Allowed Connections - Get

Service:

Defender for Cloud

API Version:

2020-01-01

연결 유형에 따라 구독과 위치의 리소스 간에 가능한 모든 트래픽 목록을 가져옵니다.

GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/allowedConnections/{connectionType}?api-version=2020-01-01

URI 매개 변수

Name	In(다음 안에)	필수	형식	Description
ascLocation	path	True	string	ASC가 구독의 데이터를 저장하는 위치입니다. 위치 가져오기에서 검색할 수 있음
connectionType	path	True	connectionType	허용되는 연결 유형(내부, 외부)
resourceGroupName	path	True	string	사용자의 구독 내에 있는 리소스 그룹의 이름입니다. 이름은 대소문자를 구분하지 않습니다. Regex pattern: ^[-\w\._\(\)]+$
subscriptionId	path	True	string	Azure 구독 ID입니다. Regex pattern: ^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$
api-version	query	True	string	작업에 대한 API 버전

응답

Name	형식	Description
200 OK	AllowedConnectionsResource	정상
Other Status Codes	CloudError	작업이 실패한 이유를 설명하는 오류 응답입니다.

보안

azure_auth

Azure Active Directory OAuth2 Flow

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name	Description
user_impersonation	사용자 계정 가장

예제

Get allowed connections

Sample Request

HTTP

GET https://management.azure.com/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myResourceGroup/providers/Microsoft.Security/locations/centralus/allowedConnections/Internal?api-version=2020-01-01

Java

import com.azure.resourcemanager.security.models.ConnectionType;

/**
 * Samples for AllowedConnections Get.
 */
public final class Main {
    /*
     * x-ms-original-file:
     * specification/security/resource-manager/Microsoft.Security/stable/2020-01-01/examples/AllowedConnections/
     * GetAllowedConnections_example.json
     */
    /**
     * Sample code: Get allowed connections.
     * 
     * @param manager Entry point to SecurityManager.
     */
    public static void getAllowedConnections(com.azure.resourcemanager.security.SecurityManager manager) {
        manager.allowedConnections().getWithResponse("myResourceGroup", "centralus", ConnectionType.INTERNAL,
            com.azure.core.util.Context.NONE);
    }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Go

package armsecurity_test

import (
	"context"
	"log"

	"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
)

// Generated from example definition: https://github.com/Azure/azure-rest-api-specs/blob/9ac34f238dd6b9071f486b57e9f9f1a0c43ec6f6/specification/security/resource-manager/Microsoft.Security/stable/2020-01-01/examples/AllowedConnections/GetAllowedConnections_example.json
func ExampleAllowedConnectionsClient_Get() {
	cred, err := azidentity.NewDefaultAzureCredential(nil)
	if err != nil {
		log.Fatalf("failed to obtain a credential: %v", err)
	}
	ctx := context.Background()
	clientFactory, err := armsecurity.NewClientFactory("<subscription-id>", cred, nil)
	if err != nil {
		log.Fatalf("failed to create client: %v", err)
	}
	res, err := clientFactory.NewAllowedConnectionsClient().Get(ctx, "myResourceGroup", "centralus", armsecurity.ConnectionTypeInternal, nil)
	if err != nil {
		log.Fatalf("failed to finish the request: %v", err)
	}
	// You could use response here. We use blank identifier for just demo purposes.
	_ = res
	// If the HTTP response code is 200 as defined in example definition, your response structure would look as follows. Please pay attention that all the values in the output are fake values for just demo purposes.
	// res.AllowedConnectionsResource = armsecurity.AllowedConnectionsResource{
	// 	Location: to.Ptr("centralus"),
	// 	Name: to.Ptr("Internal"),
	// 	Type: to.Ptr("Microsoft.Security/locations/allowedConnections"),
	// 	ID: to.Ptr("/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Security/locations/centralus/allowedConnections/Internal"),
	// 	Properties: &armsecurity.AllowedConnectionsResourceProperties{
	// 		CalculatedDateTime: to.Ptr(func() time.Time { t, _ := time.Parse(time.RFC3339Nano, "2018-08-06T14:55:32.351Z"); return t}()),
	// 		ConnectableResources: []*armsecurity.ConnectableResource{
	// 			{
	// 				ID: to.Ptr("/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine1"),
	// 				InboundConnectedResources: []*armsecurity.ConnectedResource{
	// 					{
	// 						ConnectedResourceID: to.Ptr("/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine2"),
	// 						TCPPorts: to.Ptr("[0-21,23-3388,3390-5984,5987-65535]"),
	// 						UDPPorts: to.Ptr("[0-21,23-3388,3390-5984,5987-65535]"),
	// 				}},
	// 				OutboundConnectedResources: []*armsecurity.ConnectedResource{
	// 					{
	// 						ConnectedResourceID: to.Ptr("/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine2"),
	// 						TCPPorts: to.Ptr("[0-21,23-3388,3390-5984,5987-65535]"),
	// 						UDPPorts: to.Ptr("[0-21,23-3388,3390-5984,5987-65535]"),
	// 				}},
	// 			},
	// 			{
	// 				ID: to.Ptr("/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine2"),
	// 				InboundConnectedResources: []*armsecurity.ConnectedResource{
	// 					{
	// 						ConnectedResourceID: to.Ptr("/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine1"),
	// 						TCPPorts: to.Ptr("[0-21,23-3388,3390-5984,5987-65535]"),
	// 						UDPPorts: to.Ptr("[0-21,23-3388,3390-5984,5987-65535]"),
	// 				}},
	// 				OutboundConnectedResources: []*armsecurity.ConnectedResource{
	// 					{
	// 						ConnectedResourceID: to.Ptr("/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine1"),
	// 						TCPPorts: to.Ptr("[0-21,23-3388,3390-5984,5987-65535]"),
	// 						UDPPorts: to.Ptr("[0-21,23-3388,3390-5984,5987-65535]"),
	// 				}},
	// 			},
	// 			{
	// 				ID: to.Ptr("/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine3"),
	// 				InboundConnectedResources: []*armsecurity.ConnectedResource{
	// 				},
	// 				OutboundConnectedResources: []*armsecurity.ConnectedResource{
	// 				},
	// 		}},
	// 	},
	// }
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

JavaScript

const { SecurityCenter } = require("@azure/arm-security");
const { DefaultAzureCredential } = require("@azure/identity");

/**
 * This sample demonstrates how to Gets the list of all possible traffic between resources for the subscription and location, based on connection type.
 *
 * @summary Gets the list of all possible traffic between resources for the subscription and location, based on connection type.
 * x-ms-original-file: specification/security/resource-manager/Microsoft.Security/stable/2020-01-01/examples/AllowedConnections/GetAllowedConnections_example.json
 */
async function getAllowedConnections() {
  const subscriptionId =
    process.env["SECURITY_SUBSCRIPTION_ID"] || "3eeab341-f466-499c-a8be-85427e154bad";
  const resourceGroupName = process.env["SECURITY_RESOURCE_GROUP"] || "myResourceGroup";
  const ascLocation = "centralus";
  const connectionType = "Internal";
  const credential = new DefaultAzureCredential();
  const client = new SecurityCenter(credential, subscriptionId);
  const result = await client.allowedConnections.get(
    resourceGroupName,
    ascLocation,
    connectionType,
  );
  console.log(result);
}

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

dotnet

using System;
using System.Threading.Tasks;
using Azure.Core;
using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Resources;
using Azure.ResourceManager.SecurityCenter;
using Azure.ResourceManager.SecurityCenter.Models;

// Generated from example definition: specification/security/resource-manager/Microsoft.Security/stable/2020-01-01/examples/AllowedConnections/GetAllowedConnections_example.json
// this example is just showing the usage of "AllowedConnections_Get" operation, for the dependent resources, they will have to be created separately.

// get your azure access token, for more details of how Azure SDK get your access token, please refer to https://learn.microsoft.com/en-us/dotnet/azure/sdk/authentication?tabs=command-line
TokenCredential cred = new DefaultAzureCredential();
// authenticate your client
ArmClient client = new ArmClient(cred);

// this example assumes you already have this ResourceGroupResource created on azure
// for more information of creating ResourceGroupResource, please refer to the document of ResourceGroupResource
string subscriptionId = "3eeab341-f466-499c-a8be-85427e154bad";
string resourceGroupName = "myResourceGroup";
ResourceIdentifier resourceGroupResourceId = ResourceGroupResource.CreateResourceIdentifier(subscriptionId, resourceGroupName);
ResourceGroupResource resourceGroupResource = client.GetResourceGroupResource(resourceGroupResourceId);

// invoke the operation
AzureLocation ascLocation = new AzureLocation("centralus");
SecurityCenterConnectionType connectionType = SecurityCenterConnectionType.Internal;
SecurityCenterAllowedConnection result = await resourceGroupResource.GetAllowedConnectionAsync(ascLocation, connectionType);

Console.WriteLine($"Succeeded: {result}");

To use the Azure SDK library in your project, see this documentation. To provide feedback on this code sample, open a GitHub issue

Sample Response

Status code:

200

{
  "type": "Microsoft.Security/locations/allowedConnections",
  "properties": {
    "calculatedDateTime": "2018-08-06T14:55:32.3518545Z",
    "connectableResources": [
      {
        "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine1",
        "inboundConnectedResources": [
          {
            "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine2",
            "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]",
            "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]"
          }
        ],
        "outboundConnectedResources": [
          {
            "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine2",
            "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]",
            "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]"
          }
        ]
      },
      {
        "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine2",
        "inboundConnectedResources": [
          {
            "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine1",
            "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]",
            "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]"
          }
        ],
        "outboundConnectedResources": [
          {
            "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine1",
            "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]",
            "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]"
          }
        ]
      },
      {
        "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine3",
        "inboundConnectedResources": [],
        "outboundConnectedResources": []
      }
    ]
  },
  "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Security/locations/centralus/allowedConnections/Internal",
  "name": "Internal",
  "location": "centralus"
}

정의

Name	Description
AllowedConnectionsResource	속성이 Azure 리소스 간의 허용된 트래픽을 설명하는 리소스입니다.
CloudError	실패한 작업에 대한 오류 세부 정보를 반환하는 모든 Azure Resource Manager API에 대한 일반적인 오류 응답입니다. OData 오류 응답 형식도 따릅니다.
CloudErrorBody	오류 세부 정보입니다.
ConnectableResource	Azure 리소스의 허용되는 인바운드 및 아웃바운드 트래픽에 대해 설명합니다.
ConnectedResource	연결된 리소스의 속성에 대해 설명합니다.
connectionType	허용되는 연결 유형(내부, 외부)
ErrorAdditionalInfo	리소스 관리 오류 추가 정보입니다.

AllowedConnectionsResource

속성이 Azure 리소스 간의 허용된 트래픽을 설명하는 리소스입니다.

Name	형식	Description
id	string	리소스 ID
location	string	리소스가 저장되는 위치
name	string	리소스 이름
properties.calculatedDateTime	string	허용된 연결 리소스가 계산된 UTC 시간입니다.
properties.connectableResources	ConnectableResource[]	연결 가능한 리소스 목록
type	string	리소스 유형

CloudError

실패한 작업에 대한 오류 세부 정보를 반환하는 모든 Azure Resource Manager API에 대한 일반적인 오류 응답입니다. OData 오류 응답 형식도 따릅니다.

Name	형식	Description
error.additionalInfo	ErrorAdditionalInfo[]	오류 추가 정보입니다.
error.code	string	오류 코드입니다.
error.details	CloudErrorBody[]	오류 세부 정보입니다.
error.message	string	오류 메시지입니다.
error.target	string	오류 대상입니다.

CloudErrorBody

오류 세부 정보입니다.

Name	형식	Description
additionalInfo	ErrorAdditionalInfo[]	오류 추가 정보입니다.
code	string	오류 코드입니다.
details	CloudErrorBody[]	오류 세부 정보입니다.
message	string	오류 메시지입니다.
target	string	오류 대상입니다.

ConnectableResource

Azure 리소스의 허용되는 인바운드 및 아웃바운드 트래픽에 대해 설명합니다.

Name	형식	Description
id	string	Azure 리소스 ID
inboundConnectedResources	ConnectedResource[]	리소스에 인바운드 허용 연결이 있는 Azure 리소스 목록
outboundConnectedResources	ConnectedResource[]	리소스에 아웃바운드 허용 연결이 있는 Azure 리소스 목록

ConnectedResource

연결된 리소스의 속성에 대해 설명합니다.

Name	형식	Description
connectedResourceId	string	연결된 리소스의 Azure 리소스 ID
tcpPorts	string	허용되는 tcp 포트
udpPorts	string	허용되는 udp 포트

connectionType

허용되는 연결 유형(내부, 외부)

Name	형식	Description
External	string
Internal	string

ErrorAdditionalInfo

리소스 관리 오류 추가 정보입니다.

Name	형식	Description
info	object	추가 정보입니다.
type	string	추가 정보 유형입니다.