Create a Security Situation Awareness Configuration
Function
API description
This API is used by an application to create a security situation awareness configuration.
Constraints
Supported items:
| Configuration Item | Default Alarm Severity | Default Security Level | Device Dimension | Platform Detection/Device Reporting | Configuration Structure | Description |
|---|---|---|---|---|---|---|
| DEVICE_MEMORY_CHECK | CRITICAL | ADVANCE_SECURITY | Yes | Device Reporting | [{"key":"memory_threshold","value":80},{"key":"report_period","value":1}] | Device memory leak detection. report_period: reporting period (hour), ranging from 1 to 24. memory_threshold: memory detection threshold (%), ranging from 1 to 100. |
| DEVICE_PORT_CHECK | CRITICAL | ADVANCE_SECURITY | Yes | Device reporting | [{"key":"safety_ports","value":[80,8080]},{"key":"report_period","value":1}] | Device abnormal port detection. report_period: reporting period (hour), ranging from 1 to 24. safety_ports: security port whitelist, array, ranging from 1 to 65535. |
| DEVICE_CPU_USAGE_CHECK | CRITICAL | ADVANCE_SECURITY | Yes | Device reporting | [{"key":"cpu_usage_threshold","value":80},{"key":"report_period","value":1}] | Device CPU usage detection. report_period: reporting period (hour), ranging from 1 to 24. cpu_usage_threshold: CPU usage detection threshold (%), ranging from 1 to 100. |
| DEVICE_DISK_SPACE_CHECK | CRITICAL | ADVANCE_SECURITY | Yes | Device reporting | [{"key":"disk_space_threshold","value":80},{"key":"report_period","value":1}] | Device disk usage detection. report_period: reporting period (hour), ranging from 1 to 24. disk_space_threshold: disk usage detection threshold (%), ranging from 1 to 100. |
| DEVICE_BATTERY_PERCENTAGE_CHECK | CRITICAL | ADVANCE_SECURITY | Yes | Device reporting | [{"key":"battery_percentage_threshold","value":20},{"key":"report_period","value":1}] | Device battery level detection. report_period: reporting period (hour), ranging from 1 to 24. battery_percentage_threshold: battery level detection threshold (%), ranging from 1 to 100. |
| DEVICE_LOGIN_LOCAL_CHECK | MINOR | BASIC_SECURITY | Yes | Device reporting | N/A | Device local login detection. |
| DEVICE_MALICIOUS_IP_CHECK | MINOR | BASIC_SECURITY | Yes | Device reporting | {"key":"safety_ips","value":["192.168.0.0/16"]} | Device malicious IP address detection. |
| DEVICE_LOGIN_BRUTE_FORCE_CHECK | MINOR | BASIC_SECURITY | Yes | Device reporting | N/A | Device brute-force attack login detection. |
| DEVICE_FILE_TAMPER_CHECK | MINOR | BASIC_SECURITY | Yes | Device reporting | N/A | Device local file tampering detection. |
| INSECURE_TLS_PROTOCOL_CHECK | MAJOR | ULTIMATE_SECURITY | Yes | Platform detection | N/A | Detection of device access using insecure TLS protocols. |
| INSECURE_CIPHER_SUITE_CHECK | MAJOR | ULTIMATE_SECURITY | Yes | Platform detection | N/A | Detection of device access using insecure TLS cipher suites. |
| CONNECT_MULTIPLE_TIMES_CHECK | CRITICAL | ULTIMATE_SECURITY | Yes | Platform detection | N/A | Detection of multiple connection setups by a device within a specified period. |
| SECRET_COMPLEXITY_CHECK | MAJOR | ULTIMATE_SECURITY | Yes | Platform detection | N/A | Device weak password detection. |
| CERTIFICATE_SECURITY_CHECK | MAJOR | ULTIMATE_SECURITY | Yes | Platform detection | N/A | Certificate security check |
| TLS_CONNECT_CHECK | MINOR | ULTIMATE_SECURITY | Yes | Platform detection | N/A | Detection of device communications using TLS. |
| DEVICE_AUTH_FAIL_CHECK | CRITICAL | ULTIMATE_SECURITY | Yes | Platform detection | N/A | Device authentication failure detection. |
| DEVICE_OFFLINE_CHECK | CRITICAL | ULTIMATE_SECURITY | Yes | Platform detection | N/A | Device abnormal disconnection detection. |
Debugging
You can debug this API through automatic authentication in API Explorer or use the SDK sample code generated by API Explorer.
Authorization Information
Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
- If you are using role/policy-based authorization, see Permissions Policies and Supported Actions for details on the required permissions.
- If you are using identity policy-based authorization, the following identity policy-based permissions are required.
Action
Access Level
Resource Type (*: required)
Condition Key
Alias
Dependencies
iotda:securityprofile:create
Write
instance *
-
g:EnterpriseProjectId
-
g:ResourceTag/<tag-key>
-
-
-
URI
POST /v5/iot/{project_id}/security-profiles
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
project_id |
Yes |
String |
Parameter description: project ID. For details, see Obtaining a Project ID. |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
Instance-Id |
No |
String |
Parameter description: instance ID. This parameter is required only when the API is called from the management plane in the physical multi-tenant scenario. Log in to the IoTDA console and choose Overview in the navigation pane to check the instance ID. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
security_type |
Yes |
String |
Security situation awareness configuration type. |
|
alarm_level |
No |
String |
Parameter description: severity of a security situation awareness alarm. Constraints: none. Range:
Default value: N/A |
|
security_level |
No |
String |
Parameter description: severity of a security situation awareness item. Constraints: none. Range:
Default value: N/A |
|
enable |
No |
Boolean |
Whether security situation awareness is enabled. |
|
profile |
No |
Array of SecurityProfile objects |
Security situation awareness configuration structure, which is used to deliver device-side detection items to the device. |
|
profile_targets |
No |
SecurityTarget object |
Structure of binding objects for security situation awareness configuration. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
key |
Yes |
String |
Name of the security situation awareness item. |
|
value |
Yes |
Object |
Configuration value of the security situation awareness item. For details about the data format, see the description of the API for creating security situation awareness. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
target_type |
No |
String |
Object bound to the security situation awareness configuration. Currently, only the product level is supported, and only the device-level security situation awareness items take effect. |
|
target_ids |
No |
Array of strings |
List of bound object IDs. When target_type is set to PRODUCT, the product ID can be duplicate in different resource spaces. The value of target_id is in the format of Resource space ID:Product ID. The resource space ID and product ID are combined using a colon (:). |
Response Parameters
Status code: 201
|
Parameter |
Type |
Description |
|---|---|---|
|
profile_id |
String |
Security situation awareness configuration ID. |
|
security_type |
String |
Security situation awareness configuration type. |
|
alarm_level |
String |
Parameter description: severity of a security situation awareness alarm. Constraints: none. Range:
Default value: N/A |
|
security_level |
String |
Parameter description: severity of a security situation awareness item. Constraints: none. Range:
Default value: N/A |
|
enable |
Boolean |
Whether security situation awareness is enabled. |
|
profile |
Array of SecurityProfile objects |
Security situation awareness configuration structure, which is used to deliver device-side detection items to the device. |
|
profile_targets |
SecurityTarget object |
Structure of binding objects for security situation awareness configuration. |
|
Parameter |
Type |
Description |
|---|---|---|
|
key |
String |
Name of the security situation awareness item. |
|
value |
Object |
Configuration value of the security situation awareness item. For details about the data format, see the description of the API for creating security situation awareness. |
|
Parameter |
Type |
Description |
|---|---|---|
|
target_type |
String |
Object bound to the security situation awareness configuration. Currently, only the product level is supported, and only the device-level security situation awareness items take effect. |
|
target_ids |
Array of strings |
List of bound object IDs. When target_type is set to PRODUCT, the product ID can be duplicate in different resource spaces. The value of target_id is in the format of Resource space ID:Product ID. The resource space ID and product ID are combined using a colon (:). |
Example Requests
POST https://{endpoint}/v5/iot/{project_id}/security-profiles
{
"security_type" : "DEVICE_MEMORY_CHECK",
"alarm_level" : "CRITICAL",
"security_level" : "BASIC_SECURITY",
"enable" : true,
"profile" : [ {
"key" : "memory_threshold",
"value" : 80
} ],
"profile_targets" : {
"target_type" : "PRODUCT",
"target_ids" : [ "1d7616926636486cb05120018018cafc:67443bd4ad7db3647deb4f7a" ]
}
}
Example Responses
Status code: 201
Create
{
"profile_id" : "04ed32dc1b0025b52fe3c01a27c2babc",
"security_type" : "DEVICE_MEMORY_CHECK",
"alarm_level" : "CRITICAL",
"security_level" : "BASIC_SECURITY",
"enable" : true,
"profile" : [ {
"key" : "memory_threshold",
"value" : 80
} ],
"profile_targets" : {
"target_type" : "PRODUCT",
"target_ids" : [ "1d7616926636486cb05120018018cafc:67443bd4ad7db3647deb4f7a" ]
}
}
Status Codes
|
Status Code |
Description |
|---|---|
|
201 |
Create |
|
400 |
Bad Request |
|
403 |
Forbidden |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
