你当前正在访问 Microsoft Azure Global Edition 技术文档网站。 如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站,请访问 https://docs.azure.cn。
Get-AzDeviceSecurityGroup
获取设备安全组(IoT 中心安全性)
语法
Get-AzDeviceSecurityGroup
-HubResourceId <String>
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>] Get-AzDeviceSecurityGroup
-HubResourceId <String>
-Name <String>
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>] 说明
Get-AzDeviceSecurityGroup cmdlet 返回在 iot 安全解决方案中定义的设备安全组
示例
示例 1
Get-AzDeviceSecurityGroup -HubResourceId "/subscriptions/XXXXXXXX-XXXX-XXXXX-XXXX-XXXXXXXXXXXX/resourceGroups/MyResourceGroup/providers/Microsoft.Devices/IotHubs/MyHub" -Name "MySecurityGroup"
Id: "/subscriptions/XXXXXXXX-XXXX-XXXXX-XXXX-XXXXXXXXXXXX/resourceGroups/MyResourceGroup/providers/Microsoft.Devices/IotHubs/MyHub/providers/Microsoft.Security/deviceSecurityGroups/MySecurityGroup"
Name: "MySecurityGroup"
Type: "Microsoft.Security/deviceSecurityGroups"
ThresholdRules: []
TimeWindowRules: [
{
RuleType: "ActiveConnectionsNotInAllowedRange"
DisplayName: "Number of active connections is not in allowed range"
Description: "Get an alert when the number of active connections of a device in the time window is not in the allowed range"
IsEnabled: false
MinThreshold: 0
MaxThreshold: 0
TimeWindowSize: "PT15M"
}
{
RuleType: "AmqpC2DMessagesNotInAllowedRange"
DisplayName: "Number of cloud to device messages (AMQP protocol) is not in allowed range"
Description: "Get an alert when the number of cloud to device messages (AMQP protocol) in the time window is not in the allowed range"
IsEnabled: false
MinThreshold: 0
MaxThreshold: 0
TimeWindowSize: "PT15M"
}]
AllowlistRules: [
{
RuleType": "ConnectionToIpNotAllowed",
DisplayName: "Outbound connection to an ip that isn't allowed"
Description: "Get an alert when an outbound connection is created between your device and an ip that isn't allowed"
IsEnabled: false
ValueType: "IpCidr"
AllowlistValues: []
},
{
RuleType: "LocalUserNotAllowed"
DisplayName: "Login by a local user that isn't allowed"
Description: "Get an alert when a local user that isn't allowed logins to the device"
IsEnabled: false
ValueType: "String"
AllowlistValues: []
}]
DenylistRules: []使用存储库 ID“/subscriptions/XXXXXXXX-XXXX-XXXXX-XXXX-XXXXXX-XXXXXXXXXXXX/resourceGroups/MyResourceGroup/providers/Microsoft.Devices/IotHubs/MyHub”获取 IoT 中心的设备安全组“MySecurityGroup”
示例 2
Get-AzDeviceSecurityGroup -HubResourceId "/subscriptions/XXXXXXXX-XXXX-XXXXX-XXXX-XXXXXXXXXXXX/resourceGroups/MyResourceGroup/providers/Microsoft.Devices/IotHubs/MyHub"
Array of security group items like the item returned in example 1获取 IoT 中心的设备安全组列表,其中包含存储库 ID“/subscriptions/XXXXXXXX-XXXX-XXXXX-XXXX-XXXX-XXXXXXXXXXXX/resourceGroups/MyResourceGroup/providers/Microsoft.Devices/IotHubs/MyHub”
参数
-DefaultProfile
用于与 Azure 通信的凭据、帐户、租户和订阅。
| 类型: | IAzureContextContainer |
| 别名: | AzContext, AzureRmContext, AzureCredential |
| Position: | Named |
| 默认值: | None |
| 必需: | False |
| 接受管道输入: | False |
| 接受通配符: | False |
-HubResourceId
要调用其上的命令的安全资源的 ID。
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | True |
| 接受管道输入: | False |
| 接受通配符: | False |
-Name
资源名称。
| 类型: | String |
| Position: | Named |
| 默认值: | None |
| 必需: | True |
| 接受管道输入: | False |
| 接受通配符: | False |
输入
None
