获取扫描资源的安全评估
GET https://management.azure.com/{resourceId}/providers/Microsoft.Security/assessments/{assessmentName}?api-version=2021-06-01
具有可选参数:
GET https://management.azure.com/{resourceId}/providers/Microsoft.Security/assessments/{assessmentName}?api-version=2021-06-01&$expand={$expand}
URI 参数
| 名称 |
在 |
必需 |
类型 |
说明 |
|
assessmentName
|
path |
True
|
string
|
评估密钥 - 评估类型的唯一键
|
|
resourceId
|
path |
True
|
string
|
资源的标识符。
|
|
api-version
|
query |
True
|
string
|
操作的 API 版本
|
|
$expand
|
query |
|
ExpandEnum
|
OData 展开。 自选。
|
响应
安全性
azure_auth
Azure Active Directory OAuth2 Flow
类型:
oauth2
流向:
implicit
授权 URL:
https://login.microsoftonline.com/common/oauth2/authorize
作用域
| 名称 |
说明 |
|
user_impersonation
|
模拟用户帐户
|
示例
Get security recommendation task from security data location
示例请求
GET https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2/providers/Microsoft.Security/assessments/21300918-b2e3-0346-785f-c77ff57d243b?api-version=2021-06-01
/**
* Samples for Assessments Get.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/Assessments/
* GetAssessment_example.json
*/
/**
* Sample code: Get security recommendation task from security data location.
*
* @param manager Entry point to SecurityManager.
*/
public static void getSecurityRecommendationTaskFromSecurityDataLocation(
com.azure.resourcemanager.security.SecurityManager manager) {
manager.assessments().getWithResponse(
"subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2",
"21300918-b2e3-0346-785f-c77ff57d243b", null, com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armsecurity_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/Assessments/GetAssessment_example.json
func ExampleAssessmentsClient_Get_getSecurityRecommendationTaskFromSecurityDataLocation() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewAssessmentsClient().Get(ctx, "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2", "21300918-b2e3-0346-785f-c77ff57d243b", &armsecurity.AssessmentsClientGetOptions{Expand: nil})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.AssessmentResponse = armsecurity.AssessmentResponse{
// Name: to.Ptr("21300918-b2e3-0346-785f-c77ff57d243b"),
// Type: to.Ptr("Microsoft.Security/assessments"),
// ID: to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2/providers/Microsoft.Security/assessments/21300918-b2e3-0346-785f-c77ff57d243b"),
// Properties: &armsecurity.AssessmentPropertiesResponse{
// AdditionalData: map[string]*string{
// "linkedWorkspaceId": to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myLaWorkspace"),
// },
// DisplayName: to.Ptr("Install endpoint protection solution on virtual machine scale sets"),
// ResourceDetails: &armsecurity.AzureResourceDetails{
// Source: to.Ptr(armsecurity.SourceAzure),
// ID: to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2"),
// },
// Status: &armsecurity.AssessmentStatusResponse{
// Description: to.Ptr("The effective policy for the assessment was evaluated to off - use Microsoft.Authorization/policyAssignments to turn this assessment on"),
// Cause: to.Ptr("OffByPolicy"),
// Code: to.Ptr(armsecurity.AssessmentStatusCodeNotApplicable),
// FirstEvaluationDate: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-04-12T09:07:18.675Z"); return t}()),
// StatusChangeDate: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-04-12T09:07:18.675Z"); return t}()),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Get a security assessment on your scanned resource
*
* @summary Get a security assessment on your scanned resource
* x-ms-original-file: specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/Assessments/GetAssessment_example.json
*/
async function getSecurityRecommendationTaskFromSecurityDataLocation() {
const resourceId =
"subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2";
const assessmentName = "21300918-b2e3-0346-785f-c77ff57d243b";
const credential = new DefaultAzureCredential();
const client = new SecurityCenter(credential);
const result = await client.assessments.get(resourceId, assessmentName);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.SecurityCenter;
using Azure.ResourceManager.SecurityCenter.Models;
// Generated from example definition: specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/Assessments/GetAssessment_example.json
// this example is just showing the usage of "Assessments_Get" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this SecurityAssessmentResource created on azure
// for more information of creating SecurityAssessmentResource, please refer to the document of SecurityAssessmentResource
string resourceId = "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2";
string assessmentName = "21300918-b2e3-0346-785f-c77ff57d243b";
ResourceIdentifier securityAssessmentResourceId = SecurityAssessmentResource.CreateResourceIdentifier(resourceId, assessmentName);
SecurityAssessmentResource securityAssessment = client.GetSecurityAssessmentResource(securityAssessmentResourceId);
// invoke the operation
SecurityAssessmentResource result = await securityAssessment.GetAsync();
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
SecurityAssessmentData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
示例响应
{
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2/providers/Microsoft.Security/assessments/21300918-b2e3-0346-785f-c77ff57d243b",
"name": "21300918-b2e3-0346-785f-c77ff57d243b",
"type": "Microsoft.Security/assessments",
"properties": {
"resourceDetails": {
"source": "Azure",
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2"
},
"displayName": "Install endpoint protection solution on virtual machine scale sets",
"status": {
"code": "NotApplicable",
"cause": "OffByPolicy",
"description": "The effective policy for the assessment was evaluated to off - use Microsoft.Authorization/policyAssignments to turn this assessment on",
"statusChangeDate": "2021-04-12T09:07:18.6759138Z",
"firstEvaluationDate": "2021-04-12T09:07:18.6759138Z"
},
"additionalData": {
"linkedWorkspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myLaWorkspace"
}
}
}
Get security recommendation task from security data location with expand parameter
示例请求
GET https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2/providers/Microsoft.Security/assessments/21300918-b2e3-0346-785f-c77ff57d243b?api-version=2021-06-01&$expand=links
import com.azure.resourcemanager.security.models.ExpandEnum;
/**
* Samples for Assessments Get.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/Assessments/
* GetAssessmentWithExpand_example.json
*/
/**
* Sample code: Get security recommendation task from security data location with expand parameter.
*
* @param manager Entry point to SecurityManager.
*/
public static void getSecurityRecommendationTaskFromSecurityDataLocationWithExpandParameter(
com.azure.resourcemanager.security.SecurityManager manager) {
manager.assessments().getWithResponse(
"subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2",
"21300918-b2e3-0346-785f-c77ff57d243b", ExpandEnum.LINKS, com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armsecurity_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/Assessments/GetAssessmentWithExpand_example.json
func ExampleAssessmentsClient_Get_getSecurityRecommendationTaskFromSecurityDataLocationWithExpandParameter() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
res, err := clientFactory.NewAssessmentsClient().Get(ctx, "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2", "21300918-b2e3-0346-785f-c77ff57d243b", &armsecurity.AssessmentsClientGetOptions{Expand: to.Ptr(armsecurity.ExpandEnumLinks)})
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.AssessmentResponse = armsecurity.AssessmentResponse{
// Name: to.Ptr("21300918-b2e3-0346-785f-c77ff57d243b"),
// Type: to.Ptr("Microsoft.Security/assessments"),
// ID: to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2/providers/Microsoft.Security/assessments/21300918-b2e3-0346-785f-c77ff57d243b"),
// Properties: &armsecurity.AssessmentPropertiesResponse{
// AdditionalData: map[string]*string{
// "linkedWorkspaceId": to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myLaWorkspace"),
// },
// DisplayName: to.Ptr("Install endpoint protection solution on virtual machine scale sets"),
// Links: &armsecurity.AssessmentLinks{
// AzurePortalURI: to.Ptr("https://www.portal.azure.com/?fea#blade/Microsoft_Azure_Security/RecommendationsBlade/assessmentKey/21300918-b2e3-0346-785f-c77ff57d243b"),
// },
// ResourceDetails: &armsecurity.AzureResourceDetails{
// Source: to.Ptr(armsecurity.SourceAzure),
// ID: to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2"),
// },
// Status: &armsecurity.AssessmentStatusResponse{
// Description: to.Ptr("The effective policy for the assessment was evaluated to off - use Microsoft.Authorization/policyAssignments to turn this assessment on"),
// Cause: to.Ptr("OffByPolicy"),
// Code: to.Ptr(armsecurity.AssessmentStatusCodeNotApplicable),
// FirstEvaluationDate: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-04-12T09:07:18.675Z"); return t}()),
// StatusChangeDate: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-04-12T09:07:18.675Z"); return t}()),
// },
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Get a security assessment on your scanned resource
*
* @summary Get a security assessment on your scanned resource
* x-ms-original-file: specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/Assessments/GetAssessmentWithExpand_example.json
*/
async function getSecurityRecommendationTaskFromSecurityDataLocationWithExpandParameter() {
const resourceId =
"subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2";
const assessmentName = "21300918-b2e3-0346-785f-c77ff57d243b";
const expand = "links";
const options = { expand };
const credential = new DefaultAzureCredential();
const client = new SecurityCenter(credential);
const result = await client.assessments.get(resourceId, assessmentName, options);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.SecurityCenter;
using Azure.ResourceManager.SecurityCenter.Models;
// Generated from example definition: specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/Assessments/GetAssessmentWithExpand_example.json
// this example is just showing the usage of "Assessments_Get" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this SecurityAssessmentResource created on azure
// for more information of creating SecurityAssessmentResource, please refer to the document of SecurityAssessmentResource
string resourceId = "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2";
string assessmentName = "21300918-b2e3-0346-785f-c77ff57d243b";
ResourceIdentifier securityAssessmentResourceId = SecurityAssessmentResource.CreateResourceIdentifier(resourceId, assessmentName);
SecurityAssessmentResource securityAssessment = client.GetSecurityAssessmentResource(securityAssessmentResourceId);
// invoke the operation
SecurityAssessmentODataExpand? expand = SecurityAssessmentODataExpand.Links;
SecurityAssessmentResource result = await securityAssessment.GetAsync(expand: expand);
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
SecurityAssessmentData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
示例响应
{
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2/providers/Microsoft.Security/assessments/21300918-b2e3-0346-785f-c77ff57d243b",
"name": "21300918-b2e3-0346-785f-c77ff57d243b",
"type": "Microsoft.Security/assessments",
"properties": {
"resourceDetails": {
"source": "Azure",
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2"
},
"displayName": "Install endpoint protection solution on virtual machine scale sets",
"status": {
"code": "NotApplicable",
"cause": "OffByPolicy",
"description": "The effective policy for the assessment was evaluated to off - use Microsoft.Authorization/policyAssignments to turn this assessment on",
"statusChangeDate": "2021-04-12T09:07:18.6759138Z",
"firstEvaluationDate": "2021-04-12T09:07:18.6759138Z"
},
"additionalData": {
"linkedWorkspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myLaWorkspace"
},
"links": {
"azurePortalUri": "https://www.portal.azure.com/?fea#blade/Microsoft_Azure_Security/RecommendationsBlade/assessmentKey/21300918-b2e3-0346-785f-c77ff57d243b"
}
}
}
定义
AssessmentLinks
与评估相关的链接
| 名称 |
类型 |
说明 |
|
azurePortalUri
|
string
|
Azure 门户中的评估链接
|
AssessmentStatusCode
评估状态的编程代码
| 名称 |
类型 |
说明 |
|
Healthy
|
string
|
资源正常
|
|
NotApplicable
|
string
|
此资源的评估未发生
|
|
Unhealthy
|
string
|
资源存在需要解决的安全问题
|
AssessmentStatusResponse
评估结果
| 名称 |
类型 |
说明 |
|
cause
|
string
|
评估状态原因的编程代码
|
|
code
|
AssessmentStatusCode
|
评估状态的编程代码
|
|
description
|
string
|
评估状态的人工可读说明
|
|
firstEvaluationDate
|
string
|
创建评估并首次评估的时间。 以 ISO 8601 格式返回为 UTC 时间
|
|
statusChangeDate
|
string
|
评估状态上次更改的时间。 以 ISO 8601 格式返回为 UTC 时间
|
assessmentType
如果基于内置 Azure Policy 定义的评估,则 BuiltIn;如果基于自定义 Azure Policy 定义的评估,则为 CustomIn
| 名称 |
类型 |
说明 |
|
BuiltIn
|
string
|
Microsoft Defender for Cloud 托管评估
|
|
CustomPolicy
|
string
|
从 Azure Policy 自动引入到 Microsoft Defender for Cloud 的用户定义策略
|
|
CustomerManaged
|
string
|
用户或其他第三方直接推送到 Microsoft Defender for Cloud 的用户评估
|
|
VerifiedPartner
|
string
|
如果用户将其连接到 ASC,则由已验证的第三方创建的评估
|
AzureResourceDetails
已评估的 Azure 资源的详细信息
| 名称 |
类型 |
说明 |
|
id
|
string
|
已评估资源的 Azure 资源 ID
|
|
source
|
string:
Azure
|
评估资源所在的平台
|
categories
| 名称 |
类型 |
说明 |
|
Compute
|
string
|
|
|
Data
|
string
|
|
|
IdentityAndAccess
|
string
|
|
|
IoT
|
string
|
|
|
Networking
|
string
|
|
CloudError
所有 Azure 资源管理器 API 的常见错误响应,以返回失败操作的错误详细信息。 (这也遵循 OData 错误响应格式)。
| 名称 |
类型 |
说明 |
|
error.additionalInfo
|
ErrorAdditionalInfo[]
|
错误附加信息。
|
|
error.code
|
string
|
错误代码。
|
|
error.details
|
CloudErrorBody[]
|
错误详细信息。
|
|
error.message
|
string
|
错误消息。
|
|
error.target
|
string
|
错误目标。
|
CloudErrorBody
错误详细信息。
ErrorAdditionalInfo
资源管理错误附加信息。
| 名称 |
类型 |
说明 |
|
info
|
object
|
其他信息。
|
|
type
|
string
|
其他信息类型。
|
ExpandEnum
OData 展开。 自选。
| 名称 |
类型 |
说明 |
|
links
|
string
|
与评估关联的所有链接
|
|
metadata
|
string
|
评估元数据
|
implementationEffort
修正此评估所需的实施工作
| 名称 |
类型 |
说明 |
|
High
|
string
|
|
|
Low
|
string
|
|
|
Moderate
|
string
|
|
OnPremiseResourceDetails
已评估的本地资源的详细信息
| 名称 |
类型 |
说明 |
|
machineName
|
string
|
计算机的名称
|
|
source
|
string:
OnPremise
|
评估资源所在的平台
|
|
sourceComputerId
|
string
|
计算机上安装的 oms 代理 ID
|
|
vmuuid
|
string
|
计算机的唯一 ID
|
|
workspaceId
|
string
|
计算机附加到的工作区的 Azure 资源 ID
|
OnPremiseSqlResourceDetails
已评估的本地 Sql 资源的详细信息
| 名称 |
类型 |
说明 |
|
databaseName
|
string
|
计算机上安装的 Sql 数据库名称
|
|
machineName
|
string
|
计算机的名称
|
|
serverName
|
string
|
计算机上安装的 Sql Server 名称
|
|
source
|
string:
OnPremiseSql
|
评估资源所在的平台
|
|
sourceComputerId
|
string
|
计算机上安装的 oms 代理 ID
|
|
vmuuid
|
string
|
计算机的唯一 ID
|
|
workspaceId
|
string
|
计算机附加到的工作区的 Azure 资源 ID
|
描述创建评估的合作伙伴
| 名称 |
类型 |
说明 |
|
partnerName
|
string
|
合作伙伴公司的名称
|
|
productName
|
string
|
创建评估的合作伙伴的产品的名称
|
|
secret
|
string
|
对合作伙伴进行身份验证并验证其是否创建了评估的机密 - 仅写入
|
描述评估元数据的属性。
| 名称 |
类型 |
说明 |
|
assessmentType
|
assessmentType
|
如果基于内置 Azure Policy 定义的评估,则 BuiltIn;如果基于自定义 Azure Policy 定义的评估,则为 CustomIn
|
|
categories
|
categories[]
|
评估不正常时面临风险的资源类别
|
|
description
|
string
|
评估的人工可读说明
|
|
displayName
|
string
|
评估的用户友好显示名称
|
|
implementationEffort
|
implementationEffort
|
修正此评估所需的实施工作
|
|
partnerData
|
SecurityAssessmentMetadataPartnerData
|
描述创建评估的合作伙伴
|
|
policyDefinitionId
|
string
|
启用此评估计算的策略定义的 Azure 资源 ID
|
|
preview
|
boolean
|
如此 如果此评估处于预览版发布状态
|
|
remediationDescription
|
string
|
人工可读说明应执行的操作以缓解此安全问题
|
|
severity
|
severity
|
评估的严重性级别
|
|
threats
|
threats[]
|
评估的威胁影响
|
|
userImpact
|
userImpact
|
评估的用户影响
|
SecurityAssessmentPartnerData
有关第三方合作伙伴集成的数据
| 名称 |
类型 |
说明 |
|
partnerName
|
string
|
合作伙伴公司的名称
|
|
secret
|
string
|
用于对合作伙伴进行身份验证的机密 - 仅写入
|
SecurityAssessmentResponse
资源的安全评估 - 响应格式
severity
评估的严重性级别
| 名称 |
类型 |
说明 |
|
High
|
string
|
|
|
Low
|
string
|
|
|
Medium
|
string
|
|
threats
| 名称 |
类型 |
说明 |
|
accountBreach
|
string
|
|
|
dataExfiltration
|
string
|
|
|
dataSpillage
|
string
|
|
|
denialOfService
|
string
|
|
|
elevationOfPrivilege
|
string
|
|
|
maliciousInsider
|
string
|
|
|
missingCoverage
|
string
|
|
|
threatResistance
|
string
|
|
userImpact
评估的用户影响
| 名称 |
类型 |
说明 |
|
High
|
string
|
|
|
Low
|
string
|
|
|
Moderate
|
string
|
|