將 Azure API 管理 API 上線至適用於 API 的 Defender Microsoft。 系統會開始監視 Azure 管理 API 內的作業,以取得侵入行為,並提供已偵測到之攻擊的警示。
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/providers/Microsoft.Security/apiCollections/{apiId}?api-version=2023-11-15
URI 參數
| 名稱 |
位於 |
必要 |
類型 |
Description |
|
apiId
|
path |
True
|
string
|
API 修訂標識碼。 API 管理服務實例中必須是唯一的。 非目前的修訂具有 ;rev=n 作為後綴,其中 n 是修訂編號。
Regex 模式: ^[^*#&+:<>?]+$
|
|
resourceGroupName
|
path |
True
|
string
|
資源群組的名稱。 名稱不區分大小寫。
|
|
serviceName
|
path |
True
|
string
|
API 管理服務的名稱。
Regex 模式: ^[a-zA-Z](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?$
|
|
subscriptionId
|
path |
True
|
string
uuid
|
目標訂用帳戶的標識碼。 此值必須是 UUID。
|
|
api-version
|
query |
True
|
string
|
要用於這項作業的 API 版本。
|
回應
| 名稱 |
類型 |
Description |
|
200 OK
|
ApiCollection
|
這表示建立或更新作業的成功回應。 回應包含 API 集合的屬性。
|
|
201 Created
|
ApiCollection
|
這表示建立或更新作業的成功回應。 回應包含 API 集合的屬性。
標題
Location: string
|
|
Other Status Codes
|
ErrorResponse
|
描述作業失敗原因的錯誤回應。
|
安全性
azure_auth
Azure Active Directory OAuth2 Flow
類型:
oauth2
Flow:
implicit
授權 URL:
https://login.microsoftonline.com/common/oauth2/authorize
範圍
| 名稱 |
Description |
|
user_impersonation
|
模擬您的用戶帳戶
|
範例
Onboard an Azure API Management API to Microsoft Defender for APIs
範例要求
PUT https://management.azure.com/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/providers/Microsoft.Security/apiCollections/echo-api?api-version=2023-11-15
/**
* Samples for ApiCollections OnboardAzureApiManagementApi.
*/
public final class Main {
/*
* x-ms-original-file:
* specification/security/resource-manager/Microsoft.Security/stable/2023-11-15/examples/ApiCollections/
* APICollections_OnboardAzureApiManagementApi_example.json
*/
/**
* Sample code: Onboard an Azure API Management API to Microsoft Defender for APIs.
*
* @param manager Entry point to SecurityManager.
*/
public static void onboardAnAzureAPIManagementAPIToMicrosoftDefenderForAPIs(
com.azure.resourcemanager.security.SecurityManager manager) {
manager.apiCollections().onboardAzureApiManagementApi("rg1", "apimService1", "echo-api",
com.azure.core.util.Context.NONE);
}
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
package armsecurity_test
import (
"context"
"log"
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)
// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/stable/2023-11-15/examples/ApiCollections/APICollections_OnboardAzureApiManagementApi_example.json
func ExampleAPICollectionsClient_BeginOnboardAzureAPIManagementAPI() {
cred, err := azidentity.NewDefaultAzureCredential(nil)
if err != nil {
log.Fatalf("failed to obtain a credential: %v", err)
}
ctx := context.Background()
clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
if err != nil {
log.Fatalf("failed to create client: %v", err)
}
poller, err := clientFactory.NewAPICollectionsClient().BeginOnboardAzureAPIManagementAPI(ctx, "rg1", "apimService1", "echo-api", nil)
if err != nil {
log.Fatalf("failed to finish the request: %v", err)
}
res, err := poller.PollUntilDone(ctx, nil)
if err != nil {
log.Fatalf("failed to pull the result: %v", err)
}
// You could use response here. We use blank identifier for just demo purposes.
_ = res
// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
// res.APICollection = armsecurity.APICollection{
// Name: to.Ptr("echo-api"),
// Type: to.Ptr("Microsoft.Security/apiCollections"),
// ID: to.Ptr("/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/providers/Microsoft.Security/apiCollections/echo-api"),
// Properties: &armsecurity.APICollectionProperties{
// BaseURL: to.Ptr("https://apimservice1.azure-api.net/echo"),
// DiscoveredVia: to.Ptr("/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1"),
// DisplayName: to.Ptr("Echo API"),
// NumberOfAPIEndpoints: to.Ptr[int64](6),
// NumberOfAPIEndpointsWithSensitiveDataExposed: to.Ptr[int64](1),
// NumberOfExternalAPIEndpoints: to.Ptr[int64](3),
// NumberOfInactiveAPIEndpoints: to.Ptr[int64](3),
// NumberOfUnauthenticatedAPIEndpoints: to.Ptr[int64](1),
// ProvisioningState: to.Ptr(armsecurity.ProvisioningStateSucceeded),
// SensitivityLabel: to.Ptr("Highly Confidential"),
// },
// }
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");
/**
* This sample demonstrates how to Onboard an Azure API Management API to Microsoft Defender for APIs. The system will start monitoring the operations within the Azure Management API for intrusive behaviors and provide alerts for attacks that have been detected.
*
* @summary Onboard an Azure API Management API to Microsoft Defender for APIs. The system will start monitoring the operations within the Azure Management API for intrusive behaviors and provide alerts for attacks that have been detected.
* x-ms-original-file: specification/security/resource-manager/Microsoft.Security/stable/2023-11-15/examples/ApiCollections/APICollections_OnboardAzureApiManagementApi_example.json
*/
async function onboardAnAzureApiManagementApiToMicrosoftDefenderForApIs() {
const subscriptionId =
process.env["SECURITY_SUBSCRIPTION_ID"] || "3fa85f64-5717-4562-b3fc-2c963f66afa6";
const resourceGroupName = process.env["SECURITY_RESOURCE_GROUP"] || "rg1";
const serviceName = "apimService1";
const apiId = "echo-api";
const credential = new DefaultAzureCredential();
const client = new SecurityCenter(credential, subscriptionId);
const result = await client.aPICollections.beginOnboardAzureApiManagementApiAndWait(
resourceGroupName,
serviceName,
apiId,
);
console.log(result);
}
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
using System;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.SecurityCenter;
// Generated from example definition: specification/security/resource-manager/Microsoft.Security/stable/2023-11-15/examples/ApiCollections/APICollections_OnboardAzureApiManagementApi_example.json
// this example is just showing the usage of "APICollections_OnboardAzureApiManagementApi" operation, for the dependent resources, they will have to be created separately.
// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);
// this example assumes you already have this SecurityCenterApiCollectionResource created on azure
// for more information of creating SecurityCenterApiCollectionResource, please refer to the document of SecurityCenterApiCollectionResource
string subscriptionId = "3fa85f64-5717-4562-b3fc-2c963f66afa6";
string resourceGroupName = "rg1";
string serviceName = "apimService1";
string apiId = "echo-api";
ResourceIdentifier securityCenterApiCollectionResourceId = SecurityCenterApiCollectionResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, serviceName, apiId);
SecurityCenterApiCollectionResource securityCenterApiCollection = client.GetSecurityCenterApiCollectionResource(securityCenterApiCollectionResourceId);
// invoke the operation
ArmOperation<SecurityCenterApiCollectionResource> lro = await securityCenterApiCollection.UpdateAsync(WaitUntil.Completed);
SecurityCenterApiCollectionResource result = lro.Value;
// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
SecurityCenterApiCollectionData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");
To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue
範例回覆
{
"id": "/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/providers/Microsoft.Security/apiCollections/echo-api",
"name": "echo-api",
"type": "Microsoft.Security/apiCollections",
"properties": {
"provisioningState": "Succeeded",
"displayName": "Echo API",
"discoveredVia": "/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1",
"baseUrl": "https://apimservice1.azure-api.net/echo",
"numberOfApiEndpoints": 6,
"numberOfInactiveApiEndpoints": 3,
"numberOfUnauthenticatedApiEndpoints": 1,
"numberOfExternalApiEndpoints": 3,
"numberOfApiEndpointsWithSensitiveDataExposed": 1,
"sensitivityLabel": "Highly Confidential"
}
}
Location: https://management.azure.com/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/providers/Microsoft.Security/apiCollections/echo-api?api-version=2023-11-15&$asyncScope=eyJydSI6NTM4MjczMzI4NDQ3MjA1NzY2fQ==
{
"id": "/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/providers/Microsoft.Security/apiCollections/echo-api",
"name": "echo-api",
"type": "Microsoft.Security/apiCollections",
"properties": {
"provisioningState": "InProgress"
}
}
定義
ApiCollection
API 集合,如適用於 API 的 Defender Microsoft 所表示。
| 名稱 |
類型 |
Description |
|
id
|
string
|
資源標識碼
|
|
name
|
string
|
資源名稱
|
|
properties.baseUrl
|
string
|
這個 API 集合的基底 URI。 此 API 集合的所有端點都會擴充此基底 URI。
|
|
properties.discoveredVia
|
string
|
探索此 API 集合的來源資源資源標識碼。
|
|
properties.displayName
|
string
|
API 集合的顯示名稱。
|
|
properties.numberOfApiEndpoints
|
integer
|
在此 API 集合中探索到的 API 端點數目。
|
|
properties.numberOfApiEndpointsWithSensitiveDataExposed
|
integer
|
此 API 集合中的 API 端點數目,這些端點會在其要求和/或回應中公開敏感數據。
|
|
properties.numberOfExternalApiEndpoints
|
integer
|
此 API 集合中觀察到來自因特網之 API 流量的 API 端點數目。
|
|
properties.numberOfInactiveApiEndpoints
|
integer
|
此 API 集合中尚未在過去 30 天內收到任何 API 流量的 API 端點數目。
|
|
properties.numberOfUnauthenticatedApiEndpoints
|
integer
|
此 API 集合中未經驗證的 API 端點數目。
|
|
properties.provisioningState
|
ProvisioningState
|
取得 API 集合的布建狀態。
|
|
properties.sensitivityLabel
|
string
|
此 API 集合中來自 Microsoft Purview 的最高優先順序敏感度標籤。
|
|
type
|
string
|
資源類型
|
ErrorAdditionalInfo
資源管理錯誤其他資訊。
| 名稱 |
類型 |
Description |
|
info
|
object
|
其他資訊。
|
|
type
|
string
|
其他信息類型。
|
ErrorDetail
錯誤詳細數據。
| 名稱 |
類型 |
Description |
|
additionalInfo
|
ErrorAdditionalInfo[]
|
錯誤其他資訊。
|
|
code
|
string
|
錯誤碼。
|
|
details
|
ErrorDetail[]
|
錯誤詳細數據。
|
|
message
|
string
|
錯誤訊息。
|
|
target
|
string
|
錯誤目標。
|
ErrorResponse
錯誤回應
ProvisioningState
取得 API 集合的布建狀態。
| 名稱 |
類型 |
Description |
|
Canceled
|
string
|
|
|
Failed
|
string
|
|
|
InProgress
|
string
|
|
|
Succeeded
|
string
|
|