Security Center
API spec for Microsoft
COMMUNITYBEARER0 INSTALLS
OpenAPI Specificationv3.0
{
"swagger": "2.0",
"schemes": [
"https"
],
"host": "management.azure.com",
"info": {
"description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
"title": "Security Center",
"version": "2015-06-01-preview",
"x-apisguru-categories": [
"cloud"
],
"x-logo": {
"url": "https://api.apis.guru/v2/cache/logo/https_assets.onestore.ms_cdnfiles_onestorerolling-1606-01000_shell_v3_images_logo_microsoft.png"
},
"x-origin": [
{
"format": "swagger",
"url": "https://raw.githubusercontent.com/Azure/azure-rest-api-specs/master/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/adaptiveNetworkHardenings.json",
"version": "2.0"
}
],
"x-providerName": "azure.com",
"x-serviceName": "security-adaptiveNetworkHardenings",
"x-tags": [
"Azure",
"Microsoft"
]
},
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"securityDefinitions": {
"azure_auth": {
"authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
"description": "Azure Active Directory OAuth2 Flow",
"flow": "implicit",
"scopes": {
"user_impersonation": "impersonate your user account"
},
"type": "oauth2"
}
},
"security": [
{
"azure_auth": [
"user_impersonation"
]
}
],
"parameters": {
"AdaptiveNetworkHardeningEnforceAction": {
"description": "Enforces the given rules on the NSG(s) listed in the request",
"enum": [
"enforce"
],
"in": "path",
"name": "adaptiveNetworkHardeningEnforceAction",
"required": true,
"type": "string",
"x-ms-parameter-location": "method"
},
"AdaptiveNetworkHardeningEnforceRequest": {
"in": "body",
"name": "body",
"required": true,
"schema": {
"$ref": "#/definitions/AdaptiveNetworkHardeningEnforceRequest"
},
"x-ms-parameter-location": "method"
},
"AdaptiveNetworkHardeningResourceName": {
"description": "The name of the Adaptive Network Hardening resource.",
"in": "path",
"name": "adaptiveNetworkHardeningResourceName",
"required": true,
"type": "string",
"x-ms-parameter-location": "method"
}
},
"paths": {
"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceNamespace}/{resourceType}/{resourceName}/providers/Microsoft.Security/adaptiveNetworkHardenings": {
"get": {
"description": "Gets a list of Adaptive Network Hardenings resources in scope of an extended resource.",
"operationId": "AdaptiveNetworkHardenings_ListByExtendedResource",
"parameters": [
{
"description": "Azure subscription ID",
"in": "path",
"name": "subscriptionId",
"pattern": "^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$",
"required": true,
"type": "string"
},
{
"description": "The name of the resource group within the user's subscription. The name is case insensitive.",
"in": "path",
"maxLength": 90,
"minLength": 1,
"name": "resourceGroupName",
"pattern": "^[-\\w\\._\\(\\)]+$",
"required": true,
"type": "string",
"x-ms-parameter-location": "method"
},
{
"description": "The Namespace of the resource.",
"in": "path",
"name": "resourceNamespace",
"required": true,
"type": "string"
},
{
"description": "The type of the resource.",
"in": "path",
"name": "resourceType",
"required": true,
"type": "string"
},
{
"description": "Name of the resource.",
"in": "path",
"name": "resourceName",
"required": true,
"type": "string"
},
{
"description": "API version for the operation",
"in": "query",
"name": "api-version",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/AdaptiveNetworkHardeningsList"
}
},
"default": {
"description": "Error response describing why the operation failed.",
"schema": {
"description": "Error response structure.",
"properties": {
"error": {
"description": "Error details.",
"properties": {
"code": {
"description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically.",
"readOnly": true,
"type": "string"
},
"message": {
"description": "A message describing the error, intended to be suitable for display in a user interface.",
"readOnly": true,
"type": "string"
}
},
"type": "object",
"x-ms-external": true
}
},
"type": "object",
"x-ms-external": true
}
}
},
"tags": [
"AdaptiveNetworkHardenings"
],
"x-ms-examples": {
"List Adaptive Network Hardenings resources of an extended resource": {
"parameters": {
"api-version": "2015-06-01-preview",
"resourceGroupName": "rg1",
"resourceName": "vm1",
"resourceNamespace": "Microsoft.Compute",
"resourceType": "virtualMachines",
"subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23"
},
"responses": {
"200": {
"body": {
"value": [
{
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.Security/adaptiveNetworkHardenings/default",
"name": "default",
"properties": {
"effectiveNetworkSecurityGroups": [
{
"networkInterface": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Network/networkInterfaces/nic1",
"networkSecurityGroups": [
"/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nicNsg",
"/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/subnetNsg"
]
},
{
"networkInterface": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Network/networkInterfaces/nic2",
"networkSecurityGroups": [
"/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nicNsg2"
]
}
],
"rules": [
{
"destinationPort": 3389,
"direction": "Inbound",
"ipAddresses": [
"100.10.1.1",
"200.20.2.2",
"81.199.3.0/24"
],
"name": "rule1",
"protocols": [
"TCP"
]
},
{
"destinationPort": 22,
"direction": "Inbound",
"ipAddresses": [],
"name": "rule2",
"protocols": [
"TCP"
]
}
],
"rulesCalculationTime": "2018-08-15T00:00:00.0000000Z"
},
"type": "Microsoft.Security/adaptiveNetworkHardenings"
}
]
}
}
}
}
},
"x-ms-pageable": {
"nextLinkName": "nextLink"
}
}
},
"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceNamespace}/{resourceType}/{resourceName}/providers/Microsoft.Security/adaptiveNetworkHardenings/{adaptiveNetworkHardeningResourceName}": {
"get": {
"description": "Gets a single Adaptive Network Hardening resource",
"operationId": "AdaptiveNetworkHardenings_Get",
"parameters": [
{
"description": "Azure subscription ID",
"in": "path",
"name": "subscriptionId",
"pattern": "^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$",
"required": true,
"type": "string"
},
{
"description": "The name of the resource group within the user's subscription. The name is case insensitive.",
"in": "path",
"maxLength": 90,
"minLength": 1,
"name": "resourceGroupName",
"pattern": "^[-\\w\\._\\(\\)]+$",
"required": true,
"type": "string",
"x-ms-parameter-location": "method"
},
{
"description": "The Namespace of the resource.",
"in": "path",
"name": "resourceNamespace",
"required": true,
"type": "string"
},
{
"description": "The type of the resource.",
"in": "path",
"name": "resourceType",
"required": true,
"type": "string"
},
{
"description": "Name of the resource.",
"in": "path",
"name": "resourceName",
"required": true,
"type": "string"
},
{
"$ref": "#/parameters/AdaptiveNetworkHardeningResourceName"
},
{
"description": "API version for the operation",
"in": "query",
"name": "api-version",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/AdaptiveNetworkHardening"
}
},
"default": {
"description": "Error response describing why the operation failed.",
"schema": {
"description": "Error response structure.",
"properties": {
"error": {
"description": "Error details.",
"properties": {
"code": {
"description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically.",
"readOnly": true,
"type": "string"
},
"message": {
"description": "A message describing the error, intended to be suitable for display in a user interface.",
"readOnly": true,
"type": "string"
}
},
"type": "object",
"x-ms-external": true
}
},
"type": "object",
"x-ms-external": true
}
}
},
"tags": [
"AdaptiveNetworkHardenings"
],
"x-ms-examples": {
"Get a single Adaptive Network Hardening resource": {
"parameters": {
"adaptiveNetworkHardeningResourceName": "default",
"api-version": "2015-06-01-preview",
"resourceGroupName": "rg1",
"resourceName": "vm1",
"resourceNamespace": "Microsoft.Compute",
"resourceType": "virtualMachines",
"subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23"
},
"responses": {
"200": {
"body": {
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.Security/adaptiveNetworkHardenings/default",
"name": "default",
"properties": {
"effectiveNetworkSecurityGroups": [
{
"networkInterface": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Network/networkInterfaces/nic1",
"networkSecurityGroups": [
"/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nicNsg",
"/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/subnetNsg"
]
},
{
"networkInterface": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg2/providers/Microsoft.Network/networkInterfaces/nic2",
"networkSecurityGroups": [
"/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg2/providers/Microsoft.Network/networkSecurityGroups/nicNsg"
]
}
],
"rules": [
{
"destinationPort": 3389,
"direction": "Inbound",
"ipAddresses": [
"100.10.1.1",
"200.20.2.2",
"81.199.3.0/24"
],
"name": "rule1",
"protocols": [
"TCP"
]
},
{
"destinationPort": 22,
"direction": "Inbound",
"ipAddresses": [],
"name": "rule2",
"protocols": [
"TCP"
]
}
],
"rulesCalculationTime": "2018-08-15T00:00:00.0000000Z"
},
"type": "Microsoft.Security/adaptiveNetworkHardenings"
}
}
}
}
}
}
},
"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceNamespace}/{resourceType}/{resourceName}/providers/Microsoft.Security/adaptiveNetworkHardenings/{adaptiveNetworkHardeningResourceName}/{adaptiveNetworkHardeningEnforceAction}": {
"post": {
"description": "Enforces the given rules on the NSG(s) listed in the request",
"operationId": "AdaptiveNetworkHardenings_Enforce",
"parameters": [
{
"description": "Azure subscription ID",
"in": "path",
"name": "subscriptionId",
"pattern": "^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$",
"required": true,
"type": "string"
},
{
"description": "The name of the resource group within the user's subscription. The name is case insensitive.",
"in": "path",
"maxLength": 90,
"minLength": 1,
"name": "resourceGroupName",
"pattern": "^[-\\w\\._\\(\\)]+$",
"required": true,
"type": "string",
"x-ms-parameter-location": "method"
},
{
"description": "The Namespace of the resource.",
"in": "path",
"name": "resourceNamespace",
"required": true,
"type": "string"
},
{
"description": "The type of the resource.",
"in": "path",
"name": "resourceType",
"required": true,
"type": "string"
},
{
"description": "Name of the resource.",
"in": "path",
"name": "resourceName",
"required": true,
"type": "string"
},
{
"$ref": "#/parameters/AdaptiveNetworkHardeningResourceName"
},
{
"$ref": "#/parameters/AdaptiveNetworkHardeningEnforceAction"
},
{
"description": "API version for the operation",
"in": "query",
"name": "api-version",
"required": true,
"type": "string"
},
{
"$ref": "#/parameters/AdaptiveNetworkHardeningEnforceRequest"
}
],
"responses": {
"200": {
"description": "OK."
},
"202": {
"description": "Accepted"
},
"default": {
"description": "Error response describing why the operation failed.",
"schema": {
"description": "Error response structure.",
"properties": {
"error": {
"description": "Error details.",
"properties": {
"code": {
"description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically.",
"readOnly": true,
"type": "string"
},
"message": {
"description": "A message describing the error, intended to be suitable for display in a user interface.",
"readOnly": true,
"type": "string"
}
},
"type": "object",
"x-ms-external": true
}
},
"type": "object",
"x-ms-external": true
}
}
},
"tags": [
"AdaptiveNetworkHardenings"
],
"x-ms-examples": {
"Enforces the given rules on the NSG(s) listed in the request": {
"parameters": {
"adaptiveNetworkHardeningEnforceAction": "enforce",
"adaptiveNetworkHardeningResourceName": "default",
"api-version": "2015-06-01-preview",
"body": {
"networkSecurityGroups": [
"/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nsg1",
"/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg2/providers/Microsoft.Network/networkSecurityGroups/nsg2"
],
"rules": [
{
"destinationPort": 3389,
"direction": "Inbound",
"ipAddresses": [
"100.10.1.1",
"200.20.2.2",
"81.199.3.0/24"
],
"name": "rule1",
"protocols": [
"TCP"
]
},
{
"destinationPort": 22,
"direction": "Inbound",
"ipAddresses": [],
"name": "rule2",
"protocols": [
"TCP"
]
}
]
},
"resourceGroupName": "rg1",
"resourceName": "vm1",
"resourceNamespace": "Microsoft.Compute",
"resourceType": "virtualMachines",
"subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23"
},
"responses": {
"200": {
"description": "OK."
},
"202": {
"description": "HTTP 202 (Accepted) if the operation was successfully started and will complete asynchronously."
}
}
}
},
"x-ms-long-running-operation": true
}
}
},
"definitions": {
"AdaptiveNetworkHardening": {
"allOf": [
{
"description": "Describes an Azure resource.",
"properties": {
"id": {
"description": "Resource Id",
"readOnly": true,
"type": "string"
},
"name": {
"description": "Resource name",
"readOnly": true,
"type": "string"
},
"type": {
"description": "Resource type",
"readOnly": true,
"type": "string"
}
},
"type": "object",
"x-ms-azure-resource": true
}
],
"description": "The resource whose properties describes the Adaptive Network Hardening settings for some Azure resource",
"properties": {
"properties": {
"$ref": "#/definitions/AdaptiveNetworkHardeningProperties",
"description": "Properties of the Adaptive Network Hardening resource",
"x-ms-client-flatten": true
}
}
},
"AdaptiveNetworkHardeningEnforceRequest": {
"properties": {
"networkSecurityGroups": {
"description": "The Azure resource IDs of the effective network security groups that will be updated with the created security rules from the Adaptive Network Hardening rules",
"items": {
"type": "string"
},
"type": "array"
},
"rules": {
"description": "The rules to enforce",
"items": {
"$ref": "#/definitions/Rule"
},
"type": "array"
}
},
"required": [
"rules",
"networkSecurityGroups"
],
"type": "object"
},
"AdaptiveNetworkHardeningProperties": {
"description": "Adaptive Network Hardening resource properties",
"properties": {
"effectiveNetworkSecurityGroups": {
"description": "The Network Security Groups effective on the network interfaces of the protected resource",
"items": {
"$ref": "#/definitions/EffectiveNetworkSecurityGroups"
},
"type": "array"
},
"rules": {
"description": "The security rules which are recommended to be effective on the VM",
"items": {
"$ref": "#/definitions/Rule"
},
"type": "array"
},
"rulesCalculationTime": {
"description": "The UTC time on which the rules were calculated",
"format": "date-time",
"type": "string"
}
}
},
"AdaptiveNetworkHardeningsList": {
"description": "Response for ListAdaptiveNetworkHardenings API service call",
"properties": {
"nextLink": {
"description": "The URL to get the next set of results",
"type": "string"
},
"value": {
"description": "A list of Adaptive Network Hardenings resources",
"items": {
"$ref": "#/definitions/AdaptiveNetworkHardening"
},
"type": "array"
}
}
},
"EffectiveNetworkSecurityGroups": {
"description": "Describes the Network Security Groups effective on a network interface",
"properties": {
"networkInterface": {
"description": "The Azure resource ID of the network interface",
"type": "string"
},
"networkSecurityGroups": {
"description": "The Network Security Groups effective on the network interface",
"items": {
"type": "string"
},
"type": "array"
}
}
},
"PortNumber": {
"maximum": 65535,
"minimum": 0,
"type": "integer"
},
"Rule": {
"description": "Describes remote addresses that is recommended to communicate with the Azure resource on some (Protocol, Port, Direction). All other remote addresses are recommended to be blocked",
"properties": {
"destinationPort": {
"$ref": "#/definitions/PortNumber",
"description": "The rule's destination port"
},
"direction": {
"description": "The rule's direction",
"enum": [
"Inbound",
"Outbound"
],
"type": "string",
"x-ms-enum": {
"modelAsString": true,
"name": "direction"
}
},
"ipAddresses": {
"description": "The remote IP addresses that should be able to communicate with the Azure resource on the rule's destination port and protocol",
"items": {
"type": "string"
},
"type": "array"
},
"name": {
"description": "The name of the rule",
"type": "string"
},
"protocols": {
"description": "The rule's transport protocols",
"items": {
"enum": [
"TCP",
"UDP"
],
"type": "string",
"x-ms-enum": {
"modelAsString": true,
"name": "transportProtocol"
}
},
"type": "array"
}
}
}
}
}