From 373be2fa29db955a0e63fc4f7907bc2b0d6343c6 Mon Sep 17 00:00:00 2001 From: Chen Lahav Date: Sun, 25 Mar 2018 20:36:13 +0300 Subject: [PATCH] Adding Security RP API swagger --- ...GetAlertResourceGroupLocation_example.json | 72 + .../GetAlertSubscriptionLocation_example.json | 71 + ...etAlertsResourceGroupLocation_example.json | 73 + .../GetAlertsResourceGroup_example.json | 72 + .../Alerts/GetAlertsSubscription_example.json | 150 ++ ...etAlertsSubscriptionsLocation_example.json | 154 ++ ...ateAlertResourceGroupLocation_example.json | 14 + ...dateAlertSubscriptionLocation_example.json | 13 + ...SolutionResourceGroupLocation_example.json | 26 + ...SolutionsSubscriptionLocation_example.json | 40 + ...SecuritySolutionsSubscription_example.json | 39 + .../GetExternalSecuritySolution_example.json | 28 + ...SolutionsSubscriptionLocation_example.json | 123 + ...SecuritySolutionsSubscription_example.json | 122 + .../CreateJitNetworkAccessPolicy_example.json | 93 + .../DeleteJitNetworkAccessPolicy_example.json | 13 + ...PoliciesResourceGroupLocation_example.json | 54 + ...rkAccessPoliciesResourceGroup_example.json | 53 + ...sPoliciesSubscriptionLocation_example.json | 53 + ...orkAccessPoliciesSubscription_example.json | 52 + .../GetJitNetworkAccessPolicy_example.json | 53 + .../InvokeJitNetworkAccessPolicy_example.json | 28 + .../Locations/GetLocation_example.json | 19 + .../Locations/GetLocations_example.json | 20 + .../GetTaskResourceGroupLocation_example.json | 34 + .../GetTaskSubscriptionLocation_example.json | 33 + ...GetTasksResourceGroupLocation_example.json | 37 + .../GetTasksSubscriptionLocation_example.json | 56 + .../Tasks/GetTasksSubscription_example.json | 55 + ...dateTaskResourceGroupLocation_example.json | 14 + ...pdateTaskSubscriptionLocation_example.json | 13 + .../preview/2015-06-01-preview/security.json | 2380 +++++++++++++++++ ...visioningSettingsSubscription_example.json | 27 + ...ovisioningSettingSubscription_example.json | 19 + ...visioningSettingsSubscription_example.json | 20 + .../Compliances/GetCompliance_example.json | 26 + .../Compliances/GetCompliances_example.json | 60 + .../CreatePricingsResourceGroup_example.json | 28 + .../CreatePricingsSubscription_example.json | 27 + .../GetPricingResourceGroup_example.json | 20 + .../GetPricingSubscription_example.json | 19 + .../GetPricingsResourceGroup_example.json | 21 + .../GetPricingsSubscription_example.json | 20 + .../CreateSecurityContact_example.json | 34 + .../DeleteSecurityContact_example.json | 12 + .../GetSecurityContact_example.json | 23 + ...SecurityContactsResourceGroup_example.json | 24 + ...tSecurityContactsSubscription_example.json | 23 + .../UpdateSecurityContact_example.json | 32 + ...WorkspaceSettingResourceGroup_example.json | 30 + ...eWorkspaceSettingSubscription_example.json | 29 + ...WorkspaceSettingResourceGroup_example.json | 12 + ...WorkspaceSettingResourceGroup_example.json | 21 + ...tWorkspaceSettingSubscription_example.json | 20 + ...orkspaceSettingsResourceGroup_example.json | 22 + ...WorkspaceSettingsSubscription_example.json | 31 + ...WorkspaceSettingResourceGroup_example.json | 29 + ...eWorkspaceSettingSubscription_example.json | 28 + .../preview/2017-08-01-preview/security.json | 1405 ++++++++++ .../security/resource-manager/readme.md | 61 + 60 files changed, 6180 insertions(+) create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertResourceGroupLocation_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertSubscriptionLocation_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsResourceGroupLocation_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsResourceGroup_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsSubscription_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsSubscriptionsLocation_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/UpdateAlertResourceGroupLocation_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/UpdateAlertSubscriptionLocation_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionResourceGroupLocation_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionsSubscriptionLocation_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionsSubscription_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ExternalSecuritySolutions/GetExternalSecuritySolution_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ExternalSecuritySolutions/GetExternalSecuritySolutionsSubscriptionLocation_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ExternalSecuritySolutions/GetExternalSecuritySolutionsSubscription_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/CreateJitNetworkAccessPolicy_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/DeleteJitNetworkAccessPolicy_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesResourceGroupLocation_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesResourceGroup_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesSubscriptionLocation_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesSubscription_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPolicy_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/InvokeJitNetworkAccessPolicy_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Locations/GetLocation_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Locations/GetLocations_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTaskResourceGroupLocation_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTaskSubscriptionLocation_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTasksResourceGroupLocation_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTasksSubscriptionLocation_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTasksSubscription_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/UpdateTaskResourceGroupLocation_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/UpdateTaskSubscriptionLocation_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/security.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AutoProvisioningSettings/CreateAutoProvisioningSettingsSubscription_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AutoProvisioningSettings/GetAutoProvisioningSettingSubscription_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AutoProvisioningSettings/GetAutoProvisioningSettingsSubscription_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Compliances/GetCompliance_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Compliances/GetCompliances_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/CreatePricingsResourceGroup_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/CreatePricingsSubscription_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingResourceGroup_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingSubscription_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingsResourceGroup_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingsSubscription_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/CreateSecurityContact_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/DeleteSecurityContact_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContact_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContactsResourceGroup_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContactsSubscription_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/UpdateSecurityContact_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/CreateWorkspaceSettingResourceGroup_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/CreateWorkspaceSettingSubscription_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/DeleteWorkspaceSettingResourceGroup_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/GetWorkspaceSettingResourceGroup_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/GetWorkspaceSettingSubscription_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/GetWorkspaceSettingsResourceGroup_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/GetWorkspaceSettingsSubscription_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/UpdateWorkspaceSettingResourceGroup_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/UpdateWorkspaceSettingSubscription_example.json create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/security.json create mode 100644 specification/security/resource-manager/readme.md diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertResourceGroupLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertResourceGroupLocation_example.json new file mode 100644 index 000000000000..cfb20956e779 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertResourceGroupLocation_example.json @@ -0,0 +1,72 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg1", + "ascLocation": "westeurope", + "alertName": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "type": "Microsoft.Security/Locations/alerts", + "properties": { + "vendorName": "Microsoft", + "alertDisplayName": "Threat Intelligence Alert", + "alertName": "ThreatIntelligence", + "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", + "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", + "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", + "actionTaken": "Undefined", + "reportedSeverity": "High", + "compromisedEntity": "vm1", + "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", + "extendedProperties": { + "user Name": "administrator", + "domain Name": "Contoso", + "attacker IP": "192.0.2.1", + "resourceType": "Virtual Machine" + }, + "state": "Dismissed", + "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", + "confidenceScore": 0.8, + "confidenceReasons": [{ + "type": "User", + "reason": "Some user reason" + }, { + "type": "Process", + "reason": "Some proccess reason" + }, { + "type": "Computer", + "reason": "Some computer reason" + }], + "canBeInvestigated": true, + "entities": [{ + "address": "192.0.2.1", + "location": { + "countryCode": "gb", + "state": "wokingham", + "city": "sonning", + "longitude": -0.909, + "latitude": 51.468, + "asn": 6584 + }, + "threatIntelligence": [{ + "providerName": "Team Cymru", + "threatType": "C2", + "threatName": "rarog", + "confidence": 0.8, + "reportLink": "http://www.microsoft.com", + "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." + }], + "type": "ip" + }] + } + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertSubscriptionLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertSubscriptionLocation_example.json new file mode 100644 index 000000000000..e8b0cf529f60 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertSubscriptionLocation_example.json @@ -0,0 +1,71 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope", + "alertName": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "type": "Microsoft.Security/Locations/alerts", + "properties": { + "vendorName": "Microsoft", + "alertDisplayName": "Threat Intelligence Alert", + "alertName": "ThreatIntelligence", + "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", + "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", + "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", + "actionTaken": "Undefined", + "reportedSeverity": "High", + "compromisedEntity": "vm1", + "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", + "extendedProperties": { + "user Name": "administrator", + "domain Name": "Contoso", + "attacker IP": "192.0.2.1", + "resourceType": "Virtual Machine" + }, + "state": "Dismissed", + "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", + "confidenceScore": 0.8, + "confidenceReasons": [{ + "type": "User", + "reason": "Some user reason" + }, { + "type": "Process", + "reason": "Some proccess reason" + }, { + "type": "Computer", + "reason": "Some computer reason" + }], + "canBeInvestigated": true, + "entities": [{ + "address": "192.0.2.1", + "location": { + "countryCode": "gb", + "state": "wokingham", + "city": "sonning", + "longitude": -0.909, + "latitude": 51.468, + "asn": 6584 + }, + "threatIntelligence": [{ + "providerName": "Team Cymru", + "threatType": "C2", + "threatName": "rarog", + "confidence": 0.8, + "reportLink": "http://www.microsoft.com", + "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." + }], + "type": "ip" + }] + } + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsResourceGroupLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsResourceGroupLocation_example.json new file mode 100644 index 000000000000..0767746c55da --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsResourceGroupLocation_example.json @@ -0,0 +1,73 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg1", + "ascLocation": "westeurope" + }, + "responses": { + "200": { + "body": { + "value": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "type": "Microsoft.Security/Locations/alerts", + "properties": { + "vendorName": "Microsoft", + "alertDisplayName": "Threat Intelligence Alert", + "alertName": "ThreatIntelligence", + "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", + "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", + "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", + "actionTaken": "Undefined", + "reportedSeverity": "High", + "compromisedEntity": "vm1", + "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", + "extendedProperties": { + "user Name": "administrator", + "domain Name": "Contoso", + "attacker IP": "192.0.2.1", + "resourceType": "Virtual Machine" + }, + "state": "Dismissed", + "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", + "confidenceScore": 0.8, + "confidenceReasons": [{ + "type": "User", + "reason": "Some user reason" + }, { + "type": "Process", + "reason": "Some proccess reason" + }, { + "type": "Computer", + "reason": "Some computer reason" + }], + "canBeInvestigated": true, + "entities": [{ + "address": "192.0.2.1", + "location": { + "countryCode": "gb", + "state": "wokingham", + "city": "sonning", + "longitude": -0.909, + "latitude": 51.468, + "asn": 6584 + }, + "threatIntelligence": [{ + "providerName": "Team Cymru", + "threatType": "C2", + "threatName": "rarog", + "confidence": 0.8, + "reportLink": "http://www.microsoft.com", + "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." + }], + "type": "ip" + }] + } + }] + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsResourceGroup_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsResourceGroup_example.json new file mode 100644 index 000000000000..e795b7a2fcb5 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsResourceGroup_example.json @@ -0,0 +1,72 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg1" + }, + "responses": { + "200": { + "body": { + "value": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "type": "Microsoft.Security/Locations/alerts", + "properties": { + "vendorName": "Microsoft", + "alertDisplayName": "Threat Intelligence Alert", + "alertName": "ThreatIntelligence", + "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", + "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", + "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", + "actionTaken": "Undefined", + "reportedSeverity": "High", + "compromisedEntity": "vm1", + "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", + "extendedProperties": { + "user Name": "administrator", + "domain Name": "Contoso", + "attacker IP": "192.0.2.1", + "resourceType": "Virtual Machine" + }, + "state": "Dismissed", + "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", + "confidenceScore": 0.8, + "confidenceReasons": [{ + "type": "User", + "reason": "Some user reason" + }, { + "type": "Process", + "reason": "Some proccess reason" + }, { + "type": "Computer", + "reason": "Some computer reason" + }], + "canBeInvestigated": true, + "entities": [{ + "address": "192.0.2.1", + "location": { + "countryCode": "gb", + "state": "wokingham", + "city": "sonning", + "longitude": -0.909, + "latitude": 51.468, + "asn": 6584 + }, + "threatIntelligence": [{ + "providerName": "Team Cymru", + "threatType": "C2", + "threatName": "rarog", + "confidence": 0.8, + "reportLink": "http://www.microsoft.com", + "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." + }], + "type": "ip" + }] + } + }] + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsSubscription_example.json new file mode 100644 index 000000000000..45ea8c897f83 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsSubscription_example.json @@ -0,0 +1,150 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "type": "Microsoft.Security/Locations/alerts", + "properties": { + "vendorName": "Microsoft", + "alertDisplayName": "Threat Intelligence Alert", + "alertName": "ThreatIntelligence", + "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", + "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", + "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", + "actionTaken": "Undefined", + "reportedSeverity": "High", + "compromisedEntity": "vm1", + "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", + "extendedProperties": { + "user Name": "administrator", + "domain Name": "Contoso", + "attacker IP": "192.0.2.1", + "resourceType": "Virtual Machine" + }, + "state": "Dismissed", + "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", + "confidenceScore": 0.8, + "confidenceReasons": [{ + "type": "User", + "reason": "Some user reason" + }, { + "type": "Process", + "reason": "Some proccess reason" + }, { + "type": "Computer", + "reason": "Some computer reason" + }], + "canBeInvestigated": true, + "entities": [{ + "address": "192.0.2.1", + "location": { + "countryCode": "gb", + "state": "wokingham", + "city": "sonning", + "longitude": -0.909, + "latitude": 51.468, + "asn": 6584 + }, + "threatIntelligence": [{ + "providerName": "Team Cymru", + "threatType": "C2", + "threatName": "rarog", + "confidence": 0.8, + "reportLink": "http://www.microsoft.com", + "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." + }], + "type": "ip" + }] + } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg2/providers/Microsoft.Security/locations/westeurope/alerts/2518765996949954086_2325cf9e-42a2-4f72-ae7f-9b863cba2d22", + "name": "2518765996949954086_2325cf9e-42a2-4f72-ae7f-9b863cba2d22", + "type": "Microsoft.Security/Locations/alerts", + "properties": { + "systemSource": "Azure", + "vendorName": "Microsoft", + "alertDisplayName": "Suspicious Screensaver process executed", + "alertName": "SuspiciousScreenSaver", + "detectedTimeUtc": "2018-05-07T13:51:45.0045913Z", + "description": "The process ‘%{process name}’ was observed executing from an uncommon location.\r\n\r\nFiles with the .scr extensions are screen saver files and are normally reside and execute from the Windows system directory.", + "remediationSteps": "1. Run Process Explorer and try to identify unknown running processes (see https://technet.microsoft.com/en-us/sysinternals/bb896653.aspx)\r\n2. Make sure the machine is completely updated and has an updated anti-malware application installed\r\n3. Run a full anti-malware scan and verify that the threat was removed\r\n4. Install and run Microsoft’s Malicious Software Removal Tool (see https://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx)\r\n5. Run Microsoft’s Autoruns utility and try to identify unknown applications that are configured to run at login (see https://technet.microsoft.com/en-us/sysinternals/bb963902.aspx)\r\n6. Escalate the alert to the information security team", + "actionTaken": "Undefined", + "reportedSeverity": "Low", + "compromisedEntity": "vm2", + "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/myRg2/providers/microsoft.compute/virtualmachines/vm2", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "instanceId": "2325cf9e-42a2-4f72-ae7f-9b863cba2d22", + "extendedProperties": { + "domain name": "vm2", + "user name": "vm2\\contosoUser", + "process name": "c:\\users\\contosoUser\\scrsave.scr", + "command line": "c:\\users\\contosoUser\\scrsave.scr", + "parent process": "cmd.exe", + "process id": "0x4aec", + "account logon id": "0x61450d87", + "user SID": "S-1-5-21-2144575486-8928446540-5163864319-500", + "parent process id": "0x3c44", + "enrichment_tas_threat__reports": "{\"Kind\":\"MultiLink\",\"DisplayValueToUrlDictionary\":{\"Report: Suspicious Screen Saver Execution\":\"https://iflowreportsproda.blob.core.windows.net/reports/MSTI-TS-Suspicious-Screen-Saver-Execution.pdf?sv=2016-05-31&sr=b&sig=2igHPl764UM7aBHNaO9mPAnpzoXlwRw8YjpFLLuB2NE%3D&spr=https&st=2018-05-07T00%3A20%3A54Z&se=2018-05-08T00%3A35%3A54Z&sp=r\"}}", + "resourceType": "Virtual Machine" + }, + "state": "Active", + "reportedTimeUtc": "2018-05-07T13:51:48.3810457Z", + "workspaceArmId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-weu/providers/microsoft.operationalinsights/workspaces/defaultworkspace-21ff7fc3-e762-48dd-bd96-b551f6dcdd23-weu", + "confidenceScore": 0.3, + "confidenceReasons": [{ + "type": "Process", + "reason": "Suspicious process execution history for this subscription" + }, { + "type": "Process", + "reason": "Suspicious process execution history for this subscription" + }, { + "type": "Process", + "reason": "cmd.exe appeared in multiple alerts of the same type" + }], + "canBeInvestigated": true, + "entities": [{ + "dnsDomain": "", + "ntDomain": "", + "hostName": "vm2", + "netBiosName": "vm2", + "azureID": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/myRg2/providers/microsoft.compute/virtualmachines/vm2", + "omsAgentID": "45b44640-3b94-4892-a28c-4a5cae27065a", + "operatingSystem": "Unknown", + "type": "host", + "OsVersion": null + }, { + "name": "contosoUser", + "ntDomain": "vm2", + "logonId": "0x61450d87", + "sid": "S-1-5-21-2144575486-8928446540-5163864319-500", + "type": "account" + }, { + "directory": "c:\\windows\\system32", + "name": "cmd.exe", + "type": "file" + }, { + "directory": "c:\\users\\contosoUser", + "name": "scrsave.scr", + "type": "file" + }, { + "processId": "0x4aec", + "commandLine": "c:\\users\\contosoUser\\scrsave.scr", + "creationTimeUtc": "2018-05-07T13:51:45.0045913Z", + "type": "process" + }] + } + } + ] + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsSubscriptionsLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsSubscriptionsLocation_example.json new file mode 100644 index 000000000000..3307bce701c5 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsSubscriptionsLocation_example.json @@ -0,0 +1,154 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope" + }, + "responses": { + "200": { + "body": { + "value": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "type": "Microsoft.Security/Locations/alerts", + "properties": { + "vendorName": "Microsoft", + "alertDisplayName": "Threat Intelligence Alert", + "alertName": "ThreatIntelligence", + "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", + "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", + "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", + "actionTaken": "Undefined", + "reportedSeverity": "High", + "compromisedEntity": "vm1", + "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", + "extendedProperties": { + "user Name": "administrator", + "domain Name": "Contoso", + "attacker IP": "192.0.2.1", + "resourceType": "Virtual Machine" + }, + "state": "Dismissed", + "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", + "confidenceScore": 0.8, + "confidenceReasons": [{ + "type": "User", + "reason": "Some user reason" + }, { + "type": "Process", + "reason": "Some proccess reason" + }, { + "type": "Computer", + "reason": "Some computer reason" + }], + "canBeInvestigated": true, + "entities": [{ + "address": "192.0.2.1", + "location": { + "countryCode": "gb", + "state": "wokingham", + "city": "sonning", + "longitude": -0.909, + "latitude": 51.468, + "asn": 6584 + }, + "threatIntelligence": [{ + "providerName": "Team Cymru", + "threatType": "C2", + "threatName": "rarog", + "confidence": 0.8, + "reportLink": "http://www.microsoft.com", + "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." + }], + "type": "ip" + }] + } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg2/providers/Microsoft.Security/locations/westeurope/alerts/2518765996949954086_2325cf9e-42a2-4f72-ae7f-9b863cba2d22", + "name": "2518765996949954086_2325cf9e-42a2-4f72-ae7f-9b863cba2d22", + "type": "Microsoft.Security/Locations/alerts", + "properties": { + "systemSource": "Azure", + "vendorName": "Microsoft", + "alertDisplayName": "Suspicious Screensaver process executed", + "alertName": "SuspiciousScreenSaver", + "detectedTimeUtc": "2018-05-07T13:51:45.0045913Z", + "description": "The process ‘%{process name}’ was observed executing from an uncommon location.\r\n\r\nFiles with the .scr extensions are screen saver files and are normally reside and execute from the Windows system directory.", + "remediationSteps": "1. Run Process Explorer and try to identify unknown running processes (see https://technet.microsoft.com/en-us/sysinternals/bb896653.aspx)\r\n2. Make sure the machine is completely updated and has an updated anti-malware application installed\r\n3. Run a full anti-malware scan and verify that the threat was removed\r\n4. Install and run Microsoft’s Malicious Software Removal Tool (see https://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx)\r\n5. Run Microsoft’s Autoruns utility and try to identify unknown applications that are configured to run at login (see https://technet.microsoft.com/en-us/sysinternals/bb963902.aspx)\r\n6. Escalate the alert to the information security team", + "actionTaken": "Undefined", + "reportedSeverity": "Low", + "compromisedEntity": "vm2", + "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/myRg2/providers/microsoft.compute/virtualmachines/vm2", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "instanceId": "2325cf9e-42a2-4f72-ae7f-9b863cba2d22", + "extendedProperties": { + "domain name": "vm2", + "user name": "vm2\\contosoUser", + "process name": "c:\\users\\contosoUser\\scrsave.scr", + "command line": "c:\\users\\contosoUser\\scrsave.scr", + "parent process": "cmd.exe", + "process id": "0x4aec", + "account logon id": "0x61450d87", + "user SID": "S-1-5-21-2144575486-8928446540-5163864319-500", + "parent process id": "0x3c44", + "enrichment_tas_threat__reports": "{\"Kind\":\"MultiLink\",\"DisplayValueToUrlDictionary\":{\"Report: Suspicious Screen Saver Execution\":\"https://iflowreportsproda.blob.core.windows.net/reports/MSTI-TS-Suspicious-Screen-Saver-Execution.pdf?sv=2016-05-31&sr=b&sig=2igHPl764UM7aBHNaO9mPAnpzoXlwRw8YjpFLLuB2NE%3D&spr=https&st=2018-05-07T00%3A20%3A54Z&se=2018-05-08T00%3A35%3A54Z&sp=r\"}}", + "resourceType": "Virtual Machine" + }, + "state": "Active", + "reportedTimeUtc": "2018-05-07T13:51:48.3810457Z", + "workspaceArmId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-weu/providers/microsoft.operationalinsights/workspaces/defaultworkspace-21ff7fc3-e762-48dd-bd96-b551f6dcdd23-weu", + "confidenceScore": 0.3, + "confidenceReasons": [{ + "type": "Process", + "reason": "Suspicious process execution history for this subscription" + }, { + "type": "Process", + "reason": "Suspicious process execution history for this subscription" + }, { + "type": "Process", + "reason": "cmd.exe appeared in multiple alerts of the same type" + }], + "canBeInvestigated": true, + "entities": [{ + "dnsDomain": "", + "ntDomain": "", + "hostName": "vm2", + "netBiosName": "vm2", + "azureID": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/myRg2/providers/microsoft.compute/virtualmachines/vm2", + "omsAgentID": "45b44640-3b94-4892-a28c-4a5cae27065a", + "operatingSystem": "Unknown", + "type": "host", + "OsVersion": null + }, { + "name": "contosoUser", + "ntDomain": "vm2", + "logonId": "0x61450d87", + "sid": "S-1-5-21-2144575486-8928446540-5163864319-500", + "type": "account" + }, { + "directory": "c:\\windows\\system32", + "name": "cmd.exe", + "type": "file" + }, { + "processId": "0x3c44", + "type": "process" + }, { + "directory": "c:\\users\\contosoUser", + "name": "scrsave.scr", + "type": "file" + }, { + "processId": "0x4aec", + "commandLine": "c:\\users\\contosoUser\\scrsave.scr", + "creationTimeUtc": "2018-05-07T13:51:45.0045913Z", + "type": "process" + }] + } + } + ] + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/UpdateAlertResourceGroupLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/UpdateAlertResourceGroupLocation_example.json new file mode 100644 index 000000000000..e3a50c68d89b --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/UpdateAlertResourceGroupLocation_example.json @@ -0,0 +1,14 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg2", + "ascLocation": "westeurope", + "alertName": "2518765996949954086_2325cf9e-42a2-4f72-ae7f-9b863cba2d22", + "alertUpdateActionType": "Dismiss" + }, + "responses": { + "204": { + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/UpdateAlertSubscriptionLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/UpdateAlertSubscriptionLocation_example.json new file mode 100644 index 000000000000..0debeb1d30fd --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/UpdateAlertSubscriptionLocation_example.json @@ -0,0 +1,13 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope", + "alertName": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "alertUpdateActionType": "Dismiss" + }, + "responses": { + "204": { + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionResourceGroupLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionResourceGroupLocation_example.json new file mode 100644 index 000000000000..34318bea83e3 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionResourceGroupLocation_example.json @@ -0,0 +1,26 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg2", + "ascLocation": "centralus", + "discoveredSecuritySolutionName": "paloalto7" + }, + "responses": { + "200": { + "body": { + "properties": { + "securityFamily": "Ngfw", + "offer": "vmseries1", + "publisher": "paloaltonetworks", + "sku": "byol" + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg2/providers/Microsoft.Security/locations/centralus/discoveredSecuritySolutions/paloalto7", + "name": "paloalto7", + "type": "Microsoft.Security/locations/discoveredSecuritySolutions", + "location": "eastus2" + } + + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionsSubscriptionLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionsSubscriptionLocation_example.json new file mode 100644 index 000000000000..7b42e9177837 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionsSubscriptionLocation_example.json @@ -0,0 +1,40 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "centralus" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "securityFamily": "Ngfw", + "offer": "cisco-asav", + "publisher": "cisco", + "sku": "asav-azure-byol" + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/centralus/discoveredSecuritySolutions/CP", + "name": "CP", + "type": "Microsoft.Security/locations/discoveredSecuritySolutions", + "location": "eastus" + }, + { + "properties": { + "securityFamily": "Ngfw", + "offer": "vmseries1", + "publisher": "paloaltonetworks", + "sku": "byol" + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg2/providers/Microsoft.Security/locations/centralus/discoveredSecuritySolutions/paloalto7", + "name": "paloalto7", + "type": "Microsoft.Security/locations/discoveredSecuritySolutions", + "location": "eastus2" + } + ] + } + + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionsSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionsSubscription_example.json new file mode 100644 index 000000000000..15a33ccd6826 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionsSubscription_example.json @@ -0,0 +1,39 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "securityFamily": "Ngfw", + "offer": "cisco-asav", + "publisher": "cisco", + "sku": "asav-azure-byol" + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/centralus/discoveredSecuritySolutions/CP", + "name": "CP", + "type": "Microsoft.Security/locations/discoveredSecuritySolutions", + "location": "eastus" + }, + { + "properties": { + "securityFamily": "Ngfw", + "offer": "vmseries1", + "publisher": "paloaltonetworks", + "sku": "byol" + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg2/providers/Microsoft.Security/locations/centralus/discoveredSecuritySolutions/paloalto7", + "name": "paloalto7", + "type": "Microsoft.Security/locations/discoveredSecuritySolutions", + "location": "eastus2" + } + ] + } + + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ExternalSecuritySolutions/GetExternalSecuritySolution_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ExternalSecuritySolutions/GetExternalSecuritySolution_example.json new file mode 100644 index 000000000000..9d561246553a --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ExternalSecuritySolutions/GetExternalSecuritySolution_example.json @@ -0,0 +1,28 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "defaultresourcegroup-eus", + "ascLocation": "centralus", + "externalSecuritySolutionsName": "aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus" + }, + "responses": { + "200": { + "body": { + "kind": "AAD", + "properties": { + "connectivityState": "Discovered", + "deviceVendor": "Microsoft", + "deviceType": "Azure Active Directory Identity Protection", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-eus/providers/Microsoft.OperationalInsights/workspaces/defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/defaultresourcegroup-eus/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus", + "name": "aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "eastus" + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ExternalSecuritySolutions/GetExternalSecuritySolutionsSubscriptionLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ExternalSecuritySolutions/GetExternalSecuritySolutionsSubscriptionLocation_example.json new file mode 100644 index 000000000000..4b828045520f --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ExternalSecuritySolutions/GetExternalSecuritySolutionsSubscriptionLocation_example.json @@ -0,0 +1,123 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "centralus" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "kind": "AAD", + "properties": { + "connectivityState": "Discovered", + "deviceVendor": "Microsoft", + "deviceType": "Azure Active Directory Identity Protection", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-eus/providers/Microsoft.OperationalInsights/workspaces/defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/defaultresourcegroup-eus/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus", + "name": "aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "eastus" + }, + { + "kind": "AAD", + "properties": { + "connectivityState": "Discovered", + "deviceVendor": "Microsoft", + "deviceType": "Azure Active Directory Identity Protection", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-weu/providers/Microsoft.OperationalInsights/workspaces/defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-weu" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/defaultresourcegroup-weu/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-weu", + "name": "aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-weu", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "westeurope" + }, + { + "kind": "CEF", + "properties": { + "lastEventReceived": "2018-05-09T10:30:11.523Z", + "hostname": "barracuda", + "deviceVendor": "barracudanetworks", + "deviceType": "WAF", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/unificationprod/providers/Microsoft.OperationalInsights/workspaces/omsprd" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/unificationprod/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/cef_omsprd_barracudanetworks_waf_barracuda", + "name": "cef_omsprd_barracudanetworks_waf_barracuda", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "westcentralus" + }, + { + "kind": "CEF", + "properties": { + "lastEventReceived": "2018-05-08T15:42:22.57Z", + "hostname": "demovm20", + "deviceVendor": "virtualHoneypot", + "deviceType": "Microsoft", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/unificationprod/providers/Microsoft.OperationalInsights/workspaces/omsprd" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/unificationprod/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/cef_omsprd_virtualhoneypot_Microsoft_demovm20", + "name": "cef_omsprd_virtualhoneypot_Microsoft_demovm20", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "westcentralus" + }, + { + "kind": "CEF", + "properties": { + "lastEventReceived": "2018-05-08T10:38:53.423Z", + "hostname": "demovm10", + "deviceVendor": "virtualHoneypot", + "deviceType": "Microsoft", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/unificationprod/providers/Microsoft.OperationalInsights/workspaces/omsprd" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/unificationprod/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/cef_omsprd_virtualhoneypot_Microsoft_demovm10", + "name": "cef_omsprd_virtualhoneypot_Microsoft_demovm10", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "westcentralus" + }, + { + "kind": "AAD", + "properties": { + "connectivityState": "Discovered", + "deviceVendor": "Microsoft", + "deviceType": "Azure Active Directory Identity Protection", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/unificationprod/providers/Microsoft.OperationalInsights/workspaces/omsprd" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/unificationprod/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_omsprd", + "name": "aad_omsprd", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "westcentralus" + }, + { + "kind": "AAD", + "properties": { + "connectivityState": "Discovered", + "deviceVendor": "Microsoft", + "deviceType": "Azure Active Directory Identity Protection", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-ejp/providers/Microsoft.OperationalInsights/workspaces/defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-ejp" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/defaultresourcegroup-ejp/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-ejp", + "name": "aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-ejp", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "japaneast" + } + ] + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ExternalSecuritySolutions/GetExternalSecuritySolutionsSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ExternalSecuritySolutions/GetExternalSecuritySolutionsSubscription_example.json new file mode 100644 index 000000000000..191fdd390865 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ExternalSecuritySolutions/GetExternalSecuritySolutionsSubscription_example.json @@ -0,0 +1,122 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "kind": "AAD", + "properties": { + "connectivityState": "Discovered", + "deviceVendor": "Microsoft", + "deviceType": "Azure Active Directory Identity Protection", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-eus/providers/Microsoft.OperationalInsights/workspaces/defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/defaultresourcegroup-eus/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus", + "name": "aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "eastus" + }, + { + "kind": "AAD", + "properties": { + "connectivityState": "Discovered", + "deviceVendor": "Microsoft", + "deviceType": "Azure Active Directory Identity Protection", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-weu/providers/Microsoft.OperationalInsights/workspaces/defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-weu" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/defaultresourcegroup-weu/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-weu", + "name": "aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-weu", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "westeurope" + }, + { + "kind": "CEF", + "properties": { + "lastEventReceived": "2018-05-09T10:30:11.523Z", + "hostname": "barracuda", + "deviceVendor": "barracudanetworks", + "deviceType": "WAF", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/unificationprod/providers/Microsoft.OperationalInsights/workspaces/omsprd" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/unificationprod/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/cef_omsprd_barracudanetworks_waf_barracuda", + "name": "cef_omsprd_barracudanetworks_waf_barracuda", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "westcentralus" + }, + { + "kind": "CEF", + "properties": { + "lastEventReceived": "2018-05-08T15:42:22.57Z", + "hostname": "demovm20", + "deviceVendor": "virtualHoneypot", + "deviceType": "Microsoft", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/unificationprod/providers/Microsoft.OperationalInsights/workspaces/omsprd" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/unificationprod/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/cef_omsprd_virtualhoneypot_Microsoft_demovm20", + "name": "cef_omsprd_virtualhoneypot_Microsoft_demovm20", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "westcentralus" + }, + { + "kind": "CEF", + "properties": { + "lastEventReceived": "2018-05-08T10:38:53.423Z", + "hostname": "demovm10", + "deviceVendor": "virtualHoneypot", + "deviceType": "Microsoft", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/unificationprod/providers/Microsoft.OperationalInsights/workspaces/omsprd" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/unificationprod/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/cef_omsprd_virtualhoneypot_Microsoft_demovm10", + "name": "cef_omsprd_virtualhoneypot_Microsoft_demovm10", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "westcentralus" + }, + { + "kind": "AAD", + "properties": { + "connectivityState": "Discovered", + "deviceVendor": "Microsoft", + "deviceType": "Azure Active Directory Identity Protection", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/unificationprod/providers/Microsoft.OperationalInsights/workspaces/omsprd" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/unificationprod/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_omsprd", + "name": "aad_omsprd", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "westcentralus" + }, + { + "kind": "AAD", + "properties": { + "connectivityState": "Discovered", + "deviceVendor": "Microsoft", + "deviceType": "Azure Active Directory Identity Protection", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-ejp/providers/Microsoft.OperationalInsights/workspaces/defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-ejp" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/defaultresourcegroup-ejp/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-ejp", + "name": "aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-ejp", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "japaneast" + } + ] + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/CreateJitNetworkAccessPolicy_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/CreateJitNetworkAccessPolicy_example.json new file mode 100644 index 000000000000..691a6fbea2c0 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/CreateJitNetworkAccessPolicy_example.json @@ -0,0 +1,93 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope", + "resourceGroupName": "myRg1", + "jitNetworkAccessPolicyName": "default", + "body":{ + "kind": "Basic", + "properties": { + "virtualMachines": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [{ + "number": 22, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" + }, + { + "number": 3389, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" + } + ] + }], + "requests": [{ + "virtualMachines": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [{ + "number": 3389, + "allowedSourceAddressPrefix": "192.127.0.2", + "endTimeUtc": "2018-05-17T09:06:45.5691611Z", + "status": "Initiated", + "statusReason": "UserRequested" + }] + }], + "startTimeUtc": "2018-05-17T08:06:45.5691611Z", + "requestor": "barbara@contoso.com" + }], + "provisioningState": "Succeeded" + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/jitNetworkAccessPolicies/default", + "name": "default", + "type": "Microsoft.Security/locations/jitNetworkAccessPolicies", + "location": "westeurope" + } + }, + "responses": { + "200": { + "body": { + "kind": "Basic", + "properties": { + "virtualMachines": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [{ + "number": 22, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" + }, + { + "number": 3389, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" + } + ] + }], + "requests": [{ + "virtualMachines": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [{ + "number": 3389, + "allowedSourceAddressPrefix": "192.127.0.2", + "endTimeUtc": "2018-05-17T09:06:45.5691611Z", + "status": "Initiated", + "statusReason": "UserRequested" + }] + }], + "startTimeUtc": "2018-05-17T08:06:45.5691611Z", + "requestor": "barbara@contoso.com" + }], + "provisioningState": "Succeeded" + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/jitNetworkAccessPolicies/default", + "name": "default", + "type": "Microsoft.Security/locations/jitNetworkAccessPolicies", + "location": "westeurope" + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/DeleteJitNetworkAccessPolicy_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/DeleteJitNetworkAccessPolicy_example.json new file mode 100644 index 000000000000..8d212caea815 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/DeleteJitNetworkAccessPolicy_example.json @@ -0,0 +1,13 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope", + "resourceGroupName": "myRg1", + "jitNetworkAccessPolicyName": "default" + }, + "responses": { + "204": { + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesResourceGroupLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesResourceGroupLocation_example.json new file mode 100644 index 000000000000..1f52d31d67fc --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesResourceGroupLocation_example.json @@ -0,0 +1,54 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope", + "resourceGroupName": "myRg1" + }, + "responses": { + "200": { + "body": { + "value": [{ + "kind": "Basic", + "properties": { + "virtualMachines": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [{ + "number": 22, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" + }, + { + "number": 3389, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" + } + ] + }], + "requests": [{ + "virtualMachines": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [{ + "number": 3389, + "allowedSourceAddressPrefix": "192.127.0.2", + "endTimeUtc": "2018-05-17T09:06:45.5691611Z", + "status": "Initiated", + "statusReason": "UserRequested" + }] + }], + "startTimeUtc": "2018-05-17T08:06:45.5691611Z", + "requestor": "barbara@contoso.com" + }], + "provisioningState": "Succeeded" + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/jitNetworkAccessPolicies/default", + "name": "default", + "type": "Microsoft.Security/locations/jitNetworkAccessPolicies", + "location": "westeurope" + }] + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesResourceGroup_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesResourceGroup_example.json new file mode 100644 index 000000000000..de24bcd2f463 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesResourceGroup_example.json @@ -0,0 +1,53 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg1" + }, + "responses": { + "200": { + "body": { + "value": [{ + "kind": "Basic", + "properties": { + "virtualMachines": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [{ + "number": 22, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" + }, + { + "number": 3389, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" + } + ] + }], + "requests": [{ + "virtualMachines": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [{ + "number": 3389, + "allowedSourceAddressPrefix": "192.127.0.2", + "endTimeUtc": "2018-05-17T09:06:45.5691611Z", + "status": "Initiated", + "statusReason": "UserRequested" + }] + }], + "startTimeUtc": "2018-05-17T08:06:45.5691611Z", + "requestor": "barbara@contoso.com" + }], + "provisioningState": "Succeeded" + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/jitNetworkAccessPolicies/default", + "name": "default", + "type": "Microsoft.Security/locations/jitNetworkAccessPolicies", + "location": "westeurope" + }] + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesSubscriptionLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesSubscriptionLocation_example.json new file mode 100644 index 000000000000..bec7fd1da349 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesSubscriptionLocation_example.json @@ -0,0 +1,53 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope" + }, + "responses": { + "200": { + "body": { + "value": [{ + "kind": "Basic", + "properties": { + "virtualMachines": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [{ + "number": 22, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" + }, + { + "number": 3389, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" + } + ] + }], + "requests": [{ + "virtualMachines": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [{ + "number": 3389, + "allowedSourceAddressPrefix": "192.127.0.2", + "endTimeUtc": "2018-05-17T09:06:45.5691611Z", + "status": "Initiated", + "statusReason": "UserRequested" + }] + }], + "startTimeUtc": "2018-05-17T08:06:45.5691611Z", + "requestor": "barbara@contoso.com" + }], + "provisioningState": "Succeeded" + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/jitNetworkAccessPolicies/default", + "name": "default", + "type": "Microsoft.Security/locations/jitNetworkAccessPolicies", + "location": "westeurope" + }] + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesSubscription_example.json new file mode 100644 index 000000000000..968d48bf8c25 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesSubscription_example.json @@ -0,0 +1,52 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [{ + "kind": "Basic", + "properties": { + "virtualMachines": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [{ + "number": 22, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" + }, + { + "number": 3389, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" + } + ] + }], + "requests": [{ + "virtualMachines": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [{ + "number": 3389, + "allowedSourceAddressPrefix": "192.127.0.2", + "endTimeUtc": "2018-05-17T09:06:45.5691611Z", + "status": "Initiated", + "statusReason": "UserRequested" + }] + }], + "startTimeUtc": "2018-05-17T08:06:45.5691611Z", + "requestor": "barbara@contoso.com" + }], + "provisioningState": "Succeeded" + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/jitNetworkAccessPolicies/default", + "name": "default", + "type": "Microsoft.Security/locations/jitNetworkAccessPolicies", + "location": "westeurope" + }] + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPolicy_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPolicy_example.json new file mode 100644 index 000000000000..56f9a543528b --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPolicy_example.json @@ -0,0 +1,53 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope", + "resourceGroupName": "myRg1", + "jitNetworkAccessPolicyName": "default" + }, + "responses": { + "200": { + "body": { + "kind": "Basic", + "properties": { + "virtualMachines": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [{ + "number": 22, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" + }, + { + "number": 3389, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" + } + ] + }], + "requests": [{ + "virtualMachines": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [{ + "number": 3389, + "allowedSourceAddressPrefix": "192.127.0.2", + "endTimeUtc": "2018-05-17T09:06:45.5691611Z", + "status": "Initiated", + "statusReason": "UserRequested" + }] + }], + "startTimeUtc": "2018-05-17T08:06:45.5691611Z", + "requestor": "barbara@contoso.com" + }], + "provisioningState": "Succeeded" + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/jitNetworkAccessPolicies/default", + "name": "default", + "type": "Microsoft.Security/locations/jitNetworkAccessPolicies", + "location": "westeurope" + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/InvokeJitNetworkAccessPolicy_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/InvokeJitNetworkAccessPolicy_example.json new file mode 100644 index 000000000000..dffff38e1b41 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/InvokeJitNetworkAccessPolicy_example.json @@ -0,0 +1,28 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope", + "resourceGroupName": "myRg1", + "jitNetworkAccessPolicyName": "default", + "jitNetworkAccessPolicyActionType": "initiate", + "body": { + "virtualMachines": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [ + { + "number": 3389, + "duration": "PT1H", + "allowedSourceAddressPrefix": "192.127.0.2" + } + ] + } + ] + } + }, + "responses": { + "204": { + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Locations/GetLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Locations/GetLocation_example.json new file mode 100644 index 000000000000..97c210917a96 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Locations/GetLocation_example.json @@ -0,0 +1,19 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "centralus" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/locations/centralus", + "name": "centralus", + "type": "Microsoft.Security/locations", + "properties": { + "homeRegionName": "centralus" + } + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Locations/GetLocations_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Locations/GetLocations_example.json new file mode 100644 index 000000000000..d5ffd8738b01 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Locations/GetLocations_example.json @@ -0,0 +1,20 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/locations/centralus", + "name": "centralus", + "type": "Microsoft.Security/locations", + "properties": { + "homeRegionName": "centralus" + } + }] + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTaskResourceGroupLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTaskResourceGroupLocation_example.json new file mode 100644 index 000000000000..3fcc10920cdc --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTaskResourceGroupLocation_example.json @@ -0,0 +1,34 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg", + "ascLocation": "westeurope", + "taskName": "d55b4dc0-779c-c66c-33e5-d7bce24c4222" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/locations/westeurope/tasks/d55b4dc0-779c-c66c-33e5-d7bce24c4222", + "name": "d55b4dc0-779c-c66c-33e5-d7bce24c4222", + "type": "Microsoft.Security/locations/tasks", + "properties": { + "state": "Active", + "subState": "NA", + "creationTimeUtc": "2018-04-02T11:41:27.0541014Z", + "lastStateChangeTimeUtc": "2018-04-02T11:41:27.0541014Z", + "securityTaskParameters": { + "vmId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1", + "vmName": "vm1", + "severity": "High", + "isOsDiskEncrypted": false, + "isDataDiskEncrypted": false, + "name": "EncryptionOnVm", + "uniqueKey": "EncryptionOnVmTaskParameters_/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1", + "resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1" + } + } + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTaskSubscriptionLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTaskSubscriptionLocation_example.json new file mode 100644 index 000000000000..cdc93f875de2 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTaskSubscriptionLocation_example.json @@ -0,0 +1,33 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope", + "taskName": "62609ee7-d0a5-8616-9fe4-1df5cca7758d" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/locations/westeurope/tasks/62609ee7-d0a5-8616-9fe4-1df5cca7758d", + "name": "62609ee7-d0a5-8616-9fe4-1df5cca7758d", + "type": "Microsoft.Security/locations/tasks", + "properties": { + "state": "Active", + "subState": "NA", + "creationTimeUtc": "2018-03-05T10:42:03.9935508Z", + "lastStateChangeTimeUtc": "2018-03-05T10:42:03.9935508Z", + "securityTaskParameters": { + "resourceName": "default", + "resourceType": "Subnet", + "resourceParent": "vnet1", + "location": "uksouth", + "resourceGroup": "myRg", + "name": "NetworkSecurityGroupMissingOnSubnet", + "uniqueKey": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/default", + "resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/default" + } + } + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTasksResourceGroupLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTasksResourceGroupLocation_example.json new file mode 100644 index 000000000000..3dd4b1f07640 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTasksResourceGroupLocation_example.json @@ -0,0 +1,37 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg", + "ascLocation": "westeurope" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/locations/westeurope/tasks/d55b4dc0-779c-c66c-33e5-d7bce24c4222", + "name": "d55b4dc0-779c-c66c-33e5-d7bce24c4222", + "type": "Microsoft.Security/locations/tasks", + "properties": { + "state": "Active", + "subState": "NA", + "creationTimeUtc": "2018-04-02T11:41:27.0541014Z", + "lastStateChangeTimeUtc": "2018-04-02T11:41:27.0541014Z", + "securityTaskParameters": { + "vmId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1", + "vmName": "vm1", + "severity": "High", + "isOsDiskEncrypted": false, + "isDataDiskEncrypted": false, + "name": "EncryptionOnVm", + "uniqueKey": "EncryptionOnVmTaskParameters_/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1", + "resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1" + } + } + } + ] + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTasksSubscriptionLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTasksSubscriptionLocation_example.json new file mode 100644 index 000000000000..f7b50de923fd --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTasksSubscriptionLocation_example.json @@ -0,0 +1,56 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope" + }, + "responses": { + "200": { + "body": { + "value": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/locations/westeurope/tasks/62609ee7-d0a5-8616-9fe4-1df5cca7758d", + "name": "62609ee7-d0a5-8616-9fe4-1df5cca7758d", + "type": "Microsoft.Security/locations/tasks", + "properties": { + "state": "Active", + "subState": "NA", + "creationTimeUtc": "2018-03-05T10:42:03.9935508Z", + "lastStateChangeTimeUtc": "2018-03-05T10:42:03.9935508Z", + "securityTaskParameters": { + "resourceName": "default", + "resourceType": "Subnet", + "resourceParent": "vnet1", + "location": "uksouth", + "resourceGroup": "myRg", + "name": "NetworkSecurityGroupMissingOnSubnet", + "uniqueKey": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/default", + "resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/default" + } + } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/locations/westeurope/tasks/d55b4dc0-779c-c66c-33e5-d7bce24c4222", + "name": "d55b4dc0-779c-c66c-33e5-d7bce24c4222", + "type": "Microsoft.Security/locations/tasks", + "properties": { + "state": "Active", + "subState": "NA", + "creationTimeUtc": "2018-04-02T11:41:27.0541014Z", + "lastStateChangeTimeUtc": "2018-04-02T11:41:27.0541014Z", + "securityTaskParameters": { + "vmId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1", + "vmName": "vm1", + "severity": "High", + "isOsDiskEncrypted": false, + "isDataDiskEncrypted": false, + "name": "EncryptionOnVm", + "uniqueKey": "EncryptionOnVmTaskParameters_/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1", + "resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1" + } + } + } + ] + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTasksSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTasksSubscription_example.json new file mode 100644 index 000000000000..ed5e2100f33d --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTasksSubscription_example.json @@ -0,0 +1,55 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/locations/westeurope/tasks/62609ee7-d0a5-8616-9fe4-1df5cca7758d", + "name": "62609ee7-d0a5-8616-9fe4-1df5cca7758d", + "type": "Microsoft.Security/locations/tasks", + "properties": { + "state": "Active", + "subState": "NA", + "creationTimeUtc": "2018-03-05T10:42:03.9935508Z", + "lastStateChangeTimeUtc": "2018-03-05T10:42:03.9935508Z", + "securityTaskParameters": { + "resourceName": "default", + "resourceType": "Subnet", + "resourceParent": "vnet1", + "location": "uksouth", + "resourceGroup": "myRg", + "name": "NetworkSecurityGroupMissingOnSubnet", + "uniqueKey": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/default", + "resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/default" + } + } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/locations/westeurope/tasks/d55b4dc0-779c-c66c-33e5-d7bce24c4222", + "name": "d55b4dc0-779c-c66c-33e5-d7bce24c4222", + "type": "Microsoft.Security/locations/tasks", + "properties": { + "state": "Active", + "subState": "NA", + "creationTimeUtc": "2018-04-02T11:41:27.0541014Z", + "lastStateChangeTimeUtc": "2018-04-02T11:41:27.0541014Z", + "securityTaskParameters": { + "vmId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1", + "vmName": "vm1", + "severity": "High", + "isOsDiskEncrypted": false, + "isDataDiskEncrypted": false, + "name": "EncryptionOnVm", + "uniqueKey": "EncryptionOnVmTaskParameters_/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1", + "resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1" + } + } + } + ] + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/UpdateTaskResourceGroupLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/UpdateTaskResourceGroupLocation_example.json new file mode 100644 index 000000000000..4008f6de1d33 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/UpdateTaskResourceGroupLocation_example.json @@ -0,0 +1,14 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope", + "resourceGroupName": "myRg", + "taskName": "d55b4dc0-779c-c66c-33e5-d7bce24c4222", + "taskUpdateActionType": "Dismiss" + }, + "responses": { + "204": { + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/UpdateTaskSubscriptionLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/UpdateTaskSubscriptionLocation_example.json new file mode 100644 index 000000000000..0b72f9904b58 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/UpdateTaskSubscriptionLocation_example.json @@ -0,0 +1,13 @@ +{ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope", + "taskName": "62609ee7-d0a5-8616-9fe4-1df5cca7758d", + "taskUpdateActionType": "Dismiss" + }, + "responses": { + "204": { + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/security.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/security.json new file mode 100644 index 000000000000..09e0d934582e --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/security.json @@ -0,0 +1,2380 @@ +{ + "swagger": "2.0", + "info": { + "title": "ASC API", + "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", + "version": "2015-06-01-preview" + }, + "host": "management.azure.com", + "schemes": ["https"], + "consumes": ["application/json"], + "produces": ["application/json"], + "security": [{ + "azure_auth": [ + "user_impersonation" + ] + }], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/providers/Microsoft.Security/operations": { + "get": { + "tags": ["Operations"], + "description": "Exposes all available operations for discovery purposes.", + "operationId": "Operations_List", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/OperationList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations": { + "get": { + "x-ms-examples": { + "Get security data locations": { + "$ref": "./examples/Locations/GetLocations_example.json" + } + }, + "tags": ["Locations"], + "description": "The location of the responsible ASC of the specific subscription. For each subscription there is only one responsible location. The location in the response should be used to read or write other resources in ASC according to their ID.", + "operationId": "Locations_List", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/AscLocationList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}": { + "get": { + "x-ms-examples": { + "Get security data location": { + "$ref": "./examples/Locations/GetLocation_example.json" + } + }, + "tags": ["Locations"], + "description": "Details of a specific location", + "operationId": "Locations_Get", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/AscLocation" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/AscLocation" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/tasks": { + "get": { + "x-ms-examples": { + "Get security recommendations tasks": { + "$ref": "./examples/Tasks/GetTasksSubscription_example.json" + } + }, + "tags": ["Tasks"], + "description": "Recommended tasks that will help improve the security of the subscription proactively", + "operationId": "TasksSubscription_List", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/ODataFilter" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/TaskList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/tasks": { + "get": { + "x-ms-examples": { + "Get security recommendations tasks from security data location": { + "$ref": "./examples/Tasks/GetTasksSubscriptionLocation_example.json" + } + }, + "tags": ["Tasks"], + "description": "Recommended tasks that will help improve the security of the subscription proactively", + "operationId": "TasksSubscriptionLocation_List", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/AscLocation" + }, { + "$ref": "#/parameters/ODataFilter" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/TaskList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/tasks/{taskName}": { + "get": { + "x-ms-examples": { + "Get security recommendation task from security data location": { + "$ref": "./examples/Tasks/GetTaskSubscriptionLocation_example.json" + } + }, + "tags": ["Tasks"], + "description": "Recommended tasks that will help improve the security of the subscription proactively", + "operationId": "TasksSubscriptionLocation_Get", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/AscLocation" + }, { + "$ref": "#/parameters/TaskName" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/Task" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/tasks/{taskName}/{taskUpdateActionType}": { + "post": { + "x-ms-examples": { + "Change security recommendation task state": { + "$ref": "./examples/Tasks/UpdateTaskSubscriptionLocation_example.json" + } + }, + "tags": ["Tasks"], + "description": "Recommended tasks that will help improve the security of the subscription proactively", + "operationId": "TasksSubscriptionLocation_Update", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/AscLocation" + }, { + "$ref": "#/parameters/TaskName" + }, { + "$ref": "#/parameters/TaskUpdateActionType" + }], + "responses": { + "204": { + "description": "No Content" + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/tasks": { + "get": { + "x-ms-examples": { + "Get security recommendation tasks in a resource group": { + "$ref": "./examples/Tasks/GetTasksResourceGroupLocation_example.json" + } + }, + "tags": ["Tasks"], + "description": "Recommended tasks that will help improve the security of the subscription proactively", + "operationId": "TasksResourceGroupLocation_List", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/ResourceGroupName" + }, { + "$ref": "#/parameters/AscLocation" + }, { + "$ref": "#/parameters/ODataFilter" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/TaskList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/tasks/{taskName}": { + "get": { + "x-ms-examples": { + "Get security recommendation task in a resource group": { + "$ref": "./examples/Tasks/GetTaskResourceGroupLocation_example.json" + } + }, + "tags": ["Tasks"], + "description": "Recommended tasks that will help improve the security of the subscription proactively", + "operationId": "TasksResourceGroupLocation_Get", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/ResourceGroupName" + }, { + "$ref": "#/parameters/AscLocation" + }, { + "$ref": "#/parameters/TaskName" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/Task" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/tasks/{taskName}/{taskUpdateActionType}": { + "post": { + "x-ms-examples": { + "Change security recommendation task state": { + "$ref": "./examples/Tasks/UpdateTaskResourceGroupLocation_example.json" + } + }, + "tags": ["Tasks"], + "description": "Recommended tasks that will help improve the security of the subscription proactively", + "operationId": "TasksResourceGroupLocation_Update", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/ResourceGroupName" + }, { + "$ref": "#/parameters/AscLocation" + }, { + "$ref": "#/parameters/TaskName" + }, { + "$ref": "#/parameters/TaskUpdateActionType" + }], + "responses": { + "204": { + "description": "No Content" + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/alerts": { + "get": { + "x-ms-examples": { + "Get security alerts on a subscription": { + "$ref": "./examples/Alerts/GetAlertsSubscription_example.json" + } + }, + "tags": ["Alerts"], + "description": "Alerts on security events that happened on the subscription", + "operationId": "AlertsSubscription_List", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/ODataFilter" + }, { + "$ref": "#/parameters/ODataSelect" + }, { + "$ref": "#/parameters/ODataExpand" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/AlertList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/alerts": { + "get": { + "x-ms-examples": { + "Get security alerts on a resource group": { + "$ref": "./examples/Alerts/GetAlertsResourceGroup_example.json" + } + }, + "tags": ["Alerts"], + "description": "Alerts on security events that happened on the subscription", + "operationId": "AlertsResourceGroup_List", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/ResourceGroupName" + }, { + "$ref": "#/parameters/ODataFilter" + }, { + "$ref": "#/parameters/ODataSelect" + }, { + "$ref": "#/parameters/ODataExpand" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/AlertList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts": { + "get": { + "x-ms-examples": { + "Get security alerts on a subscription from a security data location": { + "$ref": "./examples/Alerts/GetAlertsSubscriptionsLocation_example.json" + } + }, + "tags": ["Alerts"], + "description": "Alerts on security events that happened on the subscription", + "operationId": "AlertsSubscriptionLocation_List", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/AscLocation" + }, { + "$ref": "#/parameters/ODataFilter" + }, { + "$ref": "#/parameters/ODataSelect" + }, { + "$ref": "#/parameters/ODataExpand" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/AlertList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts": { + "get": { + "x-ms-examples": { + "Get security alerts on a resource group from a security data location": { + "$ref": "./examples/Alerts/GetAlertsResourceGroupLocation_example.json" + } + }, + "tags": ["Alerts"], + "description": "Alerts on security events that happened on the subscription", + "operationId": "AlertsResourceGroupLocation_List", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/AscLocation" + }, { + "$ref": "#/parameters/ResourceGroupName" + }, { + "$ref": "#/parameters/ODataFilter" + }, { + "$ref": "#/parameters/ODataSelect" + }, { + "$ref": "#/parameters/ODataExpand" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/AlertList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}": { + "get": { + "x-ms-examples": { + "Get security alert on a subscription from a security data location": { + "$ref": "./examples/Alerts/GetAlertSubscriptionLocation_example.json" + } + }, + "tags": ["Alerts"], + "description": "Alerts on security events that happened on the subscription", + "operationId": "AlertsSubscriptionLocation_Get", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/AscLocation" + }, { + "$ref": "#/parameters/AlertName" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/Alert" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}": { + "get": { + "x-ms-examples": { + "Get security alert on a resource group from a security data location": { + "$ref": "./examples/Alerts/GetAlertResourceGroupLocation_example.json" + } + }, + "tags": ["Alerts"], + "description": "Alerts on security events that happened on the subscription", + "operationId": "AlertsResourceGroupLocation_Get", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/AscLocation" + }, { + "$ref": "#/parameters/AlertName" + }, { + "$ref": "#/parameters/ResourceGroupName" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/Alert" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/{alertUpdateActionType}": { + "post": { + "x-ms-examples": { + "Update security alert state on a subscription from a security data location": { + "$ref": "./examples/Alerts/UpdateAlertSubscriptionLocation_example.json" + } + }, + "tags": ["Alerts"], + "description": "Alerts on security events that happened on the subscription", + "operationId": "AlertsSubscriptionLocation_Update", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/AscLocation" + }, { + "$ref": "#/parameters/AlertName" + }, { + "$ref": "#/parameters/AlertUpdateActionType" + }], + "responses": { + "204": { + "description": "No Content" + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/{alertUpdateActionType}": { + "post": { + "x-ms-examples": { + "Update security alert state on a resource group from a security data location": { + "$ref": "./examples/Alerts/UpdateAlertResourceGroupLocation_example.json" + } + }, + "tags": ["Alerts"], + "description": "Alerts on security events that happened on the subscription", + "operationId": "AlertsResourceGroupLocation_Update", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/AscLocation" + }, { + "$ref": "#/parameters/AlertName" + }, { + "$ref": "#/parameters/AlertUpdateActionType" + }, { + "$ref": "#/parameters/ResourceGroupName" + }], + "responses": { + "204": { + "description": "No Content" + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/discoveredSecuritySolutions": { + "get": { + "x-ms-examples": { + "Get discovered security solutions": { + "$ref": "./examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionsSubscription_example.json" + } + }, + "tags": ["DiscoveredSecuritySolutions"], + "description": "Gets a list of discovered Security Solutions for the subscription.", + "operationId": "DiscoveredSecuritySolutionsSubscription_List", + "parameters": [{ + "$ref": "#/parameters/SubscriptionId" + }, + { + "$ref": "#/parameters/ApiVersion" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/DiscoveredSecuritySolutionList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/discoveredSecuritySolutions": { + "get": { + "x-ms-examples": { + "Get discovered security solutions from a security data location": { + "$ref": "./examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionsSubscriptionLocation_example.json" + } + }, + "tags": ["DiscoveredSecuritySolutions"], + "description": "Gets a list of discovered Security Solutions for the subscription and location.", + "operationId": "DiscoveredSecuritySolutionsSubscriptionLocation_List", + "parameters": [{ + "$ref": "#/parameters/SubscriptionId" + }, + { + "$ref": "#/parameters/AscLocation" + }, + { + "$ref": "#/parameters/ApiVersion" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/DiscoveredSecuritySolutionList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/discoveredSecuritySolutions/{discoveredSecuritySolutionName}": { + "get": { + "x-ms-examples": { + "Get discovered security solution from a security data location": { + "$ref": "./examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionResourceGroupLocation_example.json" + } + }, + "tags": ["DiscoveredSecuritySolutions"], + "description": "Gets a specific discovered Security Solution.", + "operationId": "DiscoveredSecuritySolutionsSubscriptionLocation_Get", + "parameters": [{ + "$ref": "#/parameters/SubscriptionId" + }, + { + "$ref": "#/parameters/ResourceGroupName" + }, + { + "$ref": "#/parameters/AscLocation" + }, + { + "$ref": "#/parameters/DiscoveredSecuritySolutionName" + }, + { + "$ref": "#/parameters/ApiVersion" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/DiscoveredSecuritySolution" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/jitNetworkAccessPolicies": { + "get": { + "x-ms-examples": { + "Get JIT network access policies on a subscription": { + "$ref": "./examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesSubscription_example.json" + } + }, + "tags": ["JitNetworkAccessPolicies"], + "description": "Policies for protecting resources using Just-in-Time access control.", + "operationId": "JitNetworkAccessPoliciesSubscription_List", + "parameters": [{ + "$ref": "#/parameters/SubscriptionId" + }, + { + "$ref": "#/parameters/ApiVersion" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/JitNetworkAccessPoliciesList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies": { + "get": { + "x-ms-examples": { + "Get JIT network access policies on a subscription from a security data location": { + "$ref": "./examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesSubscriptionLocation_example.json" + } + }, + "tags": ["JitNetworkAccessPolicies"], + "description": "Policies for protecting resources using Just-in-Time access control for the subscription, location", + "operationId": "JitNetworkAccessPoliciesSubscriptionLocation_List", + "parameters": [{ + "$ref": "#/parameters/SubscriptionId" + }, + { + "$ref": "#/parameters/AscLocation" + }, + { + "$ref": "#/parameters/ApiVersion" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/JitNetworkAccessPoliciesList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/jitNetworkAccessPolicies": { + "get": { + "x-ms-examples": { + "Get JIT network access policies on a resource group": { + "$ref": "./examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesResourceGroup_example.json" + } + }, + "tags": ["JitNetworkAccessPolicies"], + "description": "Policies for protecting resources using Just-in-Time access control for the subscription, location", + "operationId": "JitNetworkAccessPoliciesResourceGroup_List", + "parameters": [{ + "$ref": "#/parameters/SubscriptionId" + }, + { + "$ref": "#/parameters/ResourceGroupName" + }, + { + "$ref": "#/parameters/ApiVersion" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/JitNetworkAccessPoliciesList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies": { + "get": { + "x-ms-examples": { + "Get JIT network access policies on a resource group from a security data location": { + "$ref": "./examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesResourceGroupLocation_example.json" + } + }, + "tags": ["JitNetworkAccessPolicies"], + "description": "Policies for protecting resources using Just-in-Time access control for the subscription, location", + "operationId": "JitNetworkAccessPoliciesResourceGroupLocation_List", + "produces": [ + "application/json" + ], + "parameters": [{ + "$ref": "#/parameters/SubscriptionId" + }, + { + "$ref": "#/parameters/ResourceGroupName" + }, + { + "$ref": "#/parameters/AscLocation" + }, + { + "$ref": "#/parameters/ApiVersion" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/JitNetworkAccessPoliciesList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies/{jitNetworkAccessPolicyName}": { + "get": { + "x-ms-examples": { + "Get JIT network access policy": { + "$ref": "./examples/JitNetworkAccessPolicies/GetJitNetworkAccessPolicy_example.json" + } + }, + "tags": ["JitNetworkAccessPolicies"], + "description": "Policies for protecting resources using Just-in-Time access control for the subscription, location", + "operationId": "JitNetworkAccessPoliciesResourceGroupLocation_Get", + "parameters": [{ + "$ref": "#/parameters/SubscriptionId" + }, + { + "$ref": "#/parameters/ResourceGroupName" + }, + { + "$ref": "#/parameters/AscLocation" + }, + { + "$ref": "#/parameters/JitNetworkAccessPolicyName" + }, + { + "$ref": "#/parameters/ApiVersion" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/JitNetworkAccessPolicy" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "put": { + "x-ms-examples": { + "Create JIT network access policy": { + "$ref": "./examples/JitNetworkAccessPolicies/CreateJitNetworkAccessPolicy_example.json" + } + }, + "tags": ["JitNetworkAccessPolicies"], + "description": "Create a policy for protecting resources using Just-in-Time access control", + "operationId": "JitNetworkAccessPoliciesResourceGroupLocation_Create", + "parameters": [{ + "$ref": "#/parameters/SubscriptionId" + }, + { + "$ref": "#/parameters/ResourceGroupName" + }, + { + "$ref": "#/parameters/AscLocation" + }, + { + "$ref": "#/parameters/JitNetworkAccessPolicyName" + }, + { + "$ref": "#/parameters/ApiVersion" + }, + { + "$ref": "#/parameters/JitNetworkAccessPolicy" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/JitNetworkAccessPolicy" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "delete": { + "x-ms-examples": { + "Delete JIT network access policy": { + "$ref": "./examples/JitNetworkAccessPolicies/DeleteJitNetworkAccessPolicy_example.json" + } + }, + "tags": ["JitNetworkAccessPolicies"], + "description": "Delete a Just-in-Time access control policy.", + "operationId": "JitNetworkAccessPoliciesResourceGroupLocation_Delete", + "parameters": [{ + "$ref": "#/parameters/SubscriptionId" + }, + { + "$ref": "#/parameters/ResourceGroupName" + }, + { + "$ref": "#/parameters/AscLocation" + }, + { + "$ref": "#/parameters/JitNetworkAccessPolicyName" + }, + { + "$ref": "#/parameters/ApiVersion" + } + ], + "responses": { + "204": { + "description": "No Content" + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies/{jitNetworkAccessPolicyName}/{jitNetworkAccessPolicyActionType}": { + "post": { + "x-ms-examples": { + "Invoke an action on a JIT network access policy": { + "$ref": "./examples/JitNetworkAccessPolicies/InvokeJitNetworkAccessPolicy_example.json" + } + }, + "tags": ["JitNetworkAccessPolicies"], + "description": "Perform an action on a specific Just-in-Time policy configuration.", + "operationId": "JitNetworkAccessPoliciesResourceGroupLocation_Update", + "parameters": [{ + "$ref": "#/parameters/SubscriptionId" + }, + { + "$ref": "#/parameters/ResourceGroupName" + }, + { + "$ref": "#/parameters/AscLocation" + }, + { + "$ref": "#/parameters/JitNetworkAccessPolicyName" + }, + { + "$ref": "#/parameters/JitNetworkAccessPolicyActionType" + }, + { + "$ref": "#/parameters/ApiVersion" + }, + { + "$ref": "#/parameters/JitNetworkAccessPolicyAction" + } + ], + "responses": { + "204": { + "description": "No Content" + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/externalSecuritySolutions": { + "get": { + "x-ms-examples": { + "Get external security solutions on a subscription": { + "$ref": "./examples/ExternalSecuritySolutions/GetExternalSecuritySolutionsSubscription_example.json" + } + }, + "description": "Gets a list of external security solutions for the subscription.", + "tags": ["ExternalSecuritySolutions"], + "operationId": "ExternalSecuritySolutionsSubscription_List", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, + { + "$ref": "#/parameters/SubscriptionId" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/ExternalSecuritySolutionList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/ExternalSecuritySolutions": { + "get": { + "x-ms-examples": { + "Get external security solutions on a subscription from security data location": { + "$ref": "./examples/ExternalSecuritySolutions/GetExternalSecuritySolutionsSubscriptionLocation_example.json" + } + }, + "description": "Gets a list of external Security Solutions for the subscription and location.", + "tags": ["ExternalSecuritySolutions"], + "operationId": "ExternalSecuritySolutionsSubscriptionLocation_List", + "parameters": [{ + "$ref": "#/parameters/SubscriptionId" + }, + { + "$ref": "#/parameters/AscLocation" + }, + { + "$ref": "#/parameters/ApiVersion" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/ExternalSecuritySolutionList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/ExternalSecuritySolutions/{externalSecuritySolutionsName}": { + "get": { + "x-ms-examples": { + "Get external security solution": { + "$ref": "./examples/ExternalSecuritySolutions/GetExternalSecuritySolution_example.json" + } + }, + "description": "Gets a specific external Security Solution.", + "tags": ["ExternalSecuritySolutions"], + "operationId": "ExternalSecuritySolutionsSubscriptionLocation_Get", + "parameters": [{ + "$ref": "#/parameters/SubscriptionId" + }, + { + "$ref": "#/parameters/ResourceGroupName" + }, + { + "$ref": "#/parameters/AscLocation" + }, + { + "$ref": "#/parameters/ExternalSecuritySolutionsName" + }, + { + "$ref": "#/parameters/ApiVersion" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/ExternalSecuritySolution" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + } + }, + "definitions": { + "CloudError": { + "x-ms-external": true, + "type": "object", + "description": "Error response structure.", + "properties": { + "error": { + "x-ms-client-flatten": true, + "description": "Error data", + "$ref": "#/definitions/CloudErrorBody" + } + } + }, + "CloudErrorBody": { + "x-ms-external": true, + "type": "object", + "description": "Error details.", + "properties": { + "code": { + "readOnly": true, + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "readOnly": true, + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + } + }, + "Resource": { + "type": "object", + "description": "Describes an Azure resource.", + "properties": { + "id": { + "readOnly": true, + "type": "string", + "description": "Resource Id" + }, + "name": { + "readOnly": true, + "type": "string", + "description": "Resource name" + }, + "type": { + "readOnly": true, + "type": "string", + "description": "Resource type" + } + }, + "x-ms-azure-resource": true + }, + "Kind": { + "type": "object", + "description": "Describes an Azure resource with kind", + "properties": { + "kind": { + "readOnly": true, + "type": "string", + "description": "Kind of the resource" + } + } + }, + "Location": { + "type": "object", + "description": "Describes an Azure resource with location", + "properties": { + "location": { + "readOnly": true, + "type": "string", + "description": "Location where the resource is stored" + } + } + }, + "OperationList": { + "type": "object", + "description": "List of possible operations for Microsoft.Security resource provider", + "properties": { + "value": { + "type": "array", + "description": "List of Security operations", + "items": { + "$ref": "#/definitions/Operation" + } + } + } + }, + "Operation": { + "type": "object", + "description": "Possible operation in the REST API of Microsoft.Security", + "properties": { + "name": { + "readOnly": true, + "type": "string", + "description": "Name of the operation" + }, + "origin": { + "readOnly": true, + "type": "string", + "description": "Where the operation is originated" + }, + "display": { + "$ref": "#/definitions/OperationDisplay" + } + } + }, + "OperationDisplay": { + "type": "object", + "description": "Security operation display", + "properties": { + "provider": { + "readOnly": true, + "type": "string", + "description": "The resource provider for the operation." + }, + "resource": { + "readOnly": true, + "type": "string", + "description": "The display name of the resource the operation applies to." + }, + "operation": { + "readOnly": true, + "type": "string", + "description": "The display name of the security operation." + }, + "description": { + "readOnly": true, + "type": "string", + "description": "The description of the operation." + } + } + }, + "TaskList": { + "type": "object", + "description": "List of security task recommendations", + "properties": { + "value": { + "readOnly": true, + "type": "array", + "items": { + "$ref": "#/definitions/Task" + } + }, + "nextLink": { + "readOnly": true, + "type": "string", + "description": "The URI to fetch the next page." + } + } + }, + "Task": { + "type": "object", + "description": "Security task that we recommend to do in order to strengthen security", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/TaskProperties" + } + }, + "allOf": [{ + "$ref": "#/definitions/Resource" + }] + }, + "TaskProperties": { + "type": "object", + "description": "Describes properties of a task.", + "properties": { + "state": { + "readOnly": true, + "type": "string", + "description": "State of the task (Active, Resolved etc.)" + }, + "creationTimeUtc": { + "readOnly": true, + "type": "string", + "format": "date-time", + "description": "The time this task was discovered in UTC" + }, + "securityTaskParameters": { + "$ref": "#/definitions/SecurityTaskParameters" + }, + "lastStateChangeTimeUtc": { + "readOnly": true, + "type": "string", + "format": "date-time", + "description": "The time this task's details were last changed in UTC" + }, + "subState": { + "readOnly": true, + "type": "string", + "description": "Additional data on the state of the task" + } + } + }, + "SecurityTaskParameters": { + "type": "object", + "description": "Changing set of properties, depending on the task type that is derived from the name field", + "additionalProperties": { + "type": "object" + }, + "properties": { + "name": { + "readOnly": true, + "type": "string", + "description": "Name of the task type" + } + } + }, + "AscLocationList": { + "type": "object", + "description": "List of locations where ASC saves your data", + "properties": { + "value": { + "readOnly": true, + "type": "array", + "items": { + "$ref": "#/definitions/AscLocation" + } + } + } + }, + "AscLocation": { + "type": "object", + "description": "The ASC location of the subscription is in the \"name\" field", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/AscLocationProperties" + } + }, + "allOf": [{ + "$ref": "#/definitions/Resource" + }] + }, + "AscLocationProperties": { + "type": "object", + "description": "An empty set of properties" + }, + "AlertList": { + "type": "object", + "description": "List of security alerts", + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/Alert" + } + }, + "nextLink": { + "readOnly": true, + "type": "string", + "description": "The URI to fetch the next page." + } + } + }, + "Alert": { + "type": "object", + "description": "Security alert", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/AlertProperties" + } + }, + "allOf": [{ + "$ref": "#/definitions/Resource" + }] + }, + "AlertProperties": { + "type": "object", + "description": "describes security alert properties.", + "properties": { + "state": { + "readOnly": true, + "type": "string", + "description": "State of the alert (Active, Dismissed etc.)" + }, + "reportedTimeUtc": { + "readOnly": true, + "type": "string", + "format": "date-time", + "description": "The time the incident was reported to Microsoft.Security in UTC" + }, + "vendorName": { + "readOnly": true, + "type": "string", + "description": "Name of the vendor that discovered the incident" + }, + "alertName": { + "readOnly": true, + "type": "string", + "description": "Name of the alert type" + }, + "alertDisplayName": { + "readOnly": true, + "type": "string", + "description": "Display name of the alert type" + }, + "detectedTimeUtc": { + "readOnly": true, + "type": "string", + "format": "date-time", + "description": "The time the incident was detected by the vendor" + }, + "description": { + "readOnly": true, + "type": "string", + "description": "Description of the incident and what it means" + }, + "remediationSteps": { + "readOnly": true, + "type": "string", + "description": "Recommended steps to reradiate the incident" + }, + "actionTaken": { + "readOnly": true, + "type": "string", + "description": "The action that was taken as a response to the alert (Active, Blocked etc.)" + }, + "reportedSeverity": { + "readOnly": true, + "type": "string", + "description": "Estimated severity of this alert" + }, + "compromisedEntity": { + "readOnly": true, + "type": "string", + "description": "The entity that the incident happened on" + }, + "associatedResource": { + "readOnly": true, + "type": "string", + "description": "Azure resource ID of the associated resource" + }, + "extendedProperties": { + "$ref": "#/definitions/AlertExtendedProperties" + }, + "systemSource": { + "readOnly": true, + "type": "string", + "description": "The type of the alerted resource (Azure, Non-Azure)" + }, + "canBeInvestigated": { + "readOnly": true, + "type": "boolean", + "description": "Whether this alert can be investigated with Azure Security Center" + }, + "entities": { + "type": "array", + "description": "objects that are related to this alerts", + "items": { + "$ref": "#/definitions/AlertEntity" + } + }, + "confidenceScore": { + "readOnly": true, + "type": "number", + "format": "float", + "minimum": 0, + "maximum": 1, + "description": "level of confidence we have on the alert" + }, + "confidenceReasons": { + "type": "array", + "description": "reasons the alert got the confidenceScore value", + "items": { + "$ref": "#/definitions/AlertConfidenceReason" + } + }, + "subscriptionId": { + "readOnly": true, + "type": "string", + "description": "Azure subscription ID of the resource that had the security alert or the subscription ID of the workspace that this resource reports to" + }, + "instanceId": { + "readOnly": true, + "type": "string", + "description": "Instance ID of the alert." + }, + "workspaceArmId": { + "readOnly": true, + "type": "string", + "description": "Azure resource ID of the workspace that the alert was reported to." + } + } + }, + "AlertConfidenceReason": { + "type": "object", + "description": "Factors that increase our confidence that the alert is a true positive", + "properties": { + "type": { + "readOnly": true, + "type": "string", + "description": "Type of confidence factor" + }, + "reason": { + "readOnly": true, + "type": "string", + "description": "description of the confidence reason" + } + } + }, + "AlertEntity": { + "type": "object", + "additionalProperties": { + "type": "object" + }, + "description": "Changing set of properties depending on the entity type.", + "properties": { + "type": { + "readOnly": true, + "type": "string", + "description": "Type of entity" + } + } + }, + "AlertExtendedProperties": { + "type": "object", + "additionalProperties": { + "type": "object" + }, + "description": "Changing set of properties depending on the alert type." + }, + "DiscoveredSecuritySolutionList": { + "type": "object", + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/DiscoveredSecuritySolution" + } + } + } + }, + "DiscoveredSecuritySolution": { + "type": "object", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/DiscoveredSecuritySolutionProperties" + } + }, + "required": [ + "properties" + ], + "allOf": [{ + "$ref": "#/definitions/Resource" + }, + { + "$ref": "#/definitions/Location" + } + ] + }, + "DiscoveredSecuritySolutionProperties": { + "type": "object", + "properties": { + "securityFamily": { + "type": "string", + "description": "The security family of the discovered solution", + "enum": [ + "Waf", + "Ngfw", + "SaasWaf", + "Va" + ], + "x-ms-enum": { + "name": "securityFamily", + "modelAsString": true, + "values": [{ + "value": "Waf" + }, + { + "value": "Ngfw" + }, + { + "value": "SaasWaf" + }, + { + "value": "Va" + } + ] + } + }, + "offer": { + "type": "string", + "description": "The security solutions' image offer" + }, + "publisher": { + "type": "string", + "description": "The security solutions' image publisher" + }, + "sku": { + "type": "string", + "description": "The security solutions' image sku" + } + }, + "required": [ + "securityFamily", + "offer", + "publisher", + "sku" + ] + }, + "JitNetworkAccessPoliciesList": { + "type": "object", + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/JitNetworkAccessPolicy" + } + } + } + }, + "JitNetworkAccessPolicy": { + "type": "object", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/JitNetworkAccessPolicyProperties" + } + }, + "required": [ + "properties" + ], + "allOf": [{ + "$ref": "#/definitions/Resource" + }, + { + "$ref": "#/definitions/Kind" + }, + { + "$ref": "#/definitions/Location" + } + ] + }, + "JitNetworkAccessPolicyProperties": { + "type": "object", + "properties": { + "virtualMachines": { + "type": "array", + "description": "Configurations for Microsoft.Compute/virtualMachines resource type.", + "items": { + "$ref": "#/definitions/JitNetworkAccessPolicyVirtualMachine" + } + }, + "requests": { + "type": "array", + "items": { + "$ref": "#/definitions/JitNetworkAccessRequest" + } + }, + "provisioningState": { + "type": "string", + "readOnly": true, + "description": "Gets the provisioning state of the Just-in-Time policy." + } + }, + "required": [ + "virtualMachines" + ] + }, + "JitNetworkAccessPolicyVirtualMachine": { + "type": "object", + "required": [ + "id", + "ports" + ], + "properties": { + "id": { + "type": "string", + "description": "Resource ID of the virtual machine that is linked to this policy" + }, + "ports": { + "type": "array", + "description": "Port configurations for the virtual machine", + "items": { + "$ref": "#/definitions/JitNetworkAccessPortRule" + } + } + } + }, + "JitNetworkAccessPortRule": { + "type": "object", + "properties": { + "number": { + "$ref": "#/definitions/PortNumber" + }, + "protocol": { + "type": "string", + "enum": [ + "TCP", + "UDP", + "*" + ], + "x-ms-enum": { + "name": "protocol", + "modelAsString": true, + "values": [{ + "value": "TCP" + }, + { + "value": "UDP" + }, + { + "value": "*", + "name": "All" + } + ] + } + }, + "allowedSourceAddressPrefix": { + "type": "string" + }, + "maxRequestAccessDuration": { + "type": "string", + "description": "Maximum duration requests can be made for. In ISO 8601 duration format. Minimum 5 minutes, maximum 1 day" + } + }, + "required": [ + "allowedSourceAddressPrefix", + "maxRequestAccessDuration", + "number", + "protocol" + ] + }, + "JitNetworkAccessRequest": { + "type": "object", + "properties": { + "virtualMachines": { + "type": "array", + "items": { + "$ref": "#/definitions/JitNetworkAccessRequestVirtualMachine" + } + }, + "startTimeUtc": { + "type": "string", + "format": "date-time", + "description": "The start time of the request in UTC" + }, + "requestor": { + "type": "string", + "description": "The identity of the person who made the request" + } + }, + "required": [ + "requestor", + "startTimeUtc", + "virtualMachines" + ] + }, + "JitNetworkAccessRequestVirtualMachine": { + "type": "object", + "required": [ + "id", + "ports" + ], + "properties": { + "id": { + "type": "string", + "description": "Resource ID of the virtual machine that is linked to this policy" + }, + "ports": { + "type": "array", + "description": "The ports that were opened for the virtual machine", + "items": { + "$ref": "#/definitions/JitNetworkAccessRequestPort" + } + } + } + }, + "JitNetworkAccessRequestPort": { + "type": "object", + "properties": { + "number": { + "$ref": "#/definitions/PortNumber" + }, + "allowedSourceAddressPrefix": { + "type": "string", + "description": "The IP address range that the port was opened for" + }, + "allowedSourceAddressPrefixes": { + "type": "array", + "description": "The IP address ranges that the port was opened for", + "items": { + "type": "string" + } + }, + "endTimeUtc": { + "type": "string", + "format": "date-time", + "description": "The date & time at which the request ends in UTC" + }, + "status": { + "type": "string", + "description": "The status of the port", + "enum": [ + "Revoked", + "Initiated" + ], + "x-ms-enum": { + "name": "status", + "modelAsString": true, + "values": [{ + "value": "Revoked" + }, + { + "value": "Initiated" + } + ] + } + }, + "statusReason": { + "type": "string", + "description": "A description of why the `status` has its value", + "enum": [ + "Expired", + "UserRequested", + "NewerRequestInitiated" + ], + "x-ms-enum": { + "name": "statusReason", + "modelAsString": true, + "values": [{ + "value": "Expired" + }, + { + "value": "UserRequested" + }, + { + "value": "NewerRequestInitiated" + } + ] + } + } + }, + "required": [ + "endTimeUtc", + "number", + "status", + "statusReason" + ] + }, + "JitNetworkAccessPolicyAction": { + "type": "object", + "properties": { + "virtualMachines": { + "type": "array", + "description": "A list of virtual machines & ports to open access for", + "items": { + "$ref": "#/definitions/JitNetworkAccessPolicyActionVirtualMachine" + } + } + }, + "required": [ + "virtualMachines" + ] + }, + "JitNetworkAccessPolicyActionVirtualMachine": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Resource ID of the virtual machine that is linked to this policy" + }, + "ports": { + "type": "array", + "description": "The ports to open for the resource with the `id`", + "items": { + "$ref": "#/definitions/JitNetworkAccessPolicyActionPort" + } + } + }, + "required": [ + "id", + "ports" + ] + }, + "JitNetworkAccessPolicyActionPort": { + "type": "object", + "properties": { + "number": { + "$ref": "#/definitions/PortNumber" + }, + "allowedSourceAddressPrefix": { + "type": "string" + }, + "endTimeUtc": { + "type": "string", + "format": "date-time", + "description": "The time to close the request in UTC" + } + }, + "required": [ + "allowedSourceAddressPrefix", + "endTimeUtc", + "number" + ] + }, + "PortNumber": { + "type": "number", + "minimum": 0, + "maximum": 65535 + }, + "ExternalSecuritySolutionList": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/ExternalSecuritySolution" + } + } + } + }, + "ExternalSecuritySolution": { + "type": "object", + "description": "Represents a security solution external to Azure Security Center which sends information to an OMS workspace and whos data is displayed by Azure Security Center.", + "discriminator": "kind", + "properties": { + "properties": { + "additionalProperties": { + "type": "object" + } + } + }, + "allOf": [{ + "$ref": "#/definitions/Resource" + }, + { + "$ref": "#/definitions/Kind" + }, + { + "$ref": "#/definitions/Location" + } + ] + }, + "CefExternalSecuritySolution": { + "x-ms-discriminator-value": "CEF", + "type": "object", + "description": "Represents a security solution which sends CEF logs to an OMS workspace", + "allOf": [{ + "$ref": "#/definitions/ExternalSecuritySolution" + }], + "properties": { + "properties": { + "$ref": "#/definitions/CefSolutionProperties" + } + } + }, + "AtaExternalSecuritySolution": { + "x-ms-discriminator-value": "ATA", + "type": "object", + "description": "Represents an ATA security solution which sends logs to an OMS workspace", + "allOf": [{ + "$ref": "#/definitions/ExternalSecuritySolution" + }], + "properties": { + "properties": { + "$ref": "#/definitions/AtaSolutionProperties" + } + } + }, + "AadExternalSecuritySolution": { + "x-ms-discriminator-value": "AAD", + "type": "object", + "description": "Represents an AAD identity protection solution which sends logs to an OMS workspace.", + "allOf": [{ + "$ref": "#/definitions/ExternalSecuritySolution" + }], + "properties": { + "properties": { + "$ref": "#/definitions/AadSolutionProperties" + } + } + }, + "ExternalSecuritySolutionKind": { + "type": "string", + "description": "The kind of the external solution", + "enum": [ + "CEF", + "ATA", + "AAD" + ], + "x-ms-enum": { + "name": "ExternalSecuritySolutionKind", + "modelAsString": true, + "values": [{ + "value": "CEF" + }, + { + "value": "ATA" + }, + { + "value": "AAD" + } + ] + } + }, + "ExternalSecuritySolutionProperties": { + "type": "object", + "description": "The solution properties (correspond to the solution kind)", + "properties": { + "deviceVendor": { + "type": "string" + }, + "deviceType": { + "type": "string" + }, + "workspace": { + "$ref": "#/definitions/ConnectedWorkspace" + } + } + }, + "ConnectedWorkspace": { + "type": "object", + "title": "Represents an OMS workspace to which the solution is connected", + "properties": { + "id": { + "type": "string", + "description": "Azure resource ID of the connected OMS workspace" + } + } + }, + "AadConnectivityState": { + "type": "string", + "title": "The connectivity state of the external AAD solution ", + "enum": [ + "Discovered", + "NotLicensed", + "Connected" + ], + "x-ms-enum": { + "name": "AadConnectivityState", + "modelAsString": true, + "values": [{ + "value": "Discovered" + }, + { + "value": "NotLicensed" + }, + { + "value": "Connected" + } + ] + } + }, + "AadSolutionProperties": { + "type": "object", + "title": "The external security solution properties for AAD solutions", + "allOf": [{ + "$ref": "#/definitions/ExternalSecuritySolutionProperties" + }, + { + "$ref": "#/definitions/AadConnectivityState" + } + ] + }, + "CefSolutionProperties": { + "type": "object", + "title": "The external security solution properties for CEF solutions", + "properties": { + "hostName": { + "type": "string" + }, + "agent": { + "type": "string" + }, + "lastEventReceived": { + "type": "string" + } + }, + "allOf": [{ + "$ref": "#/definitions/ExternalSecuritySolutionProperties" + }] + }, + "AtaSolutionProperties": { + "type": "object", + "title": "The external security solution properties for ATA solutions", + "properties": { + "lastEventReceived": { + "type": "string" + } + }, + "allOf": [{ + "$ref": "#/definitions/ExternalSecuritySolutionProperties" + }] + } + }, + "parameters": { + "SubscriptionId": { + "name": "subscriptionId", + "in": "path", + "required": true, + "pattern": "^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$", + "type": "string", + "description": "Azure subscription ID" + }, + "ResourceGroupName": { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource group within the user's subscription. The name is case insensitive.", + "pattern": "^[-\\w\\._\\(\\)]+$", + "minLength": 1, + "maxLength": 90, + "x-ms-parameter-location": "method" + }, + "ApiVersion": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "enum": ["2015-06-01-preview"], + "description": "API version for the operation" + }, + "AscLocation": { + "name": "ascLocation", + "in": "path", + "required": true, + "type": "string", + "description": "The location where ASC stores the data of the subscription. can be retrieved from Get locations", + "x-ms-parameter-location": "client" + }, + "ExtendedResourceProvider": { + "name": "extendedResourceProvider", + "in": "path", + "required": true, + "type": "string", + "description": "Resource provider name of the base resource", + "x-ms-parameter-location": "method" + }, + "ExtendedResourceType": { + "name": "extendedResourceType", + "in": "path", + "required": true, + "type": "string", + "description": "Type of the base resource", + "x-ms-parameter-location": "method" + }, + "ExtendedResourceName": { + "name": "extendedResourceName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the base resource", + "x-ms-parameter-location": "method" + }, + "ODataFilter": { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "OData filter. Optional.", + "x-ms-parameter-location": "method" + }, + "ODataSelect": { + "name": "$select", + "in": "query", + "required": false, + "type": "string", + "description": "OData select. Optional.", + "x-ms-parameter-location": "method" + }, + "ODataExpand": { + "name": "$expand", + "in": "query", + "required": false, + "type": "string", + "description": "OData expand. Optional.", + "x-ms-parameter-location": "method" + }, + "TaskName": { + "name": "taskName", + "in": "path", + "required": true, + "type": "string", + "description": "Name of the task object, will be a GUID", + "x-ms-parameter-location": "method" + }, + "TaskUpdateActionType": { + "name": "taskUpdateActionType", + "in": "path", + "required": true, + "type": "string", + "enum": ["Activate", "Dismiss", "Start", "Resolve", "Close"], + "description": "Type of the action to do on the task", + "x-ms-parameter-location": "method" + }, + "AlertName": { + "name": "alertName", + "in": "path", + "required": true, + "type": "string", + "description": "Name of the alert object", + "x-ms-parameter-location": "method" + }, + "AlertUpdateActionType": { + "name": "alertUpdateActionType", + "in": "path", + "required": true, + "type": "string", + "enum": ["Dismiss", "Reactivate"], + "description": "Type of the action to do on the alert", + "x-ms-parameter-location": "method" + }, + "DiscoveredSecuritySolutionName": { + "name": "discoveredSecuritySolutionName", + "type": "string", + "in": "path", + "required": true, + "description": "Name of a discovered security solution.", + "x-ms-parameter-location": "method" + }, + "JitNetworkAccessPolicyName": { + "name": "jitNetworkAccessPolicyName", + "type": "string", + "in": "path", + "required": true, + "description": "Name of a Just-in-Time access configuration policy.", + "x-ms-parameter-location": "method" + }, + "JitNetworkAccessPolicyActionType": { + "name": "jitNetworkAccessPolicyActionType", + "type": "string", + "in": "path", + "required": true, + "description": "Type of the action to do on the Just-in-Time access policy.", + "enum": [ + "initiate" + ], + "x-ms-parameter-location": "method" + }, + "JitNetworkAccessPolicyAction": { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/JitNetworkAccessPolicyAction" + }, + "x-ms-parameter-location": "method" + }, + "JitNetworkAccessPolicy": { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/JitNetworkAccessPolicy" + }, + "x-ms-parameter-location": "method" + }, + "ExternalSecuritySolutionsName": { + "name": "externalSecuritySolutionsName", + "in": "path", + "description": "Name of an external security solution.", + "required": true, + "type": "string", + "x-ms-parameter-location": "method" + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AutoProvisioningSettings/CreateAutoProvisioningSettingsSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AutoProvisioningSettings/CreateAutoProvisioningSettingsSubscription_example.json new file mode 100644 index 000000000000..0d55170d1f2e --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AutoProvisioningSettings/CreateAutoProvisioningSettingsSubscription_example.json @@ -0,0 +1,27 @@ +{ + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "settingName": "default", + "setting": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/autoProvisioningSettings/default", + "name": "default", + "type": "Microsoft.Security/autoProvisioningSettings", + "properties": { + "provisioningSetting": "Automatic" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/autoProvisioningSettings/default", + "name": "default", + "type": "Microsoft.Security/autoProvisioningSettings", + "properties": { + "provisioningSetting": "Automatic" + } + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AutoProvisioningSettings/GetAutoProvisioningSettingSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AutoProvisioningSettings/GetAutoProvisioningSettingSubscription_example.json new file mode 100644 index 000000000000..f9f3bed03f32 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AutoProvisioningSettings/GetAutoProvisioningSettingSubscription_example.json @@ -0,0 +1,19 @@ +{ + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "settingName": "default" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/autoProvisioningSettings/default", + "name": "default", + "type": "Microsoft.Security/autoProvisioningSettings", + "properties": { + "provisioningSetting": "Automatic" + } + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AutoProvisioningSettings/GetAutoProvisioningSettingsSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AutoProvisioningSettings/GetAutoProvisioningSettingsSubscription_example.json new file mode 100644 index 000000000000..e3d1a39f0ad4 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AutoProvisioningSettings/GetAutoProvisioningSettingsSubscription_example.json @@ -0,0 +1,20 @@ +{ + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/autoProvisioningSettings/default", + "name": "default", + "type": "Microsoft.Security/autoProvisioningSettings", + "properties": { + "provisioningSetting": "Automatic" + } + }] + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Compliances/GetCompliance_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Compliances/GetCompliance_example.json new file mode 100644 index 000000000000..13282477404d --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Compliances/GetCompliance_example.json @@ -0,0 +1,26 @@ +{ + "parameters": { + "api-version": "2017-08-01-preview", + "scope": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "complianceName": "2018-01-01Z" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/compliances/2018-01-01Z", + "name": "2018-01-01Z", + "type": "Microsoft.Security/compliances", + "properties": { + "assessmentResult": [ + { + "segmentType": "Compliant", + "percentage": 77.77777777777778 + } + ], + "resourceCount": 18, + "assessmentTimestampUtcDate": "2018-01-01T00:00:00Z" + } + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Compliances/GetCompliances_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Compliances/GetCompliances_example.json new file mode 100644 index 000000000000..572e5dfd150d --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Compliances/GetCompliances_example.json @@ -0,0 +1,60 @@ +{ + "parameters": { + "api-version": "2017-08-01-preview", + "scope": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/compliances/2018-01-01Z", + "name": "2018-01-01Z", + "type": "Microsoft.Security/compliances", + "properties": { + "assessmentResult": [ + { + "segmentType": "Compliant", + "percentage": 77.77777777777778 + } + ], + "resourceCount": 18, + "assessmentTimestampUtcDate": "2018-01-01T00:00:00Z" + } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/compliances/2018-01-02Z", + "name": "2018-01-02Z", + "type": "Microsoft.Security/compliances", + "properties": { + "assessmentResult": [ + { + "segmentType": "Compliant", + "percentage": 94.44444444444444 + } + ], + "resourceCount": 18, + "assessmentTimestampUtcDate": "2018-01-02T00:00:00Z" + } + + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/compliances/2018-01-03Z", + "name": "2018-01-03Z", + "type": "Microsoft.Security/compliances", + "properties": { + "assessmentResult": [ + { + "segmentType": "Compliant", + "percentage": 100 + } + ], + "resourceCount": 18, + "assessmentTimestampUtcDate": "2018-01-03T00:00:00Z" + } + + } + ] + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/CreatePricingsResourceGroup_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/CreatePricingsResourceGroup_example.json new file mode 100644 index 000000000000..4c6f9559b08c --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/CreatePricingsResourceGroup_example.json @@ -0,0 +1,28 @@ +{ + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg", + "pricingName": "myRg", + "pricing": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/pricings/myRg", + "name": "myRg", + "type": "Microsoft.Security/pricings", + "properties": { + "pricingTier": "Standard" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/myRg", + "name": "myRg", + "type": "Microsoft.Security/pricings", + "properties": { + "pricingTier": "Standard" + } + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/CreatePricingsSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/CreatePricingsSubscription_example.json new file mode 100644 index 000000000000..015885fc5779 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/CreatePricingsSubscription_example.json @@ -0,0 +1,27 @@ +{ + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "pricingName": "default", + "pricing": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/default", + "name": "default", + "type": "Microsoft.Security/pricings", + "properties": { + "pricingTier": "Standard" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/default", + "name": "default", + "type": "Microsoft.Security/pricings", + "properties": { + "pricingTier": "Standard" + } + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingResourceGroup_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingResourceGroup_example.json new file mode 100644 index 000000000000..f261d4fdacad --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingResourceGroup_example.json @@ -0,0 +1,20 @@ +{ + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg", + "pricingName": "myRg" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/myRg", + "name": "myRg", + "type": "Microsoft.Security/pricings", + "properties": { + "pricingTier": "Standard" + } + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingSubscription_example.json new file mode 100644 index 000000000000..03457284b7a9 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingSubscription_example.json @@ -0,0 +1,19 @@ +{ + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "pricingName": "default" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/default", + "name": "default", + "type": "Microsoft.Security/pricings", + "properties": { + "pricingTier": "Standard" + } + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingsResourceGroup_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingsResourceGroup_example.json new file mode 100644 index 000000000000..26fe2c08bcbd --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingsResourceGroup_example.json @@ -0,0 +1,21 @@ +{ + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg" + }, + "responses": { + "200": { + "body": { + "value": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/myRg", + "name": "myRg", + "type": "Microsoft.Security/pricings", + "properties": { + "pricingTier": "Standard" + } + }] + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingsSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingsSubscription_example.json new file mode 100644 index 000000000000..d32cc7e34516 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingsSubscription_example.json @@ -0,0 +1,20 @@ +{ + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/default", + "name": "default", + "type": "Microsoft.Security/pricings", + "properties": { + "pricingTier": "Standard" + } + }] + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/CreateSecurityContact_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/CreateSecurityContact_example.json new file mode 100644 index 000000000000..4040a5959788 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/CreateSecurityContact_example.json @@ -0,0 +1,34 @@ +{ + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg", + "securityContactName": "john", + "securityContact": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/securityContacts/john", + "name": "john", + "type": "Microsoft.Security/securityContacts", + "properties": { + "email": "john@contoso.com", + "phone": "(214)275-4038", + "alertNotifications": "On", + "alertsToAdmins": "On" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/securityContacts/john", + "name": "john", + "type": "Microsoft.Security/securityContacts", + "properties": { + "email": "john@contoso.com", + "phone": "(214)275-4038", + "alertNotifications": "On", + "alertsToAdmins": "On" + } + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/DeleteSecurityContact_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/DeleteSecurityContact_example.json new file mode 100644 index 000000000000..0dc8eb234874 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/DeleteSecurityContact_example.json @@ -0,0 +1,12 @@ +{ + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg", + "securityContactName": "john" + }, + "responses": { + "200": { + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContact_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContact_example.json new file mode 100644 index 000000000000..09b5ace00d2c --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContact_example.json @@ -0,0 +1,23 @@ +{ + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg", + "securityContactName": "john" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/securityContacts/john", + "name": "john", + "type": "Microsoft.Security/securityContacts", + "properties": { + "email": "john@contoso.com", + "phone": "(214)275-4038", + "alertNotifications": "On", + "alertsToAdmins": "On" + } + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContactsResourceGroup_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContactsResourceGroup_example.json new file mode 100644 index 000000000000..b4b08a2dbd87 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContactsResourceGroup_example.json @@ -0,0 +1,24 @@ +{ + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg" + }, + "responses": { + "200": { + "body": { + "value": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/securityContacts/john", + "name": "john", + "type": "Microsoft.Security/securityContacts", + "properties": { + "email": "john@contoso.com", + "phone": "(214)275-4038", + "alertNotifications": "On", + "alertsToAdmins": "On" + } + }] + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContactsSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContactsSubscription_example.json new file mode 100644 index 000000000000..97098ca347dd --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContactsSubscription_example.json @@ -0,0 +1,23 @@ +{ + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/securityContacts/john", + "name": "john", + "type": "Microsoft.Security/securityContacts", + "properties": { + "email": "john@contoso.com", + "phone": "(214)275-4038", + "alertNotifications": "On", + "alertsToAdmins": "On" + } + }] + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/UpdateSecurityContact_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/UpdateSecurityContact_example.json new file mode 100644 index 000000000000..1fa30d30f5c2 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/UpdateSecurityContact_example.json @@ -0,0 +1,32 @@ +{ + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg", + "securityContactName": "john", + "securityContact": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/securityContacts/john", + "name": "john", + "type": "Microsoft.Security/securityContacts", + "properties": { + "phone": "(214)275-4038", + "alertNotifications": "On" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/securityContacts/john", + "name": "john", + "type": "Microsoft.Security/securityContacts", + "properties": { + "email": "john@contoso.com", + "phone": "(214)275-4038", + "alertNotifications": "On", + "alertsToAdmins": "Off" + } + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/CreateWorkspaceSettingResourceGroup_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/CreateWorkspaceSettingResourceGroup_example.json new file mode 100644 index 000000000000..09a354883ea1 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/CreateWorkspaceSettingResourceGroup_example.json @@ -0,0 +1,30 @@ +{ + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg", + "workspaceSettingName": "myRg", + "workspaceSetting": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/workspaceSettings/myRg", + "name": "myRg", + "type": "Microsoft.Security/workspaceSettings", + "properties": { + "workspaceId": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myOtherRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace", + "scope": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/workspaceSettings/myRg", + "name": "myRg", + "type": "Microsoft.Security/workspaceSettings", + "properties": { + "workspaceId": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myOtherRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace", + "scope": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg" + } + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/CreateWorkspaceSettingSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/CreateWorkspaceSettingSubscription_example.json new file mode 100644 index 000000000000..93f50607489c --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/CreateWorkspaceSettingSubscription_example.json @@ -0,0 +1,29 @@ +{ + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "workspaceSettingName": "default", + "workspaceSetting": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/workspaceSettings/default", + "name": "default", + "type": "Microsoft.Security/workspaceSettings", + "properties": { + "workspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace", + "scope": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/workspaceSettings/default", + "name": "default", + "type": "Microsoft.Security/workspaceSettings", + "properties": { + "workspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace", + "scope": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23" + } + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/DeleteWorkspaceSettingResourceGroup_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/DeleteWorkspaceSettingResourceGroup_example.json new file mode 100644 index 000000000000..ffd9f46483be --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/DeleteWorkspaceSettingResourceGroup_example.json @@ -0,0 +1,12 @@ +{ + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg", + "workspaceSettingName": "myRg" + }, + "responses": { + "204": { + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/GetWorkspaceSettingResourceGroup_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/GetWorkspaceSettingResourceGroup_example.json new file mode 100644 index 000000000000..8f5602b67516 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/GetWorkspaceSettingResourceGroup_example.json @@ -0,0 +1,21 @@ +{ + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg", + "workspaceSettingName": "myRg" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/workspaceSettings/myRg", + "name": "myRg", + "type": "Microsoft.Security/workspaceSettings", + "properties": { + "workspaceId": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myOtherRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace", + "scope": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg" + } + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/GetWorkspaceSettingSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/GetWorkspaceSettingSubscription_example.json new file mode 100644 index 000000000000..5f9db230473b --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/GetWorkspaceSettingSubscription_example.json @@ -0,0 +1,20 @@ +{ + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "workspaceSettingName": "default" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/workspaceSettings/default", + "name": "default", + "type": "Microsoft.Security/workspaceSettings", + "properties": { + "workspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace", + "scope": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23" + } + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/GetWorkspaceSettingsResourceGroup_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/GetWorkspaceSettingsResourceGroup_example.json new file mode 100644 index 000000000000..ea50f40f77d9 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/GetWorkspaceSettingsResourceGroup_example.json @@ -0,0 +1,22 @@ +{ + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg" + }, + "responses": { + "200": { + "body": { + "value": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/workspaceSettings/myRg", + "name": "myRg", + "type": "Microsoft.Security/workspaceSettings", + "properties": { + "workspaceId": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myOtherRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace", + "scope": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg" + } + }] + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/GetWorkspaceSettingsSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/GetWorkspaceSettingsSubscription_example.json new file mode 100644 index 000000000000..b27d8bf1b0f0 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/GetWorkspaceSettingsSubscription_example.json @@ -0,0 +1,31 @@ +{ + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [{ + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/workspaceSettings/default", + "name": "default", + "type": "Microsoft.Security/workspaceSettings", + "properties": { + "workspaceId": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1", + "scope": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23" + } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/workspaceSettings/myRg", + "name": "myRg", + "type": "Microsoft.Security/workspaceSettings", + "properties": { + "workspaceId": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myOtherRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace2", + "scope": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg" + } + } + ] + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/UpdateWorkspaceSettingResourceGroup_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/UpdateWorkspaceSettingResourceGroup_example.json new file mode 100644 index 000000000000..cb929bdb31cb --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/UpdateWorkspaceSettingResourceGroup_example.json @@ -0,0 +1,29 @@ +{ + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg", + "workspaceSettingName": "myRg", + "workspaceSetting": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/workspaceSettings/myRg", + "name": "myRg", + "type": "Microsoft.Security/workspaceSettings", + "properties": { + "workspaceId": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myOtherRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/workspaceSettings/myRg", + "name": "myRg", + "type": "Microsoft.Security/workspaceSettings", + "properties": { + "workspaceId": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myOtherRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace", + "scope": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg" + } + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/UpdateWorkspaceSettingSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/UpdateWorkspaceSettingSubscription_example.json new file mode 100644 index 000000000000..78a09a611098 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/UpdateWorkspaceSettingSubscription_example.json @@ -0,0 +1,28 @@ +{ + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "workspaceSettingName": "default", + "workspaceSetting": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/workspaceSettings/default", + "name": "default", + "type": "Microsoft.Security/workspaceSettings", + "properties": { + "workspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/workspaceSettings/default", + "name": "default", + "type": "Microsoft.Security/workspaceSettings", + "properties": { + "workspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace", + "scope": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23" + } + } + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/security.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/security.json new file mode 100644 index 000000000000..1b60e1f12659 --- /dev/null +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/security.json @@ -0,0 +1,1405 @@ +{ + "swagger": "2.0", + "info": { + "title": "ASC API", + "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", + "version": "2017-08-01-preview" + }, + "host": "management.azure.com", + "schemes": ["https"], + "consumes": ["application/json"], + "produces": ["application/json"], + "security": [{ + "azure_auth": [ + "user_impersonation" + ] + }], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/pricings": { + "get": { + "x-ms-examples": { + "Get pricings on subscription": { + "$ref": "./examples/Pricings/GetPricingsSubscription_example.json" + } + }, + "tags": ["Pricings"], + "description": "Security pricing configurations in the subscription", + "operationId": "PricingsSubscription_List", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/PricingList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/pricings": { + "get": { + "x-ms-examples": { + "Get pricings on subscription": { + "$ref": "./examples/Pricings/GetPricingsResourceGroup_example.json" + } + }, + "tags": ["Pricings"], + "description": "Security pricing configurations in the resource group", + "operationId": "PricingsResourceGroup_List", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/ResourceGroupName" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/PricingList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/pricings/{pricingName}": { + "get": { + "x-ms-examples": { + "Get pricings on subscription": { + "$ref": "./examples/Pricings/GetPricingSubscription_example.json" + } + }, + "tags": ["Pricings"], + "description": "Security pricing configuration in the subscriptionSecurity pricing configuration in the subscription", + "operationId": "PricingsSubscription_Get", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/PricingName" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/Pricing" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "put": { + "x-ms-examples": { + "Update pricings on subscription": { + "$ref": "./examples/Pricings/CreatePricingsSubscription_example.json" + } + }, + "tags": ["Pricings"], + "description": "Security pricing configuration in the subscription", + "operationId": "PricingsSubscription_Create", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/PricingName" + }, { + "$ref": "#/parameters/Pricing" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/Pricing" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/pricings/{pricingName}": { + "get": { + "x-ms-examples": { + "Get pricings on subscription": { + "$ref": "./examples/Pricings/GetPricingResourceGroup_example.json" + } + }, + "tags": ["Pricings"], + "description": "Security pricing configuration in the resource group", + "operationId": "PricingsResourceGroup_Get", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/ResourceGroupName" + }, { + "$ref": "#/parameters/PricingName" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/Pricing" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "put": { + "x-ms-examples": { + "Update pricings on resource group": { + "$ref": "./examples/Pricings/CreatePricingsResourceGroup_example.json" + } + }, + "tags": ["Pricings"], + "description": "Security pricing configuration in the resource group", + "operationId": "PricingsResourceGroup_Create", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/ResourceGroupName" + }, { + "$ref": "#/parameters/PricingName" + }, { + "$ref": "#/parameters/Pricing" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/Pricing" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/securityContacts": { + "get": { + "x-ms-examples": { + "Update security contact data": { + "$ref": "./examples/SecurityContacts/GetSecurityContactsSubscription_example.json" + } + }, + "tags": ["Security Contacts"], + "description": "Security contact configurations for the subscription", + "operationId": "SecurityContactSubscription_List", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/SecurityContactList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityContacts": { + "get": { + "x-ms-examples": { + "Update security contact data": { + "$ref": "./examples/SecurityContacts/GetSecurityContactsResourceGroup_example.json" + } + }, + "tags": ["Security Contacts"], + "description": "Security contact configurations for the subscription", + "operationId": "SecurityContactResourceGroup_List", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/ResourceGroupName" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/SecurityContactList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityContacts/{securityContactName}": { + "get": { + "x-ms-examples": { + "Get security contact data": { + "$ref": "./examples/SecurityContacts/GetSecurityContact_example.json" + } + }, + "tags": ["Security Contacts"], + "description": "Security contact configurations for the subscription", + "operationId": "SecurityContactResourceGroup_Get", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/SecurityContactName" + }, { + "$ref": "#/parameters/ResourceGroupName" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/SecurityContact" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "put": { + "x-ms-examples": { + "Create security contact data": { + "$ref": "./examples/SecurityContacts/CreateSecurityContact_example.json" + } + }, + "tags": ["Security Contacts"], + "description": "Security contact configurations for the subscription", + "operationId": "SecurityContactResourceGroup_Create", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/SecurityContactName" + }, { + "$ref": "#/parameters/SecurityContact" + }, { + "$ref": "#/parameters/ResourceGroupName" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/SecurityContact" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "delete": { + "x-ms-examples": { + "Delete security contact data": { + "$ref": "./examples/SecurityContacts/DeleteSecurityContact_example.json" + } + }, + "tags": ["Security Contacts"], + "description": "Security contact configurations for the subscription", + "operationId": "SecurityContactResourceGroup_Delete", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/SecurityContactName" + }, { + "$ref": "#/parameters/ResourceGroupName" + }], + "responses": { + "200": { + "description": "OK" + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "patch": { + "x-ms-examples": { + "Update security contact data": { + "$ref": "./examples/SecurityContacts/UpdateSecurityContact_example.json" + } + }, + "tags": ["Security Contacts"], + "description": "Security contact configurations for the subscription", + "operationId": "SecurityContactResourceGroup_Update", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/SecurityContactName" + }, { + "$ref": "#/parameters/SecurityContact" + }, { + "$ref": "#/parameters/ResourceGroupName" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/SecurityContact" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/workspaceSettings": { + "get": { + "x-ms-examples": { + "Get workspace settings on subscription": { + "$ref": "./examples/WorkspaceSettings/GetWorkspaceSettingsSubscription_example.json" + } + }, + "tags": ["Workspace Settings"], + "description": "Settings about where we should store your security data and logs", + "operationId": "WorkspaceSettingsSubscription_List", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/WorkspaceSettingList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/workspaceSettings/{workspaceSettingName}": { + "get": { + "x-ms-examples": { + "Get a workspace setting on subscription": { + "$ref": "./examples/WorkspaceSettings/GetWorkspaceSettingSubscription_example.json" + } + }, + "tags": ["Workspace Settings"], + "description": "Settings about where we should store your security data and logs", + "operationId": "WorkspaceSettingsSubscription_Get", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/WorkspaceSettingName" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/WorkspaceSetting" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "put": { + "x-ms-examples": { + "Create a workspace setting data for subscription": { + "$ref": "./examples/WorkspaceSettings/CreateWorkspaceSettingSubscription_example.json" + } + }, + "tags": ["Workspace Settings"], + "description": "Settings about where we should store your security data and logs", + "operationId": "WorkspaceSettingsSubscription_Create", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/WorkspaceSettingName" + }, { + "$ref": "#/parameters/WorkspaceSetting" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/WorkspaceSetting" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "patch": { + "x-ms-examples": { + "Update a workspace setting data for subscription": { + "$ref": "./examples/WorkspaceSettings/UpdateWorkspaceSettingSubscription_example.json" + } + }, + "tags": ["Workspace Settings"], + "description": "Settings about where we should store your security data and logs", + "operationId": "WorkspaceSettingsSubscription_Update", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/WorkspaceSettingName" + }, { + "$ref": "#/parameters/WorkspaceSetting" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/WorkspaceSetting" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/workspaceSettings": { + "get": { + "x-ms-examples": { + "Get workspace settings data for resource group": { + "$ref": "./examples/WorkspaceSettings/GetWorkspaceSettingsResourceGroup_example.json" + } + }, + "tags": ["Workspace Settings"], + "description": "Settings about where we should store your security data and logs", + "operationId": "WorkspaceSettingsResourceGroups_List", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/ResourceGroupName" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/WorkspaceSettingList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/workspaceSettings/{workspaceSettingName}": { + "get": { + "x-ms-examples": { + "Get a workspace setting data for resource group": { + "$ref": "./examples/WorkspaceSettings/GetWorkspaceSettingResourceGroup_example.json" + } + }, + "tags": ["Workspace Settings"], + "description": "Settings about where we should store your security data and logs", + "operationId": "WorkspaceSettingsResourceGroups_Get", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/WorkspaceSettingName" + }, { + "$ref": "#/parameters/ResourceGroupName" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/WorkspaceSetting" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "put": { + "x-ms-examples": { + "Create a workspace setting data for resource group": { + "$ref": "./examples/WorkspaceSettings/CreateWorkspaceSettingResourceGroup_example.json" + } + }, + "tags": ["Workspace Settings"], + "description": "Settings about where we should store your security data and logs", + "operationId": "WorkspaceSettingsResourceGroups_Create", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/WorkspaceSettingName" + }, { + "$ref": "#/parameters/WorkspaceSetting" + }, { + "$ref": "#/parameters/ResourceGroupName" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/WorkspaceSetting" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "delete": { + "x-ms-examples": { + "Delete a workspace setting data for resource group": { + "$ref": "./examples/WorkspaceSettings/DeleteWorkspaceSettingResourceGroup_example.json" + } + }, + "tags": ["Workspace Settings"], + "description": "Settings about where we should store your security data and logs", + "operationId": "WorkspaceSettingsResourceGroups_Delete", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/WorkspaceSettingName" + }, { + "$ref": "#/parameters/ResourceGroupName" + }], + "responses": { + "204": { + "description": "No Content" + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "patch": { + "x-ms-examples": { + "Update a workspace setting data for resource group": { + "$ref": "./examples/WorkspaceSettings/UpdateWorkspaceSettingResourceGroup_example.json" + } + }, + "tags": ["Workspace Settings"], + "description": "Settings about where we should store your security data and logs", + "operationId": "WorkspaceSettingsResourceGroups_Update", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/WorkspaceSettingName" + }, { + "$ref": "#/parameters/WorkspaceSetting" + }, { + "$ref": "#/parameters/ResourceGroupName" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/WorkspaceSetting" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/autoProvisioningSettings": { + "get": { + "x-ms-examples": { + "Get auto provisioning settings for subscription": { + "$ref": "./examples/AutoProvisioningSettings/GetAutoProvisioningSettingsSubscription_example.json" + } + }, + "tags": ["AutoProvisioningSettings"], + "description": "Exposes the auto provisioning settings of the subscriptions", + "operationId": "AutoProvisioningSettings_List", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, + { + "$ref": "#/parameters/SubscriptionId" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/AutoProvisioningSettingList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/autoProvisioningSettings/{settingName}": { + "get": { + "x-ms-examples": { + "Get an auto provisioning setting for subscription": { + "$ref": "./examples/AutoProvisioningSettings/GetAutoProvisioningSettingSubscription_example.json" + } + }, + "tags": ["AutoProvisioningSettings"], + "description": "Details of a specific setting", + "operationId": "AutoProvisioningSettings_Get", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/AutoProvisioningSettingName" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/AutoProvisioningSetting" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "put": { + "x-ms-examples": { + "Create auto provisioning settings for subscription": { + "$ref": "./examples/AutoProvisioningSettings/CreateAutoProvisioningSettingsSubscription_example.json" + } + }, + "tags": ["AutoProvisioningSettings"], + "description": "Details of a specific setting", + "operationId": "AutoProvisioningSettings_Create", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, { + "$ref": "#/parameters/SubscriptionId" + }, { + "$ref": "#/parameters/AutoProvisioningSettingName" + }, { + "$ref": "#/parameters/AutoProvisioningSetting" + }], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/AutoProvisioningSetting" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/{scope}/providers/Microsoft.Security/compliances": { + "get": { + "x-ms-examples": { + "Get security compliance data over time": { + "$ref": "./examples/Compliances/GetCompliances_example.json" + } + }, + "tags": ["Compliances"], + "description": "The Compliance scores of the specific management group.", + "operationId": "Compliances_List", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, + { + "$ref": "#/parameters/Scope" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/ComplianceList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/{scope}/providers/Microsoft.Security/compliances/{complianceName}": { + "get": { + "x-ms-examples": { + "Get security compliance data for a day": { + "$ref": "./examples/Compliances/GetCompliance_example.json" + } + }, + "tags": ["Compliances"], + "description": "Details of a specific Compliance.", + "operationId": "Compliances_Get", + "parameters": [{ + "$ref": "#/parameters/ApiVersion" + }, + { + "$ref": "#/parameters/Scope" + }, + { + "$ref": "#/parameters/ComplianceName" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/Compliance" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + } + }, + "definitions": { + "CloudError": { + "x-ms-external": true, + "type": "object", + "description": "Error response structure.", + "properties": { + "error": { + "x-ms-client-flatten": true, + "description": "Error data", + "$ref": "#/definitions/CloudErrorBody" + } + } + }, + "CloudErrorBody": { + "x-ms-external": true, + "type": "object", + "description": "Error details.", + "properties": { + "code": { + "readOnly": true, + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "readOnly": true, + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + } + }, + "Resource": { + "type": "object", + "description": "Describes an Azure resource.", + "properties": { + "id": { + "readOnly": true, + "type": "string", + "description": "Resource Id" + }, + "name": { + "readOnly": true, + "type": "string", + "description": "Resource name" + }, + "type": { + "readOnly": true, + "type": "string", + "description": "Resource type" + } + }, + "x-ms-azure-resource": true + }, + "SecurityContactList": { + "type": "object", + "description": "List of security contacts response", + "properties": { + "value": { + "readOnly": true, + "description": "List of security contacts", + "type": "array", + "items": { + "$ref": "#/definitions/SecurityContact" + } + } + } + }, + "SecurityContact": { + "type": "object", + "description": "Contact details for security issues", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "description": "Security contact data", + "$ref": "#/definitions/SecurityContactProperties" + } + }, + "allOf": [{ + "$ref": "#/definitions/Resource" + }] + }, + "SecurityContactProperties": { + "type": "object", + "description": "describes security contact properties", + "properties": { + "email": { + "type": "string", + "format": "email", + "description": "The email of this security contact" + }, + "phone": { + "type": "string", + "description": "The phone number of this security contact" + }, + "alertNotifications": { + "type": "string", + "enum": ["On", "Off"], + "x-ms-enum": { + "name": "alertNotifications", + "modelAsString": true, + "values": [{ + "value": "On", + "description": "Get notifications on new alerts" + }, + { + "value": "Off", + "description": "Don't get notifications on new alerts" + } + ] + }, + "description": "Whether to send security alerts notifications to the security contact" + }, + "alertsToAdmins": { + "type": "string", + "enum": ["On", "Off"], + "x-ms-enum": { + "name": "alertsToAdmins", + "modelAsString": true, + "values": [{ + "value": "On", + "description": "Send notification on new alerts to the subscription's admins" + }, + { + "value": "Off", + "description": "Don't send notification on new alerts to the subscription's admins" + } + ] + }, + "description": "Whether to send security alerts notifications to subscription admins" + } + }, + "required": [ + "email", + "phone", + "alertNotifications", + "alertsToAdmins" + ] + }, + "PricingList": { + "description": "List of pricing configurations response", + "required": [ + "value" + ], + "properties": { + "value": { + "type": "array", + "description": "List of pricing configurations", + "items": { + "$ref": "#/definitions/Pricing" + } + }, + "nextLink": { + "readOnly": true, + "type": "string", + "description": "The URI to fetch the next page." + } + } + }, + "Pricing": { + "type": "object", + "description": "Pricing tier will be applied for the scope based on the resource ID", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "description": "Pricing data", + "$ref": "#/definitions/PricingProperties" + } + }, + "allOf": [{ + "$ref": "#/definitions/Resource" + }] + }, + "PricingProperties": { + "type": "object", + "description": "Pricing data", + "properties": { + "pricingTier": { + "type": "string", + "description": "Pricing tier type", + "enum": ["Free", "Standard"], + "x-ms-enum": { + "name": "pricingTier", + "modelAsString": true, + "values": [{ + "value": "Free", + "description": "Get free Azure security center experience with basic security features" + }, + { + "value": "Standard", + "description": "Get the standard Azure security center experience with advanced security features" + } + ] + } + } + }, + "required": [ + "pricingTier" + ] + }, + "WorkspaceSettingList": { + "description": "List of workspace settings response", + "required": [ + "value" + ], + "properties": { + "value": { + "type": "array", + "description": "List of workspace settings", + "items": { + "$ref": "#/definitions/WorkspaceSetting" + } + }, + "nextLink": { + "readOnly": true, + "type": "string", + "description": "The URI to fetch the next page." + } + } + }, + "WorkspaceSetting": { + "type": "object", + "description": "Configures where to store the OMS agent data for workspaces under a scope", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "description": "Workspace setting data", + "$ref": "#/definitions/WorkspaceSettingProperties" + } + }, + "allOf": [{ + "$ref": "#/definitions/Resource" + }] + }, + "WorkspaceSettingProperties": { + "type": "object", + "description": "Workspace setting data", + "properties": { + "workspaceId": { + "type": "string", + "description": "The full Azure ID of the workspace to save the data in" + }, + "scope": { + "type": "string", + "description": "All the VMs in this scope will send their security data to the mentioned workspace unless overridden by a setting with more specific scope" + } + }, + "required": [ + "workspaceId", + "scope" + ] + }, + "AutoProvisioningSettingList": { + "type": "object", + "description": "List of all the auto provisioning settings response", + "properties": { + "value": { + "description": "List of all the auto provisioning settings", + "type": "array", + "items": { + "$ref": "#/definitions/AutoProvisioningSetting" + } + } + } + }, + "AutoProvisioningSetting": { + "type": "object", + "description": "Auto provisioning setting", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "description": "Auto provisioning setting data", + "$ref": "#/definitions/AutoProvisioningSettingProperties" + } + }, + "allOf": [{ + "$ref": "#/definitions/Resource" + }] + }, + "AutoProvisioningSettingProperties": { + "type": "object", + "description": "describes properties of an auto provisioning setting", + "properties": { + "provisioningSetting": { + "type": "string", + "description": "Describes what kind of security agent provisioning action to take", + "enum": ["Automatic", "Off"], + "x-ms-enum": { + "name": "provisioningSetting", + "modelAsString": true, + "values": [{ + "value": "Automatic", + "description": "Install missing security agent on VMs automatically" + }, + { + "value": "Off", + "description": "Do not install security agent on the VMs automatically" + } + ] + } + } + }, + "required": [ + "provisioningSetting" + ] + }, + "ComplianceList": { + "type": "object", + "readOnly": true, + "description": "List of Compliance objects response", + "properties": { + "value": { + "type": "array", + "description": "List of Compliance objects", + "items": { + "$ref": "#/definitions/Compliance" + } + }, + "nextLink": { + "readOnly": true, + "type": "string", + "description": "The URI to fetch the next page." + } + } + }, + "Compliance": { + "type": "object", + "readOnly": true, + "description": "Compliance of a scope", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "description": "Compliance data", + "$ref": "#/definitions/ComplianceProperties" + } + }, + "allOf": [{ + "$ref": "#/definitions/Resource" + }] + }, + "ComplianceProperties": { + "type": "object", + "description": "The Compliance score (percentage) of a Subscription is a sum of all Resources' Compliances under the given Subscription. A Resource Compliance is defined as the compliant ('healthy') Policy Definitions out of all Policy Definitions applicable to a given resource.", + "properties": { + "assessmentTimestampUtcDate": { + "readOnly": true, + "type": "string", + "format": "date-time", + "description": "The timestamp when the Compliance calculation was conducted." + }, + "resourceCount": { + "readOnly": true, + "type": "integer", + "description": "The resource count of the given subscription for which the Compliance calculation was conducted (needed for Management Group Compliance calculation)." + }, + "assessmentResult": { + "readOnly": true, + "type": "array", + "items": { + "$ref": "#/definitions/ComplianceSegment" + }, + "description": "An array of segment, which is the actually the compliance assessment." + } + } + }, + "ComplianceSegment": { + "type": "object", + "description": "A segment of a compliance assessment.", + "properties": { + "segmentType": { + "readOnly": true, + "type": "string", + "description": "The segment type, e.g. compliant, non-compliance, insufficient coverage, N/A, etc." + }, + "percentage": { + "type": "number", + "format": "double", + "readOnly": true, + "description": "The size (%) of the segment." + } + } + } + }, + "parameters": { + "SubscriptionId": { + "name": "subscriptionId", + "in": "path", + "required": true, + "pattern": "^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$", + "type": "string", + "description": "Azure subscription ID" + }, + "ResourceGroupName": { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource group within the user's subscription. The name is case insensitive.", + "pattern": "^[-\\w\\._\\(\\)]+$", + "minLength": 1, + "maxLength": 90, + "x-ms-parameter-location": "method" + }, + "ApiVersion": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "enum": ["2017-08-01-preview"], + "description": "API version for the operation" + }, + "Scope": { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "Scope of the query, can be subscription (/subscriptions/0b06d9ea-afe6-4779-bd59-30e5c2d9d13f) or management group (/providers/Microsoft.Management/managementGroups/mgName).", + "x-ms-parameter-location": "method" + }, + "PricingName": { + "name": "pricingName", + "in": "path", + "required": true, + "type": "string", + "description": "name of the pricing configuration", + "x-ms-parameter-location": "method" + }, + "Pricing": { + "name": "pricing", + "in": "body", + "required": true, + "description": "Pricing object", + "schema": { + "$ref": "#/definitions/Pricing" + }, + "x-ms-parameter-location": "method" + }, + "SecurityContactName": { + "name": "securityContactName", + "in": "path", + "required": true, + "type": "string", + "description": "Name of the security contact object", + "x-ms-parameter-location": "method" + }, + "SecurityContact": { + "name": "securityContact", + "in": "body", + "required": true, + "description": "Security contact object", + "schema": { + "$ref": "#/definitions/SecurityContact" + }, + "x-ms-parameter-location": "method" + }, + "WorkspaceSettingName": { + "name": "workspaceSettingName", + "in": "path", + "required": true, + "type": "string", + "description": "Name of the security setting", + "x-ms-parameter-location": "method" + }, + "WorkspaceSetting": { + "name": "workspaceSetting", + "in": "body", + "required": true, + "description": "Security data setting object", + "schema": { + "$ref": "#/definitions/WorkspaceSetting" + }, + "x-ms-parameter-location": "method" + }, + "AutoProvisioningSettingName": { + "name": "settingName", + "in": "path", + "required": true, + "type": "string", + "description": "Auto provisioning setting key", + "x-ms-parameter-location": "method" + }, + "AutoProvisioningSetting": { + "name": "setting", + "in": "body", + "required": true, + "description": "Auto provisioning setting key", + "schema": { + "$ref": "#/definitions/AutoProvisioningSetting" + }, + "x-ms-parameter-location": "method" + }, + "ComplianceName": { + "name": "complianceName", + "in": "path", + "required": true, + "type": "string", + "description": "name of the Compliance", + "x-ms-parameter-location": "method" + } + } +} \ No newline at end of file diff --git a/specification/security/resource-manager/readme.md b/specification/security/resource-manager/readme.md new file mode 100644 index 000000000000..51e4c3944bdc --- /dev/null +++ b/specification/security/resource-manager/readme.md @@ -0,0 +1,61 @@ +# Security Center + +> see https://aka.ms/autorest + +This is the AutoRest configuration file for Security. + + + +--- +## Getting Started +To build the SDK for Security, simply [Install AutoRest](https://aka.ms/autorest/install) and in this folder, run: + +> `autorest` + +To see additional help and options, run: + +> `autorest --help` +--- + +## Configuration + + + +### Basic Information +These are the global settings for the Security API. + +``` yaml +openapi-type: arm +tag: package-composite-v1 +``` + + +### Tag: package-composite-v1 + +These settings apply only when `--tag=package-composite-v1` is specified on the command line. + +``` yaml $(tag) == 'package-composite-v1' +input-file: +- Microsoft.Security/preview/2017-08-01-preview/security.json +- Microsoft.Security/preview/2015-06-01-preview/security.json +``` + + +--- +# Code Generation + + +## C# + +These settings apply only when `--csharp` is specified on the command line. +Please also specify `--csharp-sdks-folder=`. + +``` yaml $(csharp) +csharp: + azure-arm: true + license-header: MICROSOFT_MIT_NO_VERSION + namespace: Microsoft.Azure.Management.Security + payload-flattening-threshold: 2 + output-folder: $(csharp-sdks-folder)/Security/Management.Security/Generated + clear-output-folder: true +``` \ No newline at end of file