diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/assessmentsMetadata.json b/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/assessmentsMetadata.json
deleted file mode 100644
index ebb8b15997ce..000000000000
--- a/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/assessmentsMetadata.json
+++ /dev/null
@@ -1,358 +0,0 @@
-{
- "swagger": "2.0",
- "info": {
- "title": "Security Center",
- "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
- "version": "2019-01-01-preview"
- },
- "host": "management.azure.com",
- "schemes": [
- "https"
- ],
- "consumes": [
- "application/json"
- ],
- "produces": [
- "application/json"
- ],
- "security": [
- {
- "azure_auth": [
- "user_impersonation"
- ]
- }
- ],
- "securityDefinitions": {
- "azure_auth": {
- "type": "oauth2",
- "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
- "flow": "implicit",
- "description": "Azure Active Directory OAuth2 Flow",
- "scopes": {
- "user_impersonation": "impersonate your user account"
- }
- }
- },
- "paths": {
- "/providers/Microsoft.Security/assessmentsMetadata": {
- "get": {
- "x-ms-examples": {
- "List security assessment metadata": {
- "$ref": "./examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json"
- }
- },
- "tags": [
- "Assessments Metadata"
- ],
- "description": "Get metadata information on all assessment types",
- "operationId": "AssessmentsMetadata_List",
- "parameters": [
- {
- "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
- }
- ],
- "responses": {
- "200": {
- "description": "OK",
- "schema": {
- "$ref": "#/definitions/SecurityAssessmentMetadataList"
- }
- },
- "default": {
- "description": "Error response describing why the operation failed.",
- "schema": {
- "$ref": "../../../common/v1/types.json#/definitions/CloudError"
- }
- }
- },
- "x-ms-pageable": {
- "nextLinkName": "nextLink"
- }
- }
- },
- "/providers/Microsoft.Security/assessmentsMetadata/{assessmentsMetadataName}": {
- "get": {
- "x-ms-examples": {
- "Get security assessment metadata": {
- "$ref": "./examples/AssessmentsMetadata/GetAssessmentsMetadata_example.json"
- }
- },
- "tags": [
- "Assessments Metadata"
- ],
- "description": "Get metadata information on an assessment type",
- "operationId": "AssessmentsMetadata_Get",
- "parameters": [
- {
- "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
- },
- {
- "$ref": "#/parameters/AssessmentsMetadataName"
- }
- ],
- "responses": {
- "200": {
- "description": "OK",
- "schema": {
- "$ref": "#/definitions/SecurityAssessmentMetadata"
- }
- },
- "default": {
- "description": "Error response describing why the operation failed.",
- "schema": {
- "$ref": "../../../common/v1/types.json#/definitions/CloudError"
- }
- }
- }
- }
- },
- "/subscriptions/{subscriptionId}/providers/Microsoft.Security/assessmentsMetadata": {
- "get": {
- "x-ms-examples": {
- "List security assessment metadata for subscription": {
- "$ref": "./examples/AssessmentsMetadata/ListAssessmentsMetadata_subscription_example.json"
- }
- },
- "tags": [
- "Assessments Metadata"
- ],
- "description": "Get metadata information on all assessment types in a specific subscription",
- "operationId": "AssessmentsMetadataSubscription_List",
- "parameters": [
- {
- "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
- },
- {
- "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
- }
- ],
- "responses": {
- "200": {
- "description": "OK",
- "schema": {
- "$ref": "#/definitions/SecurityAssessmentMetadataList"
- }
- },
- "default": {
- "description": "Error response describing why the operation failed.",
- "schema": {
- "$ref": "../../../common/v1/types.json#/definitions/CloudError"
- }
- }
- },
- "x-ms-pageable": {
- "nextLinkName": "nextLink"
- }
- }
- },
- "/subscriptions/{subscriptionId}/providers/Microsoft.Security/assessmentsMetadata/{assessmentsMetadataName}": {
- "get": {
- "x-ms-examples": {
- "Get security assessment metadata for subscription": {
- "$ref": "./examples/AssessmentsMetadata/GetAssessmentsMetadata_subscription_example.json"
- }
- },
- "tags": [
- "Assessments Metadata"
- ],
- "description": "Get metadata information on an assessment type in a specific subscription",
- "operationId": "AssessmentsMetadataSubscription_Get",
- "parameters": [
- {
- "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
- },
- {
- "$ref": "#/parameters/AssessmentsMetadataName"
- },
- {
- "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
- }
- ],
- "responses": {
- "200": {
- "description": "OK",
- "schema": {
- "$ref": "#/definitions/SecurityAssessmentMetadata"
- }
- },
- "default": {
- "description": "Error response describing why the operation failed.",
- "schema": {
- "$ref": "../../../common/v1/types.json#/definitions/CloudError"
- }
- }
- }
- }
- }
- },
- "definitions": {
- "SecurityAssessmentMetadataList": {
- "type": "object",
- "description": "List of security assessment metadata",
- "properties": {
- "value": {
- "readOnly": true,
- "type": "array",
- "items": {
- "$ref": "#/definitions/SecurityAssessmentMetadata"
- }
- },
- "nextLink": {
- "readOnly": true,
- "type": "string",
- "description": "The URI to fetch the next page."
- }
- }
- },
- "SecurityAssessmentMetadata": {
- "type": "object",
- "description": "Security assessment metadata",
- "properties": {
- "properties": {
- "x-ms-client-flatten": true,
- "$ref": "#/definitions/SecurityAssessmentMetadataProperties"
- }
- },
- "allOf": [
- {
- "$ref": "../../../common/v1/types.json#/definitions/Resource"
- }
- ]
- },
- "SecurityAssessmentMetadataProperties": {
- "type": "object",
- "description": "Describes properties of an assessment metadata.",
- "properties": {
- "displayName": {
- "readOnly": true,
- "type": "string",
- "description": "User friendly display name of the assessment"
- },
- "policyDefinitionId": {
- "readOnly": true,
- "type": "string",
- "description": "Azure resource ID of the policy definition that turns this assessment calculation on"
- },
- "description": {
- "readOnly": true,
- "type": "string",
- "description": "Human readable description of the assessment"
- },
- "remediationDescription": {
- "readOnly": true,
- "type": "string",
- "description": "Human readable description of what you should do to mitigate this security issue"
- },
- "category": {
- "readOnly": true,
- "type": "array",
- "items": {
- "type": "string",
- "description": "The category of resource that is at risk when the assessment is unhealthy",
- "enum": [
- "Compute",
- "Network",
- "Data",
- "IdentityAndAccess",
- "IoT"
- ],
- "x-ms-enum": {
- "name": "category",
- "modelAsString": true,
- "values": [
- {
- "value": "Compute"
- },
- {
- "value": "Network"
- },
- {
- "value": "Data"
- },
- {
- "value": "IdentityAndAccess"
- },
- {
- "value": "IoT"
- }
- ]
- }
- }
- },
- "secureScoreWeight": {
- "readOnly": true,
- "type": "integer",
- "description": "Weight for the security score calculation. the higher this number, this severity of this assessment is higher"
- },
- "requiredPricingBundle": {
- "readOnly": true,
- "type": "array",
- "items": {
- "type": "string",
- "description": "The required Azure Security Center pricing bundle name. One of the bundles must be Standard. Empty list is a free assessment.",
- "enum": [
- "VirtualMachines",
- "SqlServers",
- "AppServices",
- "StorageAccounts"
- ],
- "x-ms-enum": {
- "name": "requiredPricingBundle",
- "modelAsString": true,
- "values": [
- {
- "value": "VirtualMachines"
- },
- {
- "value": "SqlServers"
- },
- {
- "value": "AppServices"
- },
- {
- "value": "StorageAccounts"
- }
- ]
- }
- }
- },
- "preview": {
- "readOnly": true,
- "type": "boolean",
- "description": "True if this assessment is in preview release status"
- },
- "assessmentType": {
- "readOnly": true,
- "type": "string",
- "description": "BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition",
- "enum": [
- "BuiltIn",
- "Custom"
- ],
- "x-ms-enum": {
- "name": "assessmentType",
- "modelAsString": true,
- "values": [
- {
- "value": "BuiltIn"
- },
- {
- "value": "Custom"
- }
- ]
- }
- }
- }
- }
- },
- "parameters": {
- "AssessmentsMetadataName": {
- "name": "assessmentsMetadataName",
- "in": "path",
- "required": true,
- "type": "string",
- "description": "The Assessment Key - Unique key for the assessment type",
- "x-ms-parameter-location": "method"
- }
- }
-}
\ No newline at end of file
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_example.json
deleted file mode 100644
index f3d3156b17a0..000000000000
--- a/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_example.json
+++ /dev/null
@@ -1,26 +0,0 @@
-{
- "parameters": {
- "api-version": "2019-01-01-preview",
- "assessmentsMetadataName": "21300918-b2e3-0346-785f-c77ff57d243b"
- },
- "responses": {
- "200": {
- "body": {
- "id": "/providers/Microsoft.Security/assessmentMetadata/21300918-b2e3-0346-785f-c77ff57d243b",
- "name": "21300918-b2e3-0346-785f-c77ff57d243b",
- "type": "Microsoft.Security/assessmentMetadata",
- "properties": {
- "displayName": "Install endpoint protection solution on virtual machine scale sets",
- "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/26a828e1-e88f-464e-bbb3-c134a282b9de",
- "description": "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
- "remediationDescription": "To install an endpoint protection solution: 1. Follow the instructions in How do I turn on antimalware in my virtual machine scale set",
- "category": [
- "Compute"
- ],
- "secureScoreWeight": 15,
- "assessmentType": "Custom"
- }
- }
- }
- }
-}
\ No newline at end of file
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_subscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_subscription_example.json
deleted file mode 100644
index e7e6e70b96d9..000000000000
--- a/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_subscription_example.json
+++ /dev/null
@@ -1,27 +0,0 @@
-{
- "parameters": {
- "api-version": "2019-01-01-preview",
- "subscriptionId": "0980887d-03d6-408c-9566-532f3456804e",
- "assessmentsMetadataName": "21300918-b2e3-0346-785f-c77ff57d243b"
- },
- "responses": {
- "200": {
- "body": {
- "id": "/providers/Microsoft.Security/assessmentMetadata/21300918-b2e3-0346-785f-c77ff57d243b",
- "name": "21300918-b2e3-0346-785f-c77ff57d243b",
- "type": "Microsoft.Security/assessmentMetadata",
- "properties": {
- "displayName": "Install endpoint protection solution on virtual machine scale sets",
- "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/26a828e1-e88f-464e-bbb3-c134a282b9de",
- "description": "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
- "remediationDescription": "To install an endpoint protection solution: 1. Follow the instructions in How do I turn on antimalware in my virtual machine scale set",
- "category": [
- "Compute"
- ],
- "secureScoreWeight": 15,
- "assessmentType": "Custom"
- }
- }
- }
- }
-}
\ No newline at end of file
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json
deleted file mode 100644
index 4f4581798203..000000000000
--- a/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json
+++ /dev/null
@@ -1,52 +0,0 @@
-{
- "parameters": {
- "api-version": "2019-01-01-preview"
- },
- "responses": {
- "200": {
- "body": {
- "value": [
- {
- "id": "/providers/Microsoft.Security/assessmentMetadata/21300918-b2e3-0346-785f-c77ff57d243b",
- "name": "21300918-b2e3-0346-785f-c77ff57d243b",
- "type": "Microsoft.Security/assessmentMetadata",
- "properties": {
- "displayName": "Install endpoint protection solution on virtual machine scale sets",
- "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/26a828e1-e88f-464e-bbb3-c134a282b9de",
- "description": "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
- "remediationDescription": "To install an endpoint protection solution: 1. Follow the instructions in How do I turn on antimalware in my virtual machine scale set",
- "category": [
- "Compute"
- ],
- "requiredPricingBundle": [
- "VirtualMachines"
- ],
- "secureScoreWeight": 15,
- "assessmentType": "BuiltIn"
- }
- },
- {
- "id": "/providers/Microsoft.Security/assessmentMetadata/bc303248-3d14-44c2-96a0-55f5c326b5fe",
- "name": "bc303248-3d14-44c2-96a0-55f5c326b5fe",
- "type": "Microsoft.Security/assessmentMetadata",
- "properties": {
- "displayName": "Close management ports on your virtual machines",
- "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/22730e10-96f6-4aac-ad84-9383d35b5917",
- "description": "Open remote management ports expose your VM to a high level of risk from internet-based attacks that attempt to brute force credentials to gain admin access to the machine.",
- "remediationDescription": "We recommend that you edit the inbound rules of the below virtual machines to restrict access to specific source ranges.
To restrict the access to your virtual machines: 1. Click on a VM from the list below 2. At the 'Networking' blade, click on each of the rules that allow management ports (e.g. RDP-3389, WINRM-5985, SSH-22) 3. Change the 'Action' property to 'Deny' 4. Click 'Save'",
- "category": [
- "Networking"
- ],
- "requiredPricingBundle": [
- "VirtualMachines"
- ],
- "secureScoreWeight": 10,
- "preview": true,
- "assessmentType": "Custom"
- }
- }
- ]
- }
- }
- }
-}
\ No newline at end of file
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_subscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_subscription_example.json
deleted file mode 100644
index 46f77128133c..000000000000
--- a/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_subscription_example.json
+++ /dev/null
@@ -1,53 +0,0 @@
-{
- "parameters": {
- "api-version": "2019-01-01-preview",
- "subscriptionId": "0980887d-03d6-408c-9566-532f3456804e"
- },
- "responses": {
- "200": {
- "body": {
- "value": [
- {
- "id": "/providers/Microsoft.Security/assessmentMetadata/21300918-b2e3-0346-785f-c77ff57d243b",
- "name": "21300918-b2e3-0346-785f-c77ff57d243b",
- "type": "Microsoft.Security/assessmentMetadata",
- "properties": {
- "displayName": "Install endpoint protection solution on virtual machine scale sets",
- "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/26a828e1-e88f-464e-bbb3-c134a282b9de",
- "description": "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
- "remediationDescription": "To install an endpoint protection solution: 1. Follow the instructions in How do I turn on antimalware in my virtual machine scale set",
- "category": [
- "Compute"
- ],
- "requiredPricingBundle": [
- "VirtualMachines"
- ],
- "secureScoreWeight": 15,
- "assessmentType": "BuiltIn"
- }
- },
- {
- "id": "/providers/Microsoft.Security/assessmentMetadata/bc303248-3d14-44c2-96a0-55f5c326b5fe",
- "name": "bc303248-3d14-44c2-96a0-55f5c326b5fe",
- "type": "Microsoft.Security/assessmentMetadata",
- "properties": {
- "displayName": "Close management ports on your virtual machines",
- "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/22730e10-96f6-4aac-ad84-9383d35b5917",
- "description": "Open remote management ports expose your VM to a high level of risk from internet-based attacks that attempt to brute force credentials to gain admin access to the machine.",
- "remediationDescription": "We recommend that you edit the inbound rules of the below virtual machines to restrict access to specific source ranges.
To restrict the access to your virtual machines: 1. Click on a VM from the list below 2. At the 'Networking' blade, click on each of the rules that allow management ports (e.g. RDP-3389, WINRM-5985, SSH-22) 3. Change the 'Action' property to 'Deny' 4. Click 'Save'",
- "category": [
- "Networking"
- ],
- "requiredPricingBundle": [
- "VirtualMachines"
- ],
- "secureScoreWeight": 10,
- "preview": true,
- "assessmentType": "Custom"
- }
- }
- ]
- }
- }
- }
-}
\ No newline at end of file
diff --git a/specification/security/resource-manager/readme.md b/specification/security/resource-manager/readme.md
index 5bbf118df5ee..b2a88a1c3763 100644
--- a/specification/security/resource-manager/readme.md
+++ b/specification/security/resource-manager/readme.md
@@ -52,7 +52,6 @@ These settings apply only when `--tag=package-composite-v1` is specified on the
```yaml $(tag) == 'package-composite-v1'
input-file:
- Microsoft.Security/preview/2019-01-01-preview/regulatoryCompliance.json
-- Microsoft.Security/preview/2019-01-01-preview/assessmentsMetadata.json
- Microsoft.Security/preview/2017-08-01-preview/pricings.json
- Microsoft.Security/preview/2017-08-01-preview/securityContacts.json
- Microsoft.Security/preview/2017-08-01-preview/workspaceSettings.json
@@ -85,7 +84,6 @@ These settings apply only when `--tag=package-composite-v2` is specified on the
```yaml $(tag) == 'package-composite-v2'
input-file:
- Microsoft.Security/preview/2019-01-01-preview/regulatoryCompliance.json
-- Microsoft.Security/preview/2019-01-01-preview/assessmentsMetadata.json
- Microsoft.Security/stable/2018-06-01/pricings.json
- Microsoft.Security/preview/2017-08-01-preview/securityContacts.json
- Microsoft.Security/preview/2017-08-01-preview/workspaceSettings.json
@@ -138,7 +136,6 @@ input-file:
- Microsoft.Security/preview/2017-08-01-preview/iotSecuritySolutions.json
- Microsoft.Security/preview/2017-08-01-preview/iotSecuritySolutionAnalytics.json
- Microsoft.Security/preview/2019-01-01-preview/regulatoryCompliance.json
-- Microsoft.Security/preview/2019-01-01-preview/assessmentsMetadata.json
- Microsoft.Security/preview/2019-01-01-preview/serverVulnerabilityAssessments.json
# Needed when there is more than one input file