Adaptive Network Hardenings - Get

Référence

Service:: Defender for Cloud

API Version:: 2020-01-01

Obtient une seule ressource de renforcement du réseau adaptatif

GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceNamespace}/{resourceType}/{resourceName}/providers/Microsoft.Security/adaptiveNetworkHardenings/{adaptiveNetworkHardeningResourceName}?api-version=2020-01-01

Paramètres URI

Nom	Dans	Obligatoire	Type	Description
adaptiveNetworkHardeningResourceName	path	True	string	Nom de la ressource de renforcement du réseau adaptatif.
resourceGroupName	path	True	string	Nom du groupe de ressources dans l’abonnement de l’utilisateur. Le nom ne respecte pas la casse. Regex pattern: `^[-\w\._]+$`
resourceName	path	True	string	Nom de la ressource.
resourceNamespace	path	True	string	Espace de noms de la ressource.
resourceType	path	True	string	Type de la ressource.
subscriptionId	path	True	string	ID d’abonnement Azure Regex pattern: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`
api-version	query	True	string	Version de l’API pour l’opération

Réponses

Nom	Type	Description
200 OK	AdaptiveNetworkHardening	Ok
Other Status Codes	CloudError	Réponse d’erreur décrivant la raison de l’échec de l’opération.

Sécurité

azure_auth

Flux OAuth2 Azure Active Directory

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Nom	Description
user_impersonation	Emprunter l’identité de votre compte d’utilisateur

Exemples

Get a single Adaptive Network Hardening resource

Sample Request

GET https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.Security/adaptiveNetworkHardenings/default?api-version=2020-01-01

/** Samples for AdaptiveNetworkHardenings Get. */
public final class Main {
    /*
     * x-ms-original-file: specification/security/resource-manager/Microsoft.Security/stable/2020-01-01/examples/AdaptiveNetworkHardenings/GetAdaptiveNetworkHardening_example.json
     */
    /**
     * Sample code: Get a single Adaptive Network Hardening resource.
     *
     * @param manager Entry point to SecurityManager.
     */
    public static void getASingleAdaptiveNetworkHardeningResource(
        com.azure.resourcemanager.security.SecurityManager manager) {
        manager
            .adaptiveNetworkHardenings()
            .getWithResponse(
                "rg1", "Microsoft.Compute", "virtualMachines", "vm1", "default", com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

package armsecurity_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/stable/2020-01-01/examples/AdaptiveNetworkHardenings/GetAdaptiveNetworkHardening_example.json
func ExampleAdaptiveNetworkHardeningsClient_Get() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	res, err := clientFactory.NewAdaptiveNetworkHardeningsClient().Get(ctx, "rg1", "Microsoft.Compute", "virtualMachines", "vm1", "default", nil)
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
	// You could use response here. We use blank identifier for just demo purposes.
	_ = res
	// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
	// res.AdaptiveNetworkHardening = armsecurity.AdaptiveNetworkHardening{
	// 	Name: to.Ptr("default"),
	// 	Type: to.Ptr("Microsoft.Security/adaptiveNetworkHardenings"),
	// 	ID: to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.Security/adaptiveNetworkHardenings/default"),
	// 	Properties: &armsecurity.AdaptiveNetworkHardeningProperties{
	// 		EffectiveNetworkSecurityGroups: []*armsecurity.EffectiveNetworkSecurityGroups{
	// 			{
	// 				NetworkInterface: to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Network/networkInterfaces/nic1"),
	// 				NetworkSecurityGroups: []*string{
	// 					to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nicNsg"),
	// 					to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/subnetNsg")},
	// 				},
	// 				{
	// 					NetworkInterface: to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg2/providers/Microsoft.Network/networkInterfaces/nic2"),
	// 					NetworkSecurityGroups: []*string{
	// 						to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg2/providers/Microsoft.Network/networkSecurityGroups/nicNsg")},
	// 				}},
	// 				Rules: []*armsecurity.Rule{
	// 					{
	// 						Name: to.Ptr("rule1"),
	// 						DestinationPort: to.Ptr[int32](3389),
	// 						Direction: to.Ptr(armsecurity.DirectionInbound),
	// 						IPAddresses: []*string{
	// 							to.Ptr("100.10.1.1"),
	// 							to.Ptr("200.20.2.2"),
	// 							to.Ptr("81.199.3.0/24")},
	// 							Protocols: []*armsecurity.TransportProtocol{
	// 								to.Ptr(armsecurity.TransportProtocolTCP)},
	// 							},
	// 							{
	// 								Name: to.Ptr("rule2"),
	// 								DestinationPort: to.Ptr[int32](22),
	// 								Direction: to.Ptr(armsecurity.DirectionInbound),
	// 								IPAddresses: []*string{
	// 								},
	// 								Protocols: []*armsecurity.TransportProtocol{
	// 									to.Ptr(armsecurity.TransportProtocolTCP)},
	// 							}},
	// 							RulesCalculationTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-08-15T00:00:00.000Z"); return t}()),
	// 						},
	// 					}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Gets a single Adaptive Network Hardening resource
 *
 * @summary Gets a single Adaptive Network Hardening resource
 * x-ms-original-file: specification/security/resource-manager/Microsoft.Security/stable/2020-01-01/examples/AdaptiveNetworkHardenings/GetAdaptiveNetworkHardening_example.json
 */
async function getASingleAdaptiveNetworkHardeningResource() {
  const subscriptionId =
    process.env["SECURITY_SUBSCRIPTION_ID"] || "20ff7fc3-e762-44dd-bd96-b71116dcdc23";
  const resourceGroupName = process.env["SECURITY_RESOURCE_GROUP"] || "rg1";
  const resourceNamespace = "Microsoft.Compute";
  const resourceType = "virtualMachines";
  const resourceName = "vm1";
  const adaptiveNetworkHardeningResourceName = "default";
  const credential = new DefaultAzureCredential();
  const client = new SecurityCenter(credential, subscriptionId);
  const result = await client.adaptiveNetworkHardenings.get(
    resourceGroupName,
    resourceNamespace,
    resourceType,
    resourceName,
    adaptiveNetworkHardeningResourceName,
  );
  console.log(result);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

using System;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.SecurityCenter;
using Azure.ResourceManager.SecurityCenter.Models;

// Generated from example definition: specification/security/resource-manager/Microsoft.Security/stable/2020-01-01/examples/AdaptiveNetworkHardenings/GetAdaptiveNetworkHardening_example.json
// this example is just showing the usage of "AdaptiveNetworkHardenings_Get" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this AdaptiveNetworkHardeningResource created on azure
// for more information of creating AdaptiveNetworkHardeningResource, please refer to the document of AdaptiveNetworkHardeningResource
string subscriptionId = "20ff7fc3-e762-44dd-bd96-b71116dcdc23";
string resourceGroupName = "rg1";
string resourceNamespace = "Microsoft.Compute";
string resourceType = "virtualMachines";
string resourceName = "vm1";
string adaptiveNetworkHardeningResourceName = "default";
ResourceIdentifier adaptiveNetworkHardeningResourceId = AdaptiveNetworkHardeningResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, resourceNamespace, resourceType, resourceName, adaptiveNetworkHardeningResourceName);
AdaptiveNetworkHardeningResource adaptiveNetworkHardening = client.GetAdaptiveNetworkHardeningResource(adaptiveNetworkHardeningResourceId);

// invoke the operation
AdaptiveNetworkHardeningResource result = await adaptiveNetworkHardening.GetAsync();

// the variable result is a resource, you could call other operations on this instance as well
// but just for demo, we get its data from this resource instance
AdaptiveNetworkHardeningData resourceData = result.Data;
// for demo we just print out the id
Console.WriteLine($"Succeeded on id: {resourceData.Id}");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample Response

Status code:: 200

{
  "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.Security/adaptiveNetworkHardenings/default",
  "name": "default",
  "type": "Microsoft.Security/adaptiveNetworkHardenings",
  "properties": {
    "rulesCalculationTime": "2018-08-15T00:00:00.0000000Z",
    "rules": [
      {
        "name": "rule1",
        "direction": "Inbound",
        "destinationPort": 3389,
        "protocols": [
          "TCP"
        ],
        "ipAddresses": [
          "100.10.1.1",
          "200.20.2.2",
          "81.199.3.0/24"
        ]
      },
      {
        "name": "rule2",
        "direction": "Inbound",
        "destinationPort": 22,
        "protocols": [
          "TCP"
        ],
        "ipAddresses": []
      }
    ],
    "effectiveNetworkSecurityGroups": [
      {
        "networkInterface": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Network/networkInterfaces/nic1",
        "networkSecurityGroups": [
          "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nicNsg",
          "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/subnetNsg"
        ]
      },
      {
        "networkInterface": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg2/providers/Microsoft.Network/networkInterfaces/nic2",
        "networkSecurityGroups": [
          "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg2/providers/Microsoft.Network/networkSecurityGroups/nicNsg"
        ]
      }
    ]
  }
}

Définitions

Nom	Description
AdaptiveNetworkHardening	Ressource dont les propriétés décrivent les paramètres de renforcement du réseau adaptatif pour une ressource Azure
CloudError	Réponse d’erreur courante pour toutes les API Azure Resource Manager pour retourner les détails de l’erreur concernant les opérations ayant échoué. (Cela suit également le format de réponse d’erreur OData.).
CloudErrorBody	Détail de l’erreur.
direction	Direction de la règle
EffectiveNetworkSecurityGroups	Décrit les groupes de sécurité réseau effectifs sur une interface réseau
ErrorAdditionalInfo	Informations supplémentaires sur l’erreur de gestion des ressources.
Rule	Décrit les adresses distantes recommandées pour communiquer avec la ressource Azure sur certaines (Protocole, Port, Direction). Il est recommandé de bloquer toutes les autres adresses distantes
transportProtocol	Protocoles de transport de la règle

AdaptiveNetworkHardening

Ressource dont les propriétés décrivent les paramètres de renforcement du réseau adaptatif pour une ressource Azure

Nom	Type	Description
id	string	ID de ressource
name	string	Nom de la ressource
properties.effectiveNetworkSecurityGroups	EffectiveNetworkSecurityGroups[]	Groupes de sécurité réseau effectifs sur les interfaces réseau de la ressource protégée
properties.rules	Rule[]	Règles de sécurité recommandées pour être effectives sur la machine virtuelle
properties.rulesCalculationTime	string	Heure UTC sur laquelle les règles ont été calculées
type	string	Type de ressource

CloudError

Réponse d’erreur courante pour toutes les API Azure Resource Manager pour retourner les détails de l’erreur concernant les opérations ayant échoué. (Cela suit également le format de réponse d’erreur OData.).

Nom	Type	Description
error.additionalInfo	ErrorAdditionalInfo[]	Informations supplémentaires sur l’erreur.
error.code	string	Code d'erreur.
error.details	CloudErrorBody[]	Détails de l’erreur.
error.message	string	Message d’erreur.
error.target	string	Cible d’erreur.

CloudErrorBody

Détail de l’erreur.

Nom	Type	Description
additionalInfo	ErrorAdditionalInfo[]	Informations supplémentaires sur l’erreur.
code	string	Code d'erreur.
details	CloudErrorBody[]	Détails de l’erreur.
message	string	Message d’erreur.
target	string	Cible d’erreur.

direction

Direction de la règle

Nom	Type	Description
Inbound	string
Outbound	string

EffectiveNetworkSecurityGroups

Décrit les groupes de sécurité réseau effectifs sur une interface réseau

Nom	Type	Description
networkInterface	string	ID de ressource Azure de l’interface réseau
networkSecurityGroups	string[]	Groupes de sécurité réseau effectifs sur l’interface réseau

ErrorAdditionalInfo

Informations supplémentaires sur l’erreur de gestion des ressources.

Nom	Type	Description
info	object	Informations supplémentaires
type	string	Type d’informations supplémentaires.

Rule

Décrit les adresses distantes recommandées pour communiquer avec la ressource Azure sur certaines (Protocole, Port, Direction). Il est recommandé de bloquer toutes les autres adresses distantes

Nom	Type	Description
destinationPort	integer	Port de destination de la règle
direction	direction	Direction de la règle
ipAddresses	string[]	Adresses IP distantes qui doivent pouvoir communiquer avec la ressource Azure sur le port de destination et le protocole de la règle
name	string	Nom de la règle
protocols	transportProtocol[]	Protocoles de transport de la règle

transportProtocol

Protocoles de transport de la règle

Nom	Type	Description
TCP	string
UDP	string

Partager via

Adaptive Network Hardenings - Get

Paramètres URI

Réponses

Sécurité

azure_auth

Scopes

Exemples

Get a single Adaptive Network Hardening resource

Sample Request

Sample Response

Définitions

AdaptiveNetworkHardening

CloudError

CloudErrorBody

direction

EffectiveNetworkSecurityGroups

ErrorAdditionalInfo

Rule

transportProtocol

Ressources supplémentaires