-
Notifications
You must be signed in to change notification settings - Fork 5.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Dev security microsoft.security 2020 08 06 preview (#11263)
* Create iotAlerts.json * Updated iotAlerts and example * missing comma * Updated all new APIs * Add new files to readme * updated samples * added back newline * moved scope to parameters section * remove "x-ms-secret": true * removed x-ms-secret * Added model to all reference names * Try adding back "x-ms-secret": true * change line order * another change to line order * prettier fix Co-authored-by: Amir Amit <amamit@microsoft.com>
- Loading branch information
Showing
13 changed files
with
1,340 additions
and
4 deletions.
There are no files selected for viewing
29 changes: 29 additions & 0 deletions
29
...Microsoft.Security/preview/2020-08-06-preview/examples/IotAlertTypes/GetIoTAlertType.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
{ | ||
"parameters": { | ||
"api-version": "2020-08-06-preview", | ||
"subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", | ||
"iotAlertTypeName": "IoT_PrivilegedContainer" | ||
}, | ||
"responses": { | ||
"200": { | ||
"body": { | ||
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/iotAlertTypes/IoT_PrivilegedContainer", | ||
"name": "IoT_PrivilegedContainer", | ||
"type": "Microsoft.Security/iotAlertTypes", | ||
"properties": { | ||
"alertDisplayName": "Privileged container detected", | ||
"severity": "Medium", | ||
"description": "Machine logs indicate that a privileged Docker container is running. A privileged container has full access to host resources. If compromised, a malicious actor can use the privileged container to gain access to the host machine.", | ||
"providerName": "IoTSecurity", | ||
"remediationSteps": [ | ||
"If the container doesn't need to run in privileged mode, remove the privileges from the container." | ||
], | ||
"intent": "Exploitation,Execution", | ||
"vendorName": "Microsoft", | ||
"productName": "Azure Security Center for IoT", | ||
"productComponentName": "IoT Hub" | ||
} | ||
} | ||
} | ||
} | ||
} |
32 changes: 32 additions & 0 deletions
32
...osoft.Security/preview/2020-08-06-preview/examples/IotAlertTypes/GetIoTAlertTypeList.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
{ | ||
"parameters": { | ||
"api-version": "2020-08-06-preview", | ||
"subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" | ||
}, | ||
"responses": { | ||
"200": { | ||
"body": { | ||
"value": [ | ||
{ | ||
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/iotAlertTypes", | ||
"name": "IoT_PrivilegedContainer", | ||
"type": "Microsoft.Security/iotAlertTypes", | ||
"properties": { | ||
"alertDisplayName": "Privileged container detected", | ||
"severity": "Medium", | ||
"description": "Machine logs indicate that a privileged Docker container is running. A privileged container has full access to host resources. If compromised, a malicious actor can use the privileged container to gain access to the host machine.", | ||
"providerName": "IoTSecurity", | ||
"remediationSteps": [ | ||
"If the container doesn't need to run in privileged mode, remove the privileges from the container." | ||
], | ||
"intent": "Exploitation,Execution", | ||
"vendorName": "Microsoft", | ||
"productName": "Azure Security Center for IoT", | ||
"productComponentName": "IoT Hub" | ||
} | ||
} | ||
] | ||
} | ||
} | ||
} | ||
} |
34 changes: 34 additions & 0 deletions
34
...manager/Microsoft.Security/preview/2020-08-06-preview/examples/IotAlerts/GetIoTAlert.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
{ | ||
"parameters": { | ||
"api-version": "2020-08-06-preview", | ||
"scope": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myGroup/providers/Microsoft.Devices/IotHubs/myIotHub", | ||
"iotAlertId": "903e76ff-17eb-4bac-ac8a-2bc31ab68fd8" | ||
}, | ||
"responses": { | ||
"200": { | ||
"body": { | ||
"properties": { | ||
"systemAlertId": "903e76ff-17eb-4bac-ac8a-2bc31ab68fd8", | ||
"compromisedEntity": "device-1", | ||
"alertType": "IoT_PrivilegedContainer", | ||
"startTimeUtc": "2020-05-13T06:32:25Z", | ||
"endTimeUtc": "2020-05-13T06:32:25Z", | ||
"entities": [ | ||
{ | ||
"$id": "1", | ||
"CommandLine": "docker run --privileged", | ||
"Type": "process" | ||
} | ||
], | ||
"extendedProperties": { | ||
"CommandLine": "docker run --privileged", | ||
"User Name": "aUser", | ||
"UserId": "", | ||
"ParentProcessId": 1593, | ||
"DeviceId": "device-1" | ||
} | ||
} | ||
} | ||
} | ||
} | ||
} |
43 changes: 43 additions & 0 deletions
43
...ger/Microsoft.Security/preview/2020-08-06-preview/examples/IotAlerts/GetIoTAlertList.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
{ | ||
"parameters": { | ||
"api-version": "2020-08-06-preview", | ||
"scope": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myGroup/providers/Microsoft.Devices/IotHubs/myIotHub", | ||
"alertType": "IoT_PrivilegedContainer", | ||
"startTimeUtc>": "2020-05-12T06:32:25Z", | ||
"startTimeUtc<": "2020-05-14T06:32:25Z", | ||
"compromisedEntity": "device-1", | ||
"$limit": 1 | ||
}, | ||
"responses": { | ||
"200": { | ||
"body": { | ||
"value": [ | ||
{ | ||
"properties": { | ||
"systemAlertId": "903e76ff-17eb-4bac-ac8a-2bc31ab68fd8", | ||
"compromisedEntity": "device-1", | ||
"alertType": "IoT_PrivilegedContainer", | ||
"startTimeUtc": "2020-05-13T06:32:25Z", | ||
"endTimeUtc": "2020-05-13T06:32:25Z", | ||
"entities": [ | ||
{ | ||
"$id": "1", | ||
"CommandLine": "docker run --privileged", | ||
"Type": "process" | ||
} | ||
], | ||
"extendedProperties": { | ||
"CommandLine": "docker run --privileged", | ||
"User Name": "aUser", | ||
"UserId": "", | ||
"ParentProcessId": 1593, | ||
"DeviceId": "device-1" | ||
} | ||
} | ||
} | ||
], | ||
"nextLink": "https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myGroup/providers/Microsoft.Devices/iotHubs/myIotHub/providers/Microsoft.Security/iotAlerts?api-version=2020-08-06-preview&alertType=IoT_PrivilegedContainer&startTimeUtc>=2020-05-12T06:32:25Z&startTimeUtc<=2020-05-14T06:32:25Z&compromisedEntity=device-1&$limit=1&$skipToken=903e76ff-17eb-4bac-ac8a-2bc31ab68fd8" | ||
} | ||
} | ||
} | ||
} |
28 changes: 28 additions & 0 deletions
28
.../preview/2020-08-06-preview/examples/IotRecommendationTypes/GetIoTRecommendationType.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
{ | ||
"parameters": { | ||
"api-version": "2020-08-06-preview", | ||
"subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", | ||
"iotRecommendationTypeName": "IoT_VulnerableTLSCipherSuite" | ||
}, | ||
"responses": { | ||
"200": { | ||
"body": { | ||
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/iotRecommendationTypes/IoT_VulnerableTLSCipherSuite", | ||
"name": "IoT_VulnerableTLSCipherSuite", | ||
"type": "Microsoft.Security/iotRecommendationTypes", | ||
"properties": { | ||
"recommendationDisplayName": "TLS cipher suite upgrade needed", | ||
"severity": "Medium", | ||
"description": "Insecure TLS configurations detected. Immediate TLS cipher suite upgrade recommended.", | ||
"remediationSteps": [ | ||
"Upgrade your TLS cipher suite to a secure configuration. See the Guide to TLS Standards Compliance for more information." | ||
], | ||
"vendorName": "Microsoft", | ||
"control": "Communication between device and IoT Hub is not optimized", | ||
"productName": "Azure Security Center for IoT", | ||
"productComponentName": "IoT Hub" | ||
} | ||
} | ||
} | ||
} | ||
} |
31 changes: 31 additions & 0 deletions
31
...view/2020-08-06-preview/examples/IotRecommendationTypes/GetIoTRecommendationTypeList.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
{ | ||
"parameters": { | ||
"api-version": "2020-08-06-preview", | ||
"subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" | ||
}, | ||
"responses": { | ||
"200": { | ||
"body": { | ||
"value": [ | ||
{ | ||
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/iotRecommendationTypes/IoT_VulnerableTLSCipherSuite", | ||
"name": "IoT_VulnerableTLSCipherSuite", | ||
"type": "Microsoft.Security/iotRecommendationTypes", | ||
"properties": { | ||
"recommendationDisplayName": "TLS cipher suite upgrade needed", | ||
"severity": "Medium", | ||
"description": "Insecure TLS configurations detected. Immediate TLS cipher suite upgrade recommended.", | ||
"remediationSteps": [ | ||
"Upgrade your TLS cipher suite to a secure configuration. See the Guide to TLS Standards Compliance for more information." | ||
], | ||
"vendorName": "Microsoft", | ||
"control": "Communication between device and IoT Hub is not optimized", | ||
"productName": "Azure Security Center for IoT", | ||
"productComponentName": "IoT Hub" | ||
} | ||
} | ||
] | ||
} | ||
} | ||
} | ||
} |
27 changes: 27 additions & 0 deletions
27
...Security/preview/2020-08-06-preview/examples/IotRecommendations/GetIoTRecommendation.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
{ | ||
"parameters": { | ||
"api-version": "2020-08-06-preview", | ||
"scope": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myGroup/providers/Microsoft.Devices/IotHubs/myIotHub", | ||
"iotRecommendationId": "903e76ff-17eb-4bac-ac8a-2bc31ab68fd8" | ||
}, | ||
"responses": { | ||
"200": { | ||
"body": { | ||
"name": "IoT_Baseline|device-1", | ||
"properties": { | ||
"recommendationType": "IoT_Baseline", | ||
"deviceId": "device-1", | ||
"discoveredTimeUtc": "2020-05-13T06:32:25Z", | ||
"recommendationAdditionalData": { | ||
"SnapshotId": "48519d58-4e35-46cd-aed5-6251af95ed50", | ||
"TotalFailedRules": "7", | ||
"TotalRulesFailedDuoToError": "1", | ||
"TotalInformationalFailedRules": "2", | ||
"TotalCriticalFailedRules": "3", | ||
"TotalWarningFailedRules": "1" | ||
} | ||
} | ||
} | ||
} | ||
} | ||
} |
34 changes: 34 additions & 0 deletions
34
...rity/preview/2020-08-06-preview/examples/IotRecommendations/GetIoTRecommendationList.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
{ | ||
"parameters": { | ||
"api-version": "2020-08-06-preview", | ||
"scope": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myGroup/providers/Microsoft.Devices/IotHubs/myIotHub", | ||
"recommendationType": "IoT_Baseline", | ||
"deviceId": "device-1", | ||
"$limit": 1 | ||
}, | ||
"responses": { | ||
"200": { | ||
"body": { | ||
"value": [ | ||
{ | ||
"name": "IoT_Baseline|device-1", | ||
"properties": { | ||
"recommendationType": "IoT_Baseline", | ||
"deviceId": "device-1", | ||
"discoveredTimeUtc": "2020-05-13T06:32:25Z", | ||
"recommendationAdditionalData": { | ||
"SnapshotId": "48519d58-4e35-46cd-aed5-6251af95ed50", | ||
"TotalFailedRules": "7", | ||
"TotalRulesFailedDuoToError": "1", | ||
"TotalInformationalFailedRules": "2", | ||
"TotalCriticalFailedRules": "3", | ||
"TotalWarningFailedRules": "1" | ||
} | ||
} | ||
} | ||
], | ||
"nextLink": "https://management.azure.com/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myGroup/providers/Microsoft.Devices/iotHubs/myIotHub/providers/Microsoft.Security/iotRecommendations?api-version=2020-08-06-preview&recommendationType=IoT_Baseline&deviceId=device-1&$limit=1&$skipToken=903e76ff-17eb-4bac-ac8a-2bc31ab68fd8" | ||
} | ||
} | ||
} | ||
} |
Oops, something went wrong.