api_collections
Creates, updates, deletes, gets or lists an api_collections resource.
Overview
| Name | api_collections |
| Type | Resource |
| Id | azure.security.api_collections |
Fields
The following fields are returned by SELECT queries:
- get_by_azure_api_management_service
- list_by_azure_api_management_service
- list_by_resource_group
- list_by_subscription
This indicates a successful response. The response contains the properties of the API collection.
| Name | Datatype | Description |
|---|---|---|
id | string (arm-id) | Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" |
name | string | The name of the resource |
properties | object | Describes the properties of an API collection. |
systemData | object | Azure Resource Manager metadata containing createdBy and modifiedBy information. |
type | string | The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" |
This indicates a successful response. The response contains the list of API collections.
| Name | Datatype | Description |
|---|---|---|
id | string (arm-id) | Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" |
name | string | The name of the resource |
properties | object | Describes the properties of an API collection. |
systemData | object | Azure Resource Manager metadata containing createdBy and modifiedBy information. |
type | string | The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" |
This indicates a successful response. The response contains the list of API collections.
| Name | Datatype | Description |
|---|---|---|
id | string (arm-id) | Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" |
name | string | The name of the resource |
properties | object | Describes the properties of an API collection. |
systemData | object | Azure Resource Manager metadata containing createdBy and modifiedBy information. |
type | string | The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" |
This indicates a successful response. The response contains the list of API collections.
| Name | Datatype | Description |
|---|---|---|
id | string (arm-id) | Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" |
name | string | The name of the resource |
properties | object | Describes the properties of an API collection. |
systemData | object | Azure Resource Manager metadata containing createdBy and modifiedBy information. |
type | string | The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get_by_azure_api_management_service | select | subscriptionId, resourceGroupName, serviceName, apiId | Gets an Azure API Management API if it has been onboarded to Microsoft Defender for APIs. If an Azure API Management API is onboarded to Microsoft Defender for APIs, the system will monitor the operations within the Azure API Management API for intrusive behaviors and provide alerts for attacks that have been detected. | |
list_by_azure_api_management_service | select | subscriptionId, resourceGroupName, serviceName | Gets a list of Azure API Management APIs that have been onboarded to Microsoft Defender for APIs. If an Azure API Management API is onboarded to Microsoft Defender for APIs, the system will monitor the operations within the Azure API Management API for intrusive behaviors and provide alerts for attacks that have been detected. | |
list_by_resource_group | select | subscriptionId, resourceGroupName | Gets a list of API collections within a resource group that have been onboarded to Microsoft Defender for APIs. | |
list_by_subscription | select | subscriptionId | Gets a list of API collections within a subscription that have been onboarded to Microsoft Defender for APIs. | |
onboard_azure_api_management_api | exec | subscriptionId, resourceGroupName, serviceName, apiId | Onboard an Azure API Management API to Microsoft Defender for APIs. The system will start monitoring the operations within the Azure Management API for intrusive behaviors and provide alerts for attacks that have been detected. | |
offboard_azure_api_management_api | exec | subscriptionId, resourceGroupName, serviceName, apiId | Offboard an Azure API Management API from Microsoft Defender for APIs. The system will stop monitoring the operations within the Azure API Management API for intrusive behaviors. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
apiId | string | API revision identifier. Must be unique in the API Management service instance. Non-current revision has ;rev=n as a suffix where n is the revision number. |
resourceGroupName | string | The name of the resource group. The name is case insensitive. |
serviceName | string | The name of the API Management service. |
subscriptionId | string (uuid) | The ID of the target subscription. The value must be an UUID. |
SELECT examples
- get_by_azure_api_management_service
- list_by_azure_api_management_service
- list_by_resource_group
- list_by_subscription
Gets an Azure API Management API if it has been onboarded to Microsoft Defender for APIs. If an Azure API Management API is onboarded to Microsoft Defender for APIs, the system will monitor the operations within the Azure API Management API for intrusive behaviors and provide alerts for attacks that have been detected.
SELECT
id,
name,
properties,
systemData,
type
FROM azure.security.api_collections
WHERE subscriptionId = '{{ subscriptionId }}' -- required
AND resourceGroupName = '{{ resourceGroupName }}' -- required
AND serviceName = '{{ serviceName }}' -- required
AND apiId = '{{ apiId }}' -- required
;
Gets a list of Azure API Management APIs that have been onboarded to Microsoft Defender for APIs. If an Azure API Management API is onboarded to Microsoft Defender for APIs, the system will monitor the operations within the Azure API Management API for intrusive behaviors and provide alerts for attacks that have been detected.
SELECT
id,
name,
properties,
systemData,
type
FROM azure.security.api_collections
WHERE subscriptionId = '{{ subscriptionId }}' -- required
AND resourceGroupName = '{{ resourceGroupName }}' -- required
AND serviceName = '{{ serviceName }}' -- required
;
Gets a list of API collections within a resource group that have been onboarded to Microsoft Defender for APIs.
SELECT
id,
name,
properties,
systemData,
type
FROM azure.security.api_collections
WHERE subscriptionId = '{{ subscriptionId }}' -- required
AND resourceGroupName = '{{ resourceGroupName }}' -- required
;
Gets a list of API collections within a subscription that have been onboarded to Microsoft Defender for APIs.
SELECT
id,
name,
properties,
systemData,
type
FROM azure.security.api_collections
WHERE subscriptionId = '{{ subscriptionId }}' -- required
;
Lifecycle Methods
- onboard_azure_api_management_api
- offboard_azure_api_management_api
Onboard an Azure API Management API to Microsoft Defender for APIs. The system will start monitoring the operations within the Azure Management API for intrusive behaviors and provide alerts for attacks that have been detected.
EXEC azure.security.api_collections.onboard_azure_api_management_api
@subscriptionId='{{ subscriptionId }}' --required,
@resourceGroupName='{{ resourceGroupName }}' --required,
@serviceName='{{ serviceName }}' --required,
@apiId='{{ apiId }}' --required
;
Offboard an Azure API Management API from Microsoft Defender for APIs. The system will stop monitoring the operations within the Azure API Management API for intrusive behaviors.
EXEC azure.security.api_collections.offboard_azure_api_management_api
@subscriptionId='{{ subscriptionId }}' --required,
@resourceGroupName='{{ resourceGroupName }}' --required,
@serviceName='{{ serviceName }}' --required,
@apiId='{{ apiId }}' --required
;