Iot Security Solution - List By Subscription

服務:

Defender for Cloud

API 版本:

2019-08-01

使用此方法依訂用帳戶取得IoT安全性解決方案清單。

GET https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.Security/iotSecuritySolutions?api-version=2019-08-01

含選擇性參數:

GET https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.Security/iotSecuritySolutions?api-version=2019-08-01&$filter={$filter}

URI 參數

名稱	位於	必要	類型	Description
subscriptionId	path	True	string	Azure 訂用帳戶標識碼 Regex 模式: ^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$
api-version	query	True	string	作業的 API 版本
$filter	query		string	使用 OData 語法篩選 IoT 安全性解決方案。 支援依 iotHubs 進行篩選。

回應

名稱	類型	Description
200 OK	IoTSecuritySolutionsList	還行
Other Status Codes	CloudError	描述作業失敗原因的錯誤回應。

安全性

azure_auth

Azure Active Directory OAuth2 Flow

類型: oauth2
Flow: implicit
授權 URL: https://login.microsoftonline.com/common/oauth2/authorize

範圍

名稱	Description
user_impersonation	模擬您的用戶帳戶

範例

List IoT Security solutions by IoT Hub

List IoT Security solutions by subscription

List IoT Security solutions by IoT Hub

範例要求

HTTP

GET https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/iotSecuritySolutions?api-version=2019-08-01&$filter=properties.iotHubs/any(i eq "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub")

Java

/**
 * Samples for IotSecuritySolution List.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/security/resource-manager/Microsoft.Security/stable/2019-08-01/examples/IoTSecuritySolutions/
     * GetIoTSecuritySolutionsListByIotHub.json
     */
    /**
     * Sample code: List IoT Security solutions by IoT Hub.
     * 
     * @param manager Entry point to SecurityManager.
     */
    public static void listIoTSecuritySolutionsByIoTHub(com.azure.resourcemanager.security.SecurityManager manager) {
        manager.iotSecuritySolutions().list(
            "properties.iotHubs/any(i eq \"/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub\")",
            com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Go

package armsecurity_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azcore/to"
	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/stable/2019-08-01/examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByIotHub.json
func ExampleIotSecuritySolutionClient_NewListBySubscriptionPager_listIoTSecuritySolutionsByIoTHub() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	pager := clientFactory.NewIotSecuritySolutionClient().NewListBySubscriptionPager(&armsecurity.IotSecuritySolutionClientListBySubscriptionOptions{Filter: to.Ptr("properties.iotHubs/any(i eq \"/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub\")")})
	for pager.More() {
		page, err := pager.NextPage(ctx)
		if err != nil {
			log.Fatalf("failed to advance page: %v", err)
		}
		for _, v := range page.Value {
			// You could use page here. We use blank identifier for just demo purposes.
			_ = v
		}
		// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
		// page.IoTSecuritySolutionsList = armsecurity.IoTSecuritySolutionsList{
		// 	Value: []*armsecurity.IoTSecuritySolutionModel{
		// 		{
		// 			Name: to.Ptr("default"),
		// 			Type: to.Ptr("Microsoft.Security/IoTSecuritySolutions"),
		// 			ID: to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default"),
		// 			Tags: map[string]*string{
		// 			},
		// 			Location: to.Ptr("East Us"),
		// 			Properties: &armsecurity.IoTSecuritySolutionProperties{
		// 				AutoDiscoveredResources: []*string{
		// 					to.Ptr("/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735"),
		// 					to.Ptr("/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub")},
		// 					DisabledDataSources: []*armsecurity.DataSource{
		// 					},
		// 					DisplayName: to.Ptr("Solution Default"),
		// 					Export: []*armsecurity.ExportData{
		// 						to.Ptr(armsecurity.ExportDataRawEvents)},
		// 						IotHubs: []*string{
		// 							to.Ptr("/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub")},
		// 							RecommendationsConfiguration: []*armsecurity.RecommendationConfigurationProperties{
		// 								{
		// 									Name: to.Ptr("Service Principal Not Used with ACR"),
		// 									RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTAcrauthentication),
		// 									Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 								},
		// 								{
		// 									Name: to.Ptr("Agent sending underutilized messages"),
		// 									RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTAgentSendsUnutilizedMessages),
		// 									Status: to.Ptr(armsecurity.RecommendationConfigStatus("TurnedOn")),
		// 								},
		// 								{
		// 									Name: to.Ptr("Operating system (OS) baseline validation failure"),
		// 									RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTBaseline),
		// 									Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 								},
		// 								{
		// 									Name: to.Ptr("Edge Hub memory can be optimized"),
		// 									RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTEdgeHubMemOptimize),
		// 									Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 								},
		// 								{
		// 									Name: to.Ptr("No Logging Configured for Edge Module"),
		// 									RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTEdgeLoggingOptions),
		// 									Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 								},
		// 								{
		// 									Name: to.Ptr("Module Settings Inconsistent in SecurityGroup"),
		// 									RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTInconsistentModuleSettings),
		// 									Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 								},
		// 								{
		// 									Name: to.Ptr("Install the Azure Security of Things Agent"),
		// 									RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTInstallAgent),
		// 									Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 								},
		// 								{
		// 									Name: to.Ptr("Default IP Filter Policy should be Deny"),
		// 									RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTIpfilterDenyAll),
		// 									Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 								},
		// 								{
		// 									Name: to.Ptr("IP Filter rule includes large IP range"),
		// 									RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTIpfilterPermissiveRule),
		// 									Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 								},
		// 								{
		// 									Name: to.Ptr("Open Ports On Device"),
		// 									RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTOpenPorts),
		// 									Status: to.Ptr(armsecurity.RecommendationConfigStatusDisabled),
		// 								},
		// 								{
		// 									Name: to.Ptr("Permissive firewall policy in one of the chains was found"),
		// 									RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTPermissiveFirewallPolicy),
		// 									Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 								},
		// 								{
		// 									Name: to.Ptr("Permissive firewall rule in the input chain was found"),
		// 									RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTPermissiveInputFirewallRules),
		// 									Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 								},
		// 								{
		// 									Name: to.Ptr("Permissive firewall rule in the output chain was found"),
		// 									RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTPermissiveOutputFirewallRules),
		// 									Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 								},
		// 								{
		// 									Name: to.Ptr("High level permissions configured in Edge model twin for Edge module"),
		// 									RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTPrivilegedDockerOptions),
		// 									Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 								},
		// 								{
		// 									Name: to.Ptr("Same Authentication Credentials used by multiple devices"),
		// 									RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTSharedCredentials),
		// 									Status: to.Ptr(armsecurity.RecommendationConfigStatusDisabled),
		// 								},
		// 								{
		// 									Name: to.Ptr("TLS cipher suite upgrade"),
		// 									RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTVulnerableTLSCipherSuite),
		// 									Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 							}},
		// 							Status: to.Ptr(armsecurity.SecuritySolutionStatusEnabled),
		// 							UnmaskedIPLoggingStatus: to.Ptr(armsecurity.UnmaskedIPLoggingStatusEnabled),
		// 							UserDefinedResources: &armsecurity.UserDefinedResourcesProperties{
		// 								Query: to.Ptr("where type != \"microsoft.devices/iothubs\" | where name contains \"iot\""),
		// 								QuerySubscriptions: []*string{
		// 									to.Ptr("075423e9-7d33-4166-8bdf-3920b04e3735")},
		// 								},
		// 								Workspace: to.Ptr("/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1"),
		// 							},
		// 							SystemData: &armsecurity.SystemData{
		// 								CreatedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-04-27T21:53:29.092Z"); return t}()),
		// 								CreatedBy: to.Ptr("string"),
		// 								CreatedByType: to.Ptr(armsecurity.CreatedByTypeUser),
		// 								LastModifiedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-04-27T21:53:29.092Z"); return t}()),
		// 								LastModifiedBy: to.Ptr("string"),
		// 								LastModifiedByType: to.Ptr(armsecurity.CreatedByTypeUser),
		// 							},
		// 					}},
		// 				}
	}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

JavaScript

const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Use this method to get the list of IoT Security solutions by subscription.
 *
 * @summary Use this method to get the list of IoT Security solutions by subscription.
 * x-ms-original-file: specification/security/resource-manager/Microsoft.Security/stable/2019-08-01/examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByIotHub.json
 */
async function listIoTSecuritySolutionsByIoTHub() {
  const subscriptionId =
    process.env["SECURITY_SUBSCRIPTION_ID"] || "20ff7fc3-e762-44dd-bd96-b71116dcdc23";
  const filter =
    'properties.iotHubs/any(i eq "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub")';
  const options = {
    filter,
  };
  const credential = new DefaultAzureCredential();
  const client = new SecurityCenter(credential, subscriptionId);
  const resArray = new Array();
  for await (let item of client.iotSecuritySolution.listBySubscription(options)) {
    resArray.push(item);
  }
  console.log(resArray);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

dotnet

using System;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.SecurityCenter;
using Azure.ResourceManager.SecurityCenter.Models;

// Generated from example definition: specification/security/resource-manager/Microsoft.Security/stable/2019-08-01/examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByIotHub.json
// this example is just showing the usage of "IotSecuritySolution_ListBySubscription" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this SubscriptionResource created on azure
// for more information of creating SubscriptionResource, please refer to the document of SubscriptionResource
string subscriptionId = "20ff7fc3-e762-44dd-bd96-b71116dcdc23";
ResourceIdentifier subscriptionResourceId = SubscriptionResource.CreateResourceIdentifier(subscriptionId);
SubscriptionResource subscriptionResource = client.GetSubscriptionResource(subscriptionResourceId);

// invoke the operation and iterate over the result
string filter = "properties.iotHubs/any(i eq \"/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub\")";
await foreach (IotSecuritySolutionResource item in subscriptionResource.GetIotSecuritySolutionsAsync(filter: filter))
{
    // the variable item is a resource, you could call other operations on this instance as well
    // but just for demo, we get its data from this resource instance
    IotSecuritySolutionData resourceData = item.Data;
    // for demo we just print out the id
    Console.WriteLine($"Succeeded on id: {resourceData.Id}");
}

Console.WriteLine($"Succeeded");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

範例回覆

狀態碼:

200

{
  "value": [
    {
      "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default",
      "name": "default",
      "type": "Microsoft.Security/IoTSecuritySolutions",
      "location": "East Us",
      "tags": {},
      "properties": {
        "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1",
        "status": "Enabled",
        "export": [
          "RawEvents"
        ],
        "disabledDataSources": [],
        "displayName": "Solution Default",
        "iotHubs": [
          "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub"
        ],
        "userDefinedResources": {
          "query": "where type != \"microsoft.devices/iothubs\" | where name contains \"iot\"",
          "querySubscriptions": [
            "075423e9-7d33-4166-8bdf-3920b04e3735"
          ]
        },
        "autoDiscoveredResources": [
          "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735",
          "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub"
        ],
        "recommendationsConfiguration": [
          {
            "recommendationType": "IoT_ACRAuthentication",
            "name": "Service Principal Not Used with ACR",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_AgentSendsUnutilizedMessages",
            "name": "Agent sending underutilized messages",
            "status": "TurnedOn"
          },
          {
            "recommendationType": "IoT_Baseline",
            "name": "Operating system (OS) baseline validation failure",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_EdgeHubMemOptimize",
            "name": "Edge Hub memory can be optimized",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_EdgeLoggingOptions",
            "name": "No Logging Configured for Edge Module",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_InconsistentModuleSettings",
            "name": "Module Settings Inconsistent in SecurityGroup",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_InstallAgent",
            "name": "Install the Azure Security of Things Agent",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_IPFilter_DenyAll",
            "name": "Default IP Filter Policy should be Deny",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_IPFilter_PermissiveRule",
            "name": "IP Filter rule includes large IP range",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_OpenPorts",
            "name": "Open Ports On Device",
            "status": "Disabled"
          },
          {
            "recommendationType": "IoT_PermissiveFirewallPolicy",
            "name": "Permissive firewall policy in one of the chains was found",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_PermissiveInputFirewallRules",
            "name": "Permissive firewall rule in the input chain was found",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_PermissiveOutputFirewallRules",
            "name": "Permissive firewall rule in the output chain was found",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_PrivilegedDockerOptions",
            "name": "High level permissions configured in Edge model twin for Edge module",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_SharedCredentials",
            "name": "Same Authentication Credentials used by multiple devices",
            "status": "Disabled"
          },
          {
            "recommendationType": "IoT_VulnerableTLSCipherSuite",
            "name": "TLS cipher suite upgrade",
            "status": "Enabled"
          }
        ],
        "unmaskedIpLoggingStatus": "Enabled"
      },
      "systemData": {
        "createdBy": "string",
        "createdByType": "User",
        "createdAt": "2020-04-27T21:53:29.0928001Z",
        "lastModifiedBy": "string",
        "lastModifiedByType": "User",
        "lastModifiedAt": "2020-04-27T21:53:29.0928001Z"
      }
    }
  ]
}

List IoT Security solutions by subscription

範例要求

HTTP

GET https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/iotSecuritySolutions?api-version=2019-08-01

Java

/**
 * Samples for IotSecuritySolution List.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/security/resource-manager/Microsoft.Security/stable/2019-08-01/examples/IoTSecuritySolutions/
     * GetIoTSecuritySolutionsList.json
     */
    /**
     * Sample code: List IoT Security solutions by subscription.
     * 
     * @param manager Entry point to SecurityManager.
     */
    public static void
        listIoTSecuritySolutionsBySubscription(com.azure.resourcemanager.security.SecurityManager manager) {
        manager.iotSecuritySolutions().list(null, com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Go

package armsecurity_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/stable/2019-08-01/examples/IoTSecuritySolutions/GetIoTSecuritySolutionsList.json
func ExampleIotSecuritySolutionClient_NewListBySubscriptionPager_listIoTSecuritySolutionsBySubscription() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	pager := clientFactory.NewIotSecuritySolutionClient().NewListBySubscriptionPager(&armsecurity.IotSecuritySolutionClientListBySubscriptionOptions{Filter: nil})
	for pager.More() {
		page, err := pager.NextPage(ctx)
		if err != nil {
			log.Fatalf("failed to advance page: %v", err)
		}
		for _, v := range page.Value {
			// You could use page here. We use blank identifier for just demo purposes.
			_ = v
		}
		// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
		// page.IoTSecuritySolutionsList = armsecurity.IoTSecuritySolutionsList{
		// 	Value: []*armsecurity.IoTSecuritySolutionModel{
		// 		{
		// 			Name: to.Ptr("default"),
		// 			Type: to.Ptr("Microsoft.Security/IoTSecuritySolutions"),
		// 			ID: to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default"),
		// 			Tags: map[string]*string{
		// 			},
		// 			Location: to.Ptr("East Us"),
		// 			Properties: &armsecurity.IoTSecuritySolutionProperties{
		// 				AutoDiscoveredResources: []*string{
		// 					to.Ptr("/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735"),
		// 					to.Ptr("/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub")},
		// 					DisabledDataSources: []*armsecurity.DataSource{
		// 					},
		// 					DisplayName: to.Ptr("Solution Default"),
		// 					Export: []*armsecurity.ExportData{
		// 					},
		// 					IotHubs: []*string{
		// 						to.Ptr("/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub")},
		// 						RecommendationsConfiguration: []*armsecurity.RecommendationConfigurationProperties{
		// 							{
		// 								Name: to.Ptr("Service Principal Not Used with ACR"),
		// 								RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTAcrauthentication),
		// 								Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 							},
		// 							{
		// 								Name: to.Ptr("Agent sending underutilized messages"),
		// 								RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTAgentSendsUnutilizedMessages),
		// 								Status: to.Ptr(armsecurity.RecommendationConfigStatus("TurnedOn")),
		// 							},
		// 							{
		// 								Name: to.Ptr("Operating system (OS) baseline validation failure"),
		// 								RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTBaseline),
		// 								Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 							},
		// 							{
		// 								Name: to.Ptr("Edge Hub memory can be optimized"),
		// 								RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTEdgeHubMemOptimize),
		// 								Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 							},
		// 							{
		// 								Name: to.Ptr("No Logging Configured for Edge Module"),
		// 								RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTEdgeLoggingOptions),
		// 								Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 							},
		// 							{
		// 								Name: to.Ptr("Module Settings Inconsistent in SecurityGroup"),
		// 								RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTInconsistentModuleSettings),
		// 								Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 							},
		// 							{
		// 								Name: to.Ptr("Install the Azure Security of Things Agent"),
		// 								RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTInstallAgent),
		// 								Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 							},
		// 							{
		// 								Name: to.Ptr("Default IP Filter Policy should be Deny"),
		// 								RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTIpfilterDenyAll),
		// 								Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 							},
		// 							{
		// 								Name: to.Ptr("IP Filter rule includes large IP range"),
		// 								RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTIpfilterPermissiveRule),
		// 								Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 							},
		// 							{
		// 								Name: to.Ptr("Open Ports On Device"),
		// 								RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTOpenPorts),
		// 								Status: to.Ptr(armsecurity.RecommendationConfigStatusDisabled),
		// 							},
		// 							{
		// 								Name: to.Ptr("Permissive firewall policy in one of the chains was found"),
		// 								RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTPermissiveFirewallPolicy),
		// 								Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 							},
		// 							{
		// 								Name: to.Ptr("Permissive firewall rule in the input chain was found"),
		// 								RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTPermissiveInputFirewallRules),
		// 								Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 							},
		// 							{
		// 								Name: to.Ptr("Permissive firewall rule in the output chain was found"),
		// 								RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTPermissiveOutputFirewallRules),
		// 								Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 							},
		// 							{
		// 								Name: to.Ptr("High level permissions configured in Edge model twin for Edge module"),
		// 								RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTPrivilegedDockerOptions),
		// 								Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 							},
		// 							{
		// 								Name: to.Ptr("Same Authentication Credentials used by multiple devices"),
		// 								RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTSharedCredentials),
		// 								Status: to.Ptr(armsecurity.RecommendationConfigStatusDisabled),
		// 							},
		// 							{
		// 								Name: to.Ptr("TLS cipher suite upgrade"),
		// 								RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTVulnerableTLSCipherSuite),
		// 								Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 						}},
		// 						Status: to.Ptr(armsecurity.SecuritySolutionStatusEnabled),
		// 						UnmaskedIPLoggingStatus: to.Ptr(armsecurity.UnmaskedIPLoggingStatusEnabled),
		// 						UserDefinedResources: &armsecurity.UserDefinedResourcesProperties{
		// 							Query: to.Ptr("where type != \"microsoft.devices/iothubs\" | where name contains \"iot\""),
		// 							QuerySubscriptions: []*string{
		// 								to.Ptr("075423e9-7d33-4166-8bdf-3920b04e3735")},
		// 							},
		// 							Workspace: to.Ptr("/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1"),
		// 						},
		// 						SystemData: &armsecurity.SystemData{
		// 							CreatedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-04-27T21:53:29.092Z"); return t}()),
		// 							CreatedBy: to.Ptr("string"),
		// 							CreatedByType: to.Ptr(armsecurity.CreatedByTypeUser),
		// 							LastModifiedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-04-27T21:53:29.092Z"); return t}()),
		// 							LastModifiedBy: to.Ptr("string"),
		// 							LastModifiedByType: to.Ptr(armsecurity.CreatedByTypeUser),
		// 						},
		// 					},
		// 					{
		// 						Name: to.Ptr("sec-solution"),
		// 						Type: to.Ptr("Microsoft.Security/IoTSecuritySolutions"),
		// 						ID: to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SecondGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/sec-solution"),
		// 						Tags: map[string]*string{
		// 						},
		// 						Location: to.Ptr("East Us"),
		// 						Properties: &armsecurity.IoTSecuritySolutionProperties{
		// 							AutoDiscoveredResources: []*string{
		// 								to.Ptr("/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735"),
		// 								to.Ptr("/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/IotHubSecond")},
		// 								DisabledDataSources: []*armsecurity.DataSource{
		// 								},
		// 								DisplayName: to.Ptr("Second Solution"),
		// 								Export: []*armsecurity.ExportData{
		// 									to.Ptr(armsecurity.ExportDataRawEvents)},
		// 									IotHubs: []*string{
		// 										to.Ptr("/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/IotHubSecond")},
		// 										RecommendationsConfiguration: []*armsecurity.RecommendationConfigurationProperties{
		// 											{
		// 												Name: to.Ptr("Service Principal Not Used with ACR"),
		// 												RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTAcrauthentication),
		// 												Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 											},
		// 											{
		// 												Name: to.Ptr("Agent sending underutilized messages"),
		// 												RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTAgentSendsUnutilizedMessages),
		// 												Status: to.Ptr(armsecurity.RecommendationConfigStatus("TurnedOn")),
		// 											},
		// 											{
		// 												Name: to.Ptr("Operating system (OS) baseline validation failure"),
		// 												RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTBaseline),
		// 												Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 											},
		// 											{
		// 												Name: to.Ptr("Edge Hub memory can be optimized"),
		// 												RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTEdgeHubMemOptimize),
		// 												Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 											},
		// 											{
		// 												Name: to.Ptr("No Logging Configured for Edge Module"),
		// 												RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTEdgeLoggingOptions),
		// 												Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 											},
		// 											{
		// 												Name: to.Ptr("Module Settings Inconsistent in SecurityGroup"),
		// 												RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTInconsistentModuleSettings),
		// 												Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 											},
		// 											{
		// 												Name: to.Ptr("Install the Azure Security of Things Agent"),
		// 												RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTInstallAgent),
		// 												Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 											},
		// 											{
		// 												Name: to.Ptr("Default IP Filter Policy should be Deny"),
		// 												RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTIpfilterDenyAll),
		// 												Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 											},
		// 											{
		// 												Name: to.Ptr("IP Filter rule includes large IP range"),
		// 												RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTIpfilterPermissiveRule),
		// 												Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 											},
		// 											{
		// 												Name: to.Ptr("Open Ports On Device"),
		// 												RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTOpenPorts),
		// 												Status: to.Ptr(armsecurity.RecommendationConfigStatusDisabled),
		// 											},
		// 											{
		// 												Name: to.Ptr("Permissive firewall policy in one of the chains was found"),
		// 												RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTPermissiveFirewallPolicy),
		// 												Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 											},
		// 											{
		// 												Name: to.Ptr("Permissive firewall rule in the input chain was found"),
		// 												RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTPermissiveInputFirewallRules),
		// 												Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 											},
		// 											{
		// 												Name: to.Ptr("Permissive firewall rule in the output chain was found"),
		// 												RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTPermissiveOutputFirewallRules),
		// 												Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 											},
		// 											{
		// 												Name: to.Ptr("High level permissions configured in Edge model twin for Edge module"),
		// 												RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTPrivilegedDockerOptions),
		// 												Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 											},
		// 											{
		// 												Name: to.Ptr("Same Authentication Credentials used by multiple devices"),
		// 												RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTSharedCredentials),
		// 												Status: to.Ptr(armsecurity.RecommendationConfigStatusDisabled),
		// 											},
		// 											{
		// 												Name: to.Ptr("TLS cipher suite upgrade"),
		// 												RecommendationType: to.Ptr(armsecurity.RecommendationTypeIoTVulnerableTLSCipherSuite),
		// 												Status: to.Ptr(armsecurity.RecommendationConfigStatusEnabled),
		// 										}},
		// 										Status: to.Ptr(armsecurity.SecuritySolutionStatusEnabled),
		// 										UnmaskedIPLoggingStatus: to.Ptr(armsecurity.UnmaskedIPLoggingStatusEnabled),
		// 										UserDefinedResources: &armsecurity.UserDefinedResourcesProperties{
		// 											Query: to.Ptr("where type != \"microsoft.devices/iothubs\" | where name contains \"iot\""),
		// 											QuerySubscriptions: []*string{
		// 												to.Ptr("075423e9-7d33-4166-8bdf-3920b04e3735")},
		// 											},
		// 											Workspace: to.Ptr("/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1"),
		// 										},
		// 										SystemData: &armsecurity.SystemData{
		// 											CreatedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-04-27T21:53:29.092Z"); return t}()),
		// 											CreatedBy: to.Ptr("string"),
		// 											CreatedByType: to.Ptr(armsecurity.CreatedByTypeUser),
		// 											LastModifiedAt: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2020-04-27T21:53:29.092Z"); return t}()),
		// 											LastModifiedBy: to.Ptr("string"),
		// 											LastModifiedByType: to.Ptr(armsecurity.CreatedByTypeUser),
		// 										},
		// 								}},
		// 							}
	}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

JavaScript

const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Use this method to get the list of IoT Security solutions by subscription.
 *
 * @summary Use this method to get the list of IoT Security solutions by subscription.
 * x-ms-original-file: specification/security/resource-manager/Microsoft.Security/stable/2019-08-01/examples/IoTSecuritySolutions/GetIoTSecuritySolutionsList.json
 */
async function listIoTSecuritySolutionsBySubscription() {
  const subscriptionId =
    process.env["SECURITY_SUBSCRIPTION_ID"] || "20ff7fc3-e762-44dd-bd96-b71116dcdc23";
  const credential = new DefaultAzureCredential();
  const client = new SecurityCenter(credential, subscriptionId);
  const resArray = new Array();
  for await (let item of client.iotSecuritySolution.listBySubscription()) {
    resArray.push(item);
  }
  console.log(resArray);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

dotnet

using System;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.SecurityCenter;
using Azure.ResourceManager.SecurityCenter.Models;

// Generated from example definition: specification/security/resource-manager/Microsoft.Security/stable/2019-08-01/examples/IoTSecuritySolutions/GetIoTSecuritySolutionsList.json
// this example is just showing the usage of "IotSecuritySolution_ListBySubscription" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this SubscriptionResource created on azure
// for more information of creating SubscriptionResource, please refer to the document of SubscriptionResource
string subscriptionId = "20ff7fc3-e762-44dd-bd96-b71116dcdc23";
ResourceIdentifier subscriptionResourceId = SubscriptionResource.CreateResourceIdentifier(subscriptionId);
SubscriptionResource subscriptionResource = client.GetSubscriptionResource(subscriptionResourceId);

// invoke the operation and iterate over the result
await foreach (IotSecuritySolutionResource item in subscriptionResource.GetIotSecuritySolutionsAsync())
{
    // the variable item is a resource, you could call other operations on this instance as well
    // but just for demo, we get its data from this resource instance
    IotSecuritySolutionData resourceData = item.Data;
    // for demo we just print out the id
    Console.WriteLine($"Succeeded on id: {resourceData.Id}");
}

Console.WriteLine($"Succeeded");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

範例回覆

狀態碼:

200

{
  "value": [
    {
      "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default",
      "name": "default",
      "location": "East Us",
      "type": "Microsoft.Security/IoTSecuritySolutions",
      "tags": {},
      "properties": {
        "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1",
        "status": "Enabled",
        "export": [],
        "disabledDataSources": [],
        "displayName": "Solution Default",
        "iotHubs": [
          "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub"
        ],
        "userDefinedResources": {
          "query": "where type != \"microsoft.devices/iothubs\" | where name contains \"iot\"",
          "querySubscriptions": [
            "075423e9-7d33-4166-8bdf-3920b04e3735"
          ]
        },
        "autoDiscoveredResources": [
          "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735",
          "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub"
        ],
        "recommendationsConfiguration": [
          {
            "recommendationType": "IoT_ACRAuthentication",
            "name": "Service Principal Not Used with ACR",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_AgentSendsUnutilizedMessages",
            "name": "Agent sending underutilized messages",
            "status": "TurnedOn"
          },
          {
            "recommendationType": "IoT_Baseline",
            "name": "Operating system (OS) baseline validation failure",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_EdgeHubMemOptimize",
            "name": "Edge Hub memory can be optimized",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_EdgeLoggingOptions",
            "name": "No Logging Configured for Edge Module",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_InconsistentModuleSettings",
            "name": "Module Settings Inconsistent in SecurityGroup",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_InstallAgent",
            "name": "Install the Azure Security of Things Agent",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_IPFilter_DenyAll",
            "name": "Default IP Filter Policy should be Deny",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_IPFilter_PermissiveRule",
            "name": "IP Filter rule includes large IP range",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_OpenPorts",
            "name": "Open Ports On Device",
            "status": "Disabled"
          },
          {
            "recommendationType": "IoT_PermissiveFirewallPolicy",
            "name": "Permissive firewall policy in one of the chains was found",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_PermissiveInputFirewallRules",
            "name": "Permissive firewall rule in the input chain was found",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_PermissiveOutputFirewallRules",
            "name": "Permissive firewall rule in the output chain was found",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_PrivilegedDockerOptions",
            "name": "High level permissions configured in Edge model twin for Edge module",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_SharedCredentials",
            "name": "Same Authentication Credentials used by multiple devices",
            "status": "Disabled"
          },
          {
            "recommendationType": "IoT_VulnerableTLSCipherSuite",
            "name": "TLS cipher suite upgrade",
            "status": "Enabled"
          }
        ],
        "unmaskedIpLoggingStatus": "Enabled"
      },
      "systemData": {
        "createdBy": "string",
        "createdByType": "User",
        "createdAt": "2020-04-27T21:53:29.0928001Z",
        "lastModifiedBy": "string",
        "lastModifiedByType": "User",
        "lastModifiedAt": "2020-04-27T21:53:29.0928001Z"
      }
    },
    {
      "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SecondGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/sec-solution",
      "name": "sec-solution",
      "location": "East Us",
      "type": "Microsoft.Security/IoTSecuritySolutions",
      "tags": {},
      "properties": {
        "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1",
        "status": "Enabled",
        "export": [
          "RawEvents"
        ],
        "disabledDataSources": [],
        "displayName": "Second Solution",
        "iotHubs": [
          "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/IotHubSecond"
        ],
        "userDefinedResources": {
          "query": "where type != \"microsoft.devices/iothubs\" | where name contains \"iot\"",
          "querySubscriptions": [
            "075423e9-7d33-4166-8bdf-3920b04e3735"
          ]
        },
        "autoDiscoveredResources": [
          "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735",
          "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/IotHubSecond"
        ],
        "recommendationsConfiguration": [
          {
            "recommendationType": "IoT_ACRAuthentication",
            "name": "Service Principal Not Used with ACR",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_AgentSendsUnutilizedMessages",
            "name": "Agent sending underutilized messages",
            "status": "TurnedOn"
          },
          {
            "recommendationType": "IoT_Baseline",
            "name": "Operating system (OS) baseline validation failure",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_EdgeHubMemOptimize",
            "name": "Edge Hub memory can be optimized",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_EdgeLoggingOptions",
            "name": "No Logging Configured for Edge Module",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_InconsistentModuleSettings",
            "name": "Module Settings Inconsistent in SecurityGroup",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_InstallAgent",
            "name": "Install the Azure Security of Things Agent",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_IPFilter_DenyAll",
            "name": "Default IP Filter Policy should be Deny",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_IPFilter_PermissiveRule",
            "name": "IP Filter rule includes large IP range",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_OpenPorts",
            "name": "Open Ports On Device",
            "status": "Disabled"
          },
          {
            "recommendationType": "IoT_PermissiveFirewallPolicy",
            "name": "Permissive firewall policy in one of the chains was found",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_PermissiveInputFirewallRules",
            "name": "Permissive firewall rule in the input chain was found",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_PermissiveOutputFirewallRules",
            "name": "Permissive firewall rule in the output chain was found",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_PrivilegedDockerOptions",
            "name": "High level permissions configured in Edge model twin for Edge module",
            "status": "Enabled"
          },
          {
            "recommendationType": "IoT_SharedCredentials",
            "name": "Same Authentication Credentials used by multiple devices",
            "status": "Disabled"
          },
          {
            "recommendationType": "IoT_VulnerableTLSCipherSuite",
            "name": "TLS cipher suite upgrade",
            "status": "Enabled"
          }
        ],
        "unmaskedIpLoggingStatus": "Enabled"
      },
      "systemData": {
        "createdBy": "string",
        "createdByType": "User",
        "createdAt": "2020-04-27T21:53:29.0928001Z",
        "lastModifiedBy": "string",
        "lastModifiedByType": "User",
        "lastModifiedAt": "2020-04-27T21:53:29.0928001Z"
      }
    }
  ]
}

定義

名稱	Description
AdditionalWorkspaceDataType	傳送至工作區的數據類型清單
AdditionalWorkspacesProperties	其他工作區的屬性。
AdditionalWorkspaceType	工作區類型。
CloudError	所有 Azure Resource Manager API 的常見錯誤回應，以傳回失敗作業的錯誤詳細數據。 （這也遵循 OData 錯誤回應格式。）。
CloudErrorBody	錯誤詳細數據。
createdByType	建立資源的身分識別類型。
DataSource	停用的數據源。 停用這些數據源會危害系統。
ErrorAdditionalInfo	資源管理錯誤其他資訊。
ExportData	匯出至工作區數據的其他選項清單。
IoTSecuritySolutionModel	IoT 安全性解決方案設定和資源資訊。
IoTSecuritySolutionsList	IoT 安全性解決方案清單。
RecommendationConfigStatus	建議狀態。 當建議狀態為停用時，不會產生建議。
RecommendationConfigurationProperties	IoT 安全性建議的類型。
RecommendationType	IoT 安全性建議的類型。
SecuritySolutionStatus	IoT 安全性解決方案的狀態。
systemData	與建立和上次修改資源相關的元數據。
UnmaskedIpLoggingStatus	未遮罩的IP位址記錄狀態
UserDefinedResourcesProperties	IoT 安全性解決方案使用者定義資源的屬性。

AdditionalWorkspaceDataType

傳送至工作區的數據類型清單

名稱	類型	Description
Alerts	string
RawEvents	string

AdditionalWorkspacesProperties

其他工作區的屬性。

名稱	類型	預設值	Description
dataTypes	AdditionalWorkspaceDataType[]		傳送至工作區的數據類型清單
type	AdditionalWorkspaceType	Sentinel	工作區類型。
workspace	string		工作區資源標識碼

AdditionalWorkspaceType

工作區類型。

名稱	類型	Description
Sentinel	string

CloudError

所有 Azure Resource Manager API 的常見錯誤回應，以傳回失敗作業的錯誤詳細數據。 （這也遵循 OData 錯誤回應格式。）。

名稱	類型	Description
error.additionalInfo	ErrorAdditionalInfo[]	錯誤其他資訊。
error.code	string	錯誤碼。
error.details	CloudErrorBody[]	錯誤詳細數據。
error.message	string	錯誤訊息。
error.target	string	錯誤目標。

CloudErrorBody

錯誤詳細數據。

名稱	類型	Description
additionalInfo	ErrorAdditionalInfo[]	錯誤其他資訊。
code	string	錯誤碼。
details	CloudErrorBody[]	錯誤詳細數據。
message	string	錯誤訊息。
target	string	錯誤目標。

createdByType

建立資源的身分識別類型。

名稱	類型	Description
Application	string
Key	string
ManagedIdentity	string
User	string

DataSource

停用的數據源。 停用這些數據源會危害系統。

名稱	類型	Description
TwinData	string	裝置對應項數據

ErrorAdditionalInfo

資源管理錯誤其他資訊。

名稱	類型	Description
info	object	其他資訊。
type	string	其他信息類型。

ExportData

匯出至工作區數據的其他選項清單。

名稱	類型	Description
RawEvents	string	代理程式原始事件

IoTSecuritySolutionModel

IoT 安全性解決方案設定和資源資訊。

名稱	類型	預設值	Description
id	string		資源標識碼
location	string		資源位置。
name	string		資源名稱
properties.additionalWorkspaces	AdditionalWorkspacesProperties[]		其他工作區的清單
properties.autoDiscoveredResources	string[]		自動探索到與安全性解決方案相關的資源清單。
properties.disabledDataSources	DataSource[]		停用的數據源。 停用這些數據源會危害系統。
properties.displayName	string		資源顯示名稱。
properties.export	ExportData[]		匯出至工作區數據的其他選項清單。
properties.iotHubs	string[]		IoT 中樞資源標識碼
properties.recommendationsConfiguration	RecommendationConfigurationProperties[]		每個建議類型的組態狀態清單。
properties.status	SecuritySolutionStatus	Enabled	IoT 安全性解決方案的狀態。
properties.unmaskedIpLoggingStatus	UnmaskedIpLoggingStatus	Disabled	未遮罩的IP位址記錄狀態
properties.userDefinedResources	UserDefinedResourcesProperties		IoT 安全性解決方案使用者定義資源的屬性。
properties.workspace	string		工作區資源標識碼
systemData	systemData		包含 createdBy 和 modifiedBy 資訊的 Azure Resource Manager 元數據。
tags	object		資源標籤
type	string		資源類型

IoTSecuritySolutionsList

IoT 安全性解決方案清單。

名稱	類型	Description
nextLink	string	要擷取下一頁的 URI。
value	IoTSecuritySolutionModel[]	IoT 安全性解決方案清單

RecommendationConfigStatus

建議狀態。 當建議狀態為停用時，不會產生建議。

名稱	類型	Description
Disabled	string
Enabled	string

RecommendationConfigurationProperties

IoT 安全性建議的類型。

名稱	類型	預設值	Description
name	string
recommendationType	RecommendationType		IoT 安全性建議的類型。
status	RecommendationConfigStatus	Enabled	建議狀態。 當建議狀態為停用時，不會產生建議。

RecommendationType

IoT 安全性建議的類型。

名稱	類型	Description
IoT_ACRAuthentication	string	用來從 ACR 存放庫提取邊緣模組的驗證架構不會使用服務主體驗證。
IoT_AgentSendsUnutilizedMessages	string	IoT 代理程式訊息大小容量目前使用量過低，導致已傳送的訊息數目增加。 調整訊息間隔以提升使用率。
IoT_Baseline	string	識別的安全性相關系統設定問題。
IoT_EdgeHubMemOptimize	string	您可以關閉解決方案中 Edge 模組未使用之任何通訊協定的通訊協定前端，將 Edge Hub 記憶體使用量優化。
IoT_EdgeLoggingOptions	string	此 Edge 模組已停用記錄。
IoT_IPFilter_DenyAll	string	IP 篩選組態應該已針對允許的流量定義規則，且預設應該拒絕所有其他流量。
IoT_IPFilter_PermissiveRule	string	允許IP篩選規則來源IP範圍太大。 過度寬鬆的規則可能會將您的IoT中樞公開給惡意意圖者。
IoT_InconsistentModuleSettings	string	裝置安全組內的少數使用者與其群組的其餘部分有不一致的Edge模組設定。
IoT_InstallAgent	string	安裝物聯網代理程式的 Azure 安全性。
IoT_OpenPorts	string	在裝置上找到接聽端點。
IoT_PermissiveFirewallPolicy	string	找到允許的防火牆原則 （INPUT/OUTPUT）。 原則應預設拒絕所有流量，並定義規則以允許對裝置進行/從裝置進行必要的通訊。
IoT_PermissiveInputFirewallRules	string	找到防火牆中的規則，其中包含各種IP位址或埠的寬鬆模式。
IoT_PermissiveOutputFirewallRules	string	找到防火牆中的規則，其中包含各種IP位址或埠的寬鬆模式。
IoT_PrivilegedDockerOptions	string	Edge 模組設定為以特殊許可權模式執行，具有廣泛的 Linux 功能或主機層級網路存取權（傳送/接收數據至主電腦）。
IoT_SharedCredentials	string	與多個裝置所使用的IoT中樞相同的驗證認證。 這可能表示冒充合法裝置的非法裝置。 它也會公開攻擊者模擬裝置的風險。
IoT_VulnerableTLSCipherSuite	string	偵測到不安全的 TLS 組態。 建議立即升級。

SecuritySolutionStatus

IoT 安全性解決方案的狀態。

名稱	類型	Description
Disabled	string
Enabled	string

systemData

與建立和上次修改資源相關的元數據。

名稱	類型	Description
createdAt	string	資源建立的時間戳（UTC）。
createdBy	string	建立資源的身分識別。
createdByType	createdByType	建立資源的身分識別類型。
lastModifiedAt	string	上次修改的資源時間戳 （UTC）
lastModifiedBy	string	上次修改資源的身分識別。
lastModifiedByType	createdByType	上次修改資源的身分識別類型。

UnmaskedIpLoggingStatus

未遮罩的IP位址記錄狀態

名稱	類型	Description
Disabled	string	已停用未遮罩的IP記錄
Enabled	string	已啟用未遮罩的IP記錄

UserDefinedResourcesProperties

IoT 安全性解決方案使用者定義資源的屬性。

名稱	類型	Description
query	string	Azure Resource Graph 查詢，代表安全性解決方案的使用者定義資源。 開頭為 “where type ！= ”Microsoft.Devices/IotHubs”
querySubscriptions	string[]	應執行使用者定義資源查詢的 Azure 訂用帳戶標識碼清單。