Get-AzDeviceSecurityGroup
Get device security group (IoT Hub security)
Syntax
Get-AzDeviceSecurityGroup
-HubResourceId <String>
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>] Get-AzDeviceSecurityGroup
-HubResourceId <String>
-Name <String>
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>] Description
The Get-AzDeviceSecurityGroup cmdlet returns a device security group defined in iot security solution
Examples
Example 1
Get-AzDeviceSecurityGroup -HubResourceId "/subscriptions/XXXXXXXX-XXXX-XXXXX-XXXX-XXXXXXXXXXXX/resourceGroups/MyResourceGroup/providers/Microsoft.Devices/IotHubs/MyHub" -Name "MySecurityGroup"
Id: "/subscriptions/XXXXXXXX-XXXX-XXXXX-XXXX-XXXXXXXXXXXX/resourceGroups/MyResourceGroup/providers/Microsoft.Devices/IotHubs/MyHub/providers/Microsoft.Security/deviceSecurityGroups/MySecurityGroup"
Name: "MySecurityGroup"
Type: "Microsoft.Security/deviceSecurityGroups"
ThresholdRules: []
TimeWindowRules: [
{
RuleType: "ActiveConnectionsNotInAllowedRange"
DisplayName: "Number of active connections is not in allowed range"
Description: "Get an alert when the number of active connections of a device in the time window is not in the allowed range"
IsEnabled: false
MinThreshold: 0
MaxThreshold: 0
TimeWindowSize: "PT15M"
}
{
RuleType: "AmqpC2DMessagesNotInAllowedRange"
DisplayName: "Number of cloud to device messages (AMQP protocol) is not in allowed range"
Description: "Get an alert when the number of cloud to device messages (AMQP protocol) in the time window is not in the allowed range"
IsEnabled: false
MinThreshold: 0
MaxThreshold: 0
TimeWindowSize: "PT15M"
}]
AllowlistRules: [
{
RuleType": "ConnectionToIpNotAllowed",
DisplayName: "Outbound connection to an ip that isn't allowed"
Description: "Get an alert when an outbound connection is created between your device and an ip that isn't allowed"
IsEnabled: false
ValueType: "IpCidr"
AllowlistValues: []
},
{
RuleType: "LocalUserNotAllowed"
DisplayName: "Login by a local user that isn't allowed"
Description: "Get an alert when a local user that isn't allowed logins to the device"
IsEnabled: false
ValueType: "String"
AllowlistValues: []
}]
DenylistRules: []Get device security group "MySecurityGroup" in IoT Hub with reasource Id "/subscriptions/XXXXXXXX-XXXX-XXXXX-XXXX-XXXXXXXXXXXX/resourceGroups/MyResourceGroup/providers/Microsoft.Devices/IotHubs/MyHub"
Example 2
Get-AzDeviceSecurityGroup -HubResourceId "/subscriptions/XXXXXXXX-XXXX-XXXXX-XXXX-XXXXXXXXXXXX/resourceGroups/MyResourceGroup/providers/Microsoft.Devices/IotHubs/MyHub"
Array of security group items like the item returned in example 1Get list of device security group in IoT Hub with reasource Id "/subscriptions/XXXXXXXX-XXXX-XXXXX-XXXX-XXXXXXXXXXXX/resourceGroups/MyResourceGroup/providers/Microsoft.Devices/IotHubs/MyHub"
Parameters
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with Azure.
| Type: | IAzureContextContainer |
| Aliases: | AzContext, AzureRmContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-HubResourceId
ID of the security resource that you want to invoke the command on.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Name
Resource name.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
None
Outputs
Azure PowerShell
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for