Microsoft.Security deviceSecurityGroups
Bicep resource definition
The deviceSecurityGroups resource type can be deployed with operations that target:
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Security/deviceSecurityGroups resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.Security/deviceSecurityGroups@2019-08-01' = {
name: 'string'
properties: {
allowlistRules: [
{
allowlistValues: [
'string'
]
isEnabled: bool
ruleType: 'string'
// For remaining properties, see AllowlistCustomAlertRule objects
}
]
denylistRules: [
{
denylistValues: [
'string'
]
isEnabled: bool
ruleType: 'string'
}
]
thresholdRules: [
{
isEnabled: bool
maxThreshold: int
minThreshold: int
ruleType: 'string'
// For remaining properties, see ThresholdCustomAlertRule objects
}
]
timeWindowRules: [
{
isEnabled: bool
maxThreshold: int
minThreshold: int
timeWindowSize: 'string'
ruleType: 'string'
// For remaining properties, see TimeWindowCustomAlertRule objects
}
]
}
}
TimeWindowCustomAlertRule objects
Set the ruleType property to specify the type of object.
For ActiveConnectionsNotInAllowedRange, use:
{
ruleType: 'ActiveConnectionsNotInAllowedRange'
}
For AmqpC2DMessagesNotInAllowedRange, use:
{
ruleType: 'AmqpC2DMessagesNotInAllowedRange'
}
For AmqpC2DRejectedMessagesNotInAllowedRange, use:
{
ruleType: 'AmqpC2DRejectedMessagesNotInAllowedRange'
}
For AmqpD2CMessagesNotInAllowedRange, use:
{
ruleType: 'AmqpD2CMessagesNotInAllowedRange'
}
For DirectMethodInvokesNotInAllowedRange, use:
{
ruleType: 'DirectMethodInvokesNotInAllowedRange'
}
For FailedLocalLoginsNotInAllowedRange, use:
{
ruleType: 'FailedLocalLoginsNotInAllowedRange'
}
For FileUploadsNotInAllowedRange, use:
{
ruleType: 'FileUploadsNotInAllowedRange'
}
For HttpC2DMessagesNotInAllowedRange, use:
{
ruleType: 'HttpC2DMessagesNotInAllowedRange'
}
For HttpC2DRejectedMessagesNotInAllowedRange, use:
{
ruleType: 'HttpC2DRejectedMessagesNotInAllowedRange'
}
For HttpD2CMessagesNotInAllowedRange, use:
{
ruleType: 'HttpD2CMessagesNotInAllowedRange'
}
For MqttC2DMessagesNotInAllowedRange, use:
{
ruleType: 'MqttC2DMessagesNotInAllowedRange'
}
For MqttC2DRejectedMessagesNotInAllowedRange, use:
{
ruleType: 'MqttC2DRejectedMessagesNotInAllowedRange'
}
For MqttD2CMessagesNotInAllowedRange, use:
{
ruleType: 'MqttD2CMessagesNotInAllowedRange'
}
For QueuePurgesNotInAllowedRange, use:
{
ruleType: 'QueuePurgesNotInAllowedRange'
}
For TwinUpdatesNotInAllowedRange, use:
{
ruleType: 'TwinUpdatesNotInAllowedRange'
}
For UnauthorizedOperationsNotInAllowedRange, use:
{
ruleType: 'UnauthorizedOperationsNotInAllowedRange'
}
AllowlistCustomAlertRule objects
Set the ruleType property to specify the type of object.
For ConnectionFromIpNotAllowed, use:
{
ruleType: 'ConnectionFromIpNotAllowed'
}
For ConnectionToIpNotAllowed, use:
{
ruleType: 'ConnectionToIpNotAllowed'
}
For LocalUserNotAllowed, use:
{
ruleType: 'LocalUserNotAllowed'
}
For ProcessNotAllowed, use:
{
ruleType: 'ProcessNotAllowed'
}
ThresholdCustomAlertRule objects
Set the ruleType property to specify the type of object.
For ActiveConnectionsNotInAllowedRange, use:
{
ruleType: 'ActiveConnectionsNotInAllowedRange'
timeWindowSize: 'string'
}
For AmqpC2DMessagesNotInAllowedRange, use:
{
ruleType: 'AmqpC2DMessagesNotInAllowedRange'
timeWindowSize: 'string'
}
For AmqpC2DRejectedMessagesNotInAllowedRange, use:
{
ruleType: 'AmqpC2DRejectedMessagesNotInAllowedRange'
timeWindowSize: 'string'
}
For AmqpD2CMessagesNotInAllowedRange, use:
{
ruleType: 'AmqpD2CMessagesNotInAllowedRange'
timeWindowSize: 'string'
}
For DirectMethodInvokesNotInAllowedRange, use:
{
ruleType: 'DirectMethodInvokesNotInAllowedRange'
timeWindowSize: 'string'
}
For FailedLocalLoginsNotInAllowedRange, use:
{
ruleType: 'FailedLocalLoginsNotInAllowedRange'
timeWindowSize: 'string'
}
For FileUploadsNotInAllowedRange, use:
{
ruleType: 'FileUploadsNotInAllowedRange'
timeWindowSize: 'string'
}
For HttpC2DMessagesNotInAllowedRange, use:
{
ruleType: 'HttpC2DMessagesNotInAllowedRange'
timeWindowSize: 'string'
}
For HttpC2DRejectedMessagesNotInAllowedRange, use:
{
ruleType: 'HttpC2DRejectedMessagesNotInAllowedRange'
timeWindowSize: 'string'
}
For HttpD2CMessagesNotInAllowedRange, use:
{
ruleType: 'HttpD2CMessagesNotInAllowedRange'
timeWindowSize: 'string'
}
For MqttC2DMessagesNotInAllowedRange, use:
{
ruleType: 'MqttC2DMessagesNotInAllowedRange'
timeWindowSize: 'string'
}
For MqttC2DRejectedMessagesNotInAllowedRange, use:
{
ruleType: 'MqttC2DRejectedMessagesNotInAllowedRange'
timeWindowSize: 'string'
}
For MqttD2CMessagesNotInAllowedRange, use:
{
ruleType: 'MqttD2CMessagesNotInAllowedRange'
timeWindowSize: 'string'
}
For QueuePurgesNotInAllowedRange, use:
{
ruleType: 'QueuePurgesNotInAllowedRange'
timeWindowSize: 'string'
}
For TwinUpdatesNotInAllowedRange, use:
{
ruleType: 'TwinUpdatesNotInAllowedRange'
timeWindowSize: 'string'
}
For UnauthorizedOperationsNotInAllowedRange, use:
{
ruleType: 'UnauthorizedOperationsNotInAllowedRange'
timeWindowSize: 'string'
}
Property values
ActiveConnectionsNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'ActiveConnectionsNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
ActiveConnectionsNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'ActiveConnectionsNotInAllowedRange' (required) |
AllowlistCustomAlertRule
| Name | Description | Value |
|---|---|---|
| allowlistValues | The values to allow. The format of the values depends on the rule type. | string[] (required) |
| isEnabled | Status of the custom alert. | bool (required) |
| ruleType | Set to 'ConnectionFromIpNotAllowed' for type ConnectionFromIpNotAllowed. Set to 'ConnectionToIpNotAllowed' for type ConnectionToIpNotAllowed. Set to 'LocalUserNotAllowed' for type LocalUserNotAllowed. Set to 'ProcessNotAllowed' for type ProcessNotAllowed. | 'ConnectionFromIpNotAllowed' 'ConnectionToIpNotAllowed' 'LocalUserNotAllowed' 'ProcessNotAllowed' (required) |
AmqpC2DMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'AmqpC2DMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
AmqpC2DMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'AmqpC2DMessagesNotInAllowedRange' (required) |
AmqpC2DRejectedMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'AmqpC2DRejectedMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
AmqpC2DRejectedMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'AmqpC2DRejectedMessagesNotInAllowedRange' (required) |
AmqpD2CMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'AmqpD2CMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
AmqpD2CMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'AmqpD2CMessagesNotInAllowedRange' (required) |
ConnectionFromIpNotAllowed
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'ConnectionFromIpNotAllowed' (required) |
ConnectionToIpNotAllowed
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'ConnectionToIpNotAllowed' (required) |
DenylistCustomAlertRule
| Name | Description | Value |
|---|---|---|
| denylistValues | The values to deny. The format of the values depends on the rule type. | string[] (required) |
| isEnabled | Status of the custom alert. | bool (required) |
| ruleType | The type of the custom alert rule. | string (required) |
DeviceSecurityGroupProperties
| Name | Description | Value |
|---|---|---|
| allowlistRules | The allow-list custom alert rules. | AllowlistCustomAlertRule[] |
| denylistRules | The deny-list custom alert rules. | DenylistCustomAlertRule[] |
| thresholdRules | The list of custom alert threshold rules. | ThresholdCustomAlertRule[] |
| timeWindowRules | The list of custom alert time-window rules. | TimeWindowCustomAlertRule[] |
DirectMethodInvokesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'DirectMethodInvokesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
DirectMethodInvokesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'DirectMethodInvokesNotInAllowedRange' (required) |
FailedLocalLoginsNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'FailedLocalLoginsNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
FailedLocalLoginsNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'FailedLocalLoginsNotInAllowedRange' (required) |
FileUploadsNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'FileUploadsNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
FileUploadsNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'FileUploadsNotInAllowedRange' (required) |
HttpC2DMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'HttpC2DMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
HttpC2DMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'HttpC2DMessagesNotInAllowedRange' (required) |
HttpC2DRejectedMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'HttpC2DRejectedMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
HttpC2DRejectedMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'HttpC2DRejectedMessagesNotInAllowedRange' (required) |
HttpD2CMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'HttpD2CMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
HttpD2CMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'HttpD2CMessagesNotInAllowedRange' (required) |
LocalUserNotAllowed
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'LocalUserNotAllowed' (required) |
Microsoft.Security/deviceSecurityGroups
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) |
| properties | Device Security group data | DeviceSecurityGroupProperties |
MqttC2DMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'MqttC2DMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
MqttC2DMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'MqttC2DMessagesNotInAllowedRange' (required) |
MqttC2DRejectedMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'MqttC2DRejectedMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
MqttC2DRejectedMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'MqttC2DRejectedMessagesNotInAllowedRange' (required) |
MqttD2CMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'MqttD2CMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
MqttD2CMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'MqttD2CMessagesNotInAllowedRange' (required) |
ProcessNotAllowed
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'ProcessNotAllowed' (required) |
QueuePurgesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'QueuePurgesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
QueuePurgesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'QueuePurgesNotInAllowedRange' (required) |
ThresholdCustomAlertRule
| Name | Description | Value |
|---|---|---|
| isEnabled | Status of the custom alert. | bool (required) |
| maxThreshold | The maximum threshold. | int (required) |
| minThreshold | The minimum threshold. | int (required) |
| ruleType | Set to 'ActiveConnectionsNotInAllowedRange' for type ActiveConnectionsNotInAllowedRange. Set to 'AmqpC2DMessagesNotInAllowedRange' for type AmqpC2DMessagesNotInAllowedRange. Set to 'AmqpC2DRejectedMessagesNotInAllowedRange' for type AmqpC2DRejectedMessagesNotInAllowedRange. Set to 'AmqpD2CMessagesNotInAllowedRange' for type AmqpD2CMessagesNotInAllowedRange. Set to 'DirectMethodInvokesNotInAllowedRange' for type DirectMethodInvokesNotInAllowedRange. Set to 'FailedLocalLoginsNotInAllowedRange' for type FailedLocalLoginsNotInAllowedRange. Set to 'FileUploadsNotInAllowedRange' for type FileUploadsNotInAllowedRange. Set to 'HttpC2DMessagesNotInAllowedRange' for type HttpC2DMessagesNotInAllowedRange. Set to 'HttpC2DRejectedMessagesNotInAllowedRange' for type HttpC2DRejectedMessagesNotInAllowedRange. Set to 'HttpD2CMessagesNotInAllowedRange' for type HttpD2CMessagesNotInAllowedRange. Set to 'MqttC2DMessagesNotInAllowedRange' for type MqttC2DMessagesNotInAllowedRange. Set to 'MqttC2DRejectedMessagesNotInAllowedRange' for type MqttC2DRejectedMessagesNotInAllowedRange. Set to 'MqttD2CMessagesNotInAllowedRange' for type MqttD2CMessagesNotInAllowedRange. Set to 'QueuePurgesNotInAllowedRange' for type QueuePurgesNotInAllowedRange. Set to 'TwinUpdatesNotInAllowedRange' for type TwinUpdatesNotInAllowedRange. Set to 'UnauthorizedOperationsNotInAllowedRange' for type UnauthorizedOperationsNotInAllowedRange. | 'ActiveConnectionsNotInAllowedRange' 'AmqpC2DMessagesNotInAllowedRange' 'AmqpC2DRejectedMessagesNotInAllowedRange' 'AmqpD2CMessagesNotInAllowedRange' 'DirectMethodInvokesNotInAllowedRange' 'FailedLocalLoginsNotInAllowedRange' 'FileUploadsNotInAllowedRange' 'HttpC2DMessagesNotInAllowedRange' 'HttpC2DRejectedMessagesNotInAllowedRange' 'HttpD2CMessagesNotInAllowedRange' 'MqttC2DMessagesNotInAllowedRange' 'MqttC2DRejectedMessagesNotInAllowedRange' 'MqttD2CMessagesNotInAllowedRange' 'QueuePurgesNotInAllowedRange' 'TwinUpdatesNotInAllowedRange' 'UnauthorizedOperationsNotInAllowedRange' (required) |
TimeWindowCustomAlertRule
| Name | Description | Value |
|---|---|---|
| isEnabled | Status of the custom alert. | bool (required) |
| maxThreshold | The maximum threshold. | int (required) |
| minThreshold | The minimum threshold. | int (required) |
| ruleType | Set to 'ActiveConnectionsNotInAllowedRange' for type ActiveConnectionsNotInAllowedRange. Set to 'AmqpC2DMessagesNotInAllowedRange' for type AmqpC2DMessagesNotInAllowedRange. Set to 'AmqpC2DRejectedMessagesNotInAllowedRange' for type AmqpC2DRejectedMessagesNotInAllowedRange. Set to 'AmqpD2CMessagesNotInAllowedRange' for type AmqpD2CMessagesNotInAllowedRange. Set to 'DirectMethodInvokesNotInAllowedRange' for type DirectMethodInvokesNotInAllowedRange. Set to 'FailedLocalLoginsNotInAllowedRange' for type FailedLocalLoginsNotInAllowedRange. Set to 'FileUploadsNotInAllowedRange' for type FileUploadsNotInAllowedRange. Set to 'HttpC2DMessagesNotInAllowedRange' for type HttpC2DMessagesNotInAllowedRange. Set to 'HttpC2DRejectedMessagesNotInAllowedRange' for type HttpC2DRejectedMessagesNotInAllowedRange. Set to 'HttpD2CMessagesNotInAllowedRange' for type HttpD2CMessagesNotInAllowedRange. Set to 'MqttC2DMessagesNotInAllowedRange' for type MqttC2DMessagesNotInAllowedRange. Set to 'MqttC2DRejectedMessagesNotInAllowedRange' for type MqttC2DRejectedMessagesNotInAllowedRange. Set to 'MqttD2CMessagesNotInAllowedRange' for type MqttD2CMessagesNotInAllowedRange. Set to 'QueuePurgesNotInAllowedRange' for type QueuePurgesNotInAllowedRange. Set to 'TwinUpdatesNotInAllowedRange' for type TwinUpdatesNotInAllowedRange. Set to 'UnauthorizedOperationsNotInAllowedRange' for type UnauthorizedOperationsNotInAllowedRange. | 'ActiveConnectionsNotInAllowedRange' 'AmqpC2DMessagesNotInAllowedRange' 'AmqpC2DRejectedMessagesNotInAllowedRange' 'AmqpD2CMessagesNotInAllowedRange' 'DirectMethodInvokesNotInAllowedRange' 'FailedLocalLoginsNotInAllowedRange' 'FileUploadsNotInAllowedRange' 'HttpC2DMessagesNotInAllowedRange' 'HttpC2DRejectedMessagesNotInAllowedRange' 'HttpD2CMessagesNotInAllowedRange' 'MqttC2DMessagesNotInAllowedRange' 'MqttC2DRejectedMessagesNotInAllowedRange' 'MqttD2CMessagesNotInAllowedRange' 'QueuePurgesNotInAllowedRange' 'TwinUpdatesNotInAllowedRange' 'UnauthorizedOperationsNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
TwinUpdatesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'TwinUpdatesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
TwinUpdatesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'TwinUpdatesNotInAllowedRange' (required) |
UnauthorizedOperationsNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'UnauthorizedOperationsNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
UnauthorizedOperationsNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'UnauthorizedOperationsNotInAllowedRange' (required) |
ARM template resource definition
The deviceSecurityGroups resource type can be deployed with operations that target:
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Security/deviceSecurityGroups resource, add the following JSON to your template.
{
"type": "Microsoft.Security/deviceSecurityGroups",
"apiVersion": "2019-08-01",
"name": "string",
"properties": {
"allowlistRules": [ {
"allowlistValues": [ "string" ],
"isEnabled": "bool",
"ruleType": "string"
// For remaining properties, see AllowlistCustomAlertRule objects
} ],
"denylistRules": [
{
"denylistValues": [ "string" ],
"isEnabled": "bool",
"ruleType": "string"
}
],
"thresholdRules": [ {
"isEnabled": "bool",
"maxThreshold": "int",
"minThreshold": "int",
"ruleType": "string"
// For remaining properties, see ThresholdCustomAlertRule objects
} ],
"timeWindowRules": [ {
"isEnabled": "bool",
"maxThreshold": "int",
"minThreshold": "int",
"timeWindowSize": "string",
"ruleType": "string"
// For remaining properties, see TimeWindowCustomAlertRule objects
} ]
}
}
TimeWindowCustomAlertRule objects
Set the ruleType property to specify the type of object.
For ActiveConnectionsNotInAllowedRange, use:
{
"ruleType": "ActiveConnectionsNotInAllowedRange"
}
For AmqpC2DMessagesNotInAllowedRange, use:
{
"ruleType": "AmqpC2DMessagesNotInAllowedRange"
}
For AmqpC2DRejectedMessagesNotInAllowedRange, use:
{
"ruleType": "AmqpC2DRejectedMessagesNotInAllowedRange"
}
For AmqpD2CMessagesNotInAllowedRange, use:
{
"ruleType": "AmqpD2CMessagesNotInAllowedRange"
}
For DirectMethodInvokesNotInAllowedRange, use:
{
"ruleType": "DirectMethodInvokesNotInAllowedRange"
}
For FailedLocalLoginsNotInAllowedRange, use:
{
"ruleType": "FailedLocalLoginsNotInAllowedRange"
}
For FileUploadsNotInAllowedRange, use:
{
"ruleType": "FileUploadsNotInAllowedRange"
}
For HttpC2DMessagesNotInAllowedRange, use:
{
"ruleType": "HttpC2DMessagesNotInAllowedRange"
}
For HttpC2DRejectedMessagesNotInAllowedRange, use:
{
"ruleType": "HttpC2DRejectedMessagesNotInAllowedRange"
}
For HttpD2CMessagesNotInAllowedRange, use:
{
"ruleType": "HttpD2CMessagesNotInAllowedRange"
}
For MqttC2DMessagesNotInAllowedRange, use:
{
"ruleType": "MqttC2DMessagesNotInAllowedRange"
}
For MqttC2DRejectedMessagesNotInAllowedRange, use:
{
"ruleType": "MqttC2DRejectedMessagesNotInAllowedRange"
}
For MqttD2CMessagesNotInAllowedRange, use:
{
"ruleType": "MqttD2CMessagesNotInAllowedRange"
}
For QueuePurgesNotInAllowedRange, use:
{
"ruleType": "QueuePurgesNotInAllowedRange"
}
For TwinUpdatesNotInAllowedRange, use:
{
"ruleType": "TwinUpdatesNotInAllowedRange"
}
For UnauthorizedOperationsNotInAllowedRange, use:
{
"ruleType": "UnauthorizedOperationsNotInAllowedRange"
}
AllowlistCustomAlertRule objects
Set the ruleType property to specify the type of object.
For ConnectionFromIpNotAllowed, use:
{
"ruleType": "ConnectionFromIpNotAllowed"
}
For ConnectionToIpNotAllowed, use:
{
"ruleType": "ConnectionToIpNotAllowed"
}
For LocalUserNotAllowed, use:
{
"ruleType": "LocalUserNotAllowed"
}
For ProcessNotAllowed, use:
{
"ruleType": "ProcessNotAllowed"
}
ThresholdCustomAlertRule objects
Set the ruleType property to specify the type of object.
For ActiveConnectionsNotInAllowedRange, use:
{
"ruleType": "ActiveConnectionsNotInAllowedRange",
"timeWindowSize": "string"
}
For AmqpC2DMessagesNotInAllowedRange, use:
{
"ruleType": "AmqpC2DMessagesNotInAllowedRange",
"timeWindowSize": "string"
}
For AmqpC2DRejectedMessagesNotInAllowedRange, use:
{
"ruleType": "AmqpC2DRejectedMessagesNotInAllowedRange",
"timeWindowSize": "string"
}
For AmqpD2CMessagesNotInAllowedRange, use:
{
"ruleType": "AmqpD2CMessagesNotInAllowedRange",
"timeWindowSize": "string"
}
For DirectMethodInvokesNotInAllowedRange, use:
{
"ruleType": "DirectMethodInvokesNotInAllowedRange",
"timeWindowSize": "string"
}
For FailedLocalLoginsNotInAllowedRange, use:
{
"ruleType": "FailedLocalLoginsNotInAllowedRange",
"timeWindowSize": "string"
}
For FileUploadsNotInAllowedRange, use:
{
"ruleType": "FileUploadsNotInAllowedRange",
"timeWindowSize": "string"
}
For HttpC2DMessagesNotInAllowedRange, use:
{
"ruleType": "HttpC2DMessagesNotInAllowedRange",
"timeWindowSize": "string"
}
For HttpC2DRejectedMessagesNotInAllowedRange, use:
{
"ruleType": "HttpC2DRejectedMessagesNotInAllowedRange",
"timeWindowSize": "string"
}
For HttpD2CMessagesNotInAllowedRange, use:
{
"ruleType": "HttpD2CMessagesNotInAllowedRange",
"timeWindowSize": "string"
}
For MqttC2DMessagesNotInAllowedRange, use:
{
"ruleType": "MqttC2DMessagesNotInAllowedRange",
"timeWindowSize": "string"
}
For MqttC2DRejectedMessagesNotInAllowedRange, use:
{
"ruleType": "MqttC2DRejectedMessagesNotInAllowedRange",
"timeWindowSize": "string"
}
For MqttD2CMessagesNotInAllowedRange, use:
{
"ruleType": "MqttD2CMessagesNotInAllowedRange",
"timeWindowSize": "string"
}
For QueuePurgesNotInAllowedRange, use:
{
"ruleType": "QueuePurgesNotInAllowedRange",
"timeWindowSize": "string"
}
For TwinUpdatesNotInAllowedRange, use:
{
"ruleType": "TwinUpdatesNotInAllowedRange",
"timeWindowSize": "string"
}
For UnauthorizedOperationsNotInAllowedRange, use:
{
"ruleType": "UnauthorizedOperationsNotInAllowedRange",
"timeWindowSize": "string"
}
Property values
ActiveConnectionsNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'ActiveConnectionsNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
ActiveConnectionsNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'ActiveConnectionsNotInAllowedRange' (required) |
AllowlistCustomAlertRule
| Name | Description | Value |
|---|---|---|
| allowlistValues | The values to allow. The format of the values depends on the rule type. | string[] (required) |
| isEnabled | Status of the custom alert. | bool (required) |
| ruleType | Set to 'ConnectionFromIpNotAllowed' for type ConnectionFromIpNotAllowed. Set to 'ConnectionToIpNotAllowed' for type ConnectionToIpNotAllowed. Set to 'LocalUserNotAllowed' for type LocalUserNotAllowed. Set to 'ProcessNotAllowed' for type ProcessNotAllowed. | 'ConnectionFromIpNotAllowed' 'ConnectionToIpNotAllowed' 'LocalUserNotAllowed' 'ProcessNotAllowed' (required) |
AmqpC2DMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'AmqpC2DMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
AmqpC2DMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'AmqpC2DMessagesNotInAllowedRange' (required) |
AmqpC2DRejectedMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'AmqpC2DRejectedMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
AmqpC2DRejectedMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'AmqpC2DRejectedMessagesNotInAllowedRange' (required) |
AmqpD2CMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'AmqpD2CMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
AmqpD2CMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'AmqpD2CMessagesNotInAllowedRange' (required) |
ConnectionFromIpNotAllowed
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'ConnectionFromIpNotAllowed' (required) |
ConnectionToIpNotAllowed
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'ConnectionToIpNotAllowed' (required) |
DenylistCustomAlertRule
| Name | Description | Value |
|---|---|---|
| denylistValues | The values to deny. The format of the values depends on the rule type. | string[] (required) |
| isEnabled | Status of the custom alert. | bool (required) |
| ruleType | The type of the custom alert rule. | string (required) |
DeviceSecurityGroupProperties
| Name | Description | Value |
|---|---|---|
| allowlistRules | The allow-list custom alert rules. | AllowlistCustomAlertRule[] |
| denylistRules | The deny-list custom alert rules. | DenylistCustomAlertRule[] |
| thresholdRules | The list of custom alert threshold rules. | ThresholdCustomAlertRule[] |
| timeWindowRules | The list of custom alert time-window rules. | TimeWindowCustomAlertRule[] |
DirectMethodInvokesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'DirectMethodInvokesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
DirectMethodInvokesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'DirectMethodInvokesNotInAllowedRange' (required) |
FailedLocalLoginsNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'FailedLocalLoginsNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
FailedLocalLoginsNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'FailedLocalLoginsNotInAllowedRange' (required) |
FileUploadsNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'FileUploadsNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
FileUploadsNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'FileUploadsNotInAllowedRange' (required) |
HttpC2DMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'HttpC2DMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
HttpC2DMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'HttpC2DMessagesNotInAllowedRange' (required) |
HttpC2DRejectedMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'HttpC2DRejectedMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
HttpC2DRejectedMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'HttpC2DRejectedMessagesNotInAllowedRange' (required) |
HttpD2CMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'HttpD2CMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
HttpD2CMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'HttpD2CMessagesNotInAllowedRange' (required) |
LocalUserNotAllowed
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'LocalUserNotAllowed' (required) |
Microsoft.Security/deviceSecurityGroups
| Name | Description | Value |
|---|---|---|
| apiVersion | The api version | '2019-08-01' |
| name | The resource name | string (required) |
| properties | Device Security group data | DeviceSecurityGroupProperties |
| type | The resource type | 'Microsoft.Security/deviceSecurityGroups' |
MqttC2DMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'MqttC2DMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
MqttC2DMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'MqttC2DMessagesNotInAllowedRange' (required) |
MqttC2DRejectedMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'MqttC2DRejectedMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
MqttC2DRejectedMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'MqttC2DRejectedMessagesNotInAllowedRange' (required) |
MqttD2CMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'MqttD2CMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
MqttD2CMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'MqttD2CMessagesNotInAllowedRange' (required) |
ProcessNotAllowed
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'ProcessNotAllowed' (required) |
QueuePurgesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'QueuePurgesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
QueuePurgesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'QueuePurgesNotInAllowedRange' (required) |
ThresholdCustomAlertRule
| Name | Description | Value |
|---|---|---|
| isEnabled | Status of the custom alert. | bool (required) |
| maxThreshold | The maximum threshold. | int (required) |
| minThreshold | The minimum threshold. | int (required) |
| ruleType | Set to 'ActiveConnectionsNotInAllowedRange' for type ActiveConnectionsNotInAllowedRange. Set to 'AmqpC2DMessagesNotInAllowedRange' for type AmqpC2DMessagesNotInAllowedRange. Set to 'AmqpC2DRejectedMessagesNotInAllowedRange' for type AmqpC2DRejectedMessagesNotInAllowedRange. Set to 'AmqpD2CMessagesNotInAllowedRange' for type AmqpD2CMessagesNotInAllowedRange. Set to 'DirectMethodInvokesNotInAllowedRange' for type DirectMethodInvokesNotInAllowedRange. Set to 'FailedLocalLoginsNotInAllowedRange' for type FailedLocalLoginsNotInAllowedRange. Set to 'FileUploadsNotInAllowedRange' for type FileUploadsNotInAllowedRange. Set to 'HttpC2DMessagesNotInAllowedRange' for type HttpC2DMessagesNotInAllowedRange. Set to 'HttpC2DRejectedMessagesNotInAllowedRange' for type HttpC2DRejectedMessagesNotInAllowedRange. Set to 'HttpD2CMessagesNotInAllowedRange' for type HttpD2CMessagesNotInAllowedRange. Set to 'MqttC2DMessagesNotInAllowedRange' for type MqttC2DMessagesNotInAllowedRange. Set to 'MqttC2DRejectedMessagesNotInAllowedRange' for type MqttC2DRejectedMessagesNotInAllowedRange. Set to 'MqttD2CMessagesNotInAllowedRange' for type MqttD2CMessagesNotInAllowedRange. Set to 'QueuePurgesNotInAllowedRange' for type QueuePurgesNotInAllowedRange. Set to 'TwinUpdatesNotInAllowedRange' for type TwinUpdatesNotInAllowedRange. Set to 'UnauthorizedOperationsNotInAllowedRange' for type UnauthorizedOperationsNotInAllowedRange. | 'ActiveConnectionsNotInAllowedRange' 'AmqpC2DMessagesNotInAllowedRange' 'AmqpC2DRejectedMessagesNotInAllowedRange' 'AmqpD2CMessagesNotInAllowedRange' 'DirectMethodInvokesNotInAllowedRange' 'FailedLocalLoginsNotInAllowedRange' 'FileUploadsNotInAllowedRange' 'HttpC2DMessagesNotInAllowedRange' 'HttpC2DRejectedMessagesNotInAllowedRange' 'HttpD2CMessagesNotInAllowedRange' 'MqttC2DMessagesNotInAllowedRange' 'MqttC2DRejectedMessagesNotInAllowedRange' 'MqttD2CMessagesNotInAllowedRange' 'QueuePurgesNotInAllowedRange' 'TwinUpdatesNotInAllowedRange' 'UnauthorizedOperationsNotInAllowedRange' (required) |
TimeWindowCustomAlertRule
| Name | Description | Value |
|---|---|---|
| isEnabled | Status of the custom alert. | bool (required) |
| maxThreshold | The maximum threshold. | int (required) |
| minThreshold | The minimum threshold. | int (required) |
| ruleType | Set to 'ActiveConnectionsNotInAllowedRange' for type ActiveConnectionsNotInAllowedRange. Set to 'AmqpC2DMessagesNotInAllowedRange' for type AmqpC2DMessagesNotInAllowedRange. Set to 'AmqpC2DRejectedMessagesNotInAllowedRange' for type AmqpC2DRejectedMessagesNotInAllowedRange. Set to 'AmqpD2CMessagesNotInAllowedRange' for type AmqpD2CMessagesNotInAllowedRange. Set to 'DirectMethodInvokesNotInAllowedRange' for type DirectMethodInvokesNotInAllowedRange. Set to 'FailedLocalLoginsNotInAllowedRange' for type FailedLocalLoginsNotInAllowedRange. Set to 'FileUploadsNotInAllowedRange' for type FileUploadsNotInAllowedRange. Set to 'HttpC2DMessagesNotInAllowedRange' for type HttpC2DMessagesNotInAllowedRange. Set to 'HttpC2DRejectedMessagesNotInAllowedRange' for type HttpC2DRejectedMessagesNotInAllowedRange. Set to 'HttpD2CMessagesNotInAllowedRange' for type HttpD2CMessagesNotInAllowedRange. Set to 'MqttC2DMessagesNotInAllowedRange' for type MqttC2DMessagesNotInAllowedRange. Set to 'MqttC2DRejectedMessagesNotInAllowedRange' for type MqttC2DRejectedMessagesNotInAllowedRange. Set to 'MqttD2CMessagesNotInAllowedRange' for type MqttD2CMessagesNotInAllowedRange. Set to 'QueuePurgesNotInAllowedRange' for type QueuePurgesNotInAllowedRange. Set to 'TwinUpdatesNotInAllowedRange' for type TwinUpdatesNotInAllowedRange. Set to 'UnauthorizedOperationsNotInAllowedRange' for type UnauthorizedOperationsNotInAllowedRange. | 'ActiveConnectionsNotInAllowedRange' 'AmqpC2DMessagesNotInAllowedRange' 'AmqpC2DRejectedMessagesNotInAllowedRange' 'AmqpD2CMessagesNotInAllowedRange' 'DirectMethodInvokesNotInAllowedRange' 'FailedLocalLoginsNotInAllowedRange' 'FileUploadsNotInAllowedRange' 'HttpC2DMessagesNotInAllowedRange' 'HttpC2DRejectedMessagesNotInAllowedRange' 'HttpD2CMessagesNotInAllowedRange' 'MqttC2DMessagesNotInAllowedRange' 'MqttC2DRejectedMessagesNotInAllowedRange' 'MqttD2CMessagesNotInAllowedRange' 'QueuePurgesNotInAllowedRange' 'TwinUpdatesNotInAllowedRange' 'UnauthorizedOperationsNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
TwinUpdatesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'TwinUpdatesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
TwinUpdatesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'TwinUpdatesNotInAllowedRange' (required) |
UnauthorizedOperationsNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'UnauthorizedOperationsNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
UnauthorizedOperationsNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'UnauthorizedOperationsNotInAllowedRange' (required) |
Terraform (AzAPI provider) resource definition
The deviceSecurityGroups resource type can be deployed with operations that target:
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Security/deviceSecurityGroups resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.Security/deviceSecurityGroups@2019-08-01"
name = "string"
body = jsonencode({
properties = {
allowlistRules = [
{
allowlistValues = [
"string"
]
isEnabled = bool
ruleType = "string"
// For remaining properties, see AllowlistCustomAlertRule objects
}
]
denylistRules = [
{
denylistValues = [
"string"
]
isEnabled = bool
ruleType = "string"
}
]
thresholdRules = [
{
isEnabled = bool
maxThreshold = int
minThreshold = int
ruleType = "string"
// For remaining properties, see ThresholdCustomAlertRule objects
}
]
timeWindowRules = [
{
isEnabled = bool
maxThreshold = int
minThreshold = int
timeWindowSize = "string"
ruleType = "string"
// For remaining properties, see TimeWindowCustomAlertRule objects
}
]
}
})
}
TimeWindowCustomAlertRule objects
Set the ruleType property to specify the type of object.
For ActiveConnectionsNotInAllowedRange, use:
{
ruleType = "ActiveConnectionsNotInAllowedRange"
}
For AmqpC2DMessagesNotInAllowedRange, use:
{
ruleType = "AmqpC2DMessagesNotInAllowedRange"
}
For AmqpC2DRejectedMessagesNotInAllowedRange, use:
{
ruleType = "AmqpC2DRejectedMessagesNotInAllowedRange"
}
For AmqpD2CMessagesNotInAllowedRange, use:
{
ruleType = "AmqpD2CMessagesNotInAllowedRange"
}
For DirectMethodInvokesNotInAllowedRange, use:
{
ruleType = "DirectMethodInvokesNotInAllowedRange"
}
For FailedLocalLoginsNotInAllowedRange, use:
{
ruleType = "FailedLocalLoginsNotInAllowedRange"
}
For FileUploadsNotInAllowedRange, use:
{
ruleType = "FileUploadsNotInAllowedRange"
}
For HttpC2DMessagesNotInAllowedRange, use:
{
ruleType = "HttpC2DMessagesNotInAllowedRange"
}
For HttpC2DRejectedMessagesNotInAllowedRange, use:
{
ruleType = "HttpC2DRejectedMessagesNotInAllowedRange"
}
For HttpD2CMessagesNotInAllowedRange, use:
{
ruleType = "HttpD2CMessagesNotInAllowedRange"
}
For MqttC2DMessagesNotInAllowedRange, use:
{
ruleType = "MqttC2DMessagesNotInAllowedRange"
}
For MqttC2DRejectedMessagesNotInAllowedRange, use:
{
ruleType = "MqttC2DRejectedMessagesNotInAllowedRange"
}
For MqttD2CMessagesNotInAllowedRange, use:
{
ruleType = "MqttD2CMessagesNotInAllowedRange"
}
For QueuePurgesNotInAllowedRange, use:
{
ruleType = "QueuePurgesNotInAllowedRange"
}
For TwinUpdatesNotInAllowedRange, use:
{
ruleType = "TwinUpdatesNotInAllowedRange"
}
For UnauthorizedOperationsNotInAllowedRange, use:
{
ruleType = "UnauthorizedOperationsNotInAllowedRange"
}
AllowlistCustomAlertRule objects
Set the ruleType property to specify the type of object.
For ConnectionFromIpNotAllowed, use:
{
ruleType = "ConnectionFromIpNotAllowed"
}
For ConnectionToIpNotAllowed, use:
{
ruleType = "ConnectionToIpNotAllowed"
}
For LocalUserNotAllowed, use:
{
ruleType = "LocalUserNotAllowed"
}
For ProcessNotAllowed, use:
{
ruleType = "ProcessNotAllowed"
}
ThresholdCustomAlertRule objects
Set the ruleType property to specify the type of object.
For ActiveConnectionsNotInAllowedRange, use:
{
ruleType = "ActiveConnectionsNotInAllowedRange"
timeWindowSize = "string"
}
For AmqpC2DMessagesNotInAllowedRange, use:
{
ruleType = "AmqpC2DMessagesNotInAllowedRange"
timeWindowSize = "string"
}
For AmqpC2DRejectedMessagesNotInAllowedRange, use:
{
ruleType = "AmqpC2DRejectedMessagesNotInAllowedRange"
timeWindowSize = "string"
}
For AmqpD2CMessagesNotInAllowedRange, use:
{
ruleType = "AmqpD2CMessagesNotInAllowedRange"
timeWindowSize = "string"
}
For DirectMethodInvokesNotInAllowedRange, use:
{
ruleType = "DirectMethodInvokesNotInAllowedRange"
timeWindowSize = "string"
}
For FailedLocalLoginsNotInAllowedRange, use:
{
ruleType = "FailedLocalLoginsNotInAllowedRange"
timeWindowSize = "string"
}
For FileUploadsNotInAllowedRange, use:
{
ruleType = "FileUploadsNotInAllowedRange"
timeWindowSize = "string"
}
For HttpC2DMessagesNotInAllowedRange, use:
{
ruleType = "HttpC2DMessagesNotInAllowedRange"
timeWindowSize = "string"
}
For HttpC2DRejectedMessagesNotInAllowedRange, use:
{
ruleType = "HttpC2DRejectedMessagesNotInAllowedRange"
timeWindowSize = "string"
}
For HttpD2CMessagesNotInAllowedRange, use:
{
ruleType = "HttpD2CMessagesNotInAllowedRange"
timeWindowSize = "string"
}
For MqttC2DMessagesNotInAllowedRange, use:
{
ruleType = "MqttC2DMessagesNotInAllowedRange"
timeWindowSize = "string"
}
For MqttC2DRejectedMessagesNotInAllowedRange, use:
{
ruleType = "MqttC2DRejectedMessagesNotInAllowedRange"
timeWindowSize = "string"
}
For MqttD2CMessagesNotInAllowedRange, use:
{
ruleType = "MqttD2CMessagesNotInAllowedRange"
timeWindowSize = "string"
}
For QueuePurgesNotInAllowedRange, use:
{
ruleType = "QueuePurgesNotInAllowedRange"
timeWindowSize = "string"
}
For TwinUpdatesNotInAllowedRange, use:
{
ruleType = "TwinUpdatesNotInAllowedRange"
timeWindowSize = "string"
}
For UnauthorizedOperationsNotInAllowedRange, use:
{
ruleType = "UnauthorizedOperationsNotInAllowedRange"
timeWindowSize = "string"
}
Property values
ActiveConnectionsNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'ActiveConnectionsNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
ActiveConnectionsNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'ActiveConnectionsNotInAllowedRange' (required) |
AllowlistCustomAlertRule
| Name | Description | Value |
|---|---|---|
| allowlistValues | The values to allow. The format of the values depends on the rule type. | string[] (required) |
| isEnabled | Status of the custom alert. | bool (required) |
| ruleType | Set to 'ConnectionFromIpNotAllowed' for type ConnectionFromIpNotAllowed. Set to 'ConnectionToIpNotAllowed' for type ConnectionToIpNotAllowed. Set to 'LocalUserNotAllowed' for type LocalUserNotAllowed. Set to 'ProcessNotAllowed' for type ProcessNotAllowed. | 'ConnectionFromIpNotAllowed' 'ConnectionToIpNotAllowed' 'LocalUserNotAllowed' 'ProcessNotAllowed' (required) |
AmqpC2DMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'AmqpC2DMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
AmqpC2DMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'AmqpC2DMessagesNotInAllowedRange' (required) |
AmqpC2DRejectedMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'AmqpC2DRejectedMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
AmqpC2DRejectedMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'AmqpC2DRejectedMessagesNotInAllowedRange' (required) |
AmqpD2CMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'AmqpD2CMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
AmqpD2CMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'AmqpD2CMessagesNotInAllowedRange' (required) |
ConnectionFromIpNotAllowed
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'ConnectionFromIpNotAllowed' (required) |
ConnectionToIpNotAllowed
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'ConnectionToIpNotAllowed' (required) |
DenylistCustomAlertRule
| Name | Description | Value |
|---|---|---|
| denylistValues | The values to deny. The format of the values depends on the rule type. | string[] (required) |
| isEnabled | Status of the custom alert. | bool (required) |
| ruleType | The type of the custom alert rule. | string (required) |
DeviceSecurityGroupProperties
| Name | Description | Value |
|---|---|---|
| allowlistRules | The allow-list custom alert rules. | AllowlistCustomAlertRule[] |
| denylistRules | The deny-list custom alert rules. | DenylistCustomAlertRule[] |
| thresholdRules | The list of custom alert threshold rules. | ThresholdCustomAlertRule[] |
| timeWindowRules | The list of custom alert time-window rules. | TimeWindowCustomAlertRule[] |
DirectMethodInvokesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'DirectMethodInvokesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
DirectMethodInvokesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'DirectMethodInvokesNotInAllowedRange' (required) |
FailedLocalLoginsNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'FailedLocalLoginsNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
FailedLocalLoginsNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'FailedLocalLoginsNotInAllowedRange' (required) |
FileUploadsNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'FileUploadsNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
FileUploadsNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'FileUploadsNotInAllowedRange' (required) |
HttpC2DMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'HttpC2DMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
HttpC2DMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'HttpC2DMessagesNotInAllowedRange' (required) |
HttpC2DRejectedMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'HttpC2DRejectedMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
HttpC2DRejectedMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'HttpC2DRejectedMessagesNotInAllowedRange' (required) |
HttpD2CMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'HttpD2CMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
HttpD2CMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'HttpD2CMessagesNotInAllowedRange' (required) |
LocalUserNotAllowed
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'LocalUserNotAllowed' (required) |
Microsoft.Security/deviceSecurityGroups
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) |
| properties | Device Security group data | DeviceSecurityGroupProperties |
| type | The resource type | "Microsoft.Security/deviceSecurityGroups@2019-08-01" |
MqttC2DMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'MqttC2DMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
MqttC2DMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'MqttC2DMessagesNotInAllowedRange' (required) |
MqttC2DRejectedMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'MqttC2DRejectedMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
MqttC2DRejectedMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'MqttC2DRejectedMessagesNotInAllowedRange' (required) |
MqttD2CMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'MqttD2CMessagesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
MqttD2CMessagesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'MqttD2CMessagesNotInAllowedRange' (required) |
ProcessNotAllowed
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'ProcessNotAllowed' (required) |
QueuePurgesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'QueuePurgesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
QueuePurgesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'QueuePurgesNotInAllowedRange' (required) |
ThresholdCustomAlertRule
| Name | Description | Value |
|---|---|---|
| isEnabled | Status of the custom alert. | bool (required) |
| maxThreshold | The maximum threshold. | int (required) |
| minThreshold | The minimum threshold. | int (required) |
| ruleType | Set to 'ActiveConnectionsNotInAllowedRange' for type ActiveConnectionsNotInAllowedRange. Set to 'AmqpC2DMessagesNotInAllowedRange' for type AmqpC2DMessagesNotInAllowedRange. Set to 'AmqpC2DRejectedMessagesNotInAllowedRange' for type AmqpC2DRejectedMessagesNotInAllowedRange. Set to 'AmqpD2CMessagesNotInAllowedRange' for type AmqpD2CMessagesNotInAllowedRange. Set to 'DirectMethodInvokesNotInAllowedRange' for type DirectMethodInvokesNotInAllowedRange. Set to 'FailedLocalLoginsNotInAllowedRange' for type FailedLocalLoginsNotInAllowedRange. Set to 'FileUploadsNotInAllowedRange' for type FileUploadsNotInAllowedRange. Set to 'HttpC2DMessagesNotInAllowedRange' for type HttpC2DMessagesNotInAllowedRange. Set to 'HttpC2DRejectedMessagesNotInAllowedRange' for type HttpC2DRejectedMessagesNotInAllowedRange. Set to 'HttpD2CMessagesNotInAllowedRange' for type HttpD2CMessagesNotInAllowedRange. Set to 'MqttC2DMessagesNotInAllowedRange' for type MqttC2DMessagesNotInAllowedRange. Set to 'MqttC2DRejectedMessagesNotInAllowedRange' for type MqttC2DRejectedMessagesNotInAllowedRange. Set to 'MqttD2CMessagesNotInAllowedRange' for type MqttD2CMessagesNotInAllowedRange. Set to 'QueuePurgesNotInAllowedRange' for type QueuePurgesNotInAllowedRange. Set to 'TwinUpdatesNotInAllowedRange' for type TwinUpdatesNotInAllowedRange. Set to 'UnauthorizedOperationsNotInAllowedRange' for type UnauthorizedOperationsNotInAllowedRange. | 'ActiveConnectionsNotInAllowedRange' 'AmqpC2DMessagesNotInAllowedRange' 'AmqpC2DRejectedMessagesNotInAllowedRange' 'AmqpD2CMessagesNotInAllowedRange' 'DirectMethodInvokesNotInAllowedRange' 'FailedLocalLoginsNotInAllowedRange' 'FileUploadsNotInAllowedRange' 'HttpC2DMessagesNotInAllowedRange' 'HttpC2DRejectedMessagesNotInAllowedRange' 'HttpD2CMessagesNotInAllowedRange' 'MqttC2DMessagesNotInAllowedRange' 'MqttC2DRejectedMessagesNotInAllowedRange' 'MqttD2CMessagesNotInAllowedRange' 'QueuePurgesNotInAllowedRange' 'TwinUpdatesNotInAllowedRange' 'UnauthorizedOperationsNotInAllowedRange' (required) |
TimeWindowCustomAlertRule
| Name | Description | Value |
|---|---|---|
| isEnabled | Status of the custom alert. | bool (required) |
| maxThreshold | The maximum threshold. | int (required) |
| minThreshold | The minimum threshold. | int (required) |
| ruleType | Set to 'ActiveConnectionsNotInAllowedRange' for type ActiveConnectionsNotInAllowedRange. Set to 'AmqpC2DMessagesNotInAllowedRange' for type AmqpC2DMessagesNotInAllowedRange. Set to 'AmqpC2DRejectedMessagesNotInAllowedRange' for type AmqpC2DRejectedMessagesNotInAllowedRange. Set to 'AmqpD2CMessagesNotInAllowedRange' for type AmqpD2CMessagesNotInAllowedRange. Set to 'DirectMethodInvokesNotInAllowedRange' for type DirectMethodInvokesNotInAllowedRange. Set to 'FailedLocalLoginsNotInAllowedRange' for type FailedLocalLoginsNotInAllowedRange. Set to 'FileUploadsNotInAllowedRange' for type FileUploadsNotInAllowedRange. Set to 'HttpC2DMessagesNotInAllowedRange' for type HttpC2DMessagesNotInAllowedRange. Set to 'HttpC2DRejectedMessagesNotInAllowedRange' for type HttpC2DRejectedMessagesNotInAllowedRange. Set to 'HttpD2CMessagesNotInAllowedRange' for type HttpD2CMessagesNotInAllowedRange. Set to 'MqttC2DMessagesNotInAllowedRange' for type MqttC2DMessagesNotInAllowedRange. Set to 'MqttC2DRejectedMessagesNotInAllowedRange' for type MqttC2DRejectedMessagesNotInAllowedRange. Set to 'MqttD2CMessagesNotInAllowedRange' for type MqttD2CMessagesNotInAllowedRange. Set to 'QueuePurgesNotInAllowedRange' for type QueuePurgesNotInAllowedRange. Set to 'TwinUpdatesNotInAllowedRange' for type TwinUpdatesNotInAllowedRange. Set to 'UnauthorizedOperationsNotInAllowedRange' for type UnauthorizedOperationsNotInAllowedRange. | 'ActiveConnectionsNotInAllowedRange' 'AmqpC2DMessagesNotInAllowedRange' 'AmqpC2DRejectedMessagesNotInAllowedRange' 'AmqpD2CMessagesNotInAllowedRange' 'DirectMethodInvokesNotInAllowedRange' 'FailedLocalLoginsNotInAllowedRange' 'FileUploadsNotInAllowedRange' 'HttpC2DMessagesNotInAllowedRange' 'HttpC2DRejectedMessagesNotInAllowedRange' 'HttpD2CMessagesNotInAllowedRange' 'MqttC2DMessagesNotInAllowedRange' 'MqttC2DRejectedMessagesNotInAllowedRange' 'MqttD2CMessagesNotInAllowedRange' 'QueuePurgesNotInAllowedRange' 'TwinUpdatesNotInAllowedRange' 'UnauthorizedOperationsNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
TwinUpdatesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'TwinUpdatesNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
TwinUpdatesNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'TwinUpdatesNotInAllowedRange' (required) |
UnauthorizedOperationsNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'UnauthorizedOperationsNotInAllowedRange' (required) |
| timeWindowSize | The time window size in iso8601 format. | string (required) |
UnauthorizedOperationsNotInAllowedRange
| Name | Description | Value |
|---|---|---|
| ruleType | The type of the custom alert rule. | 'UnauthorizedOperationsNotInAllowedRange' (required) |