diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/adaptiveNetworkHardenings.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/adaptiveNetworkHardenings.json index 8e8296514853..2b5bf8de610f 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/adaptiveNetworkHardenings.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/adaptiveNetworkHardenings.json @@ -1,412 +1,412 @@ { - "swagger": "2.0", - "info": { - "title": "Security Center", - "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", - "version": "2015-06-01-preview" - }, - "host": "management.azure.com", - "schemes": [ - "https" - ], - "consumes": [ - "application/json" - ], - "produces": [ - "application/json" - ], - "security": [ - { - "azure_auth": [ - "user_impersonation" - ] - } - ], - "securityDefinitions": { - "azure_auth": { - "type": "oauth2", - "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", - "flow": "implicit", - "description": "Azure Active Directory OAuth2 Flow", - "scopes": { - "user_impersonation": "impersonate your user account" + "swagger": "2.0", + "info": { + "title": "Security Center", + "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", + "version": "2015-06-01-preview" + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceNamespace}/{resourceType}/{resourceName}/providers/Microsoft.Security/adaptiveNetworkHardenings": { + "get": { + "x-ms-examples": { + "List Adaptive Network Hardenings resources of an extended resource": { + "$ref": "./examples/AdaptiveNetworkHardenings/ListByExtendedResourceAdaptiveNetworkHardenings_example.json" + } + }, + "description": "Gets a list of Adaptive Network Hardenings resources in scope of an extended resource.", + "tags": [ + "AdaptiveNetworkHardenings" + ], + "operationId": "AdaptiveNetworkHardenings_ListByExtendedResource", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" + }, + { + "name": "resourceNamespace", + "in": "path", + "description": "The Namespace of the resource.", + "required": true, + "type": "string" + }, + { + "name": "resourceType", + "in": "path", + "description": "The type of the resource.", + "required": true, + "type": "string" + }, + { + "name": "resourceName", + "in": "path", + "description": "Name of the resource.", + "required": true, + "type": "string" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/AdaptiveNetworkHardeningsList" } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" } + } }, - "paths": { - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceNamespace}/{resourceType}/{resourceName}/providers/Microsoft.Security/adaptiveNetworkHardenings": { - "get": { - "x-ms-examples": { - "List Adaptive Network Hardenings resources of an extended resource": { - "$ref": "./examples/AdaptiveNetworkHardenings/ListByExtendedResourceAdaptiveNetworkHardenings_example.json" - } - }, - "description": "Gets a list of Adaptive Network Hardenings resources in scope of an extended resource.", - "tags": [ - "AdaptiveNetworkHardenings" - ], - "operationId": "AdaptiveNetworkHardenings_ListByExtendedResource", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" - }, - { - "name": "resourceNamespace", - "in": "path", - "description": "The Namespace of the resource.", - "required": true, - "type": "string" - }, - { - "name": "resourceType", - "in": "path", - "description": "The type of the resource.", - "required": true, - "type": "string" - }, - { - "name": "resourceName", - "in": "path", - "description": "Name of the resource.", - "required": true, - "type": "string" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AdaptiveNetworkHardeningsList" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - } - } + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceNamespace}/{resourceType}/{resourceName}/providers/Microsoft.Security/adaptiveNetworkHardenings/{adaptiveNetworkHardeningResourceName}": { + "get": { + "x-ms-examples": { + "Get a single Adaptive Network Hardening resource": { + "$ref": "./examples/AdaptiveNetworkHardenings/GetAdaptiveNetworkHardening_example.json" + } }, - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceNamespace}/{resourceType}/{resourceName}/providers/Microsoft.Security/adaptiveNetworkHardenings/{adaptiveNetworkHardeningResourceName}": { - "get": { - "x-ms-examples": { - "Get a single Adaptive Network Hardening resource": { - "$ref": "./examples/AdaptiveNetworkHardenings/GetAdaptiveNetworkHardening_example.json" - } - }, - "tags": [ - "AdaptiveNetworkHardenings" - ], - "description": "Gets a single Adaptive Network Hardening resource", - "operationId": "AdaptiveNetworkHardenings_Get", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" - }, - { - "name": "resourceNamespace", - "in": "path", - "description": "The Namespace of the resource.", - "required": true, - "type": "string" - }, - { - "name": "resourceType", - "in": "path", - "description": "The type of the resource.", - "required": true, - "type": "string" - }, - { - "name": "resourceName", - "in": "path", - "description": "Name of the resource.", - "required": true, - "type": "string" - }, - { - "$ref": "#/parameters/AdaptiveNetworkHardeningResourceName" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AdaptiveNetworkHardening" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } + "tags": [ + "AdaptiveNetworkHardenings" + ], + "description": "Gets a single Adaptive Network Hardening resource", + "operationId": "AdaptiveNetworkHardenings_Get", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" + }, + { + "name": "resourceNamespace", + "in": "path", + "description": "The Namespace of the resource.", + "required": true, + "type": "string" + }, + { + "name": "resourceType", + "in": "path", + "description": "The type of the resource.", + "required": true, + "type": "string" + }, + { + "name": "resourceName", + "in": "path", + "description": "Name of the resource.", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/AdaptiveNetworkHardeningResourceName" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/AdaptiveNetworkHardening" } - }, - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceNamespace}/{resourceType}/{resourceName}/providers/Microsoft.Security/adaptiveNetworkHardenings/{adaptiveNetworkHardeningResourceName}/{adaptiveNetworkHardeningEnforceAction}": { - "post": { - "x-ms-long-running-operation": true, - "x-ms-examples": { - "Enforces the given rules on the NSG(s) listed in the request": { - "$ref": "./examples/AdaptiveNetworkHardenings/EnforceAdaptiveNetworkHardeningRules_example.json" - } - }, - "tags": [ - "AdaptiveNetworkHardenings" - ], - "description": "Enforces the given rules on the NSG(s) listed in the request", - "operationId": "AdaptiveNetworkHardenings_Enforce", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" - }, - { - "name": "resourceNamespace", - "in": "path", - "description": "The Namespace of the resource.", - "required": true, - "type": "string" - }, - { - "name": "resourceType", - "in": "path", - "description": "The type of the resource.", - "required": true, - "type": "string" - }, - { - "name": "resourceName", - "in": "path", - "description": "Name of the resource.", - "required": true, - "type": "string" - }, - { - "$ref": "#/parameters/AdaptiveNetworkHardeningResourceName" - }, - { - "$ref": "#/parameters/AdaptiveNetworkHardeningEnforceAction" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, - { - "$ref": "#/parameters/AdaptiveNetworkHardeningEnforceRequest" - } - ], - "responses": { - "200": { - "description": "OK." - }, - "202": { - "description": "Accepted" - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" } + } } + } }, - "definitions": { - "PortNumber": { - "type": "integer", - "minimum": 0, - "maximum": 65535 + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceNamespace}/{resourceType}/{resourceName}/providers/Microsoft.Security/adaptiveNetworkHardenings/{adaptiveNetworkHardeningResourceName}/{adaptiveNetworkHardeningEnforceAction}": { + "post": { + "x-ms-long-running-operation": true, + "x-ms-examples": { + "Enforces the given rules on the NSG(s) listed in the request": { + "$ref": "./examples/AdaptiveNetworkHardenings/EnforceAdaptiveNetworkHardeningRules_example.json" + } }, - "Rule": { - "description": "Describes remote addresses that is recommended to communicate with the Azure resource on some (Protocol, Port, Direction). All other remote addresses are recommended to be blocked", - "properties": { - "name": { - "description": "The name of the rule", - "type": "string" - }, - "direction": { - "description": "The rule's direction", - "type": "string", - "enum": [ - "Inbound", - "Outbound" - ], - "x-ms-enum": { - "name": "direction", - "modelAsString": true - } - }, - "destinationPort": { - "description": "The rule's destination port", - "$ref": "#/definitions/PortNumber" - }, - "protocols": { - "description": "The rule's transport protocols", - "type": "array", - "items": { - "type": "string", - "enum": [ - "TCP", - "UDP" - ], - "x-ms-enum": { - "name": "transportProtocol", - "modelAsString": true - } - } - }, - "ipAddresses": { - "description": "The remote IP addresses that should be able to communicate with the Azure resource on the rule's destination port and protocol", - "type": "array", - "items": { - "type": "string" - } - } + "tags": [ + "AdaptiveNetworkHardenings" + ], + "description": "Enforces the given rules on the NSG(s) listed in the request", + "operationId": "AdaptiveNetworkHardenings_Enforce", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" + }, + { + "name": "resourceNamespace", + "in": "path", + "description": "The Namespace of the resource.", + "required": true, + "type": "string" + }, + { + "name": "resourceType", + "in": "path", + "description": "The type of the resource.", + "required": true, + "type": "string" + }, + { + "name": "resourceName", + "in": "path", + "description": "Name of the resource.", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/AdaptiveNetworkHardeningResourceName" + }, + { + "$ref": "#/parameters/AdaptiveNetworkHardeningEnforceAction" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "#/parameters/AdaptiveNetworkHardeningEnforceRequest" + } + ], + "responses": { + "200": { + "description": "OK." + }, + "202": { + "description": "Accepted" + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" } + } + } + } + } + }, + "definitions": { + "PortNumber": { + "type": "integer", + "minimum": 0, + "maximum": 65535 + }, + "Rule": { + "description": "Describes remote addresses that is recommended to communicate with the Azure resource on some (Protocol, Port, Direction). All other remote addresses are recommended to be blocked", + "properties": { + "name": { + "description": "The name of the rule", + "type": "string" }, - "EffectiveNetworkSecurityGroups": { - "description": "Describes the Network Security Groups effective on a network interface", - "properties": { - "networkInterface": { - "description": "The Azure resource ID of the network interface", - "type": "string" - }, - "networkSecurityGroups": { - "description": "The Network Security Groups effective on the network interface", - "type": "array", - "items": { - "type": "string" - } - } - } + "direction": { + "description": "The rule's direction", + "type": "string", + "enum": [ + "Inbound", + "Outbound" + ], + "x-ms-enum": { + "name": "direction", + "modelAsString": true + } + }, + "destinationPort": { + "description": "The rule's destination port", + "$ref": "#/definitions/PortNumber" }, - "AdaptiveNetworkHardeningProperties": { - "description": "Adaptive Network Hardening resource properties", - "properties": { - "rules": { - "description": "The security rules which are recommended to be effective on the VM", - "type": "array", - "items": { - "$ref": "#/definitions/Rule" - } - }, - "rulesCalculationTime": { - "type": "string", - "format": "date-time", - "description": "The UTC time on which the rules were calculated" - }, - "effectiveNetworkSecurityGroups": { - "description": "The Network Security Groups effective on the network interfaces of the protected resource", - "type": "array", - "items": { - "$ref": "#/definitions/EffectiveNetworkSecurityGroups" - } - } + "protocols": { + "description": "The rule's transport protocols", + "type": "array", + "items": { + "type": "string", + "enum": [ + "TCP", + "UDP" + ], + "x-ms-enum": { + "name": "transportProtocol", + "modelAsString": true } + } }, - "AdaptiveNetworkHardening": { - "description": "The resource whose properties describes the Adaptive Network Hardening settings for some Azure resource", - "properties": { - "properties": { - "description": "Properties of the Adaptive Network Hardening resource", - "x-ms-client-flatten": true, - "$ref": "#/definitions/AdaptiveNetworkHardeningProperties" - } - }, - "allOf": [ - { - "$ref": "../../../common/v1/types.json#/definitions/Resource" - } - ] + "ipAddresses": { + "description": "The remote IP addresses that should be able to communicate with the Azure resource on the rule's destination port and protocol", + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "EffectiveNetworkSecurityGroups": { + "description": "Describes the Network Security Groups effective on a network interface", + "properties": { + "networkInterface": { + "description": "The Azure resource ID of the network interface", + "type": "string" }, - "AdaptiveNetworkHardeningsList": { - "description": "Response for ListAdaptiveNetworkHardenings API service call", - "properties": { - "value": { - "description": "A list of Adaptive Network Hardenings resources", - "type": "array", - "items": { - "$ref": "#/definitions/AdaptiveNetworkHardening" - } - }, - "nextLink": { - "description": "The URL to get the next set of results", - "type": "string" - } - } + "networkSecurityGroups": { + "description": "The Network Security Groups effective on the network interface", + "type": "array", + "items": { + "type": "string" + } + } + } + }, + "AdaptiveNetworkHardeningProperties": { + "description": "Adaptive Network Hardening resource properties", + "properties": { + "rules": { + "description": "The security rules which are recommended to be effective on the VM", + "type": "array", + "items": { + "$ref": "#/definitions/Rule" + } }, - "AdaptiveNetworkHardeningEnforceRequest": { - "type": "object", - "properties": { - "rules": { - "type": "array", - "description": "The rules to enforce", - "items": { - "$ref": "#/definitions/Rule" - } - }, - "networkSecurityGroups": { - "type": "array", - "description": "The Azure resource IDs of the effective network security groups that will be updated with the created security rules from the Adaptive Network Hardening rules", - "items": { - "type": "string" - } - } - }, - "required": [ - "rules", - "networkSecurityGroups" - ] + "rulesCalculationTime": { + "type": "string", + "format": "date-time", + "description": "The UTC time on which the rules were calculated" + }, + "effectiveNetworkSecurityGroups": { + "description": "The Network Security Groups effective on the network interfaces of the protected resource", + "type": "array", + "items": { + "$ref": "#/definitions/EffectiveNetworkSecurityGroups" + } } + } }, - "parameters": { - "AdaptiveNetworkHardeningResourceName": { - "name": "adaptiveNetworkHardeningResourceName", - "in": "path", - "description": "The name of the Adaptive Network Hardening resource.", - "required": true, - "type": "string", - "x-ms-parameter-location": "method" + "AdaptiveNetworkHardening": { + "description": "The resource whose properties describes the Adaptive Network Hardening settings for some Azure resource", + "properties": { + "properties": { + "description": "Properties of the Adaptive Network Hardening resource", + "x-ms-client-flatten": true, + "$ref": "#/definitions/AdaptiveNetworkHardeningProperties" + } + }, + "allOf": [ + { + "$ref": "../../../common/v1/types.json#/definitions/Resource" + } + ] + }, + "AdaptiveNetworkHardeningsList": { + "description": "Response for ListAdaptiveNetworkHardenings API service call", + "properties": { + "value": { + "description": "A list of Adaptive Network Hardenings resources", + "type": "array", + "items": { + "$ref": "#/definitions/AdaptiveNetworkHardening" + } }, - "AdaptiveNetworkHardeningEnforceAction": { - "name": "adaptiveNetworkHardeningEnforceAction", - "type": "string", - "in": "path", - "required": true, - "description": "Enforces the given rules on the NSG(s) listed in the request", - "enum": [ - "enforce" - ], - "x-ms-parameter-location": "method" + "nextLink": { + "description": "The URL to get the next set of results", + "type": "string" + } + } + }, + "AdaptiveNetworkHardeningEnforceRequest": { + "type": "object", + "properties": { + "rules": { + "type": "array", + "description": "The rules to enforce", + "items": { + "$ref": "#/definitions/Rule" + } }, - "AdaptiveNetworkHardeningEnforceRequest": { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/AdaptiveNetworkHardeningEnforceRequest" - }, - "x-ms-parameter-location": "method" + "networkSecurityGroups": { + "type": "array", + "description": "The Azure resource IDs of the effective network security groups that will be updated with the created security rules from the Adaptive Network Hardening rules", + "items": { + "type": "string" + } } + }, + "required": [ + "rules", + "networkSecurityGroups" + ] + } + }, + "parameters": { + "AdaptiveNetworkHardeningResourceName": { + "name": "adaptiveNetworkHardeningResourceName", + "in": "path", + "description": "The name of the Adaptive Network Hardening resource.", + "required": true, + "type": "string", + "x-ms-parameter-location": "method" + }, + "AdaptiveNetworkHardeningEnforceAction": { + "name": "adaptiveNetworkHardeningEnforceAction", + "type": "string", + "in": "path", + "required": true, + "description": "Enforces the given rules on the NSG(s) listed in the request", + "enum": [ + "enforce" + ], + "x-ms-parameter-location": "method" + }, + "AdaptiveNetworkHardeningEnforceRequest": { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/AdaptiveNetworkHardeningEnforceRequest" + }, + "x-ms-parameter-location": "method" } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/alerts.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/alerts.json index 653493529a89..f430c59f3950 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/alerts.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/alerts.json @@ -6,12 +6,20 @@ "version": "2015-06-01-preview" }, "host": "management.azure.com", - "schemes": ["https"], - "consumes": ["application/json"], - "produces": ["application/json"], + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], "security": [ { - "azure_auth": ["user_impersonation"] + "azure_auth": [ + "user_impersonation" + ] } ], "securityDefinitions": { @@ -33,7 +41,9 @@ "$ref": "./examples/Alerts/GetAlertsSubscription_example.json" } }, - "tags": ["Alerts"], + "tags": [ + "Alerts" + ], "description": "List all the alerts that are associated with the subscription", "operationId": "Alerts_List", "parameters": [ @@ -79,7 +89,9 @@ "$ref": "./examples/Alerts/GetAlertsResourceGroup_example.json" } }, - "tags": ["Alerts"], + "tags": [ + "Alerts" + ], "description": "List all the alerts that are associated with the resource group", "operationId": "Alerts_ListByResourceGroup", "parameters": [ @@ -128,7 +140,9 @@ "$ref": "./examples/Alerts/GetAlertsSubscriptionsLocation_example.json" } }, - "tags": ["Alerts"], + "tags": [ + "Alerts" + ], "description": "List all the alerts that are associated with the subscription that are stored in a specific location", "operationId": "Alerts_ListSubscriptionLevelAlertsByRegion", "parameters": [ @@ -177,7 +191,9 @@ "$ref": "./examples/Alerts/GetAlertsResourceGroupLocation_example.json" } }, - "tags": ["Alerts"], + "tags": [ + "Alerts" + ], "description": "List all the alerts that are associated with the resource group that are stored in a specific location", "operationId": "Alerts_ListResourceGroupLevelAlertsByRegion", "parameters": [ @@ -229,7 +245,9 @@ "$ref": "./examples/Alerts/GetAlertSubscriptionLocation_example.json" } }, - "tags": ["Alerts"], + "tags": [ + "Alerts" + ], "description": "Get an alert that is associated with a subscription", "operationId": "Alerts_GetSubscriptionLevelAlert", "parameters": [ @@ -269,7 +287,9 @@ "$ref": "./examples/Alerts/GetAlertResourceGroupLocation_example.json" } }, - "tags": ["Alerts"], + "tags": [ + "Alerts" + ], "description": "Get an alert that is associated a resource group or a resource in a resource group", "operationId": "Alerts_GetResourceGroupLevelAlerts", "parameters": [ @@ -312,7 +332,9 @@ "$ref": "./examples/Alerts/UpdateAlertSubscriptionLocation_example.json" } }, - "tags": ["Alerts"], + "tags": [ + "Alerts" + ], "description": "Update the alert's state", "operationId": "Alerts_UpdateSubscriptionLevelAlertState", "parameters": [ @@ -352,7 +374,9 @@ "$ref": "./examples/Alerts/UpdateAlertResourceGroupLocation_example.json" } }, - "tags": ["Alerts"], + "tags": [ + "Alerts" + ], "description": "Update the alert's state", "operationId": "Alerts_UpdateResourceGroupLevelAlertState", "parameters": [ @@ -476,7 +500,12 @@ "reportedSeverity": { "readOnly": true, "type": "string", - "enum": ["Silent", "Information", "Low", "High"], + "enum": [ + "Silent", + "Information", + "Low", + "High" + ], "x-ms-enum": { "name": "reportedSeverity", "modelAsString": true, @@ -617,7 +646,10 @@ "in": "path", "required": true, "type": "string", - "enum": ["Dismiss", "Reactivate"], + "enum": [ + "Dismiss", + "Reactivate" + ], "description": "Type of the action to do on the alert", "x-ms-parameter-location": "method" } diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/allowedConnections.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/allowedConnections.json index f01b8f50cf6a..5a9e883d3b90 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/allowedConnections.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/allowedConnections.json @@ -6,12 +6,20 @@ "version": "2015-06-01-preview" }, "host": "management.azure.com", - "schemes": ["https"], - "consumes": ["application/json"], - "produces": ["application/json"], + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], "security": [ { - "azure_auth": ["user_impersonation"] + "azure_auth": [ + "user_impersonation" + ] } ], "securityDefinitions": { @@ -33,7 +41,9 @@ "$ref": "./examples/AllowedConnections/GetAllowedConnectionsSubscription_example.json" } }, - "tags": ["AllowedConnections"], + "tags": [ + "AllowedConnections" + ], "description": "Gets the list of all possible traffic between resources for the subscription", "operationId": "AllowedConnections_List", "parameters": [ @@ -70,7 +80,9 @@ "$ref": "./examples/AllowedConnections/GetAllowedConnectionsSubscriptionLocation_example.json" } }, - "tags": ["AllowedConnections"], + "tags": [ + "AllowedConnections" + ], "description": "Gets the list of all possible traffic between resources for the subscription and location.", "operationId": "AllowedConnections_ListByHomeRegion", "parameters": [ @@ -110,7 +122,9 @@ "$ref": "./examples/AllowedConnections/GetAllowedConnections_example.json" } }, - "tags": ["AllowedConnections"], + "tags": [ + "AllowedConnections" + ], "description": "Gets the list of all possible traffic between resources for the subscription and location, based on connection type.", "operationId": "AllowedConnections_Get", "parameters": [ @@ -261,7 +275,10 @@ "in": "path", "description": "The type of allowed connections (Internal, External)", "required": true, - "enum": ["Internal", "External"], + "enum": [ + "Internal", + "External" + ], "x-ms-enum": { "name": "connectionType", "modelAsString": true, diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/discoveredSecuritySolutions.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/discoveredSecuritySolutions.json index e3e35a3b0e8a..71d8cb64e991 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/discoveredSecuritySolutions.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/discoveredSecuritySolutions.json @@ -6,12 +6,20 @@ "version": "2015-06-01-preview" }, "host": "management.azure.com", - "schemes": ["https"], - "consumes": ["application/json"], - "produces": ["application/json"], + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], "security": [ { - "azure_auth": ["user_impersonation"] + "azure_auth": [ + "user_impersonation" + ] } ], "securityDefinitions": { @@ -33,7 +41,9 @@ "$ref": "./examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionsSubscription_example.json" } }, - "tags": ["DiscoveredSecuritySolutions"], + "tags": [ + "DiscoveredSecuritySolutions" + ], "description": "Gets a list of discovered Security Solutions for the subscription.", "operationId": "DiscoveredSecuritySolutions_List", "parameters": [ @@ -70,7 +80,9 @@ "$ref": "./examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionsSubscriptionLocation_example.json" } }, - "tags": ["DiscoveredSecuritySolutions"], + "tags": [ + "DiscoveredSecuritySolutions" + ], "description": "Gets a list of discovered Security Solutions for the subscription and location.", "operationId": "DiscoveredSecuritySolutions_ListByHomeRegion", "parameters": [ @@ -110,7 +122,9 @@ "$ref": "./examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionResourceGroupLocation_example.json" } }, - "tags": ["DiscoveredSecuritySolutions"], + "tags": [ + "DiscoveredSecuritySolutions" + ], "description": "Gets a specific discovered Security Solution.", "operationId": "DiscoveredSecuritySolutions_Get", "parameters": [ @@ -172,7 +186,9 @@ "$ref": "#/definitions/DiscoveredSecuritySolutionProperties" } }, - "required": ["properties"], + "required": [ + "properties" + ], "allOf": [ { "$ref": "../../../common/v1/types.json#/definitions/Resource" @@ -188,7 +204,12 @@ "securityFamily": { "type": "string", "description": "The security family of the discovered solution", - "enum": ["Waf", "Ngfw", "SaasWaf", "Va"], + "enum": [ + "Waf", + "Ngfw", + "SaasWaf", + "Va" + ], "x-ms-enum": { "name": "securityFamily", "modelAsString": true, @@ -221,7 +242,12 @@ "description": "The security solutions' image sku" } }, - "required": ["securityFamily", "offer", "publisher", "sku"] + "required": [ + "securityFamily", + "offer", + "publisher", + "sku" + ] } }, "parameters": { diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/AdaptiveNetworkHardenings/EnforceAdaptiveNetworkHardeningRules_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/AdaptiveNetworkHardenings/EnforceAdaptiveNetworkHardeningRules_example.json index cf17f82d8844..2f1af8243ff2 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/AdaptiveNetworkHardenings/EnforceAdaptiveNetworkHardeningRules_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/AdaptiveNetworkHardenings/EnforceAdaptiveNetworkHardeningRules_example.json @@ -1,50 +1,50 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "resourceGroupName": "rg1", - "resourceNamespace": "Microsoft.Compute", - "resourceType": "virtualMachines", - "resourceName": "vm1", - "adaptiveNetworkHardeningResourceName": "default", - "adaptiveNetworkHardeningEnforceAction": "enforce", - "body": { - "rules": [ - { - "name": "rule1", - "direction": "Inbound", - "destinationPort": 3389, - "protocols": [ - "TCP" - ], - "ipAddresses": [ - "100.10.1.1", - "200.20.2.2", - "81.199.3.0/24" - ] - }, - { - "name": "rule2", - "direction": "Inbound", - "destinationPort": 22, - "protocols": [ - "TCP" - ], - "ipAddresses": [] - } - ], - "networkSecurityGroups": [ - "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nsg1", - "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg2/providers/Microsoft.Network/networkSecurityGroups/nsg2" - ] - } - }, - "responses": { - "200": { - "description": "OK." + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "rg1", + "resourceNamespace": "Microsoft.Compute", + "resourceType": "virtualMachines", + "resourceName": "vm1", + "adaptiveNetworkHardeningResourceName": "default", + "adaptiveNetworkHardeningEnforceAction": "enforce", + "body": { + "rules": [ + { + "name": "rule1", + "direction": "Inbound", + "destinationPort": 3389, + "protocols": [ + "TCP" + ], + "ipAddresses": [ + "100.10.1.1", + "200.20.2.2", + "81.199.3.0/24" + ] }, - "202": { - "description": "HTTP 202 (Accepted) if the operation was successfully started and will complete asynchronously." + { + "name": "rule2", + "direction": "Inbound", + "destinationPort": 22, + "protocols": [ + "TCP" + ], + "ipAddresses": [] } + ], + "networkSecurityGroups": [ + "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nsg1", + "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg2/providers/Microsoft.Network/networkSecurityGroups/nsg2" + ] + } + }, + "responses": { + "200": { + "description": "OK." + }, + "202": { + "description": "HTTP 202 (Accepted) if the operation was successfully started and will complete asynchronously." } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/AdaptiveNetworkHardenings/GetAdaptiveNetworkHardening_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/AdaptiveNetworkHardenings/GetAdaptiveNetworkHardening_example.json index bf948663bb06..1d5bbfff58b3 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/AdaptiveNetworkHardenings/GetAdaptiveNetworkHardening_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/AdaptiveNetworkHardenings/GetAdaptiveNetworkHardening_example.json @@ -1,62 +1,62 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "resourceGroupName": "rg1", - "resourceNamespace": "Microsoft.Compute", - "resourceType": "virtualMachines", - "resourceName": "vm1", - "adaptiveNetworkHardeningResourceName": "default" - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.Security/adaptiveNetworkHardenings/default", - "name": "default", - "type": "Microsoft.Security/adaptiveNetworkHardenings", - "properties": { - "rulesCalculationTime": "2018-08-15T00:00:00.0000000Z", - "rules": [ - { - "name": "rule1", - "direction": "Inbound", - "destinationPort": 3389, - "protocols": [ - "TCP" - ], - "ipAddresses": [ - "100.10.1.1", - "200.20.2.2", - "81.199.3.0/24" - ] - }, - { - "name": "rule2", - "direction": "Inbound", - "destinationPort": 22, - "protocols": [ - "TCP" - ], - "ipAddresses": [] - } - ], - "effectiveNetworkSecurityGroups": [ - { - "networkInterface": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Network/networkInterfaces/nic1", - "networkSecurityGroups": [ - "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nicNsg", - "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/subnetNsg" - ] - }, - { - "networkInterface": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg2/providers/Microsoft.Network/networkInterfaces/nic2", - "networkSecurityGroups": [ - "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg2/providers/Microsoft.Network/networkSecurityGroups/nicNsg" - ] - } - ] - } + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "rg1", + "resourceNamespace": "Microsoft.Compute", + "resourceType": "virtualMachines", + "resourceName": "vm1", + "adaptiveNetworkHardeningResourceName": "default" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.Security/adaptiveNetworkHardenings/default", + "name": "default", + "type": "Microsoft.Security/adaptiveNetworkHardenings", + "properties": { + "rulesCalculationTime": "2018-08-15T00:00:00.0000000Z", + "rules": [ + { + "name": "rule1", + "direction": "Inbound", + "destinationPort": 3389, + "protocols": [ + "TCP" + ], + "ipAddresses": [ + "100.10.1.1", + "200.20.2.2", + "81.199.3.0/24" + ] + }, + { + "name": "rule2", + "direction": "Inbound", + "destinationPort": 22, + "protocols": [ + "TCP" + ], + "ipAddresses": [] } + ], + "effectiveNetworkSecurityGroups": [ + { + "networkInterface": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Network/networkInterfaces/nic1", + "networkSecurityGroups": [ + "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nicNsg", + "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/subnetNsg" + ] + }, + { + "networkInterface": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg2/providers/Microsoft.Network/networkInterfaces/nic2", + "networkSecurityGroups": [ + "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg2/providers/Microsoft.Network/networkSecurityGroups/nicNsg" + ] + } + ] } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/AdaptiveNetworkHardenings/ListByExtendedResourceAdaptiveNetworkHardenings_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/AdaptiveNetworkHardenings/ListByExtendedResourceAdaptiveNetworkHardenings_example.json index aacc98914ae7..99ecba355acf 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/AdaptiveNetworkHardenings/ListByExtendedResourceAdaptiveNetworkHardenings_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/AdaptiveNetworkHardenings/ListByExtendedResourceAdaptiveNetworkHardenings_example.json @@ -1,65 +1,65 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "resourceGroupName": "rg1", - "resourceNamespace": "Microsoft.Compute", - "resourceType": "virtualMachines", - "resourceName": "vm1" - }, - "responses": { - "200": { - "body": { - "value": [ - { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.Security/adaptiveNetworkHardenings/default", - "name": "default", - "type": "Microsoft.Security/adaptiveNetworkHardenings", - "properties": { - "rulesCalculationTime": "2018-08-15T00:00:00.0000000Z", - "rules": [ - { - "name": "rule1", - "direction": "Inbound", - "destinationPort": 3389, - "protocols": [ - "TCP" - ], - "ipAddresses": [ - "100.10.1.1", - "200.20.2.2", - "81.199.3.0/24" - ] - }, - { - "name": "rule2", - "direction": "Inbound", - "destinationPort": 22, - "protocols": [ - "TCP" - ], - "ipAddresses": [] - } - ], - "effectiveNetworkSecurityGroups": [ - { - "networkInterface": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Network/networkInterfaces/nic1", - "networkSecurityGroups": [ - "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nicNsg", - "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/subnetNsg" - ] - }, - { - "networkInterface": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Network/networkInterfaces/nic2", - "networkSecurityGroups": [ - "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nicNsg2" - ] - } - ] - } - } - ] + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "rg1", + "resourceNamespace": "Microsoft.Compute", + "resourceType": "virtualMachines", + "resourceName": "vm1" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Compute/virtualMachines/vm1/providers/Microsoft.Security/adaptiveNetworkHardenings/default", + "name": "default", + "type": "Microsoft.Security/adaptiveNetworkHardenings", + "properties": { + "rulesCalculationTime": "2018-08-15T00:00:00.0000000Z", + "rules": [ + { + "name": "rule1", + "direction": "Inbound", + "destinationPort": 3389, + "protocols": [ + "TCP" + ], + "ipAddresses": [ + "100.10.1.1", + "200.20.2.2", + "81.199.3.0/24" + ] + }, + { + "name": "rule2", + "direction": "Inbound", + "destinationPort": 22, + "protocols": [ + "TCP" + ], + "ipAddresses": [] + } + ], + "effectiveNetworkSecurityGroups": [ + { + "networkInterface": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Network/networkInterfaces/nic1", + "networkSecurityGroups": [ + "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nicNsg", + "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/subnetNsg" + ] + }, + { + "networkInterface": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/rg1/providers/Microsoft.Network/networkInterfaces/nic2", + "networkSecurityGroups": [ + "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/rg1/providers/Microsoft.Network/networkSecurityGroups/nicNsg2" + ] + } + ] } - } + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertResourceGroupLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertResourceGroupLocation_example.json index 25aada04835b..a24bfc5fa8f0 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertResourceGroupLocation_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertResourceGroupLocation_example.json @@ -1,74 +1,82 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "resourceGroupName": "myRg1", - "ascLocation": "westeurope", - "alertName": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA" - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", - "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", - "type": "Microsoft.Security/Locations/alerts", - "properties": { - "vendorName": "Microsoft", - "alertDisplayName": "Threat Intelligence Alert", - "alertName": "ThreatIntelligence", - "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", - "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", - "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", - "actionTaken": "Detected", - "reportedSeverity": "High", - "compromisedEntity": "vm1", - "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", - "extendedProperties": { - "user Name": "administrator", - "domain Name": "Contoso", - "attacker IP": "192.0.2.1", - "resourceType": "Virtual Machine" - }, - "state": "Dismissed", - "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", - "confidenceScore": 0.8, - "confidenceReasons": [{ - "type": "User", - "reason": "Some user reason" - }, { - "type": "Process", - "reason": "Some proccess reason" - }, { - "type": "Computer", - "reason": "Some computer reason" - }], - "canBeInvestigated": true, - "isIncident": false, - "entities": [{ - "address": "192.0.2.1", - "location": { - "countryCode": "gb", - "state": "wokingham", - "city": "sonning", - "longitude": -0.909, - "latitude": 51.468, - "asn": 6584 - }, - "threatIntelligence": [{ - "providerName": "Team Cymru", - "threatType": "C2", - "threatName": "rarog", - "confidence": 0.8, - "reportLink": "http://www.microsoft.com", - "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." - }], - "type": "ip" - }], - "correlationKey": "Rkso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s9Jk=" + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg1", + "ascLocation": "westeurope", + "alertName": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "type": "Microsoft.Security/Locations/alerts", + "properties": { + "vendorName": "Microsoft", + "alertDisplayName": "Threat Intelligence Alert", + "alertName": "ThreatIntelligence", + "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", + "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", + "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", + "actionTaken": "Detected", + "reportedSeverity": "High", + "compromisedEntity": "vm1", + "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", + "extendedProperties": { + "user Name": "administrator", + "domain Name": "Contoso", + "attacker IP": "192.0.2.1", + "resourceType": "Virtual Machine" + }, + "state": "Dismissed", + "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", + "confidenceScore": 0.8, + "confidenceReasons": [ + { + "type": "User", + "reason": "Some user reason" + }, + { + "type": "Process", + "reason": "Some proccess reason" + }, + { + "type": "Computer", + "reason": "Some computer reason" + } + ], + "canBeInvestigated": true, + "isIncident": false, + "entities": [ + { + "address": "192.0.2.1", + "location": { + "countryCode": "gb", + "state": "wokingham", + "city": "sonning", + "longitude": -0.909, + "latitude": 51.468, + "asn": 6584 + }, + "threatIntelligence": [ + { + "providerName": "Team Cymru", + "threatType": "C2", + "threatName": "rarog", + "confidence": 0.8, + "reportLink": "http://www.microsoft.com", + "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." } + ], + "type": "ip" } + ], + "correlationKey": "Rkso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s9Jk=" } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertSubscriptionLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertSubscriptionLocation_example.json index 2af79c663560..5509387b8f52 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertSubscriptionLocation_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertSubscriptionLocation_example.json @@ -1,73 +1,81 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "ascLocation": "westeurope", - "alertName": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA" - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", - "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", - "type": "Microsoft.Security/Locations/alerts", - "properties": { - "vendorName": "Microsoft", - "alertDisplayName": "Threat Intelligence Alert", - "alertName": "ThreatIntelligence", - "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", - "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", - "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", - "actionTaken": "Detected", - "reportedSeverity": "High", - "compromisedEntity": "vm1", - "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", - "extendedProperties": { - "user Name": "administrator", - "domain Name": "Contoso", - "attacker IP": "192.0.2.1", - "resourceType": "Virtual Machine" - }, - "state": "Dismissed", - "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", - "confidenceScore": 0.8, - "confidenceReasons": [{ - "type": "User", - "reason": "Some user reason" - }, { - "type": "Process", - "reason": "Some proccess reason" - }, { - "type": "Computer", - "reason": "Some computer reason" - }], - "canBeInvestigated": true, - "isIncident": false, - "entities": [{ - "address": "192.0.2.1", - "location": { - "countryCode": "gb", - "state": "wokingham", - "city": "sonning", - "longitude": -0.909, - "latitude": 51.468, - "asn": 6584 - }, - "threatIntelligence": [{ - "providerName": "Team Cymru", - "threatType": "C2", - "threatName": "rarog", - "confidence": 0.8, - "reportLink": "http://www.microsoft.com", - "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." - }], - "type": "ip" - }], - "correlationKey": "Rkso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s9Jk=" + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope", + "alertName": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "type": "Microsoft.Security/Locations/alerts", + "properties": { + "vendorName": "Microsoft", + "alertDisplayName": "Threat Intelligence Alert", + "alertName": "ThreatIntelligence", + "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", + "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", + "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", + "actionTaken": "Detected", + "reportedSeverity": "High", + "compromisedEntity": "vm1", + "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", + "extendedProperties": { + "user Name": "administrator", + "domain Name": "Contoso", + "attacker IP": "192.0.2.1", + "resourceType": "Virtual Machine" + }, + "state": "Dismissed", + "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", + "confidenceScore": 0.8, + "confidenceReasons": [ + { + "type": "User", + "reason": "Some user reason" + }, + { + "type": "Process", + "reason": "Some proccess reason" + }, + { + "type": "Computer", + "reason": "Some computer reason" + } + ], + "canBeInvestigated": true, + "isIncident": false, + "entities": [ + { + "address": "192.0.2.1", + "location": { + "countryCode": "gb", + "state": "wokingham", + "city": "sonning", + "longitude": -0.909, + "latitude": 51.468, + "asn": 6584 + }, + "threatIntelligence": [ + { + "providerName": "Team Cymru", + "threatType": "C2", + "threatName": "rarog", + "confidence": 0.8, + "reportLink": "http://www.microsoft.com", + "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." } + ], + "type": "ip" } + ], + "correlationKey": "Rkso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s9Jk=" } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsResourceGroupLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsResourceGroupLocation_example.json index d1522b373b48..3940bb2500ab 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsResourceGroupLocation_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsResourceGroupLocation_example.json @@ -1,75 +1,85 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "resourceGroupName": "myRg1", - "ascLocation": "westeurope" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", - "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", - "type": "Microsoft.Security/Locations/alerts", - "properties": { - "vendorName": "Microsoft", - "alertDisplayName": "Threat Intelligence Alert", - "alertName": "ThreatIntelligence", - "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", - "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", - "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", - "actionTaken": "Detected", - "reportedSeverity": "High", - "compromisedEntity": "vm1", - "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", - "extendedProperties": { - "user Name": "administrator", - "domain Name": "Contoso", - "attacker IP": "192.0.2.1", - "resourceType": "Virtual Machine" - }, - "state": "Dismissed", - "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", - "confidenceScore": 0.8, - "confidenceReasons": [{ - "type": "User", - "reason": "Some user reason" - }, { - "type": "Process", - "reason": "Some proccess reason" - }, { - "type": "Computer", - "reason": "Some computer reason" - }], - "canBeInvestigated": true, - "isIncident": false, - "entities": [{ - "address": "192.0.2.1", - "location": { - "countryCode": "gb", - "state": "wokingham", - "city": "sonning", - "longitude": -0.909, - "latitude": 51.468, - "asn": 6584 - }, - "threatIntelligence": [{ - "providerName": "Team Cymru", - "threatType": "C2", - "threatName": "rarog", - "confidence": 0.8, - "reportLink": "http://www.microsoft.com", - "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." - }], - "type": "ip" - }], - "correlationKey": "Rkso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s9Jk=" + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg1", + "ascLocation": "westeurope" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "type": "Microsoft.Security/Locations/alerts", + "properties": { + "vendorName": "Microsoft", + "alertDisplayName": "Threat Intelligence Alert", + "alertName": "ThreatIntelligence", + "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", + "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", + "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", + "actionTaken": "Detected", + "reportedSeverity": "High", + "compromisedEntity": "vm1", + "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", + "extendedProperties": { + "user Name": "administrator", + "domain Name": "Contoso", + "attacker IP": "192.0.2.1", + "resourceType": "Virtual Machine" + }, + "state": "Dismissed", + "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", + "confidenceScore": 0.8, + "confidenceReasons": [ + { + "type": "User", + "reason": "Some user reason" + }, + { + "type": "Process", + "reason": "Some proccess reason" + }, + { + "type": "Computer", + "reason": "Some computer reason" + } + ], + "canBeInvestigated": true, + "isIncident": false, + "entities": [ + { + "address": "192.0.2.1", + "location": { + "countryCode": "gb", + "state": "wokingham", + "city": "sonning", + "longitude": -0.909, + "latitude": 51.468, + "asn": 6584 + }, + "threatIntelligence": [ + { + "providerName": "Team Cymru", + "threatType": "C2", + "threatName": "rarog", + "confidence": 0.8, + "reportLink": "http://www.microsoft.com", + "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." } - }] + ], + "type": "ip" + } + ], + "correlationKey": "Rkso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s9Jk=" } - } + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsResourceGroup_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsResourceGroup_example.json index d9c3da31cb1a..6f088700fefd 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsResourceGroup_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsResourceGroup_example.json @@ -1,74 +1,84 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "resourceGroupName": "myRg1" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", - "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", - "type": "Microsoft.Security/Locations/alerts", - "properties": { - "vendorName": "Microsoft", - "alertDisplayName": "Threat Intelligence Alert", - "alertName": "ThreatIntelligence", - "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", - "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", - "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", - "actionTaken": "Detected", - "reportedSeverity": "High", - "compromisedEntity": "vm1", - "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", - "extendedProperties": { - "user Name": "administrator", - "domain Name": "Contoso", - "attacker IP": "192.0.2.1", - "resourceType": "Virtual Machine" - }, - "state": "Dismissed", - "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", - "confidenceScore": 0.8, - "confidenceReasons": [{ - "type": "User", - "reason": "Some user reason" - }, { - "type": "Process", - "reason": "Some proccess reason" - }, { - "type": "Computer", - "reason": "Some computer reason" - }], - "canBeInvestigated": true, - "isIncident": false, - "entities": [{ - "address": "192.0.2.1", - "location": { - "countryCode": "gb", - "state": "wokingham", - "city": "sonning", - "longitude": -0.909, - "latitude": 51.468, - "asn": 6584 - }, - "threatIntelligence": [{ - "providerName": "Team Cymru", - "threatType": "C2", - "threatName": "rarog", - "confidence": 0.8, - "reportLink": "http://www.microsoft.com", - "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." - }], - "type": "ip" - }], - "correlationKey": "Rkso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s9Jk=" + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg1" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "type": "Microsoft.Security/Locations/alerts", + "properties": { + "vendorName": "Microsoft", + "alertDisplayName": "Threat Intelligence Alert", + "alertName": "ThreatIntelligence", + "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", + "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", + "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", + "actionTaken": "Detected", + "reportedSeverity": "High", + "compromisedEntity": "vm1", + "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", + "extendedProperties": { + "user Name": "administrator", + "domain Name": "Contoso", + "attacker IP": "192.0.2.1", + "resourceType": "Virtual Machine" + }, + "state": "Dismissed", + "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", + "confidenceScore": 0.8, + "confidenceReasons": [ + { + "type": "User", + "reason": "Some user reason" + }, + { + "type": "Process", + "reason": "Some proccess reason" + }, + { + "type": "Computer", + "reason": "Some computer reason" + } + ], + "canBeInvestigated": true, + "isIncident": false, + "entities": [ + { + "address": "192.0.2.1", + "location": { + "countryCode": "gb", + "state": "wokingham", + "city": "sonning", + "longitude": -0.909, + "latitude": 51.468, + "asn": 6584 + }, + "threatIntelligence": [ + { + "providerName": "Team Cymru", + "threatType": "C2", + "threatName": "rarog", + "confidence": 0.8, + "reportLink": "http://www.microsoft.com", + "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." } - }] + ], + "type": "ip" + } + ], + "correlationKey": "Rkso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s9Jk=" } - } + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsSubscription_example.json index 058ebfbcde25..759af63d1b41 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsSubscription_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsSubscription_example.json @@ -1,153 +1,172 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", - "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", - "type": "Microsoft.Security/Locations/alerts", - "properties": { - "vendorName": "Microsoft", - "alertDisplayName": "Threat Intelligence Alert", - "alertName": "ThreatIntelligence", - "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", - "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", - "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", - "actionTaken": "Detected", - "reportedSeverity": "High", - "compromisedEntity": "vm1", - "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", - "extendedProperties": { - "user Name": "administrator", - "domain Name": "Contoso", - "attacker IP": "192.0.2.1", - "resourceType": "Virtual Machine" - }, - "state": "Dismissed", - "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", - "confidenceScore": 0.8, - "confidenceReasons": [{ - "type": "User", - "reason": "Some user reason" - }, { - "type": "Process", - "reason": "Some proccess reason" - }, { - "type": "Computer", - "reason": "Some computer reason" - }], - "canBeInvestigated": true, - "isIncident": false, - "entities": [{ - "address": "192.0.2.1", - "location": { - "countryCode": "gb", - "state": "wokingham", - "city": "sonning", - "longitude": -0.909, - "latitude": 51.468, - "asn": 6584 - }, - "threatIntelligence": [{ - "providerName": "Team Cymru", - "threatType": "C2", - "threatName": "rarog", - "confidence": 0.8, - "reportLink": "http://www.microsoft.com", - "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." - }], - "type": "ip" - }], - "correlationKey": "Rkso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s9Jk=" - } - }, + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "type": "Microsoft.Security/Locations/alerts", + "properties": { + "vendorName": "Microsoft", + "alertDisplayName": "Threat Intelligence Alert", + "alertName": "ThreatIntelligence", + "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", + "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", + "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", + "actionTaken": "Detected", + "reportedSeverity": "High", + "compromisedEntity": "vm1", + "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", + "extendedProperties": { + "user Name": "administrator", + "domain Name": "Contoso", + "attacker IP": "192.0.2.1", + "resourceType": "Virtual Machine" + }, + "state": "Dismissed", + "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", + "confidenceScore": 0.8, + "confidenceReasons": [ + { + "type": "User", + "reason": "Some user reason" + }, + { + "type": "Process", + "reason": "Some proccess reason" + }, + { + "type": "Computer", + "reason": "Some computer reason" + } + ], + "canBeInvestigated": true, + "isIncident": false, + "entities": [ + { + "address": "192.0.2.1", + "location": { + "countryCode": "gb", + "state": "wokingham", + "city": "sonning", + "longitude": -0.909, + "latitude": 51.468, + "asn": 6584 + }, + "threatIntelligence": [ { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg2/providers/Microsoft.Security/locations/westeurope/alerts/2518765996949954086_2325cf9e-42a2-4f72-ae7f-9b863cba2d22", - "name": "2518765996949954086_2325cf9e-42a2-4f72-ae7f-9b863cba2d22", - "type": "Microsoft.Security/Locations/alerts", - "properties": { - "systemSource": "Azure", - "vendorName": "Microsoft", - "alertDisplayName": "Suspicious Screensaver process executed", - "alertName": "SuspiciousScreenSaver", - "detectedTimeUtc": "2018-05-07T13:51:45.0045913Z", - "description": "The process ‘%{process name}’ was observed executing from an uncommon location.\r\n\r\nFiles with the .scr extensions are screen saver files and are normally reside and execute from the Windows system directory.", - "remediationSteps": "1. Run Process Explorer and try to identify unknown running processes (see https://technet.microsoft.com/en-us/sysinternals/bb896653.aspx)\r\n2. Make sure the machine is completely updated and has an updated anti-malware application installed\r\n3. Run a full anti-malware scan and verify that the threat was removed\r\n4. Install and run Microsoft’s Malicious Software Removal Tool (see https://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx)\r\n5. Run Microsoft’s Autoruns utility and try to identify unknown applications that are configured to run at login (see https://technet.microsoft.com/en-us/sysinternals/bb963902.aspx)\r\n6. Escalate the alert to the information security team", - "actionTaken": "Detected", - "reportedSeverity": "Low", - "compromisedEntity": "vm2", - "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/myRg2/providers/microsoft.compute/virtualmachines/vm2", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "instanceId": "2325cf9e-42a2-4f72-ae7f-9b863cba2d22", - "extendedProperties": { - "domain name": "vm2", - "user name": "vm2\\contosoUser", - "process name": "c:\\users\\contosoUser\\scrsave.scr", - "command line": "c:\\users\\contosoUser\\scrsave.scr", - "parent process": "cmd.exe", - "process id": "0x4aec", - "account logon id": "0x61450d87", - "user SID": "S-1-5-21-2144575486-8928446540-5163864319-500", - "parent process id": "0x3c44", - "enrichment_tas_threat__reports": "{\"Kind\":\"MultiLink\",\"DisplayValueToUrlDictionary\":{\"Report: Suspicious Screen Saver Execution\":\"https://iflowreportsproda.blob.core.windows.net/reports/MSTI-TS-Suspicious-Screen-Saver-Execution.pdf?sv=2016-05-31&sr=b&sig=2igHPl764UM7aBHNaO9mPAnpzoXlwRw8YjpFLLuB2NE%3D&spr=https&st=2018-05-07T00%3A20%3A54Z&se=2018-05-08T00%3A35%3A54Z&sp=r\"}}", - "resourceType": "Virtual Machine" - }, - "state": "Active", - "reportedTimeUtc": "2018-05-07T13:51:48.3810457Z", - "workspaceArmId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-weu/providers/microsoft.operationalinsights/workspaces/defaultworkspace-21ff7fc3-e762-48dd-bd96-b551f6dcdd23-weu", - "confidenceScore": 0.3, - "confidenceReasons": [{ - "type": "Process", - "reason": "Suspicious process execution history for this subscription" - }, { - "type": "Process", - "reason": "Suspicious process execution history for this subscription" - }, { - "type": "Process", - "reason": "cmd.exe appeared in multiple alerts of the same type" - }], - "canBeInvestigated": true, - "entities": [{ - "dnsDomain": "", - "ntDomain": "", - "hostName": "vm2", - "netBiosName": "vm2", - "azureID": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/myRg2/providers/microsoft.compute/virtualmachines/vm2", - "omsAgentID": "45b44640-3b94-4892-a28c-4a5cae27065a", - "operatingSystem": "Unknown", - "type": "host", - "OsVersion": null - }, { - "name": "contosoUser", - "ntDomain": "vm2", - "logonId": "0x61450d87", - "sid": "S-1-5-21-2144575486-8928446540-5163864319-500", - "type": "account" - }, { - "directory": "c:\\windows\\system32", - "name": "cmd.exe", - "type": "file" - }, { - "directory": "c:\\users\\contosoUser", - "name": "scrsave.scr", - "type": "file" - }, { - "processId": "0x4aec", - "commandLine": "c:\\users\\contosoUser\\scrsave.scr", - "creationTimeUtc": "2018-05-07T13:51:45.0045913Z", - "type": "process" - }], - "correlationKey": "CCso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0sWqs=" - } + "providerName": "Team Cymru", + "threatType": "C2", + "threatName": "rarog", + "confidence": 0.8, + "reportLink": "http://www.microsoft.com", + "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." } - ] + ], + "type": "ip" + } + ], + "correlationKey": "Rkso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s9Jk=" } - } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg2/providers/Microsoft.Security/locations/westeurope/alerts/2518765996949954086_2325cf9e-42a2-4f72-ae7f-9b863cba2d22", + "name": "2518765996949954086_2325cf9e-42a2-4f72-ae7f-9b863cba2d22", + "type": "Microsoft.Security/Locations/alerts", + "properties": { + "systemSource": "Azure", + "vendorName": "Microsoft", + "alertDisplayName": "Suspicious Screensaver process executed", + "alertName": "SuspiciousScreenSaver", + "detectedTimeUtc": "2018-05-07T13:51:45.0045913Z", + "description": "The process ‘%{process name}’ was observed executing from an uncommon location.\r\n\r\nFiles with the .scr extensions are screen saver files and are normally reside and execute from the Windows system directory.", + "remediationSteps": "1. Run Process Explorer and try to identify unknown running processes (see https://technet.microsoft.com/en-us/sysinternals/bb896653.aspx)\r\n2. Make sure the machine is completely updated and has an updated anti-malware application installed\r\n3. Run a full anti-malware scan and verify that the threat was removed\r\n4. Install and run Microsoft’s Malicious Software Removal Tool (see https://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx)\r\n5. Run Microsoft’s Autoruns utility and try to identify unknown applications that are configured to run at login (see https://technet.microsoft.com/en-us/sysinternals/bb963902.aspx)\r\n6. Escalate the alert to the information security team", + "actionTaken": "Detected", + "reportedSeverity": "Low", + "compromisedEntity": "vm2", + "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/myRg2/providers/microsoft.compute/virtualmachines/vm2", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "instanceId": "2325cf9e-42a2-4f72-ae7f-9b863cba2d22", + "extendedProperties": { + "domain name": "vm2", + "user name": "vm2\\contosoUser", + "process name": "c:\\users\\contosoUser\\scrsave.scr", + "command line": "c:\\users\\contosoUser\\scrsave.scr", + "parent process": "cmd.exe", + "process id": "0x4aec", + "account logon id": "0x61450d87", + "user SID": "S-1-5-21-2144575486-8928446540-5163864319-500", + "parent process id": "0x3c44", + "enrichment_tas_threat__reports": "{\"Kind\":\"MultiLink\",\"DisplayValueToUrlDictionary\":{\"Report: Suspicious Screen Saver Execution\":\"https://iflowreportsproda.blob.core.windows.net/reports/MSTI-TS-Suspicious-Screen-Saver-Execution.pdf?sv=2016-05-31&sr=b&sig=2igHPl764UM7aBHNaO9mPAnpzoXlwRw8YjpFLLuB2NE%3D&spr=https&st=2018-05-07T00%3A20%3A54Z&se=2018-05-08T00%3A35%3A54Z&sp=r\"}}", + "resourceType": "Virtual Machine" + }, + "state": "Active", + "reportedTimeUtc": "2018-05-07T13:51:48.3810457Z", + "workspaceArmId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-weu/providers/microsoft.operationalinsights/workspaces/defaultworkspace-21ff7fc3-e762-48dd-bd96-b551f6dcdd23-weu", + "confidenceScore": 0.3, + "confidenceReasons": [ + { + "type": "Process", + "reason": "Suspicious process execution history for this subscription" + }, + { + "type": "Process", + "reason": "Suspicious process execution history for this subscription" + }, + { + "type": "Process", + "reason": "cmd.exe appeared in multiple alerts of the same type" + } + ], + "canBeInvestigated": true, + "entities": [ + { + "dnsDomain": "", + "ntDomain": "", + "hostName": "vm2", + "netBiosName": "vm2", + "azureID": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/myRg2/providers/microsoft.compute/virtualmachines/vm2", + "omsAgentID": "45b44640-3b94-4892-a28c-4a5cae27065a", + "operatingSystem": "Unknown", + "type": "host", + "OsVersion": null + }, + { + "name": "contosoUser", + "ntDomain": "vm2", + "logonId": "0x61450d87", + "sid": "S-1-5-21-2144575486-8928446540-5163864319-500", + "type": "account" + }, + { + "directory": "c:\\windows\\system32", + "name": "cmd.exe", + "type": "file" + }, + { + "directory": "c:\\users\\contosoUser", + "name": "scrsave.scr", + "type": "file" + }, + { + "processId": "0x4aec", + "commandLine": "c:\\users\\contosoUser\\scrsave.scr", + "creationTimeUtc": "2018-05-07T13:51:45.0045913Z", + "type": "process" + } + ], + "correlationKey": "CCso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0sWqs=" + } + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsSubscriptionsLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsSubscriptionsLocation_example.json index 7fd284c0026e..74683dc8f103 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsSubscriptionsLocation_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/GetAlertsSubscriptionsLocation_example.json @@ -1,157 +1,177 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "ascLocation": "westeurope" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", - "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", - "type": "Microsoft.Security/Locations/alerts", - "properties": { - "vendorName": "Microsoft", - "alertDisplayName": "Threat Intelligence Alert", - "alertName": "ThreatIntelligence", - "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", - "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", - "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", - "actionTaken": "Detected", - "reportedSeverity": "High", - "compromisedEntity": "vm1", - "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", - "extendedProperties": { - "user Name": "administrator", - "domain Name": "Contoso", - "attacker IP": "192.0.2.1", - "resourceType": "Virtual Machine" - }, - "state": "Dismissed", - "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", - "confidenceScore": 0.8, - "confidenceReasons": [{ - "type": "User", - "reason": "Some user reason" - }, { - "type": "Process", - "reason": "Some proccess reason" - }, { - "type": "Computer", - "reason": "Some computer reason" - }], - "canBeInvestigated": true, - "isIncident": false, - "entities": [{ - "address": "192.0.2.1", - "location": { - "countryCode": "gb", - "state": "wokingham", - "city": "sonning", - "longitude": -0.909, - "latitude": 51.468, - "asn": 6584 - }, - "threatIntelligence": [{ - "providerName": "Team Cymru", - "threatType": "C2", - "threatName": "rarog", - "confidence": 0.8, - "reportLink": "http://www.microsoft.com", - "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." - }], - "type": "ip" - }], - "correlationKey": "Rkso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s9Jk=" - } - }, + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "type": "Microsoft.Security/Locations/alerts", + "properties": { + "vendorName": "Microsoft", + "alertDisplayName": "Threat Intelligence Alert", + "alertName": "ThreatIntelligence", + "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", + "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", + "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", + "actionTaken": "Detected", + "reportedSeverity": "High", + "compromisedEntity": "vm1", + "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", + "extendedProperties": { + "user Name": "administrator", + "domain Name": "Contoso", + "attacker IP": "192.0.2.1", + "resourceType": "Virtual Machine" + }, + "state": "Dismissed", + "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", + "confidenceScore": 0.8, + "confidenceReasons": [ + { + "type": "User", + "reason": "Some user reason" + }, + { + "type": "Process", + "reason": "Some proccess reason" + }, + { + "type": "Computer", + "reason": "Some computer reason" + } + ], + "canBeInvestigated": true, + "isIncident": false, + "entities": [ + { + "address": "192.0.2.1", + "location": { + "countryCode": "gb", + "state": "wokingham", + "city": "sonning", + "longitude": -0.909, + "latitude": 51.468, + "asn": 6584 + }, + "threatIntelligence": [ { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg2/providers/Microsoft.Security/locations/westeurope/alerts/2518765996949954086_2325cf9e-42a2-4f72-ae7f-9b863cba2d22", - "name": "2518765996949954086_2325cf9e-42a2-4f72-ae7f-9b863cba2d22", - "type": "Microsoft.Security/Locations/alerts", - "properties": { - "systemSource": "Azure", - "vendorName": "Microsoft", - "alertDisplayName": "Suspicious Screensaver process executed", - "alertName": "SuspiciousScreenSaver", - "detectedTimeUtc": "2018-05-07T13:51:45.0045913Z", - "description": "The process ‘%{process name}’ was observed executing from an uncommon location.\r\n\r\nFiles with the .scr extensions are screen saver files and are normally reside and execute from the Windows system directory.", - "remediationSteps": "1. Run Process Explorer and try to identify unknown running processes (see https://technet.microsoft.com/en-us/sysinternals/bb896653.aspx)\r\n2. Make sure the machine is completely updated and has an updated anti-malware application installed\r\n3. Run a full anti-malware scan and verify that the threat was removed\r\n4. Install and run Microsoft’s Malicious Software Removal Tool (see https://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx)\r\n5. Run Microsoft’s Autoruns utility and try to identify unknown applications that are configured to run at login (see https://technet.microsoft.com/en-us/sysinternals/bb963902.aspx)\r\n6. Escalate the alert to the information security team", - "actionTaken": "Detected", - "reportedSeverity": "Low", - "compromisedEntity": "vm2", - "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/myRg2/providers/microsoft.compute/virtualmachines/vm2", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "instanceId": "2325cf9e-42a2-4f72-ae7f-9b863cba2d22", - "extendedProperties": { - "domain name": "vm2", - "user name": "vm2\\contosoUser", - "process name": "c:\\users\\contosoUser\\scrsave.scr", - "command line": "c:\\users\\contosoUser\\scrsave.scr", - "parent process": "cmd.exe", - "process id": "0x4aec", - "account logon id": "0x61450d87", - "user SID": "S-1-5-21-2144575486-8928446540-5163864319-500", - "parent process id": "0x3c44", - "enrichment_tas_threat__reports": "{\"Kind\":\"MultiLink\",\"DisplayValueToUrlDictionary\":{\"Report: Suspicious Screen Saver Execution\":\"https://iflowreportsproda.blob.core.windows.net/reports/MSTI-TS-Suspicious-Screen-Saver-Execution.pdf?sv=2016-05-31&sr=b&sig=2igHPl764UM7aBHNaO9mPAnpzoXlwRw8YjpFLLuB2NE%3D&spr=https&st=2018-05-07T00%3A20%3A54Z&se=2018-05-08T00%3A35%3A54Z&sp=r\"}}", - "resourceType": "Virtual Machine" - }, - "state": "Active", - "reportedTimeUtc": "2018-05-07T13:51:48.3810457Z", - "workspaceArmId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-weu/providers/microsoft.operationalinsights/workspaces/defaultworkspace-21ff7fc3-e762-48dd-bd96-b551f6dcdd23-weu", - "confidenceScore": 0.3, - "confidenceReasons": [{ - "type": "Process", - "reason": "Suspicious process execution history for this subscription" - }, { - "type": "Process", - "reason": "Suspicious process execution history for this subscription" - }, { - "type": "Process", - "reason": "cmd.exe appeared in multiple alerts of the same type" - }], - "canBeInvestigated": true, - "entities": [{ - "dnsDomain": "", - "ntDomain": "", - "hostName": "vm2", - "netBiosName": "vm2", - "azureID": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/myRg2/providers/microsoft.compute/virtualmachines/vm2", - "omsAgentID": "45b44640-3b94-4892-a28c-4a5cae27065a", - "operatingSystem": "Unknown", - "type": "host", - "OsVersion": null - }, { - "name": "contosoUser", - "ntDomain": "vm2", - "logonId": "0x61450d87", - "sid": "S-1-5-21-2144575486-8928446540-5163864319-500", - "type": "account" - }, { - "directory": "c:\\windows\\system32", - "name": "cmd.exe", - "type": "file" - }, { - "processId": "0x3c44", - "type": "process" - }, { - "directory": "c:\\users\\contosoUser", - "name": "scrsave.scr", - "type": "file" - }, { - "processId": "0x4aec", - "commandLine": "c:\\users\\contosoUser\\scrsave.scr", - "creationTimeUtc": "2018-05-07T13:51:45.0045913Z", - "type": "process" - }], - "correlationKey": "6Lso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s9MY1" - } + "providerName": "Team Cymru", + "threatType": "C2", + "threatName": "rarog", + "confidence": 0.8, + "reportLink": "http://www.microsoft.com", + "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." } - ] + ], + "type": "ip" + } + ], + "correlationKey": "Rkso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s9Jk=" } - } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg2/providers/Microsoft.Security/locations/westeurope/alerts/2518765996949954086_2325cf9e-42a2-4f72-ae7f-9b863cba2d22", + "name": "2518765996949954086_2325cf9e-42a2-4f72-ae7f-9b863cba2d22", + "type": "Microsoft.Security/Locations/alerts", + "properties": { + "systemSource": "Azure", + "vendorName": "Microsoft", + "alertDisplayName": "Suspicious Screensaver process executed", + "alertName": "SuspiciousScreenSaver", + "detectedTimeUtc": "2018-05-07T13:51:45.0045913Z", + "description": "The process ‘%{process name}’ was observed executing from an uncommon location.\r\n\r\nFiles with the .scr extensions are screen saver files and are normally reside and execute from the Windows system directory.", + "remediationSteps": "1. Run Process Explorer and try to identify unknown running processes (see https://technet.microsoft.com/en-us/sysinternals/bb896653.aspx)\r\n2. Make sure the machine is completely updated and has an updated anti-malware application installed\r\n3. Run a full anti-malware scan and verify that the threat was removed\r\n4. Install and run Microsoft’s Malicious Software Removal Tool (see https://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx)\r\n5. Run Microsoft’s Autoruns utility and try to identify unknown applications that are configured to run at login (see https://technet.microsoft.com/en-us/sysinternals/bb963902.aspx)\r\n6. Escalate the alert to the information security team", + "actionTaken": "Detected", + "reportedSeverity": "Low", + "compromisedEntity": "vm2", + "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/myRg2/providers/microsoft.compute/virtualmachines/vm2", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "instanceId": "2325cf9e-42a2-4f72-ae7f-9b863cba2d22", + "extendedProperties": { + "domain name": "vm2", + "user name": "vm2\\contosoUser", + "process name": "c:\\users\\contosoUser\\scrsave.scr", + "command line": "c:\\users\\contosoUser\\scrsave.scr", + "parent process": "cmd.exe", + "process id": "0x4aec", + "account logon id": "0x61450d87", + "user SID": "S-1-5-21-2144575486-8928446540-5163864319-500", + "parent process id": "0x3c44", + "enrichment_tas_threat__reports": "{\"Kind\":\"MultiLink\",\"DisplayValueToUrlDictionary\":{\"Report: Suspicious Screen Saver Execution\":\"https://iflowreportsproda.blob.core.windows.net/reports/MSTI-TS-Suspicious-Screen-Saver-Execution.pdf?sv=2016-05-31&sr=b&sig=2igHPl764UM7aBHNaO9mPAnpzoXlwRw8YjpFLLuB2NE%3D&spr=https&st=2018-05-07T00%3A20%3A54Z&se=2018-05-08T00%3A35%3A54Z&sp=r\"}}", + "resourceType": "Virtual Machine" + }, + "state": "Active", + "reportedTimeUtc": "2018-05-07T13:51:48.3810457Z", + "workspaceArmId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-weu/providers/microsoft.operationalinsights/workspaces/defaultworkspace-21ff7fc3-e762-48dd-bd96-b551f6dcdd23-weu", + "confidenceScore": 0.3, + "confidenceReasons": [ + { + "type": "Process", + "reason": "Suspicious process execution history for this subscription" + }, + { + "type": "Process", + "reason": "Suspicious process execution history for this subscription" + }, + { + "type": "Process", + "reason": "cmd.exe appeared in multiple alerts of the same type" + } + ], + "canBeInvestigated": true, + "entities": [ + { + "dnsDomain": "", + "ntDomain": "", + "hostName": "vm2", + "netBiosName": "vm2", + "azureID": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/myRg2/providers/microsoft.compute/virtualmachines/vm2", + "omsAgentID": "45b44640-3b94-4892-a28c-4a5cae27065a", + "operatingSystem": "Unknown", + "type": "host", + "OsVersion": null + }, + { + "name": "contosoUser", + "ntDomain": "vm2", + "logonId": "0x61450d87", + "sid": "S-1-5-21-2144575486-8928446540-5163864319-500", + "type": "account" + }, + { + "directory": "c:\\windows\\system32", + "name": "cmd.exe", + "type": "file" + }, + { + "processId": "0x3c44", + "type": "process" + }, + { + "directory": "c:\\users\\contosoUser", + "name": "scrsave.scr", + "type": "file" + }, + { + "processId": "0x4aec", + "commandLine": "c:\\users\\contosoUser\\scrsave.scr", + "creationTimeUtc": "2018-05-07T13:51:45.0045913Z", + "type": "process" + } + ], + "correlationKey": "6Lso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s9MY1" + } + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/UpdateAlertResourceGroupLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/UpdateAlertResourceGroupLocation_example.json index 4ff94975fb5f..ffb0bbcc4c05 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/UpdateAlertResourceGroupLocation_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/UpdateAlertResourceGroupLocation_example.json @@ -1,14 +1,13 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "resourceGroupName": "myRg2", - "ascLocation": "westeurope", - "alertName": "2518765996949954086_2325cf9e-42a2-4f72-ae7f-9b863cba2d22", - "alertUpdateActionType": "Dismiss" - }, - "responses": { - "204": { - } - } -} \ No newline at end of file + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg2", + "ascLocation": "westeurope", + "alertName": "2518765996949954086_2325cf9e-42a2-4f72-ae7f-9b863cba2d22", + "alertUpdateActionType": "Dismiss" + }, + "responses": { + "204": {} + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/UpdateAlertSubscriptionLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/UpdateAlertSubscriptionLocation_example.json index cf23c522a362..ea165725941d 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/UpdateAlertSubscriptionLocation_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Alerts/UpdateAlertSubscriptionLocation_example.json @@ -1,13 +1,12 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "ascLocation": "westeurope", - "alertName": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", - "alertUpdateActionType": "Dismiss" - }, - "responses": { - "204": { - } - } -} \ No newline at end of file + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope", + "alertName": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "alertUpdateActionType": "Dismiss" + }, + "responses": { + "204": {} + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/AllowedConnections/GetAllowedConnectionsSubscriptionLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/AllowedConnections/GetAllowedConnectionsSubscriptionLocation_example.json index 5b78c56df89d..2d1e903ce6e1 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/AllowedConnections/GetAllowedConnectionsSubscriptionLocation_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/AllowedConnections/GetAllowedConnectionsSubscriptionLocation_example.json @@ -1,65 +1,65 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "3eeab341-f466-499c-a8be-85427e154bad", - "ascLocation": "centralus" - }, - "responses": { - "200": { - "body": { - "value": [ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "3eeab341-f466-499c-a8be-85427e154bad", + "ascLocation": "centralus" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "type": "Microsoft.Security/locations/allowedConnections", + "properties": { + "calculatedDateTime": "2018-08-06T14:55:32.3518545Z", + "connectableResources": [ + { + "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine1", + "inboundConnectedResources": [ { - "type": "Microsoft.Security/locations/allowedConnections", - "properties": { - "calculatedDateTime": "2018-08-06T14:55:32.3518545Z", - "connectableResources": [ - { - "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine1", - "inboundConnectedResources": [ - { - "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine2", - "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]", - "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]" - } - ], - "outboundConnectedResources": [ - { - "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine2", - "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]", - "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]" - } - ] - }, - { - "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine2", - "inboundConnectedResources": [ - { - "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine1", - "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]", - "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]" - } - ], - "outboundConnectedResources": [ - { - "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine1", - "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]", - "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]" - } - ] - }, - { - "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine3", - "inboundConnectedResources": [], - "outboundConnectedResources": [] - } - ] - }, - "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Security/locations/centralus/allowedConnections/Internal", - "name": "Internal", - "location": "centralus" + "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine2", + "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]", + "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]" } - ] - } - } + ], + "outboundConnectedResources": [ + { + "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine2", + "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]", + "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]" + } + ] + }, + { + "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine2", + "inboundConnectedResources": [ + { + "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine1", + "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]", + "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]" + } + ], + "outboundConnectedResources": [ + { + "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine1", + "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]", + "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]" + } + ] + }, + { + "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine3", + "inboundConnectedResources": [], + "outboundConnectedResources": [] + } + ] + }, + "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Security/locations/centralus/allowedConnections/Internal", + "name": "Internal", + "location": "centralus" + } + ] + } } + } } diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/AllowedConnections/GetAllowedConnectionsSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/AllowedConnections/GetAllowedConnectionsSubscription_example.json index 8e9e34cf7eb6..5716317205fd 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/AllowedConnections/GetAllowedConnectionsSubscription_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/AllowedConnections/GetAllowedConnectionsSubscription_example.json @@ -1,64 +1,64 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "3eeab341-f466-499c-a8be-85427e154bad" - }, - "responses": { - "200": { - "body": { - "value": [ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "3eeab341-f466-499c-a8be-85427e154bad" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "type": "Microsoft.Security/locations/allowedConnections", + "properties": { + "calculatedDateTime": "2018-08-06T14:55:32.3518545Z", + "connectableResources": [ + { + "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine1", + "inboundConnectedResources": [ { - "type": "Microsoft.Security/locations/allowedConnections", - "properties": { - "calculatedDateTime": "2018-08-06T14:55:32.3518545Z", - "connectableResources": [ - { - "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine1", - "inboundConnectedResources": [ - { - "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine2", - "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]", - "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]" - } - ], - "outboundConnectedResources": [ - { - "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine2", - "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]", - "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]" - } - ] - }, - { - "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine2", - "inboundConnectedResources": [ - { - "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine1", - "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]", - "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]" - } - ], - "outboundConnectedResources": [ - { - "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine1", - "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]", - "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]" - } - ] - }, - { - "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine3", - "inboundConnectedResources": [], - "outboundConnectedResources": [] - } - ] - }, - "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Security/locations/centralus/allowedConnections/Internal", - "name": "Internal", - "location": "centralus" + "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine2", + "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]", + "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]" } - ] - } - } + ], + "outboundConnectedResources": [ + { + "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine2", + "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]", + "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]" + } + ] + }, + { + "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine2", + "inboundConnectedResources": [ + { + "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine1", + "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]", + "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]" + } + ], + "outboundConnectedResources": [ + { + "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine1", + "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]", + "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]" + } + ] + }, + { + "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine3", + "inboundConnectedResources": [], + "outboundConnectedResources": [] + } + ] + }, + "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Security/locations/centralus/allowedConnections/Internal", + "name": "Internal", + "location": "centralus" + } + ] + } } + } } diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/AllowedConnections/GetAllowedConnections_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/AllowedConnections/GetAllowedConnections_example.json index f18c018d44ee..a89d84858a1d 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/AllowedConnections/GetAllowedConnections_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/AllowedConnections/GetAllowedConnections_example.json @@ -1,63 +1,63 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "3eeab341-f466-499c-a8be-85427e154bad", - "resourceGroupName": "myResourceGroup", - "ascLocation": "centralus", - "connectionType": "Internal" - }, - "responses": { - "200": { - "body": { - "type": "Microsoft.Security/locations/allowedConnections", - "properties": { - "calculatedDateTime": "2018-08-06T14:55:32.3518545Z", - "connectableResources": [ - { - "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine1", - "inboundConnectedResources": [ - { - "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine2", - "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]", - "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]" - } - ], - "outboundConnectedResources": [ - { - "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine2", - "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]", - "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]" - } - ] - }, - { - "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine2", - "inboundConnectedResources": [ - { - "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine1", - "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]", - "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]" - } - ], - "outboundConnectedResources": [ - { - "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine1", - "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]", - "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]" - } - ] - }, - { - "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine3", - "inboundConnectedResources": [], - "outboundConnectedResources": [] - } - ] - }, - "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Security/locations/centralus/allowedConnections/Internal", - "name": "Internal", - "location": "centralus" + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "3eeab341-f466-499c-a8be-85427e154bad", + "resourceGroupName": "myResourceGroup", + "ascLocation": "centralus", + "connectionType": "Internal" + }, + "responses": { + "200": { + "body": { + "type": "Microsoft.Security/locations/allowedConnections", + "properties": { + "calculatedDateTime": "2018-08-06T14:55:32.3518545Z", + "connectableResources": [ + { + "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine1", + "inboundConnectedResources": [ + { + "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine2", + "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]", + "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]" + } + ], + "outboundConnectedResources": [ + { + "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine2", + "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]", + "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]" + } + ] + }, + { + "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine2", + "inboundConnectedResources": [ + { + "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine1", + "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]", + "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]" + } + ], + "outboundConnectedResources": [ + { + "connectedResourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine1", + "tcpPorts": "[0-21,23-3388,3390-5984,5987-65535]", + "udpPorts": "[0-21,23-3388,3390-5984,5987-65535]" + } + ] + }, + { + "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/virtaulMachine3", + "inboundConnectedResources": [], + "outboundConnectedResources": [] } - } + ] + }, + "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myResourceGroup/providers/Microsoft.Security/locations/centralus/allowedConnections/Internal", + "name": "Internal", + "location": "centralus" + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionResourceGroupLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionResourceGroupLocation_example.json index 2c01f622b339..a2d45fc99135 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionResourceGroupLocation_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionResourceGroupLocation_example.json @@ -1,26 +1,25 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "resourceGroupName": "myRg2", - "ascLocation": "centralus", - "discoveredSecuritySolutionName": "paloalto7" - }, - "responses": { - "200": { - "body": { - "properties": { - "securityFamily": "Ngfw", - "offer": "vmseries1", - "publisher": "paloaltonetworks", - "sku": "byol" - }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg2/providers/Microsoft.Security/locations/centralus/discoveredSecuritySolutions/paloalto7", - "name": "paloalto7", - "type": "Microsoft.Security/locations/discoveredSecuritySolutions", - "location": "eastus2" - } - - } + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg2", + "ascLocation": "centralus", + "discoveredSecuritySolutionName": "paloalto7" + }, + "responses": { + "200": { + "body": { + "properties": { + "securityFamily": "Ngfw", + "offer": "vmseries1", + "publisher": "paloaltonetworks", + "sku": "byol" + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg2/providers/Microsoft.Security/locations/centralus/discoveredSecuritySolutions/paloalto7", + "name": "paloalto7", + "type": "Microsoft.Security/locations/discoveredSecuritySolutions", + "location": "eastus2" + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionsSubscriptionLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionsSubscriptionLocation_example.json index 04b9cb27b648..7d693c2f5465 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionsSubscriptionLocation_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionsSubscriptionLocation_example.json @@ -1,40 +1,39 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "ascLocation": "centralus" - }, - "responses": { - "200": { - "body": { - "value": [ - { - "properties": { - "securityFamily": "Ngfw", - "offer": "cisco-asav", - "publisher": "cisco", - "sku": "asav-azure-byol" - }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/centralus/discoveredSecuritySolutions/CP", - "name": "CP", - "type": "Microsoft.Security/locations/discoveredSecuritySolutions", - "location": "eastus" - }, - { - "properties": { - "securityFamily": "Ngfw", - "offer": "vmseries1", - "publisher": "paloaltonetworks", - "sku": "byol" - }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg2/providers/Microsoft.Security/locations/centralus/discoveredSecuritySolutions/paloalto7", - "name": "paloalto7", - "type": "Microsoft.Security/locations/discoveredSecuritySolutions", - "location": "eastus2" - } - ] - } - - } + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "centralus" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "securityFamily": "Ngfw", + "offer": "cisco-asav", + "publisher": "cisco", + "sku": "asav-azure-byol" + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/centralus/discoveredSecuritySolutions/CP", + "name": "CP", + "type": "Microsoft.Security/locations/discoveredSecuritySolutions", + "location": "eastus" + }, + { + "properties": { + "securityFamily": "Ngfw", + "offer": "vmseries1", + "publisher": "paloaltonetworks", + "sku": "byol" + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg2/providers/Microsoft.Security/locations/centralus/discoveredSecuritySolutions/paloalto7", + "name": "paloalto7", + "type": "Microsoft.Security/locations/discoveredSecuritySolutions", + "location": "eastus2" + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionsSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionsSubscription_example.json index fa3a836faf41..d93a8bae8f3c 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionsSubscription_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionsSubscription_example.json @@ -1,39 +1,38 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" - }, - "responses": { - "200": { - "body": { - "value": [ - { - "properties": { - "securityFamily": "Ngfw", - "offer": "cisco-asav", - "publisher": "cisco", - "sku": "asav-azure-byol" - }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/centralus/discoveredSecuritySolutions/CP", - "name": "CP", - "type": "Microsoft.Security/locations/discoveredSecuritySolutions", - "location": "eastus" - }, - { - "properties": { - "securityFamily": "Ngfw", - "offer": "vmseries1", - "publisher": "paloaltonetworks", - "sku": "byol" - }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg2/providers/Microsoft.Security/locations/centralus/discoveredSecuritySolutions/paloalto7", - "name": "paloalto7", - "type": "Microsoft.Security/locations/discoveredSecuritySolutions", - "location": "eastus2" - } - ] - } - - } + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "securityFamily": "Ngfw", + "offer": "cisco-asav", + "publisher": "cisco", + "sku": "asav-azure-byol" + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/centralus/discoveredSecuritySolutions/CP", + "name": "CP", + "type": "Microsoft.Security/locations/discoveredSecuritySolutions", + "location": "eastus" + }, + { + "properties": { + "securityFamily": "Ngfw", + "offer": "vmseries1", + "publisher": "paloaltonetworks", + "sku": "byol" + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg2/providers/Microsoft.Security/locations/centralus/discoveredSecuritySolutions/paloalto7", + "name": "paloalto7", + "type": "Microsoft.Security/locations/discoveredSecuritySolutions", + "location": "eastus2" + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ExternalSecuritySolutions/GetExternalSecuritySolution_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ExternalSecuritySolutions/GetExternalSecuritySolution_example.json index b1dde001c258..a39e6e760024 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ExternalSecuritySolutions/GetExternalSecuritySolution_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ExternalSecuritySolutions/GetExternalSecuritySolution_example.json @@ -1,28 +1,28 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "resourceGroupName": "defaultresourcegroup-eus", - "ascLocation": "centralus", - "externalSecuritySolutionsName": "aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus" - }, - "responses": { - "200": { - "body": { - "kind": "AAD", - "properties": { - "connectivityState": "Discovered", - "deviceVendor": "Microsoft", - "deviceType": "Azure Active Directory Identity Protection", - "workspace": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-eus/providers/Microsoft.OperationalInsights/workspaces/defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus" - } - }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/defaultresourcegroup-eus/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus", - "name": "aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus", - "type": "Microsoft.Security/locations/externalSecuritySolutions", - "location": "eastus" - } - } + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "defaultresourcegroup-eus", + "ascLocation": "centralus", + "externalSecuritySolutionsName": "aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus" + }, + "responses": { + "200": { + "body": { + "kind": "AAD", + "properties": { + "connectivityState": "Discovered", + "deviceVendor": "Microsoft", + "deviceType": "Azure Active Directory Identity Protection", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-eus/providers/Microsoft.OperationalInsights/workspaces/defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/defaultresourcegroup-eus/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus", + "name": "aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "eastus" + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ExternalSecuritySolutions/GetExternalSecuritySolutionsSubscriptionLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ExternalSecuritySolutions/GetExternalSecuritySolutionsSubscriptionLocation_example.json index a7405b5392c1..8638a9b0e7ae 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ExternalSecuritySolutions/GetExternalSecuritySolutionsSubscriptionLocation_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ExternalSecuritySolutions/GetExternalSecuritySolutionsSubscriptionLocation_example.json @@ -1,123 +1,123 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "ascLocation": "centralus" - }, - "responses": { - "200": { - "body": { - "value": [ - { - "kind": "AAD", - "properties": { - "connectivityState": "Discovered", - "deviceVendor": "Microsoft", - "deviceType": "Azure Active Directory Identity Protection", - "workspace": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-eus/providers/Microsoft.OperationalInsights/workspaces/defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus" - } - }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/defaultresourcegroup-eus/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus", - "name": "aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus", - "type": "Microsoft.Security/locations/externalSecuritySolutions", - "location": "eastus" - }, - { - "kind": "AAD", - "properties": { - "connectivityState": "Discovered", - "deviceVendor": "Microsoft", - "deviceType": "Azure Active Directory Identity Protection", - "workspace": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-weu/providers/Microsoft.OperationalInsights/workspaces/defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-weu" - } - }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/defaultresourcegroup-weu/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-weu", - "name": "aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-weu", - "type": "Microsoft.Security/locations/externalSecuritySolutions", - "location": "westeurope" - }, - { - "kind": "CEF", - "properties": { - "lastEventReceived": "2018-05-09T10:30:11.523Z", - "hostname": "barracuda", - "deviceVendor": "barracudanetworks", - "deviceType": "WAF", - "workspace": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/unificationprod/providers/Microsoft.OperationalInsights/workspaces/omsprd" - } - }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/unificationprod/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/cef_omsprd_barracudanetworks_waf_barracuda", - "name": "cef_omsprd_barracudanetworks_waf_barracuda", - "type": "Microsoft.Security/locations/externalSecuritySolutions", - "location": "westcentralus" - }, - { - "kind": "CEF", - "properties": { - "lastEventReceived": "2018-05-08T15:42:22.57Z", - "hostname": "demovm20", - "deviceVendor": "virtualHoneypot", - "deviceType": "Microsoft", - "workspace": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/unificationprod/providers/Microsoft.OperationalInsights/workspaces/omsprd" - } - }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/unificationprod/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/cef_omsprd_virtualhoneypot_Microsoft_demovm20", - "name": "cef_omsprd_virtualhoneypot_Microsoft_demovm20", - "type": "Microsoft.Security/locations/externalSecuritySolutions", - "location": "westcentralus" - }, - { - "kind": "CEF", - "properties": { - "lastEventReceived": "2018-05-08T10:38:53.423Z", - "hostname": "demovm10", - "deviceVendor": "virtualHoneypot", - "deviceType": "Microsoft", - "workspace": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/unificationprod/providers/Microsoft.OperationalInsights/workspaces/omsprd" - } - }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/unificationprod/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/cef_omsprd_virtualhoneypot_Microsoft_demovm10", - "name": "cef_omsprd_virtualhoneypot_Microsoft_demovm10", - "type": "Microsoft.Security/locations/externalSecuritySolutions", - "location": "westcentralus" - }, - { - "kind": "AAD", - "properties": { - "connectivityState": "Discovered", - "deviceVendor": "Microsoft", - "deviceType": "Azure Active Directory Identity Protection", - "workspace": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/unificationprod/providers/Microsoft.OperationalInsights/workspaces/omsprd" - } - }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/unificationprod/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_omsprd", - "name": "aad_omsprd", - "type": "Microsoft.Security/locations/externalSecuritySolutions", - "location": "westcentralus" - }, - { - "kind": "AAD", - "properties": { - "connectivityState": "Discovered", - "deviceVendor": "Microsoft", - "deviceType": "Azure Active Directory Identity Protection", - "workspace": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-ejp/providers/Microsoft.OperationalInsights/workspaces/defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-ejp" - } - }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/defaultresourcegroup-ejp/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-ejp", - "name": "aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-ejp", - "type": "Microsoft.Security/locations/externalSecuritySolutions", - "location": "japaneast" - } - ] - } - } + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "centralus" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "kind": "AAD", + "properties": { + "connectivityState": "Discovered", + "deviceVendor": "Microsoft", + "deviceType": "Azure Active Directory Identity Protection", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-eus/providers/Microsoft.OperationalInsights/workspaces/defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/defaultresourcegroup-eus/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus", + "name": "aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "eastus" + }, + { + "kind": "AAD", + "properties": { + "connectivityState": "Discovered", + "deviceVendor": "Microsoft", + "deviceType": "Azure Active Directory Identity Protection", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-weu/providers/Microsoft.OperationalInsights/workspaces/defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-weu" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/defaultresourcegroup-weu/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-weu", + "name": "aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-weu", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "westeurope" + }, + { + "kind": "CEF", + "properties": { + "lastEventReceived": "2018-05-09T10:30:11.523Z", + "hostname": "barracuda", + "deviceVendor": "barracudanetworks", + "deviceType": "WAF", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/unificationprod/providers/Microsoft.OperationalInsights/workspaces/omsprd" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/unificationprod/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/cef_omsprd_barracudanetworks_waf_barracuda", + "name": "cef_omsprd_barracudanetworks_waf_barracuda", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "westcentralus" + }, + { + "kind": "CEF", + "properties": { + "lastEventReceived": "2018-05-08T15:42:22.57Z", + "hostname": "demovm20", + "deviceVendor": "virtualHoneypot", + "deviceType": "Microsoft", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/unificationprod/providers/Microsoft.OperationalInsights/workspaces/omsprd" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/unificationprod/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/cef_omsprd_virtualhoneypot_Microsoft_demovm20", + "name": "cef_omsprd_virtualhoneypot_Microsoft_demovm20", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "westcentralus" + }, + { + "kind": "CEF", + "properties": { + "lastEventReceived": "2018-05-08T10:38:53.423Z", + "hostname": "demovm10", + "deviceVendor": "virtualHoneypot", + "deviceType": "Microsoft", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/unificationprod/providers/Microsoft.OperationalInsights/workspaces/omsprd" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/unificationprod/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/cef_omsprd_virtualhoneypot_Microsoft_demovm10", + "name": "cef_omsprd_virtualhoneypot_Microsoft_demovm10", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "westcentralus" + }, + { + "kind": "AAD", + "properties": { + "connectivityState": "Discovered", + "deviceVendor": "Microsoft", + "deviceType": "Azure Active Directory Identity Protection", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/unificationprod/providers/Microsoft.OperationalInsights/workspaces/omsprd" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/unificationprod/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_omsprd", + "name": "aad_omsprd", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "westcentralus" + }, + { + "kind": "AAD", + "properties": { + "connectivityState": "Discovered", + "deviceVendor": "Microsoft", + "deviceType": "Azure Active Directory Identity Protection", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-ejp/providers/Microsoft.OperationalInsights/workspaces/defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-ejp" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/defaultresourcegroup-ejp/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-ejp", + "name": "aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-ejp", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "japaneast" + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ExternalSecuritySolutions/GetExternalSecuritySolutionsSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ExternalSecuritySolutions/GetExternalSecuritySolutionsSubscription_example.json index fa59f95dd6a9..5f03fb3070e4 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ExternalSecuritySolutions/GetExternalSecuritySolutionsSubscription_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ExternalSecuritySolutions/GetExternalSecuritySolutionsSubscription_example.json @@ -1,122 +1,122 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" - }, - "responses": { - "200": { - "body": { - "value": [ - { - "kind": "AAD", - "properties": { - "connectivityState": "Discovered", - "deviceVendor": "Microsoft", - "deviceType": "Azure Active Directory Identity Protection", - "workspace": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-eus/providers/Microsoft.OperationalInsights/workspaces/defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus" - } - }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/defaultresourcegroup-eus/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus", - "name": "aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus", - "type": "Microsoft.Security/locations/externalSecuritySolutions", - "location": "eastus" - }, - { - "kind": "AAD", - "properties": { - "connectivityState": "Discovered", - "deviceVendor": "Microsoft", - "deviceType": "Azure Active Directory Identity Protection", - "workspace": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-weu/providers/Microsoft.OperationalInsights/workspaces/defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-weu" - } - }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/defaultresourcegroup-weu/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-weu", - "name": "aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-weu", - "type": "Microsoft.Security/locations/externalSecuritySolutions", - "location": "westeurope" - }, - { - "kind": "CEF", - "properties": { - "lastEventReceived": "2018-05-09T10:30:11.523Z", - "hostname": "barracuda", - "deviceVendor": "barracudanetworks", - "deviceType": "WAF", - "workspace": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/unificationprod/providers/Microsoft.OperationalInsights/workspaces/omsprd" - } - }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/unificationprod/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/cef_omsprd_barracudanetworks_waf_barracuda", - "name": "cef_omsprd_barracudanetworks_waf_barracuda", - "type": "Microsoft.Security/locations/externalSecuritySolutions", - "location": "westcentralus" - }, - { - "kind": "CEF", - "properties": { - "lastEventReceived": "2018-05-08T15:42:22.57Z", - "hostname": "demovm20", - "deviceVendor": "virtualHoneypot", - "deviceType": "Microsoft", - "workspace": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/unificationprod/providers/Microsoft.OperationalInsights/workspaces/omsprd" - } - }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/unificationprod/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/cef_omsprd_virtualhoneypot_Microsoft_demovm20", - "name": "cef_omsprd_virtualhoneypot_Microsoft_demovm20", - "type": "Microsoft.Security/locations/externalSecuritySolutions", - "location": "westcentralus" - }, - { - "kind": "CEF", - "properties": { - "lastEventReceived": "2018-05-08T10:38:53.423Z", - "hostname": "demovm10", - "deviceVendor": "virtualHoneypot", - "deviceType": "Microsoft", - "workspace": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/unificationprod/providers/Microsoft.OperationalInsights/workspaces/omsprd" - } - }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/unificationprod/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/cef_omsprd_virtualhoneypot_Microsoft_demovm10", - "name": "cef_omsprd_virtualhoneypot_Microsoft_demovm10", - "type": "Microsoft.Security/locations/externalSecuritySolutions", - "location": "westcentralus" - }, - { - "kind": "AAD", - "properties": { - "connectivityState": "Discovered", - "deviceVendor": "Microsoft", - "deviceType": "Azure Active Directory Identity Protection", - "workspace": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/unificationprod/providers/Microsoft.OperationalInsights/workspaces/omsprd" - } - }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/unificationprod/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_omsprd", - "name": "aad_omsprd", - "type": "Microsoft.Security/locations/externalSecuritySolutions", - "location": "westcentralus" - }, - { - "kind": "AAD", - "properties": { - "connectivityState": "Discovered", - "deviceVendor": "Microsoft", - "deviceType": "Azure Active Directory Identity Protection", - "workspace": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-ejp/providers/Microsoft.OperationalInsights/workspaces/defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-ejp" - } - }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/defaultresourcegroup-ejp/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-ejp", - "name": "aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-ejp", - "type": "Microsoft.Security/locations/externalSecuritySolutions", - "location": "japaneast" - } - ] - } - } + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "kind": "AAD", + "properties": { + "connectivityState": "Discovered", + "deviceVendor": "Microsoft", + "deviceType": "Azure Active Directory Identity Protection", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-eus/providers/Microsoft.OperationalInsights/workspaces/defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/defaultresourcegroup-eus/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus", + "name": "aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-eus", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "eastus" + }, + { + "kind": "AAD", + "properties": { + "connectivityState": "Discovered", + "deviceVendor": "Microsoft", + "deviceType": "Azure Active Directory Identity Protection", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-weu/providers/Microsoft.OperationalInsights/workspaces/defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-weu" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/defaultresourcegroup-weu/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-weu", + "name": "aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-weu", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "westeurope" + }, + { + "kind": "CEF", + "properties": { + "lastEventReceived": "2018-05-09T10:30:11.523Z", + "hostname": "barracuda", + "deviceVendor": "barracudanetworks", + "deviceType": "WAF", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/unificationprod/providers/Microsoft.OperationalInsights/workspaces/omsprd" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/unificationprod/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/cef_omsprd_barracudanetworks_waf_barracuda", + "name": "cef_omsprd_barracudanetworks_waf_barracuda", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "westcentralus" + }, + { + "kind": "CEF", + "properties": { + "lastEventReceived": "2018-05-08T15:42:22.57Z", + "hostname": "demovm20", + "deviceVendor": "virtualHoneypot", + "deviceType": "Microsoft", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/unificationprod/providers/Microsoft.OperationalInsights/workspaces/omsprd" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/unificationprod/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/cef_omsprd_virtualhoneypot_Microsoft_demovm20", + "name": "cef_omsprd_virtualhoneypot_Microsoft_demovm20", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "westcentralus" + }, + { + "kind": "CEF", + "properties": { + "lastEventReceived": "2018-05-08T10:38:53.423Z", + "hostname": "demovm10", + "deviceVendor": "virtualHoneypot", + "deviceType": "Microsoft", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/unificationprod/providers/Microsoft.OperationalInsights/workspaces/omsprd" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/unificationprod/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/cef_omsprd_virtualhoneypot_Microsoft_demovm10", + "name": "cef_omsprd_virtualhoneypot_Microsoft_demovm10", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "westcentralus" + }, + { + "kind": "AAD", + "properties": { + "connectivityState": "Discovered", + "deviceVendor": "Microsoft", + "deviceType": "Azure Active Directory Identity Protection", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/unificationprod/providers/Microsoft.OperationalInsights/workspaces/omsprd" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/unificationprod/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_omsprd", + "name": "aad_omsprd", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "westcentralus" + }, + { + "kind": "AAD", + "properties": { + "connectivityState": "Discovered", + "deviceVendor": "Microsoft", + "deviceType": "Azure Active Directory Identity Protection", + "workspace": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-ejp/providers/Microsoft.OperationalInsights/workspaces/defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-ejp" + } + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/defaultresourcegroup-ejp/providers/Microsoft.Security/locations/centralus/externalSecuritySolutions/aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-ejp", + "name": "aad_defaultworkspace-20ff7fc3-e762-44dd-bd96-b71116dcdc23-ejp", + "type": "Microsoft.Security/locations/externalSecuritySolutions", + "location": "japaneast" + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/CreateJitNetworkAccessPolicy_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/CreateJitNetworkAccessPolicy_example.json index 865c26da5cf9..73a31e88eb18 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/CreateJitNetworkAccessPolicy_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/CreateJitNetworkAccessPolicy_example.json @@ -1,93 +1,111 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "ascLocation": "westeurope", - "resourceGroupName": "myRg1", - "jitNetworkAccessPolicyName": "default", - "body":{ - "kind": "Basic", - "properties": { - "virtualMachines": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "ports": [{ - "number": 22, - "protocol": "*", - "allowedSourceAddressPrefix": "*", - "maxRequestAccessDuration": "PT3H" - }, - { - "number": 3389, - "protocol": "*", - "allowedSourceAddressPrefix": "*", - "maxRequestAccessDuration": "PT3H" - } - ] - }], - "requests": [{ - "virtualMachines": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "ports": [{ - "number": 3389, - "allowedSourceAddressPrefix": "192.127.0.2", - "endTimeUtc": "2018-05-17T09:06:45.5691611Z", - "status": "Initiated", - "statusReason": "UserRequested" - }] - }], - "startTimeUtc": "2018-05-17T08:06:45.5691611Z", - "requestor": "barbara@contoso.com" - }], - "provisioningState": "Succeeded" - }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/jitNetworkAccessPolicies/default", - "name": "default", - "type": "Microsoft.Security/locations/jitNetworkAccessPolicies", - "location": "westeurope" - } - }, - "responses": { - "200": { - "body": { - "kind": "Basic", - "properties": { - "virtualMachines": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "ports": [{ - "number": 22, - "protocol": "*", - "allowedSourceAddressPrefix": "*", - "maxRequestAccessDuration": "PT3H" - }, - { - "number": 3389, - "protocol": "*", - "allowedSourceAddressPrefix": "*", - "maxRequestAccessDuration": "PT3H" - } - ] - }], - "requests": [{ - "virtualMachines": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "ports": [{ - "number": 3389, - "allowedSourceAddressPrefix": "192.127.0.2", - "endTimeUtc": "2018-05-17T09:06:45.5691611Z", - "status": "Initiated", - "statusReason": "UserRequested" - }] - }], - "startTimeUtc": "2018-05-17T08:06:45.5691611Z", - "requestor": "barbara@contoso.com" - }], - "provisioningState": "Succeeded" + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope", + "resourceGroupName": "myRg1", + "jitNetworkAccessPolicyName": "default", + "body": { + "kind": "Basic", + "properties": { + "virtualMachines": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [ + { + "number": 22, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" + }, + { + "number": 3389, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" + } + ] + } + ], + "requests": [ + { + "virtualMachines": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [ + { + "number": 3389, + "allowedSourceAddressPrefix": "192.127.0.2", + "endTimeUtc": "2018-05-17T09:06:45.5691611Z", + "status": "Initiated", + "statusReason": "UserRequested" + } + ] + } + ], + "startTimeUtc": "2018-05-17T08:06:45.5691611Z", + "requestor": "barbara@contoso.com" + } + ], + "provisioningState": "Succeeded" + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/jitNetworkAccessPolicies/default", + "name": "default", + "type": "Microsoft.Security/locations/jitNetworkAccessPolicies", + "location": "westeurope" + } + }, + "responses": { + "200": { + "body": { + "kind": "Basic", + "properties": { + "virtualMachines": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [ + { + "number": 22, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/jitNetworkAccessPolicies/default", - "name": "default", - "type": "Microsoft.Security/locations/jitNetworkAccessPolicies", - "location": "westeurope" + { + "number": 3389, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" + } + ] + } + ], + "requests": [ + { + "virtualMachines": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [ + { + "number": 3389, + "allowedSourceAddressPrefix": "192.127.0.2", + "endTimeUtc": "2018-05-17T09:06:45.5691611Z", + "status": "Initiated", + "statusReason": "UserRequested" + } + ] + } + ], + "startTimeUtc": "2018-05-17T08:06:45.5691611Z", + "requestor": "barbara@contoso.com" } - } + ], + "provisioningState": "Succeeded" + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/jitNetworkAccessPolicies/default", + "name": "default", + "type": "Microsoft.Security/locations/jitNetworkAccessPolicies", + "location": "westeurope" + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/DeleteJitNetworkAccessPolicy_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/DeleteJitNetworkAccessPolicy_example.json index 06a2fe92aa72..92535c9abff5 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/DeleteJitNetworkAccessPolicy_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/DeleteJitNetworkAccessPolicy_example.json @@ -1,15 +1,13 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "ascLocation": "westeurope", - "resourceGroupName": "myRg1", - "jitNetworkAccessPolicyName": "default" - }, - "responses": { - "200": { - }, - "204": { - } - } -} \ No newline at end of file + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope", + "resourceGroupName": "myRg1", + "jitNetworkAccessPolicyName": "default" + }, + "responses": { + "200": {}, + "204": {} + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesResourceGroupLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesResourceGroupLocation_example.json index 98bfc6898349..f933c5338620 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesResourceGroupLocation_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesResourceGroupLocation_example.json @@ -1,54 +1,65 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "ascLocation": "westeurope", - "resourceGroupName": "myRg1" - }, - "responses": { - "200": { - "body": { - "value": [{ - "kind": "Basic", - "properties": { - "virtualMachines": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "ports": [{ - "number": 22, - "protocol": "*", - "allowedSourceAddressPrefix": "*", - "maxRequestAccessDuration": "PT3H" - }, - { - "number": 3389, - "protocol": "*", - "allowedSourceAddressPrefix": "*", - "maxRequestAccessDuration": "PT3H" - } - ] - }], - "requests": [{ - "virtualMachines": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "ports": [{ - "number": 3389, - "allowedSourceAddressPrefix": "192.127.0.2", - "endTimeUtc": "2018-05-17T09:06:45.5691611Z", - "status": "Initiated", - "statusReason": "UserRequested" - }] - }], - "startTimeUtc": "2018-05-17T08:06:45.5691611Z", - "requestor": "barbara@contoso.com" - }], - "provisioningState": "Succeeded" + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope", + "resourceGroupName": "myRg1" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "kind": "Basic", + "properties": { + "virtualMachines": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [ + { + "number": 22, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/jitNetworkAccessPolicies/default", - "name": "default", - "type": "Microsoft.Security/locations/jitNetworkAccessPolicies", - "location": "westeurope" - }] - } - } + { + "number": 3389, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" + } + ] + } + ], + "requests": [ + { + "virtualMachines": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [ + { + "number": 3389, + "allowedSourceAddressPrefix": "192.127.0.2", + "endTimeUtc": "2018-05-17T09:06:45.5691611Z", + "status": "Initiated", + "statusReason": "UserRequested" + } + ] + } + ], + "startTimeUtc": "2018-05-17T08:06:45.5691611Z", + "requestor": "barbara@contoso.com" + } + ], + "provisioningState": "Succeeded" + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/jitNetworkAccessPolicies/default", + "name": "default", + "type": "Microsoft.Security/locations/jitNetworkAccessPolicies", + "location": "westeurope" + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesResourceGroup_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesResourceGroup_example.json index 9d46ba25fdb7..ce6b956f44a7 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesResourceGroup_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesResourceGroup_example.json @@ -1,53 +1,64 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "resourceGroupName": "myRg1" - }, - "responses": { - "200": { - "body": { - "value": [{ - "kind": "Basic", - "properties": { - "virtualMachines": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "ports": [{ - "number": 22, - "protocol": "*", - "allowedSourceAddressPrefix": "*", - "maxRequestAccessDuration": "PT3H" - }, - { - "number": 3389, - "protocol": "*", - "allowedSourceAddressPrefix": "*", - "maxRequestAccessDuration": "PT3H" - } - ] - }], - "requests": [{ - "virtualMachines": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "ports": [{ - "number": 3389, - "allowedSourceAddressPrefix": "192.127.0.2", - "endTimeUtc": "2018-05-17T09:06:45.5691611Z", - "status": "Initiated", - "statusReason": "UserRequested" - }] - }], - "startTimeUtc": "2018-05-17T08:06:45.5691611Z", - "requestor": "barbara@contoso.com" - }], - "provisioningState": "Succeeded" + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg1" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "kind": "Basic", + "properties": { + "virtualMachines": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [ + { + "number": 22, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/jitNetworkAccessPolicies/default", - "name": "default", - "type": "Microsoft.Security/locations/jitNetworkAccessPolicies", - "location": "westeurope" - }] - } - } + { + "number": 3389, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" + } + ] + } + ], + "requests": [ + { + "virtualMachines": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [ + { + "number": 3389, + "allowedSourceAddressPrefix": "192.127.0.2", + "endTimeUtc": "2018-05-17T09:06:45.5691611Z", + "status": "Initiated", + "statusReason": "UserRequested" + } + ] + } + ], + "startTimeUtc": "2018-05-17T08:06:45.5691611Z", + "requestor": "barbara@contoso.com" + } + ], + "provisioningState": "Succeeded" + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/jitNetworkAccessPolicies/default", + "name": "default", + "type": "Microsoft.Security/locations/jitNetworkAccessPolicies", + "location": "westeurope" + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesSubscriptionLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesSubscriptionLocation_example.json index 051aa4e18891..082e8d9b3a9d 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesSubscriptionLocation_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesSubscriptionLocation_example.json @@ -1,53 +1,64 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "ascLocation": "westeurope" - }, - "responses": { - "200": { - "body": { - "value": [{ - "kind": "Basic", - "properties": { - "virtualMachines": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "ports": [{ - "number": 22, - "protocol": "*", - "allowedSourceAddressPrefix": "*", - "maxRequestAccessDuration": "PT3H" - }, - { - "number": 3389, - "protocol": "*", - "allowedSourceAddressPrefix": "*", - "maxRequestAccessDuration": "PT3H" - } - ] - }], - "requests": [{ - "virtualMachines": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "ports": [{ - "number": 3389, - "allowedSourceAddressPrefix": "192.127.0.2", - "endTimeUtc": "2018-05-17T09:06:45.5691611Z", - "status": "Initiated", - "statusReason": "UserRequested" - }] - }], - "startTimeUtc": "2018-05-17T08:06:45.5691611Z", - "requestor": "barbara@contoso.com" - }], - "provisioningState": "Succeeded" + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "kind": "Basic", + "properties": { + "virtualMachines": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [ + { + "number": 22, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/jitNetworkAccessPolicies/default", - "name": "default", - "type": "Microsoft.Security/locations/jitNetworkAccessPolicies", - "location": "westeurope" - }] - } - } + { + "number": 3389, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" + } + ] + } + ], + "requests": [ + { + "virtualMachines": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [ + { + "number": 3389, + "allowedSourceAddressPrefix": "192.127.0.2", + "endTimeUtc": "2018-05-17T09:06:45.5691611Z", + "status": "Initiated", + "statusReason": "UserRequested" + } + ] + } + ], + "startTimeUtc": "2018-05-17T08:06:45.5691611Z", + "requestor": "barbara@contoso.com" + } + ], + "provisioningState": "Succeeded" + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/jitNetworkAccessPolicies/default", + "name": "default", + "type": "Microsoft.Security/locations/jitNetworkAccessPolicies", + "location": "westeurope" + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesSubscription_example.json index c87956a907b9..2681f4c7d255 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesSubscription_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesSubscription_example.json @@ -1,52 +1,63 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" - }, - "responses": { - "200": { - "body": { - "value": [{ - "kind": "Basic", - "properties": { - "virtualMachines": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "ports": [{ - "number": 22, - "protocol": "*", - "allowedSourceAddressPrefix": "*", - "maxRequestAccessDuration": "PT3H" - }, - { - "number": 3389, - "protocol": "*", - "allowedSourceAddressPrefix": "*", - "maxRequestAccessDuration": "PT3H" - } - ] - }], - "requests": [{ - "virtualMachines": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "ports": [{ - "number": 3389, - "allowedSourceAddressPrefix": "192.127.0.2", - "endTimeUtc": "2018-05-17T09:06:45.5691611Z", - "status": "Initiated", - "statusReason": "UserRequested" - }] - }], - "startTimeUtc": "2018-05-17T08:06:45.5691611Z", - "requestor": "barbara@contoso.com" - }], - "provisioningState": "Succeeded" + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "kind": "Basic", + "properties": { + "virtualMachines": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [ + { + "number": 22, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/jitNetworkAccessPolicies/default", - "name": "default", - "type": "Microsoft.Security/locations/jitNetworkAccessPolicies", - "location": "westeurope" - }] - } - } + { + "number": 3389, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" + } + ] + } + ], + "requests": [ + { + "virtualMachines": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [ + { + "number": 3389, + "allowedSourceAddressPrefix": "192.127.0.2", + "endTimeUtc": "2018-05-17T09:06:45.5691611Z", + "status": "Initiated", + "statusReason": "UserRequested" + } + ] + } + ], + "startTimeUtc": "2018-05-17T08:06:45.5691611Z", + "requestor": "barbara@contoso.com" + } + ], + "provisioningState": "Succeeded" + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/jitNetworkAccessPolicies/default", + "name": "default", + "type": "Microsoft.Security/locations/jitNetworkAccessPolicies", + "location": "westeurope" + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPolicy_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPolicy_example.json index ea716b630370..253dabcb7421 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPolicy_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/GetJitNetworkAccessPolicy_example.json @@ -1,53 +1,62 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "ascLocation": "westeurope", - "resourceGroupName": "myRg1", - "jitNetworkAccessPolicyName": "default" - }, - "responses": { - "200": { - "body": { - "kind": "Basic", - "properties": { - "virtualMachines": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "ports": [{ - "number": 22, - "protocol": "*", - "allowedSourceAddressPrefix": "*", - "maxRequestAccessDuration": "PT3H" - }, - { - "number": 3389, - "protocol": "*", - "allowedSourceAddressPrefix": "*", - "maxRequestAccessDuration": "PT3H" - } - ] - }], - "requests": [{ - "virtualMachines": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "ports": [{ - "number": 3389, - "allowedSourceAddressPrefix": "192.127.0.2", - "endTimeUtc": "2018-05-17T09:06:45.5691611Z", - "status": "Initiated", - "statusReason": "UserRequested" - }] - }], - "startTimeUtc": "2018-05-17T08:06:45.5691611Z", - "requestor": "barbara@contoso.com" - }], - "provisioningState": "Succeeded" + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope", + "resourceGroupName": "myRg1", + "jitNetworkAccessPolicyName": "default" + }, + "responses": { + "200": { + "body": { + "kind": "Basic", + "properties": { + "virtualMachines": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [ + { + "number": 22, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" }, - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/jitNetworkAccessPolicies/default", - "name": "default", - "type": "Microsoft.Security/locations/jitNetworkAccessPolicies", - "location": "westeurope" + { + "number": 3389, + "protocol": "*", + "allowedSourceAddressPrefix": "*", + "maxRequestAccessDuration": "PT3H" + } + ] } - } + ], + "requests": [ + { + "virtualMachines": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [ + { + "number": 3389, + "allowedSourceAddressPrefix": "192.127.0.2", + "endTimeUtc": "2018-05-17T09:06:45.5691611Z", + "status": "Initiated", + "statusReason": "UserRequested" + } + ] + } + ], + "startTimeUtc": "2018-05-17T08:06:45.5691611Z", + "requestor": "barbara@contoso.com" + } + ], + "provisioningState": "Succeeded" + }, + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/jitNetworkAccessPolicies/default", + "name": "default", + "type": "Microsoft.Security/locations/jitNetworkAccessPolicies", + "location": "westeurope" + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/InitiateJitNetworkAccessPolicy_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/InitiateJitNetworkAccessPolicy_example.json index 9d970331e6a9..833fc2eff3b7 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/InitiateJitNetworkAccessPolicy_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/JitNetworkAccessPolicies/InitiateJitNetworkAccessPolicy_example.json @@ -1,38 +1,46 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "ascLocation": "westeurope", - "resourceGroupName": "myRg1", - "jitNetworkAccessPolicyName": "default", - "jitNetworkAccessPolicyInitiateType": "initiate", - "body": { - "virtualMachines": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "ports": [{ - "number": 3389, - "duration": "PT1H", - "allowedSourceAddressPrefix": "192.127.0.2" - }] - }] - } - }, - "responses": { - "202": { - "body": { - "virtualMachines": [{ - "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "ports": [{ - "number": 3389, - "allowedSourceAddressPrefix": "192.127.0.2", - "endTimeUtc": "2018-07-12T09:53:03.3658798Z", - "status": "Initiating", - "statusReason": "UserRequested" - }] - }], - "startTimeUtc": "2018-07-12T08:53:03.3658798Z", - "requestor": "barbara@contoso.com" + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope", + "resourceGroupName": "myRg1", + "jitNetworkAccessPolicyName": "default", + "jitNetworkAccessPolicyInitiateType": "initiate", + "body": { + "virtualMachines": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [ + { + "number": 3389, + "duration": "PT1H", + "allowedSourceAddressPrefix": "192.127.0.2" } + ] } + ] + } + }, + "responses": { + "202": { + "body": { + "virtualMachines": [ + { + "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "ports": [ + { + "number": 3389, + "allowedSourceAddressPrefix": "192.127.0.2", + "endTimeUtc": "2018-07-12T09:53:03.3658798Z", + "status": "Initiating", + "statusReason": "UserRequested" + } + ] + } + ], + "startTimeUtc": "2018-07-12T08:53:03.3658798Z", + "requestor": "barbara@contoso.com" + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Locations/GetLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Locations/GetLocation_example.json index 33afce562bd0..9dd8c5907e2d 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Locations/GetLocation_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Locations/GetLocation_example.json @@ -1,19 +1,19 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "ascLocation": "centralus" - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/locations/centralus", - "name": "centralus", - "type": "Microsoft.Security/locations", - "properties": { - "homeRegionName": "centralus" - } - } + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "centralus" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/locations/centralus", + "name": "centralus", + "type": "Microsoft.Security/locations", + "properties": { + "homeRegionName": "centralus" } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Locations/GetLocations_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Locations/GetLocations_example.json index 1525e1649377..bba10e88cbbf 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Locations/GetLocations_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Locations/GetLocations_example.json @@ -1,20 +1,22 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/locations/centralus", - "name": "centralus", - "type": "Microsoft.Security/locations", - "properties": { - "homeRegionName": "centralus" - } - }] + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/locations/centralus", + "name": "centralus", + "type": "Microsoft.Security/locations", + "properties": { + "homeRegionName": "centralus" } - } + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTaskResourceGroupLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTaskResourceGroupLocation_example.json index 2458dd524285..8fa2dbc88d21 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTaskResourceGroupLocation_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTaskResourceGroupLocation_example.json @@ -1,34 +1,34 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "resourceGroupName": "myRg", - "ascLocation": "westeurope", - "taskName": "d55b4dc0-779c-c66c-33e5-d7bce24c4222" - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/locations/westeurope/tasks/d55b4dc0-779c-c66c-33e5-d7bce24c4222", - "name": "d55b4dc0-779c-c66c-33e5-d7bce24c4222", - "type": "Microsoft.Security/locations/tasks", - "properties": { - "state": "Active", - "subState": "NA", - "creationTimeUtc": "2018-04-02T11:41:27.0541014Z", - "lastStateChangeTimeUtc": "2018-04-02T11:41:27.0541014Z", - "securityTaskParameters": { - "vmId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1", - "vmName": "vm1", - "severity": "High", - "isOsDiskEncrypted": false, - "isDataDiskEncrypted": false, - "name": "EncryptionOnVm", - "uniqueKey": "EncryptionOnVmTaskParameters_/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1", - "resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1" - } - } - } + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg", + "ascLocation": "westeurope", + "taskName": "d55b4dc0-779c-c66c-33e5-d7bce24c4222" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/locations/westeurope/tasks/d55b4dc0-779c-c66c-33e5-d7bce24c4222", + "name": "d55b4dc0-779c-c66c-33e5-d7bce24c4222", + "type": "Microsoft.Security/locations/tasks", + "properties": { + "state": "Active", + "subState": "NA", + "creationTimeUtc": "2018-04-02T11:41:27.0541014Z", + "lastStateChangeTimeUtc": "2018-04-02T11:41:27.0541014Z", + "securityTaskParameters": { + "vmId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1", + "vmName": "vm1", + "severity": "High", + "isOsDiskEncrypted": false, + "isDataDiskEncrypted": false, + "name": "EncryptionOnVm", + "uniqueKey": "EncryptionOnVmTaskParameters_/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1", + "resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1" + } } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTaskSubscriptionLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTaskSubscriptionLocation_example.json index e3bb9c0fa2b5..eba2b7297282 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTaskSubscriptionLocation_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTaskSubscriptionLocation_example.json @@ -1,33 +1,33 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "ascLocation": "westeurope", - "taskName": "62609ee7-d0a5-8616-9fe4-1df5cca7758d" - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/locations/westeurope/tasks/62609ee7-d0a5-8616-9fe4-1df5cca7758d", - "name": "62609ee7-d0a5-8616-9fe4-1df5cca7758d", - "type": "Microsoft.Security/locations/tasks", - "properties": { - "state": "Active", - "subState": "NA", - "creationTimeUtc": "2018-03-05T10:42:03.9935508Z", - "lastStateChangeTimeUtc": "2018-03-05T10:42:03.9935508Z", - "securityTaskParameters": { - "resourceName": "default", - "resourceType": "Subnet", - "resourceParent": "vnet1", - "location": "uksouth", - "resourceGroup": "myRg", - "name": "NetworkSecurityGroupMissingOnSubnet", - "uniqueKey": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/default", - "resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/default" - } - } - } + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope", + "taskName": "62609ee7-d0a5-8616-9fe4-1df5cca7758d" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/locations/westeurope/tasks/62609ee7-d0a5-8616-9fe4-1df5cca7758d", + "name": "62609ee7-d0a5-8616-9fe4-1df5cca7758d", + "type": "Microsoft.Security/locations/tasks", + "properties": { + "state": "Active", + "subState": "NA", + "creationTimeUtc": "2018-03-05T10:42:03.9935508Z", + "lastStateChangeTimeUtc": "2018-03-05T10:42:03.9935508Z", + "securityTaskParameters": { + "resourceName": "default", + "resourceType": "Subnet", + "resourceParent": "vnet1", + "location": "uksouth", + "resourceGroup": "myRg", + "name": "NetworkSecurityGroupMissingOnSubnet", + "uniqueKey": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/default", + "resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/default" + } } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTasksResourceGroupLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTasksResourceGroupLocation_example.json index 060bd0ff0b85..4ace40c42115 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTasksResourceGroupLocation_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTasksResourceGroupLocation_example.json @@ -1,37 +1,37 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "resourceGroupName": "myRg", - "ascLocation": "westeurope" - }, - "responses": { - "200": { - "body": { - "value": [ - { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/locations/westeurope/tasks/d55b4dc0-779c-c66c-33e5-d7bce24c4222", - "name": "d55b4dc0-779c-c66c-33e5-d7bce24c4222", - "type": "Microsoft.Security/locations/tasks", - "properties": { - "state": "Active", - "subState": "NA", - "creationTimeUtc": "2018-04-02T11:41:27.0541014Z", - "lastStateChangeTimeUtc": "2018-04-02T11:41:27.0541014Z", - "securityTaskParameters": { - "vmId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1", - "vmName": "vm1", - "severity": "High", - "isOsDiskEncrypted": false, - "isDataDiskEncrypted": false, - "name": "EncryptionOnVm", - "uniqueKey": "EncryptionOnVmTaskParameters_/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1", - "resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1" - } - } - } - ] + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg", + "ascLocation": "westeurope" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/locations/westeurope/tasks/d55b4dc0-779c-c66c-33e5-d7bce24c4222", + "name": "d55b4dc0-779c-c66c-33e5-d7bce24c4222", + "type": "Microsoft.Security/locations/tasks", + "properties": { + "state": "Active", + "subState": "NA", + "creationTimeUtc": "2018-04-02T11:41:27.0541014Z", + "lastStateChangeTimeUtc": "2018-04-02T11:41:27.0541014Z", + "securityTaskParameters": { + "vmId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1", + "vmName": "vm1", + "severity": "High", + "isOsDiskEncrypted": false, + "isDataDiskEncrypted": false, + "name": "EncryptionOnVm", + "uniqueKey": "EncryptionOnVmTaskParameters_/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1", + "resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1" + } } - } + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTasksSubscriptionLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTasksSubscriptionLocation_example.json index 1c919e8baf2f..e36ade6aeb20 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTasksSubscriptionLocation_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTasksSubscriptionLocation_example.json @@ -1,56 +1,57 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "ascLocation": "westeurope" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/locations/westeurope/tasks/62609ee7-d0a5-8616-9fe4-1df5cca7758d", - "name": "62609ee7-d0a5-8616-9fe4-1df5cca7758d", - "type": "Microsoft.Security/locations/tasks", - "properties": { - "state": "Active", - "subState": "NA", - "creationTimeUtc": "2018-03-05T10:42:03.9935508Z", - "lastStateChangeTimeUtc": "2018-03-05T10:42:03.9935508Z", - "securityTaskParameters": { - "resourceName": "default", - "resourceType": "Subnet", - "resourceParent": "vnet1", - "location": "uksouth", - "resourceGroup": "myRg", - "name": "NetworkSecurityGroupMissingOnSubnet", - "uniqueKey": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/default", - "resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/default" - } - } - }, - { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/locations/westeurope/tasks/d55b4dc0-779c-c66c-33e5-d7bce24c4222", - "name": "d55b4dc0-779c-c66c-33e5-d7bce24c4222", - "type": "Microsoft.Security/locations/tasks", - "properties": { - "state": "Active", - "subState": "NA", - "creationTimeUtc": "2018-04-02T11:41:27.0541014Z", - "lastStateChangeTimeUtc": "2018-04-02T11:41:27.0541014Z", - "securityTaskParameters": { - "vmId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1", - "vmName": "vm1", - "severity": "High", - "isOsDiskEncrypted": false, - "isDataDiskEncrypted": false, - "name": "EncryptionOnVm", - "uniqueKey": "EncryptionOnVmTaskParameters_/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1", - "resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1" - } - } - } - ] + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/locations/westeurope/tasks/62609ee7-d0a5-8616-9fe4-1df5cca7758d", + "name": "62609ee7-d0a5-8616-9fe4-1df5cca7758d", + "type": "Microsoft.Security/locations/tasks", + "properties": { + "state": "Active", + "subState": "NA", + "creationTimeUtc": "2018-03-05T10:42:03.9935508Z", + "lastStateChangeTimeUtc": "2018-03-05T10:42:03.9935508Z", + "securityTaskParameters": { + "resourceName": "default", + "resourceType": "Subnet", + "resourceParent": "vnet1", + "location": "uksouth", + "resourceGroup": "myRg", + "name": "NetworkSecurityGroupMissingOnSubnet", + "uniqueKey": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/default", + "resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/default" + } } - } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/locations/westeurope/tasks/d55b4dc0-779c-c66c-33e5-d7bce24c4222", + "name": "d55b4dc0-779c-c66c-33e5-d7bce24c4222", + "type": "Microsoft.Security/locations/tasks", + "properties": { + "state": "Active", + "subState": "NA", + "creationTimeUtc": "2018-04-02T11:41:27.0541014Z", + "lastStateChangeTimeUtc": "2018-04-02T11:41:27.0541014Z", + "securityTaskParameters": { + "vmId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1", + "vmName": "vm1", + "severity": "High", + "isOsDiskEncrypted": false, + "isDataDiskEncrypted": false, + "name": "EncryptionOnVm", + "uniqueKey": "EncryptionOnVmTaskParameters_/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1", + "resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1" + } + } + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTasksSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTasksSubscription_example.json index e2547ab81bbc..cb12f84e4c9b 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTasksSubscription_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/GetTasksSubscription_example.json @@ -1,55 +1,56 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/locations/westeurope/tasks/62609ee7-d0a5-8616-9fe4-1df5cca7758d", - "name": "62609ee7-d0a5-8616-9fe4-1df5cca7758d", - "type": "Microsoft.Security/locations/tasks", - "properties": { - "state": "Active", - "subState": "NA", - "creationTimeUtc": "2018-03-05T10:42:03.9935508Z", - "lastStateChangeTimeUtc": "2018-03-05T10:42:03.9935508Z", - "securityTaskParameters": { - "resourceName": "default", - "resourceType": "Subnet", - "resourceParent": "vnet1", - "location": "uksouth", - "resourceGroup": "myRg", - "name": "NetworkSecurityGroupMissingOnSubnet", - "uniqueKey": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/default", - "resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/default" - } - } - }, - { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/locations/westeurope/tasks/d55b4dc0-779c-c66c-33e5-d7bce24c4222", - "name": "d55b4dc0-779c-c66c-33e5-d7bce24c4222", - "type": "Microsoft.Security/locations/tasks", - "properties": { - "state": "Active", - "subState": "NA", - "creationTimeUtc": "2018-04-02T11:41:27.0541014Z", - "lastStateChangeTimeUtc": "2018-04-02T11:41:27.0541014Z", - "securityTaskParameters": { - "vmId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1", - "vmName": "vm1", - "severity": "High", - "isOsDiskEncrypted": false, - "isDataDiskEncrypted": false, - "name": "EncryptionOnVm", - "uniqueKey": "EncryptionOnVmTaskParameters_/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1", - "resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1" - } - } - } - ] + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/locations/westeurope/tasks/62609ee7-d0a5-8616-9fe4-1df5cca7758d", + "name": "62609ee7-d0a5-8616-9fe4-1df5cca7758d", + "type": "Microsoft.Security/locations/tasks", + "properties": { + "state": "Active", + "subState": "NA", + "creationTimeUtc": "2018-03-05T10:42:03.9935508Z", + "lastStateChangeTimeUtc": "2018-03-05T10:42:03.9935508Z", + "securityTaskParameters": { + "resourceName": "default", + "resourceType": "Subnet", + "resourceParent": "vnet1", + "location": "uksouth", + "resourceGroup": "myRg", + "name": "NetworkSecurityGroupMissingOnSubnet", + "uniqueKey": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/default", + "resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/default" + } } - } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/locations/westeurope/tasks/d55b4dc0-779c-c66c-33e5-d7bce24c4222", + "name": "d55b4dc0-779c-c66c-33e5-d7bce24c4222", + "type": "Microsoft.Security/locations/tasks", + "properties": { + "state": "Active", + "subState": "NA", + "creationTimeUtc": "2018-04-02T11:41:27.0541014Z", + "lastStateChangeTimeUtc": "2018-04-02T11:41:27.0541014Z", + "securityTaskParameters": { + "vmId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1", + "vmName": "vm1", + "severity": "High", + "isOsDiskEncrypted": false, + "isDataDiskEncrypted": false, + "name": "EncryptionOnVm", + "uniqueKey": "EncryptionOnVmTaskParameters_/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1", + "resourceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachines/vm1" + } + } + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/UpdateTaskResourceGroupLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/UpdateTaskResourceGroupLocation_example.json index aa441126d1a3..e66a3a74ec01 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/UpdateTaskResourceGroupLocation_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/UpdateTaskResourceGroupLocation_example.json @@ -1,14 +1,13 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "ascLocation": "westeurope", - "resourceGroupName": "myRg", - "taskName": "d55b4dc0-779c-c66c-33e5-d7bce24c4222", - "taskUpdateActionType": "Dismiss" - }, - "responses": { - "204": { - } - } -} \ No newline at end of file + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope", + "resourceGroupName": "myRg", + "taskName": "d55b4dc0-779c-c66c-33e5-d7bce24c4222", + "taskUpdateActionType": "Dismiss" + }, + "responses": { + "204": {} + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/UpdateTaskSubscriptionLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/UpdateTaskSubscriptionLocation_example.json index 0be932e8e9f2..59585d5afc51 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/UpdateTaskSubscriptionLocation_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Tasks/UpdateTaskSubscriptionLocation_example.json @@ -1,13 +1,12 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "ascLocation": "westeurope", - "taskName": "62609ee7-d0a5-8616-9fe4-1df5cca7758d", - "taskUpdateActionType": "Dismiss" - }, - "responses": { - "204": { - } - } -} \ No newline at end of file + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope", + "taskName": "62609ee7-d0a5-8616-9fe4-1df5cca7758d", + "taskUpdateActionType": "Dismiss" + }, + "responses": { + "204": {} + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Topology/GetTopologySubscriptionLocation_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Topology/GetTopologySubscriptionLocation_example.json index 4365714df339..04651f81f7ba 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Topology/GetTopologySubscriptionLocation_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Topology/GetTopologySubscriptionLocation_example.json @@ -1,64 +1,63 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "3eeab341-f466-499c-a8be-85427e154bad", - "ascLocation": "centralus" - }, - "responses": { - "200": { - "body": { - "value": [ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "3eeab341-f466-499c-a8be-85427e154bad", + "ascLocation": "centralus" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "calculatedDateTime": "2018-07-10T13:56:10.5755270Z", + "topologyResources": [ + { + "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet", + "severity": "Healthy", + "networkZones": "Internal", + "recommendationsExist": false, + "topologyScore": 0, + "location": "westus", + "children": [ { - "properties": { - "calculatedDateTime": "2018-07-10T13:56:10.5755270Z", - "topologyResources": [ - { - "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet", - "severity": "Healthy", - "networkZones": "Internal", - "recommendationsExist": false, - "topologyScore": 0, - "location": "westus", - "children": [ - { - "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet/subnets/mysubnet" - } - ] - } - ] - }, - "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Security/locations/centralus/topologies/vnets", - "name": "vnets", - "type": "Microsoft.Security/locations/topologies", - "location": "westus" - }, + "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet/subnets/mysubnet" + } + ] + } + ] + }, + "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Security/locations/centralus/topologies/vnets", + "name": "vnets", + "type": "Microsoft.Security/locations/topologies", + "location": "westus" + }, + { + "properties": { + "calculatedDateTime": "2018-07-10T13:56:10.5755270Z", + "topologyResources": [ + { + "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet/subnets/mysubnet", + "severity": "Healthy", + "networkZones": "Internal", + "recommendationsExist": false, + "topologyScore": 5, + "location": "westus", + "parents": [ { - "properties": { - "calculatedDateTime": "2018-07-10T13:56:10.5755270Z", - "topologyResources": [ - { - "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet/subnets/mysubnet", - "severity": "Healthy", - "networkZones": "Internal", - "recommendationsExist": false, - "topologyScore": 5, - "location": "westus", - "parents": [ - { - "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet" - } - ] - } - ] - }, - "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Security/locations/centralus/topologies/subnets", - "name": "subnets", - "type": "Microsoft.Security/locations/topologies", - "location": "westus" + "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet" } - ] - } - - } + ] + } + ] + }, + "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Security/locations/centralus/topologies/subnets", + "name": "subnets", + "type": "Microsoft.Security/locations/topologies", + "location": "westus" + } + ] + } } + } } diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Topology/GetTopologySubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Topology/GetTopologySubscription_example.json index 4de5f4173c7a..f5709935a6f2 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Topology/GetTopologySubscription_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Topology/GetTopologySubscription_example.json @@ -1,63 +1,62 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "3eeab341-f466-499c-a8be-85427e154bad" - }, - "responses": { - "200": { - "body": { - "value": [ + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "3eeab341-f466-499c-a8be-85427e154bad" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "calculatedDateTime": "2018-07-10T13:56:10.5755270Z", + "topologyResources": [ + { + "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet", + "severity": "Healthy", + "networkZones": "Internal", + "recommendationsExist": false, + "topologyScore": 0, + "location": "westus", + "children": [ { - "properties": { - "calculatedDateTime": "2018-07-10T13:56:10.5755270Z", - "topologyResources": [ - { - "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet", - "severity": "Healthy", - "networkZones": "Internal", - "recommendationsExist": false, - "topologyScore": 0, - "location": "westus", - "children": [ - { - "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet/subnets/mysubnet" - } - ] - } - ] - }, - "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Security/locations/centralus/topologies/vnets", - "name": "vnets", - "type": "Microsoft.Security/locations/topologies", - "location": "westus" - }, + "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet/subnets/mysubnet" + } + ] + } + ] + }, + "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Security/locations/centralus/topologies/vnets", + "name": "vnets", + "type": "Microsoft.Security/locations/topologies", + "location": "westus" + }, + { + "properties": { + "calculatedDateTime": "2018-07-10T13:56:10.5755270Z", + "topologyResources": [ + { + "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet/subnets/mysubnet", + "severity": "Healthy", + "networkZones": "Internal", + "recommendationsExist": false, + "topologyScore": 5, + "location": "westus", + "parents": [ { - "properties": { - "calculatedDateTime": "2018-07-10T13:56:10.5755270Z", - "topologyResources": [ - { - "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet/subnets/mysubnet", - "severity": "Healthy", - "networkZones": "Internal", - "recommendationsExist": false, - "topologyScore": 5, - "location": "westus", - "parents": [ - { - "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet" - } - ] - } - ] - }, - "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Security/locations/centralus/topologies/subnets", - "name": "subnets", - "type": "Microsoft.Security/locations/topologies", - "location": "westus" + "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet" } - ] - } - - } + ] + } + ] + }, + "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Security/locations/centralus/topologies/subnets", + "name": "subnets", + "type": "Microsoft.Security/locations/topologies", + "location": "westus" + } + ] + } } + } } diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Topology/GetTopology_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Topology/GetTopology_example.json index 6251841be30d..79beb03facac 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Topology/GetTopology_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/Topology/GetTopology_example.json @@ -1,36 +1,37 @@ { - "parameters": { - "api-version": "2015-06-01-preview", - "subscriptionId": "3eeab341-f466-499c-a8be-85427e154bad", - "resourceGroupName": "myservers", - "ascLocation": "centralus", - "topologyResourceName": "vnets" - }, - "responses": { - "200": { - "body": { - "properties": { - "calculatedDateTime": "2018-07-10T13:56:10.5755270Z", - "topologyResources": [ - { - "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet", - "severity": "Healthy", - "networkZones": "InternetFacing", - "recommendationsExist": false, - "topologyScore": 0, - "location": "westus", - "children": [{ - "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet/subnets/mysubnet" - } - ] - } - ] - }, - "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Security/locations/centralus/topologies/vnets", - "name": "vnets", - "type": "Microsoft.Security/locations/topologies", - "location": "westus" + "parameters": { + "api-version": "2015-06-01-preview", + "subscriptionId": "3eeab341-f466-499c-a8be-85427e154bad", + "resourceGroupName": "myservers", + "ascLocation": "centralus", + "topologyResourceName": "vnets" + }, + "responses": { + "200": { + "body": { + "properties": { + "calculatedDateTime": "2018-07-10T13:56:10.5755270Z", + "topologyResources": [ + { + "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet", + "severity": "Healthy", + "networkZones": "InternetFacing", + "recommendationsExist": false, + "topologyScore": 0, + "location": "westus", + "children": [ + { + "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet/subnets/mysubnet" + } + ] } - } + ] + }, + "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Security/locations/centralus/topologies/vnets", + "name": "vnets", + "type": "Microsoft.Security/locations/topologies", + "location": "westus" + } } + } } diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/externalSecuritySolutions.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/externalSecuritySolutions.json index 5fae80b927c9..f20d5a3180c8 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/externalSecuritySolutions.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/externalSecuritySolutions.json @@ -6,12 +6,20 @@ "version": "2015-06-01-preview" }, "host": "management.azure.com", - "schemes": ["https"], - "consumes": ["application/json"], - "produces": ["application/json"], + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], "security": [ { - "azure_auth": ["user_impersonation"] + "azure_auth": [ + "user_impersonation" + ] } ], "securityDefinitions": { @@ -34,7 +42,9 @@ } }, "description": "Gets a list of external security solutions for the subscription.", - "tags": ["ExternalSecuritySolutions"], + "tags": [ + "ExternalSecuritySolutions" + ], "operationId": "ExternalSecuritySolutions_List", "parameters": [ { @@ -71,7 +81,9 @@ } }, "description": "Gets a list of external Security Solutions for the subscription and location.", - "tags": ["ExternalSecuritySolutions"], + "tags": [ + "ExternalSecuritySolutions" + ], "operationId": "ExternalSecuritySolutions_ListByHomeRegion", "parameters": [ { @@ -111,7 +123,9 @@ } }, "description": "Gets a specific external Security Solution.", - "tags": ["ExternalSecuritySolutions"], + "tags": [ + "ExternalSecuritySolutions" + ], "operationId": "ExternalSecuritySolutions_Get", "parameters": [ { @@ -232,7 +246,11 @@ "kind": { "type": "string", "description": "The kind of the external solution", - "enum": ["CEF", "ATA", "AAD"], + "enum": [ + "CEF", + "ATA", + "AAD" + ], "x-ms-enum": { "name": "ExternalSecuritySolutionKind", "modelAsString": true, @@ -284,7 +302,11 @@ "connectivityState": { "type": "string", "title": "The connectivity state of the external AAD solution ", - "enum": ["Discovered", "NotLicensed", "Connected"], + "enum": [ + "Discovered", + "NotLicensed", + "Connected" + ], "x-ms-enum": { "name": "AadConnectivityState", "modelAsString": true, diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/jitNetworkAccessPolicies.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/jitNetworkAccessPolicies.json index ece915c4c952..914dafb9208a 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/jitNetworkAccessPolicies.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/jitNetworkAccessPolicies.json @@ -1,754 +1,754 @@ { - "swagger": "2.0", - "info": { - "title": "Security Center", - "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", - "version": "2015-06-01-preview" - }, - "host": "management.azure.com", - "schemes": [ - "https" - ], - "consumes": [ - "application/json" - ], - "produces": [ - "application/json" - ], - "security": [ - { - "azure_auth": [ - "user_impersonation" - ] - } - ], - "securityDefinitions": { - "azure_auth": { - "type": "oauth2", - "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", - "flow": "implicit", - "description": "Azure Active Directory OAuth2 Flow", - "scopes": { - "user_impersonation": "impersonate your user account" + "swagger": "2.0", + "info": { + "title": "Security Center", + "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", + "version": "2015-06-01-preview" + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/jitNetworkAccessPolicies": { + "get": { + "x-ms-examples": { + "Get JIT network access policies on a subscription": { + "$ref": "./examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesSubscription_example.json" + } + }, + "tags": [ + "JitNetworkAccessPolicies" + ], + "description": "Policies for protecting resources using Just-in-Time access control.", + "operationId": "JitNetworkAccessPolicies_List", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/JitNetworkAccessPoliciesList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" } + } }, - "paths": { - "/subscriptions/{subscriptionId}/providers/Microsoft.Security/jitNetworkAccessPolicies": { - "get": { - "x-ms-examples": { - "Get JIT network access policies on a subscription": { - "$ref": "./examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesSubscription_example.json" - } - }, - "tags": [ - "JitNetworkAccessPolicies" - ], - "description": "Policies for protecting resources using Just-in-Time access control.", - "operationId": "JitNetworkAccessPolicies_List", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/JitNetworkAccessPoliciesList" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - } + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies": { + "get": { + "x-ms-examples": { + "Get JIT network access policies on a subscription from a security data location": { + "$ref": "./examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesSubscriptionLocation_example.json" + } + }, + "tags": [ + "JitNetworkAccessPolicies" + ], + "description": "Policies for protecting resources using Just-in-Time access control for the subscription, location", + "operationId": "JitNetworkAccessPolicies_ListByRegion", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/AscLocation" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/JitNetworkAccessPoliciesList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/jitNetworkAccessPolicies": { + "get": { + "x-ms-examples": { + "Get JIT network access policies on a resource group": { + "$ref": "./examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesResourceGroup_example.json" + } }, - "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies": { - "get": { - "x-ms-examples": { - "Get JIT network access policies on a subscription from a security data location": { - "$ref": "./examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesSubscriptionLocation_example.json" - } - }, - "tags": [ - "JitNetworkAccessPolicies" - ], - "description": "Policies for protecting resources using Just-in-Time access control for the subscription, location", - "operationId": "JitNetworkAccessPolicies_ListByRegion", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/AscLocation" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/JitNetworkAccessPoliciesList" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - } + "tags": [ + "JitNetworkAccessPolicies" + ], + "description": "Policies for protecting resources using Just-in-Time access control for the subscription, location", + "operationId": "JitNetworkAccessPolicies_ListByResourceGroup", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/JitNetworkAccessPoliciesList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies": { + "get": { + "x-ms-examples": { + "Get JIT network access policies on a resource group from a security data location": { + "$ref": "./examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesResourceGroupLocation_example.json" + } }, - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/jitNetworkAccessPolicies": { - "get": { - "x-ms-examples": { - "Get JIT network access policies on a resource group": { - "$ref": "./examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesResourceGroup_example.json" - } - }, - "tags": [ - "JitNetworkAccessPolicies" - ], - "description": "Policies for protecting resources using Just-in-Time access control for the subscription, location", - "operationId": "JitNetworkAccessPolicies_ListByResourceGroup", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/JitNetworkAccessPoliciesList" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - } + "tags": [ + "JitNetworkAccessPolicies" + ], + "description": "Policies for protecting resources using Just-in-Time access control for the subscription, location", + "operationId": "JitNetworkAccessPolicies_ListByResourceGroupAndRegion", + "produces": [ + "application/json" + ], + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/AscLocation" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/JitNetworkAccessPoliciesList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies/{jitNetworkAccessPolicyName}": { + "get": { + "x-ms-examples": { + "Get JIT network access policy": { + "$ref": "./examples/JitNetworkAccessPolicies/GetJitNetworkAccessPolicy_example.json" + } }, - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies": { - "get": { - "x-ms-examples": { - "Get JIT network access policies on a resource group from a security data location": { - "$ref": "./examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesResourceGroupLocation_example.json" - } - }, - "tags": [ - "JitNetworkAccessPolicies" - ], - "description": "Policies for protecting resources using Just-in-Time access control for the subscription, location", - "operationId": "JitNetworkAccessPolicies_ListByResourceGroupAndRegion", - "produces": [ - "application/json" - ], - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/AscLocation" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/JitNetworkAccessPoliciesList" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - } + "tags": [ + "JitNetworkAccessPolicies" + ], + "description": "Policies for protecting resources using Just-in-Time access control for the subscription, location", + "operationId": "JitNetworkAccessPolicies_Get", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/AscLocation" + }, + { + "$ref": "#/parameters/JitNetworkAccessPolicyName" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/JitNetworkAccessPolicy" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" } + } + } + }, + "put": { + "x-ms-examples": { + "Create JIT network access policy": { + "$ref": "./examples/JitNetworkAccessPolicies/CreateJitNetworkAccessPolicy_example.json" + } }, - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies/{jitNetworkAccessPolicyName}": { - "get": { - "x-ms-examples": { - "Get JIT network access policy": { - "$ref": "./examples/JitNetworkAccessPolicies/GetJitNetworkAccessPolicy_example.json" - } - }, - "tags": [ - "JitNetworkAccessPolicies" - ], - "description": "Policies for protecting resources using Just-in-Time access control for the subscription, location", - "operationId": "JitNetworkAccessPolicies_Get", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/AscLocation" - }, - { - "$ref": "#/parameters/JitNetworkAccessPolicyName" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/JitNetworkAccessPolicy" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } - }, - "put": { - "x-ms-examples": { - "Create JIT network access policy": { - "$ref": "./examples/JitNetworkAccessPolicies/CreateJitNetworkAccessPolicy_example.json" - } - }, - "tags": [ - "JitNetworkAccessPolicies" - ], - "description": "Create a policy for protecting resources using Just-in-Time access control", - "operationId": "JitNetworkAccessPolicies_CreateOrUpdate", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/AscLocation" - }, - { - "$ref": "#/parameters/JitNetworkAccessPolicyName" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, - { - "$ref": "#/parameters/JitNetworkAccessPolicy" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/JitNetworkAccessPolicy" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } - }, - "delete": { - "x-ms-examples": { - "Delete a JIT network access policy": { - "$ref": "./examples/JitNetworkAccessPolicies/DeleteJitNetworkAccessPolicy_example.json" - } - }, - "tags": [ - "JitNetworkAccessPolicies" - ], - "description": "Delete a Just-in-Time access control policy.", - "operationId": "JitNetworkAccessPolicies_Delete", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/AscLocation" - }, - { - "$ref": "#/parameters/JitNetworkAccessPolicyName" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - } - ], - "responses": { - "200": { - "description": "OK - Resource was deleted" - }, - "204": { - "description": "No Content - Resource does not exist" - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } + "tags": [ + "JitNetworkAccessPolicies" + ], + "description": "Create a policy for protecting resources using Just-in-Time access control", + "operationId": "JitNetworkAccessPolicies_CreateOrUpdate", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/AscLocation" + }, + { + "$ref": "#/parameters/JitNetworkAccessPolicyName" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "#/parameters/JitNetworkAccessPolicy" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/JitNetworkAccessPolicy" } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } + } + } + }, + "delete": { + "x-ms-examples": { + "Delete a JIT network access policy": { + "$ref": "./examples/JitNetworkAccessPolicies/DeleteJitNetworkAccessPolicy_example.json" + } }, - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies/{jitNetworkAccessPolicyName}/{jitNetworkAccessPolicyInitiateType}": { - "post": { - "x-ms-examples": { - "Initiate an action on a JIT network access policy": { - "$ref": "./examples/JitNetworkAccessPolicies/InitiateJitNetworkAccessPolicy_example.json" - } - }, - "tags": [ - "JitNetworkAccessPolicies" - ], - "description": "Initiate a JIT access from a specific Just-in-Time policy configuration.", - "operationId": "JitNetworkAccessPolicies_Initiate", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/AscLocation" - }, - { - "$ref": "#/parameters/JitNetworkAccessPolicyName" - }, - { - "$ref": "#/parameters/JitNetworkAccessPolicyInitiateType" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, - { - "$ref": "#/parameters/JitNetworkAccessPolicyInitiateRequest" - } - ], - "responses": { - "202": { - "description": "Accepted", - "schema": { - "$ref": "#/definitions/JitNetworkAccessRequest" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } + "tags": [ + "JitNetworkAccessPolicies" + ], + "description": "Delete a Just-in-Time access control policy.", + "operationId": "JitNetworkAccessPolicies_Delete", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/AscLocation" + }, + { + "$ref": "#/parameters/JitNetworkAccessPolicyName" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + } + ], + "responses": { + "200": { + "description": "OK - Resource was deleted" + }, + "204": { + "description": "No Content - Resource does not exist" + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" } + } } + } }, - "definitions": { - "JitNetworkAccessPoliciesList": { - "type": "object", - "properties": { - "value": { - "type": "array", - "items": { - "$ref": "#/definitions/JitNetworkAccessPolicy" - } - }, - "nextLink": { - "readOnly": true, - "type": "string", - "description": "The URI to fetch the next page." - } + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies/{jitNetworkAccessPolicyName}/{jitNetworkAccessPolicyInitiateType}": { + "post": { + "x-ms-examples": { + "Initiate an action on a JIT network access policy": { + "$ref": "./examples/JitNetworkAccessPolicies/InitiateJitNetworkAccessPolicy_example.json" + } + }, + "tags": [ + "JitNetworkAccessPolicies" + ], + "description": "Initiate a JIT access from a specific Just-in-Time policy configuration.", + "operationId": "JitNetworkAccessPolicies_Initiate", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/AscLocation" + }, + { + "$ref": "#/parameters/JitNetworkAccessPolicyName" + }, + { + "$ref": "#/parameters/JitNetworkAccessPolicyInitiateType" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "#/parameters/JitNetworkAccessPolicyInitiateRequest" + } + ], + "responses": { + "202": { + "description": "Accepted", + "schema": { + "$ref": "#/definitions/JitNetworkAccessRequest" } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } + } + } + } + } + }, + "definitions": { + "JitNetworkAccessPoliciesList": { + "type": "object", + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/JitNetworkAccessPolicy" + } }, - "JitNetworkAccessPolicy": { - "type": "object", - "properties": { - "properties": { - "x-ms-client-flatten": true, - "$ref": "#/definitions/JitNetworkAccessPolicyProperties" - } - }, - "required": [ - "properties" - ], - "allOf": [ - { - "$ref": "../../../common/v1/types.json#/definitions/Resource" - }, - { - "$ref": "../../../common/v1/types.json#/definitions/Kind" - }, - { - "$ref": "../../../common/v1/types.json#/definitions/Location" - } - ] + "nextLink": { + "readOnly": true, + "type": "string", + "description": "The URI to fetch the next page." + } + } + }, + "JitNetworkAccessPolicy": { + "type": "object", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/JitNetworkAccessPolicyProperties" + } + }, + "required": [ + "properties" + ], + "allOf": [ + { + "$ref": "../../../common/v1/types.json#/definitions/Resource" }, - "JitNetworkAccessPolicyProperties": { - "type": "object", - "properties": { - "virtualMachines": { - "type": "array", - "description": "Configurations for Microsoft.Compute/virtualMachines resource type.", - "items": { - "$ref": "#/definitions/JitNetworkAccessPolicyVirtualMachine" - } - }, - "requests": { - "type": "array", - "items": { - "$ref": "#/definitions/JitNetworkAccessRequest" - } - }, - "provisioningState": { - "type": "string", - "readOnly": true, - "description": "Gets the provisioning state of the Just-in-Time policy." - } - }, - "required": [ - "virtualMachines" - ] + { + "$ref": "../../../common/v1/types.json#/definitions/Kind" }, - "JitNetworkAccessPolicyVirtualMachine": { - "type": "object", - "required": [ - "id", - "ports" - ], - "properties": { - "id": { - "type": "string", - "description": "Resource ID of the virtual machine that is linked to this policy" - }, - "ports": { - "type": "array", - "description": "Port configurations for the virtual machine", - "items": { - "$ref": "#/definitions/JitNetworkAccessPortRule" - } - } - } + { + "$ref": "../../../common/v1/types.json#/definitions/Location" + } + ] + }, + "JitNetworkAccessPolicyProperties": { + "type": "object", + "properties": { + "virtualMachines": { + "type": "array", + "description": "Configurations for Microsoft.Compute/virtualMachines resource type.", + "items": { + "$ref": "#/definitions/JitNetworkAccessPolicyVirtualMachine" + } }, - "JitNetworkAccessPortRule": { - "type": "object", - "properties": { - "number": { - "$ref": "#/definitions/PortNumber" - }, - "protocol": { - "type": "string", - "enum": [ - "TCP", - "UDP", - "*" - ], - "x-ms-enum": { - "name": "protocol", - "modelAsString": true, - "values": [ - { - "value": "TCP" - }, - { - "value": "UDP" - }, - { - "value": "*", - "name": "All" - } - ] - } - }, - "allowedSourceAddressPrefix": { - "type": "string", - "description": "Mutually exclusive with the \"allowedSourceAddressPrefixes\" parameter. Should be an IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\"." - }, - "allowedSourceAddressPrefixes": { - "type": "array", - "description": "Mutually exclusive with the \"allowedSourceAddressPrefix\" parameter.", - "items": { - "type": "string", - "description": "IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\"." - } - }, - "maxRequestAccessDuration": { - "type": "string", - "description": "Maximum duration requests can be made for. In ISO 8601 duration format. Minimum 5 minutes, maximum 1 day" - } - }, - "required": [ - "maxRequestAccessDuration", - "number", - "protocol" - ] + "requests": { + "type": "array", + "items": { + "$ref": "#/definitions/JitNetworkAccessRequest" + } }, - "JitNetworkAccessRequest": { - "type": "object", - "properties": { - "virtualMachines": { - "type": "array", - "items": { - "$ref": "#/definitions/JitNetworkAccessRequestVirtualMachine" - } - }, - "startTimeUtc": { - "type": "string", - "format": "date-time", - "description": "The start time of the request in UTC" - }, - "requestor": { - "type": "string", - "description": "The identity of the person who made the request" - } - }, - "required": [ - "requestor", - "startTimeUtc", - "virtualMachines" - ] + "provisioningState": { + "type": "string", + "readOnly": true, + "description": "Gets the provisioning state of the Just-in-Time policy." + } + }, + "required": [ + "virtualMachines" + ] + }, + "JitNetworkAccessPolicyVirtualMachine": { + "type": "object", + "required": [ + "id", + "ports" + ], + "properties": { + "id": { + "type": "string", + "description": "Resource ID of the virtual machine that is linked to this policy" }, - "JitNetworkAccessRequestVirtualMachine": { - "type": "object", - "required": [ - "id", - "ports" - ], - "properties": { - "id": { - "type": "string", - "description": "Resource ID of the virtual machine that is linked to this policy" - }, - "ports": { - "type": "array", - "description": "The ports that were opened for the virtual machine", - "items": { - "$ref": "#/definitions/JitNetworkAccessRequestPort" - } - } - } + "ports": { + "type": "array", + "description": "Port configurations for the virtual machine", + "items": { + "$ref": "#/definitions/JitNetworkAccessPortRule" + } + } + } + }, + "JitNetworkAccessPortRule": { + "type": "object", + "properties": { + "number": { + "$ref": "#/definitions/PortNumber" }, - "JitNetworkAccessRequestPort": { - "type": "object", - "properties": { - "number": { - "$ref": "#/definitions/PortNumber" - }, - "allowedSourceAddressPrefix": { - "type": "string", - "description": "Mutually exclusive with the \"allowedSourceAddressPrefixes\" parameter. Should be an IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\"." - }, - "allowedSourceAddressPrefixes": { - "type": "array", - "description": "Mutually exclusive with the \"allowedSourceAddressPrefix\" parameter.", - "items": { - "description": "IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\".", - "type": "string" - } - }, - "endTimeUtc": { - "type": "string", - "format": "date-time", - "description": "The date & time at which the request ends in UTC" - }, - "status": { - "type": "string", - "description": "The status of the port", - "enum": [ - "Revoked", - "Initiated" - ], - "x-ms-enum": { - "name": "status", - "modelAsString": true, - "values": [ - { - "value": "Revoked" - }, - { - "value": "Initiated" - } - ] - } - }, - "statusReason": { - "type": "string", - "description": "A description of why the `status` has its value", - "enum": [ - "Expired", - "UserRequested", - "NewerRequestInitiated" - ], - "x-ms-enum": { - "name": "statusReason", - "modelAsString": true, - "values": [ - { - "value": "Expired" - }, - { - "value": "UserRequested" - }, - { - "value": "NewerRequestInitiated" - } - ] - } - } - }, - "required": [ - "endTimeUtc", - "number", - "status", - "statusReason" + "protocol": { + "type": "string", + "enum": [ + "TCP", + "UDP", + "*" + ], + "x-ms-enum": { + "name": "protocol", + "modelAsString": true, + "values": [ + { + "value": "TCP" + }, + { + "value": "UDP" + }, + { + "value": "*", + "name": "All" + } ] + } }, - "JitNetworkAccessPolicyInitiateRequest": { - "type": "object", - "properties": { - "virtualMachines": { - "type": "array", - "description": "A list of virtual machines & ports to open access for", - "items": { - "$ref": "#/definitions/JitNetworkAccessPolicyInitiateVirtualMachine" - } - } - }, - "required": [ - "virtualMachines" - ] + "allowedSourceAddressPrefix": { + "type": "string", + "description": "Mutually exclusive with the \"allowedSourceAddressPrefixes\" parameter. Should be an IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\"." + }, + "allowedSourceAddressPrefixes": { + "type": "array", + "description": "Mutually exclusive with the \"allowedSourceAddressPrefix\" parameter.", + "items": { + "type": "string", + "description": "IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\"." + } + }, + "maxRequestAccessDuration": { + "type": "string", + "description": "Maximum duration requests can be made for. In ISO 8601 duration format. Minimum 5 minutes, maximum 1 day" + } + }, + "required": [ + "maxRequestAccessDuration", + "number", + "protocol" + ] + }, + "JitNetworkAccessRequest": { + "type": "object", + "properties": { + "virtualMachines": { + "type": "array", + "items": { + "$ref": "#/definitions/JitNetworkAccessRequestVirtualMachine" + } + }, + "startTimeUtc": { + "type": "string", + "format": "date-time", + "description": "The start time of the request in UTC" }, - "JitNetworkAccessPolicyInitiateVirtualMachine": { - "type": "object", - "properties": { - "id": { - "type": "string", - "description": "Resource ID of the virtual machine that is linked to this policy" - }, - "ports": { - "type": "array", - "description": "The ports to open for the resource with the `id`", - "items": { - "$ref": "#/definitions/JitNetworkAccessPolicyInitiatePort" - } - } - }, - "required": [ - "id", - "ports" + "requestor": { + "type": "string", + "description": "The identity of the person who made the request" + } + }, + "required": [ + "requestor", + "startTimeUtc", + "virtualMachines" + ] + }, + "JitNetworkAccessRequestVirtualMachine": { + "type": "object", + "required": [ + "id", + "ports" + ], + "properties": { + "id": { + "type": "string", + "description": "Resource ID of the virtual machine that is linked to this policy" + }, + "ports": { + "type": "array", + "description": "The ports that were opened for the virtual machine", + "items": { + "$ref": "#/definitions/JitNetworkAccessRequestPort" + } + } + } + }, + "JitNetworkAccessRequestPort": { + "type": "object", + "properties": { + "number": { + "$ref": "#/definitions/PortNumber" + }, + "allowedSourceAddressPrefix": { + "type": "string", + "description": "Mutually exclusive with the \"allowedSourceAddressPrefixes\" parameter. Should be an IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\"." + }, + "allowedSourceAddressPrefixes": { + "type": "array", + "description": "Mutually exclusive with the \"allowedSourceAddressPrefix\" parameter.", + "items": { + "description": "IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\".", + "type": "string" + } + }, + "endTimeUtc": { + "type": "string", + "format": "date-time", + "description": "The date & time at which the request ends in UTC" + }, + "status": { + "type": "string", + "description": "The status of the port", + "enum": [ + "Revoked", + "Initiated" + ], + "x-ms-enum": { + "name": "status", + "modelAsString": true, + "values": [ + { + "value": "Revoked" + }, + { + "value": "Initiated" + } ] + } }, - "JitNetworkAccessPolicyInitiatePort": { - "type": "object", - "properties": { - "number": { - "$ref": "#/definitions/PortNumber" - }, - "allowedSourceAddressPrefix": { - "type": "string", - "description": "Source of the allowed traffic. If omitted, the request will be for the source IP address of the initiate request." - }, - "endTimeUtc": { - "type": "string", - "format": "date-time", - "description": "The time to close the request in UTC" - } - }, - "required": [ - "endTimeUtc", - "number" + "statusReason": { + "type": "string", + "description": "A description of why the `status` has its value", + "enum": [ + "Expired", + "UserRequested", + "NewerRequestInitiated" + ], + "x-ms-enum": { + "name": "statusReason", + "modelAsString": true, + "values": [ + { + "value": "Expired" + }, + { + "value": "UserRequested" + }, + { + "value": "NewerRequestInitiated" + } ] + } + } + }, + "required": [ + "endTimeUtc", + "number", + "status", + "statusReason" + ] + }, + "JitNetworkAccessPolicyInitiateRequest": { + "type": "object", + "properties": { + "virtualMachines": { + "type": "array", + "description": "A list of virtual machines & ports to open access for", + "items": { + "$ref": "#/definitions/JitNetworkAccessPolicyInitiateVirtualMachine" + } + } + }, + "required": [ + "virtualMachines" + ] + }, + "JitNetworkAccessPolicyInitiateVirtualMachine": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Resource ID of the virtual machine that is linked to this policy" }, - "PortNumber": { - "type": "integer", - "minimum": 0, - "maximum": 65535 + "ports": { + "type": "array", + "description": "The ports to open for the resource with the `id`", + "items": { + "$ref": "#/definitions/JitNetworkAccessPolicyInitiatePort" + } } + }, + "required": [ + "id", + "ports" + ] }, - "parameters": { - "JitNetworkAccessPolicyName": { - "name": "jitNetworkAccessPolicyName", - "type": "string", - "in": "path", - "required": true, - "description": "Name of a Just-in-Time access configuration policy.", - "x-ms-parameter-location": "method" + "JitNetworkAccessPolicyInitiatePort": { + "type": "object", + "properties": { + "number": { + "$ref": "#/definitions/PortNumber" }, - "JitNetworkAccessPolicyInitiateType": { - "name": "jitNetworkAccessPolicyInitiateType", - "type": "string", - "in": "path", - "required": true, - "description": "Type of the action to do on the Just-in-Time access policy.", - "enum": [ - "initiate" - ], - "x-ms-parameter-location": "method" - }, - "JitNetworkAccessPolicyInitiateRequest": { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/JitNetworkAccessPolicyInitiateRequest" - }, - "x-ms-parameter-location": "method" - }, - "JitNetworkAccessPolicy": { - "name": "body", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/JitNetworkAccessPolicy" - }, - "x-ms-parameter-location": "method" + "allowedSourceAddressPrefix": { + "type": "string", + "description": "Source of the allowed traffic. If omitted, the request will be for the source IP address of the initiate request." + }, + "endTimeUtc": { + "type": "string", + "format": "date-time", + "description": "The time to close the request in UTC" } + }, + "required": [ + "endTimeUtc", + "number" + ] + }, + "PortNumber": { + "type": "integer", + "minimum": 0, + "maximum": 65535 + } + }, + "parameters": { + "JitNetworkAccessPolicyName": { + "name": "jitNetworkAccessPolicyName", + "type": "string", + "in": "path", + "required": true, + "description": "Name of a Just-in-Time access configuration policy.", + "x-ms-parameter-location": "method" + }, + "JitNetworkAccessPolicyInitiateType": { + "name": "jitNetworkAccessPolicyInitiateType", + "type": "string", + "in": "path", + "required": true, + "description": "Type of the action to do on the Just-in-Time access policy.", + "enum": [ + "initiate" + ], + "x-ms-parameter-location": "method" + }, + "JitNetworkAccessPolicyInitiateRequest": { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/JitNetworkAccessPolicyInitiateRequest" + }, + "x-ms-parameter-location": "method" + }, + "JitNetworkAccessPolicy": { + "name": "body", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/JitNetworkAccessPolicy" + }, + "x-ms-parameter-location": "method" } + } } diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/locations.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/locations.json index c32b84558b91..e167c3b0ee69 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/locations.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/locations.json @@ -6,12 +6,20 @@ "version": "2015-06-01-preview" }, "host": "management.azure.com", - "schemes": ["https"], - "consumes": ["application/json"], - "produces": ["application/json"], + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], "security": [ { - "azure_auth": ["user_impersonation"] + "azure_auth": [ + "user_impersonation" + ] } ], "securityDefinitions": { @@ -33,7 +41,9 @@ "$ref": "./examples/Locations/GetLocations_example.json" } }, - "tags": ["Locations"], + "tags": [ + "Locations" + ], "description": "The location of the responsible ASC of the specific subscription (home region). For each subscription there is only one responsible location. The location in the response should be used to read or write other resources in ASC according to their ID.", "operationId": "Locations_List", "parameters": [ @@ -70,7 +80,9 @@ "$ref": "./examples/Locations/GetLocation_example.json" } }, - "tags": ["Locations"], + "tags": [ + "Locations" + ], "description": "Details of a specific location", "operationId": "Locations_Get", "parameters": [ diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/operations.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/operations.json index f07469d4c4c4..a3e2fe22f0da 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/operations.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/operations.json @@ -1,134 +1,134 @@ { - "swagger": "2.0", - "info": { - "title": "Security Center", - "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", - "version": "2015-06-01-preview" - }, - "host": "management.azure.com", - "schemes": [ - "https" - ], - "consumes": [ - "application/json" - ], - "produces": [ - "application/json" - ], - "security": [ - { - "azure_auth": [ - "user_impersonation" - ] - } - ], - "securityDefinitions": { - "azure_auth": { - "type": "oauth2", - "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", - "flow": "implicit", - "description": "Azure Active Directory OAuth2 Flow", - "scopes": { - "user_impersonation": "impersonate your user account" + "swagger": "2.0", + "info": { + "title": "Security Center", + "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", + "version": "2015-06-01-preview" + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/providers/Microsoft.Security/operations": { + "get": { + "tags": [ + "Operations" + ], + "description": "Exposes all available operations for discovery purposes.", + "operationId": "Operations_List", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/OperationList" } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + } + }, + "definitions": { + "OperationList": { + "type": "object", + "description": "List of possible operations for Microsoft.Security resource provider", + "properties": { + "value": { + "type": "array", + "description": "List of Security operations", + "items": { + "$ref": "#/definitions/Operation" + } + }, + "nextLink": { + "readOnly": true, + "type": "string", + "description": "The URI to fetch the next page." } + } }, - "paths": { - "/providers/Microsoft.Security/operations": { - "get": { - "tags": [ - "Operations" - ], - "description": "Exposes all available operations for discovery purposes.", - "operationId": "Operations_List", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/OperationList" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - } - } + "Operation": { + "type": "object", + "description": "Possible operation in the REST API of Microsoft.Security", + "properties": { + "name": { + "readOnly": true, + "type": "string", + "description": "Name of the operation" + }, + "origin": { + "readOnly": true, + "type": "string", + "description": "Where the operation is originated" + }, + "display": { + "$ref": "#/definitions/OperationDisplay" } + } }, - "definitions": { - "OperationList": { - "type": "object", - "description": "List of possible operations for Microsoft.Security resource provider", - "properties": { - "value": { - "type": "array", - "description": "List of Security operations", - "items": { - "$ref": "#/definitions/Operation" - } - }, - "nextLink": { - "readOnly": true, - "type": "string", - "description": "The URI to fetch the next page." - } - } + "OperationDisplay": { + "type": "object", + "description": "Security operation display", + "properties": { + "provider": { + "readOnly": true, + "type": "string", + "description": "The resource provider for the operation." }, - "Operation": { - "type": "object", - "description": "Possible operation in the REST API of Microsoft.Security", - "properties": { - "name": { - "readOnly": true, - "type": "string", - "description": "Name of the operation" - }, - "origin": { - "readOnly": true, - "type": "string", - "description": "Where the operation is originated" - }, - "display": { - "$ref": "#/definitions/OperationDisplay" - } - } + "resource": { + "readOnly": true, + "type": "string", + "description": "The display name of the resource the operation applies to." }, - "OperationDisplay": { - "type": "object", - "description": "Security operation display", - "properties": { - "provider": { - "readOnly": true, - "type": "string", - "description": "The resource provider for the operation." - }, - "resource": { - "readOnly": true, - "type": "string", - "description": "The display name of the resource the operation applies to." - }, - "operation": { - "readOnly": true, - "type": "string", - "description": "The display name of the security operation." - }, - "description": { - "readOnly": true, - "type": "string", - "description": "The description of the operation." - } - } + "operation": { + "readOnly": true, + "type": "string", + "description": "The display name of the security operation." + }, + "description": { + "readOnly": true, + "type": "string", + "description": "The description of the operation." } + } } + } } diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/tasks.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/tasks.json index 39e87490b284..2b746c6cf688 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/tasks.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/tasks.json @@ -6,12 +6,20 @@ "version": "2015-06-01-preview" }, "host": "management.azure.com", - "schemes": ["https"], - "consumes": ["application/json"], - "produces": ["application/json"], + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], "security": [ { - "azure_auth": ["user_impersonation"] + "azure_auth": [ + "user_impersonation" + ] } ], "securityDefinitions": { @@ -33,7 +41,9 @@ "$ref": "./examples/Tasks/GetTasksSubscription_example.json" } }, - "tags": ["Tasks"], + "tags": [ + "Tasks" + ], "description": "Recommended tasks that will help improve the security of the subscription proactively", "operationId": "Tasks_List", "parameters": [ @@ -73,7 +83,9 @@ "$ref": "./examples/Tasks/GetTasksSubscriptionLocation_example.json" } }, - "tags": ["Tasks"], + "tags": [ + "Tasks" + ], "description": "Recommended tasks that will help improve the security of the subscription proactively", "operationId": "Tasks_ListByHomeRegion", "parameters": [ @@ -116,7 +128,9 @@ "$ref": "./examples/Tasks/GetTaskSubscriptionLocation_example.json" } }, - "tags": ["Tasks"], + "tags": [ + "Tasks" + ], "description": "Recommended tasks that will help improve the security of the subscription proactively", "operationId": "Tasks_GetSubscriptionLevelTask", "parameters": [ @@ -156,7 +170,9 @@ "$ref": "./examples/Tasks/UpdateTaskSubscriptionLocation_example.json" } }, - "tags": ["Tasks"], + "tags": [ + "Tasks" + ], "description": "Recommended tasks that will help improve the security of the subscription proactively", "operationId": "Tasks_UpdateSubscriptionLevelTaskState", "parameters": [ @@ -196,7 +212,9 @@ "$ref": "./examples/Tasks/GetTasksResourceGroupLocation_example.json" } }, - "tags": ["Tasks"], + "tags": [ + "Tasks" + ], "description": "Recommended tasks that will help improve the security of the subscription proactively", "operationId": "Tasks_ListByResourceGroup", "parameters": [ @@ -242,7 +260,9 @@ "$ref": "./examples/Tasks/GetTaskResourceGroupLocation_example.json" } }, - "tags": ["Tasks"], + "tags": [ + "Tasks" + ], "description": "Recommended tasks that will help improve the security of the subscription proactively", "operationId": "Tasks_GetResourceGroupLevelTask", "parameters": [ @@ -285,7 +305,9 @@ "$ref": "./examples/Tasks/UpdateTaskResourceGroupLocation_example.json" } }, - "tags": ["Tasks"], + "tags": [ + "Tasks" + ], "description": "Recommended tasks that will help improve the security of the subscription proactively", "operationId": "Tasks_UpdateResourceGroupLevelTaskState", "parameters": [ @@ -414,7 +436,13 @@ "in": "path", "required": true, "type": "string", - "enum": ["Activate", "Dismiss", "Start", "Resolve", "Close"], + "enum": [ + "Activate", + "Dismiss", + "Start", + "Resolve", + "Close" + ], "description": "Type of the action to do on the task", "x-ms-parameter-location": "method" } diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/topologies.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/topologies.json index 64219dd837a7..56981ad31aa8 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/topologies.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/topologies.json @@ -6,12 +6,20 @@ "version": "2015-06-01-preview" }, "host": "management.azure.com", - "schemes": ["https"], - "consumes": ["application/json"], - "produces": ["application/json"], + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], "security": [ { - "azure_auth": ["user_impersonation"] + "azure_auth": [ + "user_impersonation" + ] } ], "securityDefinitions": { @@ -33,7 +41,9 @@ "$ref": "./examples/Topology/GetTopologySubscription_example.json" } }, - "tags": ["Topology"], + "tags": [ + "Topology" + ], "description": "Gets a list that allows to build a topology view of a subscription.", "operationId": "Topology_List", "parameters": [ @@ -70,7 +80,9 @@ "$ref": "./examples/Topology/GetTopologySubscriptionLocation_example.json" } }, - "tags": ["Topology"], + "tags": [ + "Topology" + ], "description": "Gets a list that allows to build a topology view of a subscription and location.", "operationId": "Topology_ListByHomeRegion", "parameters": [ @@ -110,7 +122,9 @@ "$ref": "./examples/Topology/GetTopology_example.json" } }, - "tags": ["Topology"], + "tags": [ + "Topology" + ], "description": "Gets a specific topology component.", "operationId": "Topology_Get", "parameters": [ diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/advancedThreatProtectionSettings.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/advancedThreatProtectionSettings.json index 9b886f5575b5..3edc850335b6 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/advancedThreatProtectionSettings.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/advancedThreatProtectionSettings.json @@ -1,152 +1,166 @@ { - "swagger": "2.0", - "info": { - "title": "Security Center", - "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", - "version": "2017-08-01-preview" - }, - "host": "management.azure.com", - "schemes": ["https"], - "consumes": ["application/json"], - "produces": ["application/json"], - "security": [{ - "azure_auth": [ - "user_impersonation" - ] - }], - "securityDefinitions": { - "azure_auth": { - "type": "oauth2", - "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", - "flow": "implicit", - "description": "Azure Active Directory OAuth2 Flow", - "scopes": { - "user_impersonation": "impersonate your user account" - } - } - }, - "paths": { - "/{resourceId}/providers/Microsoft.Security/advancedThreatProtectionSettings/{settingName}": { - "get": { - "x-ms-examples": { - "Gets the Advanced Threat Protection settings for the specified resource.": { - "$ref": "./examples/AdvancedThreatProtection/GetAdvancedThreatProtectionSettings_example.json" - } - }, - "tags": [ "AdvancedThreatProtection" ], - "description": "Gets the Advanced Threat Protection settings for the specified resource.", - "operationId": "AdvancedThreatProtection_Get", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ResourceId" - }, - { - "$ref": "#/parameters/AdvancedThreatProtectionSettingName" - } - ], - "responses": { - "200": { - "description": "Successful request to get Advanced Threat Protection settings.", - "schema": { - "$ref": "#/definitions/AdvancedThreatProtectionSetting" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } + "swagger": "2.0", + "info": { + "title": "Security Center", + "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", + "version": "2017-08-01-preview" + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{resourceId}/providers/Microsoft.Security/advancedThreatProtectionSettings/{settingName}": { + "get": { + "x-ms-examples": { + "Gets the Advanced Threat Protection settings for the specified resource.": { + "$ref": "./examples/AdvancedThreatProtection/GetAdvancedThreatProtectionSettings_example.json" + } + }, + "tags": [ + "AdvancedThreatProtection" + ], + "description": "Gets the Advanced Threat Protection settings for the specified resource.", + "operationId": "AdvancedThreatProtection_Get", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ResourceId" + }, + { + "$ref": "#/parameters/AdvancedThreatProtectionSettingName" + } + ], + "responses": { + "200": { + "description": "Successful request to get Advanced Threat Protection settings.", + "schema": { + "$ref": "#/definitions/AdvancedThreatProtectionSetting" } }, - "put": { - "x-ms-examples": { - "Creates or updates the Advanced Threat Protection settings on a specified resource.": { - "$ref": "./examples/AdvancedThreatProtection/PutAdvancedThreatProtectionSettings_example.json" - } - }, - "tags": [ "AdvancedThreatProtection" ], - "description": "Creates or updates the Advanced Threat Protection settings on a specified resource.", - "operationId": "AdvancedThreatProtection_Create", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ResourceId" - }, - { - "$ref": "#/parameters/AdvancedThreatProtectionSettingName" - }, - { - "$ref": "#/parameters/AdvancedThreatProtectionSetting" - } - ], - "responses": { - "200": { - "description": "Successful request to put Advanced Threat Protection settings.", - "schema": { - "$ref": "#/definitions/AdvancedThreatProtectionSetting" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" } } } - }, - "definitions": { - "AdvancedThreatProtectionProperties": { - "properties": { - "isEnabled": { - "type": "boolean", - "description": "Indicates whether Advanced Threat Protection is enabled." - } - }, - "description": "The Advanced Threat Protection settings." + }, + "put": { + "x-ms-examples": { + "Creates or updates the Advanced Threat Protection settings on a specified resource.": { + "$ref": "./examples/AdvancedThreatProtection/PutAdvancedThreatProtectionSettings_example.json" + } }, - "AdvancedThreatProtectionSetting": { - "type": "object", - "allOf": [ - { - "$ref": "../../../common/v1/types.json#/definitions/Resource" - } - ], - "properties": { - "properties": { - "x-ms-client-flatten": true, - "$ref": "#/definitions/AdvancedThreatProtectionProperties" + "tags": [ + "AdvancedThreatProtection" + ], + "description": "Creates or updates the Advanced Threat Protection settings on a specified resource.", + "operationId": "AdvancedThreatProtection_Create", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ResourceId" + }, + { + "$ref": "#/parameters/AdvancedThreatProtectionSettingName" + }, + { + "$ref": "#/parameters/AdvancedThreatProtectionSetting" + } + ], + "responses": { + "200": { + "description": "Successful request to put Advanced Threat Protection settings.", + "schema": { + "$ref": "#/definitions/AdvancedThreatProtectionSetting" } }, - "description": "The Advanced Threat Protection resource." + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } + } } + } + } + }, + "definitions": { + "AdvancedThreatProtectionProperties": { + "properties": { + "isEnabled": { + "type": "boolean", + "description": "Indicates whether Advanced Threat Protection is enabled." + } + }, + "description": "The Advanced Threat Protection settings." }, - "parameters": { - "AdvancedThreatProtectionSettingName": { - "name": "settingName", - "in": "path", - "required": true, - "type": "string", - "enum": ["current"], - "description": "Advanced Threat Protection setting name.", - "x-ms-parameter-location": "method" - }, - "AdvancedThreatProtectionSetting": { - "name": "advancedThreatProtectionSetting", - "in": "body", - "required": true, - "description": "Advanced Threat Protection Settings", - "schema": { - "$ref": "#/definitions/AdvancedThreatProtectionSetting" - }, - "x-ms-parameter-location": "method" + "AdvancedThreatProtectionSetting": { + "type": "object", + "allOf": [ + { + "$ref": "../../../common/v1/types.json#/definitions/Resource" } + ], + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/AdvancedThreatProtectionProperties" + } + }, + "description": "The Advanced Threat Protection resource." + } + }, + "parameters": { + "AdvancedThreatProtectionSettingName": { + "name": "settingName", + "in": "path", + "required": true, + "type": "string", + "enum": [ + "current" + ], + "description": "Advanced Threat Protection setting name.", + "x-ms-parameter-location": "method" + }, + "AdvancedThreatProtectionSetting": { + "name": "advancedThreatProtectionSetting", + "in": "body", + "required": true, + "description": "Advanced Threat Protection Settings", + "schema": { + "$ref": "#/definitions/AdvancedThreatProtectionSetting" + }, + "x-ms-parameter-location": "method" } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/autoProvisioningSettings.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/autoProvisioningSettings.json index 2c9f0e7975fe..918725ad705d 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/autoProvisioningSettings.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/autoProvisioningSettings.json @@ -1,213 +1,243 @@ { - "swagger": "2.0", - "info": { - "title": "Security Center", - "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", - "version": "2017-08-01-preview" - }, - "host": "management.azure.com", - "schemes": ["https"], - "consumes": ["application/json"], - "produces": ["application/json"], - "security": [{ - "azure_auth": [ - "user_impersonation" - ] - }], - "securityDefinitions": { - "azure_auth": { - "type": "oauth2", - "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", - "flow": "implicit", - "description": "Azure Active Directory OAuth2 Flow", - "scopes": { - "user_impersonation": "impersonate your user account" + "swagger": "2.0", + "info": { + "title": "Security Center", + "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", + "version": "2017-08-01-preview" + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/autoProvisioningSettings": { + "get": { + "x-ms-examples": { + "Get auto provisioning settings for subscription": { + "$ref": "./examples/AutoProvisioningSettings/GetAutoProvisioningSettingsSubscription_example.json" + } + }, + "tags": [ + "AutoProvisioningSettings" + ], + "description": "Exposes the auto provisioning settings of the subscriptions", + "operationId": "AutoProvisioningSettings_List", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/AutoProvisioningSettingList" } - } - }, - "paths": { - "/subscriptions/{subscriptionId}/providers/Microsoft.Security/autoProvisioningSettings": { - "get": { - "x-ms-examples": { - "Get auto provisioning settings for subscription": { - "$ref": "./examples/AutoProvisioningSettings/GetAutoProvisioningSettingsSubscription_example.json" - } - }, - "tags": ["AutoProvisioningSettings"], - "description": "Exposes the auto provisioning settings of the subscriptions", - "operationId": "AutoProvisioningSettings_List", - "parameters": [{ - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AutoProvisioningSettingList" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" } + } }, - "/subscriptions/{subscriptionId}/providers/Microsoft.Security/autoProvisioningSettings/{settingName}": { - "get": { - "x-ms-examples": { - "Get an auto provisioning setting for subscription": { - "$ref": "./examples/AutoProvisioningSettings/GetAutoProvisioningSettingSubscription_example.json" - } - }, - "tags": ["AutoProvisioningSettings"], - "description": "Details of a specific setting", - "operationId": "AutoProvisioningSettings_Get", - "parameters": [{ - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, { - "$ref": "#/parameters/AutoProvisioningSettingName" - }], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AutoProvisioningSetting" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } - }, - "put": { - "x-ms-examples": { - "Create auto provisioning settings for subscription": { - "$ref": "./examples/AutoProvisioningSettings/CreateAutoProvisioningSettingsSubscription_example.json" - } - }, - "tags": ["AutoProvisioningSettings"], - "description": "Details of a specific setting", - "operationId": "AutoProvisioningSettings_Create", - "parameters": [{ - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, { - "$ref": "#/parameters/AutoProvisioningSettingName" - }, { - "$ref": "#/parameters/AutoProvisioningSetting" - }], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AutoProvisioningSetting" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } - } + "x-ms-pageable": { + "nextLinkName": "nextLink" } + } }, - "definitions": { - "AutoProvisioningSettingList": { - "type": "object", - "description": "List of all the auto provisioning settings response", - "properties": { - "value": { - "description": "List of all the auto provisioning settings", - "type": "array", - "items": { - "$ref": "#/definitions/AutoProvisioningSetting" - } - }, - "nextLink": { - "readOnly": true, - "type": "string", - "description": "The URI to fetch the next page." - } + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/autoProvisioningSettings/{settingName}": { + "get": { + "x-ms-examples": { + "Get an auto provisioning setting for subscription": { + "$ref": "./examples/AutoProvisioningSettings/GetAutoProvisioningSettingSubscription_example.json" + } + }, + "tags": [ + "AutoProvisioningSettings" + ], + "description": "Details of a specific setting", + "operationId": "AutoProvisioningSettings_Get", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "#/parameters/AutoProvisioningSettingName" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/AutoProvisioningSetting" } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } + } + } + }, + "put": { + "x-ms-examples": { + "Create auto provisioning settings for subscription": { + "$ref": "./examples/AutoProvisioningSettings/CreateAutoProvisioningSettingsSubscription_example.json" + } }, - "AutoProvisioningSetting": { - "type": "object", - "description": "Auto provisioning setting", - "properties": { - "properties": { - "x-ms-client-flatten": true, - "description": "Auto provisioning setting data", - "$ref": "#/definitions/AutoProvisioningSettingProperties" - } - }, - "allOf": [{ - "$ref": "../../../common/v1/types.json#/definitions/Resource" - }] + "tags": [ + "AutoProvisioningSettings" + ], + "description": "Details of a specific setting", + "operationId": "AutoProvisioningSettings_Create", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "#/parameters/AutoProvisioningSettingName" + }, + { + "$ref": "#/parameters/AutoProvisioningSetting" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/AutoProvisioningSetting" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } + } + } + } + } + }, + "definitions": { + "AutoProvisioningSettingList": { + "type": "object", + "description": "List of all the auto provisioning settings response", + "properties": { + "value": { + "description": "List of all the auto provisioning settings", + "type": "array", + "items": { + "$ref": "#/definitions/AutoProvisioningSetting" + } }, - "AutoProvisioningSettingProperties": { - "type": "object", - "description": "describes properties of an auto provisioning setting", - "properties": { - "autoProvision": { - "type": "string", - "description": "Describes what kind of security agent provisioning action to take", - "enum": ["On", "Off"], - "x-ms-enum": { - "name": "autoProvision", - "modelAsString": true, - "values": [{ - "value": "On", - "description": "Install missing security agent on VMs automatically" - }, - { - "value": "Off", - "description": "Do not install security agent on the VMs automatically" - } - ] - } - } - }, - "required": [ - "autoProvision" - ] + "nextLink": { + "readOnly": true, + "type": "string", + "description": "The URI to fetch the next page." } + } }, - "parameters": { - "AutoProvisioningSettingName": { - "name": "settingName", - "in": "path", - "required": true, - "type": "string", - "description": "Auto provisioning setting key", - "x-ms-parameter-location": "method" - }, - "AutoProvisioningSetting": { - "name": "setting", - "in": "body", - "required": true, - "description": "Auto provisioning setting key", - "schema": { - "$ref": "#/definitions/AutoProvisioningSetting" - }, - "x-ms-parameter-location": "method" + "AutoProvisioningSetting": { + "type": "object", + "description": "Auto provisioning setting", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "description": "Auto provisioning setting data", + "$ref": "#/definitions/AutoProvisioningSettingProperties" + } + }, + "allOf": [ + { + "$ref": "../../../common/v1/types.json#/definitions/Resource" } + ] + }, + "AutoProvisioningSettingProperties": { + "type": "object", + "description": "describes properties of an auto provisioning setting", + "properties": { + "autoProvision": { + "type": "string", + "description": "Describes what kind of security agent provisioning action to take", + "enum": [ + "On", + "Off" + ], + "x-ms-enum": { + "name": "autoProvision", + "modelAsString": true, + "values": [ + { + "value": "On", + "description": "Install missing security agent on VMs automatically" + }, + { + "value": "Off", + "description": "Do not install security agent on the VMs automatically" + } + ] + } + } + }, + "required": [ + "autoProvision" + ] + } + }, + "parameters": { + "AutoProvisioningSettingName": { + "name": "settingName", + "in": "path", + "required": true, + "type": "string", + "description": "Auto provisioning setting key", + "x-ms-parameter-location": "method" + }, + "AutoProvisioningSetting": { + "name": "setting", + "in": "body", + "required": true, + "description": "Auto provisioning setting key", + "schema": { + "$ref": "#/definitions/AutoProvisioningSetting" + }, + "x-ms-parameter-location": "method" } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/compliances.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/compliances.json index cd7cc519040e..4dab00543160 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/compliances.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/compliances.json @@ -1,190 +1,206 @@ { - "swagger": "2.0", - "info": { - "title": "Security Center", - "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", - "version": "2017-08-01-preview" - }, - "host": "management.azure.com", - "schemes": ["https"], - "consumes": ["application/json"], - "produces": ["application/json"], - "security": [{ - "azure_auth": [ - "user_impersonation" - ] - }], - "securityDefinitions": { - "azure_auth": { - "type": "oauth2", - "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", - "flow": "implicit", - "description": "Azure Active Directory OAuth2 Flow", - "scopes": { - "user_impersonation": "impersonate your user account" + "swagger": "2.0", + "info": { + "title": "Security Center", + "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", + "version": "2017-08-01-preview" + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Security/compliances": { + "get": { + "x-ms-examples": { + "Get security compliance data over time": { + "$ref": "./examples/Compliances/GetCompliances_example.json" + } + }, + "tags": [ + "Compliances" + ], + "description": "The Compliance scores of the specific management group.", + "operationId": "Compliances_List", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/Scope" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/ComplianceList" } - } - }, - "paths": { - "/{scope}/providers/Microsoft.Security/compliances": { - "get": { - "x-ms-examples": { - "Get security compliance data over time": { - "$ref": "./examples/Compliances/GetCompliances_example.json" - } - }, - "tags": ["Compliances"], - "description": "The Compliance scores of the specific management group.", - "operationId": "Compliances_List", - "parameters": [{ - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/Scope" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/ComplianceList" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" } + } }, - "/{scope}/providers/Microsoft.Security/compliances/{complianceName}": { - "get": { - "x-ms-examples": { - "Get security compliance data for a day": { - "$ref": "./examples/Compliances/GetCompliance_example.json" - } - }, - "tags": ["Compliances"], - "description": "Details of a specific Compliance.", - "operationId": "Compliances_Get", - "parameters": [{ - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/Scope" - }, - { - "$ref": "#/parameters/ComplianceName" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/Compliance" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } - } + "x-ms-pageable": { + "nextLinkName": "nextLink" } + } }, - "definitions": { - "ComplianceList": { - "type": "object", - "readOnly": true, - "description": "List of Compliance objects response", - "properties": { - "value": { - "type": "array", - "description": "List of Compliance objects", - "items": { - "$ref": "#/definitions/Compliance" - } - }, - "nextLink": { - "readOnly": true, - "type": "string", - "description": "The URI to fetch the next page." - } + "/{scope}/providers/Microsoft.Security/compliances/{complianceName}": { + "get": { + "x-ms-examples": { + "Get security compliance data for a day": { + "$ref": "./examples/Compliances/GetCompliance_example.json" + } + }, + "tags": [ + "Compliances" + ], + "description": "Details of a specific Compliance.", + "operationId": "Compliances_Get", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/Scope" + }, + { + "$ref": "#/parameters/ComplianceName" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/Compliance" } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } + } + } + } + } + }, + "definitions": { + "ComplianceList": { + "type": "object", + "readOnly": true, + "description": "List of Compliance objects response", + "properties": { + "value": { + "type": "array", + "description": "List of Compliance objects", + "items": { + "$ref": "#/definitions/Compliance" + } }, - "Compliance": { - "type": "object", - "readOnly": true, - "description": "Compliance of a scope", - "properties": { - "properties": { - "x-ms-client-flatten": true, - "description": "Compliance data", - "$ref": "#/definitions/ComplianceProperties" - } - }, - "allOf": [{ - "$ref": "../../../common/v1/types.json#/definitions/Resource" - }] + "nextLink": { + "readOnly": true, + "type": "string", + "description": "The URI to fetch the next page." + } + } + }, + "Compliance": { + "type": "object", + "readOnly": true, + "description": "Compliance of a scope", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "description": "Compliance data", + "$ref": "#/definitions/ComplianceProperties" + } + }, + "allOf": [ + { + "$ref": "../../../common/v1/types.json#/definitions/Resource" + } + ] + }, + "ComplianceProperties": { + "type": "object", + "description": "The Compliance score (percentage) of a Subscription is a sum of all Resources' Compliances under the given Subscription. A Resource Compliance is defined as the compliant ('healthy') Policy Definitions out of all Policy Definitions applicable to a given resource.", + "properties": { + "assessmentTimestampUtcDate": { + "readOnly": true, + "type": "string", + "format": "date-time", + "description": "The timestamp when the Compliance calculation was conducted." }, - "ComplianceProperties": { - "type": "object", - "description": "The Compliance score (percentage) of a Subscription is a sum of all Resources' Compliances under the given Subscription. A Resource Compliance is defined as the compliant ('healthy') Policy Definitions out of all Policy Definitions applicable to a given resource.", - "properties": { - "assessmentTimestampUtcDate": { - "readOnly": true, - "type": "string", - "format": "date-time", - "description": "The timestamp when the Compliance calculation was conducted." - }, - "resourceCount": { - "readOnly": true, - "type": "integer", - "description": "The resource count of the given subscription for which the Compliance calculation was conducted (needed for Management Group Compliance calculation)." - }, - "assessmentResult": { - "readOnly": true, - "type": "array", - "items": { - "$ref": "#/definitions/ComplianceSegment" - }, - "description": "An array of segment, which is the actually the compliance assessment." - } - } + "resourceCount": { + "readOnly": true, + "type": "integer", + "description": "The resource count of the given subscription for which the Compliance calculation was conducted (needed for Management Group Compliance calculation)." }, - "ComplianceSegment": { - "type": "object", - "description": "A segment of a compliance assessment.", - "properties": { - "segmentType": { - "readOnly": true, - "type": "string", - "description": "The segment type, e.g. compliant, non-compliance, insufficient coverage, N/A, etc." - }, - "percentage": { - "type": "number", - "format": "double", - "readOnly": true, - "description": "The size (%) of the segment." - } - } + "assessmentResult": { + "readOnly": true, + "type": "array", + "items": { + "$ref": "#/definitions/ComplianceSegment" + }, + "description": "An array of segment, which is the actually the compliance assessment." } + } }, - "parameters": { - "ComplianceName": { - "name": "complianceName", - "in": "path", - "required": true, - "type": "string", - "description": "name of the Compliance", - "x-ms-parameter-location": "method" + "ComplianceSegment": { + "type": "object", + "description": "A segment of a compliance assessment.", + "properties": { + "segmentType": { + "readOnly": true, + "type": "string", + "description": "The segment type, e.g. compliant, non-compliance, insufficient coverage, N/A, etc." + }, + "percentage": { + "type": "number", + "format": "double", + "readOnly": true, + "description": "The size (%) of the segment." } + } + } + }, + "parameters": { + "ComplianceName": { + "name": "complianceName", + "in": "path", + "required": true, + "type": "string", + "description": "name of the Compliance", + "x-ms-parameter-location": "method" } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/deviceSecurityGroups.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/deviceSecurityGroups.json index a4c5eda9f087..fd08950135a9 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/deviceSecurityGroups.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/deviceSecurityGroups.json @@ -1,513 +1,562 @@ { - "swagger": "2.0", - "info": { - "title": "Security Center", - "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", - "version": "2017-08-01-preview" - }, - "host": "management.azure.com", - "schemes": ["https"], - "consumes": ["application/json"], - "produces": ["application/json"], - "security": [{ - "azure_auth": [ - "user_impersonation" - ] - }], - "securityDefinitions": { - "azure_auth": { - "type": "oauth2", - "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", - "flow": "implicit", - "description": "Azure Active Directory OAuth2 Flow", - "scopes": { - "user_impersonation": "impersonate your user account" + "swagger": "2.0", + "info": { + "title": "Security Center", + "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", + "version": "2017-08-01-preview" + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{resourceId}/providers/Microsoft.Security/deviceSecurityGroups": { + "get": { + "x-ms-examples": { + "List all device security groups for the specified IoT hub resource": { + "$ref": "./examples/DeviceSecurityGroups/ListDeviceSecurityGroups_example.json" + } + }, + "tags": [ + "DeviceSecurityGroups" + ], + "description": "Gets the list of device security groups for the specified IoT hub resource.", + "operationId": "DeviceSecurityGroups_List", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ResourceId" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/DeviceSecurityGroupList" } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" } + } }, - "paths": { - "/{resourceId}/providers/Microsoft.Security/deviceSecurityGroups": { - "get": { - "x-ms-examples": { - "List all device security groups for the specified IoT hub resource": { - "$ref": "./examples/DeviceSecurityGroups/ListDeviceSecurityGroups_example.json" - } - }, - "tags": ["DeviceSecurityGroups"], - "description": "Gets the list of device security groups for the specified IoT hub resource.", - "operationId": "DeviceSecurityGroups_List", - "parameters": [{ - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ResourceId" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/DeviceSecurityGroupList" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - } + "/{resourceId}/providers/Microsoft.Security/deviceSecurityGroups/{deviceSecurityGroupName}": { + "get": { + "x-ms-examples": { + "Get an device security group for the specified IoT hub resource": { + "$ref": "./examples/DeviceSecurityGroups/GetDeviceSecurityGroups_example.json" + } + }, + "tags": [ + "DeviceSecurityGroups" + ], + "description": "Gets the device security group for the specified IoT hub resource.", + "operationId": "DeviceSecurityGroups_Get", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ResourceId" + }, + { + "$ref": "#/parameters/DeviceSecurityGroupName" + } + ], + "responses": { + "200": { + "description": "Successful request to get security group.", + "schema": { + "$ref": "#/definitions/DeviceSecurityGroup" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" } + } + } + }, + "put": { + "x-ms-examples": { + "Create or update a device security group for the specified IoT hub resource": { + "$ref": "./examples/DeviceSecurityGroups/PutDeviceSecurityGroups_example.json" + } }, - "/{resourceId}/providers/Microsoft.Security/deviceSecurityGroups/{deviceSecurityGroupName}": { - "get": { - "x-ms-examples": { - "Get an device security group for the specified IoT hub resource": { - "$ref": "./examples/DeviceSecurityGroups/GetDeviceSecurityGroups_example.json" - } - }, - "tags": [ "DeviceSecurityGroups" ], - "description": "Gets the device security group for the specified IoT hub resource.", - "operationId": "DeviceSecurityGroups_Get", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ResourceId" - }, - { - "$ref": "#/parameters/DeviceSecurityGroupName" - } - ], - "responses": { - "200": { - "description": "Successful request to get security group.", - "schema": { - "$ref": "#/definitions/DeviceSecurityGroup" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } - }, - "put": { - "x-ms-examples": { - "Create or update a device security group for the specified IoT hub resource": { - "$ref": "./examples/DeviceSecurityGroups/PutDeviceSecurityGroups_example.json" - } - }, - "tags": [ "DeviceSecurityGroups" ], - "description": "Creates or updates the device security group on a specified IoT hub resource.", - "operationId": "DeviceSecurityGroups_CreateOrUpdate", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ResourceId" - }, - { - "$ref": "#/parameters/DeviceSecurityGroupName" - }, - { - "$ref": "#/parameters/DeviceSecurityGroup" - } - ], - "responses": { - "200": { - "description": "Security group was updated", - "schema": { - "$ref": "#/definitions/DeviceSecurityGroup" - } - }, - "201": { - "description": "Security group was created", - "schema": { - "$ref": "#/definitions/DeviceSecurityGroup" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } - }, - "delete": { - "x-ms-examples": { - "Delete a device security group for the specified IoT hub resource": { - "$ref": "./examples/DeviceSecurityGroups/DeleteDeviceSecurityGroups_example.json" - } - }, - "tags": ["DeviceSecurityGroups"], - "description": "Deletes the security group", - "operationId": "DeviceSecurityGroups_Delete", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ResourceId" - }, - { - "$ref": "#/parameters/DeviceSecurityGroupName" - } - ], - "responses": { - "200": { - "description": "Device security group has been deleted." - }, - "204": { - "description": "Device security group does not exist." - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } + "tags": [ + "DeviceSecurityGroups" + ], + "description": "Creates or updates the device security group on a specified IoT hub resource.", + "operationId": "DeviceSecurityGroups_CreateOrUpdate", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ResourceId" + }, + { + "$ref": "#/parameters/DeviceSecurityGroupName" + }, + { + "$ref": "#/parameters/DeviceSecurityGroup" + } + ], + "responses": { + "200": { + "description": "Security group was updated", + "schema": { + "$ref": "#/definitions/DeviceSecurityGroup" + } + }, + "201": { + "description": "Security group was created", + "schema": { + "$ref": "#/definitions/DeviceSecurityGroup" } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } + } } - }, - "definitions": { - "DeviceSecurityGroupList": { - "type": "object", - "readOnly": true, - "description": "List of device security groups", - "properties": { - "value": { - "type": "array", - "description": "List of device security group objects", - "items": { - "$ref": "#/definitions/DeviceSecurityGroup" - } - }, - "nextLink": { - "readOnly": true, - "type": "string", - "description": "The URI to fetch the next page." - } + }, + "delete": { + "x-ms-examples": { + "Delete a device security group for the specified IoT hub resource": { + "$ref": "./examples/DeviceSecurityGroups/DeleteDeviceSecurityGroups_example.json" + } + }, + "tags": [ + "DeviceSecurityGroups" + ], + "description": "Deletes the security group", + "operationId": "DeviceSecurityGroups_Delete", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ResourceId" + }, + { + "$ref": "#/parameters/DeviceSecurityGroupName" + } + ], + "responses": { + "200": { + "description": "Device security group has been deleted." + }, + "204": { + "description": "Device security group does not exist." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" } + } + } + } + } + }, + "definitions": { + "DeviceSecurityGroupList": { + "type": "object", + "readOnly": true, + "description": "List of device security groups", + "properties": { + "value": { + "type": "array", + "description": "List of device security group objects", + "items": { + "$ref": "#/definitions/DeviceSecurityGroup" + } }, - "DeviceSecurityGroup": { + "nextLink": { + "readOnly": true, + "type": "string", + "description": "The URI to fetch the next page." + } + } + }, + "DeviceSecurityGroup": { + "type": "object", + "description": "The device security group resource", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "description": "Device Security group data", + "$ref": "#/definitions/DeviceSecurityGroupProperties" + } + }, + "allOf": [ + { + "$ref": "../../../common/v1/types.json#/definitions/Resource" + } + ] + }, + "DeviceSecurityGroupProperties": { + "type": "object", + "description": "describes properties of a security group.", + "properties": { + "thresholdRules": { + "type": "array", + "description": "A list of threshold custom alert rules.", + "items": { "type": "object", - "description": "The device security group resource", - "properties": { - "properties": { - "x-ms-client-flatten": true, - "description": "Device Security group data", - "$ref": "#/definitions/DeviceSecurityGroupProperties" - } - }, - "allOf": [{ - "$ref": "../../../common/v1/types.json#/definitions/Resource" - } - ] + "$ref": "#/definitions/ThresholdCustomAlertRule" + } }, - "DeviceSecurityGroupProperties": { + "timeWindowRules": { + "type": "array", + "description": "A list of time window custom alert rules.", + "items": { "type": "object", - "description": "describes properties of a security group.", - "properties": { - "thresholdRules": { - "type": "array", - "description": "A list of threshold custom alert rules.", - "items": { - "type": "object", - "$ref": "#/definitions/ThresholdCustomAlertRule" - } - }, - "timeWindowRules": { - "type": "array", - "description": "A list of time window custom alert rules.", - "items": { - "type": "object", - "$ref": "#/definitions/TimeWindowCustomAlertRule" - } - }, - "allowlistRules": { - "type": "array", - "description": "A list of allow-list custom alert rules.", - "items": { - "type": "object", - "$ref": "#/definitions/AllowlistCustomAlertRule" - } - }, - "denylistRules": { - "type": "array", - "description": "A list of deny-list custom alert rules.", - "items": { - "type": "object", - "$ref": "#/definitions/DenylistCustomAlertRule" - } - } - } + "$ref": "#/definitions/TimeWindowCustomAlertRule" + } }, - "CustomAlertRule": { + "allowlistRules": { + "type": "array", + "description": "A list of allow-list custom alert rules.", + "items": { "type": "object", - "description": "A custom alert rule", - "properties": { - "displayName": { - "type": "string", - "readOnly": true, - "description": "The display name of the custom alert." - }, - "description": { - "type": "string", - "readOnly": true, - "description": "The description of the custom alert." - }, - "isEnabled": { - "type": "boolean", - "description": "Whether the custom alert is enabled." - }, - "ruleType": { - "type": "string", - "description": "The type of the custom alert rule." - } - }, - "required": [ - "isEnabled", - "ruleType" - ] + "$ref": "#/definitions/AllowlistCustomAlertRule" + } }, - "ListCustomAlertRule": { + "denylistRules": { + "type": "array", + "description": "A list of deny-list custom alert rules.", + "items": { "type": "object", - "description": "A List custom alert rule", - "allOf": [{ - "$ref": "#/definitions/CustomAlertRule" - } - ], - "properties": { - "valueType": { - "type": "string", - "description": "The value type of the items in the list", - "enum": ["IpCidr", "String"], - "readOnly": true, - "x-ms-enum": { - "name": "valueType", - "modelAsString": true, - "values": [{ - "value": "IpCidr", - "description": "An IP range in CIDR format (e.g. '192.168.0.1/8')." - }, - { - "value": "String", - "description": "Any string value." - } - ] - } - } - } + "$ref": "#/definitions/DenylistCustomAlertRule" + } + } + } + }, + "CustomAlertRule": { + "type": "object", + "description": "A custom alert rule", + "properties": { + "displayName": { + "type": "string", + "readOnly": true, + "description": "The display name of the custom alert." }, - "AllowlistCustomAlertRule": { - "type": "object", - "description": "A custom alert rule that checks if a value (depends on the custom alert type) is allowed", - "allOf": [{ - "$ref": "#/definitions/ListCustomAlertRule" - } - ], - "properties": { - "allowlistValues": { - "type": "array", - "description": "The values to allow. The format of the values depends on the rule type.", - "items": { - "type": "string" - } - }, - "ruleType": { - "type": "string", - "description": "The type of the custom alert rule.", - "enum": ["ConnectionToIpNotAllowed", "LocalUserNotAllowed", "ProcessNotAllowed"], - "x-ms-enum": { - "name": "ruleType", - "modelAsString": true, - "values": [{ - "value": "ConnectionToIpNotAllowed", - "description": "Outbound connection to an ip that isn't allowed. Allow list consists of ipv4 or ipv6 range in CIDR notation." - }, - { - "value": "LocalUserNotAllowed", - "description": "Login by a local user that isn't allowed. Allow list consists of login names to allow." - }, - { - "value": "ProcessNotAllowed", - "description": "Execution of a process that isn't allowed. Allow list consists of process names to allow." - } - ] - } - } - }, - "required": [ - "allowlistValues" - ] + "description": { + "type": "string", + "readOnly": true, + "description": "The description of the custom alert." }, - "DenylistCustomAlertRule": { - "type": "object", - "description": "A custom alert rule that checks if a value (depends on the custom alert type) is denied", - "allOf": [{ - "$ref": "#/definitions/ListCustomAlertRule" - } - ], - "properties": { - "denylistValues": { - "type": "array", - "description": "The values to deny. The format of the values depends on the rule type.", - "items": { - "type": "string" - } - } - }, - "required": [ - "denylistValues" - ] + "isEnabled": { + "type": "boolean", + "description": "Whether the custom alert is enabled." }, - "ThresholdCustomAlertRule": { - "type": "object", - "description": "A custom alert rule that checks if a value (depends on the custom alert type) is within the given range.", - "allOf": [{ - "$ref": "#/definitions/CustomAlertRule" - } - ], - "properties": { - "minThreshold": { - "type": "integer", - "description": "The minimum threshold." - }, - "maxThreshold": { - "type": "integer", - "description": "The maximum threshold." - } - }, - "required": [ - "minThreshold", - "maxThreshold" + "ruleType": { + "type": "string", + "description": "The type of the custom alert rule." + } + }, + "required": [ + "isEnabled", + "ruleType" + ] + }, + "ListCustomAlertRule": { + "type": "object", + "description": "A List custom alert rule", + "allOf": [ + { + "$ref": "#/definitions/CustomAlertRule" + } + ], + "properties": { + "valueType": { + "type": "string", + "description": "The value type of the items in the list", + "enum": [ + "IpCidr", + "String" + ], + "readOnly": true, + "x-ms-enum": { + "name": "valueType", + "modelAsString": true, + "values": [ + { + "value": "IpCidr", + "description": "An IP range in CIDR format (e.g. '192.168.0.1/8')." + }, + { + "value": "String", + "description": "Any string value." + } ] + } + } + } + }, + "AllowlistCustomAlertRule": { + "type": "object", + "description": "A custom alert rule that checks if a value (depends on the custom alert type) is allowed", + "allOf": [ + { + "$ref": "#/definitions/ListCustomAlertRule" + } + ], + "properties": { + "allowlistValues": { + "type": "array", + "description": "The values to allow. The format of the values depends on the rule type.", + "items": { + "type": "string" + } }, - "TimeWindowCustomAlertRule": { - "type": "object", - "description": "A custom alert rule that checks if the number of activities (depends on the custom alert type) in a time window is within the given range.", - "allOf": [ - { - "$ref": "#/definitions/CustomAlertRule" - }, - { - "$ref": "#/definitions/ThresholdCustomAlertRule" - } - ], - "properties": { - "timeWindowSize": { - "type": "string", - "description": "The time window size in iso8601 format.", - "format": "duration" - }, - "ruleType": { - "type": "string", - "description": "The type of the custom alert rule.", - "enum": ["ActiveConnectionsNotInAllowedRange", "AmqpC2DMessagesNotInAllowedRange", "MqttC2DMessagesNotInAllowedRange", "HttpC2DMessagesNotInAllowedRange", "AmqpC2DRejectedMessagesNotInAllowedRange", "MqttC2DRejectedMessagesNotInAllowedRange", "HttpC2DRejectedMessagesNotInAllowedRange", "AmqpD2CMessagesNotInAllowedRange", "MqttD2CMessagesNotInAllowedRange", "HttpD2CMessagesNotInAllowedRange", "DirectMethodInvokesNotInAllowedRange", "FailedLocalLoginsNotInAllowedRange", "FileUploadsNotInAllowedRange", "QueuePurgesNotInAllowedRange", "TwinUpdatesNotInAllowedRange", "UnauthorizedOperationsNotInAllowedRange"], - "x-ms-enum": { - "name": "ruleType", - "modelAsString": true, - "values": [{ - "value": "ActiveConnectionsNotInAllowedRange", - "description": "Number of active connections is not in allowed range." - }, - { - "value": "AmqpC2DMessagesNotInAllowedRange", - "description": "Number of cloud to device messages (AMQP protocol) is not in allowed range." - }, - { - "value": "MqttC2DMessagesNotInAllowedRange", - "description": "Number of cloud to device messages (MQTT protocol) is not in allowed range." - }, - { - "value": "HttpC2DMessagesNotInAllowedRange", - "description": "Number of cloud to device messages (HTTP protocol) is not in allowed range." - }, - { - "value": "AmqpC2DRejectedMessagesNotInAllowedRange", - "description": "Number of rejected cloud to device messages (AMQP protocol) is not in allowed range." - }, - { - "value": "MqttC2DRejectedMessagesNotInAllowedRange", - "description": "Number of rejected cloud to device messages (MQTT protocol) is not in allowed range." - }, - { - "value": "HttpC2DRejectedMessagesNotInAllowedRange", - "description": "Number of rejected cloud to device messages (HTTP protocol) is not in allowed range." - }, - { - "value": "AmqpD2CMessagesNotInAllowedRange", - "description": "Number of device to cloud messages (AMQP protocol) is not in allowed range." - }, - { - "value": "MqttD2CMessagesNotInAllowedRange", - "description": "Number of device to cloud messages (MQTT protocol) is not in allowed range." - }, - { - "value": "HttpD2CMessagesNotInAllowedRange", - "description": "Number of device to cloud messages (HTTP protocol) is not in allowed range." - }, - { - "value": "DirectMethodInvokesNotInAllowedRange", - "description": "Number of direct method invokes is not in allowed range." - }, - { - "value": "FailedLocalLoginsNotInAllowedRange", - "description": "Number of failed local logins is not in allowed range." - }, - { - "value": "FileUploadsNotInAllowedRange", - "description": "Number of file uploads is not in allowed range." - }, - { - "value": "QueuePurgesNotInAllowedRange", - "description": "Number of device queue purges is not in allowed range." - }, - { - "value": "TwinUpdatesNotInAllowedRange", - "description": "Number of twin updates is not in allowed range." - }, - { - "value": "UnauthorizedOperationsNotInAllowedRange", - "description": "Number of unauthorized operations is not in allowed range." - } - ] - } - } - }, - "required": [ - "timeWindowSize" + "ruleType": { + "type": "string", + "description": "The type of the custom alert rule.", + "enum": [ + "ConnectionToIpNotAllowed", + "LocalUserNotAllowed", + "ProcessNotAllowed" + ], + "x-ms-enum": { + "name": "ruleType", + "modelAsString": true, + "values": [ + { + "value": "ConnectionToIpNotAllowed", + "description": "Outbound connection to an ip that isn't allowed. Allow list consists of ipv4 or ipv6 range in CIDR notation." + }, + { + "value": "LocalUserNotAllowed", + "description": "Login by a local user that isn't allowed. Allow list consists of login names to allow." + }, + { + "value": "ProcessNotAllowed", + "description": "Execution of a process that isn't allowed. Allow list consists of process names to allow." + } ] + } + } + }, + "required": [ + "allowlistValues" + ] + }, + "DenylistCustomAlertRule": { + "type": "object", + "description": "A custom alert rule that checks if a value (depends on the custom alert type) is denied", + "allOf": [ + { + "$ref": "#/definitions/ListCustomAlertRule" + } + ], + "properties": { + "denylistValues": { + "type": "array", + "description": "The values to deny. The format of the values depends on the rule type.", + "items": { + "type": "string" + } + } + }, + "required": [ + "denylistValues" + ] + }, + "ThresholdCustomAlertRule": { + "type": "object", + "description": "A custom alert rule that checks if a value (depends on the custom alert type) is within the given range.", + "allOf": [ + { + "$ref": "#/definitions/CustomAlertRule" + } + ], + "properties": { + "minThreshold": { + "type": "integer", + "description": "The minimum threshold." + }, + "maxThreshold": { + "type": "integer", + "description": "The maximum threshold." } + }, + "required": [ + "minThreshold", + "maxThreshold" + ] }, - "parameters": { - "DeviceSecurityGroupName": { - "name": "deviceSecurityGroupName", - "in": "path", - "required": true, + "TimeWindowCustomAlertRule": { + "type": "object", + "description": "A custom alert rule that checks if the number of activities (depends on the custom alert type) in a time window is within the given range.", + "allOf": [ + { + "$ref": "#/definitions/CustomAlertRule" + }, + { + "$ref": "#/definitions/ThresholdCustomAlertRule" + } + ], + "properties": { + "timeWindowSize": { "type": "string", - "description": "The name of the security group. Please notice that the name is case insensitive.", - "x-ms-parameter-location": "method" + "description": "The time window size in iso8601 format.", + "format": "duration" }, - "DeviceSecurityGroup": { - "name": "deviceSecurityGroup", - "in": "body", - "required": true, - "description": "Security group object.", - "schema": { - "$ref": "#/definitions/DeviceSecurityGroup" - }, - "x-ms-parameter-location": "method" + "ruleType": { + "type": "string", + "description": "The type of the custom alert rule.", + "enum": [ + "ActiveConnectionsNotInAllowedRange", + "AmqpC2DMessagesNotInAllowedRange", + "MqttC2DMessagesNotInAllowedRange", + "HttpC2DMessagesNotInAllowedRange", + "AmqpC2DRejectedMessagesNotInAllowedRange", + "MqttC2DRejectedMessagesNotInAllowedRange", + "HttpC2DRejectedMessagesNotInAllowedRange", + "AmqpD2CMessagesNotInAllowedRange", + "MqttD2CMessagesNotInAllowedRange", + "HttpD2CMessagesNotInAllowedRange", + "DirectMethodInvokesNotInAllowedRange", + "FailedLocalLoginsNotInAllowedRange", + "FileUploadsNotInAllowedRange", + "QueuePurgesNotInAllowedRange", + "TwinUpdatesNotInAllowedRange", + "UnauthorizedOperationsNotInAllowedRange" + ], + "x-ms-enum": { + "name": "ruleType", + "modelAsString": true, + "values": [ + { + "value": "ActiveConnectionsNotInAllowedRange", + "description": "Number of active connections is not in allowed range." + }, + { + "value": "AmqpC2DMessagesNotInAllowedRange", + "description": "Number of cloud to device messages (AMQP protocol) is not in allowed range." + }, + { + "value": "MqttC2DMessagesNotInAllowedRange", + "description": "Number of cloud to device messages (MQTT protocol) is not in allowed range." + }, + { + "value": "HttpC2DMessagesNotInAllowedRange", + "description": "Number of cloud to device messages (HTTP protocol) is not in allowed range." + }, + { + "value": "AmqpC2DRejectedMessagesNotInAllowedRange", + "description": "Number of rejected cloud to device messages (AMQP protocol) is not in allowed range." + }, + { + "value": "MqttC2DRejectedMessagesNotInAllowedRange", + "description": "Number of rejected cloud to device messages (MQTT protocol) is not in allowed range." + }, + { + "value": "HttpC2DRejectedMessagesNotInAllowedRange", + "description": "Number of rejected cloud to device messages (HTTP protocol) is not in allowed range." + }, + { + "value": "AmqpD2CMessagesNotInAllowedRange", + "description": "Number of device to cloud messages (AMQP protocol) is not in allowed range." + }, + { + "value": "MqttD2CMessagesNotInAllowedRange", + "description": "Number of device to cloud messages (MQTT protocol) is not in allowed range." + }, + { + "value": "HttpD2CMessagesNotInAllowedRange", + "description": "Number of device to cloud messages (HTTP protocol) is not in allowed range." + }, + { + "value": "DirectMethodInvokesNotInAllowedRange", + "description": "Number of direct method invokes is not in allowed range." + }, + { + "value": "FailedLocalLoginsNotInAllowedRange", + "description": "Number of failed local logins is not in allowed range." + }, + { + "value": "FileUploadsNotInAllowedRange", + "description": "Number of file uploads is not in allowed range." + }, + { + "value": "QueuePurgesNotInAllowedRange", + "description": "Number of device queue purges is not in allowed range." + }, + { + "value": "TwinUpdatesNotInAllowedRange", + "description": "Number of twin updates is not in allowed range." + }, + { + "value": "UnauthorizedOperationsNotInAllowedRange", + "description": "Number of unauthorized operations is not in allowed range." + } + ] + } } + }, + "required": [ + "timeWindowSize" + ] + } + }, + "parameters": { + "DeviceSecurityGroupName": { + "name": "deviceSecurityGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the security group. Please notice that the name is case insensitive.", + "x-ms-parameter-location": "method" + }, + "DeviceSecurityGroup": { + "name": "deviceSecurityGroup", + "in": "body", + "required": true, + "description": "Security group object.", + "schema": { + "$ref": "#/definitions/DeviceSecurityGroup" + }, + "x-ms-parameter-location": "method" } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AdvancedThreatProtection/GetAdvancedThreatProtectionSettings_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AdvancedThreatProtection/GetAdvancedThreatProtectionSettings_example.json index 1e0e29392fd0..990baa8f8fed 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AdvancedThreatProtection/GetAdvancedThreatProtectionSettings_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AdvancedThreatProtection/GetAdvancedThreatProtectionSettings_example.json @@ -16,4 +16,4 @@ } } } -} \ No newline at end of file +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AutoProvisioningSettings/CreateAutoProvisioningSettingsSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AutoProvisioningSettings/CreateAutoProvisioningSettingsSubscription_example.json index 57fb3300bb60..df65ebfef610 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AutoProvisioningSettings/CreateAutoProvisioningSettingsSubscription_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AutoProvisioningSettings/CreateAutoProvisioningSettingsSubscription_example.json @@ -1,27 +1,27 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "settingName": "default", - "setting": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/autoProvisioningSettings/default", - "name": "default", - "type": "Microsoft.Security/autoProvisioningSettings", - "properties": { - "autoProvision": "On" - } - } - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/autoProvisioningSettings/default", - "name": "default", - "type": "Microsoft.Security/autoProvisioningSettings", - "properties": { - "autoProvision": "On" - } - } + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "settingName": "default", + "setting": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/autoProvisioningSettings/default", + "name": "default", + "type": "Microsoft.Security/autoProvisioningSettings", + "properties": { + "autoProvision": "On" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/autoProvisioningSettings/default", + "name": "default", + "type": "Microsoft.Security/autoProvisioningSettings", + "properties": { + "autoProvision": "On" } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AutoProvisioningSettings/GetAutoProvisioningSettingSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AutoProvisioningSettings/GetAutoProvisioningSettingSubscription_example.json index 2b095698851a..f913301878d9 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AutoProvisioningSettings/GetAutoProvisioningSettingSubscription_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AutoProvisioningSettings/GetAutoProvisioningSettingSubscription_example.json @@ -1,19 +1,19 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "settingName": "default" - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/autoProvisioningSettings/default", - "name": "default", - "type": "Microsoft.Security/autoProvisioningSettings", - "properties": { - "autoProvision": "On" - } - } + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "settingName": "default" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/autoProvisioningSettings/default", + "name": "default", + "type": "Microsoft.Security/autoProvisioningSettings", + "properties": { + "autoProvision": "On" } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AutoProvisioningSettings/GetAutoProvisioningSettingsSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AutoProvisioningSettings/GetAutoProvisioningSettingsSubscription_example.json index 4f2838d7e6e2..6e674175ff58 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AutoProvisioningSettings/GetAutoProvisioningSettingsSubscription_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/AutoProvisioningSettings/GetAutoProvisioningSettingsSubscription_example.json @@ -1,20 +1,22 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/autoProvisioningSettings/default", - "name": "default", - "type": "Microsoft.Security/autoProvisioningSettings", - "properties": { - "autoProvision": "On" - } - }] + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/autoProvisioningSettings/default", + "name": "default", + "type": "Microsoft.Security/autoProvisioningSettings", + "properties": { + "autoProvision": "On" } - } + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Compliances/GetCompliance_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Compliances/GetCompliance_example.json index 668297cb44ef..87dd0b27cb08 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Compliances/GetCompliance_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Compliances/GetCompliance_example.json @@ -1,26 +1,26 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "scope": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "complianceName": "2018-01-01Z" - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/compliances/2018-01-01Z", - "name": "2018-01-01Z", - "type": "Microsoft.Security/compliances", - "properties": { - "assessmentResult": [ - { - "segmentType": "Compliant", - "percentage": 77.77777777777778 - } - ], - "resourceCount": 18, - "assessmentTimestampUtcDate": "2018-01-01T00:00:00Z" - } + "parameters": { + "api-version": "2017-08-01-preview", + "scope": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "complianceName": "2018-01-01Z" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/compliances/2018-01-01Z", + "name": "2018-01-01Z", + "type": "Microsoft.Security/compliances", + "properties": { + "assessmentResult": [ + { + "segmentType": "Compliant", + "percentage": 77.77777777777778 } + ], + "resourceCount": 18, + "assessmentTimestampUtcDate": "2018-01-01T00:00:00Z" } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Compliances/GetCompliances_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Compliances/GetCompliances_example.json index 1337c71c42e2..cbda52855d5c 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Compliances/GetCompliances_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Compliances/GetCompliances_example.json @@ -1,60 +1,59 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "scope": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/compliances/2018-01-01Z", - "name": "2018-01-01Z", - "type": "Microsoft.Security/compliances", - "properties": { - "assessmentResult": [ - { - "segmentType": "Compliant", - "percentage": 77.77777777777778 - } - ], - "resourceCount": 18, - "assessmentTimestampUtcDate": "2018-01-01T00:00:00Z" - } - }, - { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/compliances/2018-01-02Z", - "name": "2018-01-02Z", - "type": "Microsoft.Security/compliances", - "properties": { - "assessmentResult": [ - { - "segmentType": "Compliant", - "percentage": 94.44444444444444 - } - ], - "resourceCount": 18, - "assessmentTimestampUtcDate": "2018-01-02T00:00:00Z" - } - - }, - { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/compliances/2018-01-03Z", - "name": "2018-01-03Z", - "type": "Microsoft.Security/compliances", - "properties": { - "assessmentResult": [ - { - "segmentType": "Compliant", - "percentage": 100 - } - ], - "resourceCount": 18, - "assessmentTimestampUtcDate": "2018-01-03T00:00:00Z" - } - - } - ] + "parameters": { + "api-version": "2017-08-01-preview", + "scope": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/compliances/2018-01-01Z", + "name": "2018-01-01Z", + "type": "Microsoft.Security/compliances", + "properties": { + "assessmentResult": [ + { + "segmentType": "Compliant", + "percentage": 77.77777777777778 + } + ], + "resourceCount": 18, + "assessmentTimestampUtcDate": "2018-01-01T00:00:00Z" } - } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/compliances/2018-01-02Z", + "name": "2018-01-02Z", + "type": "Microsoft.Security/compliances", + "properties": { + "assessmentResult": [ + { + "segmentType": "Compliant", + "percentage": 94.44444444444444 + } + ], + "resourceCount": 18, + "assessmentTimestampUtcDate": "2018-01-02T00:00:00Z" + } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/compliances/2018-01-03Z", + "name": "2018-01-03Z", + "type": "Microsoft.Security/compliances", + "properties": { + "assessmentResult": [ + { + "segmentType": "Compliant", + "percentage": 100 + } + ], + "resourceCount": 18, + "assessmentTimestampUtcDate": "2018-01-03T00:00:00Z" + } + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/DeviceSecurityGroups/DeleteDeviceSecurityGroups_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/DeviceSecurityGroups/DeleteDeviceSecurityGroups_example.json index e22d8e3ca318..8e1c5e5c235b 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/DeviceSecurityGroups/DeleteDeviceSecurityGroups_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/DeviceSecurityGroups/DeleteDeviceSecurityGroups_example.json @@ -1,11 +1,11 @@ { - "parameters":{ - "api-version":"2017-08-01-preview", - "resourceId":"subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub", - "deviceSecurityGroupName":"samplesecuritygroup" + "parameters": { + "api-version": "2017-08-01-preview", + "resourceId": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub", + "deviceSecurityGroupName": "samplesecuritygroup" }, - "responses":{ + "responses": { "200": {}, "204": {} } -} \ No newline at end of file +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/DeviceSecurityGroups/GetDeviceSecurityGroups_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/DeviceSecurityGroups/GetDeviceSecurityGroups_example.json index 0e757d9d90fa..8e001a685594 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/DeviceSecurityGroups/GetDeviceSecurityGroups_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/DeviceSecurityGroups/GetDeviceSecurityGroups_example.json @@ -1,192 +1,192 @@ { - "parameters":{ - "api-version":"2017-08-01-preview", - "resourceId":"subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub", - "deviceSecurityGroupName":"samplesecuritygroup" + "parameters": { + "api-version": "2017-08-01-preview", + "resourceId": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub", + "deviceSecurityGroupName": "samplesecuritygroup" }, - "responses":{ - "200":{ - "body":{ - "id":"/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub/providers/Microsoft.Security/deviceSecurityGroups/samplesecuritygroup", - "name":"samplesecuritygroup", - "type":"Microsoft.Security/deviceSecurityGroups", - "properties":{ - "thresholdRules":[], - "timeWindowRules":[ - { - "ruleType":"ActiveConnectionsNotInAllowedRange", - "displayName":"Number of active connections is not in allowed range", - "description":"Get an alert when the number of active connections of a device in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"AmqpC2DMessagesNotInAllowedRange", - "displayName":"Number of cloud to device messages (AMQP protocol) is not in allowed range", - "description":"Get an alert when the number of cloud to device messages (AMQP protocol) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"MqttC2DMessagesNotInAllowedRange", - "displayName":"Number of cloud to device messages (MQTT protocol) is not in allowed range", - "description":"Get an alert when the number of cloud to device messages (MQTT protocol) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"HttpC2DMessagesNotInAllowedRange", - "displayName":"Number of cloud to device messages (HTTP protocol) is not in allowed range", - "description":"Get an alert when the number of cloud to device messages (HTTP protocol) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"AmqpC2DRejectedMessagesNotInAllowedRange", - "displayName":"Number of rejected cloud to device messages (AMQP protocol) is not in allowed range", - "description":"Get an alert when the number of cloud to device messages (AMQP protocol) that were rejected by the device in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"MqttC2DRejectedMessagesNotInAllowedRange", - "displayName":"Number of rejected cloud to device messages (MQTT protocol) is not in allowed range", - "description":"Get an alert when the number of cloud to device messages (MQTT protocol) that were rejected by the device in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"HttpC2DRejectedMessagesNotInAllowedRange", - "displayName":"Number of rejected cloud to device messages (HTTP protocol) is not in allowed range", - "description":"Get an alert when the number of cloud to device messages (HTTP protocol) that were rejected by the device in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"AmqpD2CMessagesNotInAllowedRange", - "displayName":"Number of device to cloud messages (AMQP protocol) is not in allowed range", - "description":"Get an alert when the number of device to cloud messages (AMQP protocol) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"MqttD2CMessagesNotInAllowedRange", - "displayName":"Number of device to cloud messages (MQTT protocol) is not in allowed range", - "description":"Get an alert when the number of device to cloud messages (MQTT protocol) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"HttpD2CMessagesNotInAllowedRange", - "displayName":"Number of device to cloud messages (HTTP protocol) is not in allowed range", - "description":"Get an alert when the number of device to cloud messages (HTTP protocol) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"DirectMethodInvokesNotInAllowedRange", - "displayName":"Number of direct method invokes is not in allowed range", - "description":"Get an alert when the number of direct method invokes in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"FailedLocalLoginsNotInAllowedRange", - "displayName":"Number of failed local logins is not in allowed range", - "description":"Get an alert when the number of failed local logins on the device in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"FileUploadsNotInAllowedRange", - "displayName":"Number of file uploads is not in allowed range", - "description":"Get an alert when the number of file uploads from the device to the cloud in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"QueuePurgesNotInAllowedRange", - "displayName":"Number of device queue purges is not in allowed range", - "description":"Get an alert when the number of device queue purges in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"TwinUpdatesNotInAllowedRange", - "displayName":"Number of twin updates is not in allowed range", - "description":"Get an alert when the number of twin updates (by the device or the service) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"UnauthorizedOperationsNotInAllowedRange", - "displayName":"Number of unauthorized operations is not in allowed range", - "description":"Get an alert when the number unauthorized operations in the time window is not in the allowed range. Unauthorized operations are operations that affect the device (or done by it) that fail because of an unauthorized error", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub/providers/Microsoft.Security/deviceSecurityGroups/samplesecuritygroup", + "name": "samplesecuritygroup", + "type": "Microsoft.Security/deviceSecurityGroups", + "properties": { + "thresholdRules": [], + "timeWindowRules": [ + { + "ruleType": "ActiveConnectionsNotInAllowedRange", + "displayName": "Number of active connections is not in allowed range", + "description": "Get an alert when the number of active connections of a device in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "AmqpC2DMessagesNotInAllowedRange", + "displayName": "Number of cloud to device messages (AMQP protocol) is not in allowed range", + "description": "Get an alert when the number of cloud to device messages (AMQP protocol) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "MqttC2DMessagesNotInAllowedRange", + "displayName": "Number of cloud to device messages (MQTT protocol) is not in allowed range", + "description": "Get an alert when the number of cloud to device messages (MQTT protocol) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "HttpC2DMessagesNotInAllowedRange", + "displayName": "Number of cloud to device messages (HTTP protocol) is not in allowed range", + "description": "Get an alert when the number of cloud to device messages (HTTP protocol) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "AmqpC2DRejectedMessagesNotInAllowedRange", + "displayName": "Number of rejected cloud to device messages (AMQP protocol) is not in allowed range", + "description": "Get an alert when the number of cloud to device messages (AMQP protocol) that were rejected by the device in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "MqttC2DRejectedMessagesNotInAllowedRange", + "displayName": "Number of rejected cloud to device messages (MQTT protocol) is not in allowed range", + "description": "Get an alert when the number of cloud to device messages (MQTT protocol) that were rejected by the device in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "HttpC2DRejectedMessagesNotInAllowedRange", + "displayName": "Number of rejected cloud to device messages (HTTP protocol) is not in allowed range", + "description": "Get an alert when the number of cloud to device messages (HTTP protocol) that were rejected by the device in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "AmqpD2CMessagesNotInAllowedRange", + "displayName": "Number of device to cloud messages (AMQP protocol) is not in allowed range", + "description": "Get an alert when the number of device to cloud messages (AMQP protocol) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "MqttD2CMessagesNotInAllowedRange", + "displayName": "Number of device to cloud messages (MQTT protocol) is not in allowed range", + "description": "Get an alert when the number of device to cloud messages (MQTT protocol) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "HttpD2CMessagesNotInAllowedRange", + "displayName": "Number of device to cloud messages (HTTP protocol) is not in allowed range", + "description": "Get an alert when the number of device to cloud messages (HTTP protocol) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "DirectMethodInvokesNotInAllowedRange", + "displayName": "Number of direct method invokes is not in allowed range", + "description": "Get an alert when the number of direct method invokes in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "FailedLocalLoginsNotInAllowedRange", + "displayName": "Number of failed local logins is not in allowed range", + "description": "Get an alert when the number of failed local logins on the device in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "FileUploadsNotInAllowedRange", + "displayName": "Number of file uploads is not in allowed range", + "description": "Get an alert when the number of file uploads from the device to the cloud in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "QueuePurgesNotInAllowedRange", + "displayName": "Number of device queue purges is not in allowed range", + "description": "Get an alert when the number of device queue purges in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "TwinUpdatesNotInAllowedRange", + "displayName": "Number of twin updates is not in allowed range", + "description": "Get an alert when the number of twin updates (by the device or the service) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "UnauthorizedOperationsNotInAllowedRange", + "displayName": "Number of unauthorized operations is not in allowed range", + "description": "Get an alert when the number unauthorized operations in the time window is not in the allowed range. Unauthorized operations are operations that affect the device (or done by it) that fail because of an unauthorized error", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" } ], - "allowlistRules":[ + "allowlistRules": [ { - "ruleType":"ConnectionToIpNotAllowed", - "displayName":"Outbound connection to an ip that isn't allowed", - "description":"Get an alert when an outbound connection is created between your device and an ip that isn't allowed", - "isEnabled":false, + "ruleType": "ConnectionToIpNotAllowed", + "displayName": "Outbound connection to an ip that isn't allowed", + "description": "Get an alert when an outbound connection is created between your device and an ip that isn't allowed", + "isEnabled": false, "valueType": "IpCidr", - "allowlistValues":[] + "allowlistValues": [] }, { - "ruleType":"LocalUserNotAllowed", - "displayName":"Login by a local user that isn't allowed", - "description":"Get an alert when a local user that isn't allowed logins to the device", - "isEnabled":false, + "ruleType": "LocalUserNotAllowed", + "displayName": "Login by a local user that isn't allowed", + "description": "Get an alert when a local user that isn't allowed logins to the device", + "isEnabled": false, "valueType": "String", - "allowlistValues":[] + "allowlistValues": [] }, { - "ruleType":"ProcessNotAllowed", - "displayName":"Execution of a process that isn't allowed", - "description":"Get an alert when a process that isn't allowed is executed", - "isEnabled":false, + "ruleType": "ProcessNotAllowed", + "displayName": "Execution of a process that isn't allowed", + "description": "Get an alert when a process that isn't allowed is executed", + "isEnabled": false, "valueType": "String", - "allowlistValues":[] + "allowlistValues": [] } ], - "denylistRules":[] + "denylistRules": [] } } } } -} \ No newline at end of file +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/DeviceSecurityGroups/ListDeviceSecurityGroups_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/DeviceSecurityGroups/ListDeviceSecurityGroups_example.json index 136f807fbd13..a944897579da 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/DeviceSecurityGroups/ListDeviceSecurityGroups_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/DeviceSecurityGroups/ListDeviceSecurityGroups_example.json @@ -1,195 +1,195 @@ { - "parameters":{ - "api-version":"2017-08-01-preview", - "resourceId":"subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub" + "parameters": { + "api-version": "2017-08-01-preview", + "resourceId": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub" }, - "responses":{ - "200":{ - "body":{ - "value":[ + "responses": { + "200": { + "body": { + "value": [ { - "id":"/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub/providers/Microsoft.Security/deviceSecurityGroups/samplesecuritygroup", - "name":"samplesecuritygroup", - "type":"Microsoft.Security/deviceSecurityGroups", - "properties":{ - "thresholdRules":[], - "timeWindowRules":[ - { - "ruleType":"ActiveConnectionsNotInAllowedRange", - "displayName":"Number of active connections is not in allowed range", - "description":"Get an alert when the number of active connections of a device in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"AmqpC2DMessagesNotInAllowedRange", - "displayName":"Number of cloud to device messages (AMQP protocol) is not in allowed range", - "description":"Get an alert when the number of cloud to device messages (AMQP protocol) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"MqttC2DMessagesNotInAllowedRange", - "displayName":"Number of cloud to device messages (MQTT protocol) is not in allowed range", - "description":"Get an alert when the number of cloud to device messages (MQTT protocol) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"HttpC2DMessagesNotInAllowedRange", - "displayName":"Number of cloud to device messages (HTTP protocol) is not in allowed range", - "description":"Get an alert when the number of cloud to device messages (HTTP protocol) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"AmqpC2DRejectedMessagesNotInAllowedRange", - "displayName":"Number of rejected cloud to device messages (AMQP protocol) is not in allowed range", - "description":"Get an alert when the number of cloud to device messages (AMQP protocol) that were rejected by the device in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"MqttC2DRejectedMessagesNotInAllowedRange", - "displayName":"Number of rejected cloud to device messages (MQTT protocol) is not in allowed range", - "description":"Get an alert when the number of cloud to device messages (MQTT protocol) that were rejected by the device in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"HttpC2DRejectedMessagesNotInAllowedRange", - "displayName":"Number of rejected cloud to device messages (HTTP protocol) is not in allowed range", - "description":"Get an alert when the number of cloud to device messages (HTTP protocol) that were rejected by the device in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"AmqpD2CMessagesNotInAllowedRange", - "displayName":"Number of device to cloud messages (AMQP protocol) is not in allowed range", - "description":"Get an alert when the number of device to cloud messages (AMQP protocol) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"MqttD2CMessagesNotInAllowedRange", - "displayName":"Number of device to cloud messages (MQTT protocol) is not in allowed range", - "description":"Get an alert when the number of device to cloud messages (MQTT protocol) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"HttpD2CMessagesNotInAllowedRange", - "displayName":"Number of device to cloud messages (HTTP protocol) is not in allowed range", - "description":"Get an alert when the number of device to cloud messages (HTTP protocol) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"DirectMethodInvokesNotInAllowedRange", - "displayName":"Number of direct method invokes is not in allowed range", - "description":"Get an alert when the number of direct method invokes in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"FailedLocalLoginsNotInAllowedRange", - "displayName":"Number of failed local logins is not in allowed range", - "description":"Get an alert when the number of failed local logins on the device in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"FileUploadsNotInAllowedRange", - "displayName":"Number of file uploads is not in allowed range", - "description":"Get an alert when the number of file uploads from the device to the cloud in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"QueuePurgesNotInAllowedRange", - "displayName":"Number of device queue purges is not in allowed range", - "description":"Get an alert when the number of device queue purges in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"TwinUpdatesNotInAllowedRange", - "displayName":"Number of twin updates is not in allowed range", - "description":"Get an alert when the number of twin updates (by the device or the service) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"UnauthorizedOperationsNotInAllowedRange", - "displayName":"Number of unauthorized operations is not in allowed range", - "description":"Get an alert when the number unauthorized operations in the time window is not in the allowed range. Unauthorized operations are operations that affect the device (or done by it) that fail because of an unauthorized error", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub/providers/Microsoft.Security/deviceSecurityGroups/samplesecuritygroup", + "name": "samplesecuritygroup", + "type": "Microsoft.Security/deviceSecurityGroups", + "properties": { + "thresholdRules": [], + "timeWindowRules": [ + { + "ruleType": "ActiveConnectionsNotInAllowedRange", + "displayName": "Number of active connections is not in allowed range", + "description": "Get an alert when the number of active connections of a device in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "AmqpC2DMessagesNotInAllowedRange", + "displayName": "Number of cloud to device messages (AMQP protocol) is not in allowed range", + "description": "Get an alert when the number of cloud to device messages (AMQP protocol) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "MqttC2DMessagesNotInAllowedRange", + "displayName": "Number of cloud to device messages (MQTT protocol) is not in allowed range", + "description": "Get an alert when the number of cloud to device messages (MQTT protocol) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "HttpC2DMessagesNotInAllowedRange", + "displayName": "Number of cloud to device messages (HTTP protocol) is not in allowed range", + "description": "Get an alert when the number of cloud to device messages (HTTP protocol) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "AmqpC2DRejectedMessagesNotInAllowedRange", + "displayName": "Number of rejected cloud to device messages (AMQP protocol) is not in allowed range", + "description": "Get an alert when the number of cloud to device messages (AMQP protocol) that were rejected by the device in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "MqttC2DRejectedMessagesNotInAllowedRange", + "displayName": "Number of rejected cloud to device messages (MQTT protocol) is not in allowed range", + "description": "Get an alert when the number of cloud to device messages (MQTT protocol) that were rejected by the device in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "HttpC2DRejectedMessagesNotInAllowedRange", + "displayName": "Number of rejected cloud to device messages (HTTP protocol) is not in allowed range", + "description": "Get an alert when the number of cloud to device messages (HTTP protocol) that were rejected by the device in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "AmqpD2CMessagesNotInAllowedRange", + "displayName": "Number of device to cloud messages (AMQP protocol) is not in allowed range", + "description": "Get an alert when the number of device to cloud messages (AMQP protocol) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "MqttD2CMessagesNotInAllowedRange", + "displayName": "Number of device to cloud messages (MQTT protocol) is not in allowed range", + "description": "Get an alert when the number of device to cloud messages (MQTT protocol) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "HttpD2CMessagesNotInAllowedRange", + "displayName": "Number of device to cloud messages (HTTP protocol) is not in allowed range", + "description": "Get an alert when the number of device to cloud messages (HTTP protocol) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "DirectMethodInvokesNotInAllowedRange", + "displayName": "Number of direct method invokes is not in allowed range", + "description": "Get an alert when the number of direct method invokes in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "FailedLocalLoginsNotInAllowedRange", + "displayName": "Number of failed local logins is not in allowed range", + "description": "Get an alert when the number of failed local logins on the device in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "FileUploadsNotInAllowedRange", + "displayName": "Number of file uploads is not in allowed range", + "description": "Get an alert when the number of file uploads from the device to the cloud in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "QueuePurgesNotInAllowedRange", + "displayName": "Number of device queue purges is not in allowed range", + "description": "Get an alert when the number of device queue purges in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "TwinUpdatesNotInAllowedRange", + "displayName": "Number of twin updates is not in allowed range", + "description": "Get an alert when the number of twin updates (by the device or the service) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "UnauthorizedOperationsNotInAllowedRange", + "displayName": "Number of unauthorized operations is not in allowed range", + "description": "Get an alert when the number unauthorized operations in the time window is not in the allowed range. Unauthorized operations are operations that affect the device (or done by it) that fail because of an unauthorized error", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" } ], - "allowlistRules":[ + "allowlistRules": [ { - "ruleType":"ConnectionToIpNotAllowed", - "displayName":"Outbound connection to an ip that isn't allowed", - "description":"Get an alert when an outbound connection is created between your device and an ip that isn't allowed", - "isEnabled":false, + "ruleType": "ConnectionToIpNotAllowed", + "displayName": "Outbound connection to an ip that isn't allowed", + "description": "Get an alert when an outbound connection is created between your device and an ip that isn't allowed", + "isEnabled": false, "valueType": "IpCidr", - "allowlistValues":[] + "allowlistValues": [] }, { - "ruleType":"LocalUserNotAllowed", - "displayName":"Login by a local user that isn't allowed", - "description":"Get an alert when a local user that isn't allowed logins to the device", - "isEnabled":false, + "ruleType": "LocalUserNotAllowed", + "displayName": "Login by a local user that isn't allowed", + "description": "Get an alert when a local user that isn't allowed logins to the device", + "isEnabled": false, "valueType": "String", - "allowlistValues":[] + "allowlistValues": [] }, { - "ruleType":"ProcessNotAllowed", - "displayName":"Execution of a process that isn't allowed", - "description":"Get an alert when a process that isn't allowed is executed", - "isEnabled":false, + "ruleType": "ProcessNotAllowed", + "displayName": "Execution of a process that isn't allowed", + "description": "Get an alert when a process that isn't allowed is executed", + "isEnabled": false, "valueType": "String", - "allowlistValues":[] + "allowlistValues": [] } ], - "denylistRules":[] + "denylistRules": [] } } ] } } } -} \ No newline at end of file +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/DeviceSecurityGroups/PutDeviceSecurityGroups_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/DeviceSecurityGroups/PutDeviceSecurityGroups_example.json index 9aaf21d4ad30..9492bc79ea23 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/DeviceSecurityGroups/PutDeviceSecurityGroups_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/DeviceSecurityGroups/PutDeviceSecurityGroups_example.json @@ -1,387 +1,387 @@ { - "parameters":{ - "api-version":"2017-08-01-preview", - "resourceId":"subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub", - "deviceSecurityGroupName":"samplesecuritygroup", + "parameters": { + "api-version": "2017-08-01-preview", + "resourceId": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub", + "deviceSecurityGroupName": "samplesecuritygroup", "deviceSecurityGroup": { - "id":"/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub/providers/Microsoft.Security/deviceSecurityGroups/samplesecuritygroup", - "name":"samplesecuritygroup", - "type":"Microsoft.Security/deviceSecurityGroups", + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub/providers/Microsoft.Security/deviceSecurityGroups/samplesecuritygroup", + "name": "samplesecuritygroup", + "type": "Microsoft.Security/deviceSecurityGroups", "properties": { - "timeWindowRules":[ + "timeWindowRules": [ { - "ruleType":"ActiveConnectionsNotInAllowedRange", - "displayName":"Number of active connections is not in allowed range", - "description":"Get an alert when the number of active connections of a device in the time window is not in the allowed range", - "isEnabled":true, - "minThreshold":0, - "maxThreshold":30, - "timeWindowSize":"PT05M" + "ruleType": "ActiveConnectionsNotInAllowedRange", + "displayName": "Number of active connections is not in allowed range", + "description": "Get an alert when the number of active connections of a device in the time window is not in the allowed range", + "isEnabled": true, + "minThreshold": 0, + "maxThreshold": 30, + "timeWindowSize": "PT05M" } ] } } }, - "responses":{ - "200":{ - "body":{ - "id":"/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub/providers/Microsoft.Security/deviceSecurityGroups/samplesecuritygroup", - "name":"samplesecuritygroup", - "type":"Microsoft.Security/deviceSecurityGroups", - "properties":{ - "thresholdRules":[], - "timeWindowRules":[ - { - "ruleType":"ActiveConnectionsNotInAllowedRange", - "displayName":"Number of active connections is not in allowed range", - "description":"Get an alert when the number of active connections of a device in the time window is not in the allowed range", - "isEnabled":true, - "minThreshold":0, - "maxThreshold":30, - "timeWindowSize":"PT05M" - }, - { - "ruleType":"AmqpC2DMessagesNotInAllowedRange", - "displayName":"Number of cloud to device messages (AMQP protocol) is not in allowed range", - "description":"Get an alert when the number of cloud to device messages (AMQP protocol) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"MqttC2DMessagesNotInAllowedRange", - "displayName":"Number of cloud to device messages (MQTT protocol) is not in allowed range", - "description":"Get an alert when the number of cloud to device messages (MQTT protocol) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"HttpC2DMessagesNotInAllowedRange", - "displayName":"Number of cloud to device messages (HTTP protocol) is not in allowed range", - "description":"Get an alert when the number of cloud to device messages (HTTP protocol) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"AmqpC2DRejectedMessagesNotInAllowedRange", - "displayName":"Number of rejected cloud to device messages (AMQP protocol) is not in allowed range", - "description":"Get an alert when the number of cloud to device messages (AMQP protocol) that were rejected by the device in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"MqttC2DRejectedMessagesNotInAllowedRange", - "displayName":"Number of rejected cloud to device messages (MQTT protocol) is not in allowed range", - "description":"Get an alert when the number of cloud to device messages (MQTT protocol) that were rejected by the device in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"HttpC2DRejectedMessagesNotInAllowedRange", - "displayName":"Number of rejected cloud to device messages (HTTP protocol) is not in allowed range", - "description":"Get an alert when the number of cloud to device messages (HTTP protocol) that were rejected by the device in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"AmqpD2CMessagesNotInAllowedRange", - "displayName":"Number of device to cloud messages (AMQP protocol) is not in allowed range", - "description":"Get an alert when the number of device to cloud messages (AMQP protocol) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"MqttD2CMessagesNotInAllowedRange", - "displayName":"Number of device to cloud messages (MQTT protocol) is not in allowed range", - "description":"Get an alert when the number of device to cloud messages (MQTT protocol) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"HttpD2CMessagesNotInAllowedRange", - "displayName":"Number of device to cloud messages (HTTP protocol) is not in allowed range", - "description":"Get an alert when the number of device to cloud messages (HTTP protocol) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"DirectMethodInvokesNotInAllowedRange", - "displayName":"Number of direct method invokes is not in allowed range", - "description":"Get an alert when the number of direct method invokes in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"FailedLocalLoginsNotInAllowedRange", - "displayName":"Number of failed local logins is not in allowed range", - "description":"Get an alert when the number of failed local logins on the device in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"FileUploadsNotInAllowedRange", - "displayName":"Number of file uploads is not in allowed range", - "description":"Get an alert when the number of file uploads from the device to the cloud in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"QueuePurgesNotInAllowedRange", - "displayName":"Number of device queue purges is not in allowed range", - "description":"Get an alert when the number of device queue purges in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"TwinUpdatesNotInAllowedRange", - "displayName":"Number of twin updates is not in allowed range", - "description":"Get an alert when the number of twin updates (by the device or the service) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"UnauthorizedOperationsNotInAllowedRange", - "displayName":"Number of unauthorized operations is not in allowed range", - "description":"Get an alert when the number unauthorized operations in the time window is not in the allowed range. Unauthorized operations are operations that affect the device (or done by it) that fail because of an unauthorized error", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub/providers/Microsoft.Security/deviceSecurityGroups/samplesecuritygroup", + "name": "samplesecuritygroup", + "type": "Microsoft.Security/deviceSecurityGroups", + "properties": { + "thresholdRules": [], + "timeWindowRules": [ + { + "ruleType": "ActiveConnectionsNotInAllowedRange", + "displayName": "Number of active connections is not in allowed range", + "description": "Get an alert when the number of active connections of a device in the time window is not in the allowed range", + "isEnabled": true, + "minThreshold": 0, + "maxThreshold": 30, + "timeWindowSize": "PT05M" + }, + { + "ruleType": "AmqpC2DMessagesNotInAllowedRange", + "displayName": "Number of cloud to device messages (AMQP protocol) is not in allowed range", + "description": "Get an alert when the number of cloud to device messages (AMQP protocol) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "MqttC2DMessagesNotInAllowedRange", + "displayName": "Number of cloud to device messages (MQTT protocol) is not in allowed range", + "description": "Get an alert when the number of cloud to device messages (MQTT protocol) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "HttpC2DMessagesNotInAllowedRange", + "displayName": "Number of cloud to device messages (HTTP protocol) is not in allowed range", + "description": "Get an alert when the number of cloud to device messages (HTTP protocol) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "AmqpC2DRejectedMessagesNotInAllowedRange", + "displayName": "Number of rejected cloud to device messages (AMQP protocol) is not in allowed range", + "description": "Get an alert when the number of cloud to device messages (AMQP protocol) that were rejected by the device in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "MqttC2DRejectedMessagesNotInAllowedRange", + "displayName": "Number of rejected cloud to device messages (MQTT protocol) is not in allowed range", + "description": "Get an alert when the number of cloud to device messages (MQTT protocol) that were rejected by the device in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "HttpC2DRejectedMessagesNotInAllowedRange", + "displayName": "Number of rejected cloud to device messages (HTTP protocol) is not in allowed range", + "description": "Get an alert when the number of cloud to device messages (HTTP protocol) that were rejected by the device in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "AmqpD2CMessagesNotInAllowedRange", + "displayName": "Number of device to cloud messages (AMQP protocol) is not in allowed range", + "description": "Get an alert when the number of device to cloud messages (AMQP protocol) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "MqttD2CMessagesNotInAllowedRange", + "displayName": "Number of device to cloud messages (MQTT protocol) is not in allowed range", + "description": "Get an alert when the number of device to cloud messages (MQTT protocol) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "HttpD2CMessagesNotInAllowedRange", + "displayName": "Number of device to cloud messages (HTTP protocol) is not in allowed range", + "description": "Get an alert when the number of device to cloud messages (HTTP protocol) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "DirectMethodInvokesNotInAllowedRange", + "displayName": "Number of direct method invokes is not in allowed range", + "description": "Get an alert when the number of direct method invokes in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "FailedLocalLoginsNotInAllowedRange", + "displayName": "Number of failed local logins is not in allowed range", + "description": "Get an alert when the number of failed local logins on the device in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "FileUploadsNotInAllowedRange", + "displayName": "Number of file uploads is not in allowed range", + "description": "Get an alert when the number of file uploads from the device to the cloud in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "QueuePurgesNotInAllowedRange", + "displayName": "Number of device queue purges is not in allowed range", + "description": "Get an alert when the number of device queue purges in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "TwinUpdatesNotInAllowedRange", + "displayName": "Number of twin updates is not in allowed range", + "description": "Get an alert when the number of twin updates (by the device or the service) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "UnauthorizedOperationsNotInAllowedRange", + "displayName": "Number of unauthorized operations is not in allowed range", + "description": "Get an alert when the number unauthorized operations in the time window is not in the allowed range. Unauthorized operations are operations that affect the device (or done by it) that fail because of an unauthorized error", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" } ], - "allowlistRules":[ + "allowlistRules": [ { - "ruleType":"ConnectionToIpNotAllowed", - "displayName":"Outbound connection to an ip that isn't allowed", - "description":"Get an alert when an outbound connection is created between your device and an ip that isn't allowed", - "isEnabled":false, - "allowlistValues":[] + "ruleType": "ConnectionToIpNotAllowed", + "displayName": "Outbound connection to an ip that isn't allowed", + "description": "Get an alert when an outbound connection is created between your device and an ip that isn't allowed", + "isEnabled": false, + "allowlistValues": [] }, { - "ruleType":"LocalUserNotAllowed", - "displayName":"Login by a local user that isn't allowed", - "description":"Get an alert when a local user that isn't allowed logins to the device", - "isEnabled":false, - "allowlistValues":[] + "ruleType": "LocalUserNotAllowed", + "displayName": "Login by a local user that isn't allowed", + "description": "Get an alert when a local user that isn't allowed logins to the device", + "isEnabled": false, + "allowlistValues": [] }, { - "ruleType":"ProcessNotAllowed", - "displayName":"Execution of a process that isn't allowed", - "description":"Get an alert when a process that isn't allowed is executed", - "isEnabled":false, - "allowlistValues":[] + "ruleType": "ProcessNotAllowed", + "displayName": "Execution of a process that isn't allowed", + "description": "Get an alert when a process that isn't allowed is executed", + "isEnabled": false, + "allowlistValues": [] } ], - "denylistRules":[] + "denylistRules": [] } } }, - "201":{ - "body":{ - "id":"/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub/providers/Microsoft.Security/deviceSecurityGroups/samplesecuritygroup", - "name":"samplesecuritygroup", - "type":"Microsoft.Security/deviceSecurityGroups", - "properties":{ - "thresholdRules":[], - "timeWindowRules":[ - { - "ruleType":"ActiveConnectionsNotInAllowedRange", - "displayName":"Number of active connections is not in allowed range", - "description":"Get an alert when the number of active connections of a device in the time window is not in the allowed range", - "isEnabled":true, - "minThreshold":0, - "maxThreshold":30, - "timeWindowSize":"PT05M" - }, - { - "ruleType":"AmqpC2DMessagesNotInAllowedRange", - "displayName":"Number of cloud to device messages (AMQP protocol) is not in allowed range", - "description":"Get an alert when the number of cloud to device messages (AMQP protocol) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"MqttC2DMessagesNotInAllowedRange", - "displayName":"Number of cloud to device messages (MQTT protocol) is not in allowed range", - "description":"Get an alert when the number of cloud to device messages (MQTT protocol) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"HttpC2DMessagesNotInAllowedRange", - "displayName":"Number of cloud to device messages (HTTP protocol) is not in allowed range", - "description":"Get an alert when the number of cloud to device messages (HTTP protocol) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"AmqpC2DRejectedMessagesNotInAllowedRange", - "displayName":"Number of rejected cloud to device messages (AMQP protocol) is not in allowed range", - "description":"Get an alert when the number of cloud to device messages (AMQP protocol) that were rejected by the device in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"MqttC2DRejectedMessagesNotInAllowedRange", - "displayName":"Number of rejected cloud to device messages (MQTT protocol) is not in allowed range", - "description":"Get an alert when the number of cloud to device messages (MQTT protocol) that were rejected by the device in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"HttpC2DRejectedMessagesNotInAllowedRange", - "displayName":"Number of rejected cloud to device messages (HTTP protocol) is not in allowed range", - "description":"Get an alert when the number of cloud to device messages (HTTP protocol) that were rejected by the device in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"AmqpD2CMessagesNotInAllowedRange", - "displayName":"Number of device to cloud messages (AMQP protocol) is not in allowed range", - "description":"Get an alert when the number of device to cloud messages (AMQP protocol) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"MqttD2CMessagesNotInAllowedRange", - "displayName":"Number of device to cloud messages (MQTT protocol) is not in allowed range", - "description":"Get an alert when the number of device to cloud messages (MQTT protocol) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"HttpD2CMessagesNotInAllowedRange", - "displayName":"Number of device to cloud messages (HTTP protocol) is not in allowed range", - "description":"Get an alert when the number of device to cloud messages (HTTP protocol) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"DirectMethodInvokesNotInAllowedRange", - "displayName":"Number of direct method invokes is not in allowed range", - "description":"Get an alert when the number of direct method invokes in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"FailedLocalLoginsNotInAllowedRange", - "displayName":"Number of failed local logins is not in allowed range", - "description":"Get an alert when the number of failed local logins on the device in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"FileUploadsNotInAllowedRange", - "displayName":"Number of file uploads is not in allowed range", - "description":"Get an alert when the number of file uploads from the device to the cloud in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"QueuePurgesNotInAllowedRange", - "displayName":"Number of device queue purges is not in allowed range", - "description":"Get an alert when the number of device queue purges in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"TwinUpdatesNotInAllowedRange", - "displayName":"Number of twin updates is not in allowed range", - "description":"Get an alert when the number of twin updates (by the device or the service) in the time window is not in the allowed range", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" - }, - { - "ruleType":"UnauthorizedOperationsNotInAllowedRange", - "displayName":"Number of unauthorized operations is not in allowed range", - "description":"Get an alert when the number unauthorized operations in the time window is not in the allowed range. Unauthorized operations are operations that affect the device (or done by it) that fail because of an unauthorized error", - "isEnabled":false, - "minThreshold":0, - "maxThreshold":0, - "timeWindowSize":"PT15M" + "201": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Devices/iotHubs/sampleiothub/providers/Microsoft.Security/deviceSecurityGroups/samplesecuritygroup", + "name": "samplesecuritygroup", + "type": "Microsoft.Security/deviceSecurityGroups", + "properties": { + "thresholdRules": [], + "timeWindowRules": [ + { + "ruleType": "ActiveConnectionsNotInAllowedRange", + "displayName": "Number of active connections is not in allowed range", + "description": "Get an alert when the number of active connections of a device in the time window is not in the allowed range", + "isEnabled": true, + "minThreshold": 0, + "maxThreshold": 30, + "timeWindowSize": "PT05M" + }, + { + "ruleType": "AmqpC2DMessagesNotInAllowedRange", + "displayName": "Number of cloud to device messages (AMQP protocol) is not in allowed range", + "description": "Get an alert when the number of cloud to device messages (AMQP protocol) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "MqttC2DMessagesNotInAllowedRange", + "displayName": "Number of cloud to device messages (MQTT protocol) is not in allowed range", + "description": "Get an alert when the number of cloud to device messages (MQTT protocol) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "HttpC2DMessagesNotInAllowedRange", + "displayName": "Number of cloud to device messages (HTTP protocol) is not in allowed range", + "description": "Get an alert when the number of cloud to device messages (HTTP protocol) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "AmqpC2DRejectedMessagesNotInAllowedRange", + "displayName": "Number of rejected cloud to device messages (AMQP protocol) is not in allowed range", + "description": "Get an alert when the number of cloud to device messages (AMQP protocol) that were rejected by the device in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "MqttC2DRejectedMessagesNotInAllowedRange", + "displayName": "Number of rejected cloud to device messages (MQTT protocol) is not in allowed range", + "description": "Get an alert when the number of cloud to device messages (MQTT protocol) that were rejected by the device in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "HttpC2DRejectedMessagesNotInAllowedRange", + "displayName": "Number of rejected cloud to device messages (HTTP protocol) is not in allowed range", + "description": "Get an alert when the number of cloud to device messages (HTTP protocol) that were rejected by the device in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "AmqpD2CMessagesNotInAllowedRange", + "displayName": "Number of device to cloud messages (AMQP protocol) is not in allowed range", + "description": "Get an alert when the number of device to cloud messages (AMQP protocol) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "MqttD2CMessagesNotInAllowedRange", + "displayName": "Number of device to cloud messages (MQTT protocol) is not in allowed range", + "description": "Get an alert when the number of device to cloud messages (MQTT protocol) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "HttpD2CMessagesNotInAllowedRange", + "displayName": "Number of device to cloud messages (HTTP protocol) is not in allowed range", + "description": "Get an alert when the number of device to cloud messages (HTTP protocol) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "DirectMethodInvokesNotInAllowedRange", + "displayName": "Number of direct method invokes is not in allowed range", + "description": "Get an alert when the number of direct method invokes in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "FailedLocalLoginsNotInAllowedRange", + "displayName": "Number of failed local logins is not in allowed range", + "description": "Get an alert when the number of failed local logins on the device in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "FileUploadsNotInAllowedRange", + "displayName": "Number of file uploads is not in allowed range", + "description": "Get an alert when the number of file uploads from the device to the cloud in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "QueuePurgesNotInAllowedRange", + "displayName": "Number of device queue purges is not in allowed range", + "description": "Get an alert when the number of device queue purges in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "TwinUpdatesNotInAllowedRange", + "displayName": "Number of twin updates is not in allowed range", + "description": "Get an alert when the number of twin updates (by the device or the service) in the time window is not in the allowed range", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" + }, + { + "ruleType": "UnauthorizedOperationsNotInAllowedRange", + "displayName": "Number of unauthorized operations is not in allowed range", + "description": "Get an alert when the number unauthorized operations in the time window is not in the allowed range. Unauthorized operations are operations that affect the device (or done by it) that fail because of an unauthorized error", + "isEnabled": false, + "minThreshold": 0, + "maxThreshold": 0, + "timeWindowSize": "PT15M" } ], - "allowlistRules":[ + "allowlistRules": [ { - "ruleType":"ConnectionToIpNotAllowed", - "displayName":"Outbound connection to an ip that isn't allowed", - "description":"Get an alert when an outbound connection is created between your device and an ip that isn't allowed", - "isEnabled":false, - "allowlistValues":[] + "ruleType": "ConnectionToIpNotAllowed", + "displayName": "Outbound connection to an ip that isn't allowed", + "description": "Get an alert when an outbound connection is created between your device and an ip that isn't allowed", + "isEnabled": false, + "allowlistValues": [] }, { - "ruleType":"LocalUserNotAllowed", - "displayName":"Login by a local user that isn't allowed", - "description":"Get an alert when a local user that isn't allowed logins to the device", - "isEnabled":false, - "allowlistValues":[] + "ruleType": "LocalUserNotAllowed", + "displayName": "Login by a local user that isn't allowed", + "description": "Get an alert when a local user that isn't allowed logins to the device", + "isEnabled": false, + "allowlistValues": [] }, { - "ruleType":"ProcessNotAllowed", - "displayName":"Execution of a process that isn't allowed", - "description":"Get an alert when a process that isn't allowed is executed", - "isEnabled":false, - "allowlistValues":[] + "ruleType": "ProcessNotAllowed", + "displayName": "Execution of a process that isn't allowed", + "description": "Get an alert when a process that isn't allowed is executed", + "isEnabled": false, + "allowlistValues": [] } ], - "denylistRules":[] + "denylistRules": [] } } } } -} \ No newline at end of file +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/InformationProtectionPolicies/CreateOrUpdateInformationProtectionPolicy_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/InformationProtectionPolicies/CreateOrUpdateInformationProtectionPolicy_example.json index 405d97f5dbc6..eeb717b89952 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/InformationProtectionPolicies/CreateOrUpdateInformationProtectionPolicy_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/InformationProtectionPolicies/CreateOrUpdateInformationProtectionPolicy_example.json @@ -1,169 +1,175 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "scope": "providers/Microsoft.Management/managementGroups/148059f7-faf3-49a6-ba35-85122112291e", - "informationProtectionPolicyName": "custom", - "InformationProtectionPolicy": { - "id": "/providers/Microsoft.Management/managementGroups/148059f7-faf3-49a6-ba35-85122112291e/providers/Microsoft.Security/informationProtectionPolicies/custom", - "name": "custom", - "type": "Microsoft.Security/informationProtectionPolicies", - "properties": { - "labels": { - "1345da73-bc5a-4a8f-b7dd-3820eb713da8": { - "displayName": "Public", - "order": 100, - "enabled": true - }, - "7aa516c7-5a53-4857-bc6e-6808c6acd542": { - "displayName": "General", - "order": 200, - "enabled": true - }, - "575739d2-3d53-4df0-9042-4c7772d5c7b1": { - "displayName": "Confidential", - "order": 300, - "enabled": true - } - }, - "informationTypes": { - "7fb9419d-2473-4ad8-8e11-b25cc8cf6a07": { - "displayName": "Networking", - "order": 100, - "recommendedLabelId": "575739d2-3d53-4df0-9042-4c7772d5c7b1", - "enabled": true, - "custom": false, - "keywords": [{ - "pattern": "%networking%", - "custom": true, - "canBeNumeric": false - } - ] - }, - "3bf35491-99b8-41f2-86d5-c1200a7df658": { - "displayName": "Custom", - "order": 1400, - "recommendedLabelId": "7aa516c7-5a53-4857-bc6e-6808c6acd542", - "enabled": true, - "custom": true, - "keywords": [{ - "pattern": "%custom%", - "custom": true, - "canBeNumeric": true - } - ] - } + "parameters": { + "api-version": "2017-08-01-preview", + "scope": "providers/Microsoft.Management/managementGroups/148059f7-faf3-49a6-ba35-85122112291e", + "informationProtectionPolicyName": "custom", + "InformationProtectionPolicy": { + "id": "/providers/Microsoft.Management/managementGroups/148059f7-faf3-49a6-ba35-85122112291e/providers/Microsoft.Security/informationProtectionPolicies/custom", + "name": "custom", + "type": "Microsoft.Security/informationProtectionPolicies", + "properties": { + "labels": { + "1345da73-bc5a-4a8f-b7dd-3820eb713da8": { + "displayName": "Public", + "order": 100, + "enabled": true + }, + "7aa516c7-5a53-4857-bc6e-6808c6acd542": { + "displayName": "General", + "order": 200, + "enabled": true + }, + "575739d2-3d53-4df0-9042-4c7772d5c7b1": { + "displayName": "Confidential", + "order": 300, + "enabled": true + } + }, + "informationTypes": { + "7fb9419d-2473-4ad8-8e11-b25cc8cf6a07": { + "displayName": "Networking", + "order": 100, + "recommendedLabelId": "575739d2-3d53-4df0-9042-4c7772d5c7b1", + "enabled": true, + "custom": false, + "keywords": [ + { + "pattern": "%networking%", + "custom": true, + "canBeNumeric": false + } + ] + }, + "3bf35491-99b8-41f2-86d5-c1200a7df658": { + "displayName": "Custom", + "order": 1400, + "recommendedLabelId": "7aa516c7-5a53-4857-bc6e-6808c6acd542", + "enabled": true, + "custom": true, + "keywords": [ + { + "pattern": "%custom%", + "custom": true, + "canBeNumeric": true + } + ] + } + } + } + } + }, + "responses": { + "200": { + "body": { + "id": "/providers/Microsoft.Management/managementGroups/148059f7-faf3-49a6-ba35-85122112291e/providers/Microsoft.Security/informationProtectionPolicies/custom", + "name": "custom", + "type": "Microsoft.Security/informationProtectionPolicies", + "properties": { + "labels": { + "1345da73-bc5a-4a8f-b7dd-3820eb713da8": { + "displayName": "Public", + "order": 100, + "enabled": true + }, + "7aa516c7-5a53-4857-bc6e-6808c6acd542": { + "displayName": "General", + "order": 200, + "enabled": true + }, + "575739d2-3d53-4df0-9042-4c7772d5c7b1": { + "displayName": "Confidential", + "order": 300, + "enabled": true + } + }, + "informationTypes": { + "7fb9419d-2473-4ad8-8e11-b25cc8cf6a07": { + "displayName": "Networking", + "order": 100, + "recommendedLabelId": "575739d2-3d53-4df0-9042-4c7772d5c7b1", + "enabled": true, + "custom": false, + "keywords": [ + { + "pattern": "%networking%", + "custom": true, + "canBeNumeric": false } + ] + }, + "3bf35491-99b8-41f2-86d5-c1200a7df658": { + "displayName": "Custom", + "order": 1400, + "recommendedLabelId": "7aa516c7-5a53-4857-bc6e-6808c6acd542", + "enabled": true, + "custom": true, + "keywords": [ + { + "pattern": "%custom%", + "custom": true, + "canBeNumeric": true + } + ] } + } } + } }, - "responses": { - "200": { - "body": { - "id": "/providers/Microsoft.Management/managementGroups/148059f7-faf3-49a6-ba35-85122112291e/providers/Microsoft.Security/informationProtectionPolicies/custom", - "name": "custom", - "type": "Microsoft.Security/informationProtectionPolicies", - "properties": { - "labels": { - "1345da73-bc5a-4a8f-b7dd-3820eb713da8": { - "displayName": "Public", - "order": 100, - "enabled": true - }, - "7aa516c7-5a53-4857-bc6e-6808c6acd542": { - "displayName": "General", - "order": 200, - "enabled": true - }, - "575739d2-3d53-4df0-9042-4c7772d5c7b1": { - "displayName": "Confidential", - "order": 300, - "enabled": true - } - }, - "informationTypes": { - "7fb9419d-2473-4ad8-8e11-b25cc8cf6a07": { - "displayName": "Networking", - "order": 100, - "recommendedLabelId": "575739d2-3d53-4df0-9042-4c7772d5c7b1", - "enabled": true, - "custom": false, - "keywords": [{ - "pattern": "%networking%", - "custom": true, - "canBeNumeric": false - } - ] - }, - "3bf35491-99b8-41f2-86d5-c1200a7df658": { - "displayName": "Custom", - "order": 1400, - "recommendedLabelId": "7aa516c7-5a53-4857-bc6e-6808c6acd542", - "enabled": true, - "custom": true, - "keywords": [{ - "pattern": "%custom%", - "custom": true, - "canBeNumeric": true - } - ] - } - } - } + "201": { + "body": { + "id": "/providers/Microsoft.Management/managementGroups/148059f7-faf3-49a6-ba35-85122112291e/providers/Microsoft.Security/informationProtectionPolicies/custom", + "name": "custom", + "type": "Microsoft.Security/informationProtectionPolicies", + "properties": { + "labels": { + "1345da73-bc5a-4a8f-b7dd-3820eb713da8": { + "displayName": "Public", + "order": 100, + "enabled": true + }, + "7aa516c7-5a53-4857-bc6e-6808c6acd542": { + "displayName": "General", + "order": 200, + "enabled": true + }, + "575739d2-3d53-4df0-9042-4c7772d5c7b1": { + "displayName": "Confidential", + "order": 300, + "enabled": true } - }, - "201": { - "body": { - "id": "/providers/Microsoft.Management/managementGroups/148059f7-faf3-49a6-ba35-85122112291e/providers/Microsoft.Security/informationProtectionPolicies/custom", - "name": "custom", - "type": "Microsoft.Security/informationProtectionPolicies", - "properties": { - "labels": { - "1345da73-bc5a-4a8f-b7dd-3820eb713da8": { - "displayName": "Public", - "order": 100, - "enabled": true - }, - "7aa516c7-5a53-4857-bc6e-6808c6acd542": { - "displayName": "General", - "order": 200, - "enabled": true - }, - "575739d2-3d53-4df0-9042-4c7772d5c7b1": { - "displayName": "Confidential", - "order": 300, - "enabled": true - } - }, - "informationTypes": { - "7fb9419d-2473-4ad8-8e11-b25cc8cf6a07": { - "displayName": "Networking", - "order": 100, - "recommendedLabelId": "575739d2-3d53-4df0-9042-4c7772d5c7b1", - "enabled": true, - "custom": false, - "keywords": [{ - "pattern": "%networking%", - "custom": true, - "canBeNumeric": false - } - ] - }, - "3bf35491-99b8-41f2-86d5-c1200a7df658": { - "displayName": "Custom", - "order": 1400, - "recommendedLabelId": "7aa516c7-5a53-4857-bc6e-6808c6acd542", - "enabled": true, - "custom": true, - "keywords": [{ - "pattern": "%custom%", - "custom": true, - "canBeNumeric": true - } - ] - } - } + }, + "informationTypes": { + "7fb9419d-2473-4ad8-8e11-b25cc8cf6a07": { + "displayName": "Networking", + "order": 100, + "recommendedLabelId": "575739d2-3d53-4df0-9042-4c7772d5c7b1", + "enabled": true, + "custom": false, + "keywords": [ + { + "pattern": "%networking%", + "custom": true, + "canBeNumeric": false + } + ] + }, + "3bf35491-99b8-41f2-86d5-c1200a7df658": { + "displayName": "Custom", + "order": 1400, + "recommendedLabelId": "7aa516c7-5a53-4857-bc6e-6808c6acd542", + "enabled": true, + "custom": true, + "keywords": [ + { + "pattern": "%custom%", + "custom": true, + "canBeNumeric": true } + ] } + } } + } } + } } diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/InformationProtectionPolicies/GetCustomInformationProtectionPolicy_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/InformationProtectionPolicies/GetCustomInformationProtectionPolicy_example.json index 9cb86e28ba22..38dcb1184435 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/InformationProtectionPolicies/GetCustomInformationProtectionPolicy_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/InformationProtectionPolicies/GetCustomInformationProtectionPolicy_example.json @@ -1,64 +1,65 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "scope": "providers/Microsoft.Management/managementGroups/148059f7-faf3-49a6-ba35-85122112291e", - "informationProtectionPolicyName": "custom" - }, - "responses": { - "200": { - "body": { - "id": "/providers/Microsoft.Management/managementGroups/148059f7-faf3-49a6-ba35-85122112291e/providers/Microsoft.Security/informationProtectionPolicies/custom", - "name": "custom", - "type": "Microsoft.Security/informationProtectionPolicies", - "properties": { - "labels": { - "1345da73-bc5a-4a8f-b7dd-3820eb713da8": { - "displayName": "Public", - "order": 100, - "enabled": true - }, - "7aa516c7-5a53-4857-bc6e-6808c6acd542": { - "displayName": "General", - "order": 200, - "enabled": true - }, - "575739d2-3d53-4df0-9042-4c7772d5c7b1": { - "displayName": "Confidential", - "order": 300, - "enabled": true - } - }, - "informationTypes": { - - "7fb9419d-2473-4ad8-8e11-b25cc8cf6a07": { - "displayName": "Networking", - "order": 100, - "recommendedLabelId": "575739d2-3d53-4df0-9042-4c7772d5c7b1", - "enabled": true, - "custom": false, - "keywords": [{ - "pattern": "%networking%", - "custom": true, - "canBeNumeric": false - } - ] - }, - "3bf35491-99b8-41f2-86d5-c1200a7df658": { - "displayName": "Custom", - "order": 1400, - "recommendedLabelId": "7aa516c7-5a53-4857-bc6e-6808c6acd542", - "enabled": true, - "custom": true, - "keywords": [{ - "pattern": "%custom%", - "custom": true, - "canBeNumeric": true - } - ] - } - } + "parameters": { + "api-version": "2017-08-01-preview", + "scope": "providers/Microsoft.Management/managementGroups/148059f7-faf3-49a6-ba35-85122112291e", + "informationProtectionPolicyName": "custom" + }, + "responses": { + "200": { + "body": { + "id": "/providers/Microsoft.Management/managementGroups/148059f7-faf3-49a6-ba35-85122112291e/providers/Microsoft.Security/informationProtectionPolicies/custom", + "name": "custom", + "type": "Microsoft.Security/informationProtectionPolicies", + "properties": { + "labels": { + "1345da73-bc5a-4a8f-b7dd-3820eb713da8": { + "displayName": "Public", + "order": 100, + "enabled": true + }, + "7aa516c7-5a53-4857-bc6e-6808c6acd542": { + "displayName": "General", + "order": 200, + "enabled": true + }, + "575739d2-3d53-4df0-9042-4c7772d5c7b1": { + "displayName": "Confidential", + "order": 300, + "enabled": true + } + }, + "informationTypes": { + "7fb9419d-2473-4ad8-8e11-b25cc8cf6a07": { + "displayName": "Networking", + "order": 100, + "recommendedLabelId": "575739d2-3d53-4df0-9042-4c7772d5c7b1", + "enabled": true, + "custom": false, + "keywords": [ + { + "pattern": "%networking%", + "custom": true, + "canBeNumeric": false + } + ] + }, + "3bf35491-99b8-41f2-86d5-c1200a7df658": { + "displayName": "Custom", + "order": 1400, + "recommendedLabelId": "7aa516c7-5a53-4857-bc6e-6808c6acd542", + "enabled": true, + "custom": true, + "keywords": [ + { + "pattern": "%custom%", + "custom": true, + "canBeNumeric": true } + ] } + } } + } } + } } diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/InformationProtectionPolicies/GetEffectiveInformationProtectionPolicy_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/InformationProtectionPolicies/GetEffectiveInformationProtectionPolicy_example.json index bbdb431fa29d..c9cd3c502e71 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/InformationProtectionPolicies/GetEffectiveInformationProtectionPolicy_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/InformationProtectionPolicies/GetEffectiveInformationProtectionPolicy_example.json @@ -1,105 +1,115 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "scope": "providers/Microsoft.Management/managementGroups/148059f7-faf3-49a6-ba35-85122112291e", - "informationProtectionPolicyName": "effective" - }, - "responses": { - "200": { - "body": { - "id": "/providers/Microsoft.Management/managementGroups/148059f7-faf3-49a6-ba35-85122112291e/providers/Microsoft.Security/informationProtectionPolicies/effective", - "name": "effective", - "type": "Microsoft.Security/informationProtectionPolicies", - "properties": { - "labels": { - "1345da73-bc5a-4a8f-b7dd-3820eb713da8": { - "displayName": "Public", - "order": 100, - "enabled": true - }, - "7aa516c7-5a53-4857-bc6e-6808c6acd542": { - "displayName": "General", - "order": 200, - "enabled": true - }, - "575739d2-3d53-4df0-9042-4c7772d5c7b1": { - "displayName": "Confidential", - "order": 300, - "enabled": true - } - }, - "informationTypes": { - "7fb9419d-2473-4ad8-8e11-b25cc8cf6a07": { - "displayName": "Networking", - "order": 100, - "recommendedLabelId": "575739d2-3d53-4df0-9042-4c7772d5c7b1", - "enabled": true, - "custom": false, - "keywords": [{ - "pattern": "%ip%", - "custom": false, - "canBeNumeric": false - }, { - "pattern": "ip%address%", - "custom": false, - "canBeNumeric": false - }, { - "pattern": "%mac%address%", - "custom": false, - "canBeNumeric": false - }, { - "pattern": "%networking%", - "custom": true, - "canBeNumeric": true, - "excluded": true - } - ] - }, - "5856f35c-8e08-4d08-9bf7-87a146150569": { - "displayName": "Contact Info", - "order": 200, - "recommendedLabelId": "575739d2-3d53-4df0-9042-4c7772d5c7b1", - "enabled": true, - "custom": false, - "keywords": [{ - "pattern": "%email%", - "custom": false, - "canBeNumeric": false - }, { - "pattern": "%e-mail%", - "custom": false, - "canBeNumeric": false - }, { - "pattern": "%addr%", - "custom": false, - "canBeNumeric": false - }, { - "pattern": "%street%", - "custom": false, - "canBeNumeric": true - }, { - "pattern": "%city%", - "custom": false, - "canBeNumeric": false - } - ] - }, - "3bf35491-99b8-41f2-86d5-c1200a7df658": { - "displayName": "Custom", - "order": 1400, - "recommendedLabelId": "7aa516c7-5a53-4857-bc6e-6808c6acd542", - "enabled": true, - "custom": true, - "keywords": [{ - "pattern": "%networking%", - "custom": true, - "canBeNumeric": false - } - ] - } - } + "parameters": { + "api-version": "2017-08-01-preview", + "scope": "providers/Microsoft.Management/managementGroups/148059f7-faf3-49a6-ba35-85122112291e", + "informationProtectionPolicyName": "effective" + }, + "responses": { + "200": { + "body": { + "id": "/providers/Microsoft.Management/managementGroups/148059f7-faf3-49a6-ba35-85122112291e/providers/Microsoft.Security/informationProtectionPolicies/effective", + "name": "effective", + "type": "Microsoft.Security/informationProtectionPolicies", + "properties": { + "labels": { + "1345da73-bc5a-4a8f-b7dd-3820eb713da8": { + "displayName": "Public", + "order": 100, + "enabled": true + }, + "7aa516c7-5a53-4857-bc6e-6808c6acd542": { + "displayName": "General", + "order": 200, + "enabled": true + }, + "575739d2-3d53-4df0-9042-4c7772d5c7b1": { + "displayName": "Confidential", + "order": 300, + "enabled": true + } + }, + "informationTypes": { + "7fb9419d-2473-4ad8-8e11-b25cc8cf6a07": { + "displayName": "Networking", + "order": 100, + "recommendedLabelId": "575739d2-3d53-4df0-9042-4c7772d5c7b1", + "enabled": true, + "custom": false, + "keywords": [ + { + "pattern": "%ip%", + "custom": false, + "canBeNumeric": false + }, + { + "pattern": "ip%address%", + "custom": false, + "canBeNumeric": false + }, + { + "pattern": "%mac%address%", + "custom": false, + "canBeNumeric": false + }, + { + "pattern": "%networking%", + "custom": true, + "canBeNumeric": true, + "excluded": true + } + ] + }, + "5856f35c-8e08-4d08-9bf7-87a146150569": { + "displayName": "Contact Info", + "order": 200, + "recommendedLabelId": "575739d2-3d53-4df0-9042-4c7772d5c7b1", + "enabled": true, + "custom": false, + "keywords": [ + { + "pattern": "%email%", + "custom": false, + "canBeNumeric": false + }, + { + "pattern": "%e-mail%", + "custom": false, + "canBeNumeric": false + }, + { + "pattern": "%addr%", + "custom": false, + "canBeNumeric": false + }, + { + "pattern": "%street%", + "custom": false, + "canBeNumeric": true + }, + { + "pattern": "%city%", + "custom": false, + "canBeNumeric": false + } + ] + }, + "3bf35491-99b8-41f2-86d5-c1200a7df658": { + "displayName": "Custom", + "order": 1400, + "recommendedLabelId": "7aa516c7-5a53-4857-bc6e-6808c6acd542", + "enabled": true, + "custom": true, + "keywords": [ + { + "pattern": "%networking%", + "custom": true, + "canBeNumeric": false } + ] } + } } + } } + } } diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/InformationProtectionPolicies/ListInformationProtectionPolicies_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/InformationProtectionPolicies/ListInformationProtectionPolicies_example.json index 024ce7dc4d55..f1b795193c1c 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/InformationProtectionPolicies/ListInformationProtectionPolicies_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/InformationProtectionPolicies/ListInformationProtectionPolicies_example.json @@ -1,158 +1,171 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "scope": "providers/Microsoft.Management/managementGroups/148059f7-faf3-49a6-ba35-85122112291e" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/providers/Microsoft.Management/managementGroups/148059f7-faf3-49a6-ba35-85122112291e/providers/Microsoft.Security/informationProtectionPolicies/effective", - "name": "effective", - "type": "Microsoft.Security/informationProtectionPolicies", - "properties": { - "labels": { - "1345da73-bc5a-4a8f-b7dd-3820eb713da8": { - "displayName": "Public", - "order": 100, - "enabled": true - }, - "7aa516c7-5a53-4857-bc6e-6808c6acd542": { - "displayName": "General", - "order": 200, - "enabled": true - }, - "575739d2-3d53-4df0-9042-4c7772d5c7b1": { - "displayName": "Confidential", - "order": 300, - "enabled": true - } - }, - "informationTypes": { - "7fb9419d-2473-4ad8-8e11-b25cc8cf6a07": { - "displayName": "Networking", - "order": 100, - "recommendedLabelId": "575739d2-3d53-4df0-9042-4c7772d5c7b1", - "enabled": true, - "custom": false, - "keywords": [{ - "pattern": "%ip%", - "custom": false, - "canBeNumeric": false - }, { - "pattern": "ip%address%", - "custom": false, - "canBeNumeric": false - }, { - "pattern": "%mac%address%", - "custom": false, - "canBeNumeric": false - }, { - "pattern": "%networking%", - "custom": true, - "canBeNumeric": true - } - ] - }, - "5856f35c-8e08-4d08-9bf7-87a146150569": { - "displayName": "Contact Info", - "order": 200, - "recommendedLabelId": "575739d2-3d53-4df0-9042-4c7772d5c7b1", - "enabled": true, - "custom": false, - "keywords": [{ - "pattern": "%email%", - "custom": false, - "canBeNumeric": false - }, { - "pattern": "%e-mail%", - "custom": false, - "canBeNumeric": false - }, { - "pattern": "%addr%", - "custom": false, - "canBeNumeric": false - }, { - "pattern": "%street%", - "custom": false, - "canBeNumeric": true - }, { - "pattern": "%city%", - "custom": false, - "canBeNumeric": false - } - ] - }, - "3bf35491-99b8-41f2-86d5-c1200a7df658": { - "displayName": "Custom", - "order": 1400, - "recommendedLabelId": "7aa516c7-5a53-4857-bc6e-6808c6acd542", - "enabled": true, - "custom": true, - "keywords": [{ - "pattern": "%networking%", - "custom": true, - "canBeNumeric": false - } - ] - } - } - } - }, { - "id": "/providers/Microsoft.Management/managementGroups/148059f7-faf3-49a6-ba35-85122112291e/providers/Microsoft.Security/informationProtectionPolicies/custom", - "name": "custom", - "type": "Microsoft.Security/informationProtectionPolicies", - "properties": { - "labels": { - "1345da73-bc5a-4a8f-b7dd-3820eb713da8": { - "displayName": "Public", - "order": 100, - "enabled": true - }, - "7aa516c7-5a53-4857-bc6e-6808c6acd542": { - "displayName": "General", - "order": 200, - "enabled": true - }, - "575739d2-3d53-4df0-9042-4c7772d5c7b1": { - "displayName": "Confidential", - "order": 300, - "enabled": true - } - }, - "informationTypes": { - - "7fb9419d-2473-4ad8-8e11-b25cc8cf6a07": { - "displayName": "Networking", - "order": 100, - "recommendedLabelId": "575739d2-3d53-4df0-9042-4c7772d5c7b1", - "enabled": true, - "custom": false, - "keywords": [{ - "pattern": "%networking%", - "custom": true, - "canBeNumeric": false - } - ] - }, - "3bf35491-99b8-41f2-86d5-c1200a7df658": { - "displayName": "Custom", - "order": 1400, - "recommendedLabelId": "7aa516c7-5a53-4857-bc6e-6808c6acd542", - "enabled": true, - "custom": true, - "keywords": [{ - "pattern": "%custom%", - "custom": true, - "canBeNumeric": true - } - ] - } - } - } + "parameters": { + "api-version": "2017-08-01-preview", + "scope": "providers/Microsoft.Management/managementGroups/148059f7-faf3-49a6-ba35-85122112291e" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/providers/Microsoft.Management/managementGroups/148059f7-faf3-49a6-ba35-85122112291e/providers/Microsoft.Security/informationProtectionPolicies/effective", + "name": "effective", + "type": "Microsoft.Security/informationProtectionPolicies", + "properties": { + "labels": { + "1345da73-bc5a-4a8f-b7dd-3820eb713da8": { + "displayName": "Public", + "order": 100, + "enabled": true + }, + "7aa516c7-5a53-4857-bc6e-6808c6acd542": { + "displayName": "General", + "order": 200, + "enabled": true + }, + "575739d2-3d53-4df0-9042-4c7772d5c7b1": { + "displayName": "Confidential", + "order": 300, + "enabled": true + } + }, + "informationTypes": { + "7fb9419d-2473-4ad8-8e11-b25cc8cf6a07": { + "displayName": "Networking", + "order": 100, + "recommendedLabelId": "575739d2-3d53-4df0-9042-4c7772d5c7b1", + "enabled": true, + "custom": false, + "keywords": [ + { + "pattern": "%ip%", + "custom": false, + "canBeNumeric": false + }, + { + "pattern": "ip%address%", + "custom": false, + "canBeNumeric": false + }, + { + "pattern": "%mac%address%", + "custom": false, + "canBeNumeric": false + }, + { + "pattern": "%networking%", + "custom": true, + "canBeNumeric": true } - ] + ] + }, + "5856f35c-8e08-4d08-9bf7-87a146150569": { + "displayName": "Contact Info", + "order": 200, + "recommendedLabelId": "575739d2-3d53-4df0-9042-4c7772d5c7b1", + "enabled": true, + "custom": false, + "keywords": [ + { + "pattern": "%email%", + "custom": false, + "canBeNumeric": false + }, + { + "pattern": "%e-mail%", + "custom": false, + "canBeNumeric": false + }, + { + "pattern": "%addr%", + "custom": false, + "canBeNumeric": false + }, + { + "pattern": "%street%", + "custom": false, + "canBeNumeric": true + }, + { + "pattern": "%city%", + "custom": false, + "canBeNumeric": false + } + ] + }, + "3bf35491-99b8-41f2-86d5-c1200a7df658": { + "displayName": "Custom", + "order": 1400, + "recommendedLabelId": "7aa516c7-5a53-4857-bc6e-6808c6acd542", + "enabled": true, + "custom": true, + "keywords": [ + { + "pattern": "%networking%", + "custom": true, + "canBeNumeric": false + } + ] + } + } + } + }, + { + "id": "/providers/Microsoft.Management/managementGroups/148059f7-faf3-49a6-ba35-85122112291e/providers/Microsoft.Security/informationProtectionPolicies/custom", + "name": "custom", + "type": "Microsoft.Security/informationProtectionPolicies", + "properties": { + "labels": { + "1345da73-bc5a-4a8f-b7dd-3820eb713da8": { + "displayName": "Public", + "order": 100, + "enabled": true + }, + "7aa516c7-5a53-4857-bc6e-6808c6acd542": { + "displayName": "General", + "order": 200, + "enabled": true + }, + "575739d2-3d53-4df0-9042-4c7772d5c7b1": { + "displayName": "Confidential", + "order": 300, + "enabled": true + } + }, + "informationTypes": { + "7fb9419d-2473-4ad8-8e11-b25cc8cf6a07": { + "displayName": "Networking", + "order": 100, + "recommendedLabelId": "575739d2-3d53-4df0-9042-4c7772d5c7b1", + "enabled": true, + "custom": false, + "keywords": [ + { + "pattern": "%networking%", + "custom": true, + "canBeNumeric": false + } + ] + }, + "3bf35491-99b8-41f2-86d5-c1200a7df658": { + "displayName": "Custom", + "order": 1400, + "recommendedLabelId": "7aa516c7-5a53-4857-bc6e-6808c6acd542", + "enabled": true, + "custom": true, + "keywords": [ + { + "pattern": "%custom%", + "custom": true, + "canBeNumeric": true + } + ] + } + } } - } + } + ] + } } + } } diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/CreateIoTSecuritySolution_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/CreateIoTSecuritySolution_example.json index f2ba1de31369..3c02031dd29c 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/CreateIoTSecuritySolution_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/CreateIoTSecuritySolution_example.json @@ -1,60 +1,62 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "resourceGroupName": "MyGroup", - "solutionName": "default", - "iotSecuritySolutionData": { - "tags": {}, - "location": "East Us", - "properties": { - "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1", - "status": "Enabled", - "export": [], - "disabledDataSources": [], - "displayName": "Solution Default", - "iotHubs": [ - "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" - ] - } + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "MyGroup", + "solutionName": "default", + "iotSecuritySolutionData": { + "tags": {}, + "location": "East Us", + "properties": { + "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1", + "status": "Enabled", + "export": [], + "disabledDataSources": [], + "displayName": "Solution Default", + "iotHubs": [ + "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" + ] + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/Locations/eastus/IoTSecuritySolutions/default", + "name": "default", + "type": "Microsoft.Security/IoTSecuritySolutions", + "location": "East Us", + "tags": {}, + "properties": { + "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1", + "status": "Enabled", + "export": [], + "disabledDataSources": [], + "displayName": "Solution Default", + "iotHubs": [ + "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" + ] + } } }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/Locations/eastus/IoTSecuritySolutions/default", - "name": "default", - "type": "Microsoft.Security/IoTSecuritySolutions", - "location": "East Us", - "tags": {}, - "properties": { - "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1", - "status": "Enabled", - "export": [], - "disabledDataSources": [], - "displayName": "Solution Default", - "iotHubs": [ - "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" - ] - }} - }, - "201": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/Locations/eastus/IoTSecuritySolutions/default", - "name": "default", - "type": "Microsoft.Security/IoTSecuritySolutions", - "location": "East Us", - "tags": {}, - "properties": { - "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1", - "status": "Enabled", - "export": [], - "disabledDataSources": [], - "displayName": "Solution Default", - "iotHubs": [ - "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" - ] - }} + "201": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/Locations/eastus/IoTSecuritySolutions/default", + "name": "default", + "type": "Microsoft.Security/IoTSecuritySolutions", + "location": "East Us", + "tags": {}, + "properties": { + "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1", + "status": "Enabled", + "export": [], + "disabledDataSources": [], + "displayName": "Solution Default", + "iotHubs": [ + "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" + ] } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/DeleteIoTSecuritySolution_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/DeleteIoTSecuritySolution_example.json index 9f2b35e3ef9c..f7911c653843 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/DeleteIoTSecuritySolution_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/DeleteIoTSecuritySolution_example.json @@ -1,14 +1,12 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "resourceGroupName": "MyGroup", - "solutionName": "default" - }, - "responses": { - "204": { - }, - "200": { - } - } -} \ No newline at end of file + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "MyGroup", + "solutionName": "default" + }, + "responses": { + "204": {}, + "200": {} + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/GetIoTSecuritySolution_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/GetIoTSecuritySolution_example.json index 6557bb952d4e..6649a20b1f76 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/GetIoTSecuritySolution_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/GetIoTSecuritySolution_example.json @@ -26,4 +26,4 @@ } } } -} \ No newline at end of file +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByIotHubAndRg_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByIotHubAndRg_example.json index 5ca6e9589d10..09ca8885a0d8 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByIotHubAndRg_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByIotHubAndRg_example.json @@ -1,32 +1,35 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "resourceGroupName": "MyRg", - "$filter": "properties.iotHubs/any(i eq \"/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub\")" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyRg/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default", - "name": "default", - "type": "Microsoft.Security/IoTSecuritySolutions", - "location": "East Us", - "tags": {}, - "properties": { - "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1", - "status": "Enabled", - "export": ["RawEvents"], - "disabledDataSources": [], - "displayName": "Solution Default", - "iotHubs": [ - "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" - ] - } - } - ] + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "MyRg", + "$filter": "properties.iotHubs/any(i eq \"/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub\")" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyRg/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default", + "name": "default", + "type": "Microsoft.Security/IoTSecuritySolutions", + "location": "East Us", + "tags": {}, + "properties": { + "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1", + "status": "Enabled", + "export": [ + "RawEvents" + ], + "disabledDataSources": [], + "displayName": "Solution Default", + "iotHubs": [ + "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" + ] } - } + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByIotHub_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByIotHub_example.json index d042c035e4b5..0cf73800b547 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByIotHub_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByIotHub_example.json @@ -1,31 +1,34 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "$filter": "properties.iotHubs/any(i eq \"/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub\")" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default", - "name": "default", - "type": "Microsoft.Security/IoTSecuritySolutions", - "location": "East Us", - "tags": {}, - "properties": { - "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1", - "status": "Enabled", - "export": ["RawEvents"], - "disabledDataSources": [], - "displayName": "Solution Default", - "iotHubs": [ - "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" - ] - } - } - ] + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "$filter": "properties.iotHubs/any(i eq \"/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub\")" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default", + "name": "default", + "type": "Microsoft.Security/IoTSecuritySolutions", + "location": "East Us", + "tags": {}, + "properties": { + "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1", + "status": "Enabled", + "export": [ + "RawEvents" + ], + "disabledDataSources": [], + "displayName": "Solution Default", + "iotHubs": [ + "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" + ] } - } + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByRg_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByRg_example.json index b4f00207cccc..79adc7eb0f1a 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByRg_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByRg_example.json @@ -1,31 +1,32 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "resourceGroupName" : "MyGroup" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default", - "name": "default", - "location": "East Us", - "type": "Microsoft.Security/IoTSecuritySolutions", - "tags": {}, - "properties": { - "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1", - "status": "Enabled", - "export": [], - "disabledDataSources": [], - "displayName": "Solution Default", - "iotHubs": [ - "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" - ] - } - } - ] + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "MyGroup" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default", + "name": "default", + "location": "East Us", + "type": "Microsoft.Security/IoTSecuritySolutions", + "tags": {}, + "properties": { + "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1", + "status": "Enabled", + "export": [], + "disabledDataSources": [], + "displayName": "Solution Default", + "iotHubs": [ + "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" + ] } - } + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/GetIoTSecuritySolutionsList_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/GetIoTSecuritySolutionsList_example.json index 12c5c5ed3ab7..7b102b844eb5 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/GetIoTSecuritySolutionsList_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/GetIoTSecuritySolutionsList_example.json @@ -1,47 +1,50 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default", - "name": "default", - "location": "East Us", - "type": "Microsoft.Security/IoTSecuritySolutions", - "tags": {}, - "properties": { - "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1", - "status": "Enabled", - "export": [], - "disabledDataSources": [], - "displayName": "Solution Default", - "iotHubs": [ - "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" - ] - } - }, - { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SecondGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/sec-solution", - "name": "sec-solution", - "location": "East Us", - "type": "Microsoft.Security/IoTSecuritySolutions", - "tags": {}, - "properties": { - "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1", - "status": "Enabled", - "export": ["RawEvents"], - "disabledDataSources": [], - "displayName": "Second Solution", - "iotHubs": [ - "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/IotHubSecond" - ] - } - } - ] + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/default", + "name": "default", + "location": "East Us", + "type": "Microsoft.Security/IoTSecuritySolutions", + "tags": {}, + "properties": { + "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1", + "status": "Enabled", + "export": [], + "disabledDataSources": [], + "displayName": "Solution Default", + "iotHubs": [ + "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" + ] } - } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SecondGroup/providers/Microsoft.Security/IoTSecuritySolutions/Locations/eastus/sec-solution", + "name": "sec-solution", + "location": "East Us", + "type": "Microsoft.Security/IoTSecuritySolutions", + "tags": {}, + "properties": { + "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1", + "status": "Enabled", + "export": [ + "RawEvents" + ], + "disabledDataSources": [], + "displayName": "Second Solution", + "iotHubs": [ + "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/IotHubSecond" + ] + } + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/UpdateIoTSecuritySolution_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/UpdateIoTSecuritySolution_example.json index 2d8c1a16fd7b..0d2da798697a 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/UpdateIoTSecuritySolution_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/IoTSecuritySolutions/UpdateIoTSecuritySolution_example.json @@ -1,33 +1,38 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "resourceGroupName": "myRg", - "solutionName": "default", - "securitySolutionTags": { - "tags":{ - "foo": "bar" - } - } - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/Locations/eastus/IoTSecuritySolutions/default", - "name": "default", - "type": "Microsoft.Security/IoTSecuritySolutions", - "location": "East Us", - "tags": { "foo": "bar" }, - "properties": { - "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1", - "status": "Enabled", - "export": ["RawEvents"], - "disabledDataSources": [], - "displayName": "Solution Default", - "iotHubs": [ - "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" - ] - }} + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg", + "solutionName": "default", + "securitySolutionTags": { + "tags": { + "foo": "bar" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/MyGroup/providers/Microsoft.Security/Locations/eastus/IoTSecuritySolutions/default", + "name": "default", + "type": "Microsoft.Security/IoTSecuritySolutions", + "location": "East Us", + "tags": { + "foo": "bar" + }, + "properties": { + "workspace": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1", + "status": "Enabled", + "export": [ + "RawEvents" + ], + "disabledDataSources": [], + "displayName": "Solution Default", + "iotHubs": [ + "/subscriptions/075423e9-7d33-4166-8bdf-3920b04e3735/resourceGroups/myRg/providers/Microsoft.Devices/IotHubs/FirstIotHub" + ] } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/CreatePricingsResourceGroup_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/CreatePricingsResourceGroup_example.json index e59560bc370e..ade01d7e892b 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/CreatePricingsResourceGroup_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/CreatePricingsResourceGroup_example.json @@ -1,28 +1,28 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "resourceGroupName": "myRg", - "pricingName": "myRg", - "pricing": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/pricings/myRg", - "name": "myRg", - "type": "Microsoft.Security/pricings", - "properties": { - "pricingTier": "Standard" - } - } - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/myRg", - "name": "myRg", - "type": "Microsoft.Security/pricings", - "properties": { - "pricingTier": "Standard" - } - } + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg", + "pricingName": "myRg", + "pricing": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/pricings/myRg", + "name": "myRg", + "type": "Microsoft.Security/pricings", + "properties": { + "pricingTier": "Standard" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/myRg", + "name": "myRg", + "type": "Microsoft.Security/pricings", + "properties": { + "pricingTier": "Standard" } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/CreatePricingsSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/CreatePricingsSubscription_example.json index 220052e0447c..70107ad9e5b0 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/CreatePricingsSubscription_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/CreatePricingsSubscription_example.json @@ -1,27 +1,27 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "pricingName": "default", - "pricing": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/default", - "name": "default", - "type": "Microsoft.Security/pricings", - "properties": { - "pricingTier": "Standard" - } - } - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/default", - "name": "default", - "type": "Microsoft.Security/pricings", - "properties": { - "pricingTier": "Standard" - } - } + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "pricingName": "default", + "pricing": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/default", + "name": "default", + "type": "Microsoft.Security/pricings", + "properties": { + "pricingTier": "Standard" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/default", + "name": "default", + "type": "Microsoft.Security/pricings", + "properties": { + "pricingTier": "Standard" } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingResourceGroup_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingResourceGroup_example.json index 2a10c1b3bae4..3057007e8378 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingResourceGroup_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingResourceGroup_example.json @@ -1,20 +1,20 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "resourceGroupName": "myRg", - "pricingName": "myRg" - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/myRg", - "name": "myRg", - "type": "Microsoft.Security/pricings", - "properties": { - "pricingTier": "Standard" - } - } + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg", + "pricingName": "myRg" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/myRg", + "name": "myRg", + "type": "Microsoft.Security/pricings", + "properties": { + "pricingTier": "Standard" } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingSubscription_example.json index 9113f59599c7..8bf387360442 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingSubscription_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingSubscription_example.json @@ -1,19 +1,19 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "pricingName": "default" - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/default", - "name": "default", - "type": "Microsoft.Security/pricings", - "properties": { - "pricingTier": "Standard" - } - } + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "pricingName": "default" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/default", + "name": "default", + "type": "Microsoft.Security/pricings", + "properties": { + "pricingTier": "Standard" } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingsResourceGroup_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingsResourceGroup_example.json index e439e08cbff5..d78fc2fe80b7 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingsResourceGroup_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingsResourceGroup_example.json @@ -1,21 +1,23 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "resourceGroupName": "myRg" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/myRg", - "name": "myRg", - "type": "Microsoft.Security/pricings", - "properties": { - "pricingTier": "Standard" - } - }] + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/myRg", + "name": "myRg", + "type": "Microsoft.Security/pricings", + "properties": { + "pricingTier": "Standard" } - } + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingsSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingsSubscription_example.json index 5a88b41a641a..9d8accc54d30 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingsSubscription_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Pricings/GetPricingsSubscription_example.json @@ -1,20 +1,22 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/default", - "name": "default", - "type": "Microsoft.Security/pricings", - "properties": { - "pricingTier": "Standard" - } - }] + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/default", + "name": "default", + "type": "Microsoft.Security/pricings", + "properties": { + "pricingTier": "Standard" } - } + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/CreateSecurityContact_full_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/CreateSecurityContact_full_example.json index 6826d1ff4817..2b86d482dbc3 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/CreateSecurityContact_full_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/CreateSecurityContact_full_example.json @@ -1,33 +1,33 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "securityContactName": "default1", - "securityContact": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityContacts/default1", - "name": "default1", - "type": "Microsoft.Security/securityContacts", - "properties": { - "email": "john@contoso.com", - "phone": "(214)275-4038", - "alertNotifications": "On", - "alertsToAdmins": "On" - } - } - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityContacts/default1", - "name": "default1", - "type": "Microsoft.Security/securityContacts", - "properties": { - "email": "john@contoso.com", - "phone": "(214)275-4038", - "alertNotifications": "On", - "alertsToAdmins": "On" - } - } + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "securityContactName": "default1", + "securityContact": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityContacts/default1", + "name": "default1", + "type": "Microsoft.Security/securityContacts", + "properties": { + "email": "john@contoso.com", + "phone": "(214)275-4038", + "alertNotifications": "On", + "alertsToAdmins": "On" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityContacts/default1", + "name": "default1", + "type": "Microsoft.Security/securityContacts", + "properties": { + "email": "john@contoso.com", + "phone": "(214)275-4038", + "alertNotifications": "On", + "alertsToAdmins": "On" } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/CreateSecurityContact_min_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/CreateSecurityContact_min_example.json index 9071d3667bb5..8f8c636d0761 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/CreateSecurityContact_min_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/CreateSecurityContact_min_example.json @@ -1,31 +1,31 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "securityContactName": "default2", - "securityContact": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityContacts/default2", - "name": "default2", - "type": "Microsoft.Security/securityContacts", - "properties": { - "email": "chen@contoso.com", - "alertNotifications": "On", - "alertsToAdmins": "On" - } - } - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityContacts/default2", - "name": "default2", - "type": "Microsoft.Security/securityContacts", - "properties": { - "email": "chen@contoso.com", - "alertNotifications": "On", - "alertsToAdmins": "On" - } - } + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "securityContactName": "default2", + "securityContact": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityContacts/default2", + "name": "default2", + "type": "Microsoft.Security/securityContacts", + "properties": { + "email": "chen@contoso.com", + "alertNotifications": "On", + "alertsToAdmins": "On" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityContacts/default2", + "name": "default2", + "type": "Microsoft.Security/securityContacts", + "properties": { + "email": "chen@contoso.com", + "alertNotifications": "On", + "alertsToAdmins": "On" } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/DeleteSecurityContact_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/DeleteSecurityContact_example.json index cfa39960c1c9..3ec1e7817319 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/DeleteSecurityContact_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/DeleteSecurityContact_example.json @@ -1,11 +1,10 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "securityContactName": "default1" - }, - "responses": { - "204": { - } - } -} \ No newline at end of file + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "securityContactName": "default1" + }, + "responses": { + "204": {} + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContact_full_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContact_full_example.json index 4f2560852e53..06017625fc2a 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContact_full_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContact_full_example.json @@ -1,22 +1,22 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "securityContactName": "default1" - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityContacts/default1", - "name": "default1", - "type": "Microsoft.Security/securityContacts", - "properties": { - "email": "john@contoso.com", - "phone": "(214)275-4038", - "alertNotifications": "On", - "alertsToAdmins": "On" - } - } + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "securityContactName": "default1" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityContacts/default1", + "name": "default1", + "type": "Microsoft.Security/securityContacts", + "properties": { + "email": "john@contoso.com", + "phone": "(214)275-4038", + "alertNotifications": "On", + "alertsToAdmins": "On" } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContact_min_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContact_min_example.json index e3ef6d40c47e..c41fdeeae861 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContact_min_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContact_min_example.json @@ -1,21 +1,21 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "securityContactName": "default2" - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityContacts/default2", - "name": "default2", - "type": "Microsoft.Security/securityContacts", - "properties": { - "email": "chen@contoso.com", - "alertNotifications": "On", - "alertsToAdmins": "On" - } - } + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "securityContactName": "default2" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityContacts/default2", + "name": "default2", + "type": "Microsoft.Security/securityContacts", + "properties": { + "email": "chen@contoso.com", + "alertNotifications": "On", + "alertsToAdmins": "On" } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContactsSubscription_full_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContactsSubscription_full_example.json index b894be26d6fa..0a97ffe4bf4f 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContactsSubscription_full_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContactsSubscription_full_example.json @@ -1,23 +1,25 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityContacts/default1", - "name": "default1", - "type": "Microsoft.Security/securityContacts", - "properties": { - "email": "john@contoso.com", - "phone": "(214)275-4038", - "alertNotifications": "On", - "alertsToAdmins": "On" - } - }] + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityContacts/default1", + "name": "default1", + "type": "Microsoft.Security/securityContacts", + "properties": { + "email": "john@contoso.com", + "phone": "(214)275-4038", + "alertNotifications": "On", + "alertsToAdmins": "On" } - } + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContactsSubscription_min_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContactsSubscription_min_example.json index b416fa948ca8..050a02c70b2e 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContactsSubscription_min_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/GetSecurityContactsSubscription_min_example.json @@ -1,22 +1,24 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityContacts/default2", - "name": "default2", - "type": "Microsoft.Security/securityContacts", - "properties": { - "email": "chen@contoso.com", - "alertNotifications": "On", - "alertsToAdmins": "On" - } - }] + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityContacts/default2", + "name": "default2", + "type": "Microsoft.Security/securityContacts", + "properties": { + "email": "chen@contoso.com", + "alertNotifications": "On", + "alertsToAdmins": "On" } - } + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/UpdateSecurityContact_full_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/UpdateSecurityContact_full_example.json index f1ed7b070044..31c8c8a09c8f 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/UpdateSecurityContact_full_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/UpdateSecurityContact_full_example.json @@ -1,31 +1,31 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "securityContactName": "john", - "securityContact": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityContacts/default1", - "name": "default1", - "type": "Microsoft.Security/securityContacts", - "properties": { - "phone": "(214)275-4038", - "alertNotifications": "On" - } - } - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityContacts/default1", - "name": "default1", - "type": "Microsoft.Security/securityContacts", - "properties": { - "email": "john@contoso.com", - "phone": "(214)275-4038", - "alertNotifications": "On", - "alertsToAdmins": "Off" - } - } + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "securityContactName": "john", + "securityContact": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityContacts/default1", + "name": "default1", + "type": "Microsoft.Security/securityContacts", + "properties": { + "phone": "(214)275-4038", + "alertNotifications": "On" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityContacts/default1", + "name": "default1", + "type": "Microsoft.Security/securityContacts", + "properties": { + "email": "john@contoso.com", + "phone": "(214)275-4038", + "alertNotifications": "On", + "alertsToAdmins": "Off" } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/UpdateSecurityContact_min_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/UpdateSecurityContact_min_example.json index 8ecb447d4746..15dc62fe5d67 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/UpdateSecurityContact_min_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/SecurityContacts/UpdateSecurityContact_min_example.json @@ -1,29 +1,29 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "securityContactName": "default2", - "securityContact": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityContacts/default2", - "name": "default2", - "type": "Microsoft.Security/securityContacts", - "properties": { - "alertNotifications": "On" - } - } - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityContacts/default2", - "name": "default2", - "type": "Microsoft.Security/securityContacts", - "properties": { - "email": "chen@contoso.com", - "alertNotifications": "On", - "alertsToAdmins": "Off" - } - } + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "securityContactName": "default2", + "securityContact": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityContacts/default2", + "name": "default2", + "type": "Microsoft.Security/securityContacts", + "properties": { + "alertNotifications": "On" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/securityContacts/default2", + "name": "default2", + "type": "Microsoft.Security/securityContacts", + "properties": { + "email": "chen@contoso.com", + "alertNotifications": "On", + "alertsToAdmins": "Off" } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Settings/GetSetting_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Settings/GetSetting_example.json index d400edf86c57..181c67497c00 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Settings/GetSetting_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Settings/GetSetting_example.json @@ -1,20 +1,20 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "settingName": "MCAS" - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/MCAS", - "name": "MCAS", - "kind": "DataExportSetting", - "type": "Microsoft.Security/settings", - "properties": { - "enabled": true - } - } + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "settingName": "MCAS" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/MCAS", + "name": "MCAS", + "kind": "DataExportSetting", + "type": "Microsoft.Security/settings", + "properties": { + "enabled": true } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Settings/GetSettings_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Settings/GetSettings_example.json index acf22eeb4e3b..c646eea28aec 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Settings/GetSettings_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Settings/GetSettings_example.json @@ -1,32 +1,32 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" - }, - "responses": { - "200": { - "body": { - "value": [ - { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/MCAS", - "name": "MCAS", - "kind": "DataExportSetting", - "type": "Microsoft.Security/settings", - "properties": { - "enabled": true - } - }, - { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/WDATP", - "name": "WDATP", - "kind": "DataExportSetting", - "type": "Microsoft.Security/settings", - "properties": { - "enabled": false - } - } - ] + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/MCAS", + "name": "MCAS", + "kind": "DataExportSetting", + "type": "Microsoft.Security/settings", + "properties": { + "enabled": true } - } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/WDATP", + "name": "WDATP", + "kind": "DataExportSetting", + "type": "Microsoft.Security/settings", + "properties": { + "enabled": false + } + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Settings/UpdateSetting_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Settings/UpdateSetting_example.json index 17c046d4d999..e9815a163a4d 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Settings/UpdateSetting_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/Settings/UpdateSetting_example.json @@ -1,29 +1,29 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "settingName": "MCAS", - "setting": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/MCAS", - "name": "MCAS", - "kind": "DataExportSetting", - "type": "Microsoft.Security/settings", - "properties": { - "enabled": true - } - } - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/MCAS", - "name": "MCAS", - "kind": "DataExportSetting", - "type": "Microsoft.Security/settings", - "properties": { - "enabled": true - } - } + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "settingName": "MCAS", + "setting": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/MCAS", + "name": "MCAS", + "kind": "DataExportSetting", + "type": "Microsoft.Security/settings", + "properties": { + "enabled": true + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/MCAS", + "name": "MCAS", + "kind": "DataExportSetting", + "type": "Microsoft.Security/settings", + "properties": { + "enabled": true } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/CreateWorkspaceSetting_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/CreateWorkspaceSetting_example.json index f9ecc62a9965..8a291c3e60fc 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/CreateWorkspaceSetting_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/CreateWorkspaceSetting_example.json @@ -1,29 +1,29 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "workspaceSettingName": "default", - "workspaceSetting": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/workspaceSettings/default", - "name": "default", - "type": "Microsoft.Security/workspaceSettings", - "properties": { - "workspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace", - "scope": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23" - } - } - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/workspaceSettings/default", - "name": "default", - "type": "Microsoft.Security/workspaceSettings", - "properties": { - "workspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace", - "scope": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23" - } - } + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "workspaceSettingName": "default", + "workspaceSetting": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/workspaceSettings/default", + "name": "default", + "type": "Microsoft.Security/workspaceSettings", + "properties": { + "workspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace", + "scope": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/workspaceSettings/default", + "name": "default", + "type": "Microsoft.Security/workspaceSettings", + "properties": { + "workspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace", + "scope": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23" } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/DeleteWorkspaceSetting_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/DeleteWorkspaceSetting_example.json index 9bb7be67b739..8b8d8126d83e 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/DeleteWorkspaceSetting_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/DeleteWorkspaceSetting_example.json @@ -1,11 +1,10 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "workspaceSettingName": "default" - }, - "responses": { - "204": { - } - } -} \ No newline at end of file + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "workspaceSettingName": "default" + }, + "responses": { + "204": {} + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/GetWorkspaceSetting_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/GetWorkspaceSetting_example.json index 705d85293349..115958b19922 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/GetWorkspaceSetting_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/GetWorkspaceSetting_example.json @@ -1,20 +1,20 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "workspaceSettingName": "default" - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/workspaceSettings/default", - "name": "default", - "type": "Microsoft.Security/workspaceSettings", - "properties": { - "workspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace", - "scope": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23" - } - } + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "workspaceSettingName": "default" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/workspaceSettings/default", + "name": "default", + "type": "Microsoft.Security/workspaceSettings", + "properties": { + "workspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace", + "scope": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23" } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/GetWorkspaceSettings_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/GetWorkspaceSettings_example.json index d4b23e39d093..5f124eab7be2 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/GetWorkspaceSettings_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/GetWorkspaceSettings_example.json @@ -1,31 +1,32 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/workspaceSettings/default", - "name": "default", - "type": "Microsoft.Security/workspaceSettings", - "properties": { - "workspaceId": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1", - "scope": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23" - } - }, - { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/workspaceSettings/myRg", - "name": "myRg", - "type": "Microsoft.Security/workspaceSettings", - "properties": { - "workspaceId": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myOtherRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace2", - "scope": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg" - } - } - ] + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/workspaceSettings/default", + "name": "default", + "type": "Microsoft.Security/workspaceSettings", + "properties": { + "workspaceId": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace1", + "scope": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23" } - } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Security/workspaceSettings/myRg", + "name": "myRg", + "type": "Microsoft.Security/workspaceSettings", + "properties": { + "workspaceId": "/subscriptions/c4930e90-cd72-4aa5-93e9-2d081d129569/resourceGroups/myOtherRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace2", + "scope": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg" + } + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/UpdateWorkspaceSetting_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/UpdateWorkspaceSetting_example.json index e4e7078f84cd..89721a408118 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/UpdateWorkspaceSetting_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/examples/WorkspaceSettings/UpdateWorkspaceSetting_example.json @@ -1,28 +1,28 @@ { - "parameters": { - "api-version": "2017-08-01-preview", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "workspaceSettingName": "default", - "workspaceSetting": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/workspaceSettings/default", - "name": "default", - "type": "Microsoft.Security/workspaceSettings", - "properties": { - "workspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace" - } - } - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/workspaceSettings/default", - "name": "default", - "type": "Microsoft.Security/workspaceSettings", - "properties": { - "workspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace", - "scope": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23" - } - } + "parameters": { + "api-version": "2017-08-01-preview", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "workspaceSettingName": "default", + "workspaceSetting": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/workspaceSettings/default", + "name": "default", + "type": "Microsoft.Security/workspaceSettings", + "properties": { + "workspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/workspaceSettings/default", + "name": "default", + "type": "Microsoft.Security/workspaceSettings", + "properties": { + "workspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace", + "scope": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23" } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/informationProtectionPolicies.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/informationProtectionPolicies.json index 1b276d6702d0..160233ecc06e 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/informationProtectionPolicies.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/informationProtectionPolicies.json @@ -1,289 +1,315 @@ { - "swagger": "2.0", - "info": { - "title": "Security Center", - "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", - "version": "2017-08-01-preview" - }, - "host": "management.azure.com", - "schemes": ["https"], - "consumes": ["application/json"], - "produces": ["application/json"], - "security": [{ - "azure_auth": [ - "user_impersonation" - ] - }], - "securityDefinitions": { - "azure_auth": { - "type": "oauth2", - "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", - "flow": "implicit", - "description": "Azure Active Directory OAuth2 Flow", - "scopes": { - "user_impersonation": "impersonate your user account" + "swagger": "2.0", + "info": { + "title": "Security Center", + "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", + "version": "2017-08-01-preview" + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Security/informationProtectionPolicies/{informationProtectionPolicyName}": { + "get": { + "x-ms-examples": { + "Get the customized information protection policy for a management group": { + "$ref": "./examples/InformationProtectionPolicies/GetCustomInformationProtectionPolicy_example.json" + }, + "Get the effective information protection policy for a management group": { + "$ref": "./examples/InformationProtectionPolicies/GetEffectiveInformationProtectionPolicy_example.json" + } + }, + "tags": [ + "InformationProtectionPolicies" + ], + "description": "Details of the information protection policy.", + "operationId": "InformationProtectionPolicies_Get", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/Scope" + }, + { + "$ref": "#/parameters/InformationProtectionPolicyName" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/InformationProtectionPolicy" } - } - }, - "paths": { - "/{scope}/providers/Microsoft.Security/informationProtectionPolicies/{informationProtectionPolicyName}": { - "get": { - "x-ms-examples": { - "Get the customized information protection policy for a management group": { - "$ref": "./examples/InformationProtectionPolicies/GetCustomInformationProtectionPolicy_example.json" - }, - "Get the effective information protection policy for a management group": { - "$ref": "./examples/InformationProtectionPolicies/GetEffectiveInformationProtectionPolicy_example.json" - } - }, - "tags": ["InformationProtectionPolicies"], - "description": "Details of the information protection policy.", - "operationId": "InformationProtectionPolicies_Get", - "parameters": [{ - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, { - "$ref": "../../../common/v1/types.json#/parameters/Scope" - }, { - "$ref": "#/parameters/InformationProtectionPolicyName" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/InformationProtectionPolicy" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } - }, - "put": { - "x-ms-examples": { - "Create or update an information protection policy for a management group": { - "$ref": "./examples/InformationProtectionPolicies/CreateOrUpdateInformationProtectionPolicy_example.json" - } - }, - "tags": ["InformationProtectionPolicies"], - "description": "Details of the information protection policy.", - "operationId": "InformationProtectionPolicies_CreateOrUpdate", - "parameters": [{ - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, { - "$ref": "../../../common/v1/types.json#/parameters/Scope" - }, { - "$ref": "#/parameters/InformationProtectionPolicyName" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/InformationProtectionPolicy" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/InformationProtectionPolicy" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" } + } + } + }, + "put": { + "x-ms-examples": { + "Create or update an information protection policy for a management group": { + "$ref": "./examples/InformationProtectionPolicies/CreateOrUpdateInformationProtectionPolicy_example.json" + } }, - "/{scope}/providers/Microsoft.Security/informationProtectionPolicies": { - "get": { - "x-ms-examples": { - "Get information protection policies": { - "$ref": "./examples/InformationProtectionPolicies/ListInformationProtectionPolicies_example.json" - } - }, - "tags": ["InformationProtectionPolicies"], - "description": "Information protection policies of a specific management group.", - "operationId": "InformationProtectionPolicies_List", - "parameters": [{ - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, { - "$ref": "../../../common/v1/types.json#/parameters/Scope" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/InformationProtectionPolicyList" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - } + "tags": [ + "InformationProtectionPolicies" + ], + "description": "Details of the information protection policy.", + "operationId": "InformationProtectionPolicies_CreateOrUpdate", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/Scope" + }, + { + "$ref": "#/parameters/InformationProtectionPolicyName" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/InformationProtectionPolicy" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/InformationProtectionPolicy" } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } + } } + } }, - "definitions": { - "InformationProtectionPolicyList": { - "type": "object", - "readOnly": true, - "description": "Information protection policies response.", - "properties": { - "value": { - "type": "array", - "description": "List of information protection policies.", - "items": { - "$ref": "#/definitions/InformationProtectionPolicy" - } - }, - "nextLink": { - "readOnly": true, - "type": "string", - "description": "The URI to fetch the next page." - } + "/{scope}/providers/Microsoft.Security/informationProtectionPolicies": { + "get": { + "x-ms-examples": { + "Get information protection policies": { + "$ref": "./examples/InformationProtectionPolicies/ListInformationProtectionPolicies_example.json" + } + }, + "tags": [ + "InformationProtectionPolicies" + ], + "description": "Information protection policies of a specific management group.", + "operationId": "InformationProtectionPolicies_List", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/Scope" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/InformationProtectionPolicyList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" } + } }, - "InformationProtectionPolicy": { - "type": "object", - "description": "Information protection policy.", - "properties": { - "properties": { - "x-ms-client-flatten": true, - "description": "Information protection policy data", - "$ref": "#/definitions/InformationProtectionPolicyProperties" - } - }, - "allOf": [{ - "$ref": "../../../common/v1/types.json#/definitions/Resource" - } - ] + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + } + }, + "definitions": { + "InformationProtectionPolicyList": { + "type": "object", + "readOnly": true, + "description": "Information protection policies response.", + "properties": { + "value": { + "type": "array", + "description": "List of information protection policies.", + "items": { + "$ref": "#/definitions/InformationProtectionPolicy" + } }, - "InformationProtectionPolicyProperties": { - "type": "object", - "description": "describes properties of an information protection policy.", - "properties": { - "lastModifiedUtc": { - "type": "string", - "format": "date-time", - "readOnly": true, - "description": "Describes the last UTC time the policy was modified." - }, - "labels": { - "type": "object", - "description": "Dictionary of sensitivity labels.", - "additionalProperties": { - "type": "object", - "$ref": "#/definitions/SensitivityLabel" - } - }, - "informationTypes": { - "type": "object", - "description": "The sensitivity information types.", - "additionalProperties": { - "type": "object", - "$ref": "#/definitions/InformationType" - } - } - } + "nextLink": { + "readOnly": true, + "type": "string", + "description": "The URI to fetch the next page." + } + } + }, + "InformationProtectionPolicy": { + "type": "object", + "description": "Information protection policy.", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "description": "Information protection policy data", + "$ref": "#/definitions/InformationProtectionPolicyProperties" + } + }, + "allOf": [ + { + "$ref": "../../../common/v1/types.json#/definitions/Resource" + } + ] + }, + "InformationProtectionPolicyProperties": { + "type": "object", + "description": "describes properties of an information protection policy.", + "properties": { + "lastModifiedUtc": { + "type": "string", + "format": "date-time", + "readOnly": true, + "description": "Describes the last UTC time the policy was modified." }, - "SensitivityLabel": { + "labels": { + "type": "object", + "description": "Dictionary of sensitivity labels.", + "additionalProperties": { "type": "object", - "description": "The sensitivity label.", - "properties": { - "displayName": { - "type": "string", - "description": "The name of the sensitivity label." - }, - "order": { - "type": "number", - "description": "The order of the sensitivity label." - }, - "enabled": { - "type": "boolean", - "description": "Indicates whether the label is enabled or not." - } - } + "$ref": "#/definitions/SensitivityLabel" + } }, - "InformationType": { + "informationTypes": { + "type": "object", + "description": "The sensitivity information types.", + "additionalProperties": { "type": "object", - "description": "The information type.", - "properties": { - "displayName": { - "type": "string", - "description": "The name of the information type." - }, - "order": { - "type": "number", - "description": "The order of the information type." - }, - "recommendedLabelId": { - "type": "string", - "format": "uuid", - "description": "The recommended label id to be associated with this information type." - }, - "enabled": { - "type": "boolean", - "description": "Indicates whether the information type is enabled or not." - }, - "custom": { - "type": "boolean", - "description": "Indicates whether the information type is custom or not." - }, - "keywords": { - "type": "array", - "description": "The information type keywords.", - "items": { - "$ref": "#/definitions/InformationProtectionKeyword" - } - } - } + "$ref": "#/definitions/InformationType" + } + } + } + }, + "SensitivityLabel": { + "type": "object", + "description": "The sensitivity label.", + "properties": { + "displayName": { + "type": "string", + "description": "The name of the sensitivity label." }, - "InformationProtectionKeyword": { - "type": "object", - "description": "The information type keyword.", - "properties": { - "pattern": { - "type": "string", - "description": "The keyword pattern." - }, - "custom": { - "type": "boolean", - "description": "Indicates whether the keyword is custom or not." - }, - "canBeNumeric": { - "type": "boolean", - "description": "Indicates whether the keyword can be applied on numeric types or not." - }, - "excluded": { - "type": "boolean", - "description": "Indicates whether the keyword is excluded or not." - } - } + "order": { + "type": "number", + "description": "The order of the sensitivity label." + }, + "enabled": { + "type": "boolean", + "description": "Indicates whether the label is enabled or not." + } + } + }, + "InformationType": { + "type": "object", + "description": "The information type.", + "properties": { + "displayName": { + "type": "string", + "description": "The name of the information type." + }, + "order": { + "type": "number", + "description": "The order of the information type." + }, + "recommendedLabelId": { + "type": "string", + "format": "uuid", + "description": "The recommended label id to be associated with this information type." + }, + "enabled": { + "type": "boolean", + "description": "Indicates whether the information type is enabled or not." + }, + "custom": { + "type": "boolean", + "description": "Indicates whether the information type is custom or not." + }, + "keywords": { + "type": "array", + "description": "The information type keywords.", + "items": { + "$ref": "#/definitions/InformationProtectionKeyword" + } } + } }, - "parameters": { - "InformationProtectionPolicyName": { - "name": "informationProtectionPolicyName", - "in": "path", - "required": true, - "type": "string", - "enum": ["effective", "custom"], - "description": "Name of the information protection policy.", - "x-ms-parameter-location": "method" + "InformationProtectionKeyword": { + "type": "object", + "description": "The information type keyword.", + "properties": { + "pattern": { + "type": "string", + "description": "The keyword pattern." + }, + "custom": { + "type": "boolean", + "description": "Indicates whether the keyword is custom or not." + }, + "canBeNumeric": { + "type": "boolean", + "description": "Indicates whether the keyword can be applied on numeric types or not." + }, + "excluded": { + "type": "boolean", + "description": "Indicates whether the keyword is excluded or not." } + } + } + }, + "parameters": { + "InformationProtectionPolicyName": { + "name": "informationProtectionPolicyName", + "in": "path", + "required": true, + "type": "string", + "enum": [ + "effective", + "custom" + ], + "description": "Name of the information protection policy.", + "x-ms-parameter-location": "method" } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/iotSecuritySolutions.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/iotSecuritySolutions.json index f5f099a912bb..1f537f2a4f08 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/iotSecuritySolutions.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/iotSecuritySolutions.json @@ -1,442 +1,475 @@ { "swagger": "2.0", "info": { - "title": "Security Center", - "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", - "version": "2017-08-01-preview" + "title": "Security Center", + "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", + "version": "2017-08-01-preview" }, "host": "management.azure.com", - "schemes": ["https"], - "consumes": ["application/json"], - "produces": ["application/json"], - "security": [{ + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { "azure_auth": [ - "user_impersonation" + "user_impersonation" ] - }], + } + ], "securityDefinitions": { - "azure_auth": { - "type": "oauth2", - "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", - "flow": "implicit", - "description": "Azure Active Directory OAuth2 Flow", - "scopes": { - "user_impersonation": "impersonate your user account" - } + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" } + } }, "paths": { - "/subscriptions/{subscriptionId}/providers/Microsoft.Security/iotSecuritySolutions": { - "get": { - "x-ms-examples": { - "Get Security Solutions list": { - "$ref": "./examples/IoTSecuritySolutions/GetIoTSecuritySolutionsList_example.json" - }, - "Get Security Solutions list By IotHub": { - "$ref": "./examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByIotHub_example.json" - } - }, - "tags": ["IoT Security Solutions"], - "description": "List of security solutions", - "operationId": "IoTSecuritySolutions_List", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, - { - "$ref": "#/parameters/FilterParam" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/IoTSecuritySolutionsList" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - } + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/iotSecuritySolutions": { + "get": { + "x-ms-examples": { + "Get Security Solutions list": { + "$ref": "./examples/IoTSecuritySolutions/GetIoTSecuritySolutionsList_example.json" + }, + "Get Security Solutions list By IotHub": { + "$ref": "./examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByIotHub_example.json" + } + }, + "tags": [ + "IoT Security Solutions" + ], + "description": "List of security solutions", + "operationId": "IoTSecuritySolutions_List", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "#/parameters/FilterParam" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/IoTSecuritySolutionsList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions": { + "get": { + "x-ms-examples": { + "Get Security Solutions list": { + "$ref": "./examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByRg_example.json" + }, + "Get Security Solutions list By IotHub": { + "$ref": "./examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByIotHubAndRg_example.json" + } + }, + "tags": [ + "IoT Security Solutions" + ], + "description": "List of security solutions", + "operationId": "IoTSecuritySolutionsResourceGroup_List", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" + }, + { + "$ref": "#/parameters/FilterParam" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/IoTSecuritySolutionsList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}": { + "get": { + "x-ms-examples": { + "Get an iot security solution": { + "$ref": "./examples/IoTSecuritySolutions/GetIoTSecuritySolution_example.json" + } + }, + "tags": [ + "IoT Security Solutions" + ], + "description": "Details of a specific iot security solution", + "operationId": "IotSecuritySolution_Get", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" + }, + { + "$ref": "#/parameters/SolutionName" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/IoTSecuritySolutionModel" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } } + } }, - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions": { - "get": { - "x-ms-examples": { - "Get Security Solutions list": { - "$ref": "./examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByRg_example.json" - }, - "Get Security Solutions list By IotHub": { - "$ref": "./examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByIotHubAndRg_example.json" - } - }, - "tags": ["IoT Security Solutions"], - "description": "List of security solutions", - "operationId": "IoTSecuritySolutionsResourceGroup_List", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" - }, - { - "$ref": "#/parameters/FilterParam" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/IoTSecuritySolutionsList" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - } + "put": { + "x-ms-examples": { + "Create an iot security solution": { + "$ref": "./examples/IoTSecuritySolutions/CreateIoTSecuritySolution_example.json" + } + }, + "tags": [ + "IoT Security Solutions" + ], + "description": "Create new solution manager", + "operationId": "IotSecuritySolution_Create", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" + }, + { + "$ref": "#/parameters/SolutionName" + }, + { + "$ref": "#/parameters/IotSecuritySolutionData" } + ], + "responses": { + "200": { + "description": "Updated", + "schema": { + "$ref": "#/definitions/IoTSecuritySolutionModel" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/IoTSecuritySolutionModel" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } + } + } }, - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}": { - "get": { - "x-ms-examples": { - "Get an iot security solution": { - "$ref": "./examples/IoTSecuritySolutions/GetIoTSecuritySolution_example.json" - } - }, - "tags": ["IoT Security Solutions"], - "description": "Details of a specific iot security solution", - "operationId": "IotSecuritySolution_Get", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" - }, - { - "$ref": "#/parameters/SolutionName" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/IoTSecuritySolutionModel" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } - }, - "put": { - "x-ms-examples": { - "Create an iot security solution": { - "$ref": "./examples/IoTSecuritySolutions/CreateIoTSecuritySolution_example.json" - } - }, - "tags": ["IoT Security Solutions"], - "description": "Create new solution manager", - "operationId": "IotSecuritySolution_Create", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" - }, - { - "$ref": "#/parameters/SolutionName" - }, - { - "$ref": "#/parameters/IotSecuritySolutionData" - } - ], - "responses": { - "200": { - "description": "Updated", - "schema": { - "$ref": "#/definitions/IoTSecuritySolutionModel" - } - }, - "201": { - "description": "Created", - "schema": { - "$ref": "#/definitions/IoTSecuritySolutionModel" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } - }, - "patch": { - "x-ms-examples": { - "Create an iot security solution": { - "$ref": "./examples/IoTSecuritySolutions/UpdateIoTSecuritySolution_example.json" - } - }, - "tags": ["IoT Security Solutions"], - "description": "update exists Security Solution tags. to update other fields use the CreateOrUpdate method", - "operationId": "IotSecuritySolution_Update", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" - }, - { - "$ref": "#/parameters/SolutionName" - }, - { - "name": "securitySolutionTags", - "in": "body", - "required": true, - "description": "Updated tag information to set into the iot hub instance.", - "schema": { - "$ref": "#/definitions/TagsResource" - } - } - ], - "responses": { - "200": { - "description": "Updated", - "schema": { - "$ref": "#/definitions/IoTSecuritySolutionModel" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } - }, - "delete": { - "x-ms-examples": { - "Create an iot security solution": { - "$ref": "./examples/IoTSecuritySolutions/DeleteIoTSecuritySolution_example.json" - } - }, - "tags": ["IoT Security Solutions"], - "description": "Create new solution manager", - "operationId": "IotSecuritySolution_Delete", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" - }, - { - "$ref": "#/parameters/SolutionName" - } - ], - "responses": { - "200": { - "description": "Security Solution deleted" - }, - "204": { - "description": "Security Solution was not exists" - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } + "patch": { + "x-ms-examples": { + "Create an iot security solution": { + "$ref": "./examples/IoTSecuritySolutions/UpdateIoTSecuritySolution_example.json" + } + }, + "tags": [ + "IoT Security Solutions" + ], + "description": "update exists Security Solution tags. to update other fields use the CreateOrUpdate method", + "operationId": "IotSecuritySolution_Update", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" + }, + { + "$ref": "#/parameters/SolutionName" + }, + { + "name": "securitySolutionTags", + "in": "body", + "required": true, + "description": "Updated tag information to set into the iot hub instance.", + "schema": { + "$ref": "#/definitions/TagsResource" + } + } + ], + "responses": { + "200": { + "description": "Updated", + "schema": { + "$ref": "#/definitions/IoTSecuritySolutionModel" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } + } + } + }, + "delete": { + "x-ms-examples": { + "Create an iot security solution": { + "$ref": "./examples/IoTSecuritySolutions/DeleteIoTSecuritySolution_example.json" + } + }, + "tags": [ + "IoT Security Solutions" + ], + "description": "Create new solution manager", + "operationId": "IotSecuritySolution_Delete", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" + }, + { + "$ref": "#/parameters/SolutionName" + } + ], + "responses": { + "200": { + "description": "Security Solution deleted" + }, + "204": { + "description": "Security Solution was not exists" + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } } + } } + } }, "definitions": { - "TagsResource": { - "properties": { - "tags": { - "type": "object", - "additionalProperties": { - "type": "string" - }, - "description": "Resource tags" + "TagsResource": { + "properties": { + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Resource tags" + } + }, + "description": "A container holding only the Tags for a resource, allowing the user to update the tags." + }, + "IoTSecuritySolutionsList": { + "description": "List of iot solutions", + "required": [ + "value" + ], + "properties": { + "value": { + "type": "array", + "description": "List of security solutions", + "items": { + "$ref": "#/definitions/IoTSecuritySolutionModel" } }, - "description": "A container holding only the Tags for a resource, allowing the user to update the tags." + "nextLink": { + "readOnly": true, + "type": "string", + "description": "The URI to fetch the next page." + } + } + }, + "IoTSecuritySolutionModel": { + "type": "object", + "description": "Security Solution", + "properties": { + "location": { + "type": "string", + "description": "The resource location." + }, + "properties": { + "x-ms-client-flatten": true, + "description": "Security Solution data", + "$ref": "#/definitions/IoTSecuritySolutionProperties" + } }, - "IoTSecuritySolutionsList": { - "description": "List of iot solutions", - "required": [ - "value" + "allOf": [ + { + "$ref": "../../../common/v1/types.json#/definitions/Resource" + }, + { + "$ref": "#/definitions/TagsResource" + } + ] + }, + "IoTSecuritySolutionProperties": { + "type": "object", + "description": "Security Solution setting data", + "properties": { + "workspace": { + "type": "string", + "description": "Workspace resource ID" + }, + "displayName": { + "type": "string", + "description": "Resource display name." + }, + "status": { + "type": "string", + "enum": [ + "Enabled", + "Disabled" ], - "properties": { - "value": { - "type": "array", - "description": "List of security solutions", - "items": { - "$ref": "#/definitions/IoTSecuritySolutionModel" - } - }, - "nextLink": { - "readOnly": true, - "type": "string", - "description": "The URI to fetch the next page." - } + "default": "Enabled", + "description": "Security solution status", + "x-ms-enum": { + "name": "SecuritySolutionStatus", + "modelAsString": true } + }, + "export": { + "type": "array", + "items": { + "enum": [ + "RawEvents" + ], + "type": "string", + "x-ms-enum": { + "name": "ExportData", + "modelAsString": true, + "values": [ + { + "value": "RawEvents", + "description": "Agent raw events" + } + ] + } + }, + "description": "List of additional export to workspace data options" + }, + "disabledDataSources": { + "type": "array", + "items": { + "enum": [ + "TwinData" + ], + "type": "string", + "x-ms-enum": { + "name": "DataSource", + "modelAsString": true, + "values": [ + { + "value": "TwinData", + "description": "Devices twin data" + } + ] + } + }, + "description": "Disabled data sources. Disabling these data sources compromises the system." + }, + "iotHubs": { + "type": "array", + "description": "IoT Hub resource IDs", + "items": { + "type": "string" + } + } }, - "IoTSecuritySolutionModel": { - "type": "object", - "description": "Security Solution", - "properties": { - "location": { - "type": "string", - "description": "The resource location." - }, - "properties": { - "x-ms-client-flatten": true, - "description": "Security Solution data", - "$ref": "#/definitions/IoTSecuritySolutionProperties" - } - }, - "allOf": [{ - "$ref": "../../../common/v1/types.json#/definitions/Resource" - }, {"$ref": "#/definitions/TagsResource"}] - }, - "IoTSecuritySolutionProperties": { - "type": "object", - "description": "Security Solution setting data", - "properties": { - "workspace": { - "type": "string", - "description": "Workspace resource ID" - }, - "displayName": { - "type": "string", - "description": "Resource display name." - }, - "status": { - "type": "string", - "enum": [ - "Enabled", - "Disabled" - ], - "default": "Enabled", - "description": "Security solution status", - "x-ms-enum":{ - "name": "SecuritySolutionStatus", - "modelAsString": true - } - }, - "export": { - "type": "array", - "items": { - "enum": [ - "RawEvents" - ], - "type": "string", - "x-ms-enum":{ - "name": "ExportData", - "modelAsString": true, - "values": [ - {"value": "RawEvents", "description": "Agent raw events"} - ] - } - }, - "description": "List of additional export to workspace data options" - }, - "disabledDataSources": { - "type": "array", - "items": { - "enum": [ - "TwinData" - ], - "type": "string", - "x-ms-enum":{ - "name": "DataSource", - "modelAsString": true, - "values": [ - {"value": "TwinData", "description": "Devices twin data"} - ] - } - }, - "description": "Disabled data sources. Disabling these data sources compromises the system." - }, - "iotHubs": { - "type": "array", - "description": "IoT Hub resource IDs", - "items": { "type": "string" } - } - }, - "required": [ - "iotHubs", - "workspace", - "displayName" - ] - } + "required": [ + "iotHubs", + "workspace", + "displayName" + ] + } }, "parameters": { - "SolutionName": { - "name": "solutionName", - "in": "path", - "required": true, - "description": "The solution manager name", - "type": "string", - "x-ms-parameter-location": "method" + "SolutionName": { + "name": "solutionName", + "in": "path", + "required": true, + "description": "The solution manager name", + "type": "string", + "x-ms-parameter-location": "method" + }, + "IotSecuritySolutionData": { + "name": "iotSecuritySolutionData", + "in": "body", + "required": true, + "description": "The security solution data", + "schema": { + "$ref": "#/definitions/IoTSecuritySolutionModel" }, - "IotSecuritySolutionData": { - "name": "iotSecuritySolutionData", - "in": "body", - "required": true, - "description": "The security solution data", - "schema": { - "$ref": "#/definitions/IoTSecuritySolutionModel" - }, - "x-ms-parameter-location": "method" - }, - "FilterParam": { - "name": "$filter", - "in": "query", - "required": false, - "description": "filter the Security Solution with OData syntax. supporting filter by iotHubs", - "type": "string", - "x-ms-parameter-location": "method" - } + "x-ms-parameter-location": "method" + }, + "FilterParam": { + "name": "$filter", + "in": "query", + "required": false, + "description": "filter the Security Solution with OData syntax. supporting filter by iotHubs", + "type": "string", + "x-ms-parameter-location": "method" + } } -} \ No newline at end of file +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/pricings.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/pricings.json index 54f50e530e06..5b54909bcc6b 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/pricings.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/pricings.json @@ -6,12 +6,20 @@ "version": "2017-08-01-preview" }, "host": "management.azure.com", - "schemes": ["https"], - "consumes": ["application/json"], - "produces": ["application/json"], + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], "security": [ { - "azure_auth": ["user_impersonation"] + "azure_auth": [ + "user_impersonation" + ] } ], "securityDefinitions": { @@ -33,7 +41,9 @@ "$ref": "./examples/Pricings/GetPricingsSubscription_example.json" } }, - "tags": ["Pricings"], + "tags": [ + "Pricings" + ], "description": "Security pricing configurations in the subscription", "operationId": "Pricings_List", "parameters": [ @@ -70,7 +80,9 @@ "$ref": "./examples/Pricings/GetPricingsResourceGroup_example.json" } }, - "tags": ["Pricings"], + "tags": [ + "Pricings" + ], "description": "Security pricing configurations in the resource group", "operationId": "Pricings_ListByResourceGroup", "parameters": [ @@ -110,7 +122,9 @@ "$ref": "./examples/Pricings/GetPricingSubscription_example.json" } }, - "tags": ["Pricings"], + "tags": [ + "Pricings" + ], "description": "Security pricing configuration in the subscriptionSecurity pricing configuration in the subscription", "operationId": "Pricings_GetSubscriptionPricing", "parameters": [ @@ -145,7 +159,9 @@ "$ref": "./examples/Pricings/CreatePricingsSubscription_example.json" } }, - "tags": ["Pricings"], + "tags": [ + "Pricings" + ], "description": "Security pricing configuration in the subscription", "operationId": "Pricings_UpdateSubscriptionPricing", "parameters": [ @@ -185,7 +201,9 @@ "$ref": "./examples/Pricings/GetPricingResourceGroup_example.json" } }, - "tags": ["Pricings"], + "tags": [ + "Pricings" + ], "description": "Security pricing configuration in the resource group", "operationId": "Pricings_GetResourceGroupPricing", "parameters": [ @@ -223,7 +241,9 @@ "$ref": "./examples/Pricings/CreatePricingsResourceGroup_example.json" } }, - "tags": ["Pricings"], + "tags": [ + "Pricings" + ], "description": "Security pricing configuration in the resource group", "operationId": "Pricings_CreateOrUpdateResourceGroupPricing", "parameters": [ @@ -263,7 +283,9 @@ "definitions": { "PricingList": { "description": "List of pricing configurations response", - "required": ["value"], + "required": [ + "value" + ], "properties": { "value": { "type": "array", @@ -302,7 +324,10 @@ "pricingTier": { "type": "string", "description": "Pricing tier type", - "enum": ["Free", "Standard"], + "enum": [ + "Free", + "Standard" + ], "x-ms-enum": { "name": "pricingTier", "modelAsString": true, @@ -319,7 +344,9 @@ } } }, - "required": ["pricingTier"] + "required": [ + "pricingTier" + ] } }, "parameters": { diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/securityContacts.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/securityContacts.json index 11c075e40437..f8bd3808c1da 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/securityContacts.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/securityContacts.json @@ -1,314 +1,363 @@ { - "swagger": "2.0", - "info": { - "title": "Security Center", - "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", - "version": "2017-08-01-preview" - }, - "host": "management.azure.com", - "schemes": ["https"], - "consumes": ["application/json"], - "produces": ["application/json"], - "security": [{ - "azure_auth": [ - "user_impersonation" - ] - }], - "securityDefinitions": { - "azure_auth": { - "type": "oauth2", - "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", - "flow": "implicit", - "description": "Azure Active Directory OAuth2 Flow", - "scopes": { - "user_impersonation": "impersonate your user account" + "swagger": "2.0", + "info": { + "title": "Security Center", + "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", + "version": "2017-08-01-preview" + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/securityContacts": { + "get": { + "x-ms-examples": { + "Update security contact data minimal": { + "$ref": "./examples/SecurityContacts/GetSecurityContactsSubscription_min_example.json" + }, + "Update security contact data full": { + "$ref": "./examples/SecurityContacts/GetSecurityContactsSubscription_full_example.json" + } + }, + "tags": [ + "Security Contacts" + ], + "description": "Security contact configurations for the subscription", + "operationId": "SecurityContacts_List", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/SecurityContactList" } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" } + } }, - "paths": { - "/subscriptions/{subscriptionId}/providers/Microsoft.Security/securityContacts": { - "get": { - "x-ms-examples": { - "Update security contact data minimal": { - "$ref": "./examples/SecurityContacts/GetSecurityContactsSubscription_min_example.json" - }, - "Update security contact data full": { - "$ref": "./examples/SecurityContacts/GetSecurityContactsSubscription_full_example.json" - } - }, - "tags": ["Security Contacts"], - "description": "Security contact configurations for the subscription", - "operationId": "SecurityContacts_List", - "parameters": [{ - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/SecurityContactList" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - } + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/securityContacts/{securityContactName}": { + "get": { + "x-ms-examples": { + "Get security contact data minimal": { + "$ref": "./examples/SecurityContacts/GetSecurityContact_min_example.json" + }, + "Get security contact data full": { + "$ref": "./examples/SecurityContacts/GetSecurityContact_full_example.json" + } + }, + "tags": [ + "Security Contacts" + ], + "description": "Security contact configurations for the subscription", + "operationId": "SecurityContacts_Get", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "#/parameters/SecurityContactName" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/SecurityContact" } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } + } + } + }, + "put": { + "x-ms-examples": { + "Create security contact data minimal": { + "$ref": "./examples/SecurityContacts/CreateSecurityContact_min_example.json" + }, + "Create security contact data full": { + "$ref": "./examples/SecurityContacts/CreateSecurityContact_full_example.json" + } }, - "/subscriptions/{subscriptionId}/providers/Microsoft.Security/securityContacts/{securityContactName}": { - "get": { - "x-ms-examples": { - "Get security contact data minimal": { - "$ref": "./examples/SecurityContacts/GetSecurityContact_min_example.json" - }, - "Get security contact data full": { - "$ref": "./examples/SecurityContacts/GetSecurityContact_full_example.json" - } - }, - "tags": ["Security Contacts"], - "description": "Security contact configurations for the subscription", - "operationId": "SecurityContacts_Get", - "parameters": [{ - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, { - "$ref": "#/parameters/SecurityContactName" - }], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/SecurityContact" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } - }, - "put": { - "x-ms-examples": { - "Create security contact data minimal": { - "$ref": "./examples/SecurityContacts/CreateSecurityContact_min_example.json" - }, - "Create security contact data full": { - "$ref": "./examples/SecurityContacts/CreateSecurityContact_full_example.json" - } - }, - "tags": ["Security Contacts"], - "description": "Security contact configurations for the subscription", - "operationId": "SecurityContacts_Create", - "parameters": [{ - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, { - "$ref": "#/parameters/SecurityContactName" - }, { - "$ref": "#/parameters/SecurityContact" - }], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/SecurityContact" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } - }, - "delete": { - "x-ms-examples": { - "Delete security contact data": { - "$ref": "./examples/SecurityContacts/DeleteSecurityContact_example.json" - } - }, - "tags": ["Security Contacts"], - "description": "Security contact configurations for the subscription", - "operationId": "SecurityContacts_Delete", - "parameters": [{ - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, { - "$ref": "#/parameters/SecurityContactName" - }], - "responses": { - "204": { - "description": "No Content" - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } - }, - "patch": { - "x-ms-examples": { - "Update security contact data minimal": { - "$ref": "./examples/SecurityContacts/UpdateSecurityContact_min_example.json" - }, - "Update security contact data full": { - "$ref": "./examples/SecurityContacts/UpdateSecurityContact_full_example.json" - } - }, - "tags": ["Security Contacts"], - "description": "Security contact configurations for the subscription", - "operationId": "SecurityContacts_Update", - "parameters": [{ - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, { - "$ref": "#/parameters/SecurityContactName" - }, { - "$ref": "#/parameters/SecurityContact" - }], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/SecurityContact" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } + "tags": [ + "Security Contacts" + ], + "description": "Security contact configurations for the subscription", + "operationId": "SecurityContacts_Create", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "#/parameters/SecurityContactName" + }, + { + "$ref": "#/parameters/SecurityContact" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/SecurityContact" } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } + } } - }, - "definitions": { - "SecurityContactList": { - "type": "object", - "description": "List of security contacts response", - "properties": { - "value": { - "readOnly": true, - "description": "List of security contacts", - "type": "array", - "items": { - "$ref": "#/definitions/SecurityContact" - } - }, - "nextLink": { - "readOnly": true, - "type": "string", - "description": "The URI to fetch the next page." - } + }, + "delete": { + "x-ms-examples": { + "Delete security contact data": { + "$ref": "./examples/SecurityContacts/DeleteSecurityContact_example.json" + } + }, + "tags": [ + "Security Contacts" + ], + "description": "Security contact configurations for the subscription", + "operationId": "SecurityContacts_Delete", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "#/parameters/SecurityContactName" + } + ], + "responses": { + "204": { + "description": "No Content" + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" } + } + } + }, + "patch": { + "x-ms-examples": { + "Update security contact data minimal": { + "$ref": "./examples/SecurityContacts/UpdateSecurityContact_min_example.json" + }, + "Update security contact data full": { + "$ref": "./examples/SecurityContacts/UpdateSecurityContact_full_example.json" + } }, - "SecurityContact": { - "type": "object", - "description": "Contact details for security issues", - "properties": { - "properties": { - "x-ms-client-flatten": true, - "description": "Security contact data", - "$ref": "#/definitions/SecurityContactProperties" - } - }, - "allOf": [{ - "$ref": "../../../common/v1/types.json#/definitions/Resource" - }] + "tags": [ + "Security Contacts" + ], + "description": "Security contact configurations for the subscription", + "operationId": "SecurityContacts_Update", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "#/parameters/SecurityContactName" + }, + { + "$ref": "#/parameters/SecurityContact" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/SecurityContact" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } + } + } + } + } + }, + "definitions": { + "SecurityContactList": { + "type": "object", + "description": "List of security contacts response", + "properties": { + "value": { + "readOnly": true, + "description": "List of security contacts", + "type": "array", + "items": { + "$ref": "#/definitions/SecurityContact" + } }, - "SecurityContactProperties": { - "type": "object", - "description": "describes security contact properties", - "properties": { - "email": { - "type": "string", - "format": "email", - "description": "The email of this security contact" - }, - "phone": { - "type": "string", - "description": "The phone number of this security contact" - }, - "alertNotifications": { - "type": "string", - "enum": ["On", "Off"], - "x-ms-enum": { - "name": "alertNotifications", - "modelAsString": true, - "values": [{ - "value": "On", - "description": "Get notifications on new alerts" - }, - { - "value": "Off", - "description": "Don't get notifications on new alerts" - } - ] - }, - "description": "Whether to send security alerts notifications to the security contact" - }, - "alertsToAdmins": { - "type": "string", - "enum": ["On", "Off"], - "x-ms-enum": { - "name": "alertsToAdmins", - "modelAsString": true, - "values": [{ - "value": "On", - "description": "Send notification on new alerts to the subscription's admins" - }, - { - "value": "Off", - "description": "Don't send notification on new alerts to the subscription's admins" - } - ] - }, - "description": "Whether to send security alerts notifications to subscription admins" - } - }, - "required": [ - "email", - "alertNotifications", - "alertsToAdmins" - ] + "nextLink": { + "readOnly": true, + "type": "string", + "description": "The URI to fetch the next page." + } + } + }, + "SecurityContact": { + "type": "object", + "description": "Contact details for security issues", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "description": "Security contact data", + "$ref": "#/definitions/SecurityContactProperties" + } + }, + "allOf": [ + { + "$ref": "../../../common/v1/types.json#/definitions/Resource" } + ] }, - "parameters": { - "SecurityContactName": { - "name": "securityContactName", - "in": "path", - "required": true, - "type": "string", - "description": "Name of the security contact object", - "x-ms-parameter-location": "method" + "SecurityContactProperties": { + "type": "object", + "description": "describes security contact properties", + "properties": { + "email": { + "type": "string", + "format": "email", + "description": "The email of this security contact" }, - "SecurityContact": { - "name": "securityContact", - "in": "body", - "required": true, - "description": "Security contact object", - "schema": { - "$ref": "#/definitions/SecurityContact" - }, - "x-ms-parameter-location": "method" + "phone": { + "type": "string", + "description": "The phone number of this security contact" + }, + "alertNotifications": { + "type": "string", + "enum": [ + "On", + "Off" + ], + "x-ms-enum": { + "name": "alertNotifications", + "modelAsString": true, + "values": [ + { + "value": "On", + "description": "Get notifications on new alerts" + }, + { + "value": "Off", + "description": "Don't get notifications on new alerts" + } + ] + }, + "description": "Whether to send security alerts notifications to the security contact" + }, + "alertsToAdmins": { + "type": "string", + "enum": [ + "On", + "Off" + ], + "x-ms-enum": { + "name": "alertsToAdmins", + "modelAsString": true, + "values": [ + { + "value": "On", + "description": "Send notification on new alerts to the subscription's admins" + }, + { + "value": "Off", + "description": "Don't send notification on new alerts to the subscription's admins" + } + ] + }, + "description": "Whether to send security alerts notifications to subscription admins" } + }, + "required": [ + "email", + "alertNotifications", + "alertsToAdmins" + ] + } + }, + "parameters": { + "SecurityContactName": { + "name": "securityContactName", + "in": "path", + "required": true, + "type": "string", + "description": "Name of the security contact object", + "x-ms-parameter-location": "method" + }, + "SecurityContact": { + "name": "securityContact", + "in": "body", + "required": true, + "description": "Security contact object", + "schema": { + "$ref": "#/definitions/SecurityContact" + }, + "x-ms-parameter-location": "method" } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/settings.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/settings.json index 445b710a499c..31f72a422d9b 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/settings.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/settings.json @@ -6,12 +6,20 @@ "version": "2017-08-01-preview" }, "host": "management.azure.com", - "schemes": ["https"], - "consumes": ["application/json"], - "produces": ["application/json"], + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], "security": [ { - "azure_auth": ["user_impersonation"] + "azure_auth": [ + "user_impersonation" + ] } ], "securityDefinitions": { @@ -33,7 +41,9 @@ "$ref": "./examples/Settings/GetSettings_example.json" } }, - "tags": ["Settings"], + "tags": [ + "Settings" + ], "description": "Settings about different configurations in security center", "operationId": "Settings_List", "parameters": [ @@ -70,7 +80,9 @@ "$ref": "./examples/Settings/GetSetting_example.json" } }, - "tags": ["Settings"], + "tags": [ + "Settings" + ], "description": "Settings of different configurations in security center", "operationId": "Settings_Get", "parameters": [ @@ -105,7 +117,9 @@ "$ref": "./examples/Settings/UpdateSetting_example.json" } }, - "tags": ["Settings"], + "tags": [ + "Settings" + ], "description": "updating settings about different configurations in security center", "operationId": "Settings_Update", "parameters": [ @@ -193,7 +207,10 @@ "kind": { "type": "string", "description": "the kind of the settings string (DataExportSetting)", - "enum": ["DataExportSetting", "AlertSuppressionSetting"], + "enum": [ + "DataExportSetting", + "AlertSuppressionSetting" + ], "x-ms-enum": { "name": "SettingKind", "modelAsString": true, @@ -208,7 +225,9 @@ } } }, - "required": ["kind"], + "required": [ + "kind" + ], "allOf": [ { "$ref": "../../../common/v1/types.json#/definitions/Resource" @@ -224,7 +243,9 @@ "description": "Is the data export setting is enabled" } }, - "required": ["enabled"] + "required": [ + "enabled" + ] } }, "parameters": { @@ -234,7 +255,10 @@ "required": true, "type": "string", "description": "Name of setting: (MCAS/WDATP)", - "enum": ["MCAS", "WDATP"], + "enum": [ + "MCAS", + "WDATP" + ], "x-ms-parameter-location": "method" }, "Setting": { diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/workspaceSettings.json b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/workspaceSettings.json index 63ac4b143fce..c1e9d23c80b6 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/workspaceSettings.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/workspaceSettings.json @@ -1,265 +1,306 @@ { - "swagger": "2.0", - "info": { - "title": "Security Center", - "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", - "version": "2017-08-01-preview" - }, - "host": "management.azure.com", - "schemes": ["https"], - "consumes": ["application/json"], - "produces": ["application/json"], - "security": [{ - "azure_auth": [ - "user_impersonation" - ] - }], - "securityDefinitions": { - "azure_auth": { - "type": "oauth2", - "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", - "flow": "implicit", - "description": "Azure Active Directory OAuth2 Flow", - "scopes": { - "user_impersonation": "impersonate your user account" + "swagger": "2.0", + "info": { + "title": "Security Center", + "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", + "version": "2017-08-01-preview" + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/workspaceSettings": { + "get": { + "x-ms-examples": { + "Get workspace settings on subscription": { + "$ref": "./examples/WorkspaceSettings/GetWorkspaceSettings_example.json" + } + }, + "tags": [ + "Workspace Settings" + ], + "description": "Settings about where we should store your security data and logs. If the result is empty, it means that no custom-workspace configuration was set", + "operationId": "WorkspaceSettings_List", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/WorkspaceSettingList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" } + } }, - "paths": { - "/subscriptions/{subscriptionId}/providers/Microsoft.Security/workspaceSettings": { - "get": { - "x-ms-examples": { - "Get workspace settings on subscription": { - "$ref": "./examples/WorkspaceSettings/GetWorkspaceSettings_example.json" - } - }, - "tags": ["Workspace Settings"], - "description": "Settings about where we should store your security data and logs. If the result is empty, it means that no custom-workspace configuration was set", - "operationId": "WorkspaceSettings_List", - "parameters": [{ - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/WorkspaceSettingList" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - } + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/workspaceSettings/{workspaceSettingName}": { + "get": { + "x-ms-examples": { + "Get a workspace setting on subscription": { + "$ref": "./examples/WorkspaceSettings/GetWorkspaceSetting_example.json" + } + }, + "tags": [ + "Workspace Settings" + ], + "description": "Settings about where we should store your security data and logs. If the result is empty, it means that no custom-workspace configuration was set", + "operationId": "WorkspaceSettings_Get", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "#/parameters/WorkspaceSettingName" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/WorkspaceSetting" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" } + } + } + }, + "put": { + "x-ms-examples": { + "Create a workspace setting data for subscription": { + "$ref": "./examples/WorkspaceSettings/CreateWorkspaceSetting_example.json" + } }, - "/subscriptions/{subscriptionId}/providers/Microsoft.Security/workspaceSettings/{workspaceSettingName}": { - "get": { - "x-ms-examples": { - "Get a workspace setting on subscription": { - "$ref": "./examples/WorkspaceSettings/GetWorkspaceSetting_example.json" - } - }, - "tags": ["Workspace Settings"], - "description": "Settings about where we should store your security data and logs. If the result is empty, it means that no custom-workspace configuration was set", - "operationId": "WorkspaceSettings_Get", - "parameters": [{ - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, { - "$ref": "#/parameters/WorkspaceSettingName" - }], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/WorkspaceSetting" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } - }, - "put": { - "x-ms-examples": { - "Create a workspace setting data for subscription": { - "$ref": "./examples/WorkspaceSettings/CreateWorkspaceSetting_example.json" - } - }, - "tags": ["Workspace Settings"], - "description": "creating settings about where we should store your security data and logs", - "operationId": "WorkspaceSettings_Create", - "parameters": [{ - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, { - "$ref": "#/parameters/WorkspaceSettingName" - }, { - "$ref": "#/parameters/WorkspaceSetting" - }], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/WorkspaceSetting" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } - }, - "patch": { - "x-ms-examples": { - "Update a workspace setting data for subscription": { - "$ref": "./examples/WorkspaceSettings/UpdateWorkspaceSetting_example.json" - } - }, - "tags": ["Workspace Settings"], - "description": "Settings about where we should store your security data and logs", - "operationId": "WorkspaceSettings_Update", - "parameters": [{ - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, { - "$ref": "#/parameters/WorkspaceSettingName" - }, { - "$ref": "#/parameters/WorkspaceSetting" - }], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/WorkspaceSetting" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } - }, - "delete": { - "x-ms-examples": { - "Delete a workspace setting data for resource group": { - "$ref": "./examples/WorkspaceSettings/DeleteWorkspaceSetting_example.json" - } - }, - "tags": ["Workspace Settings"], - "description": "Deletes the custom workspace settings for this subscription. new VMs will report to the default workspace", - "operationId": "WorkspaceSettings_Delete", - "parameters": [{ - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, { - "$ref": "#/parameters/WorkspaceSettingName" - }], - "responses": { - "204": { - "description": "No Content" - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } + "tags": [ + "Workspace Settings" + ], + "description": "creating settings about where we should store your security data and logs", + "operationId": "WorkspaceSettings_Create", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "#/parameters/WorkspaceSettingName" + }, + { + "$ref": "#/parameters/WorkspaceSetting" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/WorkspaceSetting" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" } + } } - }, - "definitions": { - "WorkspaceSettingList": { - "description": "List of workspace settings response", - "required": [ - "value" - ], - "properties": { - "value": { - "type": "array", - "description": "List of workspace settings", - "items": { - "$ref": "#/definitions/WorkspaceSetting" - } - }, - "nextLink": { - "readOnly": true, - "type": "string", - "description": "The URI to fetch the next page." - } + }, + "patch": { + "x-ms-examples": { + "Update a workspace setting data for subscription": { + "$ref": "./examples/WorkspaceSettings/UpdateWorkspaceSetting_example.json" + } + }, + "tags": [ + "Workspace Settings" + ], + "description": "Settings about where we should store your security data and logs", + "operationId": "WorkspaceSettings_Update", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "#/parameters/WorkspaceSettingName" + }, + { + "$ref": "#/parameters/WorkspaceSetting" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/WorkspaceSetting" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" } + } + } + }, + "delete": { + "x-ms-examples": { + "Delete a workspace setting data for resource group": { + "$ref": "./examples/WorkspaceSettings/DeleteWorkspaceSetting_example.json" + } }, - "WorkspaceSetting": { - "type": "object", - "description": "Configures where to store the OMS agent data for workspaces under a scope", - "properties": { - "properties": { - "x-ms-client-flatten": true, - "description": "Workspace setting data", - "$ref": "#/definitions/WorkspaceSettingProperties" - } - }, - "allOf": [{ - "$ref": "../../../common/v1/types.json#/definitions/Resource" - }] + "tags": [ + "Workspace Settings" + ], + "description": "Deletes the custom workspace settings for this subscription. new VMs will report to the default workspace", + "operationId": "WorkspaceSettings_Delete", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "#/parameters/WorkspaceSettingName" + } + ], + "responses": { + "204": { + "description": "No Content" + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } + } + } + } + } + }, + "definitions": { + "WorkspaceSettingList": { + "description": "List of workspace settings response", + "required": [ + "value" + ], + "properties": { + "value": { + "type": "array", + "description": "List of workspace settings", + "items": { + "$ref": "#/definitions/WorkspaceSetting" + } }, - "WorkspaceSettingProperties": { - "type": "object", - "description": "Workspace setting data", - "properties": { - "workspaceId": { - "type": "string", - "description": "The full Azure ID of the workspace to save the data in" - }, - "scope": { - "type": "string", - "description": "All the VMs in this scope will send their security data to the mentioned workspace unless overridden by a setting with more specific scope" - } - }, - "required": [ - "workspaceId", - "scope" - ] + "nextLink": { + "readOnly": true, + "type": "string", + "description": "The URI to fetch the next page." + } + } + }, + "WorkspaceSetting": { + "type": "object", + "description": "Configures where to store the OMS agent data for workspaces under a scope", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "description": "Workspace setting data", + "$ref": "#/definitions/WorkspaceSettingProperties" } + }, + "allOf": [ + { + "$ref": "../../../common/v1/types.json#/definitions/Resource" + } + ] }, - "parameters": { - "WorkspaceSettingName": { - "name": "workspaceSettingName", - "in": "path", - "required": true, - "type": "string", - "description": "Name of the security setting", - "x-ms-parameter-location": "method" + "WorkspaceSettingProperties": { + "type": "object", + "description": "Workspace setting data", + "properties": { + "workspaceId": { + "type": "string", + "description": "The full Azure ID of the workspace to save the data in" }, - "WorkspaceSetting": { - "name": "workspaceSetting", - "in": "body", - "required": true, - "description": "Security data setting object", - "schema": { - "$ref": "#/definitions/WorkspaceSetting" - }, - "x-ms-parameter-location": "method" + "scope": { + "type": "string", + "description": "All the VMs in this scope will send their security data to the mentioned workspace unless overridden by a setting with more specific scope" } + }, + "required": [ + "workspaceId", + "scope" + ] + } + }, + "parameters": { + "WorkspaceSettingName": { + "name": "workspaceSettingName", + "in": "path", + "required": true, + "type": "string", + "description": "Name of the security setting", + "x-ms-parameter-location": "method" + }, + "WorkspaceSetting": { + "name": "workspaceSetting", + "in": "body", + "required": true, + "description": "Security data setting object", + "schema": { + "$ref": "#/definitions/WorkspaceSetting" + }, + "x-ms-parameter-location": "method" } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/RegulatoryCompliance/getRegulatoryComplianceAssessmentList_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/RegulatoryCompliance/getRegulatoryComplianceAssessmentList_example.json index 55b829b1d694..d8c1d6b16058 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/RegulatoryCompliance/getRegulatoryComplianceAssessmentList_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/RegulatoryCompliance/getRegulatoryComplianceAssessmentList_example.json @@ -1,56 +1,58 @@ { - "parameters": { - "api-version": "2019-01-01", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "regulatoryComplianceStandardName": "PCI-DSS-3.2", - "regulatoryComplianceControlName": "1.1" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/regulatoryComplianceStandards/PCI-DSS-3.2/regulatoryComplianceControls/1.1/regulatoryComplianceAssessments/968548cb-02b3-8cd2-11f8-0cf64ab1a347", - "name": "968548cb-02b3-8cd2-11f8-0cf64ab1a347", - "type": "Microsoft.Security/regulatoryComplianceAssessment", - "properties": { - "description": "Troubleshoot missing scan data on your machines", - "assessmentType": "Assessment", - "assessmentDetailsLink": "https://management.azure.com/subscriptions/a27e854a-8578-4395-8eaf-6fc7849f3050/providers/Microsoft.Security/securityStatuses/968548cb-02b3-8cd2-11f8-0cf64ab1a347", - "state": "Failed", - "passedResources": 7, - "failedResources": 4, - "skippedResources": 0 - } - }, - { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/regulatoryComplianceStandards/PCI-DSS-3.2/regulatoryComplianceControls/2/regulatoryComplianceAssessments/3bcd234d-c9c7-c2a2-89e0-c01f419c1a8a", - "name": "3bcd234d-c9c7-c2a2-89e0-c01f419c1a8a", - "type": "Microsoft.Security/regulatoryComplianceAssessment", - "properties": { - "description": "Resolve endpoint protection health issues on your machines", - "assessmentType": "Assessment", - "assessmentDetailsLink": "https://management.azure.com/subscriptions/a27e854a-8578-4395-8eaf-6fc7849f3050/providers/Microsoft.Security/securityStatuses/3bcd234d-c9c7-c2a2-89e0-c01f419c1a8a", - "state": "Skipped", - "passedResources": 0, - "failedResources": 0, - "skippedResources": 10 - } - }, - { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/regulatoryComplianceStandards/PCI-DSS-3.2/regulatoryComplianceControls/2.1/regulatoryComplianceAssessments/d1db3318-01ff-16de-29eb-28b344515626", - "name": "d1db3318-01ff-16de-29eb-28b344515626", - "type": "Microsoft.Security/regulatoryComplianceAssessment", - "properties": { - "description": "Install monitoring agent on your machines", - "assessmentType": "Assessment", - "assessmentDetailsLink": "https://management.azure.com/subscriptions/a27e854a-8578-4395-8eaf-6fc7849f3050/providers/Microsoft.Security/securityStatuses/d1db3318-01ff-16de-29eb-28b344515626", - "state": "Passed", - "passedResources": 8, - "failedResources": 0, - "skippedResources": 0 - } - }] - } - } - } - } + "parameters": { + "api-version": "2019-01-01", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "regulatoryComplianceStandardName": "PCI-DSS-3.2", + "regulatoryComplianceControlName": "1.1" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/regulatoryComplianceStandards/PCI-DSS-3.2/regulatoryComplianceControls/1.1/regulatoryComplianceAssessments/968548cb-02b3-8cd2-11f8-0cf64ab1a347", + "name": "968548cb-02b3-8cd2-11f8-0cf64ab1a347", + "type": "Microsoft.Security/regulatoryComplianceAssessment", + "properties": { + "description": "Troubleshoot missing scan data on your machines", + "assessmentType": "Assessment", + "assessmentDetailsLink": "https://management.azure.com/subscriptions/a27e854a-8578-4395-8eaf-6fc7849f3050/providers/Microsoft.Security/securityStatuses/968548cb-02b3-8cd2-11f8-0cf64ab1a347", + "state": "Failed", + "passedResources": 7, + "failedResources": 4, + "skippedResources": 0 + } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/regulatoryComplianceStandards/PCI-DSS-3.2/regulatoryComplianceControls/2/regulatoryComplianceAssessments/3bcd234d-c9c7-c2a2-89e0-c01f419c1a8a", + "name": "3bcd234d-c9c7-c2a2-89e0-c01f419c1a8a", + "type": "Microsoft.Security/regulatoryComplianceAssessment", + "properties": { + "description": "Resolve endpoint protection health issues on your machines", + "assessmentType": "Assessment", + "assessmentDetailsLink": "https://management.azure.com/subscriptions/a27e854a-8578-4395-8eaf-6fc7849f3050/providers/Microsoft.Security/securityStatuses/3bcd234d-c9c7-c2a2-89e0-c01f419c1a8a", + "state": "Skipped", + "passedResources": 0, + "failedResources": 0, + "skippedResources": 10 + } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/regulatoryComplianceStandards/PCI-DSS-3.2/regulatoryComplianceControls/2.1/regulatoryComplianceAssessments/d1db3318-01ff-16de-29eb-28b344515626", + "name": "d1db3318-01ff-16de-29eb-28b344515626", + "type": "Microsoft.Security/regulatoryComplianceAssessment", + "properties": { + "description": "Install monitoring agent on your machines", + "assessmentType": "Assessment", + "assessmentDetailsLink": "https://management.azure.com/subscriptions/a27e854a-8578-4395-8eaf-6fc7849f3050/providers/Microsoft.Security/securityStatuses/d1db3318-01ff-16de-29eb-28b344515626", + "state": "Passed", + "passedResources": 8, + "failedResources": 0, + "skippedResources": 0 + } + } + ] + } + } + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/RegulatoryCompliance/getRegulatoryComplianceAssessment_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/RegulatoryCompliance/getRegulatoryComplianceAssessment_example.json index ad909db10220..6f4571721c1b 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/RegulatoryCompliance/getRegulatoryComplianceAssessment_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/RegulatoryCompliance/getRegulatoryComplianceAssessment_example.json @@ -1,27 +1,27 @@ { - "parameters": { - "api-version": "2019-01-01", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "regulatoryComplianceStandardName": "PCI-DSS-3.2", - "regulatoryComplianceControlName": "1.1", - "regulatoryComplianceAssessmentName": "968548cb-02b3-8cd2-11f8-0cf64ab1a347" - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/regulatoryComplianceStandards/PCI-DSS-3.2/regulatoryComplianceControls/1.1/regulatoryComplianceAssessments/968548cb-02b3-8cd2-11f8-0cf64ab1a347", - "name": "968548cb-02b3-8cd2-11f8-0cf64ab1a347", - "type": "Microsoft.Security/regulatoryComplianceAssessment", - "properties": { - "description": "Troubleshoot missing scan data on your machines", - "assessmentType": "Assessment", - "assessmentDetailsLink": "https://management.azure.com/subscriptions/a27e854a-8578-4395-8eaf-6fc7849f3050/providers/Microsoft.Security/securityStatuses/968548cb-02b3-8cd2-11f8-0cf64ab1a347", - "state": "Failed", - "passedResources": 7, - "failedResources": 4, - "skippedResources": 0 - } - } - } - } - } \ No newline at end of file + "parameters": { + "api-version": "2019-01-01", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "regulatoryComplianceStandardName": "PCI-DSS-3.2", + "regulatoryComplianceControlName": "1.1", + "regulatoryComplianceAssessmentName": "968548cb-02b3-8cd2-11f8-0cf64ab1a347" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/regulatoryComplianceStandards/PCI-DSS-3.2/regulatoryComplianceControls/1.1/regulatoryComplianceAssessments/968548cb-02b3-8cd2-11f8-0cf64ab1a347", + "name": "968548cb-02b3-8cd2-11f8-0cf64ab1a347", + "type": "Microsoft.Security/regulatoryComplianceAssessment", + "properties": { + "description": "Troubleshoot missing scan data on your machines", + "assessmentType": "Assessment", + "assessmentDetailsLink": "https://management.azure.com/subscriptions/a27e854a-8578-4395-8eaf-6fc7849f3050/providers/Microsoft.Security/securityStatuses/968548cb-02b3-8cd2-11f8-0cf64ab1a347", + "state": "Failed", + "passedResources": 7, + "failedResources": 4, + "skippedResources": 0 + } + } + } + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/RegulatoryCompliance/getRegulatoryComplianceControlList_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/RegulatoryCompliance/getRegulatoryComplianceControlList_example.json index 7bbdbe4220ea..42008a12b9d0 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/RegulatoryCompliance/getRegulatoryComplianceControlList_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/RegulatoryCompliance/getRegulatoryComplianceControlList_example.json @@ -1,49 +1,51 @@ { - "parameters": { - "api-version": "2019-01-01", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "regulatoryComplianceStandardName": "PCI-DSS-3.2" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/regulatoryComplianceStandards/PCI-DSS-3.2/regulatoryComplianceControls/1.1", - "name": "1.1", - "type": "Microsoft.Security/regulatoryComplianceControl", - "properties": { - "description": "Common Criteria Related to Organization and Management.", - "state": "Failed", - "passedAssessments": 7, - "failedAssessments": 4, - "skippedAssessments": 0 - } - }, - { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/regulatoryComplianceStandards/PCI-DSS-3.2/regulatoryComplianceControls/2", - "name": "2", - "type": "Microsoft.Security/regulatoryComplianceControl", - "properties": { - "description": "Confidential information is protected during the system design, development, testing, implementation, and change processes in accordance with confidentiality commitments and requirements.", - "state": "Skipped", - "passedAssessments": 0, - "failedAssessments": 0, - "skippedAssessments": 10 - } - }, - { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/regulatoryComplianceStandards/PCI-DSS-3.2/regulatoryComplianceControls/2.1", - "name": "2.1", - "type": "Microsoft.Security/regulatoryComplianceControl", - "properties": { - "description": "Changes to confidentiality commitments and requirements are communicated to internal and external users, vendors, and other third parties whose products and services are included in the system.", - "state": "Unsupported", - "passedAssessments": 0, - "failedAssessments": 0, - "skippedAssessments": 0 - } - }] - } - } - } - } \ No newline at end of file + "parameters": { + "api-version": "2019-01-01", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "regulatoryComplianceStandardName": "PCI-DSS-3.2" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/regulatoryComplianceStandards/PCI-DSS-3.2/regulatoryComplianceControls/1.1", + "name": "1.1", + "type": "Microsoft.Security/regulatoryComplianceControl", + "properties": { + "description": "Common Criteria Related to Organization and Management.", + "state": "Failed", + "passedAssessments": 7, + "failedAssessments": 4, + "skippedAssessments": 0 + } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/regulatoryComplianceStandards/PCI-DSS-3.2/regulatoryComplianceControls/2", + "name": "2", + "type": "Microsoft.Security/regulatoryComplianceControl", + "properties": { + "description": "Confidential information is protected during the system design, development, testing, implementation, and change processes in accordance with confidentiality commitments and requirements.", + "state": "Skipped", + "passedAssessments": 0, + "failedAssessments": 0, + "skippedAssessments": 10 + } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/regulatoryComplianceStandards/PCI-DSS-3.2/regulatoryComplianceControls/2.1", + "name": "2.1", + "type": "Microsoft.Security/regulatoryComplianceControl", + "properties": { + "description": "Changes to confidentiality commitments and requirements are communicated to internal and external users, vendors, and other third parties whose products and services are included in the system.", + "state": "Unsupported", + "passedAssessments": 0, + "failedAssessments": 0, + "skippedAssessments": 0 + } + } + ] + } + } + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/RegulatoryCompliance/getRegulatoryComplianceControl_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/RegulatoryCompliance/getRegulatoryComplianceControl_example.json index 7ca93cf79394..2f31ccffd197 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/RegulatoryCompliance/getRegulatoryComplianceControl_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/RegulatoryCompliance/getRegulatoryComplianceControl_example.json @@ -1,24 +1,24 @@ { - "parameters": { - "api-version": "2019-01-01", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "regulatoryComplianceStandardName": "PCI-DSS-3.2", - "regulatoryComplianceControlName": "1.1" - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/regulatoryComplianceStandards/PCI-DSS-3.2/regulatoryComplianceControls/1.1", - "name": "1.1", - "type": "Microsoft.Security/regulatoryComplianceControl", - "properties": { - "description": "Common Criteria Related to Organization and Management", - "state": "Failed", - "passedAssessments": 7, - "failedAssessments": 4, - "skippedAssessments": 0 - } - } - } - } - } \ No newline at end of file + "parameters": { + "api-version": "2019-01-01", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "regulatoryComplianceStandardName": "PCI-DSS-3.2", + "regulatoryComplianceControlName": "1.1" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/regulatoryComplianceStandards/PCI-DSS-3.2/regulatoryComplianceControls/1.1", + "name": "1.1", + "type": "Microsoft.Security/regulatoryComplianceControl", + "properties": { + "description": "Common Criteria Related to Organization and Management", + "state": "Failed", + "passedAssessments": 7, + "failedAssessments": 4, + "skippedAssessments": 0 + } + } + } + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/RegulatoryCompliance/getRegulatoryComplianceStandardList_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/RegulatoryCompliance/getRegulatoryComplianceStandardList_example.json index 42a64429cf99..2d730c54068b 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/RegulatoryCompliance/getRegulatoryComplianceStandardList_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/RegulatoryCompliance/getRegulatoryComplianceStandardList_example.json @@ -1,60 +1,62 @@ { - "parameters": { - "api-version": "2019-01-01", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/regulatoryComplianceStandards/PCI-DSS-3.2", - "name": "PCI-DSS-3.2", - "type": "Microsoft.Security/regulatoryComplianceStandard", - "properties": { - "state": "Failed", - "passedControls": 7, - "failedControls": 4, - "skippedControls": 0, - "unsupportedControls": 0 - } - }, - { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/regulatoryComplianceStandards/ISO-27001", - "name": "ISO-27001", - "type": "Microsoft.Security/regulatoryComplianceStandard", - "properties": { - "state": "Skipped", - "passedControls": 0, - "failedControls": 0, - "skippedControls": 10, - "unsupportedControls": 0 - } - }, - { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/regulatoryComplianceStandards/AZURE-CIS", - "name": "AZURE-CIS", - "type": "Microsoft.Security/regulatoryComplianceStandard", - "properties": { - "state": "Unsupported", - "passedControls": 0, - "failedControls": 0, - "skippedControls": 0, - "unsupportedControls": 0 - } - }, - { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/regulatoryComplianceStandards/SOC-TSP", - "name": "SOC-TSP", - "type": "Microsoft.Security/regulatoryComplianceStandard", - "properties": { - "state": "Passed", - "passedControls": 15, - "failedControls": 0, - "skippedControls": 0, - "unsupportedControls": 0 - } - }] - } - } - } - } \ No newline at end of file + "parameters": { + "api-version": "2019-01-01", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/regulatoryComplianceStandards/PCI-DSS-3.2", + "name": "PCI-DSS-3.2", + "type": "Microsoft.Security/regulatoryComplianceStandard", + "properties": { + "state": "Failed", + "passedControls": 7, + "failedControls": 4, + "skippedControls": 0, + "unsupportedControls": 0 + } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/regulatoryComplianceStandards/ISO-27001", + "name": "ISO-27001", + "type": "Microsoft.Security/regulatoryComplianceStandard", + "properties": { + "state": "Skipped", + "passedControls": 0, + "failedControls": 0, + "skippedControls": 10, + "unsupportedControls": 0 + } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/regulatoryComplianceStandards/AZURE-CIS", + "name": "AZURE-CIS", + "type": "Microsoft.Security/regulatoryComplianceStandard", + "properties": { + "state": "Unsupported", + "passedControls": 0, + "failedControls": 0, + "skippedControls": 0, + "unsupportedControls": 0 + } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/regulatoryComplianceStandards/SOC-TSP", + "name": "SOC-TSP", + "type": "Microsoft.Security/regulatoryComplianceStandard", + "properties": { + "state": "Passed", + "passedControls": 15, + "failedControls": 0, + "skippedControls": 0, + "unsupportedControls": 0 + } + } + ] + } + } + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/RegulatoryCompliance/getRegulatoryComplianceStandard_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/RegulatoryCompliance/getRegulatoryComplianceStandard_example.json index 2003b2f03b86..3975ae2a31db 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/RegulatoryCompliance/getRegulatoryComplianceStandard_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/examples/RegulatoryCompliance/getRegulatoryComplianceStandard_example.json @@ -1,23 +1,23 @@ { - "parameters": { - "api-version": "2019-01-01", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "regulatoryComplianceStandardName": "PCI-DSS-3.2" - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/regulatoryComplianceStandards/PCI-DSS-3.2", - "name": "PCI-DSS-3.2", - "type": "Microsoft.Security/regulatoryComplianceStandard", - "properties": { - "state": "Failed", - "passedControls": 7, - "failedControls": 4, - "skippedControls": 0, - "unsupportedControls": 0 - } - } - } - } -} \ No newline at end of file + "parameters": { + "api-version": "2019-01-01", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "regulatoryComplianceStandardName": "PCI-DSS-3.2" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/regulatoryComplianceStandards/PCI-DSS-3.2", + "name": "PCI-DSS-3.2", + "type": "Microsoft.Security/regulatoryComplianceStandard", + "properties": { + "state": "Failed", + "passedControls": 7, + "failedControls": 4, + "skippedControls": 0, + "unsupportedControls": 0 + } + } + } + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/regulatoryCompliance.json b/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/regulatoryCompliance.json index 18bf801876bb..78c15e9082f5 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/regulatoryCompliance.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/regulatoryCompliance.json @@ -6,12 +6,20 @@ "version": "2019-01-01-preview" }, "host": "management.azure.com", - "schemes": ["https"], - "consumes": ["application/json"], - "produces": ["application/json"], + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], "security": [ { - "azure_auth": ["user_impersonation"] + "azure_auth": [ + "user_impersonation" + ] } ], "securityDefinitions": { @@ -33,7 +41,9 @@ "$ref": "./examples/RegulatoryCompliance/getRegulatoryComplianceStandardList_example.json" } }, - "tags": ["RegulatoryCompliance"], + "tags": [ + "RegulatoryCompliance" + ], "description": "Supported regulatory compliance standards details and state", "operationId": "RegulatoryComplianceStandards_List", "parameters": [ @@ -43,7 +53,7 @@ { "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" }, - { + { "$ref": "../../../common/v1/types.json#/parameters/ODataFilter" } ], @@ -61,9 +71,9 @@ } } }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - } + "x-ms-pageable": { + "nextLinkName": "nextLink" + } } }, "/subscriptions/{subscriptionId}/providers/Microsoft.Security/regulatoryComplianceStandards/{regulatoryComplianceStandardName}": { @@ -73,7 +83,9 @@ "$ref": "./examples/RegulatoryCompliance/getRegulatoryComplianceStandard_example.json" } }, - "tags": ["RegulatoryCompliance"], + "tags": [ + "RegulatoryCompliance" + ], "description": "Supported regulatory compliance details state for selected standard", "operationId": "RegulatoryComplianceStandards_Get", "parameters": [ @@ -98,7 +110,7 @@ "description": "Error response describing why the operation failed.", "schema": { "$ref": "../../../common/v1/types.json#/definitions/CloudError" -} + } } } } @@ -110,7 +122,9 @@ "$ref": "./examples/RegulatoryCompliance/getRegulatoryComplianceControlList_example.json" } }, - "tags": ["RegulatoryCompliance"], + "tags": [ + "RegulatoryCompliance" + ], "description": "All supported regulatory compliance controls details and state for selected standard", "operationId": "RegulatoryComplianceControls_List", "parameters": [ @@ -123,7 +137,7 @@ { "$ref": "#/parameters/RegulatoryComplianceStandardName" }, - { + { "$ref": "../../../common/v1/types.json#/parameters/ODataFilter" } ], @@ -141,9 +155,9 @@ } } }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - } + "x-ms-pageable": { + "nextLinkName": "nextLink" + } } }, "/subscriptions/{subscriptionId}/providers/Microsoft.Security/regulatoryComplianceStandards/{regulatoryComplianceStandardName}/regulatoryComplianceControls/{regulatoryComplianceControlName}": { @@ -153,7 +167,9 @@ "$ref": "./examples/RegulatoryCompliance/getRegulatoryComplianceControl_example.json" } }, - "tags": ["RegulatoryCompliance"], + "tags": [ + "RegulatoryCompliance" + ], "description": "Selected regulatory compliance control details and state", "operationId": "RegulatoryComplianceControls_Get", "parameters": [ @@ -193,7 +209,9 @@ "$ref": "./examples/RegulatoryCompliance/getRegulatoryComplianceAssessmentList_example.json" } }, - "tags": ["RegulatoryCompliance"], + "tags": [ + "RegulatoryCompliance" + ], "description": "Details and state of assessments mapped to selected regulatory compliance control", "operationId": "RegulatoryComplianceAssessments_List", "parameters": [ @@ -209,7 +227,7 @@ { "$ref": "#/parameters/RegulatoryComplianceControlName" }, - { + { "$ref": "../../../common/v1/types.json#/parameters/ODataFilter" } ], @@ -227,9 +245,9 @@ } } }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - } + "x-ms-pageable": { + "nextLinkName": "nextLink" + } } }, "/subscriptions/{subscriptionId}/providers/Microsoft.Security/regulatoryComplianceStandards/{regulatoryComplianceStandardName}/regulatoryComplianceControls/{regulatoryComplianceControlName}/regulatoryComplianceAssessments/{regulatoryComplianceAssessmentName}": { @@ -239,7 +257,9 @@ "$ref": "./examples/RegulatoryCompliance/getRegulatoryComplianceAssessment_example.json" } }, - "tags": ["RegulatoryCompliance"], + "tags": [ + "RegulatoryCompliance" + ], "description": "Supported regulatory compliance details and state for selected assessment", "operationId": "RegulatoryComplianceAssessments_Get", "parameters": [ @@ -279,7 +299,9 @@ "definitions": { "RegulatoryComplianceStandardList": { "description": "List of regulatory compliance standards response", - "required": ["value"], + "required": [ + "value" + ], "properties": { "value": { "type": "array", @@ -317,7 +339,12 @@ "state": { "type": "string", "description": "Aggregative state based on the standard's supported controls states", - "enum": ["Passed", "Failed", "Skipped", "Unsupported"], + "enum": [ + "Passed", + "Failed", + "Skipped", + "Unsupported" + ], "x-ms-enum": { "name": "state", "modelAsString": true, @@ -365,7 +392,9 @@ }, "RegulatoryComplianceControlList": { "description": "List of regulatory compliance controls response", - "required": ["value"], + "required": [ + "value" + ], "properties": { "value": { "type": "array", @@ -409,7 +438,12 @@ "state": { "type": "string", "description": "Aggregative state based on the control's supported assessments states", - "enum": ["Passed", "Failed", "Skipped", "Unsupported"], + "enum": [ + "Passed", + "Failed", + "Skipped", + "Unsupported" + ], "x-ms-enum": { "name": "state", "modelAsString": true, @@ -452,7 +486,9 @@ }, "RegulatoryComplianceAssessmentList": { "description": "List of regulatory compliance assessment response", - "required": ["value"], + "required": [ + "value" + ], "properties": { "value": { "type": "array", @@ -505,7 +541,12 @@ "state": { "type": "string", "description": "Aggregative state based on the assessment's scanned resources states", - "enum": ["Passed", "Failed", "Skipped", "Unsupported"], + "enum": [ + "Passed", + "Failed", + "Skipped", + "Unsupported" + ], "x-ms-enum": { "name": "state", "modelAsString": true, diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2017-08-01/complianceResults.json b/specification/security/resource-manager/Microsoft.Security/stable/2017-08-01/complianceResults.json index ce831e3bf7f0..f554108df80f 100644 --- a/specification/security/resource-manager/Microsoft.Security/stable/2017-08-01/complianceResults.json +++ b/specification/security/resource-manager/Microsoft.Security/stable/2017-08-01/complianceResults.json @@ -6,12 +6,22 @@ "version": "2017-08-01" }, "host": "management.azure.com", - "schemes": ["https"], - "consumes": ["application/json"], - "produces": ["application/json"], - "security": [{ - "azure_auth": ["user_impersonation"] - }], + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], "securityDefinitions": { "azure_auth": { "type": "oauth2", @@ -31,10 +41,13 @@ "$ref": "./examples/ComplianceResults/ListComplianceResults_example.json" } }, - "tags": ["Compliance Results"], + "tags": [ + "Compliance Results" + ], "description": "Security compliance results in the subscription", "operationId": "ComplianceResults_List", - "parameters": [{ + "parameters": [ + { "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" }, { @@ -67,10 +80,13 @@ "$ref": "./examples/ComplianceResults/GetComplianceResults_example.json" } }, - "tags": ["Compliance Results"], + "tags": [ + "Compliance Results" + ], "description": "Security Compliance Result", "operationId": "ComplianceResults_Get", - "parameters": [{ + "parameters": [ + { "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" }, { @@ -100,7 +116,9 @@ "definitions": { "ComplianceResultList": { "description": "List of compliance results response", - "required": ["value"], + "required": [ + "value" + ], "properties": { "value": { "type": "array", @@ -126,9 +144,11 @@ "$ref": "#/definitions/ComplianceResultProperties" } }, - "allOf": [{ - "$ref": "../../../common/v1/types.json#/definitions/Resource" - }] + "allOf": [ + { + "$ref": "../../../common/v1/types.json#/definitions/Resource" + } + ] }, "ComplianceResultProperties": { "type": "object", @@ -138,11 +158,17 @@ "type": "string", "readOnly": true, "description": "The status of the resource regarding a single assessment", - "enum": ["Healthy", "NotApplicable", "OffByPolicy", "NotHealthy"], + "enum": [ + "Healthy", + "NotApplicable", + "OffByPolicy", + "NotHealthy" + ], "x-ms-enum": { "name": "resourceStatus", "modelAsString": true, - "values": [{ + "values": [ + { "value": "Healthy", "description": "This assessment on the resource is healthy" }, diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2017-08-01/examples/ComplianceResults/GetComplianceResults_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2017-08-01/examples/ComplianceResults/GetComplianceResults_example.json index efbeacc9e3a4..340f53a526de 100644 --- a/specification/security/resource-manager/Microsoft.Security/stable/2017-08-01/examples/ComplianceResults/GetComplianceResults_example.json +++ b/specification/security/resource-manager/Microsoft.Security/stable/2017-08-01/examples/ComplianceResults/GetComplianceResults_example.json @@ -16,4 +16,4 @@ } } } -} \ No newline at end of file +} diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2017-08-01/examples/ComplianceResults/ListComplianceResults_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2017-08-01/examples/ComplianceResults/ListComplianceResults_example.json index a2d2785a6ff7..4858d6c285f2 100644 --- a/specification/security/resource-manager/Microsoft.Security/stable/2017-08-01/examples/ComplianceResults/ListComplianceResults_example.json +++ b/specification/security/resource-manager/Microsoft.Security/stable/2017-08-01/examples/ComplianceResults/ListComplianceResults_example.json @@ -6,7 +6,8 @@ "responses": { "200": { "body": { - "value": [{ + "value": [ + { "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/complianceResults/DesignateMoreThanOneOwner", "name": "DesignateMoreThanOneOwner", "type": "Microsoft.Security/complianceResults", @@ -34,4 +35,4 @@ } } } -} \ No newline at end of file +} diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2018-06-01/examples/Pricings/GetPricingByName_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2018-06-01/examples/Pricings/GetPricingByName_example.json index 59c97ee39c01..3444e71fb1a6 100644 --- a/specification/security/resource-manager/Microsoft.Security/stable/2018-06-01/examples/Pricings/GetPricingByName_example.json +++ b/specification/security/resource-manager/Microsoft.Security/stable/2018-06-01/examples/Pricings/GetPricingByName_example.json @@ -1,19 +1,19 @@ { - "parameters": { - "api-version": "2018-06-01", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "pricingName": "VirtualMachines" - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/VirtualMachines", - "name": "VirtualMachines", - "type": "Microsoft.Security/pricings", - "properties": { - "pricingTier": "Standard" - } - } + "parameters": { + "api-version": "2018-06-01", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "pricingName": "VirtualMachines" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/VirtualMachines", + "name": "VirtualMachines", + "type": "Microsoft.Security/pricings", + "properties": { + "pricingTier": "Standard" } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2018-06-01/examples/Pricings/ListPricings_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2018-06-01/examples/Pricings/ListPricings_example.json index 8d6b9f32d2d6..2dc0d3f02223 100644 --- a/specification/security/resource-manager/Microsoft.Security/stable/2018-06-01/examples/Pricings/ListPricings_example.json +++ b/specification/security/resource-manager/Microsoft.Security/stable/2018-06-01/examples/Pricings/ListPricings_example.json @@ -1,44 +1,46 @@ { - "parameters": { - "api-version": "2018-06-01", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/VirtualMachines", - "name": "VirtualMachines", - "type": "Microsoft.Security/pricings", - "properties": { - "pricingTier": "Standard" - } - }, - { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/SqlServers", - "name": "SqlServers", - "type": "Microsoft.Security/pricings", - "properties": { - "pricingTier": "Standard" - } - }, - { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/AppServices", - "name": "AppServices", - "type": "Microsoft.Security/pricings", - "properties": { - "pricingTier": "Free" - } - }, - { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/StorageAccounts", - "name": "StorageAccounts", - "type": "Microsoft.Security/pricings", - "properties": { - "pricingTier": "Standard" - } - }] + "parameters": { + "api-version": "2018-06-01", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/VirtualMachines", + "name": "VirtualMachines", + "type": "Microsoft.Security/pricings", + "properties": { + "pricingTier": "Standard" } - } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/SqlServers", + "name": "SqlServers", + "type": "Microsoft.Security/pricings", + "properties": { + "pricingTier": "Standard" + } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/AppServices", + "name": "AppServices", + "type": "Microsoft.Security/pricings", + "properties": { + "pricingTier": "Free" + } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/StorageAccounts", + "name": "StorageAccounts", + "type": "Microsoft.Security/pricings", + "properties": { + "pricingTier": "Standard" + } + } + ] + } } + } } diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2018-06-01/examples/Pricings/PutPricingByName_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2018-06-01/examples/Pricings/PutPricingByName_example.json index e94720f808dd..957038093df2 100644 --- a/specification/security/resource-manager/Microsoft.Security/stable/2018-06-01/examples/Pricings/PutPricingByName_example.json +++ b/specification/security/resource-manager/Microsoft.Security/stable/2018-06-01/examples/Pricings/PutPricingByName_example.json @@ -1,27 +1,27 @@ { - "parameters": { - "api-version": "2018-06-01", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "pricingName": "VirtualMachines", - "pricing": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/VirtualMachines", - "name": "VirtualMachines", - "type": "Microsoft.Security/pricings", - "properties": { - "pricingTier": "Standard" - } + "parameters": { + "api-version": "2018-06-01", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "pricingName": "VirtualMachines", + "pricing": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/VirtualMachines", + "name": "VirtualMachines", + "type": "Microsoft.Security/pricings", + "properties": { + "pricingTier": "Standard" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/VirtualMachines", + "name": "VirtualMachines", + "type": "Microsoft.Security/pricings", + "properties": { + "pricingTier": "Standard" } - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/pricings/VirtualMachines", - "name": "VirtualMachines", - "type": "Microsoft.Security/pricings", - "properties": { - "pricingTier": "Standard" - } - } - } - } -} \ No newline at end of file + } + } + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2018-06-01/pricings.json b/specification/security/resource-manager/Microsoft.Security/stable/2018-06-01/pricings.json index 7c61698cde8a..7e6fc2ebc866 100644 --- a/specification/security/resource-manager/Microsoft.Security/stable/2018-06-01/pricings.json +++ b/specification/security/resource-manager/Microsoft.Security/stable/2018-06-01/pricings.json @@ -6,12 +6,20 @@ "version": "2018-06-01" }, "host": "management.azure.com", - "schemes": ["https"], - "consumes": ["application/json"], - "produces": ["application/json"], + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], "security": [ { - "azure_auth": ["user_impersonation"] + "azure_auth": [ + "user_impersonation" + ] } ], "securityDefinitions": { @@ -33,7 +41,9 @@ "$ref": "./examples/Pricings/ListPricings_example.json" } }, - "tags": ["Pricings"], + "tags": [ + "Pricings" + ], "description": "Security pricing configurations in the subscription", "operationId": "Pricings_List", "parameters": [ @@ -67,7 +77,9 @@ "$ref": "./examples/Pricings/GetPricingByName_example.json" } }, - "tags": ["Pricings"], + "tags": [ + "Pricings" + ], "description": "Security pricing configuration in the subscription", "operationId": "Pricings_Get", "parameters": [ @@ -102,7 +114,9 @@ "$ref": "./examples/Pricings/PutPricingByName_example.json" } }, - "tags": ["Pricings"], + "tags": [ + "Pricings" + ], "description": "Security pricing configuration in the subscription", "operationId": "Pricings_Update", "parameters": [ @@ -139,7 +153,9 @@ "definitions": { "PricingList": { "description": "List of pricing configurations response", - "required": ["value"], + "required": [ + "value" + ], "properties": { "value": { "type": "array", @@ -173,7 +189,10 @@ "pricingTier": { "type": "string", "description": "The pricing tier value", - "enum": ["Free", "Standard"], + "enum": [ + "Free", + "Standard" + ], "x-ms-enum": { "name": "pricingTier", "modelAsString": true, @@ -196,7 +215,9 @@ "description": "The duration left for the subscriptions free trial period - in ISO 8601 format (e.g. P3Y6M4DT12H30M5S)." } }, - "required": ["pricingTier"] + "required": [ + "pricingTier" + ] } }, "parameters": { diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/alerts.json b/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/alerts.json index 304d4fd4bb90..c7b90d3b5bf2 100644 --- a/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/alerts.json +++ b/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/alerts.json @@ -1,681 +1,681 @@ { - "swagger": "2.0", - "info": { - "title": "Security Center", - "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", - "version": "2019-01-01" - }, - "host": "management.azure.com", - "schemes": [ - "https" - ], - "consumes": [ - "application/json" - ], - "produces": [ - "application/json" - ], - "security": [ - { - "azure_auth": [ - "user_impersonation" - ] - } - ], - "securityDefinitions": { - "azure_auth": { - "type": "oauth2", - "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", - "flow": "implicit", - "description": "Azure Active Directory OAuth2 Flow", - "scopes": { - "user_impersonation": "impersonate your user account" + "swagger": "2.0", + "info": { + "title": "Security Center", + "description": "API spec for Microsoft.Security (Azure Security Center) resource provider", + "version": "2019-01-01" + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/alerts": { + "get": { + "x-ms-examples": { + "Get security alerts on a subscription": { + "$ref": "./examples/Alerts/GetAlertsSubscription_example.json" + } + }, + "tags": [ + "Alerts" + ], + "description": "List all the alerts that are associated with the subscription", + "operationId": "Alerts_List", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "#/parameters/ODataFilter" + }, + { + "$ref": "#/parameters/ODataSelect" + }, + { + "$ref": "#/parameters/ODataExpand" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/AlertList" } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" } + } }, - "paths": { - "/subscriptions/{subscriptionId}/providers/Microsoft.Security/alerts": { - "get": { - "x-ms-examples": { - "Get security alerts on a subscription": { - "$ref": "./examples/Alerts/GetAlertsSubscription_example.json" - } - }, - "tags": [ - "Alerts" - ], - "description": "List all the alerts that are associated with the subscription", - "operationId": "Alerts_List", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, - { - "$ref": "#/parameters/ODataFilter" - }, - { - "$ref": "#/parameters/ODataSelect" - }, - { - "$ref": "#/parameters/ODataExpand" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AlertList" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - } - } + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/alerts": { + "get": { + "x-ms-examples": { + "Get security alerts on a resource group": { + "$ref": "./examples/Alerts/GetAlertsResourceGroup_example.json" + } }, - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/alerts": { - "get": { - "x-ms-examples": { - "Get security alerts on a resource group": { - "$ref": "./examples/Alerts/GetAlertsResourceGroup_example.json" - } - }, - "tags": [ - "Alerts" - ], - "description": "List all the alerts that are associated with the resource group", - "operationId": "Alerts_ListByResourceGroup", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" - }, - { - "$ref": "#/parameters/ODataFilter" - }, - { - "$ref": "#/parameters/ODataSelect" - }, - { - "$ref": "#/parameters/ODataExpand" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AlertList" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - } + "tags": [ + "Alerts" + ], + "description": "List all the alerts that are associated with the resource group", + "operationId": "Alerts_ListByResourceGroup", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" + }, + { + "$ref": "#/parameters/ODataFilter" + }, + { + "$ref": "#/parameters/ODataSelect" + }, + { + "$ref": "#/parameters/ODataExpand" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/AlertList" } - }, - "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts": { - "get": { - "x-ms-examples": { - "Get security alerts on a subscription from a security data location": { - "$ref": "./examples/Alerts/GetAlertsSubscriptionsLocation_example.json" - } - }, - "tags": [ - "Alerts" - ], - "description": "List all the alerts that are associated with the subscription that are stored in a specific location", - "operationId": "Alerts_ListSubscriptionLevelAlertsByRegion", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/AscLocation" - }, - { - "$ref": "#/parameters/ODataFilter" - }, - { - "$ref": "#/parameters/ODataSelect" - }, - { - "$ref": "#/parameters/ODataExpand" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AlertList" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts": { + "get": { + "x-ms-examples": { + "Get security alerts on a subscription from a security data location": { + "$ref": "./examples/Alerts/GetAlertsSubscriptionsLocation_example.json" + } }, - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts": { - "get": { - "x-ms-examples": { - "Get security alerts on a resource group from a security data location": { - "$ref": "./examples/Alerts/GetAlertsResourceGroupLocation_example.json" - } - }, - "tags": [ - "Alerts" - ], - "description": "List all the alerts that are associated with the resource group that are stored in a specific location", - "operationId": "Alerts_ListResourceGroupLevelAlertsByRegion", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/AscLocation" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" - }, - { - "$ref": "#/parameters/ODataFilter" - }, - { - "$ref": "#/parameters/ODataSelect" - }, - { - "$ref": "#/parameters/ODataExpand" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AlertList" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - } + "tags": [ + "Alerts" + ], + "description": "List all the alerts that are associated with the subscription that are stored in a specific location", + "operationId": "Alerts_ListSubscriptionLevelAlertsByRegion", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/AscLocation" + }, + { + "$ref": "#/parameters/ODataFilter" + }, + { + "$ref": "#/parameters/ODataSelect" + }, + { + "$ref": "#/parameters/ODataExpand" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/AlertList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts": { + "get": { + "x-ms-examples": { + "Get security alerts on a resource group from a security data location": { + "$ref": "./examples/Alerts/GetAlertsResourceGroupLocation_example.json" + } }, - "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}": { - "get": { - "x-ms-examples": { - "Get security alert on a subscription from a security data location": { - "$ref": "./examples/Alerts/GetAlertSubscriptionLocation_example.json" - } - }, - "tags": [ - "Alerts" - ], - "description": "Get an alert that is associated with a subscription", - "operationId": "Alerts_GetSubscriptionLevelAlert", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/AscLocation" - }, - { - "$ref": "#/parameters/AlertName" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/Alert" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } + "tags": [ + "Alerts" + ], + "description": "List all the alerts that are associated with the resource group that are stored in a specific location", + "operationId": "Alerts_ListResourceGroupLevelAlertsByRegion", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/AscLocation" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" + }, + { + "$ref": "#/parameters/ODataFilter" + }, + { + "$ref": "#/parameters/ODataSelect" + }, + { + "$ref": "#/parameters/ODataExpand" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/AlertList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}": { + "get": { + "x-ms-examples": { + "Get security alert on a subscription from a security data location": { + "$ref": "./examples/Alerts/GetAlertSubscriptionLocation_example.json" + } }, - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}": { - "get": { - "x-ms-examples": { - "Get security alert on a resource group from a security data location": { - "$ref": "./examples/Alerts/GetAlertResourceGroupLocation_example.json" - } - }, - "tags": [ - "Alerts" - ], - "description": "Get an alert that is associated a resource group or a resource in a resource group", - "operationId": "Alerts_GetResourceGroupLevelAlerts", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/AscLocation" - }, - { - "$ref": "#/parameters/AlertName" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" - } - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/Alert" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } + "tags": [ + "Alerts" + ], + "description": "Get an alert that is associated with a subscription", + "operationId": "Alerts_GetSubscriptionLevelAlert", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/AscLocation" + }, + { + "$ref": "#/parameters/AlertName" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/Alert" } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}": { + "get": { + "x-ms-examples": { + "Get security alert on a resource group from a security data location": { + "$ref": "./examples/Alerts/GetAlertResourceGroupLocation_example.json" + } }, - "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/{alertUpdateActionType}": { - "post": { - "x-ms-examples": { - "Update security alert state on a subscription from a security data location": { - "$ref": "./examples/Alerts/UpdateAlertSubscriptionLocation_example.json" - } - }, - "tags": [ - "Alerts" - ], - "description": "Update the alert's state", - "operationId": "Alerts_UpdateSubscriptionLevelAlertState", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/AscLocation" - }, - { - "$ref": "#/parameters/AlertName" - }, - { - "$ref": "#/parameters/AlertUpdateActionType" - } - ], - "responses": { - "204": { - "description": "No Content" - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } + "tags": [ + "Alerts" + ], + "description": "Get an alert that is associated a resource group or a resource in a resource group", + "operationId": "Alerts_GetResourceGroupLevelAlerts", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/AscLocation" + }, + { + "$ref": "#/parameters/AlertName" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/Alert" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" } + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/{alertUpdateActionType}": { + "post": { + "x-ms-examples": { + "Update security alert state on a subscription from a security data location": { + "$ref": "./examples/Alerts/UpdateAlertSubscriptionLocation_example.json" + } }, - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/{alertUpdateActionType}": { - "post": { - "x-ms-examples": { - "Update security alert state on a resource group from a security data location": { - "$ref": "./examples/Alerts/UpdateAlertResourceGroupLocation_example.json" - } - }, - "tags": [ - "Alerts" - ], - "description": "Update the alert's state", - "operationId": "Alerts_UpdateResourceGroupLevelAlertState", - "parameters": [ - { - "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/AscLocation" - }, - { - "$ref": "#/parameters/AlertName" - }, - { - "$ref": "#/parameters/AlertUpdateActionType" - }, - { - "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" - } - ], - "responses": { - "204": { - "description": "No Content" - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" - } - } - } + "tags": [ + "Alerts" + ], + "description": "Update the alert's state", + "operationId": "Alerts_UpdateSubscriptionLevelAlertState", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/AscLocation" + }, + { + "$ref": "#/parameters/AlertName" + }, + { + "$ref": "#/parameters/AlertUpdateActionType" + } + ], + "responses": { + "204": { + "description": "No Content" + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" } + } } + } }, - "definitions": { - "AlertList": { - "type": "object", - "description": "List of security alerts", - "properties": { - "value": { - "type": "array", - "items": { - "$ref": "#/definitions/Alert" - } - }, - "nextLink": { - "readOnly": true, - "type": "string", - "description": "The URI to fetch the next page." - } + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/{alertUpdateActionType}": { + "post": { + "x-ms-examples": { + "Update security alert state on a resource group from a security data location": { + "$ref": "./examples/Alerts/UpdateAlertResourceGroupLocation_example.json" + } + }, + "tags": [ + "Alerts" + ], + "description": "Update the alert's state", + "operationId": "Alerts_UpdateResourceGroupLevelAlertState", + "parameters": [ + { + "$ref": "../../../common/v1/types.json#/parameters/ApiVersion" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/AscLocation" + }, + { + "$ref": "#/parameters/AlertName" + }, + { + "$ref": "#/parameters/AlertUpdateActionType" + }, + { + "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName" + } + ], + "responses": { + "204": { + "description": "No Content" + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" } + } + } + } + } + }, + "definitions": { + "AlertList": { + "type": "object", + "description": "List of security alerts", + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/Alert" + } }, - "Alert": { - "type": "object", - "description": "Security alert", - "properties": { - "properties": { - "x-ms-client-flatten": true, - "$ref": "#/definitions/AlertProperties" - } - }, - "allOf": [ - { - "$ref": "../../../common/v1/types.json#/definitions/Resource" - } + "nextLink": { + "readOnly": true, + "type": "string", + "description": "The URI to fetch the next page." + } + } + }, + "Alert": { + "type": "object", + "description": "Security alert", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/AlertProperties" + } + }, + "allOf": [ + { + "$ref": "../../../common/v1/types.json#/definitions/Resource" + } + ] + }, + "AlertProperties": { + "type": "object", + "description": "describes security alert properties.", + "properties": { + "state": { + "readOnly": true, + "type": "string", + "description": "State of the alert (Active, Dismissed etc.)" + }, + "reportedTimeUtc": { + "readOnly": true, + "type": "string", + "format": "date-time", + "description": "The time the incident was reported to Microsoft.Security in UTC" + }, + "vendorName": { + "readOnly": true, + "type": "string", + "description": "Name of the vendor that discovered the incident" + }, + "alertName": { + "readOnly": true, + "type": "string", + "description": "Name of the alert type" + }, + "alertDisplayName": { + "readOnly": true, + "type": "string", + "description": "Display name of the alert type" + }, + "detectedTimeUtc": { + "readOnly": true, + "type": "string", + "format": "date-time", + "description": "The time the incident was detected by the vendor" + }, + "description": { + "readOnly": true, + "type": "string", + "description": "Description of the incident and what it means" + }, + "remediationSteps": { + "readOnly": true, + "type": "string", + "description": "Recommended steps to reradiate the incident" + }, + "actionTaken": { + "readOnly": true, + "type": "string", + "description": "The action that was taken as a response to the alert (Active, Blocked etc.)" + }, + "reportedSeverity": { + "readOnly": true, + "type": "string", + "enum": [ + "Informational", + "Low", + "Medium", + "High" + ], + "x-ms-enum": { + "name": "reportedSeverity", + "modelAsString": true, + "values": [ + { + "value": "Informational" + }, + { + "value": "Low" + }, + { + "value": "Medium" + }, + { + "value": "High" + } ] + }, + "description": "Estimated severity of this alert" }, - "AlertProperties": { - "type": "object", - "description": "describes security alert properties.", - "properties": { - "state": { - "readOnly": true, - "type": "string", - "description": "State of the alert (Active, Dismissed etc.)" - }, - "reportedTimeUtc": { - "readOnly": true, - "type": "string", - "format": "date-time", - "description": "The time the incident was reported to Microsoft.Security in UTC" - }, - "vendorName": { - "readOnly": true, - "type": "string", - "description": "Name of the vendor that discovered the incident" - }, - "alertName": { - "readOnly": true, - "type": "string", - "description": "Name of the alert type" - }, - "alertDisplayName": { - "readOnly": true, - "type": "string", - "description": "Display name of the alert type" - }, - "detectedTimeUtc": { - "readOnly": true, - "type": "string", - "format": "date-time", - "description": "The time the incident was detected by the vendor" - }, - "description": { - "readOnly": true, - "type": "string", - "description": "Description of the incident and what it means" - }, - "remediationSteps": { - "readOnly": true, - "type": "string", - "description": "Recommended steps to reradiate the incident" - }, - "actionTaken": { - "readOnly": true, - "type": "string", - "description": "The action that was taken as a response to the alert (Active, Blocked etc.)" - }, - "reportedSeverity": { - "readOnly": true, - "type": "string", - "enum": [ - "Informational", - "Low", - "Medium", - "High" - ], - "x-ms-enum": { - "name": "reportedSeverity", - "modelAsString": true, - "values": [ - { - "value": "Informational" - }, - { - "value": "Low" - }, - { - "value": "Medium" - }, - { - "value": "High" - } - ] - }, - "description": "Estimated severity of this alert" - }, - "compromisedEntity": { - "readOnly": true, - "type": "string", - "description": "The entity that the incident happened on" - }, - "associatedResource": { - "readOnly": true, - "type": "string", - "description": "Azure resource ID of the associated resource" - }, - "extendedProperties": { - "$ref": "#/definitions/AlertExtendedProperties" - }, - "systemSource": { - "readOnly": true, - "type": "string", - "description": "The type of the alerted resource (Azure, Non-Azure)" - }, - "canBeInvestigated": { - "readOnly": true, - "type": "boolean", - "description": "Whether this alert can be investigated with Azure Security Center" - }, - "isIncident": { - "readOnly": true, - "type": "boolean", - "description": "Whether this alert is for incident type or not (otherwise - single alert)" - }, - "entities": { - "type": "array", - "description": "objects that are related to this alerts", - "items": { - "$ref": "#/definitions/AlertEntity" - } - }, - "confidenceScore": { - "readOnly": true, - "type": "number", - "format": "float", - "minimum": 0, - "maximum": 1, - "description": "level of confidence we have on the alert" - }, - "confidenceReasons": { - "type": "array", - "description": "reasons the alert got the confidenceScore value", - "items": { - "$ref": "#/definitions/AlertConfidenceReason" - } - }, - "subscriptionId": { - "readOnly": true, - "type": "string", - "description": "Azure subscription ID of the resource that had the security alert or the subscription ID of the workspace that this resource reports to" - }, - "instanceId": { - "readOnly": true, - "type": "string", - "description": "Instance ID of the alert." - }, - "workspaceArmId": { - "readOnly": true, - "type": "string", - "description": "Azure resource ID of the workspace that the alert was reported to." - }, - "correlationKey": { - "readOnly": true, - "type": "string", - "description": "Alerts with the same CorrelationKey will be grouped together in Ibiza." - } - } + "compromisedEntity": { + "readOnly": true, + "type": "string", + "description": "The entity that the incident happened on" }, - "AlertConfidenceReason": { - "type": "object", - "description": "Factors that increase our confidence that the alert is a true positive", - "properties": { - "type": { - "readOnly": true, - "type": "string", - "description": "Type of confidence factor" - }, - "reason": { - "readOnly": true, - "type": "string", - "description": "description of the confidence reason" - } - } + "associatedResource": { + "readOnly": true, + "type": "string", + "description": "Azure resource ID of the associated resource" }, - "AlertEntity": { - "type": "object", - "additionalProperties": true, - "description": "Changing set of properties depending on the entity type.", - "properties": { - "type": { - "readOnly": true, - "type": "string", - "description": "Type of entity" - } - } + "extendedProperties": { + "$ref": "#/definitions/AlertExtendedProperties" + }, + "systemSource": { + "readOnly": true, + "type": "string", + "description": "The type of the alerted resource (Azure, Non-Azure)" + }, + "canBeInvestigated": { + "readOnly": true, + "type": "boolean", + "description": "Whether this alert can be investigated with Azure Security Center" }, - "AlertExtendedProperties": { - "type": "object", - "additionalProperties": true, - "description": "Changing set of properties depending on the alert type." + "isIncident": { + "readOnly": true, + "type": "boolean", + "description": "Whether this alert is for incident type or not (otherwise - single alert)" + }, + "entities": { + "type": "array", + "description": "objects that are related to this alerts", + "items": { + "$ref": "#/definitions/AlertEntity" + } + }, + "confidenceScore": { + "readOnly": true, + "type": "number", + "format": "float", + "minimum": 0, + "maximum": 1, + "description": "level of confidence we have on the alert" + }, + "confidenceReasons": { + "type": "array", + "description": "reasons the alert got the confidenceScore value", + "items": { + "$ref": "#/definitions/AlertConfidenceReason" + } + }, + "subscriptionId": { + "readOnly": true, + "type": "string", + "description": "Azure subscription ID of the resource that had the security alert or the subscription ID of the workspace that this resource reports to" + }, + "instanceId": { + "readOnly": true, + "type": "string", + "description": "Instance ID of the alert." + }, + "workspaceArmId": { + "readOnly": true, + "type": "string", + "description": "Azure resource ID of the workspace that the alert was reported to." + }, + "correlationKey": { + "readOnly": true, + "type": "string", + "description": "Alerts with the same CorrelationKey will be grouped together in Ibiza." + } + } + }, + "AlertConfidenceReason": { + "type": "object", + "description": "Factors that increase our confidence that the alert is a true positive", + "properties": { + "type": { + "readOnly": true, + "type": "string", + "description": "Type of confidence factor" + }, + "reason": { + "readOnly": true, + "type": "string", + "description": "description of the confidence reason" } + } }, - "parameters": { - "ODataFilter": { - "name": "$filter", - "in": "query", - "required": false, - "type": "string", - "description": "OData filter. Optional.", - "x-ms-parameter-location": "method" - }, - "ODataSelect": { - "name": "$select", - "in": "query", - "required": false, - "type": "string", - "description": "OData select. Optional.", - "x-ms-parameter-location": "method" - }, - "ODataExpand": { - "name": "$expand", - "in": "query", - "required": false, - "type": "string", - "description": "OData expand. Optional.", - "x-ms-parameter-location": "method" - }, - "AlertName": { - "name": "alertName", - "in": "path", - "required": true, - "type": "string", - "description": "Name of the alert object", - "x-ms-parameter-location": "method" - }, - "AlertUpdateActionType": { - "name": "alertUpdateActionType", - "in": "path", - "required": true, - "type": "string", - "enum": [ - "Dismiss", - "Reactivate" - ], - "description": "Type of the action to do on the alert", - "x-ms-parameter-location": "method" + "AlertEntity": { + "type": "object", + "additionalProperties": true, + "description": "Changing set of properties depending on the entity type.", + "properties": { + "type": { + "readOnly": true, + "type": "string", + "description": "Type of entity" } + } + }, + "AlertExtendedProperties": { + "type": "object", + "additionalProperties": true, + "description": "Changing set of properties depending on the alert type." + } + }, + "parameters": { + "ODataFilter": { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "OData filter. Optional.", + "x-ms-parameter-location": "method" + }, + "ODataSelect": { + "name": "$select", + "in": "query", + "required": false, + "type": "string", + "description": "OData select. Optional.", + "x-ms-parameter-location": "method" + }, + "ODataExpand": { + "name": "$expand", + "in": "query", + "required": false, + "type": "string", + "description": "OData expand. Optional.", + "x-ms-parameter-location": "method" + }, + "AlertName": { + "name": "alertName", + "in": "path", + "required": true, + "type": "string", + "description": "Name of the alert object", + "x-ms-parameter-location": "method" + }, + "AlertUpdateActionType": { + "name": "alertUpdateActionType", + "in": "path", + "required": true, + "type": "string", + "enum": [ + "Dismiss", + "Reactivate" + ], + "description": "Type of the action to do on the alert", + "x-ms-parameter-location": "method" } + } } diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/GetAlertResourceGroupLocation_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/GetAlertResourceGroupLocation_example.json index ae09fc3ec57e..052abda63e3e 100644 --- a/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/GetAlertResourceGroupLocation_example.json +++ b/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/GetAlertResourceGroupLocation_example.json @@ -1,74 +1,82 @@ { - "parameters": { - "api-version": "2019-01-01", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "resourceGroupName": "myRg1", - "ascLocation": "westeurope", - "alertName": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA" - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", - "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", - "type": "Microsoft.Security/Locations/alerts", - "properties": { - "vendorName": "Microsoft", - "alertDisplayName": "Threat Intelligence Alert", - "alertName": "ThreatIntelligence", - "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", - "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", - "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", - "actionTaken": "Detected", - "reportedSeverity": "High", - "compromisedEntity": "vm1", - "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", - "extendedProperties": { - "user Name": "administrator", - "domain Name": "Contoso", - "attacker IP": "192.0.2.1", - "resourceType": "Virtual Machine" - }, - "state": "Dismissed", - "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", - "confidenceScore": 0.8, - "confidenceReasons": [{ - "type": "User", - "reason": "Some user reason" - }, { - "type": "Process", - "reason": "Some proccess reason" - }, { - "type": "Computer", - "reason": "Some computer reason" - }], - "canBeInvestigated": true, - "isIncident": false, - "entities": [{ - "address": "192.0.2.1", - "location": { - "countryCode": "gb", - "state": "wokingham", - "city": "sonning", - "longitude": -0.909, - "latitude": 51.468, - "asn": 6584 - }, - "threatIntelligence": [{ - "providerName": "Team Cymru", - "threatType": "C2", - "threatName": "rarog", - "confidence": 0.8, - "reportLink": "http://www.microsoft.com", - "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." - }], - "type": "ip" - }], - "correlationKey": "Rkso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s9Jk=" + "parameters": { + "api-version": "2019-01-01", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg1", + "ascLocation": "westeurope", + "alertName": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "type": "Microsoft.Security/Locations/alerts", + "properties": { + "vendorName": "Microsoft", + "alertDisplayName": "Threat Intelligence Alert", + "alertName": "ThreatIntelligence", + "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", + "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", + "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", + "actionTaken": "Detected", + "reportedSeverity": "High", + "compromisedEntity": "vm1", + "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", + "extendedProperties": { + "user Name": "administrator", + "domain Name": "Contoso", + "attacker IP": "192.0.2.1", + "resourceType": "Virtual Machine" + }, + "state": "Dismissed", + "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", + "confidenceScore": 0.8, + "confidenceReasons": [ + { + "type": "User", + "reason": "Some user reason" + }, + { + "type": "Process", + "reason": "Some proccess reason" + }, + { + "type": "Computer", + "reason": "Some computer reason" + } + ], + "canBeInvestigated": true, + "isIncident": false, + "entities": [ + { + "address": "192.0.2.1", + "location": { + "countryCode": "gb", + "state": "wokingham", + "city": "sonning", + "longitude": -0.909, + "latitude": 51.468, + "asn": 6584 + }, + "threatIntelligence": [ + { + "providerName": "Team Cymru", + "threatType": "C2", + "threatName": "rarog", + "confidence": 0.8, + "reportLink": "http://www.microsoft.com", + "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." } + ], + "type": "ip" } + ], + "correlationKey": "Rkso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s9Jk=" } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/GetAlertSubscriptionLocation_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/GetAlertSubscriptionLocation_example.json index e89d71092139..3050a4e1228a 100644 --- a/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/GetAlertSubscriptionLocation_example.json +++ b/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/GetAlertSubscriptionLocation_example.json @@ -1,73 +1,81 @@ { - "parameters": { - "api-version": "2019-01-01", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "ascLocation": "westeurope", - "alertName": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA" - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", - "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", - "type": "Microsoft.Security/Locations/alerts", - "properties": { - "vendorName": "Microsoft", - "alertDisplayName": "Threat Intelligence Alert", - "alertName": "ThreatIntelligence", - "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", - "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", - "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", - "actionTaken": "Detected", - "reportedSeverity": "High", - "compromisedEntity": "vm1", - "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", - "extendedProperties": { - "user Name": "administrator", - "domain Name": "Contoso", - "attacker IP": "192.0.2.1", - "resourceType": "Virtual Machine" - }, - "state": "Dismissed", - "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", - "confidenceScore": 0.8, - "confidenceReasons": [{ - "type": "User", - "reason": "Some user reason" - }, { - "type": "Process", - "reason": "Some proccess reason" - }, { - "type": "Computer", - "reason": "Some computer reason" - }], - "canBeInvestigated": true, - "isIncident": false, - "entities": [{ - "address": "192.0.2.1", - "location": { - "countryCode": "gb", - "state": "wokingham", - "city": "sonning", - "longitude": -0.909, - "latitude": 51.468, - "asn": 6584 - }, - "threatIntelligence": [{ - "providerName": "Team Cymru", - "threatType": "C2", - "threatName": "rarog", - "confidence": 0.8, - "reportLink": "http://www.microsoft.com", - "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." - }], - "type": "ip" - }], - "correlationKey": "Rkso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s9Jk=" + "parameters": { + "api-version": "2019-01-01", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope", + "alertName": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "type": "Microsoft.Security/Locations/alerts", + "properties": { + "vendorName": "Microsoft", + "alertDisplayName": "Threat Intelligence Alert", + "alertName": "ThreatIntelligence", + "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", + "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", + "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", + "actionTaken": "Detected", + "reportedSeverity": "High", + "compromisedEntity": "vm1", + "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", + "extendedProperties": { + "user Name": "administrator", + "domain Name": "Contoso", + "attacker IP": "192.0.2.1", + "resourceType": "Virtual Machine" + }, + "state": "Dismissed", + "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", + "confidenceScore": 0.8, + "confidenceReasons": [ + { + "type": "User", + "reason": "Some user reason" + }, + { + "type": "Process", + "reason": "Some proccess reason" + }, + { + "type": "Computer", + "reason": "Some computer reason" + } + ], + "canBeInvestigated": true, + "isIncident": false, + "entities": [ + { + "address": "192.0.2.1", + "location": { + "countryCode": "gb", + "state": "wokingham", + "city": "sonning", + "longitude": -0.909, + "latitude": 51.468, + "asn": 6584 + }, + "threatIntelligence": [ + { + "providerName": "Team Cymru", + "threatType": "C2", + "threatName": "rarog", + "confidence": 0.8, + "reportLink": "http://www.microsoft.com", + "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." } + ], + "type": "ip" } + ], + "correlationKey": "Rkso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s9Jk=" } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/GetAlertsResourceGroupLocation_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/GetAlertsResourceGroupLocation_example.json index d6215cb137a4..381b5653dc99 100644 --- a/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/GetAlertsResourceGroupLocation_example.json +++ b/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/GetAlertsResourceGroupLocation_example.json @@ -1,75 +1,85 @@ { - "parameters": { - "api-version": "2019-01-01", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "resourceGroupName": "myRg1", - "ascLocation": "westeurope" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", - "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", - "type": "Microsoft.Security/Locations/alerts", - "properties": { - "vendorName": "Microsoft", - "alertDisplayName": "Threat Intelligence Alert", - "alertName": "ThreatIntelligence", - "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", - "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", - "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", - "actionTaken": "Detected", - "reportedSeverity": "High", - "compromisedEntity": "vm1", - "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", - "extendedProperties": { - "user Name": "administrator", - "domain Name": "Contoso", - "attacker IP": "192.0.2.1", - "resourceType": "Virtual Machine" - }, - "state": "Dismissed", - "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", - "confidenceScore": 0.8, - "confidenceReasons": [{ - "type": "User", - "reason": "Some user reason" - }, { - "type": "Process", - "reason": "Some proccess reason" - }, { - "type": "Computer", - "reason": "Some computer reason" - }], - "canBeInvestigated": true, - "isIncident": false, - "entities": [{ - "address": "192.0.2.1", - "location": { - "countryCode": "gb", - "state": "wokingham", - "city": "sonning", - "longitude": -0.909, - "latitude": 51.468, - "asn": 6584 - }, - "threatIntelligence": [{ - "providerName": "Team Cymru", - "threatType": "C2", - "threatName": "rarog", - "confidence": 0.8, - "reportLink": "http://www.microsoft.com", - "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." - }], - "type": "ip" - }], - "correlationKey": "Rkso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s9Jk=" + "parameters": { + "api-version": "2019-01-01", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg1", + "ascLocation": "westeurope" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "type": "Microsoft.Security/Locations/alerts", + "properties": { + "vendorName": "Microsoft", + "alertDisplayName": "Threat Intelligence Alert", + "alertName": "ThreatIntelligence", + "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", + "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", + "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", + "actionTaken": "Detected", + "reportedSeverity": "High", + "compromisedEntity": "vm1", + "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", + "extendedProperties": { + "user Name": "administrator", + "domain Name": "Contoso", + "attacker IP": "192.0.2.1", + "resourceType": "Virtual Machine" + }, + "state": "Dismissed", + "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", + "confidenceScore": 0.8, + "confidenceReasons": [ + { + "type": "User", + "reason": "Some user reason" + }, + { + "type": "Process", + "reason": "Some proccess reason" + }, + { + "type": "Computer", + "reason": "Some computer reason" + } + ], + "canBeInvestigated": true, + "isIncident": false, + "entities": [ + { + "address": "192.0.2.1", + "location": { + "countryCode": "gb", + "state": "wokingham", + "city": "sonning", + "longitude": -0.909, + "latitude": 51.468, + "asn": 6584 + }, + "threatIntelligence": [ + { + "providerName": "Team Cymru", + "threatType": "C2", + "threatName": "rarog", + "confidence": 0.8, + "reportLink": "http://www.microsoft.com", + "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." } - }] + ], + "type": "ip" + } + ], + "correlationKey": "Rkso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s9Jk=" } - } + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/GetAlertsResourceGroup_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/GetAlertsResourceGroup_example.json index 913453136178..3641b911b3f9 100644 --- a/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/GetAlertsResourceGroup_example.json +++ b/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/GetAlertsResourceGroup_example.json @@ -1,74 +1,84 @@ { - "parameters": { - "api-version": "2019-01-01", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "resourceGroupName": "myRg1" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", - "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", - "type": "Microsoft.Security/Locations/alerts", - "properties": { - "vendorName": "Microsoft", - "alertDisplayName": "Threat Intelligence Alert", - "alertName": "ThreatIntelligence", - "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", - "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", - "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", - "actionTaken": "Detected", - "reportedSeverity": "High", - "compromisedEntity": "vm1", - "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", - "extendedProperties": { - "user Name": "administrator", - "domain Name": "Contoso", - "attacker IP": "192.0.2.1", - "resourceType": "Virtual Machine" - }, - "state": "Dismissed", - "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", - "confidenceScore": 0.8, - "confidenceReasons": [{ - "type": "User", - "reason": "Some user reason" - }, { - "type": "Process", - "reason": "Some proccess reason" - }, { - "type": "Computer", - "reason": "Some computer reason" - }], - "canBeInvestigated": true, - "isIncident": false, - "entities": [{ - "address": "192.0.2.1", - "location": { - "countryCode": "gb", - "state": "wokingham", - "city": "sonning", - "longitude": -0.909, - "latitude": 51.468, - "asn": 6584 - }, - "threatIntelligence": [{ - "providerName": "Team Cymru", - "threatType": "C2", - "threatName": "rarog", - "confidence": 0.8, - "reportLink": "http://www.microsoft.com", - "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." - }], - "type": "ip" - }], - "correlationKey": "Rkso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s9Jk=" + "parameters": { + "api-version": "2019-01-01", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg1" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "type": "Microsoft.Security/Locations/alerts", + "properties": { + "vendorName": "Microsoft", + "alertDisplayName": "Threat Intelligence Alert", + "alertName": "ThreatIntelligence", + "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", + "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", + "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", + "actionTaken": "Detected", + "reportedSeverity": "High", + "compromisedEntity": "vm1", + "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", + "extendedProperties": { + "user Name": "administrator", + "domain Name": "Contoso", + "attacker IP": "192.0.2.1", + "resourceType": "Virtual Machine" + }, + "state": "Dismissed", + "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", + "confidenceScore": 0.8, + "confidenceReasons": [ + { + "type": "User", + "reason": "Some user reason" + }, + { + "type": "Process", + "reason": "Some proccess reason" + }, + { + "type": "Computer", + "reason": "Some computer reason" + } + ], + "canBeInvestigated": true, + "isIncident": false, + "entities": [ + { + "address": "192.0.2.1", + "location": { + "countryCode": "gb", + "state": "wokingham", + "city": "sonning", + "longitude": -0.909, + "latitude": 51.468, + "asn": 6584 + }, + "threatIntelligence": [ + { + "providerName": "Team Cymru", + "threatType": "C2", + "threatName": "rarog", + "confidence": 0.8, + "reportLink": "http://www.microsoft.com", + "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." } - }] + ], + "type": "ip" + } + ], + "correlationKey": "Rkso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s9Jk=" } - } + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/GetAlertsSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/GetAlertsSubscription_example.json index 401a68cdb5f7..60e85e506079 100644 --- a/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/GetAlertsSubscription_example.json +++ b/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/GetAlertsSubscription_example.json @@ -1,153 +1,172 @@ { - "parameters": { - "api-version": "2019-01-01", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", - "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", - "type": "Microsoft.Security/Locations/alerts", - "properties": { - "vendorName": "Microsoft", - "alertDisplayName": "Threat Intelligence Alert", - "alertName": "ThreatIntelligence", - "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", - "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", - "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", - "actionTaken": "Detected", - "reportedSeverity": "High", - "compromisedEntity": "vm1", - "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", - "extendedProperties": { - "user Name": "administrator", - "domain Name": "Contoso", - "attacker IP": "192.0.2.1", - "resourceType": "Virtual Machine" - }, - "state": "Dismissed", - "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", - "confidenceScore": 0.8, - "confidenceReasons": [{ - "type": "User", - "reason": "Some user reason" - }, { - "type": "Process", - "reason": "Some proccess reason" - }, { - "type": "Computer", - "reason": "Some computer reason" - }], - "canBeInvestigated": true, - "isIncident": false, - "entities": [{ - "address": "192.0.2.1", - "location": { - "countryCode": "gb", - "state": "wokingham", - "city": "sonning", - "longitude": -0.909, - "latitude": 51.468, - "asn": 6584 - }, - "threatIntelligence": [{ - "providerName": "Team Cymru", - "threatType": "C2", - "threatName": "rarog", - "confidence": 0.8, - "reportLink": "http://www.microsoft.com", - "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." - }], - "type": "ip" - }], - "correlationKey": "Rkso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s9Jk=" - } - }, + "parameters": { + "api-version": "2019-01-01", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "type": "Microsoft.Security/Locations/alerts", + "properties": { + "vendorName": "Microsoft", + "alertDisplayName": "Threat Intelligence Alert", + "alertName": "ThreatIntelligence", + "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", + "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", + "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", + "actionTaken": "Detected", + "reportedSeverity": "High", + "compromisedEntity": "vm1", + "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", + "extendedProperties": { + "user Name": "administrator", + "domain Name": "Contoso", + "attacker IP": "192.0.2.1", + "resourceType": "Virtual Machine" + }, + "state": "Dismissed", + "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", + "confidenceScore": 0.8, + "confidenceReasons": [ + { + "type": "User", + "reason": "Some user reason" + }, + { + "type": "Process", + "reason": "Some proccess reason" + }, + { + "type": "Computer", + "reason": "Some computer reason" + } + ], + "canBeInvestigated": true, + "isIncident": false, + "entities": [ + { + "address": "192.0.2.1", + "location": { + "countryCode": "gb", + "state": "wokingham", + "city": "sonning", + "longitude": -0.909, + "latitude": 51.468, + "asn": 6584 + }, + "threatIntelligence": [ { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg2/providers/Microsoft.Security/locations/westeurope/alerts/2518765996949954086_2325cf9e-42a2-4f72-ae7f-9b863cba2d22", - "name": "2518765996949954086_2325cf9e-42a2-4f72-ae7f-9b863cba2d22", - "type": "Microsoft.Security/Locations/alerts", - "properties": { - "systemSource": "Azure", - "vendorName": "Microsoft", - "alertDisplayName": "Suspicious Screensaver process executed", - "alertName": "SuspiciousScreenSaver", - "detectedTimeUtc": "2018-05-07T13:51:45.0045913Z", - "description": "The process ‘%{process name}’ was observed executing from an uncommon location.\r\n\r\nFiles with the .scr extensions are screen saver files and are normally reside and execute from the Windows system directory.", - "remediationSteps": "1. Run Process Explorer and try to identify unknown running processes (see https://technet.microsoft.com/en-us/sysinternals/bb896653.aspx)\r\n2. Make sure the machine is completely updated and has an updated anti-malware application installed\r\n3. Run a full anti-malware scan and verify that the threat was removed\r\n4. Install and run Microsoft’s Malicious Software Removal Tool (see https://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx)\r\n5. Run Microsoft’s Autoruns utility and try to identify unknown applications that are configured to run at login (see https://technet.microsoft.com/en-us/sysinternals/bb963902.aspx)\r\n6. Escalate the alert to the information security team", - "actionTaken": "Detected", - "reportedSeverity": "Low", - "compromisedEntity": "vm2", - "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/myRg2/providers/microsoft.compute/virtualmachines/vm2", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "instanceId": "2325cf9e-42a2-4f72-ae7f-9b863cba2d22", - "extendedProperties": { - "domain name": "vm2", - "user name": "vm2\\contosoUser", - "process name": "c:\\users\\contosoUser\\scrsave.scr", - "command line": "c:\\users\\contosoUser\\scrsave.scr", - "parent process": "cmd.exe", - "process id": "0x4aec", - "account logon id": "0x61450d87", - "user SID": "S-1-5-21-2144575486-8928446540-5163864319-500", - "parent process id": "0x3c44", - "enrichment_tas_threat__reports": "{\"Kind\":\"MultiLink\",\"DisplayValueToUrlDictionary\":{\"Report: Suspicious Screen Saver Execution\":\"https://iflowreportsproda.blob.core.windows.net/reports/MSTI-TS-Suspicious-Screen-Saver-Execution.pdf?sv=2016-05-31&sr=b&sig=2igHPl764UM7aBHNaO9mPAnpzoXlwRw8YjpFLLuB2NE%3D&spr=https&st=2018-05-07T00%3A20%3A54Z&se=2018-05-08T00%3A35%3A54Z&sp=r\"}}", - "resourceType": "Virtual Machine" - }, - "state": "Active", - "reportedTimeUtc": "2018-05-07T13:51:48.3810457Z", - "workspaceArmId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-weu/providers/microsoft.operationalinsights/workspaces/defaultworkspace-21ff7fc3-e762-48dd-bd96-b551f6dcdd23-weu", - "confidenceScore": 0.3, - "confidenceReasons": [{ - "type": "Process", - "reason": "Suspicious process execution history for this subscription" - }, { - "type": "Process", - "reason": "Suspicious process execution history for this subscription" - }, { - "type": "Process", - "reason": "cmd.exe appeared in multiple alerts of the same type" - }], - "canBeInvestigated": true, - "entities": [{ - "dnsDomain": "", - "ntDomain": "", - "hostName": "vm2", - "netBiosName": "vm2", - "azureID": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/myRg2/providers/microsoft.compute/virtualmachines/vm2", - "omsAgentID": "45b44640-3b94-4892-a28c-4a5cae27065a", - "operatingSystem": "Unknown", - "type": "host", - "OsVersion": null - }, { - "name": "contosoUser", - "ntDomain": "vm2", - "logonId": "0x61450d87", - "sid": "S-1-5-21-2144575486-8928446540-5163864319-500", - "type": "account" - }, { - "directory": "c:\\windows\\system32", - "name": "cmd.exe", - "type": "file" - }, { - "directory": "c:\\users\\contosoUser", - "name": "scrsave.scr", - "type": "file" - }, { - "processId": "0x4aec", - "commandLine": "c:\\users\\contosoUser\\scrsave.scr", - "creationTimeUtc": "2018-05-07T13:51:45.0045913Z", - "type": "process" - }], - "correlationKey": "4hnro6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s96++" - } + "providerName": "Team Cymru", + "threatType": "C2", + "threatName": "rarog", + "confidence": 0.8, + "reportLink": "http://www.microsoft.com", + "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." } - ] + ], + "type": "ip" + } + ], + "correlationKey": "Rkso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s9Jk=" } - } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg2/providers/Microsoft.Security/locations/westeurope/alerts/2518765996949954086_2325cf9e-42a2-4f72-ae7f-9b863cba2d22", + "name": "2518765996949954086_2325cf9e-42a2-4f72-ae7f-9b863cba2d22", + "type": "Microsoft.Security/Locations/alerts", + "properties": { + "systemSource": "Azure", + "vendorName": "Microsoft", + "alertDisplayName": "Suspicious Screensaver process executed", + "alertName": "SuspiciousScreenSaver", + "detectedTimeUtc": "2018-05-07T13:51:45.0045913Z", + "description": "The process ‘%{process name}’ was observed executing from an uncommon location.\r\n\r\nFiles with the .scr extensions are screen saver files and are normally reside and execute from the Windows system directory.", + "remediationSteps": "1. Run Process Explorer and try to identify unknown running processes (see https://technet.microsoft.com/en-us/sysinternals/bb896653.aspx)\r\n2. Make sure the machine is completely updated and has an updated anti-malware application installed\r\n3. Run a full anti-malware scan and verify that the threat was removed\r\n4. Install and run Microsoft’s Malicious Software Removal Tool (see https://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx)\r\n5. Run Microsoft’s Autoruns utility and try to identify unknown applications that are configured to run at login (see https://technet.microsoft.com/en-us/sysinternals/bb963902.aspx)\r\n6. Escalate the alert to the information security team", + "actionTaken": "Detected", + "reportedSeverity": "Low", + "compromisedEntity": "vm2", + "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/myRg2/providers/microsoft.compute/virtualmachines/vm2", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "instanceId": "2325cf9e-42a2-4f72-ae7f-9b863cba2d22", + "extendedProperties": { + "domain name": "vm2", + "user name": "vm2\\contosoUser", + "process name": "c:\\users\\contosoUser\\scrsave.scr", + "command line": "c:\\users\\contosoUser\\scrsave.scr", + "parent process": "cmd.exe", + "process id": "0x4aec", + "account logon id": "0x61450d87", + "user SID": "S-1-5-21-2144575486-8928446540-5163864319-500", + "parent process id": "0x3c44", + "enrichment_tas_threat__reports": "{\"Kind\":\"MultiLink\",\"DisplayValueToUrlDictionary\":{\"Report: Suspicious Screen Saver Execution\":\"https://iflowreportsproda.blob.core.windows.net/reports/MSTI-TS-Suspicious-Screen-Saver-Execution.pdf?sv=2016-05-31&sr=b&sig=2igHPl764UM7aBHNaO9mPAnpzoXlwRw8YjpFLLuB2NE%3D&spr=https&st=2018-05-07T00%3A20%3A54Z&se=2018-05-08T00%3A35%3A54Z&sp=r\"}}", + "resourceType": "Virtual Machine" + }, + "state": "Active", + "reportedTimeUtc": "2018-05-07T13:51:48.3810457Z", + "workspaceArmId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-weu/providers/microsoft.operationalinsights/workspaces/defaultworkspace-21ff7fc3-e762-48dd-bd96-b551f6dcdd23-weu", + "confidenceScore": 0.3, + "confidenceReasons": [ + { + "type": "Process", + "reason": "Suspicious process execution history for this subscription" + }, + { + "type": "Process", + "reason": "Suspicious process execution history for this subscription" + }, + { + "type": "Process", + "reason": "cmd.exe appeared in multiple alerts of the same type" + } + ], + "canBeInvestigated": true, + "entities": [ + { + "dnsDomain": "", + "ntDomain": "", + "hostName": "vm2", + "netBiosName": "vm2", + "azureID": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/myRg2/providers/microsoft.compute/virtualmachines/vm2", + "omsAgentID": "45b44640-3b94-4892-a28c-4a5cae27065a", + "operatingSystem": "Unknown", + "type": "host", + "OsVersion": null + }, + { + "name": "contosoUser", + "ntDomain": "vm2", + "logonId": "0x61450d87", + "sid": "S-1-5-21-2144575486-8928446540-5163864319-500", + "type": "account" + }, + { + "directory": "c:\\windows\\system32", + "name": "cmd.exe", + "type": "file" + }, + { + "directory": "c:\\users\\contosoUser", + "name": "scrsave.scr", + "type": "file" + }, + { + "processId": "0x4aec", + "commandLine": "c:\\users\\contosoUser\\scrsave.scr", + "creationTimeUtc": "2018-05-07T13:51:45.0045913Z", + "type": "process" + } + ], + "correlationKey": "4hnro6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s96++" + } + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/GetAlertsSubscriptionsLocation_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/GetAlertsSubscriptionsLocation_example.json index c36b7a987110..9c13efa4ff44 100644 --- a/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/GetAlertsSubscriptionsLocation_example.json +++ b/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/GetAlertsSubscriptionsLocation_example.json @@ -1,157 +1,177 @@ { - "parameters": { - "api-version": "2019-01-01", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "ascLocation": "westeurope" - }, - "responses": { - "200": { - "body": { - "value": [{ - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", - "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", - "type": "Microsoft.Security/Locations/alerts", - "properties": { - "vendorName": "Microsoft", - "alertDisplayName": "Threat Intelligence Alert", - "alertName": "ThreatIntelligence", - "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", - "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", - "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", - "actionTaken": "Detected", - "reportedSeverity": "High", - "compromisedEntity": "vm1", - "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", - "extendedProperties": { - "user Name": "administrator", - "domain Name": "Contoso", - "attacker IP": "192.0.2.1", - "resourceType": "Virtual Machine" - }, - "state": "Dismissed", - "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", - "confidenceScore": 0.8, - "confidenceReasons": [{ - "type": "User", - "reason": "Some user reason" - }, { - "type": "Process", - "reason": "Some proccess reason" - }, { - "type": "Computer", - "reason": "Some computer reason" - }], - "canBeInvestigated": true, - "isIncident": false, - "entities": [{ - "address": "192.0.2.1", - "location": { - "countryCode": "gb", - "state": "wokingham", - "city": "sonning", - "longitude": -0.909, - "latitude": 51.468, - "asn": 6584 - }, - "threatIntelligence": [{ - "providerName": "Team Cymru", - "threatType": "C2", - "threatName": "rarog", - "confidence": 0.8, - "reportLink": "http://www.microsoft.com", - "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." - }], - "type": "ip" - }], - "correlationKey": "Rkso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s9Jk=" - } - }, + "parameters": { + "api-version": "2019-01-01", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Security/locations/westeurope/alerts/2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "name": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "type": "Microsoft.Security/Locations/alerts", + "properties": { + "vendorName": "Microsoft", + "alertDisplayName": "Threat Intelligence Alert", + "alertName": "ThreatIntelligence", + "detectedTimeUtc": "2018-05-01T19:50:47.083633Z", + "description": "Process was detected running on the host and is considered to be suspicious, verify that the user run it", + "remediationSteps": "verify that the user invoked this process\r\nrun antimalware scan of the VM", + "actionTaken": "Detected", + "reportedSeverity": "High", + "compromisedEntity": "vm1", + "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "instanceId": "f144ee95-a3e5-42da-a279-967d115809aa", + "extendedProperties": { + "user Name": "administrator", + "domain Name": "Contoso", + "attacker IP": "192.0.2.1", + "resourceType": "Virtual Machine" + }, + "state": "Dismissed", + "reportedTimeUtc": "2018-05-02T05:36:12.2089889Z", + "confidenceScore": 0.8, + "confidenceReasons": [ + { + "type": "User", + "reason": "Some user reason" + }, + { + "type": "Process", + "reason": "Some proccess reason" + }, + { + "type": "Computer", + "reason": "Some computer reason" + } + ], + "canBeInvestigated": true, + "isIncident": false, + "entities": [ + { + "address": "192.0.2.1", + "location": { + "countryCode": "gb", + "state": "wokingham", + "city": "sonning", + "longitude": -0.909, + "latitude": 51.468, + "asn": 6584 + }, + "threatIntelligence": [ { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg2/providers/Microsoft.Security/locations/westeurope/alerts/2518765996949954086_2325cf9e-42a2-4f72-ae7f-9b863cba2d22", - "name": "2518765996949954086_2325cf9e-42a2-4f72-ae7f-9b863cba2d22", - "type": "Microsoft.Security/Locations/alerts", - "properties": { - "systemSource": "Azure", - "vendorName": "Microsoft", - "alertDisplayName": "Suspicious Screensaver process executed", - "alertName": "SuspiciousScreenSaver", - "detectedTimeUtc": "2018-05-07T13:51:45.0045913Z", - "description": "The process ‘%{process name}’ was observed executing from an uncommon location.\r\n\r\nFiles with the .scr extensions are screen saver files and are normally reside and execute from the Windows system directory.", - "remediationSteps": "1. Run Process Explorer and try to identify unknown running processes (see https://technet.microsoft.com/en-us/sysinternals/bb896653.aspx)\r\n2. Make sure the machine is completely updated and has an updated anti-malware application installed\r\n3. Run a full anti-malware scan and verify that the threat was removed\r\n4. Install and run Microsoft’s Malicious Software Removal Tool (see https://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx)\r\n5. Run Microsoft’s Autoruns utility and try to identify unknown applications that are configured to run at login (see https://technet.microsoft.com/en-us/sysinternals/bb963902.aspx)\r\n6. Escalate the alert to the information security team", - "actionTaken": "Detected", - "reportedSeverity": "Low", - "compromisedEntity": "vm2", - "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/myRg2/providers/microsoft.compute/virtualmachines/vm2", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "instanceId": "2325cf9e-42a2-4f72-ae7f-9b863cba2d22", - "extendedProperties": { - "domain name": "vm2", - "user name": "vm2\\contosoUser", - "process name": "c:\\users\\contosoUser\\scrsave.scr", - "command line": "c:\\users\\contosoUser\\scrsave.scr", - "parent process": "cmd.exe", - "process id": "0x4aec", - "account logon id": "0x61450d87", - "user SID": "S-1-5-21-2144575486-8928446540-5163864319-500", - "parent process id": "0x3c44", - "enrichment_tas_threat__reports": "{\"Kind\":\"MultiLink\",\"DisplayValueToUrlDictionary\":{\"Report: Suspicious Screen Saver Execution\":\"https://iflowreportsproda.blob.core.windows.net/reports/MSTI-TS-Suspicious-Screen-Saver-Execution.pdf?sv=2016-05-31&sr=b&sig=2igHPl764UM7aBHNaO9mPAnpzoXlwRw8YjpFLLuB2NE%3D&spr=https&st=2018-05-07T00%3A20%3A54Z&se=2018-05-08T00%3A35%3A54Z&sp=r\"}}", - "resourceType": "Virtual Machine" - }, - "state": "Active", - "reportedTimeUtc": "2018-05-07T13:51:48.3810457Z", - "workspaceArmId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-weu/providers/microsoft.operationalinsights/workspaces/defaultworkspace-21ff7fc3-e762-48dd-bd96-b551f6dcdd23-weu", - "confidenceScore": 0.3, - "confidenceReasons": [{ - "type": "Process", - "reason": "Suspicious process execution history for this subscription" - }, { - "type": "Process", - "reason": "Suspicious process execution history for this subscription" - }, { - "type": "Process", - "reason": "cmd.exe appeared in multiple alerts of the same type" - }], - "canBeInvestigated": true, - "entities": [{ - "dnsDomain": "", - "ntDomain": "", - "hostName": "vm2", - "netBiosName": "vm2", - "azureID": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/myRg2/providers/microsoft.compute/virtualmachines/vm2", - "omsAgentID": "45b44640-3b94-4892-a28c-4a5cae27065a", - "operatingSystem": "Unknown", - "type": "host", - "OsVersion": null - }, { - "name": "contosoUser", - "ntDomain": "vm2", - "logonId": "0x61450d87", - "sid": "S-1-5-21-2144575486-8928446540-5163864319-500", - "type": "account" - }, { - "directory": "c:\\windows\\system32", - "name": "cmd.exe", - "type": "file" - }, { - "processId": "0x3c44", - "type": "process" - }, { - "directory": "c:\\users\\contosoUser", - "name": "scrsave.scr", - "type": "file" - }, { - "processId": "0x4aec", - "commandLine": "c:\\users\\contosoUser\\scrsave.scr", - "creationTimeUtc": "2018-05-07T13:51:45.0045913Z", - "type": "process" - }], - "correlationKey": "4hno6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0srk4" - } + "providerName": "Team Cymru", + "threatType": "C2", + "threatName": "rarog", + "confidence": 0.8, + "reportLink": "http://www.microsoft.com", + "threatDescription": "In bot armies, the controller is the server machine(s) that gives instructions to the controlled (zombied) hosts that connect to the command and control (C2) network. The controller host is usually running a botnet management application that is sending the commands to the zombied members of the bot army. These commands include, but are not limited to, the following: updating bitcoin wallet information, distributed denial-of-service (DDoS) target listings, updated C2 communication contact lists, and targeting data. C2 servers may be either directly controlled by the malware operators or run on hardware compromised by malware. There are multiple techniques for dynamically changing the control servers so that they are not isolated and brought down. Control servers utilize two general architectures: client-server and peer-to-peer. In a client-server model, all the hosts are controlled by a single server or a few control servers. In a peer-to-peer model, the infected hosts are both clients and servers, and they control other hosts so that instead of isolating the few control servers, all the hosts need to be removed." } - ] + ], + "type": "ip" + } + ], + "correlationKey": "Rkso6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0s9Jk=" } - } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg2/providers/Microsoft.Security/locations/westeurope/alerts/2518765996949954086_2325cf9e-42a2-4f72-ae7f-9b863cba2d22", + "name": "2518765996949954086_2325cf9e-42a2-4f72-ae7f-9b863cba2d22", + "type": "Microsoft.Security/Locations/alerts", + "properties": { + "systemSource": "Azure", + "vendorName": "Microsoft", + "alertDisplayName": "Suspicious Screensaver process executed", + "alertName": "SuspiciousScreenSaver", + "detectedTimeUtc": "2018-05-07T13:51:45.0045913Z", + "description": "The process ‘%{process name}’ was observed executing from an uncommon location.\r\n\r\nFiles with the .scr extensions are screen saver files and are normally reside and execute from the Windows system directory.", + "remediationSteps": "1. Run Process Explorer and try to identify unknown running processes (see https://technet.microsoft.com/en-us/sysinternals/bb896653.aspx)\r\n2. Make sure the machine is completely updated and has an updated anti-malware application installed\r\n3. Run a full anti-malware scan and verify that the threat was removed\r\n4. Install and run Microsoft’s Malicious Software Removal Tool (see https://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx)\r\n5. Run Microsoft’s Autoruns utility and try to identify unknown applications that are configured to run at login (see https://technet.microsoft.com/en-us/sysinternals/bb963902.aspx)\r\n6. Escalate the alert to the information security team", + "actionTaken": "Detected", + "reportedSeverity": "Low", + "compromisedEntity": "vm2", + "associatedResource": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/myRg2/providers/microsoft.compute/virtualmachines/vm2", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "instanceId": "2325cf9e-42a2-4f72-ae7f-9b863cba2d22", + "extendedProperties": { + "domain name": "vm2", + "user name": "vm2\\contosoUser", + "process name": "c:\\users\\contosoUser\\scrsave.scr", + "command line": "c:\\users\\contosoUser\\scrsave.scr", + "parent process": "cmd.exe", + "process id": "0x4aec", + "account logon id": "0x61450d87", + "user SID": "S-1-5-21-2144575486-8928446540-5163864319-500", + "parent process id": "0x3c44", + "enrichment_tas_threat__reports": "{\"Kind\":\"MultiLink\",\"DisplayValueToUrlDictionary\":{\"Report: Suspicious Screen Saver Execution\":\"https://iflowreportsproda.blob.core.windows.net/reports/MSTI-TS-Suspicious-Screen-Saver-Execution.pdf?sv=2016-05-31&sr=b&sig=2igHPl764UM7aBHNaO9mPAnpzoXlwRw8YjpFLLuB2NE%3D&spr=https&st=2018-05-07T00%3A20%3A54Z&se=2018-05-08T00%3A35%3A54Z&sp=r\"}}", + "resourceType": "Virtual Machine" + }, + "state": "Active", + "reportedTimeUtc": "2018-05-07T13:51:48.3810457Z", + "workspaceArmId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/defaultresourcegroup-weu/providers/microsoft.operationalinsights/workspaces/defaultworkspace-21ff7fc3-e762-48dd-bd96-b551f6dcdd23-weu", + "confidenceScore": 0.3, + "confidenceReasons": [ + { + "type": "Process", + "reason": "Suspicious process execution history for this subscription" + }, + { + "type": "Process", + "reason": "Suspicious process execution history for this subscription" + }, + { + "type": "Process", + "reason": "cmd.exe appeared in multiple alerts of the same type" + } + ], + "canBeInvestigated": true, + "entities": [ + { + "dnsDomain": "", + "ntDomain": "", + "hostName": "vm2", + "netBiosName": "vm2", + "azureID": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourcegroups/myRg2/providers/microsoft.compute/virtualmachines/vm2", + "omsAgentID": "45b44640-3b94-4892-a28c-4a5cae27065a", + "operatingSystem": "Unknown", + "type": "host", + "OsVersion": null + }, + { + "name": "contosoUser", + "ntDomain": "vm2", + "logonId": "0x61450d87", + "sid": "S-1-5-21-2144575486-8928446540-5163864319-500", + "type": "account" + }, + { + "directory": "c:\\windows\\system32", + "name": "cmd.exe", + "type": "file" + }, + { + "processId": "0x3c44", + "type": "process" + }, + { + "directory": "c:\\users\\contosoUser", + "name": "scrsave.scr", + "type": "file" + }, + { + "processId": "0x4aec", + "commandLine": "c:\\users\\contosoUser\\scrsave.scr", + "creationTimeUtc": "2018-05-07T13:51:45.0045913Z", + "type": "process" + } + ], + "correlationKey": "4hno6LFWxzCll5tqrk4hnrBJ+MY1BX806W6q6+0srk4" + } + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/UpdateAlertResourceGroupLocation_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/UpdateAlertResourceGroupLocation_example.json index 76854926020d..5001c9c3838c 100644 --- a/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/UpdateAlertResourceGroupLocation_example.json +++ b/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/UpdateAlertResourceGroupLocation_example.json @@ -1,14 +1,13 @@ { - "parameters": { - "api-version": "2019-01-01", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "resourceGroupName": "myRg2", - "ascLocation": "westeurope", - "alertName": "2518765996949954086_2325cf9e-42a2-4f72-ae7f-9b863cba2d22", - "alertUpdateActionType": "Dismiss" - }, - "responses": { - "204": { - } - } -} \ No newline at end of file + "parameters": { + "api-version": "2019-01-01", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "resourceGroupName": "myRg2", + "ascLocation": "westeurope", + "alertName": "2518765996949954086_2325cf9e-42a2-4f72-ae7f-9b863cba2d22", + "alertUpdateActionType": "Dismiss" + }, + "responses": { + "204": {} + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/UpdateAlertSubscriptionLocation_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/UpdateAlertSubscriptionLocation_example.json index 8ddb873327c4..0a9b56f4f1e3 100644 --- a/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/UpdateAlertSubscriptionLocation_example.json +++ b/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Alerts/UpdateAlertSubscriptionLocation_example.json @@ -1,13 +1,12 @@ { - "parameters": { - "api-version": "2019-01-01", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "ascLocation": "westeurope", - "alertName": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", - "alertUpdateActionType": "Dismiss" - }, - "responses": { - "204": { - } - } -} \ No newline at end of file + "parameters": { + "api-version": "2019-01-01", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "ascLocation": "westeurope", + "alertName": "2518770965529163669_F144EE95-A3E5-42DA-A279-967D115809AA", + "alertUpdateActionType": "Dismiss" + }, + "responses": { + "204": {} + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Settings/GetSetting_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Settings/GetSetting_example.json index ecf99db3b5e5..31c7b88df1db 100644 --- a/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Settings/GetSetting_example.json +++ b/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Settings/GetSetting_example.json @@ -1,20 +1,20 @@ { - "parameters": { - "api-version": "2019-01-01", - "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", - "settingName": "MCAS" - }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/MCAS", - "name": "MCAS", - "kind": "DataExportSetting", - "type": "Microsoft.Security/settings", - "properties": { - "enabled": true - } - } + "parameters": { + "api-version": "2019-01-01", + "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23", + "settingName": "MCAS" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/MCAS", + "name": "MCAS", + "kind": "DataExportSetting", + "type": "Microsoft.Security/settings", + "properties": { + "enabled": true } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Settings/GetSettings_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Settings/GetSettings_example.json index 2b94584f383b..87d7aa5a6c58 100644 --- a/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Settings/GetSettings_example.json +++ b/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Settings/GetSettings_example.json @@ -3,30 +3,30 @@ "api-version": "2019-01-01", "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23" }, - "responses": { - "200": { - "body": { - "value": [ - { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/MCAS", - "name": "MCAS", - "kind": "DataExportSetting", - "type": "Microsoft.Security/settings", - "properties": { - "enabled": true - } - }, - { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/WDATP", - "name": "WDATP", - "kind": "DataExportSetting", - "type": "Microsoft.Security/settings", - "properties": { - "enabled": false - } - } - ] + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/MCAS", + "name": "MCAS", + "kind": "DataExportSetting", + "type": "Microsoft.Security/settings", + "properties": { + "enabled": true } - } + }, + { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/WDATP", + "name": "WDATP", + "kind": "DataExportSetting", + "type": "Microsoft.Security/settings", + "properties": { + "enabled": false + } + } + ] + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Settings/UpdateSetting_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Settings/UpdateSetting_example.json index cbe282694ddd..789ebb7d6219 100644 --- a/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Settings/UpdateSetting_example.json +++ b/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/examples/Settings/UpdateSetting_example.json @@ -13,17 +13,17 @@ } } }, - "responses": { - "200": { - "body": { - "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/MCAS", - "name": "MCAS", - "kind": "DataExportSetting", - "type": "Microsoft.Security/settings", - "properties": { - "enabled": true - } - } + "responses": { + "200": { + "body": { + "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/MCAS", + "name": "MCAS", + "kind": "DataExportSetting", + "type": "Microsoft.Security/settings", + "properties": { + "enabled": true } + } } -} \ No newline at end of file + } +} diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/settings.json b/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/settings.json index c5647e35897a..15e9f74f8d87 100644 --- a/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/settings.json +++ b/specification/security/resource-manager/Microsoft.Security/stable/2019-01-01/settings.json @@ -6,12 +6,20 @@ "version": "2019-01-01" }, "host": "management.azure.com", - "schemes": ["https"], - "consumes": ["application/json"], - "produces": ["application/json"], + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], "security": [ { - "azure_auth": ["user_impersonation"] + "azure_auth": [ + "user_impersonation" + ] } ], "securityDefinitions": { @@ -33,7 +41,9 @@ "$ref": "./examples/Settings/GetSettings_example.json" } }, - "tags": ["Settings"], + "tags": [ + "Settings" + ], "description": "Settings about different configurations in security center", "operationId": "Settings_List", "parameters": [ @@ -70,7 +80,9 @@ "$ref": "./examples/Settings/GetSetting_example.json" } }, - "tags": ["Settings"], + "tags": [ + "Settings" + ], "description": "Settings of different configurations in security center", "operationId": "Settings_Get", "parameters": [ @@ -105,7 +117,9 @@ "$ref": "./examples/Settings/UpdateSetting_example.json" } }, - "tags": ["Settings"], + "tags": [ + "Settings" + ], "description": "updating settings about different configurations in security center", "operationId": "Settings_Update", "parameters": [ @@ -193,7 +207,10 @@ "kind": { "type": "string", "description": "the kind of the settings string (DataExportSetting)", - "enum": ["DataExportSetting", "AlertSuppressionSetting"], + "enum": [ + "DataExportSetting", + "AlertSuppressionSetting" + ], "x-ms-enum": { "name": "SettingKind", "modelAsString": true, @@ -208,7 +225,9 @@ } } }, - "required": ["kind"], + "required": [ + "kind" + ], "allOf": [ { "$ref": "../../../common/v1/types.json#/definitions/Resource" @@ -224,7 +243,9 @@ "description": "Is the data export setting is enabled" } }, - "required": ["enabled"] + "required": [ + "enabled" + ] } }, "parameters": { @@ -234,7 +255,10 @@ "required": true, "type": "string", "description": "Name of setting: (MCAS/WDATP)", - "enum": ["MCAS", "WDATP"], + "enum": [ + "MCAS", + "WDATP" + ], "x-ms-parameter-location": "method" }, "Setting": { diff --git a/specification/security/resource-manager/common/v1/types.json b/specification/security/resource-manager/common/v1/types.json index d39288b12ec5..6afed51f7d77 100644 --- a/specification/security/resource-manager/common/v1/types.json +++ b/specification/security/resource-manager/common/v1/types.json @@ -141,7 +141,6 @@ "in": "query", "required": true, "type": "string", - "description": "API version for the operation" }, "AscLocation": {