将 Azure API 管理 API 载入到 Microsoft Defender for API。 系统将开始监视 Azure 管理 API 中的操作,以便进行侵入性行为,并为检测到的攻击提供警报。
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/providers/Microsoft.Security/apiCollections/{apiId}?api-version=2023-11-15
URI 参数
名称 |
在 |
必需 |
类型 |
说明 |
apiId
|
path |
True
|
string
|
API 修订标识符。 API 管理服务实例中必须是唯一的。 非当前修订有;rev=n 作为后缀,其中 n 是修订号。
正则表达式模式: ^[^*#&+:<>?]+$
|
resourceGroupName
|
path |
True
|
string
|
资源组的名称。 名称不区分大小写。
|
serviceName
|
path |
True
|
string
|
API 管理服务的名称。
正则表达式模式: ^[a-zA-Z](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?$
|
subscriptionId
|
path |
True
|
string
uuid
|
目标订阅的 ID。 该值必须是 UUID。
|
api-version
|
query |
True
|
string
|
用于此操作的 API 版本。
|
响应
安全性
azure_auth
Azure Active Directory OAuth2 Flow
类型:
oauth2
流向:
implicit
授权 URL:
https://login.microsoftonline.com/common/oauth2/authorize
作用域
名称 |
说明 |
user_impersonation
|
模拟用户帐户
|
示例
Onboard an Azure API Management API to Microsoft Defender for APIs
示例请求
PUT https://management.azure.com/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/providers/Microsoft.Security/apiCollections/echo-api?api-version=2023-11-15
/**
* Samples for ApiCollections OnboardAzureApiManagementApi.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/security/resource-manager/Microsoft.Security/stable/2023-11-15/examples/ApiCollections/
* APICollections_OnboardAzureApiManagementApi_example.json
*/
/**
* Sample code: Onboard an Azure API Management API to Microsoft Defender for APIs.
*
* @param manager Entry point to SecurityManager.
*/
public static void onboardAnAzureAPIManagementAPIToMicrosoftDefenderForAPIs(
com.azure.resourcemanager.security.SecurityManager manager) {
manager.apiCollections().onboardAzureApiManagementApi("rg1", "apimService1", "echo-api",
com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armsecurity_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/stable/2023-11-15/examples/ApiCollections/APICollections_OnboardAzureApiManagementApi_example.json
func ExampleAPICollectionsClient_BeginOnboardAzureAPIManagementAPI() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAPICollectionsClient().BeginOnboardAzureAPIManagementAPI(ctx, "rg1", "apimService1", "echo-api", nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.APICollection = armsecurity.APICollection{
// Name: to.Ptr("echo-api"),
// Type: to.Ptr("Microsoft.Security/apiCollections"),
// ID: to.Ptr("/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/providers/Microsoft.Security/apiCollections/echo-api"),
// Properties: &armsecurity.APICollectionProperties{
// BaseURL: to.Ptr("https://apimservice1.azure-api.net/echo"),
// DiscoveredVia: to.Ptr("/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1"),
// DisplayName: to.Ptr("Echo API"),
// NumberOfAPIEndpoints: to.Ptr[int64](6),
// NumberOfAPIEndpointsWithSensitiveDataExposed: to.Ptr[int64](1),
// NumberOfExternalAPIEndpoints: to.Ptr[int64](3),
// NumberOfInactiveAPIEndpoints: to.Ptr[int64](3),
// NumberOfUnauthenticatedAPIEndpoints: to.Ptr[int64](1),
// ProvisioningState: to.Ptr(armsecurity.ProvisioningStateSucceeded),
// SensitivityLabel: to.Ptr("Highly Confidential"),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Onboard an Azure API Management API to Microsoft Defender for APIs. The system will start monitoring the operations within the Azure Management API for intrusive behaviors and provide alerts for attacks that have been detected.
*
* @summary Onboard an Azure API Management API to Microsoft Defender for APIs. The system will start monitoring the operations within the Azure Management API for intrusive behaviors and provide alerts for attacks that have been detected.
* x-ms-original-file: specification/security/resource-manager/Microsoft.Security/stable/2023-11-15/examples/ApiCollections/APICollections_OnboardAzureApiManagementApi_example.json
*/
async function onboardAnAzureApiManagementApiToMicrosoftDefenderForApIs() {
const subscriptionId =
process.env["SECURITY_SUBSCRIPTION_ID"] || "3fa85f64-5717-4562-b3fc-2c963f66afa6";
const resourceGroupName = process.env["SECURITY_RESOURCE_GROUP"] || "rg1";
const serviceName = "apimService1";
const apiId = "echo-api";
const credential = new DefaultAzureCredential();
const client = new SecurityCenter(credential, subscriptionId);
const result = await client.aPICollections.beginOnboardAzureApiManagementApiAndWait(
resourceGroupName,
serviceName,
apiId,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.SecurityCenter;
// Generated from example definition: specification/security/resource-manager/Microsoft.Security/stable/2023-11-15/examples/ApiCollections/APICollections_OnboardAzureApiManagementApi_example.json
// this example is just showing the usage of "APICollections_OnboardAzureApiManagementApi" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this SecurityCenterApiCollectionResource created on azure
// for more information of creating SecurityCenterApiCollectionResource, please refer to the document of SecurityCenterApiCollectionResource
string subscriptionId = "3fa85f64-5717-4562-b3fc-2c963f66afa6";
string resourceGroupName = "rg1";
string serviceName = "apimService1";
string apiId = "echo-api";
ResourceIdentifier securityCenterApiCollectionResourceId = SecurityCenterApiCollectionResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, serviceName, apiId);
SecurityCenterApiCollectionResource securityCenterApiCollection = client.GetSecurityCenterApiCollectionResource(securityCenterApiCollectionResourceId);
// invoke the operation
ArmOperation<SecurityCenterApiCollectionResource> lro = await securityCenterApiCollection.UpdateAsync(WaitUntil.Completed);
SecurityCenterApiCollectionResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
SecurityCenterApiCollectionData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
示例响应
{
"id": "/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/providers/Microsoft.Security/apiCollections/echo-api",
"name": "echo-api",
"type": "Microsoft.Security/apiCollections",
"properties": {
"provisioningState": "Succeeded",
"displayName": "Echo API",
"discoveredVia": "/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1",
"baseUrl": "https://apimservice1.azure-api.net/echo",
"numberOfApiEndpoints": 6,
"numberOfInactiveApiEndpoints": 3,
"numberOfUnauthenticatedApiEndpoints": 1,
"numberOfExternalApiEndpoints": 3,
"numberOfApiEndpointsWithSensitiveDataExposed": 1,
"sensitivityLabel": "Highly Confidential"
}
}
Location: https://management.azure.com/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/providers/Microsoft.Security/apiCollections/echo-api?api-version=2023-11-15&$asyncScope=eyJydSI6NTM4MjczMzI4NDQ3MjA1NzY2fQ==
{
"id": "/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/providers/Microsoft.Security/apiCollections/echo-api",
"name": "echo-api",
"type": "Microsoft.Security/apiCollections",
"properties": {
"provisioningState": "InProgress"
}
}
定义
ApiCollection
由 Microsoft Defender for API 表示的 API 集合。
名称 |
类型 |
说明 |
id
|
string
|
资源 ID
|
name
|
string
|
资源名称
|
properties.baseUrl
|
string
|
此 API 集合的基本 URI。 此 API 集合的所有终结点都会扩展此基 URI。
|
properties.discoveredVia
|
string
|
从中发现此 API 集合的资源的资源 ID。
|
properties.displayName
|
string
|
API 集合的显示名称。
|
properties.numberOfApiEndpoints
|
integer
|
在此 API 集合中发现的 API 终结点数。
|
properties.numberOfApiEndpointsWithSensitiveDataExposed
|
integer
|
此 API 集合中公开其请求和/或响应中的敏感数据的 API 终结点数。
|
properties.numberOfExternalApiEndpoints
|
integer
|
此 API 集合中观察到来自 Internet 的 API 流量的 API 终结点数。
|
properties.numberOfInactiveApiEndpoints
|
integer
|
此 API 集合中在过去 30 天内未收到任何 API 流量的 API 终结点数。
|
properties.numberOfUnauthenticatedApiEndpoints
|
integer
|
此 API 集合中未经身份验证的 API 终结点数。
|
properties.provisioningState
|
ProvisioningState
|
获取 API 集合的预配状态。
|
properties.sensitivityLabel
|
string
|
此 API 集合中来自 Microsoft Purview 的最高优先级敏感度标签。
|
type
|
string
|
资源类型
|
ErrorAdditionalInfo
资源管理错误附加信息。
名称 |
类型 |
说明 |
info
|
object
|
其他信息。
|
type
|
string
|
其他信息类型。
|
ErrorDetail
错误详细信息。
ErrorResponse
错误响应
ProvisioningState
获取 API 集合的预配状态。
名称 |
类型 |
说明 |
Canceled
|
string
|
|
Failed
|
string
|
|
InProgress
|
string
|
|
Succeeded
|
string
|
|