Security Standards - Create Or Update

Serviço:

Defender for Cloud

Versão da API:

2024-08-01

Cria ou atualiza um padrão de segurança em um determinado escopo

PUT https://management.azure.com/{scope}/providers/Microsoft.Security/securityStandards/{standardId}?api-version=2024-08-01

Parâmetros de URI

Nome	Em	Obrigatório	Tipo	Description
scope	path	True	string	O escopo do padrão de segurança. Escopos válidos são: grupo de gerenciamento (formato: 'providers/Microsoft.Management/managementGroups/{managementGroup}'), assinatura (formato: 'subscriptions/{subscriptionId}') ou conector de segurança (formato: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName})'
standardId	path	True	string	A chave Padrão de Segurança – chave exclusiva para o tipo padrão Padrão Regex: [{]?[0-9a-fA-F]{8}-(?:[0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}[}]?$
api-version	query	True	string	A versão da API a ser usada para esta operação.

Corpo da solicitação

Nome	Tipo	Description
properties.assessments	PartialAssessmentProperties[]	Lista de chaves de avaliação a serem aplicadas ao escopo padrão.
properties.cloudProviders	StandardSupportedCloud[]	Lista de todas as nuvens com suporte padrão.
properties.description	string	Descrição do padrão
properties.displayName	string	Nome de exibição do padrão, equivalente à standardId
properties.metadata	StandardMetadata	Os metadados padrão de segurança.
properties.policySetDefinitionId	string	A ID de definição do conjunto de políticas associada ao padrão.

Respostas

Nome	Tipo	Description
200 OK	SecurityStandard	Padrão de segurança atualizado com êxito
201 Created	SecurityStandard	Criado
Other Status Codes	ErrorResponse	Resposta de erro descrevendo por que a operação falhou

Segurança

azure_auth

Fluxo OAuth2 do Azure Active Directory

Tipo: oauth2
Flow: implicit
URL de Autorização: https://login.microsoftonline.com/common/oauth2/authorize

Escopos

Nome	Description
user_impersonation	representar sua conta de usuário

Exemplos

Create or update security standard over management group scope

Create or update security standard over security connector scope

Create or update security standard over subscription scope

Create or update security standard over management group scope

Solicitação de exemplo

HTTP

PUT https://management.azure.com/providers/Microsoft.Management/managementGroups/contoso/providers/Microsoft.Security/securityStandards/8bb8be0a-6010-4789-812f-e4d661c4ed0e?api-version=2024-08-01

{
  "properties": {
    "displayName": "Azure Test Security Standard 1",
    "description": "description of Azure Test Security Standard 1",
    "assessments": [
      {
        "assessmentKey": "1195afff-c881-495e-9bc5-1486211ae03f"
      },
      {
        "assessmentKey": "dbd0cb49-b563-45e7-9724-889e799fa648"
      }
    ],
    "cloudProviders": [
      "GCP"
    ],
    "policySetDefinitionId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Authorization/policySetDefinitions/patchorchestration-applicationversions"
  }
}

Java

import com.azure.resourcemanager.security.models.PartialAssessmentProperties;
import com.azure.resourcemanager.security.models.StandardSupportedCloud;
import java.util.Arrays;

/**
 * Samples for SecurityStandards CreateOrUpdate.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/security/resource-manager/Microsoft.Security/stable/2024-08-01/examples/SecurityStandards/
     * PutByManagementGroupSecurityStandard_example.json
     */
    /**
     * Sample code: Create or update security standard over management group scope.
     * 
     * @param manager Entry point to SecurityManager.
     */
    public static void createOrUpdateSecurityStandardOverManagementGroupScope(
        com.azure.resourcemanager.security.SecurityManager manager) {
        manager.securityStandards().define("8bb8be0a-6010-4789-812f-e4d661c4ed0e")
            .withExistingScope("providers/Microsoft.Management/managementGroups/contoso")
            .withDisplayName("Azure Test Security Standard 1")
            .withDescription("description of Azure Test Security Standard 1")
            .withAssessments(Arrays.asList(new PartialAssessmentProperties().withAssessmentKey("fakeTokenPlaceholder"),
                new PartialAssessmentProperties().withAssessmentKey("fakeTokenPlaceholder")))
            .withCloudProviders(Arrays.asList(StandardSupportedCloud.GCP))
            .withPolicySetDefinitionId(
                "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Authorization/policySetDefinitions/patchorchestration-applicationversions")
            .create();
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Resposta de exemplo

Código de status:

200

{
  "id": "/providers/Microsoft.Management/managementGroups/contoso/resourceGroups/myResourceGroup/provider/Microsoft.Security/securityStandards/8bb8be0a-6010-4789-812f-e4d661c4ed0e",
  "name": "8bb8be0a-6010-4789-812f-e4d661c4ed0e",
  "type": "Microsoft.Security/securityStandards",
  "properties": {
    "displayName": "Azure Test Security Standard 1",
    "standardType": "Custom",
    "description": "description of Azure Test Security Standard 1",
    "assessments": [
      {
        "assessmentKey": "1195afff-c881-495e-9bc5-1486211ae03f"
      },
      {
        "assessmentKey": "dbd0cb49-b563-45e7-9724-889e799fa648"
      }
    ],
    "cloudProviders": [
      "GCP"
    ],
    "policySetDefinitionId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Authorization/policySetDefinitions/patchorchestration-applicationversions",
    "metadata": {
      "createdBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
      "createdOn": "2022-11-10T08:31:26.7993124Z",
      "lastUpdatedBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
      "lastUpdatedOn": "2022-11-10T08:31:26.7993124Z"
    }
  }
}

Código de status:

201

{
  "id": "/providers/Microsoft.Management/managementGroups/contoso/resourceGroups/myResourceGroup/provider/Microsoft.Security/securityStandards/8bb8be0a-6010-4789-812f-e4d661c4ed0e",
  "name": "8bb8be0a-6010-4789-812f-e4d661c4ed0e",
  "type": "Microsoft.Security/securityStandards",
  "properties": {
    "displayName": "Azure Test Security Standard 1",
    "standardType": "Custom",
    "description": "description of Azure Test Security Standard 1",
    "assessments": [
      {
        "assessmentKey": "1195afff-c881-495e-9bc5-1486211ae03f"
      },
      {
        "assessmentKey": "dbd0cb49-b563-45e7-9724-889e799fa648"
      }
    ],
    "cloudProviders": [
      "GCP"
    ],
    "policySetDefinitionId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Authorization/policySetDefinitions/patchorchestration-applicationversions",
    "metadata": {
      "createdBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
      "createdOn": "2022-11-10T08:31:26.7993124Z",
      "lastUpdatedBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
      "lastUpdatedOn": "2022-11-10T08:31:26.7993124Z"
    }
  }
}

Create or update security standard over security connector scope

Solicitação de exemplo

HTTP

PUT https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector/providers/Microsoft.Security/securityStandards/8bb8be0a-6010-4789-812f-e4d661c4ed0e?api-version=2024-08-01

{
  "properties": {
    "displayName": "Azure Test Security Standard 1",
    "description": "description of Azure Test Security Standard 1",
    "assessments": [
      {
        "assessmentKey": "1195afff-c881-495e-9bc5-1486211ae03f"
      },
      {
        "assessmentKey": "dbd0cb49-b563-45e7-9724-889e799fa648"
      }
    ],
    "cloudProviders": [
      "GCP"
    ]
  }
}

Java

import com.azure.resourcemanager.security.models.PartialAssessmentProperties;
import com.azure.resourcemanager.security.models.StandardSupportedCloud;
import java.util.Arrays;

/**
 * Samples for SecurityStandards CreateOrUpdate.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/security/resource-manager/Microsoft.Security/stable/2024-08-01/examples/SecurityStandards/
     * PutBySecurityConnectorSecurityStandard_example.json
     */
    /**
     * Sample code: Create or update security standard over security connector scope.
     * 
     * @param manager Entry point to SecurityManager.
     */
    public static void createOrUpdateSecurityStandardOverSecurityConnectorScope(
        com.azure.resourcemanager.security.SecurityManager manager) {
        manager.securityStandards().define("8bb8be0a-6010-4789-812f-e4d661c4ed0e").withExistingScope(
            "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector")
            .withDisplayName("Azure Test Security Standard 1")
            .withDescription("description of Azure Test Security Standard 1")
            .withAssessments(Arrays.asList(new PartialAssessmentProperties().withAssessmentKey("fakeTokenPlaceholder"),
                new PartialAssessmentProperties().withAssessmentKey("fakeTokenPlaceholder")))
            .withCloudProviders(Arrays.asList(StandardSupportedCloud.GCP)).create();
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Resposta de exemplo

Código de status:

200

{
  "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector/resourceGroups/myResourceGroup/provider/Microsoft.Security/securityStandards/8bb8be0a-6010-4789-812f-e4d661c4ed0e",
  "name": "8bb8be0a-6010-4789-812f-e4d661c4ed0e",
  "type": "Microsoft.Security/securityStandards",
  "properties": {
    "displayName": "Azure Test Security Standard 1",
    "standardType": "Custom",
    "description": "description of Azure Test Security Standard 1",
    "assessments": [
      {
        "assessmentKey": "1195afff-c881-495e-9bc5-1486211ae03f"
      },
      {
        "assessmentKey": "dbd0cb49-b563-45e7-9724-889e799fa648"
      }
    ],
    "cloudProviders": [
      "GCP"
    ],
    "metadata": {
      "createdBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
      "createdOn": "2022-11-10T08:31:26.7993124Z",
      "lastUpdatedBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
      "lastUpdatedOn": "2022-11-10T08:31:26.7993124Z"
    }
  }
}

Código de status:

201

{
  "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/gcpResourceGroup/providers/Microsoft.Security/securityConnectors/gcpconnector/resourceGroups/myResourceGroup/provider/Microsoft.Security/securityStandards/8bb8be0a-6010-4789-812f-e4d661c4ed0e",
  "name": "8bb8be0a-6010-4789-812f-e4d661c4ed0e",
  "type": "Microsoft.Security/securityStandards",
  "properties": {
    "displayName": "Azure Test Security Standard 1",
    "description": "description of Azure Test Security Standard 1",
    "assessments": [
      {
        "assessmentKey": "1195afff-c881-495e-9bc5-1486211ae03f"
      },
      {
        "assessmentKey": "dbd0cb49-b563-45e7-9724-889e799fa648"
      }
    ],
    "cloudProviders": [
      "GCP"
    ],
    "metadata": {
      "createdBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
      "createdOn": "2022-11-10T08:31:26.7993124Z",
      "lastUpdatedBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
      "lastUpdatedOn": "2022-11-10T08:31:26.7993124Z"
    }
  }
}

Create or update security standard over subscription scope

Solicitação de exemplo

HTTP

PUT https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityStandards/8bb8be0a-6010-4789-812f-e4d661c4ed0e?api-version=2024-08-01

{
  "properties": {
    "displayName": "Azure Test Security Standard 1",
    "description": "description of Azure Test Security Standard 1",
    "assessments": [
      {
        "assessmentKey": "1195afff-c881-495e-9bc5-1486211ae03f"
      },
      {
        "assessmentKey": "dbd0cb49-b563-45e7-9724-889e799fa648"
      }
    ],
    "cloudProviders": [
      "GCP"
    ],
    "policySetDefinitionId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Authorization/policySetDefinitions/patchorchestration-applicationversions"
  }
}

Java

import com.azure.resourcemanager.security.models.PartialAssessmentProperties;
import com.azure.resourcemanager.security.models.StandardSupportedCloud;
import java.util.Arrays;

/**
 * Samples for SecurityStandards CreateOrUpdate.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/security/resource-manager/Microsoft.Security/stable/2024-08-01/examples/SecurityStandards/
     * PutBySubscriptionSecurityStandard_example.json
     */
    /**
     * Sample code: Create or update security standard over subscription scope.
     * 
     * @param manager Entry point to SecurityManager.
     */
    public static void createOrUpdateSecurityStandardOverSubscriptionScope(
        com.azure.resourcemanager.security.SecurityManager manager) {
        manager.securityStandards().define("8bb8be0a-6010-4789-812f-e4d661c4ed0e")
            .withExistingScope("subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23")
            .withDisplayName("Azure Test Security Standard 1")
            .withDescription("description of Azure Test Security Standard 1")
            .withAssessments(Arrays.asList(new PartialAssessmentProperties().withAssessmentKey("fakeTokenPlaceholder"),
                new PartialAssessmentProperties().withAssessmentKey("fakeTokenPlaceholder")))
            .withCloudProviders(Arrays.asList(StandardSupportedCloud.GCP))
            .withPolicySetDefinitionId(
                "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Authorization/policySetDefinitions/patchorchestration-applicationversions")
            .create();
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Resposta de exemplo

Código de status:

200

{
  "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myResourceGroup/provider/Microsoft.Security/securityStandards/8bb8be0a-6010-4789-812f-e4d661c4ed0e",
  "name": "8bb8be0a-6010-4789-812f-e4d661c4ed0e",
  "type": "Microsoft.Security/securityStandards",
  "properties": {
    "displayName": "Azure Test Security Standard 1",
    "standardType": "Custom",
    "description": "description of Azure Test Security Standard 1",
    "assessments": [
      {
        "assessmentKey": "1195afff-c881-495e-9bc5-1486211ae03f"
      },
      {
        "assessmentKey": "dbd0cb49-b563-45e7-9724-889e799fa648"
      }
    ],
    "cloudProviders": [
      "GCP"
    ],
    "policySetDefinitionId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Authorization/policySetDefinitions/patchorchestration-applicationversions",
    "metadata": {
      "createdBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
      "createdOn": "2022-11-10T08:31:26.7993124Z",
      "lastUpdatedBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
      "lastUpdatedOn": "2022-11-10T08:31:26.7993124Z"
    }
  }
}

Código de status:

201

{
  "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myResourceGroup/provider/Microsoft.Security/securityStandards/8bb8be0a-6010-4789-812f-e4d661c4ed0e",
  "name": "8bb8be0a-6010-4789-812f-e4d661c4ed0e",
  "type": "Microsoft.Security/securityStandards",
  "properties": {
    "displayName": "Azure Test Security Standard 1",
    "standardType": "Custom",
    "description": "description of Azure Test Security Standard 1",
    "assessments": [
      {
        "assessmentKey": "1195afff-c881-495e-9bc5-1486211ae03f"
      },
      {
        "assessmentKey": "dbd0cb49-b563-45e7-9724-889e799fa648"
      }
    ],
    "cloudProviders": [
      "GCP"
    ],
    "policySetDefinitionId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Authorization/policySetDefinitions/patchorchestration-applicationversions",
    "metadata": {
      "createdBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
      "createdOn": "2022-11-10T08:31:26.7993124Z",
      "lastUpdatedBy": "c23b5354-ff0a-4b2a-9f92-6f144effd936",
      "lastUpdatedOn": "2022-11-10T08:31:26.7993124Z"
    }
  }
}

Definições

Nome	Description
ErrorAdditionalInfo	As informações adicionais do erro de gerenciamento de recursos.
ErrorDetail	O detalhe do erro.
ErrorResponse	Resposta de erro
PartialAssessmentProperties	Descreve as propriedades de uma avaliação como relacionadas ao padrão
SecurityStandard	Padrão de segurança em um recurso
StandardMetadata	Os metadados padrão
StandardSupportedCloud	A nuvem na qual o padrão tem suporte.
standardType	Tipo padrão (Personalizado ou Padrão ou Conformidade somente no momento)

ErrorAdditionalInfo

As informações adicionais do erro de gerenciamento de recursos.

Nome	Tipo	Description
info	object	As informações adicionais.
type	string	O tipo de informação adicional.

ErrorDetail

O detalhe do erro.

Nome	Tipo	Description
additionalInfo	ErrorAdditionalInfo[]	As informações adicionais do erro.
code	string	O código de erro.
details	ErrorDetail[]	Os detalhes do erro.
message	string	A mensagem de erro.
target	string	O destino do erro.

ErrorResponse

Resposta de erro

Nome	Tipo	Description
error	ErrorDetail	O objeto de erro.

PartialAssessmentProperties

Descreve as propriedades de uma avaliação como relacionadas ao padrão

Nome	Tipo	Description
assessmentKey	string	A chave de avaliação

SecurityStandard

Padrão de segurança em um recurso

Nome	Tipo	Description
id	string	ID do recurso
name	string	Nome do recurso
properties.assessments	PartialAssessmentProperties[]	Lista de chaves de avaliação a serem aplicadas ao escopo padrão.
properties.cloudProviders	StandardSupportedCloud[]	Lista de todas as nuvens com suporte padrão.
properties.description	string	Descrição do padrão
properties.displayName	string	Nome de exibição do padrão, equivalente à standardId
properties.metadata	StandardMetadata	Os metadados padrão de segurança.
properties.policySetDefinitionId	string	A ID de definição do conjunto de políticas associada ao padrão.
properties.standardType	standardType	Tipo padrão (Personalizado ou Padrão ou Conformidade somente no momento)
type	string	Tipo de recurso

StandardMetadata

Os metadados padrão

Nome	Tipo	Description
createdBy	string	Padrão Criado pela ID do objeto (GUID)
createdOn	string	Data de criação padrão
lastUpdatedBy	string	Padrão atualizado pela última vez pela ID do objeto (GUID)
lastUpdatedOn	string	Data da última atualização padrão

StandardSupportedCloud

A nuvem na qual o padrão tem suporte.

Nome	Tipo	Description
AWS	string
Azure	string
GCP	string

standardType

Tipo padrão (Personalizado ou Padrão ou Conformidade somente no momento)

Nome	Tipo	Description
Compliance	string
Custom	string
Default	string