Device Security Groups - Create Or Update
使用此方法,在指定的IoT中樞資源上建立或更新裝置安全組。
PUT https://management.azure.com/{resourceId}/providers/Microsoft.Security/deviceSecurityGroups/{deviceSecurityGroupName}?api-version=2019-08-01URI 參數
| 名稱 | 位於 | 必要 | 類型 | Description |
|---|---|---|---|---|
|
device
|
path | True |
string |
裝置安全組的名稱。 請注意,裝置安全組的名稱不區分大小寫。 |
|
resource
|
path | True |
string |
資源的標識碼。 |
|
api-version
|
query | True |
string |
作業的 API 版本 |
要求本文
| 名稱 | 類型 | Description |
|---|---|---|
| properties.allowlistRules |
允許清單自定義警示規則。 |
|
| properties.denylistRules |
拒絕清單自定義警示規則。 |
|
| properties.thresholdRules |
自訂警示閾值規則的清單。 |
|
| properties.timeWindowRules |
自訂警示時間範圍規則的清單。 |
回應
| 名稱 | 類型 | Description |
|---|---|---|
| 200 OK |
安全組已更新。 |
|
| 201 Created |
已建立安全組。 |
|
| Other Status Codes |
描述作業失敗原因的錯誤回應。 |
安全性
azure_auth
Azure Active Directory OAuth2 Flow
類型:
oauth2
Flow:
implicit
授權 URL:
https://login.microsoftonline.com/common/oauth2/authorize
範圍
| 名稱 | Description |
|---|---|
| user_impersonation | 模擬您的用戶帳戶 |
範例
Create or update a device security group for the specified IoT hub resource
範例要求
PUT https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub/providers/Microsoft.Security/deviceSecurityGroups/samplesecuritygroup?api-version=2019-08-01
{
"properties": {
"timeWindowRules": [
{
"ruleType": "ActiveConnectionsNotInAllowedRange",
"isEnabled": true,
"minThreshold": 0,
"maxThreshold": 30,
"timeWindowSize": "PT05M"
}
]
}
}
範例回覆
{
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub/providers/Microsoft.Security/deviceSecurityGroups/samplesecuritygroup",
"name": "samplesecuritygroup",
"type": "Microsoft.Security/deviceSecurityGroups",
"properties": {
"thresholdRules": [],
"timeWindowRules": [
{
"ruleType": "ActiveConnectionsNotInAllowedRange",
"displayName": "Number of active connections is not in allowed range",
"description": "Get an alert when the number of active connections of a device in the time window is not in the allowed range",
"isEnabled": true,
"minThreshold": 0,
"maxThreshold": 30,
"timeWindowSize": "PT05M"
},
{
"ruleType": "AmqpC2DMessagesNotInAllowedRange",
"displayName": "Number of cloud to device messages (AMQP protocol) is not in allowed range",
"description": "Get an alert when the number of cloud to device messages (AMQP protocol) in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "MqttC2DMessagesNotInAllowedRange",
"displayName": "Number of cloud to device messages (MQTT protocol) is not in allowed range",
"description": "Get an alert when the number of cloud to device messages (MQTT protocol) in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "HttpC2DMessagesNotInAllowedRange",
"displayName": "Number of cloud to device messages (HTTP protocol) is not in allowed range",
"description": "Get an alert when the number of cloud to device messages (HTTP protocol) in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "AmqpC2DRejectedMessagesNotInAllowedRange",
"displayName": "Number of rejected cloud to device messages (AMQP protocol) is not in allowed range",
"description": "Get an alert when the number of cloud to device messages (AMQP protocol) that were rejected by the device in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "MqttC2DRejectedMessagesNotInAllowedRange",
"displayName": "Number of rejected cloud to device messages (MQTT protocol) is not in allowed range",
"description": "Get an alert when the number of cloud to device messages (MQTT protocol) that were rejected by the device in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "HttpC2DRejectedMessagesNotInAllowedRange",
"displayName": "Number of rejected cloud to device messages (HTTP protocol) is not in allowed range",
"description": "Get an alert when the number of cloud to device messages (HTTP protocol) that were rejected by the device in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "AmqpD2CMessagesNotInAllowedRange",
"displayName": "Number of device to cloud messages (AMQP protocol) is not in allowed range",
"description": "Get an alert when the number of device to cloud messages (AMQP protocol) in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "MqttD2CMessagesNotInAllowedRange",
"displayName": "Number of device to cloud messages (MQTT protocol) is not in allowed range",
"description": "Get an alert when the number of device to cloud messages (MQTT protocol) in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "HttpD2CMessagesNotInAllowedRange",
"displayName": "Number of device to cloud messages (HTTP protocol) is not in allowed range",
"description": "Get an alert when the number of device to cloud messages (HTTP protocol) in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "DirectMethodInvokesNotInAllowedRange",
"displayName": "Number of direct method invokes is not in allowed range",
"description": "Get an alert when the number of direct method invokes in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "FailedLocalLoginsNotInAllowedRange",
"displayName": "Number of failed local logins is not in allowed range",
"description": "Get an alert when the number of failed local logins on the device in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "FileUploadsNotInAllowedRange",
"displayName": "Number of file uploads is not in allowed range",
"description": "Get an alert when the number of file uploads from the device to the cloud in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "QueuePurgesNotInAllowedRange",
"displayName": "Number of device queue purges is not in allowed range",
"description": "Get an alert when the number of device queue purges in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "TwinUpdatesNotInAllowedRange",
"displayName": "Number of twin updates is not in allowed range",
"description": "Get an alert when the number of twin updates (by the device or the service) in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "UnauthorizedOperationsNotInAllowedRange",
"displayName": "Number of unauthorized operations is not in allowed range",
"description": "Get an alert when the number unauthorized operations in the time window is not in the allowed range. Unauthorized operations are operations that affect the device (or done by it) that fail because of an unauthorized error",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
}
],
"allowlistRules": [
{
"ruleType": "ConnectionToIpNotAllowed",
"displayName": "Outbound connection to an ip that isn't allowed",
"description": "Get an alert when an outbound connection is created between your device and an ip that isn't allowed",
"isEnabled": false,
"allowlistValues": []
},
{
"ruleType": "LocalUserNotAllowed",
"displayName": "Login by a local user that isn't allowed",
"description": "Get an alert when a local user that isn't allowed logins to the device",
"isEnabled": false,
"allowlistValues": []
},
{
"ruleType": "ProcessNotAllowed",
"displayName": "Execution of a process that isn't allowed",
"description": "Get an alert when a process that isn't allowed is executed",
"isEnabled": false,
"allowlistValues": []
}
],
"denylistRules": []
}
}{
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub/providers/Microsoft.Security/deviceSecurityGroups/samplesecuritygroup",
"name": "samplesecuritygroup",
"type": "Microsoft.Security/deviceSecurityGroups",
"properties": {
"thresholdRules": [],
"timeWindowRules": [
{
"ruleType": "ActiveConnectionsNotInAllowedRange",
"displayName": "Number of active connections is not in allowed range",
"description": "Get an alert when the number of active connections of a device in the time window is not in the allowed range",
"isEnabled": true,
"minThreshold": 0,
"maxThreshold": 30,
"timeWindowSize": "PT05M"
},
{
"ruleType": "AmqpC2DMessagesNotInAllowedRange",
"displayName": "Number of cloud to device messages (AMQP protocol) is not in allowed range",
"description": "Get an alert when the number of cloud to device messages (AMQP protocol) in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "MqttC2DMessagesNotInAllowedRange",
"displayName": "Number of cloud to device messages (MQTT protocol) is not in allowed range",
"description": "Get an alert when the number of cloud to device messages (MQTT protocol) in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "HttpC2DMessagesNotInAllowedRange",
"displayName": "Number of cloud to device messages (HTTP protocol) is not in allowed range",
"description": "Get an alert when the number of cloud to device messages (HTTP protocol) in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "AmqpC2DRejectedMessagesNotInAllowedRange",
"displayName": "Number of rejected cloud to device messages (AMQP protocol) is not in allowed range",
"description": "Get an alert when the number of cloud to device messages (AMQP protocol) that were rejected by the device in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "MqttC2DRejectedMessagesNotInAllowedRange",
"displayName": "Number of rejected cloud to device messages (MQTT protocol) is not in allowed range",
"description": "Get an alert when the number of cloud to device messages (MQTT protocol) that were rejected by the device in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "HttpC2DRejectedMessagesNotInAllowedRange",
"displayName": "Number of rejected cloud to device messages (HTTP protocol) is not in allowed range",
"description": "Get an alert when the number of cloud to device messages (HTTP protocol) that were rejected by the device in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "AmqpD2CMessagesNotInAllowedRange",
"displayName": "Number of device to cloud messages (AMQP protocol) is not in allowed range",
"description": "Get an alert when the number of device to cloud messages (AMQP protocol) in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "MqttD2CMessagesNotInAllowedRange",
"displayName": "Number of device to cloud messages (MQTT protocol) is not in allowed range",
"description": "Get an alert when the number of device to cloud messages (MQTT protocol) in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "HttpD2CMessagesNotInAllowedRange",
"displayName": "Number of device to cloud messages (HTTP protocol) is not in allowed range",
"description": "Get an alert when the number of device to cloud messages (HTTP protocol) in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "DirectMethodInvokesNotInAllowedRange",
"displayName": "Number of direct method invokes is not in allowed range",
"description": "Get an alert when the number of direct method invokes in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "FailedLocalLoginsNotInAllowedRange",
"displayName": "Number of failed local logins is not in allowed range",
"description": "Get an alert when the number of failed local logins on the device in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "FileUploadsNotInAllowedRange",
"displayName": "Number of file uploads is not in allowed range",
"description": "Get an alert when the number of file uploads from the device to the cloud in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "QueuePurgesNotInAllowedRange",
"displayName": "Number of device queue purges is not in allowed range",
"description": "Get an alert when the number of device queue purges in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "TwinUpdatesNotInAllowedRange",
"displayName": "Number of twin updates is not in allowed range",
"description": "Get an alert when the number of twin updates (by the device or the service) in the time window is not in the allowed range",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
},
{
"ruleType": "UnauthorizedOperationsNotInAllowedRange",
"displayName": "Number of unauthorized operations is not in allowed range",
"description": "Get an alert when the number unauthorized operations in the time window is not in the allowed range. Unauthorized operations are operations that affect the device (or done by it) that fail because of an unauthorized error",
"isEnabled": false,
"minThreshold": 0,
"maxThreshold": 0,
"timeWindowSize": "PT15M"
}
],
"allowlistRules": [
{
"ruleType": "ConnectionToIpNotAllowed",
"displayName": "Outbound connection to an ip that isn't allowed",
"description": "Get an alert when an outbound connection is created between your device and an ip that isn't allowed",
"isEnabled": false,
"allowlistValues": []
},
{
"ruleType": "LocalUserNotAllowed",
"displayName": "Login by a local user that isn't allowed",
"description": "Get an alert when a local user that isn't allowed logins to the device",
"isEnabled": false,
"allowlistValues": []
},
{
"ruleType": "ProcessNotAllowed",
"displayName": "Execution of a process that isn't allowed",
"description": "Get an alert when a process that isn't allowed is executed",
"isEnabled": false,
"allowlistValues": []
}
],
"denylistRules": []
}
}定義
| 名稱 | Description |
|---|---|
|
Allowlist |
自定義警示規則,會檢查是否允許值 (取決於自定義警示類型)。 |
|
Cloud |
所有 Azure Resource Manager API 的常見錯誤回應,以傳回失敗作業的錯誤詳細數據。 (這也遵循 OData 錯誤回應格式。)。 |
|
Cloud |
錯誤詳細數據。 |
|
Denylist |
自定義警示規則,會檢查值是否遭到拒絕(取決於自定義警示類型)。 |
|
Device |
裝置安全組資源 |
|
Error |
資源管理錯誤其他資訊。 |
|
Threshold |
自定義警示規則,會檢查值 (取決於自定義警示類型) 是否在指定的範圍內。 |
|
Time |
自定義警示規則,會檢查時間範圍內的活動數目(取決於自定義警示類型)。 |
|
value |
清單中的項目實值型別。 |
AllowlistCustomAlertRule
自定義警示規則,會檢查是否允許值 (取決於自定義警示類型)。
| 名稱 | 類型 | Description |
|---|---|---|
| allowlistValues |
string[] |
要允許的值。 值的格式取決於規則類型。 |
| description |
string |
自訂警示的描述。 |
| displayName |
string |
自訂警示的顯示名稱。 |
| isEnabled |
boolean |
自訂警示的狀態。 |
| ruleType |
string |
自訂警示規則的類型。 |
| valueType |
清單中的項目實值型別。 |
CloudError
所有 Azure Resource Manager API 的常見錯誤回應,以傳回失敗作業的錯誤詳細數據。 (這也遵循 OData 錯誤回應格式。)。
| 名稱 | 類型 | Description |
|---|---|---|
| error.additionalInfo |
錯誤其他資訊。 |
|
| error.code |
string |
錯誤碼。 |
| error.details |
錯誤詳細數據。 |
|
| error.message |
string |
錯誤訊息。 |
| error.target |
string |
錯誤目標。 |
CloudErrorBody
錯誤詳細數據。
| 名稱 | 類型 | Description |
|---|---|---|
| additionalInfo |
錯誤其他資訊。 |
|
| code |
string |
錯誤碼。 |
| details |
錯誤詳細數據。 |
|
| message |
string |
錯誤訊息。 |
| target |
string |
錯誤目標。 |
DenylistCustomAlertRule
自定義警示規則,會檢查值是否遭到拒絕(取決於自定義警示類型)。
| 名稱 | 類型 | Description |
|---|---|---|
| denylistValues |
string[] |
要拒絕的值。 值的格式取決於規則類型。 |
| description |
string |
自訂警示的描述。 |
| displayName |
string |
自訂警示的顯示名稱。 |
| isEnabled |
boolean |
自訂警示的狀態。 |
| ruleType |
string |
自訂警示規則的類型。 |
| valueType |
清單中的項目實值型別。 |
DeviceSecurityGroup
裝置安全組資源
| 名稱 | 類型 | Description |
|---|---|---|
| id |
string |
資源標識碼 |
| name |
string |
資源名稱 |
| properties.allowlistRules |
允許清單自定義警示規則。 |
|
| properties.denylistRules |
拒絕清單自定義警示規則。 |
|
| properties.thresholdRules |
自訂警示閾值規則的清單。 |
|
| properties.timeWindowRules |
自訂警示時間範圍規則的清單。 |
|
| type |
string |
資源類型 |
ErrorAdditionalInfo
資源管理錯誤其他資訊。
| 名稱 | 類型 | Description |
|---|---|---|
| info |
object |
其他資訊。 |
| type |
string |
其他信息類型。 |
ThresholdCustomAlertRule
自定義警示規則,會檢查值 (取決於自定義警示類型) 是否在指定的範圍內。
| 名稱 | 類型 | Description |
|---|---|---|
| description |
string |
自訂警示的描述。 |
| displayName |
string |
自訂警示的顯示名稱。 |
| isEnabled |
boolean |
自訂警示的狀態。 |
| maxThreshold |
integer |
最大臨界值。 |
| minThreshold |
integer |
最小臨界值。 |
| ruleType |
string |
自訂警示規則的類型。 |
TimeWindowCustomAlertRule
自定義警示規則,會檢查時間範圍內的活動數目(取決於自定義警示類型)。
| 名稱 | 類型 | Description |
|---|---|---|
| description |
string |
自訂警示的描述。 |
| displayName |
string |
自訂警示的顯示名稱。 |
| isEnabled |
boolean |
自訂警示的狀態。 |
| maxThreshold |
integer |
最大臨界值。 |
| minThreshold |
integer |
最小臨界值。 |
| ruleType |
string |
自訂警示規則的類型。 |
| timeWindowSize |
string |
iso8601 格式的時間範圍大小。 |
valueType
清單中的項目實值型別。
| 名稱 | 類型 | Description |
|---|---|---|
| IpCidr |
string |
CIDR 格式的IP範圍(例如 '192.168.0.1/8')。 |
| String |
string |
任何字串值。 |