Health Reports - Get

Serviço:

Defender for Cloud

Versão da API:

2023-05-01-preview

Obter relatório de integridade do recurso

GET https://management.azure.com/{resourceId}/providers/Microsoft.Security/healthReports/{healthReportName}?api-version=2023-05-01-preview

Parâmetros do URI

Name	Em	Necessário	Tipo	Description
healthReportName	path	True	string	A chave do relatório de integridade - Chave exclusiva para o tipo de relatório de integridade Padrão Regex: [{]?[0-9a-fA-F]{8}-(?:[0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}[}]?$
resourceId	path	True	string	O identificador do recurso.
api-version	query	True	string	A versão da API a ser usada para esta operação.

Respostas

Name	Tipo	Description
200 OK	HealthReport	OK
Other Status Codes	ErrorResponse	Resposta de erro comum para todas as APIs do Azure Resource Manager para retornar detalhes de erro para operações com falha.

Segurança

azure_auth

Azure Ative Directory OAuth2 Flow

Tipo: oauth2
Fluxo: implicit
URL de Autorização: https://login.microsoftonline.com/common/oauth2/authorize

Âmbitos

Name	Description
user_impersonation	personificar a sua conta de utilizador

Exemplos

Get health report of resource

Pedido de amostra

HTTP

GET https://management.azure.com/subscriptions/a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2/resourcegroups/E2E-IBB0WX/providers/Microsoft.Security/securityconnectors/AwsConnectorAllOfferings/providers/Microsoft.Security/healthReports/909c629a-bf39-4521-8e4f-10b443a0bc02?api-version=2023-05-01-preview

Java

/**
 * Samples for HealthReports Get.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/security/resource-manager/Microsoft.Security/preview/2023-05-01-preview/examples/HealthReports/
     * GetHealthReports_example.json
     */
    /**
     * Sample code: Get health report of resource.
     * 
     * @param manager Entry point to SecurityManager.
     */
    public static void getHealthReportOfResource(com.azure.resourcemanager.security.SecurityManager manager) {
        manager.healthReports().getWithResponse(
            "subscriptions/a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2/resourcegroups/E2E-IBB0WX/providers/Microsoft.Security/securityconnectors/AwsConnectorAllOfferings",
            "909c629a-bf39-4521-8e4f-10b443a0bc02", com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Go

package armsecurity_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/preview/2023-05-01-preview/examples/HealthReports/GetHealthReports_example.json
func ExampleHealthReportsClient_Get() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	res, err := clientFactory.NewHealthReportsClient().Get(ctx, "subscriptions/a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2/resourcegroups/E2E-IBB0WX/providers/Microsoft.Security/securityconnectors/AwsConnectorAllOfferings", "909c629a-bf39-4521-8e4f-10b443a0bc02", nil)
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
	// You could use response here. We use blank identifier for just demo purposes.
	_ = res
	// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
	// res.HealthReport = armsecurity.HealthReport{
	// 	Name: to.Ptr("909c629a-bf39-4521-8e4f-10b443a0bc02"),
	// 	Type: to.Ptr("Microsoft.Security/healthReports"),
	// 	ID: to.Ptr("/subscriptions/a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2/resourcegroups/E2E-IBB0WX/providers/Microsoft.Security/securityconnectors/AwsConnectorAllOfferings/providers/Microsoft.Security/healthReports/909c629a-bf39-4521-8e4f-10b443a0bc02"),
	// 	Properties: &armsecurity.HealthReportProperties{
	// 		AffectedDefendersPlans: []*string{
	// 		},
	// 		EnvironmentDetails: &armsecurity.EnvironmentDetails{
	// 			EnvironmentHierarchyID: to.Ptr("a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2"),
	// 			NativeResourceID: to.Ptr("arn:aws:iam::827098768879"),
	// 			OrganizationalHierarchyID: to.Ptr("e81b978c-11be-449f-a392-42c0ed96bb91"),
	// 			SubscriptionID: to.Ptr("a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2"),
	// 			TenantID: to.Ptr("a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2"),
	// 		},
	// 		HealthDataClassification: &armsecurity.HealthDataClassification{
	// 			Component: to.Ptr("Connectivity"),
	// 			Scope: to.Ptr("Connectors"),
	// 		},
	// 		Issues: []*armsecurity.Issue{
	// 			{
	// 				IssueAdditionalData: map[string]*string{
	// 					"StacksetName": to.Ptr("ProdStackSet"),
	// 				},
	// 				IssueDescription: to.Ptr("A problem was identified with the AWS CloudFormation StackSet. The StackSet is used to create stacks across multiple accounts. To grant Defender for Cloud access to your member accounts, there is a need to run the StackSet on the member accounts."),
	// 				IssueKey: to.Ptr("414af15d-207e-4c63-b8eb-624d1b652e45"),
	// 				IssueName: to.Ptr("AWS CloudFormation StackSet name invalid or does not exist"),
	// 				RemediationScript: to.Ptr(""),
	// 				RemediationSteps: to.Ptr("Validate that the StackSet name in AWS matches the name provided in the onboarding set up: StackSet name can be found in AWS Management Console  -> CloudFormation -> StackSets -> StackSet name In case the names do not match, update the StackSet name to match the StackSet name provided in the onboarding set up.  In case the StackSet does not exist, re-run the CloudFormation template only for StackSet. Navigate to CloudFormation 'StackSets' in AWS Management Console -> Click 'Create StackSet' -> Choose 'Upload a template file', `Choose file` and select the downloaded template. Make sure to enter the exact StackSet name as it was provided in the onboarding set up. Download template link "),
	// 				SecurityValues: []*string{
	// 					to.Ptr("Connectivity to AWS member accounts")},
	// 			}},
	// 			ResourceDetails: &armsecurity.ResourceDetailsAutoGenerated{
	// 				ConnectorID: to.Ptr("bb7ad9cc-26b6-48ec-a5b4-23fc23be2733"),
	// 				ID: to.Ptr("/subscriptions/a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2/resourcegroups/E2E-IBB0WX/providers/Microsoft.Security/securityconnectors/AwsConnectorAllOfferings"),
	// 				Source: to.Ptr(armsecurity.Source("Aws")),
	// 			},
	// 			Status: &armsecurity.StatusAutoGenerated{
	// 				Code: to.Ptr(armsecurity.StatusNameNotHealthy),
	// 				FirstEvaluationDate: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2023-01-12T09:07:18.675Z"); return t}()),
	// 				LastScannedDate: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2023-04-25T09:02:20.134Z"); return t}()),
	// 				StatusChangeDate: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2023-01-12T09:07:18.675Z"); return t}()),
	// 			},
	// 		},
	// 	}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

JavaScript

const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Get health report of resource
 *
 * @summary Get health report of resource
 * x-ms-original-file: specification/security/resource-manager/Microsoft.Security/preview/2023-05-01-preview/examples/HealthReports/GetHealthReports_example.json
 */
async function getHealthReportOfResource() {
  const resourceId =
    "subscriptions/a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2/resourcegroups/E2E-IBB0WX/providers/Microsoft.Security/securityconnectors/AwsConnectorAllOfferings";
  const healthReportName = "909c629a-bf39-4521-8e4f-10b443a0bc02";
  const credential = new DefaultAzureCredential();
  const client = new SecurityCenter(credential);
  const result = await client.healthReports.get(resourceId, healthReportName);
  console.log(result);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

dotnet

using System;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.SecurityCenter;

// Generated from example definition: specification/security/resource-manager/Microsoft.Security/preview/2023-05-01-preview/examples/HealthReports/GetHealthReports_example.json
// this example is just showing the usage of "HealthReports_Get" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this ArmResource created on azure
// for more information of creating ArmResource, please refer to the document of ArmResource

// get the collection of this SecurityHealthReportResource
string resourceId = "subscriptions/a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2/resourcegroups/E2E-IBB0WX/providers/Microsoft.Security/securityconnectors/AwsConnectorAllOfferings";
ResourceIdentifier scopeId = new ResourceIdentifier(string.Format("/{0}", resourceId));
SecurityHealthReportCollection collection = client.GetSecurityHealthReports(scopeId);

// invoke the operation
string healthReportName = "909c629a-bf39-4521-8e4f-10b443a0bc02";
NullableResponse<SecurityHealthReportResource> response = await collection.GetIfExistsAsync(healthReportName);
SecurityHealthReportResource result = response.HasValue ? response.Value : null;

if (result == null)
{
    Console.WriteLine($"Succeeded with null as result");
}
else
{
    // the variable result is a resource, you could call other operations on this instance as well
    // but just for demo, we get its data from this resource instance
    SecurityHealthReportData resourceData = result.Data;
    // for demo we just print out the id
    Console.WriteLine($"Succeeded on id: {resourceData.Id}");
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Resposta da amostra

Código de estado:

200

{
  "id": "/subscriptions/a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2/resourcegroups/E2E-IBB0WX/providers/Microsoft.Security/securityconnectors/AwsConnectorAllOfferings/providers/Microsoft.Security/healthReports/909c629a-bf39-4521-8e4f-10b443a0bc02",
  "name": "909c629a-bf39-4521-8e4f-10b443a0bc02",
  "type": "Microsoft.Security/healthReports",
  "properties": {
    "resourceDetails": {
      "source": "Aws",
      "id": "/subscriptions/a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2/resourcegroups/E2E-IBB0WX/providers/Microsoft.Security/securityconnectors/AwsConnectorAllOfferings",
      "connectorId": "bb7ad9cc-26b6-48ec-a5b4-23fc23be2733"
    },
    "environmentDetails": {
      "nativeResourceId": "arn:aws:iam::827098768879",
      "environmentHierarchyId": "a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2",
      "organizationalHierarchyId": "e81b978c-11be-449f-a392-42c0ed96bb91",
      "subscriptionId": "a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2",
      "tenantId": "a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2"
    },
    "healthDataClassification": {
      "component": "Connectivity",
      "scope": "Connectors"
    },
    "status": {
      "code": "NotHealthy",
      "statusChangeDate": "2023-01-12T09:07:18.6759138Z",
      "firstEvaluationDate": "2023-01-12T09:07:18.6759138Z",
      "lastScannedDate": "2023-04-25T09:02:20.1349133Z"
    },
    "affectedDefendersPlans": [],
    "issues": [
      {
        "issueKey": "414af15d-207e-4c63-b8eb-624d1b652e45",
        "issueName": "AWS CloudFormation StackSet name invalid or does not exist",
        "securityValues": [
          "Connectivity to AWS member accounts"
        ],
        "issueDescription": "A problem was identified with the AWS CloudFormation StackSet. The StackSet is used to create stacks across multiple accounts. To grant Defender for Cloud access to your member accounts, there is a need to run the StackSet on the member accounts.",
        "remediationSteps": "Validate that the StackSet name in AWS matches the name provided in the onboarding set up: StackSet name can be found in AWS Management Console  -> CloudFormation -> StackSets -> StackSet name In case the names do not match, update the StackSet name to match the StackSet name provided in the onboarding set up.  In case the StackSet does not exist, re-run the CloudFormation template only for StackSet. Navigate to CloudFormation 'StackSets' in AWS Management Console -> Click 'Create StackSet' -> Choose 'Upload a template file', `Choose file` and select the downloaded template. Make sure to enter the exact StackSet name as it was provided in the onboarding set up. Download template link ",
        "remediationScript": "",
        "issueAdditionalData": {
          "StacksetName": "ProdStackSet"
        }
      }
    ]
  }
}

Definições

Name	Description
environmentDetails	Os detalhes ambientais do recurso
ErrorAdditionalInfo	O erro de gerenciamento de recursos informações adicionais.
ErrorDetail	O detalhe do erro.
ErrorResponse	Resposta de erro
healthDataClassification	A classificação do relatório de saúde
HealthReport	O recurso relatório de saúde
issue	O problema que causou a insalubridade do recurso
resourceDetails	Os detalhes do recurso do relatório de integridade
source	O estado do relatório de saúde
status	O estado do relatório de saúde
statusName	O estado do relatório de saúde

environmentDetails

Os detalhes ambientais do recurso

Name	Tipo	Description
environmentHierarchyId	string	A id de hierarquia do conector (no caso do Azure - a ID da assinatura, no caso da MC - a id hierarchyId)
nativeResourceId	string	A id de recurso nativo do recurso (no caso do Azure - a ID do recurso, no caso do MC - a ID do recurso nativo)
organizationalHierarchyId	string	A id da hierarquia organizacional do conector (no caso do Azure - a ID da assinatura, no caso da MC - a id da hierarquia organizacional)
subscriptionId	string	O ID da subscrição
tenantId	string	O ID do inquilino

ErrorAdditionalInfo

O erro de gerenciamento de recursos informações adicionais.

Name	Tipo	Description
info	object	As informações adicionais.
type	string	O tipo de informação adicional.

ErrorDetail

O detalhe do erro.

Name	Tipo	Description
additionalInfo	ErrorAdditionalInfo[]	O erro informações adicionais.
code	string	O código de erro.
details	ErrorDetail[]	Os detalhes do erro.
message	string	A mensagem de erro.
target	string	O destino do erro.

ErrorResponse

Resposta de erro

Name	Tipo	Description
error	ErrorDetail	O objeto de erro.

healthDataClassification

A classificação do relatório de saúde

Name	Tipo	Description
component	string	O componente descreve o nome do agente/serviço que verifica o problema
scenario	string	O cenário descreve o problema do cenário de integridade do componente
scope	string	O âmbito dos recursos do relatório de saúde

HealthReport

O recurso relatório de saúde

Name	Tipo	Description
id	string	ID do recurso
name	string	Nome do recurso
properties.affectedDefendersPlans	string[]	Os planos dos defensores afetados por relatório insalubre
properties.affectedDefendersSubPlans	string[]	Os defensores afetados sub planos por relatório insalubre
properties.environmentDetails	environmentDetails	Os detalhes ambientais do recurso
properties.healthDataClassification	healthDataClassification	A classificação do relatório de saúde
properties.issues	issue[]	Uma coletânea das questões do relatório
properties.reportAdditionalData	object	Dados adicionais para o relatório de integridade fornecido, este campo pode incluir mais detalhes sobre o recurso e o cenário de integridade.
properties.resourceDetails	resourceDetails	Os detalhes do recurso do relatório de integridade
properties.status	status	O estado do relatório de saúde
type	string	Tipo de recurso

issue

O problema que causou a insalubridade do recurso

Name	Tipo	Description
issueAdditionalData	object	Dados adicionais para a questão em questão. Os dados adicionais dependem do tipo de problema
issueDescription	string	A descrição do problema
issueKey	string	A chave da questão única
issueName	string	O nome do problema
remediationScript	string	O script de correção para resolver esse problema
remediationSteps	string	Descrição legível por humanos do que você deve fazer para mitigar esse problema de saúde
securityValues	string[]	Os valores de segurança afetados que o MDC oferece que serão afetados pelo problema, por exemplo: recomendações, alertas, etc

resourceDetails

Os detalhes do recurso do relatório de integridade

Name	Tipo	Description
connectorId	string	O id do conector
id	string	A id azure do recurso
source	source	O estado do relatório de saúde

source

O estado do relatório de saúde

Name	Tipo	Description
Aws	string
Azure	string
Gcp	string

status

O estado do relatório de saúde

Name	Tipo	Description
code	statusName	O estado do relatório de saúde
firstEvaluationDate	string	A data em que o recurso do relatório de saúde foi digitalizado pela primeira vez
lastScannedDate	string	A data de quando o recurso foi verificado pela última vez
reason	string	A razão do estatuto dado
statusChangeDate	string	A data em que o estado do relatório de saúde foi alterado pela última vez

statusName

O estado do relatório de saúde

Name	Tipo	Description
Healthy	string
NotApplicable	string
NotHealthy	string