Create a Security Situation Awareness Configuration

Function

API description

This API is used by an application to create a security situation awareness configuration.

Constraints

Supported items:

Configuration Item	Default Alarm Severity	Default Security Level	Device Dimension	Platform Detection/Device Reporting	Configuration Structure	Description
DEVICE_MEMORY_CHECK	CRITICAL	ADVANCE_SECURITY	Yes	Device Reporting	[{"key":"memory_threshold","value":80},{"key":"report_period","value":1}]	Device memory leak detection. report_period: reporting period (hour), ranging from 1 to 24. memory_threshold: memory detection threshold (%), ranging from 1 to 100.
DEVICE_PORT_CHECK	CRITICAL	ADVANCE_SECURITY	Yes	Device reporting	[{"key":"safety_ports","value":[80,8080]},{"key":"report_period","value":1}]	Device abnormal port detection. report_period: reporting period (hour), ranging from 1 to 24. safety_ports: security port whitelist, array, ranging from 1 to 65535.
DEVICE_CPU_USAGE_CHECK	CRITICAL	ADVANCE_SECURITY	Yes	Device reporting	[{"key":"cpu_usage_threshold","value":80},{"key":"report_period","value":1}]	Device CPU usage detection. report_period: reporting period (hour), ranging from 1 to 24. cpu_usage_threshold: CPU usage detection threshold (%), ranging from 1 to 100.
DEVICE_DISK_SPACE_CHECK	CRITICAL	ADVANCE_SECURITY	Yes	Device reporting	[{"key":"disk_space_threshold","value":80},{"key":"report_period","value":1}]	Device disk usage detection. report_period: reporting period (hour), ranging from 1 to 24. disk_space_threshold: disk usage detection threshold (%), ranging from 1 to 100.
DEVICE_BATTERY_PERCENTAGE_CHECK	CRITICAL	ADVANCE_SECURITY	Yes	Device reporting	[{"key":"battery_percentage_threshold","value":20},{"key":"report_period","value":1}]	Device battery level detection. report_period: reporting period (hour), ranging from 1 to 24. battery_percentage_threshold: battery level detection threshold (%), ranging from 1 to 100.
DEVICE_LOGIN_LOCAL_CHECK	MINOR	BASIC_SECURITY	Yes	Device reporting	N/A	Device local login detection.
DEVICE_MALICIOUS_IP_CHECK	MINOR	BASIC_SECURITY	Yes	Device reporting	{"key":"safety_ips","value":["192.168.0.0/16"]}	Device malicious IP address detection.
DEVICE_LOGIN_BRUTE_FORCE_CHECK	MINOR	BASIC_SECURITY	Yes	Device reporting	N/A	Device brute-force attack login detection.
DEVICE_FILE_TAMPER_CHECK	MINOR	BASIC_SECURITY	Yes	Device reporting	N/A	Device local file tampering detection.
INSECURE_TLS_PROTOCOL_CHECK	MAJOR	ULTIMATE_SECURITY	Yes	Platform detection	N/A	Detection of device access using insecure TLS protocols.
INSECURE_CIPHER_SUITE_CHECK	MAJOR	ULTIMATE_SECURITY	Yes	Platform detection	N/A	Detection of device access using insecure TLS cipher suites.
CONNECT_MULTIPLE_TIMES_CHECK	CRITICAL	ULTIMATE_SECURITY	Yes	Platform detection	N/A	Detection of multiple connection setups by a device within a specified period.
SECRET_COMPLEXITY_CHECK	MAJOR	ULTIMATE_SECURITY	Yes	Platform detection	N/A	Device weak password detection.
CERTIFICATE_SECURITY_CHECK	MAJOR	ULTIMATE_SECURITY	Yes	Platform detection	N/A	Certificate security check
TLS_CONNECT_CHECK	MINOR	ULTIMATE_SECURITY	Yes	Platform detection	N/A	Detection of device communications using TLS.
DEVICE_AUTH_FAIL_CHECK	CRITICAL	ULTIMATE_SECURITY	Yes	Platform detection	N/A	Device authentication failure detection.
DEVICE_OFFLINE_CHECK	CRITICAL	ULTIMATE_SECURITY	Yes	Platform detection	N/A	Device abnormal disconnection detection.

Debugging

You can debug this API through automatic authentication in API Explorer or use the SDK sample code generated by API Explorer.

Authorization Information

Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.

If you are using role/policy-based authorization, see Permissions Policies and Supported Actions for details on the required permissions.
If you are using identity policy-based authorization, the following identity policy-based permissions are required.
Action
Access Level
Resource Type (*: required)
Condition Key
Alias
Dependencies
iotda:securityprofile:create
Write
instance *
g:EnterpriseProjectId
g:ResourceTag/<tag-key>
-
-

Action	Access Level	Resource Type (*: required)	Condition Key	Alias	Dependencies
iotda:securityprofile:create	Write	instance *	g:EnterpriseProjectId g:ResourceTag/<tag-key>	-	-

URI

POST /v5/iot/{project_id}/security-profiles

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Parameter description: project ID. For details, see Obtaining a Project ID.

Request Parameters

**Table 2** Request header parameters
Parameter	Mandatory	Type	Description
Instance-Id	No	String	Parameter description: instance ID. This parameter is required only when the API is called from the management plane in the physical multi-tenant scenario. Log in to the IoTDA console and choose Overview in the navigation pane to check the instance ID.

**Table 3** Request body parameters
Parameter	Mandatory	Type	Description
security_type	Yes	String	Security situation awareness configuration type.
alarm_level	No	String	Parameter description: severity of a security situation awareness alarm. Constraints: none. Range: CRITICAL MAJOR MINOR Default value: N/A
security_level	No	String	Parameter description: severity of a security situation awareness item. Constraints: none. Range: BASIC_SECURITY ADVANCE_SECURITY ULTIMATE_SECURITY Default value: N/A
enable	No	Boolean	Whether security situation awareness is enabled.
profile	No	Array of SecurityProfile objects	Security situation awareness configuration structure, which is used to deliver device-side detection items to the device.
profile_targets	No	SecurityTarget object	Structure of binding objects for security situation awareness configuration.

**Table 4** SecurityProfile
Parameter	Mandatory	Type	Description
key	Yes	String	Name of the security situation awareness item.
value	Yes	Object	Configuration value of the security situation awareness item. For details about the data format, see the description of the API for creating security situation awareness.

**Table 5** SecurityTarget
Parameter	Mandatory	Type	Description
target_type	No	String	Object bound to the security situation awareness configuration. Currently, only the product level is supported, and only the device-level security situation awareness items take effect.
target_ids	No	Array of strings	List of bound object IDs. When target_type is set to PRODUCT, the product ID can be duplicate in different resource spaces. The value of target_id is in the format of Resource space ID:Product ID. The resource space ID and product ID are combined using a colon (:).

Response Parameters

Status code: 201

**Table 6** Response body parameters
Parameter	Type	Description
profile_id	String	Security situation awareness configuration ID.
security_type	String	Security situation awareness configuration type.
alarm_level	String	Parameter description: severity of a security situation awareness alarm. Constraints: none. Range: CRITICAL MAJOR MINOR Default value: N/A
security_level	String	Parameter description: severity of a security situation awareness item. Constraints: none. Range: BASIC_SECURITY ADVANCE_SECURITY ULTIMATE_SECURITY Default value: N/A
enable	Boolean	Whether security situation awareness is enabled.
profile	Array of SecurityProfile objects	Security situation awareness configuration structure, which is used to deliver device-side detection items to the device.
profile_targets	SecurityTarget object	Structure of binding objects for security situation awareness configuration.

**Table 7** SecurityProfile
Parameter	Type	Description
key	String	Name of the security situation awareness item.
value	Object	Configuration value of the security situation awareness item. For details about the data format, see the description of the API for creating security situation awareness.

**Table 8** SecurityTarget
Parameter	Type	Description
target_type	String	Object bound to the security situation awareness configuration. Currently, only the product level is supported, and only the device-level security situation awareness items take effect.
target_ids	Array of strings	List of bound object IDs. When target_type is set to PRODUCT, the product ID can be duplicate in different resource spaces. The value of target_id is in the format of Resource space ID:Product ID. The resource space ID and product ID are combined using a colon (:).

Example Requests

POST https://{endpoint}/v5/iot/{project_id}/security-profiles

{
  "security_type" : "DEVICE_MEMORY_CHECK",
  "alarm_level" : "CRITICAL",
  "security_level" : "BASIC_SECURITY",
  "enable" : true,
  "profile" : [ {
    "key" : "memory_threshold",
    "value" : 80
  } ],
  "profile_targets" : {
    "target_type" : "PRODUCT",
    "target_ids" : [ "1d7616926636486cb05120018018cafc:67443bd4ad7db3647deb4f7a" ]
  }
}

Example Responses

Status code: 201

Create

{
  "profile_id" : "04ed32dc1b0025b52fe3c01a27c2babc",
  "security_type" : "DEVICE_MEMORY_CHECK",
  "alarm_level" : "CRITICAL",
  "security_level" : "BASIC_SECURITY",
  "enable" : true,
  "profile" : [ {
    "key" : "memory_threshold",
    "value" : 80
  } ],
  "profile_targets" : {
    "target_type" : "PRODUCT",
    "target_ids" : [ "1d7616926636486cb05120018018cafc:67443bd4ad7db3647deb4f7a" ]
  }
}

Status Codes

Status Code	Description
201	Create
400	Bad Request
403	Forbidden

Error Codes

See Error Codes.

Parent topic:Security Situation Awareness Configuration Management

Previous topic: Query Security Situation Awareness Configurations

Next topic: Query the Details About the Security Situation Awareness Configuration of a Specific ID

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

For any further questions, feel free to contact us through the chatbot.

Chatbot