openapi-directory/api/azure.com/security-deviceSecurityGroups.json

Building & bundling https://github.com/APIs-guru/openapi-directory for easy use from JS

{"openapi":"3.0.0","info":{"description":"API spec for Microsoft.Security (Azure Security Center) resource provider","title":"Security Center","version":"2019-08-01","x-apisguru-categories":["cloud"],"x-logo":{"url":"https://assets.onestore.ms/cdnfiles/onestorerolling-1606-01000/shell/v3/images/logo/microsoft.png"},"x-origin":[{"format":"swagger","url":"https://raw.githubusercontent.com/Azure/azure-rest-api-specs/master/specification/security/resource-manager/Microsoft.Security/stable/2019-08-01/deviceSecurityGroups.json","version":"2.0"}],"x-preferred":true,"x-providerName":"azure.com","x-serviceName":"security-deviceSecurityGroups","x-tags":["Azure","Microsoft"]},"security":[{"azure_auth":["user_impersonation"]}],"paths":{"/{resourceId}/providers/Microsoft.Security/deviceSecurityGroups":{"get":{"description":"Use this method get the list of device security groups for the specified IoT Hub resource.","operationId":"DeviceSecurityGroups_List","parameters":[{"description":"API version for the operation","in":"query","name":"api-version","required":true,"schema":{"type":"string"},"examples":{"List all device security groups for the specified IoT Hub resource":{"value":"2019-08-01"}}},{"description":"The identifier of the resource.","in":"path","name":"resourceId","required":true,"x-ms-parameter-location":"method","schema":{"type":"string"},"examples":{"List all device security groups for the specified IoT Hub resource":{"value":"subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub"}}}],"responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"$ref":"#/components/schemas/DeviceSecurityGroupList"},"examples":{"List all device security groups for the specified IoT Hub resource":{"$ref":"#/components/examples/List_all_device_security_groups_for_the_specified_IoT_Hub_resource"}}}}},"default":{"description":"Error response describing why the operation failed.","content":{"application/json":{"schema":{"description":"Error response structure.","properties":{"error":{"description":"Error details.","properties":{"code":{"description":"An identifier for the error. Codes are invariant and are intended to be consumed programmatically.","readOnly":true,"type":"string"},"message":{"description":"A message describing the error, intended to be suitable for display in a user interface.","readOnly":true,"type":"string"}},"type":"object","x-ms-external":true}},"type":"object","x-ms-external":true}}}}},"tags":["DeviceSecurityGroups"],"x-ms-pageable":{"nextLinkName":"nextLink"}}},"/{resourceId}/providers/Microsoft.Security/deviceSecurityGroups/{deviceSecurityGroupName}":{"delete":{"description":"User this method to deletes the device security group.","operationId":"DeviceSecurityGroups_Delete","parameters":[{"description":"API version for the operation","in":"query","name":"api-version","required":true,"schema":{"type":"string"},"examples":{"Delete a device security group for the specified IoT Hub resource":{"value":"2019-08-01"}}},{"description":"The identifier of the resource.","in":"path","name":"resourceId","required":true,"x-ms-parameter-location":"method","schema":{"type":"string"},"examples":{"Delete a device security group for the specified IoT Hub resource":{"value":"subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub"}}},{"$ref":"#/components/parameters/DeviceSecurityGroupName"}],"responses":{"200":{"description":"Device security group has been deleted."},"204":{"description":"Device security group does not exist."},"default":{"description":"Error response describing why the operation failed.","content":{"application/json":{"schema":{"description":"Error response structure.","properties":{"error":{"description":"Error details.","properties":{"code":{"description":"An identifier for the error. Codes are invariant and are intended to be consumed programmatically.","readOnly":true,"type":"string"},"message":{"description":"A message describing the error, intended to be suitable for display in a user interface.","readOnly":true,"type":"string"}},"type":"object","x-ms-external":true}},"type":"object","x-ms-external":true}}}}},"tags":["DeviceSecurityGroups"]},"get":{"description":"Use this method to get the device security group for the specified IoT Hub resource.","operationId":"DeviceSecurityGroups_Get","parameters":[{"description":"API version for the operation","in":"query","name":"api-version","required":true,"schema":{"type":"string"},"examples":{"Get a device security group for the specified IoT Hub resource":{"value":"2019-08-01"}}},{"description":"The identifier of the resource.","in":"path","name":"resourceId","required":true,"x-ms-parameter-location":"method","schema":{"type":"string"},"examples":{"Get a device security group for the specified IoT Hub resource":{"value":"subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub"}}},{"$ref":"#/components/parameters/DeviceSecurityGroupName"}],"responses":{"200":{"description":"Successful request to get device security group.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/DeviceSecurityGroup"},"examples":{"Get a device security group for the specified IoT Hub resource":{"$ref":"#/components/examples/Get_a_device_security_group_for_the_specified_IoT_Hub_resource"}}}}},"default":{"description":"Error response describing why the operation failed.","content":{"application/json":{"schema":{"description":"Error response structure.","properties":{"error":{"description":"Error details.","properties":{"code":{"description":"An identifier for the error. Codes are invariant and are intended to be consumed programmatically.","readOnly":true,"type":"string"},"message":{"description":"A message describing the error, intended to be suitable for display in a user interface.","readOnly":true,"type":"string"}},"type":"object","x-ms-external":true}},"type":"object","x-ms-external":true}}}}},"tags":["DeviceSecurityGroups"]},"put":{"description":"Use this method to creates or updates the device security group on a specified IoT Hub resource.","operationId":"DeviceSecurityGroups_CreateOrUpdate","parameters":[{"description":"API version for the operation","in":"query","name":"api-version","required":true,"schema":{"type":"string"},"examples":{"Create or update a device security group for the specified IoT hub resource":{"value":"2019-08-01"}}},{"description":"The identifier of the resource.","in":"path","name":"resourceId","required":true,"x-ms-parameter-location":"method","schema":{"type":"string"},"examples":{"Create or update a device security group for the specified IoT hub resource":{"value":"subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub"}}},{"$ref":"#/components/parameters/DeviceSecurityGroupName"}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/DeviceSecurityGroup"}}},"description":"Security group object.","required":true,"x-ms-parameter-location":"method"},"responses":{"200":{"description":"Security group was updated.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/DeviceSecurityGroup"},"examples":{"Create or update a device security group for the specified IoT hub resource":{"$ref":"#/components/examples/Create_or_update_a_device_security_group_for_the_specified_IoT_hub_resource"}}}}},"201":{"description":"Security group was created.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/DeviceSecurityGroup"},"examples":{"Create or update a device security group for the specified IoT hub resource":{"$ref":"#/components/examples/Create_or_update_a_device_security_group_for_the_specified_IoT_hub_resource"}}}}},"default":{"description":"Error response describing why the operation failed.","content":{"application/json":{"schema":{"description":"Error response structure.","properties":{"error":{"description":"Error details.","properties":{"code":{"description":"An identifier for the error. Codes are invariant and are intended to be consumed programmatically.","readOnly":true,"type":"string"},"message":{"description":"A message describing the error, intended to be suitable for display in a user interface.","readOnly":true,"type":"string"}},"type":"object","x-ms-external":true}},"type":"object","x-ms-external":true}}}}},"tags":["DeviceSecurityGroups"]}}},"servers":[{"url":"https://management.azure.com"}],"components":{"examples":{"List_all_device_security_groups_for_the_specified_IoT_Hub_resource":{"value":{"value":[{"id":"/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub/providers/Microsoft.Security/deviceSecurityGroups/samplesecuritygroup","name":"samplesecuritygroup","properties":{"allowlistRules":[{"allowlistValues":[],"description":"Get an alert when an outbound connection is created between your device and an ip that isn't allowed","displayName":"Outbound connection to an ip that isn't allowed","isEnabled":false,"ruleType":"ConnectionToIpNotAllowed","valueType":"IpCidr"},{"allowlistValues":[],"description":"Get an alert when a local user that isn't allowed logins to the device","displayName":"Login by a local user that isn't allowed","isEnabled":false,"ruleType":"LocalUserNotAllowed","valueType":"String"},{"allowlistValues":[],"description":"Get an alert when a process that isn't allowed is executed","displayName":"Execution of a process that isn't allowed","isEnabled":false,"ruleType":"ProcessNotAllowed","valueType":"String"}],"denylistRules":[],"thresholdRules":[],"timeWindowRules":[{"description":"Get an alert when the number of active connections of a device in the time window is not in the allowed range","displayName":"Number of active connections is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"ActiveConnectionsNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of cloud to device messages (AMQP protocol) in the time window is not in the allowed range","displayName":"Number of cloud to device messages (AMQP protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"AmqpC2DMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of cloud to device messages (MQTT protocol) in the time window is not in the allowed range","displayName":"Number of cloud to device messages (MQTT protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"MqttC2DMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of cloud to device messages (HTTP protocol) in the time window is not in the allowed range","displayName":"Number of cloud to device messages (HTTP protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"HttpC2DMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of cloud to device messages (AMQP protocol) that were rejected by the device in the time window is not in the allowed range","displayName":"Number of rejected cloud to device messages (AMQP protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"AmqpC2DRejectedMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of cloud to device messages (MQTT protocol) that were rejected by the device in the time window is not in the allowed range","displayName":"Number of rejected cloud to device messages (MQTT protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"MqttC2DRejectedMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of cloud to device messages (HTTP protocol) that were rejected by the device in the time window is not in the allowed range","displayName":"Number of rejected cloud to device messages (HTTP protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"HttpC2DRejectedMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of device to cloud messages (AMQP protocol) in the time window is not in the allowed range","displayName":"Number of device to cloud messages (AMQP protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"AmqpD2CMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of device to cloud messages (MQTT protocol) in the time window is not in the allowed range","displayName":"Number of device to cloud messages (MQTT protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"MqttD2CMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of device to cloud messages (HTTP protocol) in the time window is not in the allowed range","displayName":"Number of device to cloud messages (HTTP protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"HttpD2CMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of direct method invokes in the time window is not in the allowed range","displayName":"Number of direct method invokes is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"DirectMethodInvokesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of failed local logins on the device in the time window is not in the allowed range","displayName":"Number of failed local logins is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"FailedLocalLoginsNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of file uploads from the device to the cloud in the time window is not in the allowed range","displayName":"Number of file uploads is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"FileUploadsNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of device queue purges in the time window is not in the allowed range","displayName":"Number of device queue purges is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"QueuePurgesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of twin updates (by the device or the service) in the time window is not in the allowed range","displayName":"Number of twin updates is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"TwinUpdatesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number unauthorized operations in the time window is not in the allowed range. Unauthorized operations are operations that affect the device (or done by it) that fail because of an unauthorized error","displayName":"Number of unauthorized operations is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"UnauthorizedOperationsNotInAllowedRange","timeWindowSize":"PT15M"}]},"type":"Microsoft.Security/deviceSecurityGroups"}]}},"Get_a_device_security_group_for_the_specified_IoT_Hub_resource":{"value":{"id":"/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub/providers/Microsoft.Security/deviceSecurityGroups/samplesecuritygroup","name":"samplesecuritygroup","properties":{"allowlistRules":[{"allowlistValues":[],"description":"Get an alert when an outbound connection is created between your device and an ip that isn't allowed","displayName":"Outbound connection to an ip that isn't allowed","isEnabled":false,"ruleType":"ConnectionToIpNotAllowed","valueType":"IpCidr"},{"allowlistValues":[],"description":"Get an alert when a local user that isn't allowed logins to the device","displayName":"Login by a local user that isn't allowed","isEnabled":false,"ruleType":"LocalUserNotAllowed","valueType":"String"},{"allowlistValues":[],"description":"Get an alert when a process that isn't allowed is executed","displayName":"Execution of a process that isn't allowed","isEnabled":false,"ruleType":"ProcessNotAllowed","valueType":"String"}],"denylistRules":[],"thresholdRules":[],"timeWindowRules":[{"description":"Get an alert when the number of active connections of a device in the time window is not in the allowed range","displayName":"Number of active connections is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"ActiveConnectionsNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of cloud to device messages (AMQP protocol) in the time window is not in the allowed range","displayName":"Number of cloud to device messages (AMQP protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"AmqpC2DMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of cloud to device messages (MQTT protocol) in the time window is not in the allowed range","displayName":"Number of cloud to device messages (MQTT protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"MqttC2DMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of cloud to device messages (HTTP protocol) in the time window is not in the allowed range","displayName":"Number of cloud to device messages (HTTP protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"HttpC2DMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of cloud to device messages (AMQP protocol) that were rejected by the device in the time window is not in the allowed range","displayName":"Number of rejected cloud to device messages (AMQP protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"AmqpC2DRejectedMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of cloud to device messages (MQTT protocol) that were rejected by the device in the time window is not in the allowed range","displayName":"Number of rejected cloud to device messages (MQTT protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"MqttC2DRejectedMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of cloud to device messages (HTTP protocol) that were rejected by the device in the time window is not in the allowed range","displayName":"Number of rejected cloud to device messages (HTTP protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"HttpC2DRejectedMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of device to cloud messages (AMQP protocol) in the time window is not in the allowed range","displayName":"Number of device to cloud messages (AMQP protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"AmqpD2CMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of device to cloud messages (MQTT protocol) in the time window is not in the allowed range","displayName":"Number of device to cloud messages (MQTT protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"MqttD2CMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of device to cloud messages (HTTP protocol) in the time window is not in the allowed range","displayName":"Number of device to cloud messages (HTTP protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"HttpD2CMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of direct method invokes in the time window is not in the allowed range","displayName":"Number of direct method invokes is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"DirectMethodInvokesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of failed local logins on the device in the time window is not in the allowed range","displayName":"Number of failed local logins is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"FailedLocalLoginsNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of file uploads from the device to the cloud in the time window is not in the allowed range","displayName":"Number of file uploads is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"FileUploadsNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of device queue purges in the time window is not in the allowed range","displayName":"Number of device queue purges is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"QueuePurgesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of twin updates (by the device or the service) in the time window is not in the allowed range","displayName":"Number of twin updates is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"TwinUpdatesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number unauthorized operations in the time window is not in the allowed range. Unauthorized operations are operations that affect the device (or done by it) that fail because of an unauthorized error","displayName":"Number of unauthorized operations is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"UnauthorizedOperationsNotInAllowedRange","timeWindowSize":"PT15M"}]},"type":"Microsoft.Security/deviceSecurityGroups"}},"Create_or_update_a_device_security_group_for_the_specified_IoT_hub_resource":{"value":{"id":"/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub/providers/Microsoft.Security/deviceSecurityGroups/samplesecuritygroup","name":"samplesecuritygroup","properties":{"allowlistRules":[{"allowlistValues":[],"description":"Get an alert when an outbound connection is created between your device and an ip that isn't allowed","displayName":"Outbound connection to an ip that isn't allowed","isEnabled":false,"ruleType":"ConnectionToIpNotAllowed"},{"allowlistValues":[],"description":"Get an alert when a local user that isn't allowed logins to the device","displayName":"Login by a local user that isn't allowed","isEnabled":false,"ruleType":"LocalUserNotAllowed"},{"allowlistValues":[],"description":"Get an alert when a process that isn't allowed is executed","displayName":"Execution of a process that isn't allowed","isEnabled":false,"ruleType":"ProcessNotAllowed"}],"denylistRules":[],"thresholdRules":[],"timeWindowRules":[{"description":"Get an alert when the number of active connections of a device in the time window is not in the allowed range","displayName":"Number of active connections is not in allowed range","isEnabled":true,"maxThreshold":30,"minThreshold":0,"ruleType":"ActiveConnectionsNotInAllowedRange","timeWindowSize":"PT05M"},{"description":"Get an alert when the number of cloud to device messages (AMQP protocol) in the time window is not in the allowed range","displayName":"Number of cloud to device messages (AMQP protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"AmqpC2DMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of cloud to device messages (MQTT protocol) in the time window is not in the allowed range","displayName":"Number of cloud to device messages (MQTT protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"MqttC2DMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of cloud to device messages (HTTP protocol) in the time window is not in the allowed range","displayName":"Number of cloud to device messages (HTTP protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"HttpC2DMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of cloud to device messages (AMQP protocol) that were rejected by the device in the time window is not in the allowed range","displayName":"Number of rejected cloud to device messages (AMQP protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"AmqpC2DRejectedMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of cloud to device messages (MQTT protocol) that were rejected by the device in the time window is not in the allowed range","displayName":"Number of rejected cloud to device messages (MQTT protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"MqttC2DRejectedMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of cloud to device messages (HTTP protocol) that were rejected by the device in the time window is not in the allowed range","displayName":"Number of rejected cloud to device messages (HTTP protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"HttpC2DRejectedMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of device to cloud messages (AMQP protocol) in the time window is not in the allowed range","displayName":"Number of device to cloud messages (AMQP protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"AmqpD2CMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of device to cloud messages (MQTT protocol) in the time window is not in the allowed range","displayName":"Number of device to cloud messages (MQTT protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"MqttD2CMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of device to cloud messages (HTTP protocol) in the time window is not in the allowed range","displayName":"Number of device to cloud messages (HTTP protocol) is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"HttpD2CMessagesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of direct method invokes in the time window is not in the allowed range","displayName":"Number of direct method invokes is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"DirectMethodInvokesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of failed local logins on the device in the time window is not in the allowed range","displayName":"Number of failed local logins is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"FailedLocalLoginsNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of file uploads from the device to the cloud in the time window is not in the allowed range","displayName":"Number of file uploads is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"FileUploadsNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of device queue purges in the time window is not in the allowed range","displayName":"Number of device queue purges is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"QueuePurgesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number of twin updates (by the device or the service) in the time window is not in the allowed range","displayName":"Number of twin updates is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"TwinUpdatesNotInAllowedRange","timeWindowSize":"PT15M"},{"description":"Get an alert when the number unauthorized operations in the time window is not in the allowed range. Unauthorized operations are operations that affect the device (or done by it) that fail because of an unauthorized error","displayName":"Number of unauthorized operations is not in allowed range","isEnabled":false,"maxThreshold":0,"minThreshold":0,"ruleType":"UnauthorizedOperationsNotInAllowedRange","timeWindowSize":"PT15M"}]},"type":"Microsoft.Security/deviceSecurityGroups"}}},"parameters":{"DeviceSecurityGroupName":{"description":"The name of the device security group. Note that the name of the device security group is case insensitive.","in":"path","name":"deviceSecurityGroupName","required":true,"x-ms-parameter-location":"method","schema":{"type":"string"},"examples":{"Delete a device security group for the specified IoT Hub resource":{"value":"samplesecuritygroup"},"Get a device security group for the specified IoT Hub resource":{"value":"samplesecuritygroup"},"Create or update a device security group for the specified IoT hub resource":{"value":"samplesecuritygroup"}}}},"securitySchemes":{"azure_auth":{"description":"Azure Active Directory OAuth2 Flow","type":"oauth2","flows":{"implicit":{"authorizationUrl":"https://login.microsoftonline.com/common/oauth2/authorize","scopes":{"user_impersonation":"impersonate your user account"}}}}},"schemas":{"AllowlistCustomAlertRule":{"allOf":[{"$ref":"#/components/schemas/ListCustomAlertRule"}],"description":"A custom alert rule that checks if a value (depends on the custom alert type) is allowed.","properties":{"allowlistValues":{"description":"The values to allow. The format of the values depends on the rule type.","items":{"type":"string"},"type":"array"},"ruleType":{"description":"The type of the custom alert rule.","enum":["ConnectionToIpNotAllowed","LocalUserNotAllowed","ProcessNotAllowed"],"type":"string","x-ms-enum":{"modelAsString":true,"name":"AllowListRuleType","values":[{"description":"Outbound connection to an ip that isn't allowed. Allow list consists of ipv4 or ipv6 range in CIDR notation.","value":"ConnectionToIpNotAllowed"},{"description":"Login by a local user that isn't allowed. Allow list consists of login names to allow.","value":"LocalUserNotAllowed"},{"description":"Execution of a process that isn't allowed. Allow list consists of process names to allow.","value":"ProcessNotAllowed"}]}}},"required":["allowlistValues"],"type":"object"},"CustomAlertRule":{"description":"A custom alert rule.","properties":{"description":{"description":"The description of the custom alert.","readOnly":true,"type":"string"},"displayName":{"description":"The display name of the custom alert.","readOnly":true,"type":"string"},"isEnabled":{"description":"Status of the custom alert.","type":"boolean"},"ruleType":{"description":"The type of the custom alert rule.","type":"string"}},"required":["isEnabled","ruleType"],"type":"object"},"DenylistCustomAlertRule":{"allOf":[{"$ref":"#/components/schemas/ListCustomAlertRule"}],"description":"A custom alert rule that checks if a value (depends on the custom alert type) is denied.","properties":{"denylistValues":{"description":"The values to deny. The format of the values depends on the rule type.","items":{"type":"string"},"type":"array"}},"required":["denylistValues"],"type":"object"},"DeviceSecurityGroup":{"allOf":[{"description":"Describes an Azure resource.","properties":{"id":{"description":"Resource Id","readOnly":true,"type":"string"},"name":{"description":"Resource name","readOnly":true,"type":"string"},"type":{"description":"Resource type","readOnly":true,"type":"string"}},"type":"object","x-ms-azure-resource":true}],"description":"The device security group resource","properties":{"properties":{"$ref":"#/components/schemas/DeviceSecurityGroupProperties"}},"type":"object"},"DeviceSecurityGroupList":{"description":"List of device security groups","properties":{"nextLink":{"description":"The URI to fetch the next page.","readOnly":true,"type":"string"},"value":{"description":"List of device security group objects","items":{"$ref":"#/components/schemas/DeviceSecurityGroup"},"type":"array"}},"readOnly":true,"type":"object"},"DeviceSecurityGroupProperties":{"description":"describes properties of a security group.","properties":{"allowlistRules":{"description":"The allow-list custom alert rules.","items":{"$ref":"#/components/schemas/AllowlistCustomAlertRule"},"type":"array"},"denylistRules":{"description":"The deny-list custom alert rules.","items":{"$ref":"#/components/schemas/DenylistCustomAlertRule"},"type":"array"},"thresholdRules":{"description":"The list of custom alert threshold rules.","items":{"$ref":"#/components/schemas/ThresholdCustomAlertRule"},"type":"array"},"timeWindowRules":{"description":"The list of custom alert time-window rules.","items":{"$ref":"#/components/schemas/TimeWindowCustomAlertRule"},"type":"array"}},"type":"object"},"ListCustomAlertRule":{"allOf":[{"$ref":"#/components/schemas/CustomAlertRule"}],"description":"A List custom alert rule.","properties":{"valueType":{"description":"The value type of the items in the list.","enum":["IpCidr","String"],"readOnly":true,"type":"string","x-ms-enum":{"modelAsString":true,"name":"valueType","values":[{"description":"An IP range in CIDR format (e.g. '192.168.0.1/8').","value":"IpCidr"},{"description":"Any string value.","value":"String"}]}}},"type":"object"},"ThresholdCustomAlertRule":{"allOf":[{"$ref":"#/components/schemas/CustomAlertRule"}],"description":"A custom alert rule that checks if a value (depends on the custom alert type) is within the given range.","properties":{"maxThreshold":{"description":"The maximum threshold.","type":"integer"},"minThreshold":{"description":"The minimum threshold.","type":"integer"}},"required":["minThreshold","maxThreshold"],"type":"object"},"TimeWindowCustomAlertRule":{"allOf":[{"$ref":"#/components/schemas/ThresholdCustomAlertRule"}],"description":"A custom alert rule that checks if the number of activities (depends on the custom alert type) in a time window is within the given range.","properties":{"ruleType":{"description":"The type of the custom alert rule.","enum":["ActiveConnectionsNotInAllowedRange","AmqpC2DMessagesNotInAllowedRange","MqttC2DMessagesNotInAllowedRange","HttpC2DMessagesNotInAllowedRange","AmqpC2DRejectedMessagesNotInAllowedRange","MqttC2DRejectedMessagesNotInAllowedRange","HttpC2DRejectedMessagesNotInAllowedRange","AmqpD2CMessagesNotInAllowedRange","MqttD2CMessagesNotInAllowedRange","HttpD2CMessagesNotInAllowedRange","DirectMethodInvokesNotInAllowedRange","FailedLocalLoginsNotInAllowedRange","FileUploadsNotInAllowedRange","QueuePurgesNotInAllowedRange","TwinUpdatesNotInAllowedRange","UnauthorizedOperationsNotInAllowedRange"],"type":"string","x-ms-enum":{"modelAsString":true,"name":"ThresholdRuleType","values":[{"description":"Number of active connections is not in allowed range.","value":"ActiveConnectionsNotInAllowedRange"},{"description":"Number of cloud to device messages (AMQP protocol) is not in allowed range.","value":"AmqpC2DMessagesNotInAllowedRange"},{"description":"Number of cloud to device messages (MQTT protocol) is not in allowed range.","value":"MqttC2DMessagesNotInAllowedRange"},{"description":"Number of cloud to device messages (HTTP protocol) is not in allowed range.","value":"HttpC2DMessagesNotInAllowedRange"},{"description":"Number of rejected cloud to device messages (AMQP protocol) is not in allowed range.","value":"AmqpC2DRejectedMessagesNotInAllowedRange"},{"description":"Number of rejected cloud to device messages (MQTT protocol) is not in allowed range.","value":"MqttC2DRejectedMessagesNotInAllowedRange"},{"description":"Number of rejected cloud to device messages (HTTP protocol) is not in allowed range.","value":"HttpC2DRejectedMessagesNotInAllowedRange"},{"description":"Number of device to cloud messages (AMQP protocol) is not in allowed range.","value":"AmqpD2CMessagesNotInAllowedRange"},{"description":"Number of device to cloud messages (MQTT protocol) is not in allowed range.","value":"MqttD2CMessagesNotInAllowedRange"},{"description":"Number of device to cloud messages (HTTP protocol) is not in allowed range.","value":"HttpD2CMessagesNotInAllowedRange"},{"description":"Number of direct method invokes is not in allowed range.","value":"DirectMethodInvokesNotInAllowedRange"},{"description":"Number of failed local logins is not in allowed range.","value":"FailedLocalLoginsNotInAllowedRange"},{"description":"Number of file uploads is not in allowed range.","value":"FileUploadsNotInAllowedRange"},{"description":"Number of device queue purges is not in allowed range.","value":"QueuePurgesNotInAllowedRange"},{"description":"Number of twin updates is not in allowed range.","value":"TwinUpdatesNotInAllowedRange"},{"description":"Number of unauthorized operations is not in allowed range.","value":"UnauthorizedOperationsNotInAllowedRange"}]}},"timeWindowSize":{"description":"The time window size in iso8601 format.","format":"duration","type":"string"}},"required":["timeWindowSize"],"type":"object"}}}}