Managed by tenant approvers (Azure#14422)

* Add managedByTenantApprovers to Swagger * Formatting fixes * Small fix
mkarmark · Jul 20, 2021 · 96e2e4f · 96e2e4f
1 parent 35668e9
commit 96e2e4f
Show file tree

Hide file tree

Showing 4 changed files with 63 additions and 7 deletions.
diff --git a/...rosoft.ManagedServices/preview/2020-02-01-preview/examples/GetRegistrationDefinition.json b/...rosoft.ManagedServices/preview/2020-02-01-preview/examples/GetRegistrationDefinition.json
@@ -30,7 +30,13 @@
             {
               "justInTimeAccessPolicy": {
                 "multiFactorAuthProvider": "Azure",
-                "maximumActivationDuration": "PT8H"
+                "maximumActivationDuration": "PT8H",
+                "managedByTenantApprovers": [
+                  {
+                    "principalId": "d9b22cd6-6407-43cc-8c60-07c56df0b51a",
+                    "principalIdDisplayName": "Approver Group"
+                  }
+                ]
               },
               "principalId": "3e0ed8c6-e902-4fc5-863c-e3ddbb2ae2a2",
               "principalIdDisplayName": "Support User",

diff --git a/...osoft.ManagedServices/preview/2020-02-01-preview/examples/GetRegistrationDefinitions.json b/...osoft.ManagedServices/preview/2020-02-01-preview/examples/GetRegistrationDefinitions.json
@@ -31,7 +31,13 @@
                 {
                   "justInTimeAccessPolicy": {
                     "multiFactorAuthProvider": "Azure",
-                    "maximumActivationDuration": "PT8H"
+                    "maximumActivationDuration": "PT8H",
+                    "managedByTenantApprovers": [
+                      {
+                        "principalId": "d9b22cd6-6407-43cc-8c60-07c56df0b51a",
+                        "principalIdDisplayName": "Approver Group"
+                      }
+                    ]
                   },
                   "principalId": "3e0ed8c6-e902-4fc5-863c-e3ddbb2ae2a2",
                   "principalIdDisplayName": "Support User",

diff --git a/...rosoft.ManagedServices/preview/2020-02-01-preview/examples/PutRegistrationDefinition.json b/...rosoft.ManagedServices/preview/2020-02-01-preview/examples/PutRegistrationDefinition.json
@@ -30,7 +30,13 @@
             "roleDefinitionId": "ae349356-3a1b-4a5e-921d-050484c6347e",
             "justInTimeAccessPolicy": {
               "multiFactorAuthProvider": "Azure",
-              "maximumActivationDuration": "PT8H"
+              "maximumActivationDuration": "PT8H",
+              "managedByTenantApprovers": [
+                {
+                  "principalId": "d9b22cd6-6407-43cc-8c60-07c56df0b51a",
+                  "principalIdDisplayName": "Approver Group"
+                }
+              ]
             }
           }
         ]
@@ -69,7 +75,13 @@
             {
               "justInTimeAccessPolicy": {
                 "multiFactorAuthProvider": "Azure",
-                "maximumActivationDuration": "PT8H"
+                "maximumActivationDuration": "PT8H",
+                "managedByTenantApprovers": [
+                  {
+                    "principalId": "d9b22cd6-6407-43cc-8c60-07c56df0b51a",
+                    "principalIdDisplayName": "Approver Group"
+                  }
+                ]
               },
               "principalId": "3e0ed8c6-e902-4fc5-863c-e3ddbb2ae2a2",
               "principalIdDisplayName": "Support User",
@@ -115,7 +127,13 @@
             {
               "justInTimeAccessPolicy": {
                 "multiFactorAuthProvider": "Azure",
-                "maximumActivationDuration": "PT8H"
+                "maximumActivationDuration": "PT8H",
+                "managedByTenantApprovers": [
+                  {
+                    "principalId": "d9b22cd6-6407-43cc-8c60-07c56df0b51a",
+                    "principalIdDisplayName": "Approver Group"
+                  }
+                ]
               },
               "principalId": "3e0ed8c6-e902-4fc5-863c-e3ddbb2ae2a2",
               "principalIdDisplayName": "Support User",

diff --git a/...esource-manager/Microsoft.ManagedServices/preview/2020-02-01-preview/managedservices.json b/...esource-manager/Microsoft.ManagedServices/preview/2020-02-01-preview/managedservices.json
@@ -1072,6 +1072,23 @@
       "type": "object",
       "description": "Eligible authorization tuple containing principle Id (of user/service principal/security group), role definition id, and the just-in-time access setting."
     },
+    "EligibleApprover": {
+      "properties": {
+        "principalId": {
+          "type": "string",
+          "description": "Principal Id of the user or security group that will approve JIT activation requests for the eligible authorization."
+        },
+        "principalIdDisplayName": {
+          "type": "string",
+          "description": "Display name of the principal Id."
+        }
+      },
+      "required": [
+        "principalId"
+      ],
+      "type": "object",
+      "description": "A principal Id and user-friendly display name representing an eligible authorization approver."
+    },
     "JustInTimeAccessPolicy": {
       "properties": {
         "multiFactorAuthProvider": {
@@ -1084,12 +1101,21 @@
           "x-ms-enum": {
             "name": "MultiFactorAuthProvider",
             "modelAsString": true
-          }
+          },
+          "default": "None"
         },
         "maximumActivationDuration": {
           "type": "string",
           "format": "duration",
-          "description": "Maximum access duration in ISO 8601 format.  The default value is \"PT8H\"."
+          "description": "Maximum access duration in ISO 8601 format.",
+          "default": "PT8H"
+        },
+        "managedByTenantApprovers": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/EligibleApprover"
+          },
+          "description": "The list of managedByTenant approvers for the eligible authorization."
         }
       },
       "required": [