Custom Assessment Automations - Create

參考

服務:: Defender for Cloud

API 版本:: 2021-07-01-preview

建立自定義評定自動化
建立或更新所提供訂用帳戶的自定義評定自動化。請注意，提供現有的自定義評定自動化將會取代現有的記錄。

PUT https://management.azure.com/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customAssessmentAutomations/{customAssessmentAutomationName}?api-version=2021-07-01-preview

URI 參數

名稱	位於	必要	類型	Description
customAssessmentAutomationName	path	True	string	自訂評定自動化的名稱。
resourceGroupName	path	True	string	用戶訂用帳戶內的資源組名。名稱不區分大小寫。 Regex 模式: `^[-\w\._]+$`
subscriptionId	path	True	string	Azure 訂用帳戶標識碼 Regex 模式: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`
api-version	query	True	string	作業的 API 版本

要求本文

名稱	類型	Description
properties.compressedQuery	string	Base 64 編碼的 KQL 查詢，代表所需的評估自動化結果。
properties.description	string	與此評定自動化所產生的評量相關的描述。
properties.displayName	string	此評定自動化所產生的評量顯示名稱。
properties.remediationDescription	string	與此評定自動化所產生的評量相關的補救描述。
properties.severity	severityEnum	與此評定自動化所產生的評量相關的嚴重性。
properties.supportedCloud	supportedCloudEnum	自訂評定自動化的相關雲端。

回應

名稱	類型	Description
200 OK	customAssessmentAutomation	確定 - 已更新
201 Created	customAssessmentAutomation	創建
Other Status Codes	CloudError	描述作業失敗原因的錯誤回應。

安全性

azure_auth

Azure Active Directory OAuth2 Flow

類型: oauth2
Flow: implicit
授權 URL: https://login.microsoftonline.com/common/oauth2/authorize

範圍

名稱	Description
user_impersonation	模擬您的用戶帳戶

範例

Create a Custom Assessment Automation

範例要求

PUT https://management.azure.com/subscriptions/e5d1b86c-3051-44d5-8802-aa65d45a279b/resourcegroups/TestResourceGroup/providers/Microsoft.Security/customAssessmentAutomations/MyCustomAssessmentAutomation?api-version=2021-07-01-preview

{
  "properties": {
    "compressedQuery": "DQAKAEkAYQBtAF8ARwByAG8AdQBwAA0ACgB8ACAAZQB4AHQAZQBuAGQAIABIAGUAYQBsAHQAaABTAHQAYQB0AHUAcwAgAD0AIABpAGYAZgAoAHQAbwBzAHQAcgBpAG4AZwAoAFIAZQBjAG8AcgBkAC4AVQBzAGUAcgBOAGEAbQBlACkAIABjAG8AbgB0AGEAaQBuAHMAIAAnAHUAcwBlAHIAJwAsACAAJwBVAE4ASABFAEEATABUAEgAWQAnACwAIAAnAEgARQBBAEwAVABIAFkAJwApAA0ACgA=",
    "supportedCloud": "AWS",
    "severity": "Medium",
    "displayName": "Password Policy",
    "description": "Data should be encrypted",
    "remediationDescription": "Encrypt store by..."
  }
}


import com.azure.resourcemanager.security.models.SeverityEnum;
import com.azure.resourcemanager.security.models.SupportedCloudEnum;

/**
 * Samples for CustomAssessmentAutomations Create.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/security/resource-manager/Microsoft.Security/preview/2021-07-01-preview/examples/
     * CustomAssessmentAutomations/customAssessmentAutomationCreate_example.json
     */
    /**
     * Sample code: Create a Custom Assessment Automation.
     * 
     * @param manager Entry point to SecurityManager.
     */
    public static void createACustomAssessmentAutomation(com.azure.resourcemanager.security.SecurityManager manager) {
        manager.customAssessmentAutomations().define("MyCustomAssessmentAutomation")
            .withExistingResourceGroup("TestResourceGroup")
            .withCompressedQuery(
                "DQAKAEkAYQBtAF8ARwByAG8AdQBwAA0ACgB8ACAAZQB4AHQAZQBuAGQAIABIAGUAYQBsAHQAaABTAHQAYQB0AHUAcwAgAD0AIABpAGYAZgAoAHQAbwBzAHQAcgBpAG4AZwAoAFIAZQBjAG8AcgBkAC4AVQBzAGUAcgBOAGEAbQBlACkAIABjAG8AbgB0AGEAaQBuAHMAIAAnAHUAcwBlAHIAJwAsACAAJwBVAE4ASABFAEEATABUAEgAWQAnACwAIAAnAEgARQBBAEwAVABIAFkAJwApAA0ACgA=")
            .withSupportedCloud(SupportedCloudEnum.AWS).withSeverity(SeverityEnum.MEDIUM)
            .withDisplayName("Password Policy").withDescription("Data should be encrypted")
            .withRemediationDescription("Encrypt store by...").create();
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

package armsecurity_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/preview/2021-07-01-preview/examples/CustomAssessmentAutomations/customAssessmentAutomationCreate_example.json
func ExampleCustomAssessmentAutomationsClient_Create() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	res, err := clientFactory.NewCustomAssessmentAutomationsClient().Create(ctx, "TestResourceGroup", "MyCustomAssessmentAutomation", armsecurity.CustomAssessmentAutomationRequest{
		Properties: &armsecurity.CustomAssessmentAutomationRequestProperties{
			Description:            to.Ptr("Data should be encrypted"),
			CompressedQuery:        to.Ptr("DQAKAEkAYQBtAF8ARwByAG8AdQBwAA0ACgB8ACAAZQB4AHQAZQBuAGQAIABIAGUAYQBsAHQAaABTAHQAYQB0AHUAcwAgAD0AIABpAGYAZgAoAHQAbwBzAHQAcgBpAG4AZwAoAFIAZQBjAG8AcgBkAC4AVQBzAGUAcgBOAGEAbQBlACkAIABjAG8AbgB0AGEAaQBuAHMAIAAnAHUAcwBlAHIAJwAsACAAJwBVAE4ASABFAEEATABUAEgAWQAnACwAIAAnAEgARQBBAEwAVABIAFkAJwApAA0ACgA="),
			DisplayName:            to.Ptr("Password Policy"),
			RemediationDescription: to.Ptr("Encrypt store by..."),
			Severity:               to.Ptr(armsecurity.SeverityEnumMedium),
			SupportedCloud:         to.Ptr(armsecurity.SupportedCloudEnumAWS),
		},
	}, nil)
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
	// You could use response here. We use blank identifier for just demo purposes.
	_ = res
	// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
	// res.CustomAssessmentAutomation = armsecurity.CustomAssessmentAutomation{
	// 	Name: to.Ptr("33e7cc6e-a139-4723-a0e5-76993aee0771"),
	// 	Type: to.Ptr("Microsoft.Security/customAssessmentAutomations"),
	// 	ID: to.Ptr("/subscriptions/e5d1b86c-3051-44d5-8802-aa65d45a279b/resourcegroups/TestResourceGroup/providers/Microsoft.Security/customAssessmentAutomations/33e7cc6e-a139-4723-a0e5-76993aee0771"),
	// 	Properties: &armsecurity.CustomAssessmentAutomationProperties{
	// 		Description: to.Ptr("organization passwords policy"),
	// 		AssessmentKey: to.Ptr("d5f442f7-7e77-4bcf-a450-a9c1b9a94eeb"),
	// 		CompressedQuery: to.Ptr("DQAKAEkAYQBtAF8ARwByAG8AdQBwAA0ACgB8ACAAZQB4AHQAZQBuAGQAIABIAGUAYQBsAHQAaABTAHQAYQB0AHUAcwAgAD0AIABpAGYAZgAoAHQAbwBzAHQAcgBpAG4AZwAoAFIAZQBjAG8AcgBkAC4AVQBzAGUAcgBOAGEAbQBlACkAIABjAG8AbgB0AGEAaQBuAHMAIAAnAHUAcwBlAHIAJwAsACAAJwBVAE4ASABFAEEATABUAEgAWQAnACwAIAAnAEgARQBBAEwAVABIAFkAJwApAA0ACgA="),
	// 		DisplayName: to.Ptr("Password Policy"),
	// 		RemediationDescription: to.Ptr("Change password policy to..."),
	// 		Severity: to.Ptr(armsecurity.SeverityEnumMedium),
	// 		SupportedCloud: to.Ptr(armsecurity.SupportedCloudEnumAWS),
	// 	},
	// 	SystemData: &armsecurity.SystemData{
	// 		CreatedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-08-31T13:47:50.328Z"); return t}()),
	// 		CreatedBy: to.Ptr("user@contoso.com"),
	// 		CreatedByType: to.Ptr(armsecurity.CreatedByTypeUser),
	// 		LastModifiedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2021-08-31T13:47:50.328Z"); return t}()),
	// 		LastModifiedBy: to.Ptr("user@contoso.com"),
	// 		LastModifiedByType: to.Ptr(armsecurity.CreatedByTypeUser),
	// 	},
	// }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Creates or updates a custom assessment automation for the provided subscription. Please note that providing an existing custom assessment automation will replace the existing record.
 *
 * @summary Creates or updates a custom assessment automation for the provided subscription. Please note that providing an existing custom assessment automation will replace the existing record.
 * x-ms-original-file: specification/security/resource-manager/Microsoft.Security/preview/2021-07-01-preview/examples/CustomAssessmentAutomations/customAssessmentAutomationCreate_example.json
 */
async function createACustomAssessmentAutomation() {
  const subscriptionId =
    process.env["SECURITY_SUBSCRIPTION_ID"] || "e5d1b86c-3051-44d5-8802-aa65d45a279b";
  const resourceGroupName = process.env["SECURITY_RESOURCE_GROUP"] || "TestResourceGroup";
  const customAssessmentAutomationName = "MyCustomAssessmentAutomation";
  const customAssessmentAutomationBody = {
    description: "Data should be encrypted",
    compressedQuery:
      "DQAKAEkAYQBtAF8ARwByAG8AdQBwAA0ACgB8ACAAZQB4AHQAZQBuAGQAIABIAGUAYQBsAHQAaABTAHQAYQB0AHUAcwAgAD0AIABpAGYAZgAoAHQAbwBzAHQAcgBpAG4AZwAoAFIAZQBjAG8AcgBkAC4AVQBzAGUAcgBOAGEAbQBlACkAIABjAG8AbgB0AGEAaQBuAHMAIAAnAHUAcwBlAHIAJwAsACAAJwBVAE4ASABFAEEATABUAEgAWQAnACwAIAAnAEgARQBBAEwAVABIAFkAJwApAA0ACgA=",
    displayName: "Password Policy",
    remediationDescription: "Encrypt store by...",
    severity: "Medium",
    supportedCloud: "AWS",
  };
  const credential = new DefaultAzureCredential();
  const client = new SecurityCenter(credential, subscriptionId);
  const result = await client.customAssessmentAutomations.create(
    resourceGroupName,
    customAssessmentAutomationName,
    customAssessmentAutomationBody,
  );
  console.log(result);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

using System;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.SecurityCenter;
using Azure.ResourceManager.SecurityCenter.Models;

// Generated from example definition: specification/security/resource-manager/Microsoft.Security/preview/2021-07-01-preview/examples/CustomAssessmentAutomations/customAssessmentAutomationCreate_example.json
// this example is just showing the usage of "CustomAssessmentAutomations_Create" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this CustomAssessmentAutomationResource created on azure
// for more information of creating CustomAssessmentAutomationResource, please refer to the document of CustomAssessmentAutomationResource
string subscriptionId = "e5d1b86c-3051-44d5-8802-aa65d45a279b";
string resourceGroupName = "TestResourceGroup";
string customAssessmentAutomationName = "MyCustomAssessmentAutomation";
ResourceIdentifier customAssessmentAutomationResourceId = CustomAssessmentAutomationResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, customAssessmentAutomationName);
CustomAssessmentAutomationResource customAssessmentAutomation = client.GetCustomAssessmentAutomationResource(customAssessmentAutomationResourceId);

// invoke the operation
CustomAssessmentAutomationCreateOrUpdateContent content = new CustomAssessmentAutomationCreateOrUpdateContent()
{
    CompressedQuery = "DQAKAEkAYQBtAF8ARwByAG8AdQBwAA0ACgB8ACAAZQB4AHQAZQBuAGQAIABIAGUAYQBsAHQAaABTAHQAYQB0AHUAcwAgAD0AIABpAGYAZgAoAHQAbwBzAHQAcgBpAG4AZwAoAFIAZQBjAG8AcgBkAC4AVQBzAGUAcgBOAGEAbQBlACkAIABjAG8AbgB0AGEAaQBuAHMAIAAnAHUAcwBlAHIAJwAsACAAJwBVAE4ASABFAEEATABUAEgAWQAnACwAIAAnAEgARQBBAEwAVABIAFkAJwApAA0ACgA=",
    SupportedCloud = CustomAssessmentAutomationSupportedCloud.Aws,
    Severity = CustomAssessmentSeverity.Medium,
    DisplayName = "Password Policy",
    Description = "Data should be encrypted",
    RemediationDescription = "Encrypt store by...",
};
ArmOperation<CustomAssessmentAutomationResource> lro = await customAssessmentAutomation.UpdateAsync(WaitUntil.Completed, content);
CustomAssessmentAutomationResource result = lro.Value;

// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
CustomAssessmentAutomationData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

範例回覆

狀態碼:: 200

{
  "id": "/subscriptions/e5d1b86c-3051-44d5-8802-aa65d45a279b/resourcegroups/TestResourceGroup/providers/Microsoft.Security/customAssessmentAutomations/33e7cc6e-a139-4723-a0e5-76993aee0771",
  "name": "33e7cc6e-a139-4723-a0e5-76993aee0771",
  "type": "Microsoft.Security/customAssessmentAutomations",
  "systemData": {
    "createdBy": "user@contoso.com",
    "createdByType": "User",
    "createdAt": "2021-08-31T13:47:50.328Z",
    "lastModifiedBy": "user@contoso.com",
    "lastModifiedByType": "User",
    "lastModifiedAt": "2021-08-31T13:47:50.328Z"
  },
  "properties": {
    "compressedQuery": "DQAKAEkAYQBtAF8ARwByAG8AdQBwAA0ACgB8ACAAZQB4AHQAZQBuAGQAIABIAGUAYQBsAHQAaABTAHQAYQB0AHUAcwAgAD0AIABpAGYAZgAoAHQAbwBzAHQAcgBpAG4AZwAoAFIAZQBjAG8AcgBkAC4AVQBzAGUAcgBOAGEAbQBlACkAIABjAG8AbgB0AGEAaQBuAHMAIAAnAHUAcwBlAHIAJwAsACAAJwBVAE4ASABFAEEATABUAEgAWQAnACwAIAAnAEgARQBBAEwAVABIAFkAJwApAA0ACgA=",
    "supportedCloud": "AWS",
    "severity": "Medium",
    "displayName": "Password Policy",
    "description": "organization passwords policy",
    "remediationDescription": "Change password policy to...",
    "assessmentKey": "d5f442f7-7e77-4bcf-a450-a9c1b9a94eeb"
  }
}

狀態碼:: 201

{
  "id": "/subscriptions/e5d1b86c-3051-44d5-8802-aa65d45a279b/resourcegroups/TestResourceGroup/providers/Microsoft.Security/customAssessmentAutomations/33e7cc6e-a139-4723-a0e5-76993aee0771",
  "name": "33e7cc6e-a139-4723-a0e5-76993aee0771",
  "type": "Microsoft.Security/customAssessmentAutomations",
  "systemData": {
    "createdBy": "user@contoso.com",
    "createdByType": "User",
    "createdAt": "2021-08-31T13:01:50.328Z",
    "lastModifiedBy": "user@contoso.com",
    "lastModifiedByType": "User",
    "lastModifiedAt": "2021-08-31T13:01:50.328Z"
  },
  "properties": {
    "compressedQuery": "DQAKAEkAYQBtAF8AUABhAHMAcwB3AG8AcgBkAFAAbwBsAGkAYwB5ACAADQAKAHwAIABlAHgAdABlAG4AZAAgAEgAZQBhAGwAdABoAFMAdABhAHQAdQBzACAAPQAgAGkAZgBmACgAdABvAGkAbgB0ACgAUgBlAGMAbwByAGQALgBNAGkAbgBpAG0AdQBtAFAAYQBzAHMAdwBvAHIAZABMAGUAbgBnAHQAaAApACAAPAAgADgALAAgACcAVQBOAEgARQBBAEwAVABIAFkAJwAsACAAJwBIAEUAQQBMAFQASABZACcAKQANAAoA",
    "supportedCloud": "AWS",
    "severity": "Medium",
    "displayName": "Customized Encryption Rules",
    "description": "Data should be encrypted",
    "remediationDescription": "Encrypt store by...",
    "assessmentKey": "fc1dbcd0-502c-4eab-9312-4014cfc8ea56"
  }
}

定義

名稱	Description
CloudError	所有 Azure Resource Manager API 的常見錯誤回應，以傳回失敗作業的錯誤詳細數據。（這也遵循 OData 錯誤回應格式。）。
CloudErrorBody	錯誤詳細數據。
createdByType	建立資源的身分識別類型。
customAssessmentAutomation	自訂評定自動化
customAssessmentAutomationRequest	自訂評定自動化要求
ErrorAdditionalInfo	資源管理錯誤其他資訊。
severityEnum	與此評定自動化所產生的評量相關的嚴重性。
supportedCloudEnum	自訂評定自動化的相關雲端。
systemData	與建立和上次修改資源相關的元數據。

CloudError

所有 Azure Resource Manager API 的常見錯誤回應，以傳回失敗作業的錯誤詳細數據。（這也遵循 OData 錯誤回應格式。）。

名稱	類型	Description
error.additionalInfo	ErrorAdditionalInfo[]	錯誤其他資訊。
error.code	string	錯誤碼。
error.details	CloudErrorBody[]	錯誤詳細數據。
error.message	string	錯誤訊息。
error.target	string	錯誤目標。

CloudErrorBody

錯誤詳細數據。

名稱	類型	Description
additionalInfo	ErrorAdditionalInfo[]	錯誤其他資訊。
code	string	錯誤碼。
details	CloudErrorBody[]	錯誤詳細數據。
message	string	錯誤訊息。
target	string	錯誤目標。

createdByType

建立資源的身分識別類型。

名稱	類型	Description
Application	string
Key	string
ManagedIdentity	string
User	string