From c454e104b394b7b9ddc238823e0dd5709aa99ebc Mon Sep 17 00:00:00 2001 From: Joshua McCarthy Date: Thu, 9 Dec 2021 10:15:13 -0800 Subject: [PATCH] Add version 2018-04-02 into IMDS Swagger (#16937) * Adding swagger for version 2020-12-01 * Reverting new version * Adds base for updating Microsoft.InstanceMetadataService from version stable/2018-10-01 to version 2018-04-02 * Updates readme * Updates API version in new specs and examples * Swagger for 2018-04-02 * Updating readme * Adding new versions to readme * ??? * Small json change to rebuild Co-authored-by: jmccarthy --- .../2018-04-02/examples/getIdentityInfo.json | 43 ++ .../2018-04-02/examples/getIdentityToken.json | 50 ++ .../examples/getInstanceMetadata.json | 81 +++ .../stable/2018-04-02/imds.json | 661 ++++++++++++++++++ specification/imds/data-plane/readme.md | 31 +- 5 files changed, 864 insertions(+), 2 deletions(-) create mode 100644 specification/imds/data-plane/Microsoft.InstanceMetadataService/stable/2018-04-02/examples/getIdentityInfo.json create mode 100644 specification/imds/data-plane/Microsoft.InstanceMetadataService/stable/2018-04-02/examples/getIdentityToken.json create mode 100644 specification/imds/data-plane/Microsoft.InstanceMetadataService/stable/2018-04-02/examples/getInstanceMetadata.json create mode 100644 specification/imds/data-plane/Microsoft.InstanceMetadataService/stable/2018-04-02/imds.json diff --git a/specification/imds/data-plane/Microsoft.InstanceMetadataService/stable/2018-04-02/examples/getIdentityInfo.json b/specification/imds/data-plane/Microsoft.InstanceMetadataService/stable/2018-04-02/examples/getIdentityInfo.json new file mode 100644 index 000000000000..d1c5a7de7340 --- /dev/null +++ b/specification/imds/data-plane/Microsoft.InstanceMetadataService/stable/2018-04-02/examples/getIdentityInfo.json @@ -0,0 +1,43 @@ +{ + "parameters": { + "api-version": "2018-04-02", + "Metadata": "true" + }, + "responses": { + "200": { + "body": { + "tenantId": "abd8daee-d393-4239-9377-883adda3d40f" + } + }, + "400": { + "body": { + "error": "invalid_request", + "error_description": "Bad request" + } + }, + "404": { + "body": { + "error": "not_found", + "error_description": "Not found" + } + }, + "405": { + "body": { + "error": "method_not_allowed", + "error_description": "Not allowed" + } + }, + "429": { + "body": { + "error": "too_many_requests", + "error_description": "Too many requests" + } + }, + "500": { + "body": { + "error": "server_error", + "error_description": "Server error" + } + } + } +} diff --git a/specification/imds/data-plane/Microsoft.InstanceMetadataService/stable/2018-04-02/examples/getIdentityToken.json b/specification/imds/data-plane/Microsoft.InstanceMetadataService/stable/2018-04-02/examples/getIdentityToken.json new file mode 100644 index 000000000000..8280c2203bf8 --- /dev/null +++ b/specification/imds/data-plane/Microsoft.InstanceMetadataService/stable/2018-04-02/examples/getIdentityToken.json @@ -0,0 +1,50 @@ +{ + "parameters": { + "api-version": "2018-04-02", + "Metadata": "true", + "resource": "https://vault.azure.net" + }, + "responses": { + "200": { + "body": { + "access_token": "dummytoken", + "client_id": "be5947ed-3560-4afe-9504-59967a63f810", + "expires_in": "3599", + "expires_on": "1541705014", + "ext_expires_in": "262800", + "not_before": "1508961830", + "resource": "https://va" + } + }, + "400": { + "body": { + "error": "invalid_request", + "error_description": "Bad request" + } + }, + "404": { + "body": { + "error": "not_found", + "error_description": "Not found" + } + }, + "405": { + "body": { + "error": "method_not_allowed", + "error_description": "Not allowed" + } + }, + "429": { + "body": { + "error": "too_many_requests", + "error_description": "Too many requests" + } + }, + "500": { + "body": { + "error": "server_error", + "error_description": "Server error" + } + } + } +} diff --git a/specification/imds/data-plane/Microsoft.InstanceMetadataService/stable/2018-04-02/examples/getInstanceMetadata.json b/specification/imds/data-plane/Microsoft.InstanceMetadataService/stable/2018-04-02/examples/getInstanceMetadata.json new file mode 100644 index 000000000000..325fe0419165 --- /dev/null +++ b/specification/imds/data-plane/Microsoft.InstanceMetadataService/stable/2018-04-02/examples/getInstanceMetadata.json @@ -0,0 +1,81 @@ +{ + "parameters": { + "api-version": "2018-04-02", + "Metadata": "true" + }, + "responses": { + "200": { + "body": { + "compute": { + "location": "eastus", + "name": "examplevmname", + "offer": "Windows", + "osType": "linux", + "placementGroupId": "f67c14ab-e92c-408c-ae2d-da15866ec79a", + "plan": { + "name": "planName", + "product": "planProduct", + "publisher": "planPublisher" + }, + "platformFaultDomain": "36", + "platformUpdateDomain": "42", + "publicKeys": [ + { + "keyData": "ssh-rsa 0", + "path": "/home/user/.ssh/authorized_keys0" + }, + { + "keyData": "ssh-rsa 1", + "path": "/home/user/.ssh/authorized_keys1" + } + ], + "publisher": "RDFE-Test-Microsoft-Windows-Server-Group", + "resourceGroupName": "macikgo-test-may-23", + "sku": "Windows-Server-2012-R2-Datacenter", + "subscriptionId": "8d10da13-8125-4ba9-a717-bf7490507b3d", + "tags": "baz:bash;foo:bar", + "version": "15.05.22", + "vmId": "02aab8a4-74ef-476e-8182-f6d2ba4166a6", + "vmScaleSetName": "crpteste9vflji9", + "vmSize": "Standard_A3", + "zone": "" + } + } + }, + "400": { + "body": { + "error": "Bad request" + } + }, + "403": { + "body": { + "error": "Forbidden" + } + }, + "404": { + "body": { + "error": "Not found" + } + }, + "405": { + "body": { + "error": "Not allowed" + } + }, + "429": { + "body": { + "error": "Too many requests" + } + }, + "503": { + "body": { + "error": "Service unavailable" + } + }, + "500": { + "body": { + "error": "Server error" + } + } + } +} diff --git a/specification/imds/data-plane/Microsoft.InstanceMetadataService/stable/2018-04-02/imds.json b/specification/imds/data-plane/Microsoft.InstanceMetadataService/stable/2018-04-02/imds.json new file mode 100644 index 000000000000..a3a364e6dd8f --- /dev/null +++ b/specification/imds/data-plane/Microsoft.InstanceMetadataService/stable/2018-04-02/imds.json @@ -0,0 +1,661 @@ +{ + "swagger": "2.0", + "info": { + "title": "InstanceMetadataClient", + "description": "The Azure Instance Metadata Client", + "version": "2018-04-02" + }, + "host": "169.254.169.254", + "basePath": "/metadata", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/instance": { + "get": { + "operationId": "Instances_GetMetadata", + "description": "Get Instance Metadata for the Virtual Machine.", + "parameters": [ + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/MetadataParameter" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/Instance" + } + }, + "400": { + "description": "Invalid request", + "schema": { + "$ref": "#/definitions/ErrorResponse" + } + }, + "403": { + "description": "Forbidden", + "schema": { + "$ref": "#/definitions/ErrorResponse" + } + }, + "404": { + "description": "Not found", + "schema": { + "$ref": "#/definitions/ErrorResponse" + } + }, + "405": { + "description": "Method not allowed", + "schema": { + "$ref": "#/definitions/ErrorResponse" + } + }, + "429": { + "description": "Too many requests", + "schema": { + "$ref": "#/definitions/ErrorResponse" + } + }, + "503": { + "description": "Service unavailable", + "schema": { + "$ref": "#/definitions/ErrorResponse" + } + }, + "500": { + "description": "Server error", + "schema": { + "$ref": "#/definitions/ErrorResponse" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Get Instance Metadata for the VM": { + "$ref": "./examples/getInstanceMetadata.json" + } + } + } + }, + "/identity/oauth2/token": { + "get": { + "tags": [ + "Get token" + ], + "description": "Get a Token from Azure AD", + "operationId": "Identity_GetToken", + "produces": [ + "application/json" + ], + "parameters": [ + { + "$ref": "#/parameters/MetadataParameter" + }, + { + "name": "resource", + "in": "query", + "type": "string", + "description": "This is the urlencoded identifier URI of the sink resource for the requested Azure AD token. The resulting token contains the corresponding aud for this resource.", + "required": true + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "name": "client_id", + "in": "query", + "type": "string", + "description": "This identifies, by Azure AD client id, a specific explicit identity to use when authenticating to Azure AD. Mutually exclusive with object_id and msi_res_id.", + "required": false + }, + { + "name": "object_id", + "in": "query", + "type": "string", + "description": "This identifies, by Azure AD object id, a specific explicit identity to use when authenticating to Azure AD. Mutually exclusive with client_id and msi_res_id.", + "required": false + }, + { + "name": "msi_res_id", + "in": "query", + "type": "string", + "description": "This identifies, by urlencoded ARM resource id, a specific explicit identity to use when authenticating to Azure AD. Mutually exclusive with client_id and object_id.", + "required": false + }, + { + "name": "authority", + "in": "query", + "type": "string", + "description": "This indicates the authority to request AAD tokens from. Defaults to the known authority of the identity to be used.", + "required": false + }, + { + "name": "bypass_cache", + "in": "query", + "type": "string", + "enum": [ + "true" + ], + "description": "If provided, the value must be 'true'. This indicates to the server that the token must be retrieved from Azure AD and cannot be retrieved from an internal cache.", + "required": false, + "x-ms-enum": { + "name": "BypassCache", + "modelAsString": true + } + } + ], + "responses": { + "200": { + "description": "Successful operation", + "schema": { + "$ref": "#/definitions/IdentityTokenResponse" + } + }, + "400": { + "description": "Invalid request", + "schema": { + "$ref": "#/definitions/IdentityErrorResponse" + } + }, + "404": { + "description": "Not found", + "schema": { + "$ref": "#/definitions/IdentityErrorResponse" + } + }, + "405": { + "description": "Method not allowed", + "schema": { + "$ref": "#/definitions/IdentityErrorResponse" + } + }, + "429": { + "description": "Too many requests", + "schema": { + "$ref": "#/definitions/IdentityErrorResponse" + } + }, + "500": { + "description": "Server error", + "schema": { + "$ref": "#/definitions/IdentityErrorResponse" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/IdentityErrorResponse" + } + } + }, + "x-ms-examples": { + "Get Identity Token for the VM": { + "$ref": "./examples/getIdentityToken.json" + } + } + } + }, + "/identity/info": { + "get": { + "tags": [ + "Get metadata information" + ], + "description": "Get information about AAD Metadata", + "operationId": "Identity_GetInfo", + "produces": [ + "application/json" + ], + "parameters": [ + { + "$ref": "#/parameters/MetadataParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "Successful operation", + "schema": { + "$ref": "#/definitions/IdentityInfoResponse" + } + }, + "400": { + "description": "Invalid request", + "schema": { + "$ref": "#/definitions/IdentityErrorResponse" + } + }, + "404": { + "description": "Not found", + "schema": { + "$ref": "#/definitions/IdentityErrorResponse" + } + }, + "405": { + "description": "Method not allowed", + "schema": { + "$ref": "#/definitions/IdentityErrorResponse" + } + }, + "429": { + "description": "Too many requests", + "schema": { + "$ref": "#/definitions/IdentityErrorResponse" + } + }, + "500": { + "description": "Server error", + "schema": { + "$ref": "#/definitions/IdentityErrorResponse" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/IdentityErrorResponse" + } + } + }, + "x-ms-examples": { + "Get Identity Info for the VM": { + "$ref": "./examples/getIdentityInfo.json" + } + } + } + } + }, + "definitions": { + "Compute": { + "type": "object", + "properties": { + "location": { + "type": "string", + "description": "This is the Azure Region in which the VM is running." + }, + "name": { + "type": "string", + "description": "This is the name of the VM." + }, + "offer": { + "type": "string", + "description": "This is the offer information for the VM image. This value is only present for images deployed from the Azure Image Gallery." + }, + "osType": { + "type": "string", + "description": "This value indicates the type of OS the VM is running, either Linux or Windows." + }, + "placementGroupId": { + "type": "string", + "description": "This is the placement group of your Virtual Machine Scale Set." + }, + "plan": { + "type": "object", + "description": "This contains the data about the plan.", + "$ref": "#/definitions/PlanProperties" + }, + "publicKeys": { + "type": "array", + "items": { + "$ref": "#/definitions/PublicKeysProperties" + }, + "description": "This is information about the SSH certificate" + }, + "platformFaultDomain": { + "type": "string", + "description": "This is the fault domain in which the VM." + }, + "platformUpdateDomain": { + "type": "string", + "description": "This is the update domain in which the VM." + }, + "publisher": { + "type": "string", + "description": "This is the publisher of the VM image." + }, + "resourceGroupName": { + "type": "string", + "description": "This is the resource group for the VM." + }, + "sku": { + "type": "string", + "description": "This is the specific SKU for the VM image." + }, + "subscriptionId": { + "type": "string", + "description": "This is the Azure subscription for the VM." + }, + "tags": { + "type": "string", + "description": "This is the list of tags for your VM." + }, + "version": { + "type": "string", + "description": "This is the version of the VM image." + }, + "vmId": { + "type": "string", + "description": "This is the unique identifier for the VM." + }, + "vmScaleSetName": { + "type": "string", + "description": "This is the resource name of the VMSS." + }, + "vmSize": { + "type": "string", + "description": "This is the size of the VM." + }, + "zone": { + "type": "string", + "description": "This is the availability zone of the VM." + } + }, + "description": "Compute Metadata" + }, + "Network": { + "type": "object", + "properties": { + "interface": { + "type": "array", + "description": "This contains data about the network interface.", + "items": { + "type": "object", + "$ref": "#/definitions/NetworkInterface" + } + } + }, + "description": "Network Metadata" + }, + "NetworkInterface": { + "type": "object", + "description": "This contains data about the network interface.", + "properties": { + "ipv4": { + "type": "object", + "description": "This contains the IPv4 address.", + "properties": { + "ipAddress": { + "type": "array", + "description": "This is the IP address", + "items": { + "type": "object", + "description": "This contains the IPv4 properties.", + "$ref": "#/definitions/Ipv4Properties" + } + }, + "subnet": { + "type": "array", + "description": "This is the subnet", + "items": { + "type": "object", + "description": "This contains the subnet properties.", + "$ref": "#/definitions/SubnetProperties" + } + } + } + }, + "ipv6": { + "type": "object", + "description": "This contains the IPv6 address.", + "properties": { + "ipAddress": { + "type": "array", + "description": "This is the IP address", + "items": { + "type": "object", + "description": "This contains the IPv6 properties.", + "$ref": "#/definitions/Ipv6Properties" + } + } + } + }, + "macAddress": { + "type": "string", + "description": "This is the MAC address of the interface." + } + } + }, + "PlanProperties": { + "type": "object", + "description": "This contains the data about the plan.", + "properties": { + "name": { + "type": "string", + "description": "This is the Plan ID." + }, + "publisher": { + "type": "string", + "description": "This is the publisher ID." + }, + "product": { + "type": "string", + "description": "This is the product of the image from the Marketplace." + } + } + }, + "PublicKeysProperties": { + "type": "object", + "description": "This contains the data about the public key.", + "properties": { + "path": { + "type": "string", + "description": "This specifies the full path on the VM where the SSH public key is stored." + }, + "keyData": { + "type": "string", + "description": "This is the SSH public key certificate used to authenticate with the VM." + } + } + }, + "Ipv4Properties": { + "type": "object", + "description": "This contains the IPv4 properties.", + "properties": { + "privateIpAddress": { + "type": "string", + "description": "This is the private IP address assigned to the interface." + }, + "publicIpAddress": { + "type": "string", + "description": "This is the public IP address assigned to the interface." + } + } + }, + "Ipv6Properties": { + "type": "object", + "description": "This contains the IPv6 properties.", + "properties": { + "privateIpAddress": { + "type": "string", + "description": "This is the private IPv6 address assigned to the interface." + } + } + }, + "SubnetProperties": { + "type": "object", + "description": "This contains the properties of the subnet.", + "properties": { + "address": { + "type": "string", + "description": "This is the address range of the subnet." + }, + "prefix": { + "type": "string", + "description": "This is the prefix of the subnet." + } + } + }, + "Instance": { + "type": "object", + "description": "This is the response from the Instance_GetMetadata operation.", + "properties": { + "compute": { + "$ref": "#/definitions/Compute", + "description": "Compute Metadata" + }, + "network": { + "$ref": "#/definitions/Network", + "description": "Network Metadata" + } + } + }, + "ErrorResponse": { + "description": "This is the response from an operation in the case an error occurs.", + "type": "object", + "properties": { + "error": { + "description": "Error message indicating why the operation failed.", + "type": "string" + } + } + }, + "IdentityErrorResponse": { + "type": "object", + "description": "This is the response from an Identity operation in the case an error occurs.", + "properties": { + "error": { + "type": "string", + "description": "Error code", + "enum": [ + "invalid_request", + "unauthorized_client", + "access_denied", + "unsupported_response_type", + "invalid_scope", + "server_error", + "service_unavailable", + "bad_request", + "forbidden", + "not_found", + "method_not_allowed", + "too_many_requests" + ], + "x-ms-enum": { + "name": "Error", + "modelAsString": true + } + }, + "error_description": { + "type": "string", + "description": "Error message indicating why the operation failed." + } + } + }, + "IdentityTokenResponse": { + "type": "object", + "description": "This is the response from the Identity_GetToken operation.", + "properties": { + "access_token": { + "type": "string", + "description": "This is the requested access token. The app can use this token to authenticate to the sink resource." + }, + "expires_in": { + "type": "string", + "description": "This is how long the access token is valid (in seconds)." + }, + "expires_on": { + "type": "string", + "description": "This is the time when the access token expires. The date is represented as the number of seconds from 1970-01-01T0:0:0Z UTC until the expiration time. This value is used to determine the lifetime of cached tokens." + }, + "ext_expires_in": { + "type": "string", + "description": "This indicates the extended lifetime of the token." + }, + "not_before": { + "type": "string", + "description": "This is the time when the access token becomes effective. The date is represented as the number of seconds from 1970-01-01T0:0:0Z UTC until the expiration time." + }, + "resource": { + "type": "string", + "description": "This is the app ID URI of the sink resource." + }, + "token_type": { + "type": "string", + "description": "This indicates the token type value." + }, + "client_id": { + "type": "string", + "description": "This is the client_id specified in the request, if any." + }, + "object_id": { + "type": "string", + "description": "This is the object_id specified in the request, if any." + }, + "msi_res_id": { + "type": "string", + "description": "This is the msi_res_id specified in the request, if any." + } + } + }, + "IdentityInfoResponse": { + "type": "object", + "description": "This is the response from the Identity_GetInfo operation.", + "properties": { + "tenantId": { + "type": "string", + "description": "This is the AAD tenantId of the identity of the caller." + } + } + } + }, + "parameters": { + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "type": "string", + "enum": [ + "2018-04-02" + ], + "description": "This is the API version to use.", + "required": true, + "x-ms-enum": { + "name": "ApiVersion", + "modelAsString": true + } + }, + "MetadataParameter": { + "name": "Metadata", + "in": "header", + "type": "string", + "enum": [ + "true" + ], + "description": "This must be set to 'true'.", + "required": true, + "x-ms-parameter-location": "method" + } + } +} diff --git a/specification/imds/data-plane/readme.md b/specification/imds/data-plane/readme.md index 4dfb278c21cb..23890c56c090 100644 --- a/specification/imds/data-plane/readme.md +++ b/specification/imds/data-plane/readme.md @@ -27,7 +27,16 @@ These are the global settings for the Instance Metadata Service API. ``` yaml openapi-type: data-plane azure-arm: false -tag: package-2021-02-01 +tag: package-2021-05-01 +``` + +### Tag: package-2018-04-02 + +These settings apply only when `--tag=package-2018-04-02` is specified on the command line. + +```yaml $(tag) == 'package-2018-04-02' +input-file: + - Microsoft.InstanceMetadataService/stable/2018-04-02/imds.json ``` ### Tag: package-2018-10-01 @@ -196,6 +205,22 @@ input-file: ``` yaml directive: + - suppress: DefinitionsPropertiesNamesCamelCase + reason: The following properties follow the Oath2 spec, which does not use camelCase. + from: Microsoft.InstanceMetadataService/stable/2018-04-02/imds.json + where: + - $.definitions.IdentityTokenResponse.properties.access_token + - $.definitions.IdentityTokenResponse.properties.expires_in + - $.definitions.IdentityTokenResponse.properties.expires_on + - $.definitions.IdentityTokenResponse.properties.ext_expires_in + - $.definitions.IdentityTokenResponse.properties.not_before + - $.definitions.IdentityTokenResponse.properties.resource + - $.definitions.IdentityTokenResponse.properties.token_type + - $.definitions.IdentityTokenResponse.properties.client_id + - $.definitions.IdentityTokenResponse.properties.object_id + - $.definitions.IdentityTokenResponse.properties.msi_res_id + - $.definitions.IdentityErrorResponse.properties.error_description + - suppress: DefinitionsPropertiesNamesCamelCase reason: The following properties follow the Oath2 spec, which does not use camelCase. from: Microsoft.InstanceMetadataService/stable/2018-10-01/imds.json @@ -536,6 +561,7 @@ require: $(this-folder)/../../../profiles/readme.md # all the input files across all versions input-file: + - $(this-folder)/Microsoft.InstanceMetadataService/stable/2018-04-02/imds.json - $(this-folder)/Microsoft.InstanceMetadataService/stable/2018-10-01/imds.json - $(this-folder)/Microsoft.InstanceMetadataService/stable/2019-02-01/imds.json - $(this-folder)/Microsoft.InstanceMetadataService/stable/2019-03-11/imds.json @@ -552,7 +578,8 @@ input-file: - $(this-folder)/Microsoft.InstanceMetadataService/stable/2020-12-01/imds.json - $(this-folder)/Microsoft.InstanceMetadataService/stable/2021-01-01/imds.json - $(this-folder)/Microsoft.InstanceMetadataService/stable/2021-02-01/imds.json - + - $(this-folder)/Microsoft.InstanceMetadataService/stable/2021-03-01/imds.json + - $(this-folder)/Microsoft.InstanceMetadataService/stable/2021-05-01/imds.json ``` If there are files that should not be in the `all-api-versions` set,