Adaptive Network Hardenings - List By Extended Resource

참조

Service:: Defender for Cloud

API Version:: 2020-01-01

확장 리소스의 scope 적응형 네트워크 강화 리소스 목록을 가져옵니다.

GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceNamespace}/{resourceType}/{resourceName}/providers/Microsoft.Security/adaptiveNetworkHardenings?api-version=2020-01-01

URI 매개 변수

Name	In(다음 안에)	필수	형식	Description
resourceGroupName	path	True	string	사용자의 구독 내에서 리소스 그룹의 이름입니다. 이름은 대소문자를 구분하지 않습니다. Regex pattern: `^[-\w\._]+$`
resourceName	path	True	string	리소스의 이름입니다.
resourceNamespace	path	True	string	리소스의 네임스페이스입니다.
resourceType	path	True	string	리소스 형식입니다.
subscriptionId	path	True	string	Azure 구독 ID입니다. Regex pattern: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`
api-version	query	True	string	작업에 대한 API 버전

응답

Name	형식	Description
200 OK	AdaptiveNetworkHardeningsList	정상
Other Status Codes	CloudError	작업이 실패한 이유를 설명하는 오류 응답입니다.

보안

azure_auth

Azure Active Directory OAuth2 Flow

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name	Description
user_impersonation	사용자 계정 가장

예제

List Adaptive Network Hardenings resources of an extended resource

Sample Request

GET https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.Security/adaptiveNetworkHardenings?api-version=2020-01-01


/**
 * Samples for AdaptiveNetworkHardenings ListByExtendedResource.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/security/resource-manager/Microsoft.Security/stable/2020-01-01/examples/AdaptiveNetworkHardenings/
     * ListByExtendedResourceAdaptiveNetworkHardenings_example.json
     */
    /**
     * Sample code: List Adaptive Network Hardenings resources of an extended resource.
     * 
     * @param manager Entry point to SecurityManager.
     */
    public static void listAdaptiveNetworkHardeningsResourcesOfAnExtendedResource(
        com.azure.resourcemanager.security.SecurityManager manager) {
        manager.adaptiveNetworkHardenings().listByExtendedResource("rg1", "Microsoft.Compute", "virtualMachines", "vm1",
            com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

package armsecurity_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/stable/2020-01-01/examples/AdaptiveNetworkHardenings/ListByExtendedResourceAdaptiveNetworkHardenings_example.json
func ExampleAdaptiveNetworkHardeningsClient_NewListByExtendedResourcePager() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	pager := clientFactory.NewAdaptiveNetworkHardeningsClient().NewListByExtendedResourcePager("rg1", "Microsoft.Compute", "virtualMachines", "vm1", nil)
	for pager.More() {
		page, err := pager.NextPage(ctx)
		if err != nil {
			log.Fatalf("failed to advance page: %v", err)
		}
		for _, v := range page.Value {
			// You could use page here. We use blank identifier for just demo purposes.
			_ = v
		}
		// If the HTTP response code is 200 as defined in example definition, your page structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
		// page.AdaptiveNetworkHardeningsList = armsecurity.AdaptiveNetworkHardeningsList{
		// 	Value: []*armsecurity.AdaptiveNetworkHardening{
		// 		{
		// 			Name: to.Ptr("default"),
		// 			Type: to.Ptr("Microsoft.Security/adaptiveNetworkHardenings"),
		// 			ID: to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.Security/adaptiveNetworkHardenings/default"),
		// 			Properties: &armsecurity.AdaptiveNetworkHardeningProperties{
		// 				EffectiveNetworkSecurityGroups: []*armsecurity.EffectiveNetworkSecurityGroups{
		// 					{
		// 						NetworkInterface: to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Network/networkInterfaces/nic1"),
		// 						NetworkSecurityGroups: []*string{
		// 							to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nicNsg"),
		// 							to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/subnetNsg")},
		// 						},
		// 						{
		// 							NetworkInterface: to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Network/networkInterfaces/nic2"),
		// 							NetworkSecurityGroups: []*string{
		// 								to.Ptr("/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nicNsg2")},
		// 						}},
		// 						Rules: []*armsecurity.Rule{
		// 							{
		// 								Name: to.Ptr("rule1"),
		// 								DestinationPort: to.Ptr[int32](3389),
		// 								Direction: to.Ptr(armsecurity.DirectionInbound),
		// 								IPAddresses: []*string{
		// 									to.Ptr("100.10.1.1"),
		// 									to.Ptr("200.20.2.2"),
		// 									to.Ptr("81.199.3.0/24")},
		// 									Protocols: []*armsecurity.TransportProtocol{
		// 										to.Ptr(armsecurity.TransportProtocolTCP)},
		// 									},
		// 									{
		// 										Name: to.Ptr("rule2"),
		// 										DestinationPort: to.Ptr[int32](22),
		// 										Direction: to.Ptr(armsecurity.DirectionInbound),
		// 										IPAddresses: []*string{
		// 										},
		// 										Protocols: []*armsecurity.TransportProtocol{
		// 											to.Ptr(armsecurity.TransportProtocolTCP)},
		// 									}},
		// 									RulesCalculationTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-08-15T00:00:00.000Z"); return t}()),
		// 								},
		// 						}},
		// 					}
	}
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Gets a list of Adaptive Network Hardenings resources in scope of an extended resource.
 *
 * @summary Gets a list of Adaptive Network Hardenings resources in scope of an extended resource.
 * x-ms-original-file: specification/security/resource-manager/Microsoft.Security/stable/2020-01-01/examples/AdaptiveNetworkHardenings/ListByExtendedResourceAdaptiveNetworkHardenings_example.json
 */
async function listAdaptiveNetworkHardeningsResourcesOfAnExtendedResource() {
  const subscriptionId =
    process.env["SECURITY_SUBSCRIPTION_ID"] || "20ff7fc3-e762-44dd-bd96-b71116dcdc23";
  const resourceGroupName = process.env["SECURITY_RESOURCE_GROUP"] || "rg1";
  const resourceNamespace = "Microsoft.Compute";
  const resourceType = "virtualMachines";
  const resourceName = "vm1";
  const credential = new DefaultAzureCredential();
  const client = new SecurityCenter(credential, subscriptionId);
  const resArray = new Array();
  for await (let item of client.adaptiveNetworkHardenings.listByExtendedResource(
    resourceGroupName,
    resourceNamespace,
    resourceType,
    resourceName,
  )) {
    resArray.push(item);
  }
  console.log(resArray);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

using System;
using System.Threading.Tasks;
using Azure;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.SecurityCenter;

// Generated from example definition: specification/security/resource-manager/Microsoft.Security/stable/2020-01-01/examples/AdaptiveNetworkHardenings/ListByExtendedResourceAdaptiveNetworkHardenings_example.json
// this example is just showing the usage of "AdaptiveNetworkHardenings_ListByExtendedResource" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this ResourceGroupResource created on azure
// for more information of creating ResourceGroupResource, please refer to the document of ResourceGroupResource
string subscriptionId = "20ff7fc3-e762-44dd-bd96-b71116dcdc23";
string resourceGroupName = "rg1";
ResourceIdentifier resourceGroupResourceId = ResourceGroupResource.CreateResourceIdentifier(subscriptionId, resourceGroupName);
ResourceGroupResource resourceGroupResource = client.GetResourceGroupResource(resourceGroupResourceId);

// get the collection of this AdaptiveNetworkHardeningResource
string resourceNamespace = "Microsoft.Compute";
string resourceType = "virtualMachines";
string resourceName = "vm1";
AdaptiveNetworkHardeningCollection collection = resourceGroupResource.GetAdaptiveNetworkHardenings(resourceNamespace, resourceType, resourceName);

// invoke the operation and iterate over the result
await foreach (AdaptiveNetworkHardeningResource item in collection.GetAllAsync())
{
    // the variable item is a resource, you could call other operations on this instance as well
    // but just for demo, we get its data from this resource instance
    AdaptiveNetworkHardeningData resourceData = item.Data;
    // for demo we just print out the id
    Console.WriteLine($"Succeeded on id: {resourceData.Id}");
}

Console.WriteLine($"Succeeded");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample Response

Status code:: 200

{
  "value": [
    {
      "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.Security/adaptiveNetworkHardenings/default",
      "name": "default",
      "type": "Microsoft.Security/adaptiveNetworkHardenings",
      "properties": {
        "rulesCalculationTime": "2018-08-15T00:00:00.0000000Z",
        "rules": [
          {
            "name": "rule1",
            "direction": "Inbound",
            "destinationPort": 3389,
            "protocols": [
              "TCP"
            ],
            "ipAddresses": [
              "100.10.1.1",
              "200.20.2.2",
              "81.199.3.0/24"
            ]
          },
          {
            "name": "rule2",
            "direction": "Inbound",
            "destinationPort": 22,
            "protocols": [
              "TCP"
            ],
            "ipAddresses": []
          }
        ],
        "effectiveNetworkSecurityGroups": [
          {
            "networkInterface": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Network/networkInterfaces/nic1",
            "networkSecurityGroups": [
              "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nicNsg",
              "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/subnetNsg"
            ]
          },
          {
            "networkInterface": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Network/networkInterfaces/nic2",
            "networkSecurityGroups": [
              "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nicNsg2"
            ]
          }
        ]
      }
    }
  ]
}

정의

Name	Description
AdaptiveNetworkHardening	속성이 일부 Azure 리소스에 대한 적응형 네트워크 강화 설정을 설명하는 리소스
AdaptiveNetworkHardeningsList	ListAdaptiveNetworkHardenings API 서비스 호출에 대한 응답
CloudError	실패한 작업에 대한 오류 세부 정보를 반환하는 모든 Azure Resource Manager API에 대한 일반적인 오류 응답입니다. OData 오류 응답 형식도 따릅니다.
CloudErrorBody	오류 세부 정보입니다.
direction	규칙의 방향
EffectiveNetworkSecurityGroups	네트워크 인터페이스에 적용되는 네트워크 보안 그룹에 대해 설명합니다.
ErrorAdditionalInfo	리소스 관리 오류 추가 정보입니다.
Rule	일부(프로토콜, 포트, 방향)에서 Azure 리소스와 통신하는 데 권장되는 원격 주소를 설명합니다. 다른 모든 원격 주소는 차단하는 것이 좋습니다.
transportProtocol	규칙의 전송 프로토콜