Dela via


Device Security Groups - Create Or Update

Använd den här metoden för att skapa eller uppdatera enhetssäkerhetsgruppen på en angiven IoT Hub-resurs.

PUT https://management.azure.com/{resourceId}/providers/Microsoft.Security/deviceSecurityGroups/{deviceSecurityGroupName}?api-version=2019-08-01

URI-parametrar

Name I Obligatorisk Typ Description
deviceSecurityGroupName
path True

string

Namnet på enhetssäkerhetsgruppen. Observera att namnet på enhetssäkerhetsgruppen är skiftlägesokänsligt.

resourceId
path True

string

Resursens identifierare.

api-version
query True

string

API-version för åtgärden

Begärandetext

Name Typ Description
properties.allowlistRules

AllowlistCustomAlertRule[]

Anpassade aviseringsregler för tillåtna listor.

properties.denylistRules

DenylistCustomAlertRule[]

De anpassade aviseringsreglerna för neka-listan.

properties.thresholdRules

ThresholdCustomAlertRule[]

Listan över regler för anpassade aviseringströskelregler.

properties.timeWindowRules

TimeWindowCustomAlertRule[]

Listan över regler för anpassad aviseringstid.

Svar

Name Typ Description
200 OK

DeviceSecurityGroup

Säkerhetsgruppen har uppdaterats.

201 Created

DeviceSecurityGroup

Säkerhetsgruppen skapades.

Other Status Codes

CloudError

Felsvar som beskriver varför åtgärden misslyckades.

Säkerhet

azure_auth

Azure Active Directory OAuth2 Flow

Typ: oauth2
Flow: implicit
Auktoriseringswebbadress: https://login.microsoftonline.com/common/oauth2/authorize

Omfattningar

Name Description
user_impersonation personifiera ditt användarkonto

Exempel

Create or update a device security group for the specified IoT hub resource

Exempelbegäran

PUT https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub/providers/Microsoft.Security/deviceSecurityGroups/samplesecuritygroup?api-version=2019-08-01

{
  "properties": {
    "timeWindowRules": [
      {
        "ruleType": "ActiveConnectionsNotInAllowedRange",
        "isEnabled": true,
        "minThreshold": 0,
        "maxThreshold": 30,
        "timeWindowSize": "PT05M"
      }
    ]
  }
}

Exempelsvar

{
  "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub/providers/Microsoft.Security/deviceSecurityGroups/samplesecuritygroup",
  "name": "samplesecuritygroup",
  "type": "Microsoft.Security/deviceSecurityGroups",
  "properties": {
    "thresholdRules": [],
    "timeWindowRules": [
      {
        "ruleType": "ActiveConnectionsNotInAllowedRange",
        "displayName": "Number of active connections is not in allowed range",
        "description": "Get an alert when the number of active connections of a device in the time window is not in the allowed range",
        "isEnabled": true,
        "minThreshold": 0,
        "maxThreshold": 30,
        "timeWindowSize": "PT05M"
      },
      {
        "ruleType": "AmqpC2DMessagesNotInAllowedRange",
        "displayName": "Number of cloud to device messages (AMQP protocol) is not in allowed range",
        "description": "Get an alert when the number of cloud to device messages (AMQP protocol) in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "MqttC2DMessagesNotInAllowedRange",
        "displayName": "Number of cloud to device messages (MQTT protocol) is not in allowed range",
        "description": "Get an alert when the number of cloud to device messages (MQTT protocol) in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "HttpC2DMessagesNotInAllowedRange",
        "displayName": "Number of cloud to device messages (HTTP protocol) is not in allowed range",
        "description": "Get an alert when the number of cloud to device messages (HTTP protocol) in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "AmqpC2DRejectedMessagesNotInAllowedRange",
        "displayName": "Number of rejected cloud to device messages (AMQP protocol) is not in allowed range",
        "description": "Get an alert when the number of cloud to device messages (AMQP protocol) that were rejected by the device in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "MqttC2DRejectedMessagesNotInAllowedRange",
        "displayName": "Number of rejected cloud to device messages (MQTT protocol) is not in allowed range",
        "description": "Get an alert when the number of cloud to device messages (MQTT protocol) that were rejected by the device in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "HttpC2DRejectedMessagesNotInAllowedRange",
        "displayName": "Number of rejected cloud to device messages (HTTP protocol) is not in allowed range",
        "description": "Get an alert when the number of cloud to device messages (HTTP protocol) that were rejected by the device in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "AmqpD2CMessagesNotInAllowedRange",
        "displayName": "Number of device to cloud messages (AMQP protocol) is not in allowed range",
        "description": "Get an alert when the number of device to cloud messages (AMQP protocol) in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "MqttD2CMessagesNotInAllowedRange",
        "displayName": "Number of device to cloud messages (MQTT protocol) is not in allowed range",
        "description": "Get an alert when the number of device to cloud messages (MQTT protocol) in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "HttpD2CMessagesNotInAllowedRange",
        "displayName": "Number of device to cloud messages (HTTP protocol) is not in allowed range",
        "description": "Get an alert when the number of device to cloud messages (HTTP protocol) in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "DirectMethodInvokesNotInAllowedRange",
        "displayName": "Number of direct method invokes is not in allowed range",
        "description": "Get an alert when the number of direct method invokes in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "FailedLocalLoginsNotInAllowedRange",
        "displayName": "Number of failed local logins is not in allowed range",
        "description": "Get an alert when the number of failed local logins on the device in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "FileUploadsNotInAllowedRange",
        "displayName": "Number of file uploads is not in allowed range",
        "description": "Get an alert when the number of file uploads from the device to the cloud in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "QueuePurgesNotInAllowedRange",
        "displayName": "Number of device queue purges is not in allowed range",
        "description": "Get an alert when the number of device queue purges in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "TwinUpdatesNotInAllowedRange",
        "displayName": "Number of twin updates is not in allowed range",
        "description": "Get an alert when the number of twin updates (by the device or the service) in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "UnauthorizedOperationsNotInAllowedRange",
        "displayName": "Number of unauthorized operations is not in allowed range",
        "description": "Get an alert when the number unauthorized operations in the time window is not in the allowed range. Unauthorized operations are operations that affect the device (or done by it) that fail because of an unauthorized error",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      }
    ],
    "allowlistRules": [
      {
        "ruleType": "ConnectionToIpNotAllowed",
        "displayName": "Outbound connection to an ip that isn't allowed",
        "description": "Get an alert when an outbound connection is created between your device and an ip that isn't allowed",
        "isEnabled": false,
        "allowlistValues": []
      },
      {
        "ruleType": "LocalUserNotAllowed",
        "displayName": "Login by a local user that isn't allowed",
        "description": "Get an alert when a local user that isn't allowed logins to the device",
        "isEnabled": false,
        "allowlistValues": []
      },
      {
        "ruleType": "ProcessNotAllowed",
        "displayName": "Execution of a process that isn't allowed",
        "description": "Get an alert when a process that isn't allowed is executed",
        "isEnabled": false,
        "allowlistValues": []
      }
    ],
    "denylistRules": []
  }
}
{
  "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub/providers/Microsoft.Security/deviceSecurityGroups/samplesecuritygroup",
  "name": "samplesecuritygroup",
  "type": "Microsoft.Security/deviceSecurityGroups",
  "properties": {
    "thresholdRules": [],
    "timeWindowRules": [
      {
        "ruleType": "ActiveConnectionsNotInAllowedRange",
        "displayName": "Number of active connections is not in allowed range",
        "description": "Get an alert when the number of active connections of a device in the time window is not in the allowed range",
        "isEnabled": true,
        "minThreshold": 0,
        "maxThreshold": 30,
        "timeWindowSize": "PT05M"
      },
      {
        "ruleType": "AmqpC2DMessagesNotInAllowedRange",
        "displayName": "Number of cloud to device messages (AMQP protocol) is not in allowed range",
        "description": "Get an alert when the number of cloud to device messages (AMQP protocol) in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "MqttC2DMessagesNotInAllowedRange",
        "displayName": "Number of cloud to device messages (MQTT protocol) is not in allowed range",
        "description": "Get an alert when the number of cloud to device messages (MQTT protocol) in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "HttpC2DMessagesNotInAllowedRange",
        "displayName": "Number of cloud to device messages (HTTP protocol) is not in allowed range",
        "description": "Get an alert when the number of cloud to device messages (HTTP protocol) in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "AmqpC2DRejectedMessagesNotInAllowedRange",
        "displayName": "Number of rejected cloud to device messages (AMQP protocol) is not in allowed range",
        "description": "Get an alert when the number of cloud to device messages (AMQP protocol) that were rejected by the device in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "MqttC2DRejectedMessagesNotInAllowedRange",
        "displayName": "Number of rejected cloud to device messages (MQTT protocol) is not in allowed range",
        "description": "Get an alert when the number of cloud to device messages (MQTT protocol) that were rejected by the device in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "HttpC2DRejectedMessagesNotInAllowedRange",
        "displayName": "Number of rejected cloud to device messages (HTTP protocol) is not in allowed range",
        "description": "Get an alert when the number of cloud to device messages (HTTP protocol) that were rejected by the device in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "AmqpD2CMessagesNotInAllowedRange",
        "displayName": "Number of device to cloud messages (AMQP protocol) is not in allowed range",
        "description": "Get an alert when the number of device to cloud messages (AMQP protocol) in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "MqttD2CMessagesNotInAllowedRange",
        "displayName": "Number of device to cloud messages (MQTT protocol) is not in allowed range",
        "description": "Get an alert when the number of device to cloud messages (MQTT protocol) in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "HttpD2CMessagesNotInAllowedRange",
        "displayName": "Number of device to cloud messages (HTTP protocol) is not in allowed range",
        "description": "Get an alert when the number of device to cloud messages (HTTP protocol) in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "DirectMethodInvokesNotInAllowedRange",
        "displayName": "Number of direct method invokes is not in allowed range",
        "description": "Get an alert when the number of direct method invokes in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "FailedLocalLoginsNotInAllowedRange",
        "displayName": "Number of failed local logins is not in allowed range",
        "description": "Get an alert when the number of failed local logins on the device in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "FileUploadsNotInAllowedRange",
        "displayName": "Number of file uploads is not in allowed range",
        "description": "Get an alert when the number of file uploads from the device to the cloud in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "QueuePurgesNotInAllowedRange",
        "displayName": "Number of device queue purges is not in allowed range",
        "description": "Get an alert when the number of device queue purges in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "TwinUpdatesNotInAllowedRange",
        "displayName": "Number of twin updates is not in allowed range",
        "description": "Get an alert when the number of twin updates (by the device or the service) in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "UnauthorizedOperationsNotInAllowedRange",
        "displayName": "Number of unauthorized operations is not in allowed range",
        "description": "Get an alert when the number unauthorized operations in the time window is not in the allowed range. Unauthorized operations are operations that affect the device (or done by it) that fail because of an unauthorized error",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      }
    ],
    "allowlistRules": [
      {
        "ruleType": "ConnectionToIpNotAllowed",
        "displayName": "Outbound connection to an ip that isn't allowed",
        "description": "Get an alert when an outbound connection is created between your device and an ip that isn't allowed",
        "isEnabled": false,
        "allowlistValues": []
      },
      {
        "ruleType": "LocalUserNotAllowed",
        "displayName": "Login by a local user that isn't allowed",
        "description": "Get an alert when a local user that isn't allowed logins to the device",
        "isEnabled": false,
        "allowlistValues": []
      },
      {
        "ruleType": "ProcessNotAllowed",
        "displayName": "Execution of a process that isn't allowed",
        "description": "Get an alert when a process that isn't allowed is executed",
        "isEnabled": false,
        "allowlistValues": []
      }
    ],
    "denylistRules": []
  }
}

Definitioner

Name Description
AllowlistCustomAlertRule

En anpassad aviseringsregel som kontrollerar om ett värde (beror på den anpassade aviseringstypen) tillåts.

CloudError

Vanligt felsvar för alla Azure Resource Manager-API:er för att returnera felinformation för misslyckade åtgärder. (Detta följer även formatet för OData-felsvar.).

CloudErrorBody

Felinformationen.

DenylistCustomAlertRule

En anpassad aviseringsregel som kontrollerar om ett värde (beror på den anpassade aviseringstypen) nekas.

DeviceSecurityGroup

Resursen för enhetssäkerhetsgruppen

ErrorAdditionalInfo

Ytterligare information om resurshanteringsfelet.

ThresholdCustomAlertRule

En anpassad aviseringsregel som kontrollerar om ett värde (beror på den anpassade aviseringstypen) ligger inom det angivna intervallet.

TimeWindowCustomAlertRule

En anpassad aviseringsregel som kontrollerar om antalet aktiviteter (beror på den anpassade aviseringstypen) i ett tidsfönster ligger inom det angivna intervallet.

valueType

Värdetypen för objekten i listan.

AllowlistCustomAlertRule

En anpassad aviseringsregel som kontrollerar om ett värde (beror på den anpassade aviseringstypen) tillåts.

Name Typ Description
allowlistValues

string[]

De värden som ska tillåtas. Formatet på värdena beror på regeltypen.

description

string

Beskrivningen av den anpassade aviseringen.

displayName

string

Visningsnamnet för den anpassade aviseringen.

isEnabled

boolean

Status för den anpassade aviseringen.

ruleType

string

Typen av anpassad aviseringsregel.

valueType

valueType

Värdetypen för objekten i listan.

CloudError

Vanligt felsvar för alla Azure Resource Manager-API:er för att returnera felinformation för misslyckade åtgärder. (Detta följer även formatet för OData-felsvar.).

Name Typ Description
error.additionalInfo

ErrorAdditionalInfo[]

Ytterligare information om felet.

error.code

string

Felkoden.

error.details

CloudErrorBody[]

Felinformationen.

error.message

string

Felmeddelandet.

error.target

string

Felmålet.

CloudErrorBody

Felinformationen.

Name Typ Description
additionalInfo

ErrorAdditionalInfo[]

Ytterligare information om felet.

code

string

Felkoden.

details

CloudErrorBody[]

Felinformationen.

message

string

Felmeddelandet.

target

string

Felmålet.

DenylistCustomAlertRule

En anpassad aviseringsregel som kontrollerar om ett värde (beror på den anpassade aviseringstypen) nekas.

Name Typ Description
denylistValues

string[]

De värden som ska nekas. Formatet på värdena beror på regeltypen.

description

string

Beskrivningen av den anpassade aviseringen.

displayName

string

Visningsnamnet för den anpassade aviseringen.

isEnabled

boolean

Status för den anpassade aviseringen.

ruleType

string

Typen av anpassad aviseringsregel.

valueType

valueType

Värdetypen för objekten i listan.

DeviceSecurityGroup

Resursen för enhetssäkerhetsgruppen

Name Typ Description
id

string

Resurs-ID

name

string

Resursnamn

properties.allowlistRules

AllowlistCustomAlertRule[]

Anpassade aviseringsregler för tillåtna listor.

properties.denylistRules

DenylistCustomAlertRule[]

De anpassade aviseringsreglerna för neka-listan.

properties.thresholdRules

ThresholdCustomAlertRule[]

Listan över regler för anpassade aviseringströskelregler.

properties.timeWindowRules

TimeWindowCustomAlertRule[]

Listan över regler för anpassad aviseringstid.

type

string

Resurstyp

ErrorAdditionalInfo

Ytterligare information om resurshanteringsfelet.

Name Typ Description
info

object

Ytterligare information.

type

string

Ytterligare informationstyp.

ThresholdCustomAlertRule

En anpassad aviseringsregel som kontrollerar om ett värde (beror på den anpassade aviseringstypen) ligger inom det angivna intervallet.

Name Typ Description
description

string

Beskrivningen av den anpassade aviseringen.

displayName

string

Visningsnamnet för den anpassade aviseringen.

isEnabled

boolean

Status för den anpassade aviseringen.

maxThreshold

integer

Det maximala tröskelvärdet.

minThreshold

integer

Minimitröskelvärdet.

ruleType

string

Typen av anpassad aviseringsregel.

TimeWindowCustomAlertRule

En anpassad aviseringsregel som kontrollerar om antalet aktiviteter (beror på den anpassade aviseringstypen) i ett tidsfönster ligger inom det angivna intervallet.

Name Typ Description
description

string

Beskrivningen av den anpassade aviseringen.

displayName

string

Visningsnamnet för den anpassade aviseringen.

isEnabled

boolean

Status för den anpassade aviseringen.

maxThreshold

integer

Det maximala tröskelvärdet.

minThreshold

integer

Minimitröskelvärdet.

ruleType

string

Typen av anpassad aviseringsregel.

timeWindowSize

string

Tidsfönstrets storlek i iso8601-format.

valueType

Värdetypen för objekten i listan.

Name Typ Description
IpCidr

string

Ett IP-intervall i CIDR-format (t.ex. "192.168.0.1/8").

String

string

Valfritt strängvärde.