Adaptive Network Hardenings - List By Extended Resource

リファレンス

Service:: Defender for Cloud

API Version:: 2020-01-01

拡張リソースのスコープ内のアダプティブネットワークセキュリティ強化リソースの一覧を取得します。

GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceNamespace}/{resourceType}/{resourceName}/providers/Microsoft.Security/adaptiveNetworkHardenings?api-version=2020-01-01

URI パラメーター

名前	/	必須	型	説明
resourceGroupName	path	True	string	ユーザーのサブスクリプション内のリソースグループの名前。名前の大文字と小文字は区別されます。 Regex pattern: `^[-\w\._]+$`
resourceName	path	True	string	リソースの名前。
resourceNamespace	path	True	string	リソースの名前空間。
resourceType	path	True	string	リソースの型。
subscriptionId	path	True	string	Azure サブスクリプション ID Regex pattern: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`
api-version	query	True	string	操作の API バージョン

応答

名前	型	説明
200 OK	AdaptiveNetworkHardeningsList	OK
Other Status Codes	CloudError	操作に失敗した理由を説明するエラー応答。

セキュリティ

azure_auth

Azure Active Directory OAuth2 フロー

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

名前	説明
user_impersonation	ユーザーアカウントの借用

例

List Adaptive Network Hardenings resources of an extended resource

Sample Request

GET https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.Security/adaptiveNetworkHardenings?api-version=2020-01-01


/**
 * Samples for AdaptiveNetworkHardenings ListByExtendedResource.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/security/resource-manager/Microsoft.Security/stable/2020-01-01/examples/AdaptiveNetworkHardenings/
     * ListByExtendedResourceAdaptiveNetworkHardenings_example.json
     */
    /**
     * Sample code: List Adaptive Network Hardenings resources of an extended resource.
     * 
     * @param manager Entry point to SecurityManager.
     */
    public static void listAdaptiveNetworkHardeningsResourcesOfAnExtendedResource(
        com.azure.resourcemanager.security.SecurityManager manager) {
        manager.adaptiveNetworkHardenings().listByExtendedResource("rg1", "Microsoft.Compute", "virtualMachines", "vm1",
            com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

package armsecurity_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/b43974e07d3204c4b6f8396627f5430994a7f7c9/specification/security/resource-manager/Microsoft.Security/stable/2020-01-01/examples/AdaptiveNetworkHardenings/ListByExtendedResourceAdaptiveNetworkHardenings_example.json
func ExampleAdaptiveNetworkHardeningsClient_NewListByExtendedResourcePager() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	pager := clientFactory.NewAdaptiveNetworkHardeningsClient().NewListByExtendedResourcePager("rg1", "Microsoft.Compute", "virtualMachines", "vm1", nil)
	for pager.More() {
		page, err := pager.NextPage(ctx)
		if err != nil {
			log.Fatalf("failed to advance page: %v", err)
		}
		for _, v := range page.Value {
			// You could use page here. We use blank identifier for just demo purposes.
			_ = v
		}
		// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
		// page.AdaptiveNetworkHardeningsList = armsecurity.AdaptiveNetworkHardeningsList{
		// 	Value: []*armsecurity.AdaptiveNetworkHardening{
		// 		{
		// 			Name: to.Ptr("default"),
		// 			Type: to.Ptr("Microsoft.Security/adaptiveNetworkHardenings"),
		// 			ID: to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.Security/adaptiveNetworkHardenings/default"),
		// 			Properties: &armsecurity.AdaptiveNetworkHardeningProperties{
		// 				EffectiveNetworkSecurityGroups: []*armsecurity.EffectiveNetworkSecurityGroups{
		// 					{
		// 						NetworkInterface: to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Network/networkInterfaces/nic1"),
		// 						NetworkSecurityGroups: []*string{
		// 							to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nicNsg"),
		// 							to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/subnetNsg")},
		// 						},
		// 						{
		// 							NetworkInterface: to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Network/networkInterfaces/nic2"),
		// 							NetworkSecurityGroups: []*string{
		// 								to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nicNsg2")},
		// 						}},
		// 						Rules: []*armsecurity.Rule{
		// 							{
		// 								Name: to.Ptr("rule1"),
		// 								DestinationPort: to.Ptr[int32](3389),
		// 								Direction: to.Ptr(armsecurity.DirectionInbound),
		// 								IPAddresses: []*string{
		// 									to.Ptr("100.10.1.1"),
		// 									to.Ptr("200.20.2.2"),
		// 									to.Ptr("81.199.3.0/24")},
		// 									Protocols: []*armsecurity.TransportProtocol{
		// 										to.Ptr(armsecurity.TransportProtocolTCP)},
		// 									},
		// 									{
		// 										Name: to.Ptr("rule2"),
		// 										DestinationPort: to.Ptr[int32](22),
		// 										Direction: to.Ptr(armsecurity.DirectionInbound),
		// 										IPAddresses: []*string{
		// 										},
		// 										Protocols: []*armsecurity.TransportProtocol{
		// 											to.Ptr(armsecurity.TransportProtocolTCP)},
		// 									}},
		// 									RulesCalculationTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-08-15T00:00:00.000Z"); return t}()),
		// 								},
		// 						}},
		// 					}
	}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Gets a list of Adaptive Network Hardenings resources in scope of an extended resource.
 *
 * @summary Gets a list of Adaptive Network Hardenings resources in scope of an extended resource.
 * x-ms-original-file: specification/security/resource-manager/Microsoft.Security/stable/2020-01-01/examples/AdaptiveNetworkHardenings/ListByExtendedResourceAdaptiveNetworkHardenings_example.json
 */
async function listAdaptiveNetworkHardeningsResourcesOfAnExtendedResource() {
  const subscriptionId =
    process.env["SECURITY_SUBSCRIPTION_ID"] || "20ff7fc3-e762-44dd-bd96-b71116dcdc23";
  const resourceGroupName = process.env["SECURITY_RESOURCE_GROUP"] || "rg1";
  const resourceNamespace = "Microsoft.Compute";
  const resourceType = "virtualMachines";
  const resourceName = "vm1";
  const credential = new DefaultAzureCredential();
  const client = new SecurityCenter(credential, subscriptionId);
  const resArray = new Array();
  for await (let item of client.adaptiveNetworkHardenings.listByExtendedResource(
    resourceGroupName,
    resourceNamespace,
    resourceType,
    resourceName
  )) {
    resArray.push(item);
  }
  console.log(resArray);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

using System;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.SecurityCenter;

// Generated from example definition: specification/security/resource-manager/Microsoft.Security/stable/2020-01-01/examples/AdaptiveNetworkHardenings/ListByExtendedResourceAdaptiveNetworkHardenings_example.json
// this example is just showing the usage of "AdaptiveNetworkHardenings_ListByExtendedResource" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this ResourceGroupResource created on azure
// for more information of creating ResourceGroupResource, please refer to the document of ResourceGroupResource
string subscriptionId = "20ff7fc3-e762-44dd-bd96-b71116dcdc23";
string resourceGroupName = "rg1";
ResourceIdentifier resourceGroupResourceId = ResourceGroupResource.CreateResourceIdentifier(subscriptionId, resourceGroupName);
ResourceGroupResource resourceGroupResource = client.GetResourceGroupResource(resourceGroupResourceId);

// get the collection of this AdaptiveNetworkHardeningResource
string resourceNamespace = "Microsoft.Compute";
string resourceType = "virtualMachines";
string resourceName = "vm1";
AdaptiveNetworkHardeningCollection collection = resourceGroupResource.GetAdaptiveNetworkHardenings(resourceNamespace, resourceType, resourceName);

// invoke the operation and iterate over the result
await foreach (AdaptiveNetworkHardeningResource item in collection.GetAllAsync())
{
    // the variable item is a resource, you could call other operations on this instance as well
    // but just for demo, we get its data from this resource instance
    AdaptiveNetworkHardeningData resourceData = item.Data;
    // for demo we just print out the id
    Console.WriteLine($"Succeeded on id: {resourceData.Id}");
}

Console.WriteLine($"Succeeded");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample Response

Status code:: 200

{
  "value": [
    {
      "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.Security/adaptiveNetworkHardenings/default",
      "name": "default",
      "type": "Microsoft.Security/adaptiveNetworkHardenings",
      "properties": {
        "rulesCalculationTime": "2018-08-15T00:00:00.0000000Z",
        "rules": [
          {
            "name": "rule1",
            "direction": "Inbound",
            "destinationPort": 3389,
            "protocols": [
              "TCP"
            ],
            "ipAddresses": [
              "100.10.1.1",
              "200.20.2.2",
              "81.199.3.0/24"
            ]
          },
          {
            "name": "rule2",
            "direction": "Inbound",
            "destinationPort": 22,
            "protocols": [
              "TCP"
            ],
            "ipAddresses": []
          }
        ],
        "effectiveNetworkSecurityGroups": [
          {
            "networkInterface": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Network/networkInterfaces/nic1",
            "networkSecurityGroups": [
              "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nicNsg",
              "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/subnetNsg"
            ]
          },
          {
            "networkInterface": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Network/networkInterfaces/nic2",
            "networkSecurityGroups": [
              "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nicNsg2"
            ]
          }
        ]
      }
    }
  ]
}

定義

名前	説明
AdaptiveNetworkHardening	一部の Azure リソースのアダプティブネットワークのセキュリティ強化設定を説明するプロパティを持つリソース
AdaptiveNetworkHardeningsList	ListAdaptiveNetworkHardenings API サービス呼び出しの応答
CloudError	失敗した操作のエラーの詳細を返す、すべての Azure Resource Manager API に対する一般的なエラー応答 (これは OData エラー応答形式にも従います)。
CloudErrorBody	エラーの詳細。
direction	ルールの方向
EffectiveNetworkSecurityGroups	ネットワークインターフェイスで有効なネットワークセキュリティグループについて説明します
ErrorAdditionalInfo	リソース管理エラーの追加情報。
Rule	一部 (プロトコル、ポート、方向) で Azure リソースと通信するために推奨されるリモートアドレスについて説明します。他のすべてのリモートアドレスはブロックすることをお勧めします
transportProtocol	ルールのトランスポートプロトコル