{ "swagger": "2.0", "schemes": [ "https" ], "host": "management.azure.com", "info": { "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", "title": "Security Center", "version": "2017-08-01-preview", "x-apisguru-categories": [ "cloud" ], "x-logo": { "url": "https://api.apis.guru/v2/cache/logo/https_assets.onestore.ms_cdnfiles_onestorerolling-1606-01000_shell_v3_images_logo_microsoft.png" }, "x-origin": [ { "format": "swagger", "url": "https://raw.githubusercontent.com/Azure/azure-rest-api-specs/master/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/iotSecuritySolutions.json", "version": "2.0" } ], "x-preferred": false, "x-providerName": "azure.com", "x-serviceName": "security-iotSecuritySolutions", "x-tags": [ "Azure", "Microsoft" ] }, "consumes": [ "application/json" ], "produces": [ "application/json" ], "securityDefinitions": { "azure_auth": { "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", "description": "Azure Active Directory OAuth2 Flow", "flow": "implicit", "scopes": { "user_impersonation": "impersonate your user account" }, "type": "oauth2" } }, "security": [ { "azure_auth": [ "user_impersonation" ] } ], "parameters": { "FilterParam": { "description": "filter the Security Solution with OData syntax. supporting filter by iotHubs", "in": "query", "name": "$filter", "required": false, "type": "string", "x-ms-parameter-location": "method" }, "IotSecuritySolutionData": { "description": "The security solution data", "in": "body", "name": "iotSecuritySolutionData", "required": true, "schema": { "$ref": "#/definitions/IoTSecuritySolutionModel" }, "x-ms-parameter-location": "method" }, "SolutionName": { "description": "The solution manager name", "in": "path", "name": "solutionName", "required": true, "type": "string", "x-ms-parameter-location": "method" }, "UpdateIotSecuritySolution": { "description": "The security solution data", "in": "body", "name": "updateIotSecuritySolutionData", "required": true, "schema": { "$ref": "#/definitions/UpdateIotSecuritySolutionData" }, "x-ms-parameter-location": "method" } }, "paths": { "/subscriptions/{subscriptionId}/providers/Microsoft.Security/iotSecuritySolutions": { "get": { "description": "List of security solutions", "operationId": "IoTSecuritySolutions_List", "parameters": [ { "description": "API version for the operation", "in": "query", "name": "api-version", "required": true, "type": "string" }, { "description": "Azure subscription ID", "in": "path", "name": "subscriptionId", "pattern": "^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$", "required": true, "type": "string" }, { "$ref": "#/parameters/FilterParam" } ], "responses": { "200": { "description": "OK", "schema": { "$ref": "#/definitions/IoTSecuritySolutionsList" } }, "default": { "description": "Error response describing why the operation failed.", "schema": { "description": "Error response structure.", "properties": { "error": { "description": "Error details.", "properties": { "code": { "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically.", "readOnly": true, "type": "string" }, "message": { "description": "A message describing the error, intended to be suitable for display in a user interface.", "readOnly": true, "type": "string" } }, "type": "object", "x-ms-external": true } }, "type": "object", "x-ms-external": true } } }, "tags": [ "IoT Security Solutions" ], "x-ms-examples": { "Get Security Solutions list": { "parameters": { "api-version": "2017-08-01-preview", "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" }, "responses": { "200": { "body": { "value": [ { "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default", "location": "East Us", "name": "default", "properties": { "autoDiscoveredResources": [ "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735", "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" ], "disabledDataSources": [], "displayName": "Solution Default", "export": [], "iotHubs": [ "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" ], "recommendationsConfiguration": [ { "name": "Service Principal Not Used with ACR", "recommendationType": "IoT_ACRAuthentication", "status": "Enabled" }, { "name": "Agent sending underutilized messages", "recommendationType": "IoT_AgentSendsUnutilizedMessages", "status": "TurnedOn" }, { "name": "Operating system (OS) baseline validation failure", "recommendationType": "IoT_Baseline", "status": "Enabled" }, { "name": "Edge Hub memory can be optimized", "recommendationType": "IoT_EdgeHubMemOptimize", "status": "Enabled" }, { "name": "No Logging Configured for Edge Module", "recommendationType": "IoT_EdgeLoggingOptions", "status": "Enabled" }, { "name": "Module Settings Inconsistent in SecurityGroup", "recommendationType": "IoT_InconsistentModuleSettings", "status": "Enabled" }, { "name": "Install the Azure Security of Things Agent", "recommendationType": "IoT_InstallAgent", "status": "Enabled" }, { "name": "Default IP Filter Policy should be Deny", "recommendationType": "IoT_IPFilter_DenyAll", "status": "Enabled" }, { "name": "IP Filter rule includes large IP range", "recommendationType": "IoT_IPFilter_PermissiveRule", "status": "Enabled" }, { "name": "Open Ports On Device", "recommendationType": "IoT_OpenPorts", "status": "Disabled" }, { "name": "Permissive firewall policy in one of the chains was found", "recommendationType": "IoT_PermissiveFirewallPolicy", "status": "Enabled" }, { "name": "Permissive firewall rule in the input chain was found", "recommendationType": "IoT_PermissiveInputFirewallRules", "status": "Enabled" }, { "name": "Permissive firewall rule in the output chain was found", "recommendationType": "IoT_PermissiveOutputFirewallRules", "status": "Enabled" }, { "name": "High level permissions configured in Edge model twin for Edge module", "recommendationType": "IoT_PrivilegedDockerOptions", "status": "Enabled" }, { "name": "Same Authentication Credentials used by multiple devices", "recommendationType": "IoT_SharedCredentials", "status": "Disabled" }, { "name": "TLS cipher suite upgrade", "recommendationType": "IoT_VulnerableTLSCipherSuite", "status": "Enabled" } ], "status": "Enabled", "userDefinedResources": { "query": "where type != \"microsoft.devices/iothubs\" | where name contains \"iot\"", "querySubscriptions": [ "075423e9-7d33-4166-8bdf-3920b04e3735" ] }, "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1" }, "tags": {}, "type": "Microsoft.Security/IoTSecuritySolutions" }, { "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SecondGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/sec-solution", "location": "East Us", "name": "sec-solution", "properties": { "autoDiscoveredResources": [ "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735", "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/IotHubSecond" ], "disabledDataSources": [], "displayName": "Second Solution", "export": [ "RawEvents" ], "iotHubs": [ "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/IotHubSecond" ], "recommendationsConfiguration": [ { "name": "Service Principal Not Used with ACR", "recommendationType": "IoT_ACRAuthentication", "status": "Enabled" }, { "name": "Agent sending underutilized messages", "recommendationType": "IoT_AgentSendsUnutilizedMessages", "status": "TurnedOn" }, { "name": "Operating system (OS) baseline validation failure", "recommendationType": "IoT_Baseline", "status": "Enabled" }, { "name": "Edge Hub memory can be optimized", "recommendationType": "IoT_EdgeHubMemOptimize", "status": "Enabled" }, { "name": "No Logging Configured for Edge Module", "recommendationType": "IoT_EdgeLoggingOptions", "status": "Enabled" }, { "name": "Module Settings Inconsistent in SecurityGroup", "recommendationType": "IoT_InconsistentModuleSettings", "status": "Enabled" }, { "name": "Install the Azure Security of Things Agent", "recommendationType": "IoT_InstallAgent", "status": "Enabled" }, { "name": "Default IP Filter Policy should be Deny", "recommendationType": "IoT_IPFilter_DenyAll", "status": "Enabled" }, { "name": "IP Filter rule includes large IP range", "recommendationType": "IoT_IPFilter_PermissiveRule", "status": "Enabled" }, { "name": "Open Ports On Device", "recommendationType": "IoT_OpenPorts", "status": "Disabled" }, { "name": "Permissive firewall policy in one of the chains was found", "recommendationType": "IoT_PermissiveFirewallPolicy", "status": "Enabled" }, { "name": "Permissive firewall rule in the input chain was found", "recommendationType": "IoT_PermissiveInputFirewallRules", "status": "Enabled" }, { "name": "Permissive firewall rule in the output chain was found", "recommendationType": "IoT_PermissiveOutputFirewallRules", "status": "Enabled" }, { "name": "High level permissions configured in Edge model twin for Edge module", "recommendationType": "IoT_PrivilegedDockerOptions", "status": "Enabled" }, { "name": "Same Authentication Credentials used by multiple devices", "recommendationType": "IoT_SharedCredentials", "status": "Disabled" }, { "name": "TLS cipher suite upgrade", "recommendationType": "IoT_VulnerableTLSCipherSuite", "status": "Enabled" } ], "status": "Enabled", "userDefinedResources": { "query": "where type != \"microsoft.devices/iothubs\" | where name contains \"iot\"", "querySubscriptions": [ "075423e9-7d33-4166-8bdf-3920b04e3735" ] }, "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1" }, "tags": {}, "type": "Microsoft.Security/IoTSecuritySolutions" } ] } } } }, "Get Security Solutions list By IotHub": { "parameters": { "$filter": "properties.iotHubs/any(i eq \"/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub\")", "api-version": "2017-08-01-preview", "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" }, "responses": { "200": { "body": { "value": [ { "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default", "location": "East Us", "name": "default", "properties": { "autoDiscoveredResources": [ "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735", "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" ], "disabledDataSources": [], "displayName": "Solution Default", "export": [ "RawEvents" ], "iotHubs": [ "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" ], "recommendationsConfiguration": [ { "name": "Service Principal Not Used with ACR", "recommendationType": "IoT_ACRAuthentication", "status": "Enabled" }, { "name": "Agent sending underutilized messages", "recommendationType": "IoT_AgentSendsUnutilizedMessages", "status": "TurnedOn" }, { "name": "Operating system (OS) baseline validation failure", "recommendationType": "IoT_Baseline", "status": "Enabled" }, { "name": "Edge Hub memory can be optimized", "recommendationType": "IoT_EdgeHubMemOptimize", "status": "Enabled" }, { "name": "No Logging Configured for Edge Module", "recommendationType": "IoT_EdgeLoggingOptions", "status": "Enabled" }, { "name": "Module Settings Inconsistent in SecurityGroup", "recommendationType": "IoT_InconsistentModuleSettings", "status": "Enabled" }, { "name": "Install the Azure Security of Things Agent", "recommendationType": "IoT_InstallAgent", "status": "Enabled" }, { "name": "Default IP Filter Policy should be Deny", "recommendationType": "IoT_IPFilter_DenyAll", "status": "Enabled" }, { "name": "IP Filter rule includes large IP range", "recommendationType": "IoT_IPFilter_PermissiveRule", "status": "Enabled" }, { "name": "Open Ports On Device", "recommendationType": "IoT_OpenPorts", "status": "Disabled" }, { "name": "Permissive firewall policy in one of the chains was found", "recommendationType": "IoT_PermissiveFirewallPolicy", "status": "Enabled" }, { "name": "Permissive firewall rule in the input chain was found", "recommendationType": "IoT_PermissiveInputFirewallRules", "status": "Enabled" }, { "name": "Permissive firewall rule in the output chain was found", "recommendationType": "IoT_PermissiveOutputFirewallRules", "status": "Enabled" }, { "name": "High level permissions configured in Edge model twin for Edge module", "recommendationType": "IoT_PrivilegedDockerOptions", "status": "Enabled" }, { "name": "Same Authentication Credentials used by multiple devices", "recommendationType": "IoT_SharedCredentials", "status": "Disabled" }, { "name": "TLS cipher suite upgrade", "recommendationType": "IoT_VulnerableTLSCipherSuite", "status": "Enabled" } ], "status": "Enabled", "userDefinedResources": { "query": "where type != \"microsoft.devices/iothubs\" | where name contains \"iot\"", "querySubscriptions": [ "075423e9-7d33-4166-8bdf-3920b04e3735" ] }, "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1" }, "tags": {}, "type": "Microsoft.Security/IoTSecuritySolutions" } ] } } } } }, "x-ms-pageable": { "nextLinkName": "nextLink" } } }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions": { "get": { "description": "List of security solutions", "operationId": "IoTSecuritySolutionsResourceGroup_List", "parameters": [ { "description": "API version for the operation", "in": "query", "name": "api-version", "required": true, "type": "string" }, { "description": "Azure subscription ID", "in": "path", "name": "subscriptionId", "pattern": "^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$", "required": true, "type": "string" }, { "description": "The name of the resource group within the user's subscription. The name is case insensitive.", "in": "path", "maxLength": 90, "minLength": 1, "name": "resourceGroupName", "pattern": "^[-\\w\\._\\(\\)]+$", "required": true, "type": "string", "x-ms-parameter-location": "method" }, { "$ref": "#/parameters/FilterParam" } ], "responses": { "200": { "description": "OK", "schema": { "$ref": "#/definitions/IoTSecuritySolutionsList" } }, "default": { "description": "Error response describing why the operation failed.", "schema": { "description": "Error response structure.", "properties": { "error": { "description": "Error details.", "properties": { "code": { "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically.", "readOnly": true, "type": "string" }, "message": { "description": "A message describing the error, intended to be suitable for display in a user interface.", "readOnly": true, "type": "string" } }, "type": "object", "x-ms-external": true } }, "type": "object", "x-ms-external": true } } }, "tags": [ "IoT Security Solutions" ], "x-ms-examples": { "Get Security Solutions list": { "parameters": { "api-version": "2017-08-01-preview", "resourceGroupName": "MyGroup", "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" }, "responses": { "200": { "body": { "value": [ { "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default", "location": "East Us", "name": "default", "properties": { "autoDiscoveredResources": [ "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735", "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" ], "disabledDataSources": [], "displayName": "Solution Default", "export": [], "iotHubs": [ "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" ], "recommendationsConfiguration": [ { "name": "Service Principal Not Used with ACR", "recommendationType": "IoT_ACRAuthentication", "status": "Enabled" }, { "name": "Agent sending underutilized messages", "recommendationType": "IoT_AgentSendsUnutilizedMessages", "status": "TurnedOn" }, { "name": "Operating system (OS) baseline validation failure", "recommendationType": "IoT_Baseline", "status": "Enabled" }, { "name": "Edge Hub memory can be optimized", "recommendationType": "IoT_EdgeHubMemOptimize", "status": "Enabled" }, { "name": "No Logging Configured for Edge Module", "recommendationType": "IoT_EdgeLoggingOptions", "status": "Enabled" }, { "name": "Module Settings Inconsistent in SecurityGroup", "recommendationType": "IoT_InconsistentModuleSettings", "status": "Enabled" }, { "name": "Install the Azure Security of Things Agent", "recommendationType": "IoT_InstallAgent", "status": "Enabled" }, { "name": "Default IP Filter Policy should be Deny", "recommendationType": "IoT_IPFilter_DenyAll", "status": "Enabled" }, { "name": "IP Filter rule includes large IP range", "recommendationType": "IoT_IPFilter_PermissiveRule", "status": "Enabled" }, { "name": "Open Ports On Device", "recommendationType": "IoT_OpenPorts", "status": "Disabled" }, { "name": "Permissive firewall policy in one of the chains was found", "recommendationType": "IoT_PermissiveFirewallPolicy", "status": "Enabled" }, { "name": "Permissive firewall rule in the input chain was found", "recommendationType": "IoT_PermissiveInputFirewallRules", "status": "Enabled" }, { "name": "Permissive firewall rule in the output chain was found", "recommendationType": "IoT_PermissiveOutputFirewallRules", "status": "Enabled" }, { "name": "High level permissions configured in Edge model twin for Edge module", "recommendationType": "IoT_PrivilegedDockerOptions", "status": "Enabled" }, { "name": "Same Authentication Credentials used by multiple devices", "recommendationType": "IoT_SharedCredentials", "status": "Disabled" }, { "name": "TLS cipher suite upgrade", "recommendationType": "IoT_VulnerableTLSCipherSuite", "status": "Enabled" } ], "status": "Enabled", "userDefinedResources": { "query": "where type != \"microsoft.devices/iothubs\" | where name contains \"iot\"", "querySubscriptions": [ "075423e9-7d33-4166-8bdf-3920b04e3735" ] }, "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1" }, "tags": {}, "type": "Microsoft.Security/IoTSecuritySolutions" } ] } } } }, "Get Security Solutions list By IotHub": { "parameters": { "$filter": "properties.iotHubs/any(i eq \"/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub\")", "api-version": "2017-08-01-preview", "resourceGroupName": "MyRg", "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" }, "responses": { "200": { "body": { "value": [ { "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyRg/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default", "location": "East Us", "name": "default", "properties": { "autoDiscoveredResources": [ "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735", "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" ], "disabledDataSources": [], "displayName": "Solution Default", "export": [ "RawEvents" ], "iotHubs": [ "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" ], "recommendationsConfiguration": [ { "name": "Service Principal Not Used with ACR", "recommendationType": "IoT_ACRAuthentication", "status": "Enabled" }, { "name": "Agent sending underutilized messages", "recommendationType": "IoT_AgentSendsUnutilizedMessages", "status": "TurnedOn" }, { "name": "Operating system (OS) baseline validation failure", "recommendationType": "IoT_Baseline", "status": "Enabled" }, { "name": "Edge Hub memory can be optimized", "recommendationType": "IoT_EdgeHubMemOptimize", "status": "Enabled" }, { "name": "No Logging Configured for Edge Module", "recommendationType": "IoT_EdgeLoggingOptions", "status": "Enabled" }, { "name": "Module Settings Inconsistent in SecurityGroup", "recommendationType": "IoT_InconsistentModuleSettings", "status": "Enabled" }, { "name": "Install the Azure Security of Things Agent", "recommendationType": "IoT_InstallAgent", "status": "Enabled" }, { "name": "Default IP Filter Policy should be Deny", "recommendationType": "IoT_IPFilter_DenyAll", "status": "Enabled" }, { "name": "IP Filter rule includes large IP range", "recommendationType": "IoT_IPFilter_PermissiveRule", "status": "Enabled" }, { "name": "Open Ports On Device", "recommendationType": "IoT_OpenPorts", "status": "Disabled" }, { "name": "Permissive firewall policy in one of the chains was found", "recommendationType": "IoT_PermissiveFirewallPolicy", "status": "Enabled" }, { "name": "Permissive firewall rule in the input chain was found", "recommendationType": "IoT_PermissiveInputFirewallRules", "status": "Enabled" }, { "name": "Permissive firewall rule in the output chain was found", "recommendationType": "IoT_PermissiveOutputFirewallRules", "status": "Enabled" }, { "name": "High level permissions configured in Edge model twin for Edge module", "recommendationType": "IoT_PrivilegedDockerOptions", "status": "Enabled" }, { "name": "Same Authentication Credentials used by multiple devices", "recommendationType": "IoT_SharedCredentials", "status": "Disabled" }, { "name": "TLS cipher suite upgrade", "recommendationType": "IoT_VulnerableTLSCipherSuite", "status": "Enabled" } ], "status": "Enabled", "userDefinedResources": { "query": "where type != \"microsoft.devices/iothubs\" | where name contains \"iot\"", "querySubscriptions": [ "075423e9-7d33-4166-8bdf-3920b04e3735" ] }, "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1" }, "tags": {}, "type": "Microsoft.Security/IoTSecuritySolutions" } ] } } } } }, "x-ms-pageable": { "nextLinkName": "nextLink" } } }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}": { "delete": { "description": "Create new solution manager", "operationId": "IotSecuritySolution_Delete", "parameters": [ { "description": "API version for the operation", "in": "query", "name": "api-version", "required": true, "type": "string" }, { "description": "Azure subscription ID", "in": "path", "name": "subscriptionId", "pattern": "^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$", "required": true, "type": "string" }, { "description": "The name of the resource group within the user's subscription. The name is case insensitive.", "in": "path", "maxLength": 90, "minLength": 1, "name": "resourceGroupName", "pattern": "^[-\\w\\._\\(\\)]+$", "required": true, "type": "string", "x-ms-parameter-location": "method" }, { "$ref": "#/parameters/SolutionName" } ], "responses": { "200": { "description": "Security Solution deleted" }, "204": { "description": "Security Solution was not exists" }, "default": { "description": "Error response describing why the operation failed.", "schema": { "description": "Error response structure.", "properties": { "error": { "description": "Error details.", "properties": { "code": { "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically.", "readOnly": true, "type": "string" }, "message": { "description": "A message describing the error, intended to be suitable for display in a user interface.", "readOnly": true, "type": "string" } }, "type": "object", "x-ms-external": true } }, "type": "object", "x-ms-external": true } } }, "tags": [ "IoT Security Solutions" ], "x-ms-examples": { "Create an iot security solution": { "parameters": { "api-version": "2017-08-01-preview", "resourceGroupName": "MyGroup", "solutionName": "default", "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" }, "responses": { "200": {}, "204": {} } } } }, "get": { "description": "Details of a specific iot security solution", "operationId": "IotSecuritySolution_Get", "parameters": [ { "description": "API version for the operation", "in": "query", "name": "api-version", "required": true, "type": "string" }, { "description": "Azure subscription ID", "in": "path", "name": "subscriptionId", "pattern": "^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$", "required": true, "type": "string" }, { "description": "The name of the resource group within the user's subscription. The name is case insensitive.", "in": "path", "maxLength": 90, "minLength": 1, "name": "resourceGroupName", "pattern": "^[-\\w\\._\\(\\)]+$", "required": true, "type": "string", "x-ms-parameter-location": "method" }, { "$ref": "#/parameters/SolutionName" } ], "responses": { "200": { "description": "OK", "schema": { "$ref": "#/definitions/IoTSecuritySolutionModel" } }, "default": { "description": "Error response describing why the operation failed.", "schema": { "description": "Error response structure.", "properties": { "error": { "description": "Error details.", "properties": { "code": { "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically.", "readOnly": true, "type": "string" }, "message": { "description": "A message describing the error, intended to be suitable for display in a user interface.", "readOnly": true, "type": "string" } }, "type": "object", "x-ms-external": true } }, "type": "object", "x-ms-external": true } } }, "tags": [ "IoT Security Solutions" ], "x-ms-examples": { "Get an iot security solution": { "parameters": { "api-version": "2017-08-01-preview", "resourceGroupName": "MyGroup", "solutionName": "default", "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" }, "responses": { "200": { "body": { "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default", "location": "East Us", "name": "default", "properties": { "autoDiscoveredResources": [ "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735", "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" ], "disabledDataSources": [], "displayName": "Solution Default", "export": [], "iotHubs": [ "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" ], "recommendationsConfiguration": [ { "name": "Service Principal Not Used with ACR", "recommendationType": "IoT_ACRAuthentication", "status": "Enabled" }, { "name": "Agent sending underutilized messages", "recommendationType": "IoT_AgentSendsUnutilizedMessages", "status": "TurnedOn" }, { "name": "Operating system (OS) baseline validation failure", "recommendationType": "IoT_Baseline", "status": "Enabled" }, { "name": "Edge Hub memory can be optimized", "recommendationType": "IoT_EdgeHubMemOptimize", "status": "Enabled" }, { "name": "No Logging Configured for Edge Module", "recommendationType": "IoT_EdgeLoggingOptions", "status": "Enabled" }, { "name": "Module Settings Inconsistent in SecurityGroup", "recommendationType": "IoT_InconsistentModuleSettings", "status": "Enabled" }, { "name": "Install the Azure Security of Things Agent", "recommendationType": "IoT_InstallAgent", "status": "Enabled" }, { "name": "Default IP Filter Policy should be Deny", "recommendationType": "IoT_IPFilter_DenyAll", "status": "Enabled" }, { "name": "IP Filter rule includes large IP range", "recommendationType": "IoT_IPFilter_PermissiveRule", "status": "Enabled" }, { "name": "Open Ports On Device", "recommendationType": "IoT_OpenPorts", "status": "Disabled" }, { "name": "Permissive firewall policy in one of the chains was found", "recommendationType": "IoT_PermissiveFirewallPolicy", "status": "Enabled" }, { "name": "Permissive firewall rule in the input chain was found", "recommendationType": "IoT_PermissiveInputFirewallRules", "status": "Enabled" }, { "name": "Permissive firewall rule in the output chain was found", "recommendationType": "IoT_PermissiveOutputFirewallRules", "status": "Enabled" }, { "name": "High level permissions configured in Edge model twin for Edge module", "recommendationType": "IoT_PrivilegedDockerOptions", "status": "Enabled" }, { "name": "Same Authentication Credentials used by multiple devices", "recommendationType": "IoT_SharedCredentials", "status": "Disabled" }, { "name": "TLS cipher suite upgrade", "recommendationType": "IoT_VulnerableTLSCipherSuite", "status": "Enabled" } ], "status": "Enabled", "userDefinedResources": { "query": "where type != \"microsoft.devices/iothubs\" | where name contains \"iot\"", "querySubscriptions": [ "075423e9-7d33-4166-8bdf-3920b04e3735" ] }, "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1" }, "tags": {}, "type": "Microsoft.Security/IoTSecuritySolutions" } } } } } }, "patch": { "description": "update existing Security Solution tags or user defined resources. To update other fields use the CreateOrUpdate method", "operationId": "IotSecuritySolution_Update", "parameters": [ { "description": "API version for the operation", "in": "query", "name": "api-version", "required": true, "type": "string" }, { "description": "Azure subscription ID", "in": "path", "name": "subscriptionId", "pattern": "^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$", "required": true, "type": "string" }, { "description": "The name of the resource group within the user's subscription. The name is case insensitive.", "in": "path", "maxLength": 90, "minLength": 1, "name": "resourceGroupName", "pattern": "^[-\\w\\._\\(\\)]+$", "required": true, "type": "string", "x-ms-parameter-location": "method" }, { "$ref": "#/parameters/SolutionName" }, { "$ref": "#/parameters/UpdateIotSecuritySolution" } ], "responses": { "200": { "description": "Updated", "schema": { "$ref": "#/definitions/IoTSecuritySolutionModel" } }, "default": { "description": "Error response describing why the operation failed.", "schema": { "description": "Error response structure.", "properties": { "error": { "description": "Error details.", "properties": { "code": { "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically.", "readOnly": true, "type": "string" }, "message": { "description": "A message describing the error, intended to be suitable for display in a user interface.", "readOnly": true, "type": "string" } }, "type": "object", "x-ms-external": true } }, "type": "object", "x-ms-external": true } } }, "tags": [ "IoT Security Solutions" ], "x-ms-examples": { "Update an iot security solution": { "parameters": { "api-version": "2017-08-01-preview", "resourceGroupName": "myRg", "solutionName": "default", "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", "updateIotSecuritySolutionData": { "properties": { "recommendationsConfiguration": [ { "recommendationType": "IoT_OpenPorts", "status": "Disabled" }, { "recommendationType": "IoT_SharedCredentials", "status": "Disabled" } ], "userDefinedResources": { "query": "where type != \"microsoft.devices/iothubs\" | where name contains \"v2\"", "querySubscriptions": [ "075423e9-7d33-4166-8bdf-3920b04e3735" ] } }, "tags": { "foo": "bar" } } }, "responses": { "200": { "body": { "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/Locations/eastus/IoTSecuritySolutions/default", "location": "East Us", "name": "default", "properties": { "autoDiscoveredResources": [ "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735", "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" ], "disabledDataSources": [], "displayName": "Solution Default", "export": [ "RawEvents" ], "iotHubs": [ "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" ], "recommendationsConfiguration": [ { "name": "Service Principal Not Used with ACR", "recommendationType": "IoT_ACRAuthentication", "status": "Enabled" }, { "name": "Agent sending underutilized messages", "recommendationType": "IoT_AgentSendsUnutilizedMessages", "status": "TurnedOn" }, { "name": "Operating system (OS) baseline validation failure", "recommendationType": "IoT_Baseline", "status": "Enabled" }, { "name": "Edge Hub memory can be optimized", "recommendationType": "IoT_EdgeHubMemOptimize", "status": "Enabled" }, { "name": "No Logging Configured for Edge Module", "recommendationType": "IoT_EdgeLoggingOptions", "status": "Enabled" }, { "name": "Module Settings Inconsistent in SecurityGroup", "recommendationType": "IoT_InconsistentModuleSettings", "status": "Enabled" }, { "name": "Install the Azure Security of Things Agent", "recommendationType": "IoT_InstallAgent", "status": "Enabled" }, { "name": "Default IP Filter Policy should be Deny", "recommendationType": "IoT_IPFilter_DenyAll", "status": "Enabled" }, { "name": "IP Filter rule includes large IP range", "recommendationType": "IoT_IPFilter_PermissiveRule", "status": "Enabled" }, { "name": "Open Ports On Device", "recommendationType": "IoT_OpenPorts", "status": "Disabled" }, { "name": "Permissive firewall policy in one of the chains was found", "recommendationType": "IoT_PermissiveFirewallPolicy", "status": "Enabled" }, { "name": "Permissive firewall rule in the input chain was found", "recommendationType": "IoT_PermissiveInputFirewallRules", "status": "Enabled" }, { "name": "Permissive firewall rule in the output chain was found", "recommendationType": "IoT_PermissiveOutputFirewallRules", "status": "Enabled" }, { "name": "High level permissions configured in Edge model twin for Edge module", "recommendationType": "IoT_PrivilegedDockerOptions", "status": "Enabled" }, { "name": "Same Authentication Credentials used by multiple devices", "recommendationType": "IoT_SharedCredentials", "status": "Disabled" }, { "name": "TLS cipher suite upgrade", "recommendationType": "IoT_VulnerableTLSCipherSuite", "status": "Enabled" } ], "status": "Enabled", "userDefinedResources": { "query": "where type != \"microsoft.devices/iothubs\" | where name contains \"v2\"", "querySubscriptions": [ "075423e9-7d33-4166-8bdf-3920b04e3735" ] }, "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1" }, "tags": { "foo": "bar" }, "type": "Microsoft.Security/IoTSecuritySolutions" } } } } } }, "put": { "description": "Create new solution manager", "operationId": "IotSecuritySolution_Create", "parameters": [ { "description": "API version for the operation", "in": "query", "name": "api-version", "required": true, "type": "string" }, { "description": "Azure subscription ID", "in": "path", "name": "subscriptionId", "pattern": "^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$", "required": true, "type": "string" }, { "description": "The name of the resource group within the user's subscription. The name is case insensitive.", "in": "path", "maxLength": 90, "minLength": 1, "name": "resourceGroupName", "pattern": "^[-\\w\\._\\(\\)]+$", "required": true, "type": "string", "x-ms-parameter-location": "method" }, { "$ref": "#/parameters/SolutionName" }, { "$ref": "#/parameters/IotSecuritySolutionData" } ], "responses": { "200": { "description": "Updated", "schema": { "$ref": "#/definitions/IoTSecuritySolutionModel" } }, "201": { "description": "Created", "schema": { "$ref": "#/definitions/IoTSecuritySolutionModel" } }, "default": { "description": "Error response describing why the operation failed.", "schema": { "description": "Error response structure.", "properties": { "error": { "description": "Error details.", "properties": { "code": { "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically.", "readOnly": true, "type": "string" }, "message": { "description": "A message describing the error, intended to be suitable for display in a user interface.", "readOnly": true, "type": "string" } }, "type": "object", "x-ms-external": true } }, "type": "object", "x-ms-external": true } } }, "tags": [ "IoT Security Solutions" ], "x-ms-examples": { "Create an iot security solution": { "parameters": { "api-version": "2017-08-01-preview", "iotSecuritySolutionData": { "location": "East Us", "properties": { "disabledDataSources": [], "displayName": "Solution Default", "export": [], "iotHubs": [ "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" ], "recommendationsConfiguration": [ { "recommendationType": "IoT_OpenPorts", "status": "Disabled" }, { "recommendationType": "IoT_SharedCredentials", "status": "Disabled" } ], "status": "Enabled", "userDefinedResources": { "query": "where type != \"microsoft.devices/iothubs\" | where name contains \"iot\"", "querySubscriptions": [ "075423e9-7d33-4166-8bdf-3920b04e3735" ] }, "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1" }, "tags": {} }, "resourceGroupName": "MyGroup", "solutionName": "default", "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" }, "responses": { "200": { "body": { "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/Locations/eastus/IoTSecuritySolutions/default", "location": "East Us", "name": "default", "properties": { "autoDiscoveredResources": [ "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735", "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" ], "disabledDataSources": [], "displayName": "Solution Default", "export": [], "iotHubs": [ "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" ], "recommendationsConfiguration": [ { "name": "Service Principal Not Used with ACR", "recommendationType": "IoT_ACRAuthentication", "status": "Enabled" }, { "name": "Agent sending underutilized messages", "recommendationType": "IoT_AgentSendsUnutilizedMessages", "status": "TurnedOn" }, { "name": "Operating system (OS) baseline validation failure", "recommendationType": "IoT_Baseline", "status": "Enabled" }, { "name": "Edge Hub memory can be optimized", "recommendationType": "IoT_EdgeHubMemOptimize", "status": "Enabled" }, { "name": "No Logging Configured for Edge Module", "recommendationType": "IoT_EdgeLoggingOptions", "status": "Enabled" }, { "name": "Module Settings Inconsistent in SecurityGroup", "recommendationType": "IoT_InconsistentModuleSettings", "status": "Enabled" }, { "name": "Install the Azure Security of Things Agent", "recommendationType": "IoT_InstallAgent", "status": "Enabled" }, { "name": "Default IP Filter Policy should be Deny", "recommendationType": "IoT_IPFilter_DenyAll", "status": "Enabled" }, { "name": "IP Filter rule includes large IP range", "recommendationType": "IoT_IPFilter_PermissiveRule", "status": "Enabled" }, { "name": "Open Ports On Device", "recommendationType": "IoT_OpenPorts", "status": "Disabled" }, { "name": "Permissive firewall policy in one of the chains was found", "recommendationType": "IoT_PermissiveFirewallPolicy", "status": "Enabled" }, { "name": "Permissive firewall rule in the input chain was found", "recommendationType": "IoT_PermissiveInputFirewallRules", "status": "Enabled" }, { "name": "Permissive firewall rule in the output chain was found", "recommendationType": "IoT_PermissiveOutputFirewallRules", "status": "Enabled" }, { "name": "High level permissions configured in Edge model twin for Edge module", "recommendationType": "IoT_PrivilegedDockerOptions", "status": "Enabled" }, { "name": "Same Authentication Credentials used by multiple devices", "recommendationType": "IoT_SharedCredentials", "status": "Disabled" }, { "name": "TLS cipher suite upgrade", "recommendationType": "IoT_VulnerableTLSCipherSuite", "status": "Enabled" } ], "status": "Enabled", "userDefinedResources": { "query": "where type != \"microsoft.devices/iothubs\" | where name contains \"iot\"", "querySubscriptions": [ "075423e9-7d33-4166-8bdf-3920b04e3735" ] }, "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1" }, "tags": {}, "type": "Microsoft.Security/IoTSecuritySolutions" } }, "201": { "body": { "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/Locations/eastus/IoTSecuritySolutions/default", "location": "East Us", "name": "default", "properties": { "autoDiscoveredResources": [ "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735", "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" ], "disabledDataSources": [], "displayName": "Solution Default", "export": [], "iotHubs": [ "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" ], "recommendationsConfiguration": [ { "name": "Service Principal Not Used with ACR", "recommendationType": "IoT_ACRAuthentication", "status": "Enabled" }, { "name": "Agent sending underutilized messages", "recommendationType": "IoT_AgentSendsUnutilizedMessages", "status": "TurnedOn" }, { "name": "Operating system (OS) baseline validation failure", "recommendationType": "IoT_Baseline", "status": "Enabled" }, { "name": "Edge Hub memory can be optimized", "recommendationType": "IoT_EdgeHubMemOptimize", "status": "Enabled" }, { "name": "No Logging Configured for Edge Module", "recommendationType": "IoT_EdgeLoggingOptions", "status": "Enabled" }, { "name": "Module Settings Inconsistent in SecurityGroup", "recommendationType": "IoT_InconsistentModuleSettings", "status": "Enabled" }, { "name": "Install the Azure Security of Things Agent", "recommendationType": "IoT_InstallAgent", "status": "Enabled" }, { "name": "Default IP Filter Policy should be Deny", "recommendationType": "IoT_IPFilter_DenyAll", "status": "Enabled" }, { "name": "IP Filter rule includes large IP range", "recommendationType": "IoT_IPFilter_PermissiveRule", "status": "Enabled" }, { "name": "Open Ports On Device", "recommendationType": "IoT_OpenPorts", "status": "Disabled" }, { "name": "Permissive firewall policy in one of the chains was found", "recommendationType": "IoT_PermissiveFirewallPolicy", "status": "Enabled" }, { "name": "Permissive firewall rule in the input chain was found", "recommendationType": "IoT_PermissiveInputFirewallRules", "status": "Enabled" }, { "name": "Permissive firewall rule in the output chain was found", "recommendationType": "IoT_PermissiveOutputFirewallRules", "status": "Enabled" }, { "name": "High level permissions configured in Edge model twin for Edge module", "recommendationType": "IoT_PrivilegedDockerOptions", "status": "Enabled" }, { "name": "Same Authentication Credentials used by multiple devices", "recommendationType": "IoT_SharedCredentials", "status": "Disabled" }, { "name": "TLS cipher suite upgrade", "recommendationType": "IoT_VulnerableTLSCipherSuite", "status": "Enabled" } ], "status": "Enabled", "userDefinedResources": { "query": "where type != \"microsoft.devices/iothubs\" | where name contains \"iot\"", "querySubscriptions": [ "075423e9-7d33-4166-8bdf-3920b04e3735" ] }, "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1" }, "tags": {}, "type": "Microsoft.Security/IoTSecuritySolutions" } } } } } } } }, "definitions": { "IoTSecuritySolutionModel": { "allOf": [ { "description": "Describes an Azure resource.", "properties": { "id": { "description": "Resource Id", "readOnly": true, "type": "string" }, "name": { "description": "Resource name", "readOnly": true, "type": "string" }, "type": { "description": "Resource type", "readOnly": true, "type": "string" } }, "type": "object", "x-ms-azure-resource": true }, { "$ref": "#/definitions/TagsResource" } ], "description": "Security Solution", "properties": { "location": { "description": "The resource location.", "type": "string" }, "properties": { "$ref": "#/definitions/IoTSecuritySolutionProperties", "description": "Security Solution data", "x-ms-client-flatten": true } }, "type": "object" }, "IoTSecuritySolutionProperties": { "description": "Security Solution setting data", "properties": { "autoDiscoveredResources": { "description": "List of resources that were automatically discovered as relevant to the security solution.", "items": { "type": "string" }, "readOnly": true, "type": "array" }, "disabledDataSources": { "description": "Disabled data sources. Disabling these data sources compromises the system.", "items": { "enum": [ "TwinData" ], "type": "string", "x-ms-enum": { "modelAsString": true, "name": "DataSource", "values": [ { "description": "Devices twin data", "value": "TwinData" } ] } }, "type": "array" }, "displayName": { "description": "Resource display name.", "type": "string" }, "export": { "description": "List of additional export to workspace data options", "items": { "enum": [ "RawEvents" ], "type": "string", "x-ms-enum": { "modelAsString": true, "name": "ExportData", "values": [ { "description": "Agent raw events", "value": "RawEvents" } ] } }, "type": "array" }, "iotHubs": { "description": "IoT Hub resource IDs", "items": { "type": "string" }, "type": "array" }, "recommendationsConfiguration": { "$ref": "#/definitions/RecommendationConfigurationList" }, "status": { "default": "Enabled", "description": "Security solution status", "enum": [ "Enabled", "Disabled" ], "type": "string", "x-ms-enum": { "modelAsString": true, "name": "SecuritySolutionStatus" } }, "userDefinedResources": { "$ref": "#/definitions/UserDefinedResourcesProperties" }, "workspace": { "description": "Workspace resource ID", "type": "string" } }, "required": [ "iotHubs", "workspace", "displayName" ], "type": "object" }, "IoTSecuritySolutionsList": { "description": "List of iot solutions", "properties": { "nextLink": { "description": "The URI to fetch the next page.", "readOnly": true, "type": "string" }, "value": { "description": "List of security solutions", "items": { "$ref": "#/definitions/IoTSecuritySolutionModel" }, "type": "array" } }, "required": [ "value" ] }, "RecommendationConfigurationList": { "description": "List of recommendation configuration", "items": { "$ref": "#/definitions/RecommendationConfigurationProperties" }, "type": "array" }, "RecommendationConfigurationProperties": { "description": "Recommendation configuration", "properties": { "name": { "readOnly": true, "type": "string" }, "recommendationType": { "description": "The recommendation type.", "enum": [ "IoT_ACRAuthentication", "IoT_AgentSendsUnutilizedMessages", "IoT_Baseline", "IoT_EdgeHubMemOptimize", "IoT_EdgeLoggingOptions", "IoT_InconsistentModuleSettings", "IoT_InstallAgent", "IoT_IPFilter_DenyAll", "IoT_IPFilter_PermissiveRule", "IoT_OpenPorts", "IoT_PermissiveFirewallPolicy", "IoT_PermissiveInputFirewallRules", "IoT_PermissiveOutputFirewallRules", "IoT_PrivilegedDockerOptions", "IoT_SharedCredentials", "IoT_VulnerableTLSCipherSuite" ], "type": "string", "x-ms-enum": { "modelAsString": true, "name": "RecommendationType", "values": [ { "description": "Authentication schema used for pull an edge module from an ACR repository does not use Service Principal Authentication.", "value": "IoT_ACRAuthentication" }, { "description": "IoT agent message size capacity is currently underutilized, causing an increase in the number of sent messages. Adjust message intervals for better utilization.", "value": "IoT_AgentSendsUnutilizedMessages" }, { "description": "Identified security related system configuration issues.", "value": "IoT_Baseline" }, { "description": "You can optimize Edge Hub memory usage by turning off protocol heads for any protocols not used by Edge modules in your solution.", "value": "IoT_EdgeHubMemOptimize" }, { "description": "Logging is disabled for this edge module.", "value": "IoT_EdgeLoggingOptions" }, { "description": "A minority within a device security group has inconsistent Edge Module settings with the rest of their group.", "value": "IoT_InconsistentModuleSettings" }, { "description": "Install the Azure Security of Things Agent.", "value": "IoT_InstallAgent" }, { "description": "IP Filter Configuration should have rules defined for allowed traffic and should deny all other traffic by default.", "value": "IoT_IPFilter_DenyAll" }, { "description": "An Allow IP Filter rules source IP range is too large. Overly permissive rules might expose your IoT hub to malicious intenders.", "value": "IoT_IPFilter_PermissiveRule" }, { "description": "A listening endpoint was found on the device.", "value": "IoT_OpenPorts" }, { "description": "An Allowed firewall policy was found (INPUT/OUTPUT). The policy should Deny all traffic by default and define rules to allow necessary communication to/from the device.", "value": "IoT_PermissiveFirewallPolicy" }, { "description": "A rule in the firewall has been found that contains a permissive pattern for a wide range of IP addresses or Ports.", "value": "IoT_PermissiveInputFirewallRules" }, { "description": "A rule in the firewall has been found that contains a permissive pattern for a wide range of IP addresses or Ports.", "value": "IoT_PermissiveOutputFirewallRules" }, { "description": "Edge module is configured to run in privileged mode, with extensive Linux capabilities or with host-level network access (send/receive data to host machine).", "value": "IoT_PrivilegedDockerOptions" }, { "description": "Same authentication credentials to the IoT Hub used by multiple devices. This could indicate an illegitimate device impersonating a legitimate device. It also exposes the risk of device impersonation by an attacker.", "value": "IoT_SharedCredentials" }, { "description": "Insecure TLS configurations detected. Immediate upgrade recommended.", "value": "IoT_VulnerableTLSCipherSuite" } ] } }, "status": { "default": "Enabled", "description": "Recommendation status. The recommendation is not generated when the status is disabled", "enum": [ "Disabled", "Enabled" ], "type": "string", "x-ms-enum": { "modelAsString": true, "name": "RecommendationConfigStatus" } } }, "required": [ "recommendationType", "status" ], "type": "object" }, "TagsResource": { "description": "A container holding only the Tags for a resource, allowing the user to update the tags.", "properties": { "tags": { "additionalProperties": { "type": "string" }, "description": "Resource tags", "type": "object" } } }, "UpdateIotSecuritySolutionData": { "allOf": [ { "$ref": "#/definitions/TagsResource" } ], "properties": { "recommendationsConfiguration": { "$ref": "#/definitions/RecommendationConfigurationList" }, "userDefinedResources": { "$ref": "#/definitions/UserDefinedResourcesProperties" } }, "type": "object" }, "UserDefinedResourcesProperties": { "description": "Properties of the solution's user defined resources.", "properties": { "query": { "description": "Azure Resource Graph query which represents the security solution's user defined resources. Required to start with \"where type != \"Microsoft.Devices/IotHubs\"\"", "type": "string", "x-nullable": true }, "querySubscriptions": { "description": "List of Azure subscription ids on which the user defined resources query should be executed.", "items": { "pattern": "^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$", "type": "string" }, "type": "array", "x-nullable": true } }, "required": [ "query", "querySubscriptions" ], "type": "object" } } }