你当前正在访问 Microsoft Azure Global Edition 技术文档网站。如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站，请访问 https://docs.azure.cn。

Device Security Groups - Get

参考

服务:: Defender for Cloud

API 版本:: 2019-08-01

使用此方法获取指定 IoT 中心资源的设备安全组。

GET https://management.azure.com/{resourceId}/providers/Microsoft.Security/deviceSecurityGroups/{deviceSecurityGroupName}?api-version=2019-08-01

URI 参数

名称	在	必需	类型	说明
deviceSecurityGroupName	path	True	string	设备安全组的名称。请注意，设备安全组的名称不区分大小写。
resourceId	path	True	string	资源的标识符。
api-version	query	True	string	操作的 API 版本

响应

名称	类型	说明
200 OK	DeviceSecurityGroup	成功请求获取设备安全组。
Other Status Codes	CloudError	描述操作失败的原因的错误响应。

安全性

azure_auth

Azure Active Directory OAuth2 Flow

类型: oauth2
流向: implicit
授权 URL: https://login.microsoftonline.com/common/oauth2/authorize

作用域

名称	说明
user_impersonation	模拟用户帐户

示例

Get a device security group for the specified IoT Hub resource

示例请求

GET https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub/providers/Microsoft.Security/deviceSecurityGroups/samplesecuritygroup?api-version=2019-08-01


/**
 * Samples for DeviceSecurityGroups Get.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/security/resource-manager/Microsoft.Security/stable/2019-08-01/examples/DeviceSecurityGroups/
     * GetDeviceSecurityGroups_example.json
     */
    /**
     * Sample code: Get a device security group for the specified IoT Hub resource.
     * 
     * @param manager Entry point to SecurityManager.
     */
    public static void getADeviceSecurityGroupForTheSpecifiedIoTHubResource(
        com.azure.resourcemanager.security.SecurityManager manager) {
        manager.deviceSecurityGroups().getWithResponse(
            "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub",
            "samplesecuritygroup", com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

package armsecurity_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/stable/2019-08-01/examples/DeviceSecurityGroups/GetDeviceSecurityGroups_example.json
func ExampleDeviceSecurityGroupsClient_Get() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	res, err := clientFactory.NewDeviceSecurityGroupsClient().Get(ctx, "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub", "samplesecuritygroup", nil)
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
	// You could use response here. We use blank identifier for just demo purposes.
	_ = res
	// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
	// res.DeviceSecurityGroup = armsecurity.DeviceSecurityGroup{
	// 	Name: to.Ptr("samplesecuritygroup"),
	// 	Type: to.Ptr("Microsoft.Security/deviceSecurityGroups"),
	// 	ID: to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub/providers/Microsoft.Security/deviceSecurityGroups/samplesecuritygroup"),
	// 	Properties: &armsecurity.DeviceSecurityGroupProperties{
	// 		AllowlistRules: []armsecurity.AllowlistCustomAlertRuleClassification{
	// 			&armsecurity.ConnectionToIPNotAllowed{
	// 				Description: to.Ptr("Get an alert when an outbound connection is created between your device and an ip that isn't allowed"),
	// 				DisplayName: to.Ptr("Outbound connection to an ip that isn't allowed"),
	// 				IsEnabled: to.Ptr(false),
	// 				RuleType: to.Ptr("ConnectionToIpNotAllowed"),
	// 				ValueType: to.Ptr(armsecurity.ValueTypeIPCidr),
	// 				AllowlistValues: []*string{
	// 				},
	// 			},
	// 			&armsecurity.LocalUserNotAllowed{
	// 				Description: to.Ptr("Get an alert when a local user that isn't allowed logins to the device"),
	// 				DisplayName: to.Ptr("Login by a local user that isn't allowed"),
	// 				IsEnabled: to.Ptr(false),
	// 				RuleType: to.Ptr("LocalUserNotAllowed"),
	// 				ValueType: to.Ptr(armsecurity.ValueTypeString),
	// 				AllowlistValues: []*string{
	// 				},
	// 			},
	// 			&armsecurity.ProcessNotAllowed{
	// 				Description: to.Ptr("Get an alert when a process that isn't allowed is executed"),
	// 				DisplayName: to.Ptr("Execution of a process that isn't allowed"),
	// 				IsEnabled: to.Ptr(false),
	// 				RuleType: to.Ptr("ProcessNotAllowed"),
	// 				ValueType: to.Ptr(armsecurity.ValueTypeString),
	// 				AllowlistValues: []*string{
	// 				},
	// 		}},
	// 		DenylistRules: []*armsecurity.DenylistCustomAlertRule{
	// 		},
	// 		ThresholdRules: []armsecurity.ThresholdCustomAlertRuleClassification{
	// 		},
	// 		TimeWindowRules: []armsecurity.TimeWindowCustomAlertRuleClassification{
	// 			&armsecurity.ActiveConnectionsNotInAllowedRange{
	// 				Description: to.Ptr("Get an alert when the number of active connections of a device in the time window is not in the allowed range"),
	// 				DisplayName: to.Ptr("Number of active connections is not in allowed range"),
	// 				IsEnabled: to.Ptr(false),
	// 				RuleType: to.Ptr("ActiveConnectionsNotInAllowedRange"),
	// 				MaxThreshold: to.Ptr[int32](0),
	// 				MinThreshold: to.Ptr[int32](0),
	// 				TimeWindowSize: to.Ptr("PT15M"),
	// 			},
	// 			&armsecurity.AmqpC2DMessagesNotInAllowedRange{
	// 				Description: to.Ptr("Get an alert when the number of cloud to device messages (AMQP protocol) in the time window is not in the allowed range"),
	// 				DisplayName: to.Ptr("Number of cloud to device messages (AMQP protocol) is not in allowed range"),
	// 				IsEnabled: to.Ptr(false),
	// 				RuleType: to.Ptr("AmqpC2DMessagesNotInAllowedRange"),
	// 				MaxThreshold: to.Ptr[int32](0),
	// 				MinThreshold: to.Ptr[int32](0),
	// 				TimeWindowSize: to.Ptr("PT15M"),
	// 			},
	// 			&armsecurity.MqttC2DMessagesNotInAllowedRange{
	// 				Description: to.Ptr("Get an alert when the number of cloud to device messages (MQTT protocol) in the time window is not in the allowed range"),
	// 				DisplayName: to.Ptr("Number of cloud to device messages (MQTT protocol) is not in allowed range"),
	// 				IsEnabled: to.Ptr(false),
	// 				RuleType: to.Ptr("MqttC2DMessagesNotInAllowedRange"),
	// 				MaxThreshold: to.Ptr[int32](0),
	// 				MinThreshold: to.Ptr[int32](0),
	// 				TimeWindowSize: to.Ptr("PT15M"),
	// 			},
	// 			&armsecurity.HTTPC2DMessagesNotInAllowedRange{
	// 				Description: to.Ptr("Get an alert when the number of cloud to device messages (HTTP protocol) in the time window is not in the allowed range"),
	// 				DisplayName: to.Ptr("Number of cloud to device messages (HTTP protocol) is not in allowed range"),
	// 				IsEnabled: to.Ptr(false),
	// 				RuleType: to.Ptr("HttpC2DMessagesNotInAllowedRange"),
	// 				MaxThreshold: to.Ptr[int32](0),
	// 				MinThreshold: to.Ptr[int32](0),
	// 				TimeWindowSize: to.Ptr("PT15M"),
	// 			},
	// 			&armsecurity.AmqpC2DRejectedMessagesNotInAllowedRange{
	// 				Description: to.Ptr("Get an alert when the number of cloud to device messages (AMQP protocol) that were rejected by the device in the time window is not in the allowed range"),
	// 				DisplayName: to.Ptr("Number of rejected cloud to device messages (AMQP protocol) is not in allowed range"),
	// 				IsEnabled: to.Ptr(false),
	// 				RuleType: to.Ptr("AmqpC2DRejectedMessagesNotInAllowedRange"),
	// 				MaxThreshold: to.Ptr[int32](0),
	// 				MinThreshold: to.Ptr[int32](0),
	// 				TimeWindowSize: to.Ptr("PT15M"),
	// 			},
	// 			&armsecurity.MqttC2DRejectedMessagesNotInAllowedRange{
	// 				Description: to.Ptr("Get an alert when the number of cloud to device messages (MQTT protocol) that were rejected by the device in the time window is not in the allowed range"),
	// 				DisplayName: to.Ptr("Number of rejected cloud to device messages (MQTT protocol) is not in allowed range"),
	// 				IsEnabled: to.Ptr(false),
	// 				RuleType: to.Ptr("MqttC2DRejectedMessagesNotInAllowedRange"),
	// 				MaxThreshold: to.Ptr[int32](0),
	// 				MinThreshold: to.Ptr[int32](0),
	// 				TimeWindowSize: to.Ptr("PT15M"),
	// 			},
	// 			&armsecurity.HTTPC2DRejectedMessagesNotInAllowedRange{
	// 				Description: to.Ptr("Get an alert when the number of cloud to device messages (HTTP protocol) that were rejected by the device in the time window is not in the allowed range"),
	// 				DisplayName: to.Ptr("Number of rejected cloud to device messages (HTTP protocol) is not in allowed range"),
	// 				IsEnabled: to.Ptr(false),
	// 				RuleType: to.Ptr("HttpC2DRejectedMessagesNotInAllowedRange"),
	// 				MaxThreshold: to.Ptr[int32](0),
	// 				MinThreshold: to.Ptr[int32](0),
	// 				TimeWindowSize: to.Ptr("PT15M"),
	// 			},
	// 			&armsecurity.AmqpD2CMessagesNotInAllowedRange{
	// 				Description: to.Ptr("Get an alert when the number of device to cloud messages (AMQP protocol) in the time window is not in the allowed range"),
	// 				DisplayName: to.Ptr("Number of device to cloud messages (AMQP protocol) is not in allowed range"),
	// 				IsEnabled: to.Ptr(false),
	// 				RuleType: to.Ptr("AmqpD2CMessagesNotInAllowedRange"),
	// 				MaxThreshold: to.Ptr[int32](0),
	// 				MinThreshold: to.Ptr[int32](0),
	// 				TimeWindowSize: to.Ptr("PT15M"),
	// 			},
	// 			&armsecurity.MqttD2CMessagesNotInAllowedRange{
	// 				Description: to.Ptr("Get an alert when the number of device to cloud messages (MQTT protocol) in the time window is not in the allowed range"),
	// 				DisplayName: to.Ptr("Number of device to cloud messages (MQTT protocol) is not in allowed range"),
	// 				IsEnabled: to.Ptr(false),
	// 				RuleType: to.Ptr("MqttD2CMessagesNotInAllowedRange"),
	// 				MaxThreshold: to.Ptr[int32](0),
	// 				MinThreshold: to.Ptr[int32](0),
	// 				TimeWindowSize: to.Ptr("PT15M"),
	// 			},
	// 			&armsecurity.HTTPD2CMessagesNotInAllowedRange{
	// 				Description: to.Ptr("Get an alert when the number of device to cloud messages (HTTP protocol) in the time window is not in the allowed range"),
	// 				DisplayName: to.Ptr("Number of device to cloud messages (HTTP protocol) is not in allowed range"),
	// 				IsEnabled: to.Ptr(false),
	// 				RuleType: to.Ptr("HttpD2CMessagesNotInAllowedRange"),
	// 				MaxThreshold: to.Ptr[int32](0),
	// 				MinThreshold: to.Ptr[int32](0),
	// 				TimeWindowSize: to.Ptr("PT15M"),
	// 			},
	// 			&armsecurity.DirectMethodInvokesNotInAllowedRange{
	// 				Description: to.Ptr("Get an alert when the number of direct method invokes in the time window is not in the allowed range"),
	// 				DisplayName: to.Ptr("Number of direct method invokes is not in allowed range"),
	// 				IsEnabled: to.Ptr(false),
	// 				RuleType: to.Ptr("DirectMethodInvokesNotInAllowedRange"),
	// 				MaxThreshold: to.Ptr[int32](0),
	// 				MinThreshold: to.Ptr[int32](0),
	// 				TimeWindowSize: to.Ptr("PT15M"),
	// 			},
	// 			&armsecurity.FailedLocalLoginsNotInAllowedRange{
	// 				Description: to.Ptr("Get an alert when the number of failed local logins on the device in the time window is not in the allowed range"),
	// 				DisplayName: to.Ptr("Number of failed local logins is not in allowed range"),
	// 				IsEnabled: to.Ptr(false),
	// 				RuleType: to.Ptr("FailedLocalLoginsNotInAllowedRange"),
	// 				MaxThreshold: to.Ptr[int32](0),
	// 				MinThreshold: to.Ptr[int32](0),
	// 				TimeWindowSize: to.Ptr("PT15M"),
	// 			},
	// 			&armsecurity.FileUploadsNotInAllowedRange{
	// 				Description: to.Ptr("Get an alert when the number of file uploads from the device to the cloud in the time window is not in the allowed range"),
	// 				DisplayName: to.Ptr("Number of file uploads is not in allowed range"),
	// 				IsEnabled: to.Ptr(false),
	// 				RuleType: to.Ptr("FileUploadsNotInAllowedRange"),
	// 				MaxThreshold: to.Ptr[int32](0),
	// 				MinThreshold: to.Ptr[int32](0),
	// 				TimeWindowSize: to.Ptr("PT15M"),
	// 			},
	// 			&armsecurity.QueuePurgesNotInAllowedRange{
	// 				Description: to.Ptr("Get an alert when the number of device queue purges in the time window is not in the allowed range"),
	// 				DisplayName: to.Ptr("Number of device queue purges is not in allowed range"),
	// 				IsEnabled: to.Ptr(false),
	// 				RuleType: to.Ptr("QueuePurgesNotInAllowedRange"),
	// 				MaxThreshold: to.Ptr[int32](0),
	// 				MinThreshold: to.Ptr[int32](0),
	// 				TimeWindowSize: to.Ptr("PT15M"),
	// 			},
	// 			&armsecurity.TwinUpdatesNotInAllowedRange{
	// 				Description: to.Ptr("Get an alert when the number of twin updates (by the device or the service) in the time window is not in the allowed range"),
	// 				DisplayName: to.Ptr("Number of twin updates is not in allowed range"),
	// 				IsEnabled: to.Ptr(false),
	// 				RuleType: to.Ptr("TwinUpdatesNotInAllowedRange"),
	// 				MaxThreshold: to.Ptr[int32](0),
	// 				MinThreshold: to.Ptr[int32](0),
	// 				TimeWindowSize: to.Ptr("PT15M"),
	// 			},
	// 			&armsecurity.UnauthorizedOperationsNotInAllowedRange{
	// 				Description: to.Ptr("Get an alert when the number unauthorized operations in the time window is not in the allowed range. Unauthorized operations are operations that affect the device (or done by it) that fail because of an unauthorized error"),
	// 				DisplayName: to.Ptr("Number of unauthorized operations is not in allowed range"),
	// 				IsEnabled: to.Ptr(false),
	// 				RuleType: to.Ptr("UnauthorizedOperationsNotInAllowedRange"),
	// 				MaxThreshold: to.Ptr[int32](0),
	// 				MinThreshold: to.Ptr[int32](0),
	// 				TimeWindowSize: to.Ptr("PT15M"),
	// 		}},
	// 	},
	// }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Use this method to get the device security group for the specified IoT Hub resource.
 *
 * @summary Use this method to get the device security group for the specified IoT Hub resource.
 * x-ms-original-file: specification/security/resource-manager/Microsoft.Security/stable/2019-08-01/examples/DeviceSecurityGroups/GetDeviceSecurityGroups_example.json
 */
async function getADeviceSecurityGroupForTheSpecifiedIoTHubResource() {
  const resourceId =
    "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub";
  const deviceSecurityGroupName = "samplesecuritygroup";
  const credential = new DefaultAzureCredential();
  const client = new SecurityCenter(credential);
  const result = await client.deviceSecurityGroups.get(resourceId, deviceSecurityGroupName);
  console.log(result);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

using System;
using System.Threading.Tasks;
using System.Xml;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.SecurityCenter;
using Azure.ResourceManager.SecurityCenter.Models;

// Generated from example definition: specification/security/resource-manager/Microsoft.Security/stable/2019-08-01/examples/DeviceSecurityGroups/GetDeviceSecurityGroups_example.json
// this example is just showing the usage of "DeviceSecurityGroups_Get" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this DeviceSecurityGroupResource created on azure
// for more information of creating DeviceSecurityGroupResource, please refer to the document of DeviceSecurityGroupResource
string resourceId = "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub";
string deviceSecurityGroupName = "samplesecuritygroup";
ResourceIdentifier deviceSecurityGroupResourceId = DeviceSecurityGroupResource.CreateResourceIdentifier(resourceId, deviceSecurityGroupName);
DeviceSecurityGroupResource deviceSecurityGroup = client.GetDeviceSecurityGroupResource(deviceSecurityGroupResourceId);

// invoke the operation
DeviceSecurityGroupResource result = await deviceSecurityGroup.GetAsync();

// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
DeviceSecurityGroupData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

示例响应

状态代码:: 200

{
  "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub/providers/Microsoft.Security/deviceSecurityGroups/samplesecuritygroup",
  "name": "samplesecuritygroup",
  "type": "Microsoft.Security/deviceSecurityGroups",
  "properties": {
    "thresholdRules": [],
    "timeWindowRules": [
      {
        "ruleType": "ActiveConnectionsNotInAllowedRange",
        "displayName": "Number of active connections is not in allowed range",
        "description": "Get an alert when the number of active connections of a device in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "AmqpC2DMessagesNotInAllowedRange",
        "displayName": "Number of cloud to device messages (AMQP protocol) is not in allowed range",
        "description": "Get an alert when the number of cloud to device messages (AMQP protocol) in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "MqttC2DMessagesNotInAllowedRange",
        "displayName": "Number of cloud to device messages (MQTT protocol) is not in allowed range",
        "description": "Get an alert when the number of cloud to device messages (MQTT protocol) in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "HttpC2DMessagesNotInAllowedRange",
        "displayName": "Number of cloud to device messages (HTTP protocol) is not in allowed range",
        "description": "Get an alert when the number of cloud to device messages (HTTP protocol) in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "AmqpC2DRejectedMessagesNotInAllowedRange",
        "displayName": "Number of rejected cloud to device messages (AMQP protocol) is not in allowed range",
        "description": "Get an alert when the number of cloud to device messages (AMQP protocol) that were rejected by the device in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "MqttC2DRejectedMessagesNotInAllowedRange",
        "displayName": "Number of rejected cloud to device messages (MQTT protocol) is not in allowed range",
        "description": "Get an alert when the number of cloud to device messages (MQTT protocol) that were rejected by the device in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "HttpC2DRejectedMessagesNotInAllowedRange",
        "displayName": "Number of rejected cloud to device messages (HTTP protocol) is not in allowed range",
        "description": "Get an alert when the number of cloud to device messages (HTTP protocol) that were rejected by the device in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "AmqpD2CMessagesNotInAllowedRange",
        "displayName": "Number of device to cloud messages (AMQP protocol) is not in allowed range",
        "description": "Get an alert when the number of device to cloud messages (AMQP protocol) in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "MqttD2CMessagesNotInAllowedRange",
        "displayName": "Number of device to cloud messages (MQTT protocol) is not in allowed range",
        "description": "Get an alert when the number of device to cloud messages (MQTT protocol) in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "HttpD2CMessagesNotInAllowedRange",
        "displayName": "Number of device to cloud messages (HTTP protocol) is not in allowed range",
        "description": "Get an alert when the number of device to cloud messages (HTTP protocol) in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "DirectMethodInvokesNotInAllowedRange",
        "displayName": "Number of direct method invokes is not in allowed range",
        "description": "Get an alert when the number of direct method invokes in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "FailedLocalLoginsNotInAllowedRange",
        "displayName": "Number of failed local logins is not in allowed range",
        "description": "Get an alert when the number of failed local logins on the device in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "FileUploadsNotInAllowedRange",
        "displayName": "Number of file uploads is not in allowed range",
        "description": "Get an alert when the number of file uploads from the device to the cloud in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "QueuePurgesNotInAllowedRange",
        "displayName": "Number of device queue purges is not in allowed range",
        "description": "Get an alert when the number of device queue purges in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "TwinUpdatesNotInAllowedRange",
        "displayName": "Number of twin updates is not in allowed range",
        "description": "Get an alert when the number of twin updates (by the device or the service) in the time window is not in the allowed range",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      },
      {
        "ruleType": "UnauthorizedOperationsNotInAllowedRange",
        "displayName": "Number of unauthorized operations is not in allowed range",
        "description": "Get an alert when the number unauthorized operations in the time window is not in the allowed range. Unauthorized operations are operations that affect the device (or done by it) that fail because of an unauthorized error",
        "isEnabled": false,
        "minThreshold": 0,
        "maxThreshold": 0,
        "timeWindowSize": "PT15M"
      }
    ],
    "allowlistRules": [
      {
        "ruleType": "ConnectionToIpNotAllowed",
        "displayName": "Outbound connection to an ip that isn't allowed",
        "description": "Get an alert when an outbound connection is created between your device and an ip that isn't allowed",
        "isEnabled": false,
        "valueType": "IpCidr",
        "allowlistValues": []
      },
      {
        "ruleType": "LocalUserNotAllowed",
        "displayName": "Login by a local user that isn't allowed",
        "description": "Get an alert when a local user that isn't allowed logins to the device",
        "isEnabled": false,
        "valueType": "String",
        "allowlistValues": []
      },
      {
        "ruleType": "ProcessNotAllowed",
        "displayName": "Execution of a process that isn't allowed",
        "description": "Get an alert when a process that isn't allowed is executed",
        "isEnabled": false,
        "valueType": "String",
        "allowlistValues": []
      }
    ],
    "denylistRules": []
  }
}

定义

名称	说明
AllowlistCustomAlertRule	一个自定义警报规则，用于检查是否允许值（取决于自定义警报类型）。
CloudError	所有 Azure 资源管理器 API 的常见错误响应，以返回失败操作的错误详细信息。（这也遵循 OData 错误响应格式）。
CloudErrorBody	错误详细信息。
DenylistCustomAlertRule	一个自定义警报规则，用于检查值（取决于自定义警报类型）是否被拒绝。
DeviceSecurityGroup	设备安全组资源
ErrorAdditionalInfo	资源管理错误附加信息。
ThresholdCustomAlertRule	一个自定义警报规则，用于检查值（取决于自定义警报类型）是否在给定范围内。
TimeWindowCustomAlertRule	一个自定义警报规则，用于检查时间窗口中的活动数（取决于自定义警报类型）是否在给定范围内。
valueType	列表中的项的值类型。

AllowlistCustomAlertRule

一个自定义警报规则，用于检查是否允许值（取决于自定义警报类型）。

名称	类型	说明
allowlistValues	string[]	要允许的值。值的格式取决于规则类型。
description	string	自定义警报的说明。
displayName	string	自定义警报的显示名称。
isEnabled	boolean	自定义警报的状态。
ruleType	string	自定义警报规则的类型。
valueType	valueType	列表中的项的值类型。

CloudError

所有 Azure 资源管理器 API 的常见错误响应，以返回失败操作的错误详细信息。（这也遵循 OData 错误响应格式）。

名称	类型	说明
error.additionalInfo	ErrorAdditionalInfo[]	错误附加信息。
error.code	string	错误代码。
error.details	CloudErrorBody[]	错误详细信息。
error.message	string	错误消息。
error.target	string	错误目标。

CloudErrorBody

错误详细信息。

名称	类型	说明
additionalInfo	ErrorAdditionalInfo[]	错误附加信息。
code	string	错误代码。
details	CloudErrorBody[]	错误详细信息。
message	string	错误消息。
target	string	错误目标。

DenylistCustomAlertRule

一个自定义警报规则，用于检查值（取决于自定义警报类型）是否被拒绝。

名称	类型	说明
denylistValues	string[]	要拒绝的值。值的格式取决于规则类型。
description	string	自定义警报的说明。
displayName	string	自定义警报的显示名称。
isEnabled	boolean	自定义警报的状态。
ruleType	string	自定义警报规则的类型。
valueType	valueType	列表中的项的值类型。