdcContainerAgentlessDiscoveryK8SEnabled $true -MdcContainerAgentlessDiscoveryK8SServiceAccountEmailAddress "mdc-containers-k8s-operator@$emailSuffix" -MdcContainerAgentlessDiscoveryK8SWorkloadIdentityProviderId "containers" `
-MdcContainerImageAssessmentEnabled $true -MdcContainerImageAssessmentServiceAccountEmailAddress "mdc-containers-artifact-assess@$emailSuffix" -MdcContainerImageAssessmentWorkloadIdentityProviderId "containers" `
-DataSensitivityDiscoveryEnabled $true -DataSensitivityDiscoveryServiceAccountEmailAddress "mdc-data-sec-posture-storage@$emailSuffix" -DataSensitivityDiscoveryWorkloadIdentityProviderId "data-security-posture-storage" `
-CiemDiscoveryServiceAccountEmailAddress "microsoft-defender-ciem@$emailSuffix" -CiemDiscoveryAzureActiveDirectoryAppName "mciem-gcp-oidc-app" -CiemDiscoveryWorkloadIdentityProviderId "ciem-discovery"
$defenderForContainersOffering = New-AzSecurityDefenderForContainersGcpOfferingObject `
-NativeCloudConnectionServiceAccountEmailAddress "microsoft-defender-containers@$emailSuffix" -NativeCloudConnectionWorkloadIdentityProviderId "containers" `
-DataPipelineNativeCloudConnectionServiceAccountEmailAddress "ms-defender-containers-stream@$emailSuffix" -DataPipelineNativeCloudConnectionWorkloadIdentityProviderId "containers-streams" `
-AuditLogsAutoProvisioningFlag $true -DefenderAgentAutoProvisioningFlag $true -PolicyAgentAutoProvisioningFlag $true `
-MdcContainerAgentlessDiscoveryK8SEnabled $true -MdcContainerAgentlessDiscoveryK8SWorkloadIdentityProviderId "containers" -MdcContainerAgentlessDiscoveryK8SServiceAccountEmailAddress "mdc-containers-k8s-operator@$emailSuffix" `
-MdcContainerImageAssessmentEnabled $true -MdcContainerImageAssessmentWorkloadIdentityProviderId "containers" -MdcContainerImageAssessmentServiceAccountEmailAddress "mdc-containers-artifact-assess@$emailSuffix"
$environment = New-AzSecurityGcpProjectEnvironmentObject -ScanInterval 24 -ProjectDetailProjectId "asc-sdk-samples" -ProjectDetailProjectNumber "$account"
New-AzSecurityConnector -Name "gcp-sdktest01" -ResourceGroupName "securityConnectors-tests" -EnvironmentData $environment -EnvironmentName GCP -HierarchyIdentifier "$account" `
-Offering @($cspmMonitorOffering, $dcspmOffering, $defenderForContainersOffering) -Location "CentralUS"
EnvironmentData : {
"environmentType": "GcpProject",
"projectDetails": {
"projectNumber": "843025268399",
"projectId": "asc-sdk-samples"
},
"scanInterval": 24
}
EnvironmentName : GCP
Etag :
HierarchyIdentifier : 843025268399
HierarchyIdentifierTrialEndDate : 3/24/2024 12:00:00 AM
Id : /subscriptions/487bb485-b5b0-471e-9c0d-10717612f869/resourcegroups/securityconnectors-tests/providers/Microsoft.Security/securityConnectors/gcp-sdktest01
Kind :
Location : CentralUS
Name : gcp-sdktest01
Offering : {{
"offeringType": "CspmMonitorGcp",
"nativeCloudConnection": {
"workloadIdentityProviderId": "cspm",
"serviceAccountEmailAddress": "microsoft-defender-cspm@myproject.iam.gserviceaccount.com"
}
}, {
"offeringType": "DefenderCspmGcp",
"ciemDiscovery": {
"workloadIdentityProviderId": "ciem-discovery",
"serviceAccountEmailAddress": "microsoft-defender-ciem@myproject.iam.gserviceaccount.com",
"azureActiveDirectoryAppName": "mciem-gcp-oidc-app"
},
"vmScanners": {
"configuration": {
"scanningMode": "Default",
"exclusionTags": {
"key": "value"
}
},
"enabled": true
},
"dataSensitivityDiscovery": {
"enabled": true,
"workloadIdentityProviderId": "data-security-posture-storage",
"serviceAccountEmailAddress": "mdc-data-sec-posture-storage@myproject.iam.gserviceaccount.com"
},
"mdcContainersImageAssessment": {
"enabled": true,
"workloadIdentityProviderId": "containers",
"serviceAccountEmailAddress": "mdc-containers-artifact-assess@myproject.iam.gserviceaccount.com"
},
"mdcContainersAgentlessDiscoveryK8s": {
"enabled": true,
"workloadIdentityProviderId": "containers",
"serviceAccountEmailAddress": "mdc-containers-k8s-operator@myproject.iam.gserviceaccount.com"
}
}, {
"offeringType": "DefenderForContainersGcp",
"nativeCloudConnection": {
"serviceAccountEmailAddress": "microsoft-defender-containers@myproject.iam.gserviceaccount.com",
"workloadIdentityProviderId": "containers"
},
"dataPipelineNativeCloudConnection": {
"serviceAccountEmailAddress": "ms-defender-containers-stream@myproject.iam.gserviceaccount.com",
"workloadIdentityProviderId": "containers-streams"
},
"mdcContainersImageAssessment": {
"enabled": true,
"workloadIdentityProviderId": "containers",
"serviceAccountEmailAddress": "mdc-containers-artifact-assess@myproject.iam.gserviceaccount.com"
},
"mdcContainersAgentlessDiscoveryK8s": {
"enabled": true,
"workloadIdentityProviderId": "containers",
"serviceAccountEmailAddress": "mdc-containers-k8s-operator@myproject.iam.gserviceaccount.com"
},
"auditLogsAutoProvisioningFlag": true,
"defenderAgentAutoProvisioningFlag": true,
"policyAgentAutoProvisioningFlag": true
}}
ResourceGroupName : securityconnectors-tests
SystemDataCreatedAt : 2/22/2024 11:45:53 PM
SystemDataCreatedBy : c3d82ccb-fee1-430c-949e-6c0a217c00a8
SystemDataCreatedByType : Application
SystemDataLastModifiedAt : 2/22/2024 11:45:53 PM
SystemDataLastModifiedBy : c3d82ccb-fee1-430c-949e-6c0a217c00a8
SystemDataLastModifiedByType : Application
Tag : {}
Type : Microsoft.Security/securityconnectors예제 3: AzureDevOps 보안 커넥터 만들기
New-AzSecurityConnector -ResourceGroupName "securityConnectors-pwsh-tmp" -Name "ado-sdk-pwsh-test03" `
-EnvironmentName AzureDevOps -EnvironmentData (New-AzSecurityAzureDevOpsScopeEnvironmentObject) `
-HierarchyIdentifier ([guid]::NewGuid().ToString()) -Location "CentralUS" `
-Offering @(New-AzSecurityCspmMonitorAzureDevOpsOfferingObject)
EnvironmentData : {
"environmentType": "AzureDevOpsScope"
}
EnvironmentName : AzureDevOps
Etag :
HierarchyIdentifier : 9dd01e19-8aaf-43a2-8dd4-1c5992f4df35
HierarchyIdentifierTrialEndDate :
Id : /subscriptions/487bb485-b5b0-471e-9c0d-10717612f869/resourcegroups/securityconnectors-pwsh-tmp/providers/Microsoft.Security/securityConnectors/ado-sdk-pwsh-test03
Kind :
Location : CentralUS
Name : ado-sdk-pwsh-test03
Offering : {{
"offeringType": "CspmMonitorAzureDevOps"
}}
ResourceGroupName : securityconnectors-pwsh-tmp
SystemDataCreatedAt : 2/24/2024 12:13:11 AM
SystemDataCreatedBy : c3d82ccb-fee1-430c-949e-6c0a217c00a8
SystemDataCreatedByType : Application
SystemDataLastModifiedAt : 2/24/2024 12:13:11 AM
SystemDataLastModifiedBy : c3d82ccb-fee1-430c-949e-6c0a217c00a8
SystemDataLastModifiedByType : Application
Tag : {
}
Type : Microsoft.Security/securityconnectors예제 4: GitHub 보안 커넥터 만들기
New-AzSecurityConnector -ResourceGroupName "securityConnectors-pwsh-tmp" -Name "gh-sdk-pwsh-test03" `
-EnvironmentName GitHub -EnvironmentData (New-AzSecurityGitHubScopeEnvironmentObject) `
-HierarchyIdentifier ([guid]::NewGuid().ToString()) -Location "CentralUS" `
-Offering @(New-AzSecurityCspmMonitorGithubOfferingObject)
EnvironmentData : {
"environmentType": "GithubScope"
}
EnvironmentName : Github
Etag :
HierarchyIdentifier : e8661d05-8003-46ae-b687-fa83746f44f3
HierarchyIdentifierTrialEndDate :
Id : /subscriptions/487bb485-b5b0-471e-9c0d-10717612f869/resourcegroups/securityconnectors-pwsh-tmp/providers/Microsoft.Security/securityConnectors/gh-sdk-pwsh-test03
Kind :
Location : CentralUS
Name : gh-sdk-pwsh-test03
Offering : {{
"offeringType": "CspmMonitorGithub"
}}
ResourceGroupName : securityconnectors-pwsh-tmp
SystemDataCreatedAt : 2/24/2024 12:55:33 AM
SystemDataCreatedBy : c3d82ccb-fee1-430c-949e-6c0a217c00a8
SystemDataCreatedByType : Application
SystemDataLastModifiedAt : 2/24/2024 12:55:33 AM
SystemDataLastModifiedBy : c3d82ccb-fee1-430c-949e-6c0a217c00a8
SystemDataLastModifiedByType : Application
Tag : {
}
Type : Microsoft.Security/securityconnectors예제 5: GitLab 보안 커넥터 만들기
New-AzSecurityConnector -ResourceGroupName "securityConnectors-pwsh-tmp" -Name "gl-sdk-pwsh-test03" `
-EnvironmentName GitLab -EnvironmentData (New-AzSecurityGitLabScopeEnvironmentObject) `
-HierarchyIdentifier ([guid]::NewGuid().ToString()) -Location "CentralUS" `
-Offering @(New-AzSecurityCspmMonitorGitLabOfferingObject)
EnvironmentData : {
"environmentType": "GitLabScope"
}
EnvironmentName : GitLab
Etag :
HierarchyIdentifier : e8661d05-8003-46ae-b687-fa83746f44f3
HierarchyIdentifierTrialEndDate :
Id : /subscriptions/487bb485-b5b0-471e-9c0d-10717612f869/resourcegroups/securityconnectors-pwsh-tmp/providers/Microsoft.Security/securityConnectors/gl-sdk-pwsh-test03
Kind :
Location : CentralUS
Name : gl-sdk-pwsh-test03
Offering : {{
"offeringType": "CspmMonitorGitLab"
}}
ResourceGroupName : securityconnectors-pwsh-tmp
SystemDataCreatedAt : 2/24/2024 12:55:33 AM
SystemDataCreatedBy : c3d82ccb-fee1-430c-949e-6c0a217c00a8
SystemDataCreatedByType : Application
SystemDataLastModifiedAt : 2/24/2024 12:55:33 AM
SystemDataLastModifiedBy : c3d82ccb-fee1-430c-949e-6c0a217c00a8
SystemDataLastModifiedByType : Application
Tag : {
}
Type : Microsoft.Security/securityconnectors매개 변수
-Confirm
cmdlet을 실행하기 전에 확인 메시지를 표시합니다.
| 형식: | SwitchParameter |
| 별칭: | cf |
| Position: | Named |
| Default value: | None |
| 필수: | False |
| 파이프라인 입력 허용: | False |
| 와일드카드 문자 허용: | False |
-DefaultProfile
DefaultProfile 매개 변수가 작동하지 않습니다. 다른 구독에 대해 cmdlet을 실행하는 경우 사용 가능한 경우 SubscriptionId 매개 변수를 사용합니다.
| 형식: | PSObject |
| 별칭: | AzureRMContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| 필수: | False |
| 파이프라인 입력 허용: | False |
| 와일드카드 문자 허용: | False |
-EnvironmentData
보안 커넥터 환경 데이터입니다.
| 형식: | ISecurityConnectorEnvironment |
| Position: | Named |
| Default value: | None |
| 필수: | False |
| 파이프라인 입력 허용: | False |
| 와일드카드 문자 허용: | False |
-EnvironmentName
다중 클라우드 리소스의 클라우드 이름입니다.
| 형식: | String |
| Position: | Named |
| Default value: | None |
| 필수: | False |
| 파이프라인 입력 허용: | False |
| 와일드카드 문자 허용: | False |
-Etag
엔터티 태그는 동일한 요청된 리소스에서 둘 이상의 엔터티를 비교하는 데 사용됩니다.
| 형식: | String |
| Position: | Named |
| Default value: | None |
| 필수: | False |
| 파이프라인 입력 허용: | False |
| 와일드카드 문자 허용: | False |
-HierarchyIdentifier
다중 클라우드 리소스 식별자(AWS 커넥터의 경우 계정 ID, GCP 커넥터의 경우 프로젝트 번호)입니다.
| 형식: | String |
| Position: | Named |
| Default value: | None |
| 필수: | False |
| 파이프라인 입력 허용: | False |
| 와일드카드 문자 허용: | False |
-Kind
리소스 종류
| 형식: | String |
| Position: | Named |
| Default value: | None |
| 필수: | False |
| 파이프라인 입력 허용: | False |
| 와일드카드 문자 허용: | False |
-Location
리소스가 저장되는 위치
| 형식: | String |
| Position: | Named |
| Default value: | None |
| 필수: | False |
| 파이프라인 입력 허용: | False |
| 와일드카드 문자 허용: | False |
-Name
보안 커넥터 이름입니다.
| 형식: | String |
| 별칭: | SecurityConnectorName |
| Position: | Named |
| Default value: | None |
| 필수: | True |
| 파이프라인 입력 허용: | False |
| 와일드카드 문자 허용: | False |
-Offering
보안 커넥터에 대한 제품 컬렉션입니다.
| 형식: | ICloudOffering[] |
| Position: | Named |
| Default value: | None |
| 필수: | False |
| 파이프라인 입력 허용: | False |
| 와일드카드 문자 허용: | False |
-ResourceGroupName
사용자의 구독 내에 있는 리소스 그룹의 이름입니다. 이름은 대/소문자를 구분하지 않습니다.
| 형식: | String |
| Position: | Named |
| Default value: | None |
| 필수: | True |
| 파이프라인 입력 허용: | False |
| 와일드카드 문자 허용: | False |
-SubscriptionId
Azure 구독 ID
| 형식: | String |
| Position: | Named |
| Default value: | (Get-AzContext).Subscription.Id |
| 필수: | False |
| 파이프라인 입력 허용: | False |
| 와일드카드 문자 허용: | False |
-Tag
리소스를 설명하는 키 값 쌍의 목록입니다.
| 형식: | Hashtable |
| Position: | Named |
| Default value: | None |
| 필수: | False |
| 파이프라인 입력 허용: | False |
| 와일드카드 문자 허용: | False |
-WhatIf
cmdlet이 실행되면 어떻게 되는지 보여 주세요. cmdlet이 실행되지 않습니다.
| 형식: | SwitchParameter |
| 별칭: | wi |
| Position: | Named |
| Default value: | None |
| 필수: | False |
| 파이프라인 입력 허용: | False |
| 와일드카드 문자 허용: | False |
출력
GitHub에서 Microsoft와 공동 작업
이 콘텐츠의 원본은 GitHub에서 찾을 수 있으며, 여기서 문제와 끌어오기 요청을 만들고 검토할 수도 있습니다. 자세한 내용은 참여자 가이드를 참조하세요.
Azure PowerShell