From 6ffc12b3c1aca496513e756fe485f7d06cea659c Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Thu, 21 Jan 2021 02:41:03 +0530 Subject: [PATCH 01/13] PIM API Specs --- .../PrivilegedRolePolicy.json | 745 ++++++++++ .../PrivilegedRolePolicyAssignment.json | 323 +++++ .../RoleAssignmentSchedule.json | 353 +++++ .../RoleAssignmentScheduleInstance.json | 360 +++++ .../RoleAssignmentScheduleRequest.json | 513 +++++++ .../RoleEligibilitySchedule.json | 337 +++++ .../RoleEligibilityScheduleInstance.json | 336 +++++ .../RoleEligibilityScheduleRequest.json | 509 +++++++ ...elRoleAssignmentScheduleRequestByName.json | 10 + ...lRoleEligibilityScheduleRequestByName.json | 10 + .../examples/DeletePrivilegedRolePolicy.json | 11 + .../DeletePrivilegedRolePolicyAssignment.json | 11 + ...tPrivilegedRolePolicyAssignmentByName.json | 21 + ...PrivilegedRolePolicyAssignmentByScope.json | 24 + .../GetPrivilegedRolePolicyByName.json | 813 +++++++++++ .../GetPrivilegedRolePolicyByScope.json | 816 +++++++++++ .../GetRoleAssignmentScheduleByName.json | 33 + ...tRoleAssignmentScheduleInstanceByName.json | 34 + ...oleAssignmentScheduleInstancesByScope.json | 38 + ...etRoleAssignmentScheduleRequestByName.json | 44 + ...tRoleAssignmentScheduleRequestByScope.json | 46 + .../GetRoleAssignmentSchedulesByScope.json | 37 + .../GetRoleEligibilityScheduleByName.json | 31 + ...RoleEligibilityScheduleInstanceByName.json | 30 + ...leEligibilityScheduleInstancesByScope.json | 34 + ...tRoleEligibilityScheduleRequestByName.json | 44 + ...RoleEligibilityScheduleRequestByScope.json | 48 + .../GetRoleEligibilitySchedulesByScope.json | 35 + .../examples/PutPrivilegedRolePolicy.json | 1214 +++++++++++++++++ .../PutPrivilegedRolePolicyAssignment.json | 28 + .../PutRoleAssignmentScheduleRequest.json | 62 + .../PutRoleEligibilityScheduleRequest.json | 61 + .../authorization/resource-manager/readme.md | 22 + 33 files changed, 7033 insertions(+) create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicy.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicyAssignment.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentSchedule.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleInstance.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleRequest.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilitySchedule.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleInstance.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleRequest.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/CancelRoleAssignmentScheduleRequestByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/CancelRoleEligibilityScheduleRequestByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/DeletePrivilegedRolePolicy.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/DeletePrivilegedRolePolicyAssignment.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyAssignmentByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyAssignmentByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleAssignmentScheduleByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleAssignmentScheduleInstanceByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleAssignmentScheduleInstancesByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleAssignmentScheduleRequestByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleAssignmentScheduleRequestByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleAssignmentSchedulesByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleEligibilityScheduleByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleEligibilityScheduleInstanceByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleEligibilityScheduleInstancesByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleEligibilityScheduleRequestByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleEligibilityScheduleRequestByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleEligibilitySchedulesByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutPrivilegedRolePolicy.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutPrivilegedRolePolicyAssignment.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutRoleAssignmentScheduleRequest.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutRoleEligibilityScheduleRequest.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicy.json new file mode 100644 index 000000000000..600393241516 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicy.json @@ -0,0 +1,745 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01-preview", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/privilegedRolePolicies/{privilegedRolePolicyName}": { + "get": { + "tags": [ + "privilegedRolePolicies" + ], + "operationId": "privilegedRolePolicies_Get", + "description": "Get the specified role management policy for a resource scope", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role management policy.", + "x-ms-skip-url-encoding": true + }, + { + "name": "privilegedRolePolicyName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (guid) of the role management policy to get." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role management policy.", + "schema": { + "$ref": "#/definitions/PrivilegedRolePolicy" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetPrivilegedRolePolicyByName": { + "$ref": "./examples/GetPrivilegedRolePolicyByName.json" + } + } + }, + "put": { + "tags": [ + "privilegedRolePolicies" + ], + "operationId": "PrivilegedRolePolicies_Update", + "description": "Update or create a role management policy", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role management policy to upsert.", + "x-ms-skip-url-encoding": true + }, + { + "name": "privilegedRolePolicyName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (guid) of the role management policy to upsert." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/PrivilegedRolePolicy" + }, + "description": "Parameters for the role management policy." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns the created or updated policy.", + "schema": { + "$ref": "#/definitions/PrivilegedRolePolicy" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "PutPrivilegedRolePolicy": { + "$ref": "./examples/PutPrivilegedRolePolicy.json" + } + } + }, + "delete": { + "tags": [ + "privilegedRolePolicies" + ], + "operationId": "PrivilegedRolePolicies_Delete", + "description": "Delete a role management policy", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role management policy to upsert.", + "x-ms-skip-url-encoding": true + }, + { + "name": "privilegedRolePolicyName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (guid) of the role management policy to upsert." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Successfully deleted the policy." + }, + "204": { + "description": "NoContent - policy does not exists." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "DeletePrivilegedRolePolicy": { + "$ref": "./examples/DeletePrivilegedRolePolicy.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/privilegedRolePolicies": { + "get": { + "tags": [ + "privilegedRolePolicies" + ], + "operationId": "privilegedRolePolicies_ListForScope", + "description": "Gets role management policies for a resource scope.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role management policy.", + "x-ms-skip-url-encoding": true + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role management policies.", + "schema": { + "$ref": "#/definitions/PrivilegedRolePolicyListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "GetPrivilegedRolePolicyByRoleDefinitionFilter": { + "$ref": "./examples/GetPrivilegedRolePolicyByScope.json" + } + } + } + } + }, + "definitions": { + "PrivilegedRolePolicyProperties": { + "properties": { + "scope": { + "type": "string", + "description": "The role management policy scope." + }, + "displayName": { + "type": "string", + "description": "The role management policy display name." + }, + "description": { + "type": "string", + "description": "The role management policy description." + }, + "isOrganizationDefault": { + "type": "boolean", + "description": "The role management policy is default policy." + }, + "lastUpdatedDateTime": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "The last updated date time." + }, + "rules": { + "type": "array", + "items": { + "$ref": "#/definitions/PrivilegedRolePolicyRule" + }, + "description": "The rule applied to the policy." + }, + "effectiveRules": { + "type": "array", + "items": { + "$ref": "#/definitions/PrivilegedRolePolicyRule" + }, + "readOnly": true, + "description": "The readonly computed rule applied to the policy." + } + }, + "description": "Role management policy properties with scope." + }, + "PrivilegedRolePolicy": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role management policy Id." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role management policy name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role management policy type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/PrivilegedRolePolicyProperties", + "description": "Role management policy properties." + } + }, + "description": "Role management policy" + }, + "PrivilegedRolePolicyListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/PrivilegedRolePolicy" + }, + "description": "Role management policy list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "description": "Role management policy list operation result." + }, + "PrivilegedRolePolicyRule": { + "description": "The role management policy rule.", + "type": "object", + "required": [ + "ruleType" + ], + "discriminator": "ruleType", + "properties": { + "id": { + "type": "string", + "description": "The id of the rule." + }, + "ruleType": { + "description": "The type of rule", + "$ref": "#/definitions/PrivilegedRolePolicyRuleType" + }, + "target": { + "$ref": "#/definitions/PrivilegedRolePolicyRuleTarget", + "description": "The target of the current rule." + } + } + }, + "PrivilegedRolePolicyApprovalRule": { + "description": "The role management policy rule.", + "allOf": [ + { + "$ref": "#/definitions/PrivilegedRolePolicyRule" + } + ], + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the rule." + }, + "ruleType": { + "description": "The type of rule", + "$ref": "#/definitions/PrivilegedRolePolicyRuleType" + }, + "target": { + "$ref": "#/definitions/PrivilegedRolePolicyRuleTarget", + "description": "The target of the current rule." + }, + "setting": { + "$ref": "#/definitions/ApprovalSettings", + "description": "The approval setting" + } + } + }, + "ApprovalSettings": { + "description": "The approval settings.", + "type": "object", + "properties": { + "isApprovalRequired": { + "type": "boolean", + "description": "Determine whether approval is required or not." + }, + "isApprovalRequiredForExtension": { + "type": "boolean", + "description": "Determine whether approval is required for assignment extension." + }, + "isRequestorJustificationRequired": { + "type": "boolean", + "description": "Determine whether requestor justification required." + }, + "approvalMode": { + "type": "string", + "description": "The type of rule", + "enum": [ + "SingleStage", + "Serial", + "Parallel", + "NoApproval" + ], + "x-ms-enum": { + "name": "ApprovalMode", + "modelAsString": true + } + }, + "approvalStages": { + "type": "array", + "items": { + "$ref": "#/definitions/ApprovalStage" + }, + "description": "The approval stages of the request." + } + } + }, + "ApprovalStage": { + "description": "The approval stage.", + "type": "object", + "properties": { + "approvalStageTimeOutInDays": { + "type": "integer", + "format": "int32", + "description": "The time in days when approval request would be timed out." + }, + "isApproverJustificationRequired": { + "type": "boolean", + "description": "Determine whether approver need to provide justification for his decision." + }, + "escalationTimeInMinutes": { + "type": "integer", + "format": "int32", + "description": "The time in minutes when the approval request would be escalated if the primary approver does not approves." + }, + "primaryApprovers": { + "type": "array", + "description": "The primary approver of the request.", + "items": { + "$ref": "#/definitions/UserSet" + } + }, + "isEscalationEnabled": { + "type": "boolean", + "description": "The value determine whether escalation feature is enabled." + }, + "escalationApprovers": { + "type": "array", + "description": "The escalation approver of the request.", + "items": { + "$ref": "#/definitions/UserSet" + } + } + } + }, + "UserSet": { + "description": "The detail of a user.", + "type": "object", + "required": [ + "userType" + ], + "discriminator": "userType", + "properties": { + "userType": { + "type": "string", + "description": "The object id of the user." + }, + "isBackup": { + "type": "boolean", + "description": "The value indicating whether the user is a backup fallback approver" + } + } + }, + "SingleUser": { + "description": "The detail of a user.", + "allOf": [ + { + "$ref": "#/definitions/UserSet" + } + ], + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The object id of the user." + }, + "description": { + "type": "string", + "description": "The description of the user." + } + } + }, + "GroupMembers": { + "description": "The detail of a group.", + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The object id of the user." + }, + "description": { + "type": "string", + "description": "The description of the user." + }, + "isBackup": { + "type": "boolean", + "description": "The value indicating whether the user is a backup fallback approver" + } + } + }, + "PrivilegedRolePolicyAuthenticationContextRule": { + "description": "The role management policy rule.", + "allOf": [ + { + "$ref": "#/definitions/PrivilegedRolePolicyRule" + } + ], + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the rule." + }, + "ruleType": { + "description": "The type of rule", + "$ref": "#/definitions/PrivilegedRolePolicyRuleType" + }, + "target": { + "$ref": "#/definitions/PrivilegedRolePolicyRuleTarget", + "description": "The target of the current rule." + }, + "isEnabled": { + "type": "boolean", + "description": "The value indicating if rule is enabled." + }, + "claimValue": { + "type": "string", + "description": "The claim value." + } + } + }, + "PrivilegedRolePolicyEnablementRule": { + "description": "The role management policy rule.", + "allOf": [ + { + "$ref": "#/definitions/PrivilegedRolePolicyRule" + } + ], + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the rule." + }, + "ruleType": { + "description": "The type of rule", + "$ref": "#/definitions/PrivilegedRolePolicyRuleType" + }, + "target": { + "$ref": "#/definitions/PrivilegedRolePolicyRuleTarget", + "description": "The target of the current rule." + }, + "enabledRules": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of enabled rules." + } + } + }, + "PrivilegedRolePolicyExpirationRule": { + "description": "The role management policy rule.", + "allOf": [ + { + "$ref": "#/definitions/PrivilegedRolePolicyRule" + } + ], + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the rule." + }, + "ruleType": { + "description": "The type of rule", + "$ref": "#/definitions/PrivilegedRolePolicyRuleType" + }, + "target": { + "$ref": "#/definitions/PrivilegedRolePolicyRuleTarget", + "description": "The target of the current rule." + }, + "isExpirationRequired": { + "type": "boolean", + "description": "The value indicating whether expiration is required." + }, + "maximumDuration": { + "type": "string", + "description": "The maximum duration of expiration in timespan." + } + } + }, + "PrivilegedRolePolicyNotificationRule": { + "description": "The role management policy rule.", + "allOf": [ + { + "$ref": "#/definitions/PrivilegedRolePolicyRule" + } + ], + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The id of the rule." + }, + "ruleType": { + "description": "The type of rule", + "$ref": "#/definitions/PrivilegedRolePolicyRuleType" + }, + "target": { + "$ref": "#/definitions/PrivilegedRolePolicyRuleTarget", + "description": "The target of the current rule." + }, + "notificationType": { + "type": "string", + "description": "The type of notification.", + "enum": [ + "Email" + ], + "x-ms-enum": { + "name": "NotificationDeliveryMechanism", + "modelAsString": true + } + }, + "notificationLevel": { + "type": "string", + "description": "The notification level.", + "enum": [ + "NONE", + "CRITICAL", + "ALL" + ], + "x-ms-enum": { + "name": "NotificationLevel", + "modelAsString": true + } + }, + "recipientType": { + "type": "string", + "description": "The recipient type.", + "enum": [ + "Requestor", + "Approver", + "Admin" + ], + "x-ms-enum": { + "name": "RecipientType", + "modelAsString": true + } + }, + "notificationRecipients": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list notification recipients." + } + } + }, + "PrivilegedRolePolicyRuleTarget": { + "description": "The role management policy rule target.", + "type": "object", + "properties": { + "caller": { + "type": "string", + "description": "The caller of the setting." + }, + "operations": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The type of operation." + }, + "level": { + "type": "string", + "description": "The assignment level to which it is applied." + }, + "targetObjects": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of target objects." + }, + "inheritableSettings": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of inheritable settings." + }, + "enforcedSettings": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of enforced settings." + } + } + }, + "PrivilegedRolePolicyRuleType": { + "type": "string", + "description": "The type of rule", + "enum": [ + "PrivilegedRolePolicyApprovalRule", + "PrivilegedRolePolicyAuthenticationContextRule", + "PrivilegedRolePolicyEnablementRule", + "PrivilegedRolePolicyExpirationRule", + "PrivilegedRolePolicyNotificationRule" + ], + "x-ms-enum": { + "name": "PrivilegedRolePolicyRuleType", + "modelAsString": true + } + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "description": "An error response from the service." + } + }, + "parameters": { + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "description": "The API version to use for this operation." + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicyAssignment.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicyAssignment.json new file mode 100644 index 000000000000..1a7ddb60fa15 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicyAssignment.json @@ -0,0 +1,323 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01-preview", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/privilegedRolePolicyAssignments/{privilegedRolePolicyAssignmentName}": { + "get": { + "tags": [ + "privilegedRolePolicyAssignments" + ], + "operationId": "privilegedRolePolicyAssignments_Get", + "description": "Get the specified role management policy assignment for a resource scope", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role management policy.", + "x-ms-skip-url-encoding": true + }, + { + "name": "privilegedRolePolicyAssignmentName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of format {guid_guid} the role management policy assignment to get." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role management policy.", + "schema": { + "$ref": "#/definitions/PrivilegedRolePolicyAssignment" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/GetPrivilegedRolePolicyAssignmentByName.json" + } + } + }, + "put": { + "tags": [ + "privilegedRolePolicyAssignments" + ], + "operationId": "privilegedRolePolicyAssignments_Create", + "description": "Create a role management policy assignment", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role management policy assignment to upsert.", + "x-ms-skip-url-encoding": true + }, + { + "name": "privilegedRolePolicyAssignmentName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of format {guid_guid} the role management policy assignment to upsert." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/PrivilegedRolePolicyAssignment" + }, + "description": "Parameters for the role management policy assignment." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns the created or updated policy assignment.", + "schema": { + "$ref": "#/definitions/PrivilegedRolePolicyAssignment" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/PutPrivilegedRolePolicyAssignment.json" + } + } + }, + "delete": { + "tags": [ + "privilegedRolePolicyAssignments" + ], + "operationId": "privilegedRolePolicyAssignments_Delete", + "description": "Delete a role management policy assignment", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role management policy assignment to delete.", + "x-ms-skip-url-encoding": true + }, + { + "name": "privilegedRolePolicyAssignmentName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of format {guid_guid} the role management policy assignment to delete." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Successfully deleted the policy assignment." + }, + "204": { + "description": "NoContent - policy assignment does not exists." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/DeletePrivilegedRolePolicyAssignment.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/privilegedRolePolicyAssignments": { + "get": { + "tags": [ + "privilegedRolePolicyAssignments" + ], + "operationId": "privilegedRolePolicyAssignments_ListForScope", + "description": "Gets role management assignment policies for a resource scope.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role management policy.", + "x-ms-skip-url-encoding": true + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role management policies.", + "schema": { + "$ref": "#/definitions/PrivilegedRolePolicyAssignmentListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/GetPrivilegedRolePolicyAssignmentByScope.json" + } + } + } + } + }, + "definitions": { + "PrivilegedRolePolicyAssignment": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role management policy Id." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role management policy name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role management policy type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/PrivilegedRolePolicyAssignmentProperties", + "description": "Role management policy properties." + } + }, + "description": "Role management policy" + }, + "PrivilegedRolePolicyAssignmentProperties": { + "properties": { + "scope": { + "type": "string", + "description": "The role management policy scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition of management policy assignment." + }, + "policyId": { + "type": "string", + "description": "The policy id role management policy assignment." + } + }, + "description": "Role management policy assignment properties with scope." + }, + "PrivilegedRolePolicyAssignmentListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/PrivilegedRolePolicyAssignment" + }, + "description": "Role management policy assignment list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "description": "Role management policy assignment list operation result." + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "description": "An error response from the service." + } + }, + "parameters": { + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "description": "The API version to use for this operation." + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentSchedule.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentSchedule.json new file mode 100644 index 000000000000..632f5facd9c4 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentSchedule.json @@ -0,0 +1,353 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01-preview", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/roleAssignmentSchedules/{roleAssignmentScheduleName}": { + "get": { + "tags": [ + "roleAssignmentSchedules" + ], + "operationId": "roleAssignmentSchedules_Get", + "description": "Get the specified role assignment schedule for a resource scope", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment schedule.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentScheduleName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (guid) of the role assignment schedule to get." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role assignment schedule.", + "schema": { + "$ref": "#/definitions/RoleAssignmentSchedule" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetRoleAssignmentScheduleByName": { + "$ref": "./examples/GetRoleAssignmentScheduleByName.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleAssignmentSchedules": { + "get": { + "tags": [ + "roleAssignmentSchedules" + ], + "operationId": "roleAssignmentSchedules_ListForScope", + "description": "Gets role assignment schedules for a resource scope.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignments schedules.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignment schedules at or above the scope. Use $filter=principalId eq {id} to return all role assignment schedules at, above or below the scope for the specified principal. Use $filter=asRequestor() to return all role assignment schedules requested by the current user. Use $filter=asTarget() to return all role assignment schedules created for the current user." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role assignments schedules.", + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleAssignmentScheduleFilter", + "x-ms-examples": { + "GetRoleAssignmentSchedulesByScope": { + "$ref": "./examples/GetRoleAssignmentSchedulesByScope.json" + } + } + } + } + }, + "definitions": { + "RoleAssignmentScheduleFilter": { + "properties": { + "principalId": { + "type": "string", + "description": "Returns role assignment schedule of the specific principal." + }, + "roleDefinitionId": { + "type": "string", + "description": "Returns role assignment schedule of the specific role definition." + }, + "status": { + "type": "string", + "description": "Returns role assignment schedule instances of the specific status." + } + }, + "description": "Role assignment schedule filter" + }, + "RoleAssignmentScheduleProperties": { + "properties": { + "scope": { + "type": "string", + "description": "The role assignment schedule scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID." + }, + "principalId": { + "type": "string", + "description": "The principal ID." + }, + "principalType": { + "type": "string", + "description": "The principal type of the assigned principal ID.", + "enum": [ + "User", + "Group", + "ServicePrincipal" + ], + "x-ms-enum": { + "name": "PrincipalType", + "modelAsString": true + } + }, + "roleAssignmentScheduleRequestId": { + "type": "string", + "description": "The id of roleAssignmentScheduleRequest used to create this roleAssignmentSchedule" + }, + "linkedRoleEligibilityScheduleId": { + "type": "string", + "description": "The id of roleEligibilitySchedule used to activated this roleAssignmentSchedule" + }, + "assignmentType": { + "type": "string", + "description": "Assignment type of the role assignment schedule", + "enum": [ + "Activated", + "Assigned" + ], + "x-ms-enum": { + "name": "AssignmentType", + "modelAsString": true + } + }, + "memberType": { + "type": "string", + "description": "Membership type of the role assignment schedule", + "enum": [ + "Inherited", + "Direct", + "Group" + ], + "x-ms-enum": { + "name": "MemberType", + "modelAsString": true + } + }, + "status": { + "type": "string", + "description": "The status of the role assignment schedule.", + "enum": [ + "Accepted", + "PendingEvaluation", + "Granted", + "Denied", + "PendingProvisioning", + "Provisioned", + "PendingRevocation", + "Revoked", + "Canceled", + "Failed", + "PendingApprovalProvisioning", + "PendingApproval", + "FailedAsResourceIsLocked", + "PendingAdminDecision", + "AdminApproved", + "AdminDenied", + "TimedOut", + "ProvisioningStarted", + "Invalid", + "PendingScheduleCreation", + "ScheduleCreated", + "PendingExternalProvisioning" + ], + "x-ms-enum": { + "name": "Status", + "modelAsString": true + } + }, + "startDateTime": { + "type": "string", + "format": "date-time", + "description": "Start DateTime when role assignment schedule" + }, + "endDateTime": { + "type": "string", + "format": "date-time", + "description": "End DateTime when role assignment schedule" + }, + "condition": { + "type": "string", + "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" + }, + "conditionVersion": { + "type": "string", + "description": "Version of the condition. Currently accepted value is '2.0'" + }, + "createdOn": { + "type": "string", + "format": "date-time", + "description": "DateTime when role assignment schedule was created" + }, + "updatedOn": { + "type": "string", + "format": "date-time", + "description": "DateTime when role assignment schedule was modified" + } + }, + "description": "Role assignment schedule properties with scope." + }, + "RoleAssignmentSchedule": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule Id." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleAssignmentScheduleProperties", + "description": "Role assignment schedule properties." + } + }, + "description": "Role Assignment schedule" + }, + "RoleAssignmentScheduleListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleAssignmentSchedule" + }, + "description": "Role assignment schedule list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "description": "Role assignment schedule list operation result." + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "description": "An error response from the service." + } + }, + "parameters": { + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "description": "The API version to use for this operation." + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleInstance.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleInstance.json new file mode 100644 index 000000000000..fab07e94b6f0 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleInstance.json @@ -0,0 +1,360 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01-preview", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleInstances": { + "get": { + "tags": [ + "roleAssignmentScheduleInstances" + ], + "operationId": "roleAssignmentScheduleInstances_ListForScope", + "description": "Gets role assignment schedule instances of a role assignment schedule.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment schedule.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignment schedules at or above the scope. Use $filter=principalId eq {id} to return all role assignment schedules at, above or below the scope for the specified principal. Use $filter=asRequestor() to return all role assignment schedules requested by the current user. Use $filter=asTarget() to return all role assignment schedules created for the current user." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns array of role assignment schedule instances.", + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleInstanceListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleAssignmentScheduleInstanceFilter", + "x-ms-examples": { + "GetRoleAssignmentScheduleInstancesByScope": { + "$ref": "./examples/GetRoleAssignmentScheduleInstancesByScope.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleInstances/{roleAssignmentScheduleInstanceName}": { + "get": { + "tags": [ + "roleAssignmentScheduleInstances" + ], + "operationId": "roleAssignmentScheduleInstances_Get", + "description": "Gets the specified role assignment schedule instance.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignments schedules.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentScheduleInstanceName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (hash of schedule name + time) of the role assignment schedule to get." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role assignment schedule instance.", + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleInstance" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetRoleAssignmentScheduleInstanceByName": { + "$ref": "./examples/GetRoleAssignmentScheduleInstanceByName.json" + } + } + } + } + }, + "definitions": { + "RoleAssignmentScheduleInstanceFilter": { + "properties": { + "principalId": { + "type": "string", + "description": "Returns role assignment schedule instances of the specific principal." + }, + "roleDefinitionId": { + "type": "string", + "description": "Returns role assignment schedule instances of the specific role definition." + }, + "status": { + "type": "string", + "description": "Returns role assignment schedule instances of the specific status." + }, + "roleAssignmentScheduleId": { + "type": "string", + "description": "Returns role assignment schedule instances belonging to a specific role assignment schedule." + } + }, + "description": "Role assignment schedule instance filter" + }, + "RoleAssignmentScheduleInstanceProperties": { + "properties": { + "scope": { + "type": "string", + "description": "The role assignment schedule scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID." + }, + "principalId": { + "type": "string", + "description": "The principal ID." + }, + "principalType": { + "type": "string", + "description": "The principal type of the assigned principal ID.", + "enum": [ + "User", + "Group", + "ServicePrincipal" + ], + "x-ms-enum": { + "name": "PrincipalType", + "modelAsString": true + } + }, + "roleAssignmentScheduleId": { + "type": "string", + "description": "Id of the master role assignment schedule" + }, + "originRoleAssignmentId": { + "type": "string", + "description": "Role Assignment Id in external system" + }, + "status": { + "type": "string", + "description": "The status of the role assignment schedule instance.", + "enum": [ + "Accepted", + "PendingEvaluation", + "Granted", + "Denied", + "PendingProvisioning", + "Provisioned", + "PendingRevocation", + "Revoked", + "Canceled", + "Failed", + "PendingApprovalProvisioning", + "PendingApproval", + "FailedAsResourceIsLocked", + "PendingAdminDecision", + "AdminApproved", + "AdminDenied", + "TimedOut", + "ProvisioningStarted", + "Invalid", + "PendingScheduleCreation", + "ScheduleCreated", + "PendingExternalProvisioning" + ], + "x-ms-enum": { + "name": "Status", + "modelAsString": true + } + }, + "startDateTime": { + "type": "string", + "format": "date-time", + "description": "The startDateTime of the role assignment schedule instance" + }, + "endDateTime": { + "type": "string", + "format": "date-time", + "description": "The endDateTime of the role assignment schedule instance" + }, + "linkedRoleEligibilityScheduleId": { + "type": "string", + "description": "roleEligibilityScheduleId used to activate" + }, + "linkedRoleEligibilityScheduleInstanceId": { + "type": "string", + "description": "roleEligibilityScheduleInstanceId linked to this roleAssignmentScheduleInstance" + }, + "assignmentType": { + "type": "string", + "description": "Assignment type of the role assignment schedule", + "enum": [ + "Activated", + "Assigned" + ], + "x-ms-enum": { + "name": "AssignmentType", + "modelAsString": true + } + }, + "memberType": { + "type": "string", + "description": "Membership type of the role assignment schedule", + "enum": [ + "Inherited", + "Direct", + "Group" + ], + "x-ms-enum": { + "name": "MemberType", + "modelAsString": true + } + }, + "condition": { + "type": "string", + "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" + }, + "conditionVersion": { + "type": "string", + "description": "Version of the condition. Currently accepted value is '2.0'" + }, + "createdOn": { + "type": "string", + "format": "date-time", + "description": "DateTime when role assignment schedule was created" + } + }, + "description": "Role assignment schedule properties with scope." + }, + "RoleAssignmentScheduleInstance": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule instance ID." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule instance name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule instance type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleAssignmentScheduleInstanceProperties", + "description": "Role assignment schedule instance properties." + } + }, + "description": "Information about current or upcoming role assignment schedule instance" + }, + "RoleAssignmentScheduleInstanceListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleAssignmentScheduleInstance" + }, + "description": "Role assignment schedule instance list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "description": "Role assignment schedule instance list operation result." + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "description": "An error response from the service." + } + }, + "parameters": { + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "description": "The API version to use for this operation." + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleRequest.json new file mode 100644 index 000000000000..fa2c3e99d0dd --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleRequest.json @@ -0,0 +1,513 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01-preview", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleRequests/{roleAssignmentScheduleRequestName}": { + "put": { + "tags": [ + "RoleAssignmentScheduleRequests" + ], + "operationId": "RoleAssignmentScheduleRequests_Create", + "description": "Creates a role assignment schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment schedule request to create. The scope can be any REST resource instance. For example, use '/subscriptions/{subscription-id}/' for a subscription, '/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}' for a resource group, and '/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}' for a resource.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role assignment to create. It can be any valid GUID." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleRequest" + }, + "description": "Parameters for the role assignment schedule request." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns information about the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleRequest" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "PutRoleAssignmentScheduleRequest": { + "$ref": "./examples/PutRoleAssignmentScheduleRequest.json" + } + } + }, + "get": { + "tags": [ + "RoleAssignmentScheduleRequests" + ], + "operationId": "RoleAssignmentScheduleRequests_Get", + "description": "Get the specified role assignment schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment schedule request.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (guid) of the role assignment schedule request to get." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role assignment schedule request.", + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleRequest" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetRoleAssignmentScheduleRequestByName": { + "$ref": "./examples/GetRoleAssignmentScheduleRequestByName.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleRequests": { + "get": { + "tags": [ + "RoleAssignmentScheduleRequests" + ], + "operationId": "RoleAssignmentScheduleRequests_ListForScope", + "description": "Gets role assignment schedule requests for a scope.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignments schedule requests.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignment schedule requests at or above the scope. Use $filter=principalId eq {id} to return all role assignment schedule requests at, above or below the scope for the specified principal. Use $filter=asRequestor() to return all role assignment schedule requests requested by the current user. Use $filter=asTarget() to return all role assignment schedule requests created for the current user. Use $filter=asApprover() to return all role assignment schedule requests where the current user is an approver." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role assignments schedule requests.", + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleRequestListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleAssignmentScheduleRequestFilter", + "x-ms-examples": { + "GetRoleAssignmentScheduleRequestByScope": { + "$ref": "./examples/GetRoleAssignmentScheduleRequestByScope.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleRequests/{roleAssignmentScheduleRequestName}/cancel": { + "post": { + "tags": [ + "RoleAssignmentScheduleRequests" + ], + "operationId": "RoleAssignmentScheduleRequests_Cancel", + "description": "Cancels a pending role assignment schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment request to cancel.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role assignment request to cancel." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns success." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "CancelRoleAssignmentScheduleRequestByName": { + "$ref": "./examples/CancelRoleAssignmentScheduleRequestByName.json" + } + } + } + } + }, + "definitions": { + "RoleAssignmentScheduleRequestFilter": { + "properties": { + "principalId": { + "type": "string", + "description": "Returns role assignment requests of the specific principal." + }, + "roleDefinitionId": { + "type": "string", + "description": "Returns role assignment requests of the specific role definition." + }, + "requestorId": { + "type": "string", + "description": "Returns role assignment requests created by specific principal." + }, + "status": { + "type": "string", + "description": "Returns role assignment requests of specific status." + } + }, + "description": "Role assignment schedule request filter" + }, + "RoleAssignmentScheduleRequestProperties": { + "properties": { + "scope": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule request scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID." + }, + "principalId": { + "type": "string", + "description": "The principal ID." + }, + "principalType": { + "type": "string", + "readOnly": true, + "description": "The principal type of the assigned principal ID.", + "enum": [ + "User", + "Group", + "ServicePrincipal" + ], + "x-ms-enum": { + "name": "PrincipalType", + "modelAsString": true + } + }, + "requestType": { + "type": "string", + "description": "The type of the role assignment schedule request. Eg: SelfActivate, AdminAssign etc", + "enum": [ + "AdminAssign", + "AdminRemove", + "AdminUpdate", + "AdminExtend", + "AdminRenew", + "SelfActivate", + "SelfDeactivate", + "SelfExtend", + "SelfRenew" + ], + "x-ms-enum": { + "name": "RequestType", + "modelAsString": true + } + }, + "status": { + "type": "string", + "readOnly": true, + "description": "The status of the role assignment schedule request.", + "enum": [ + "Accepted", + "PendingEvaluation", + "Granted", + "Denied", + "PendingProvisioning", + "Provisioned", + "PendingRevocation", + "Revoked", + "Canceled", + "Failed", + "PendingApprovalProvisioning", + "PendingApproval", + "FailedAsResourceIsLocked", + "PendingAdminDecision", + "AdminApproved", + "AdminDenied", + "TimedOut", + "ProvisioningStarted", + "Invalid", + "PendingScheduleCreation", + "ScheduleCreated", + "PendingExternalProvisioning" + ], + "x-ms-enum": { + "name": "Status", + "modelAsString": true + } + }, + "approvalId": { + "type": "string", + "readOnly": true, + "description": "The approvalId of the role assignment schedule request." + }, + "targetRoleAssignmentScheduleId": { + "type": "string", + "description": "The resultant role assignment schedule id or the role assignment schedule id being updated" + }, + "targetRoleAssignmentScheduleInstanceId": { + "type": "string", + "description": "The role assignment schedule instance id being updated" + }, + "scheduleInfo": { + "properties": { + "startDateTime": { + "type": "string", + "format": "date-time", + "description": "Start DateTime of the role assignment schedule." + }, + "expiration": { + "properties": { + "type": { + "type": "string", + "description": "Type of the role assignment schedule expiration", + "enum": [ + "AfterDuration", + "AfterDateTime", + "NoExpiration" + ], + "x-ms-enum": { + "name": "Type", + "modelAsString": true + } + }, + "endDateTime": { + "type": "string", + "format": "date-time", + "description": "End DateTime of the role assignment schedule." + }, + "duration": { + "type": "string", + "description": "Duration of the role assignment schedule in TimeSpan." + } + }, + "description": "Expiration of the role assignment schedule" + } + }, + "description": "Schedule info of the role assignment schedule" + }, + "linkedRoleEligibilityScheduleId": { + "type": "string", + "description": "The linked role eligibility schedule id - to activate an eligibility." + }, + "justification": { + "type": "string", + "description": "Justification for the role assignment" + }, + "ticketInfo": { + "properties": { + "ticketNumber": { + "type": "string", + "description": "Ticket number for the role assignment" + }, + "ticketSystem": { + "type": "string", + "description": "Ticket number for the role assignment" + } + }, + "description": "Ticket Info of the role assignment" + }, + "condition": { + "type": "string", + "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" + }, + "conditionVersion": { + "type": "string", + "description": "Version of the condition. Currently accepted value is '2.0'" + }, + "createdOn": { + "type": "string", + "format": "date-time", + "readOnly": true, + "description": "DateTime when role assignment schedule request was created" + }, + "requestorId": { + "type": "string", + "readOnly": true, + "description": "Id of the user who created this request" + } + }, + "required": [ + "roleDefinitionId", + "principalId", + "requestType" + ], + "description": "Role assignment schedule request properties with scope." + }, + "RoleAssignmentScheduleRequest": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule request ID." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule request name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule request type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleAssignmentScheduleRequestProperties", + "description": "Role assignment schedule request properties." + } + }, + "description": "Role Assignment schedule request" + }, + "RoleAssignmentScheduleRequestListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleAssignmentScheduleRequest" + }, + "description": "Role assignment schedule request list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "description": "Role assignment schedule request list operation result." + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "description": "An error response from the service." + } + }, + "parameters": { + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "description": "The API version to use for this operation." + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilitySchedule.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilitySchedule.json new file mode 100644 index 000000000000..01c7b43c3294 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilitySchedule.json @@ -0,0 +1,337 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01-preview", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/roleEligibilitySchedules/{roleEligibilityScheduleName}": { + "get": { + "tags": [ + "roleEligibilitySchedules" + ], + "operationId": "roleEligibilitySchedules_Get", + "description": "Get the specified role eligibility schedule for a resource scope", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility schedule.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleEligibilityScheduleName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (guid) of the role eligibility schedule to get." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role eligibility schedule.", + "schema": { + "$ref": "#/definitions/RoleEligibilitySchedule" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetRoleEligibilityScheduleByName": { + "$ref": "./examples/GetRoleEligibilityScheduleByName.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleEligibilitySchedules": { + "get": { + "tags": [ + "roleEligibilitySchedules" + ], + "operationId": "roleEligibilitySchedules_ListForScope", + "description": "Gets role eligibility schedules for a resource scope.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility schedules.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role eligibility schedules at or above the scope. Use $filter=principalId eq {id} to return all role eligibility schedules at, above or below the scope for the specified principal. Use $filter=asRequestor() to return all role eligibility schedules requested by the current user. Use $filter=asTarget() to return all role eligibility schedules created for the current user." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role eligibility schedules.", + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleEligibilityScheduleFilter", + "x-ms-examples": { + "GetRoleEligibilitySchedulesByScope": { + "$ref": "./examples/GetRoleEligibilitySchedulesByScope.json" + } + } + } + } + }, + "definitions": { + "RoleEligibilityScheduleFilter": { + "properties": { + "principalId": { + "type": "string", + "description": "Returns role eligibility schedule of the specific principal." + }, + "roleDefinitionId": { + "type": "string", + "description": "Returns role eligibility schedule of the specific role definition." + }, + "status": { + "type": "string", + "description": "Returns role eligibility schedule of the specific status." + } + }, + "description": "Role eligibility schedule filter" + }, + "RoleEligibilityScheduleProperties": { + "properties": { + "scope": { + "type": "string", + "description": "The role eligibility schedule scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID." + }, + "principalId": { + "type": "string", + "description": "The principal ID." + }, + "principalType": { + "type": "string", + "description": "The principal type of the assigned principal ID.", + "enum": [ + "User", + "Group", + "ServicePrincipal" + ], + "x-ms-enum": { + "name": "PrincipalType", + "modelAsString": true + } + }, + "roleEligibilityScheduleRequestId": { + "type": "string", + "description": "The id of roleEligibilityScheduleRequest used to create this roleAssignmentSchedule" + }, + "memberType": { + "type": "string", + "description": "Membership type of the role eligibility schedule", + "enum": [ + "Inherited", + "Direct", + "Group" + ], + "x-ms-enum": { + "name": "MemberType", + "modelAsString": true + } + }, + "status": { + "type": "string", + "description": "The status of the role eligibility schedule.", + "enum": [ + "Accepted", + "PendingEvaluation", + "Granted", + "Denied", + "PendingProvisioning", + "Provisioned", + "PendingRevocation", + "Revoked", + "Canceled", + "Failed", + "PendingApprovalProvisioning", + "PendingApproval", + "FailedAsResourceIsLocked", + "PendingAdminDecision", + "AdminApproved", + "AdminDenied", + "TimedOut", + "ProvisioningStarted", + "Invalid", + "PendingScheduleCreation", + "ScheduleCreated", + "PendingExternalProvisioning" + ], + "x-ms-enum": { + "name": "Status", + "modelAsString": true + } + }, + "startDateTime": { + "type": "string", + "format": "date-time", + "description": "Start DateTime when role eligibility schedule" + }, + "endDateTime": { + "type": "string", + "format": "date-time", + "description": "End DateTime when role eligibility schedule" + }, + "condition": { + "type": "string", + "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" + }, + "conditionVersion": { + "type": "string", + "description": "Version of the condition. Currently accepted value is '2.0'" + }, + "createdOn": { + "type": "string", + "format": "date-time", + "description": "DateTime when role eligibility schedule was created" + }, + "updatedOn": { + "type": "string", + "format": "date-time", + "description": "DateTime when role eligibility schedule was modified" + } + }, + "description": "Role eligibility schedule properties with scope." + }, + "RoleEligibilitySchedule": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule Id." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleEligibilityScheduleProperties", + "description": "role eligibility schedule properties." + } + }, + "description": "Role eligibility schedule" + }, + "RoleEligibilityScheduleListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleEligibilitySchedule" + }, + "description": "role eligibility schedule list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "description": "role eligibility schedule list operation result." + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "description": "An error response from the service." + } + }, + "parameters": { + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "description": "The API version to use for this operation." + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleInstance.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleInstance.json new file mode 100644 index 000000000000..0621ec64cd79 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleInstance.json @@ -0,0 +1,336 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01-preview", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role eligibility grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleInstances": { + "get": { + "tags": [ + "roleEligibilityScheduleInstances" + ], + "operationId": "roleEligibilityScheduleInstances_ListForScope", + "description": "Gets role eligibility schedule instances of a role eligibility schedule.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility schedule.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignment schedules at or above the scope. Use $filter=principalId eq {id} to return all role assignment schedules at, above or below the scope for the specified principal. Use $filter=asRequestor() to return all role eligibility schedules requested by the current user. Use $filter=asTarget() to return all role eligibility schedules created for the current user." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns array of role eligibility schedule instances.", + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleInstanceListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleEligibilityScheduleInstanceFilter", + "x-ms-examples": { + "GetRoleEligibilityScheduleInstancesByScope": { + "$ref": "./examples/GetRoleEligibilityScheduleInstancesByScope.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleInstances/{roleEligibilityScheduleInstanceName}": { + "get": { + "tags": [ + "roleEligibilityScheduleInstances" + ], + "operationId": "roleEligibilityScheduleInstances_Get", + "description": "Gets the specified role eligibility schedule instance.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility schedules.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleEligibilityScheduleInstanceName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (hash of schedule name + time) of the role eligibility schedule to get." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role eligibility schedule instance.", + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleInstance" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetRoleEligibilityScheduleInstanceByName": { + "$ref": "./examples/GetRoleEligibilityScheduleInstanceByName.json" + } + } + } + } + }, + "definitions": { + "RoleEligibilityScheduleInstanceFilter": { + "properties": { + "principalId": { + "type": "string", + "description": "Returns role eligibility schedule instances of the specific principal." + }, + "roleDefinitionId": { + "type": "string", + "description": "Returns role eligibility schedule instances of the specific role definition." + }, + "status": { + "type": "string", + "description": "Returns role eligibility schedule instances of the specific status." + }, + "roleEligibilityScheduleId": { + "type": "string", + "description": "Returns role eligibility schedule instances belonging to a specific role eligibility schedule." + } + }, + "description": "Role eligibility schedule instance filter" + }, + "RoleEligibilityScheduleInstanceProperties": { + "properties": { + "scope": { + "type": "string", + "description": "The role eligibility schedule scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID." + }, + "principalId": { + "type": "string", + "description": "The principal ID." + }, + "principalType": { + "type": "string", + "description": "The principal type of the assigned principal ID.", + "enum": [ + "User", + "Group", + "ServicePrincipal" + ], + "x-ms-enum": { + "name": "PrincipalType", + "modelAsString": true + } + }, + "roleEligibilityScheduleId": { + "type": "string", + "description": "Id of the master role eligibility schedule" + }, + "status": { + "type": "string", + "description": "The status of the role eligibility schedule instance", + "enum": [ + "Accepted", + "PendingEvaluation", + "Granted", + "Denied", + "PendingProvisioning", + "Provisioned", + "PendingRevocation", + "Revoked", + "Canceled", + "Failed", + "PendingApprovalProvisioning", + "PendingApproval", + "FailedAsResourceIsLocked", + "PendingAdminDecision", + "AdminApproved", + "AdminDenied", + "TimedOut", + "ProvisioningStarted", + "Invalid", + "PendingScheduleCreation", + "ScheduleCreated", + "PendingExternalProvisioning" + ], + "x-ms-enum": { + "name": "Status", + "modelAsString": true + } + }, + "startDateTime": { + "type": "string", + "format": "date-time", + "description": "The startDateTime of the role eligibility schedule instance" + }, + "endDateTime": { + "type": "string", + "format": "date-time", + "description": "The endDateTime of the role eligibility schedule instance" + }, + "memberType": { + "type": "string", + "description": "Membership type of the role eligibility schedule", + "enum": [ + "Inherited", + "Direct", + "Group" + ], + "x-ms-enum": { + "name": "MemberType", + "modelAsString": true + } + }, + "condition": { + "type": "string", + "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" + }, + "conditionVersion": { + "type": "string", + "description": "Version of the condition. Currently accepted value is '2.0'" + }, + "createdOn": { + "type": "string", + "format": "date-time", + "description": "DateTime when role eligibility schedule was created" + } + }, + "description": "Role eligibility schedule properties with scope." + }, + "RoleEligibilityScheduleInstance": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule instance ID." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule instance name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule instance type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleEligibilityScheduleInstanceProperties", + "description": "Role eligibility schedule instance properties." + } + }, + "description": "Information about current or upcoming role eligibility schedule instance" + }, + "RoleEligibilityScheduleInstanceListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleEligibilityScheduleInstance" + }, + "description": "Role eligibility schedule instance list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "description": "Role eligibility schedule instance list operation result." + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "description": "An error response from the service." + } + }, + "parameters": { + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "description": "The API version to use for this operation." + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleRequest.json new file mode 100644 index 000000000000..b0d7561b6c12 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleRequest.json @@ -0,0 +1,509 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01-preview", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role eligibility grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleRequests/{roleEligibilityScheduleRequestName}": { + "put": { + "tags": [ + "RoleEligibilityScheduleRequests" + ], + "operationId": "RoleEligibilityScheduleRequests_Create", + "description": "Creates a role eligibility schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility schedule request to create. The scope can be any REST resource instance. For example, use '/subscriptions/{subscription-id}/' for a subscription, '/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}' for a resource group, and '/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}' for a resource.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleEligibilityScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role eligibility to create. It can be any valid GUID." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleRequest" + }, + "description": "Parameters for the role eligibility schedule request." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns information about the role eligibility schedule request.", + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleRequest" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "PutRoleEligibilityScheduleRequest": { + "$ref": "./examples/PutRoleEligibilityScheduleRequest.json" + } + } + }, + "get": { + "tags": [ + "RoleEligibilityScheduleRequests" + ], + "operationId": "RoleEligibilityScheduleRequests_Get", + "description": "Get the specified role eligibility schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility schedule request.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleEligibilityScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (guid) of the role eligibility schedule request to get." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role eligibility schedule request.", + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleRequest" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetRoleEligibilityScheduleRequestByName": { + "$ref": "./examples/GetRoleEligibilityScheduleRequestByName.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleRequests": { + "get": { + "tags": [ + "RoleEligibilityScheduleRequests" + ], + "operationId": "RoleEligibilityScheduleRequests_ListForScope", + "description": "Gets role eligibility schedule requests for a scope.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility schedule requests.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role eligibility schedule requests at or above the scope. Use $filter=principalId eq {id} to return all role eligibility schedule requests at, above or below the scope for the specified principal. Use $filter=asRequestor() to return all role eligibility schedule requests requested by the current user. Use $filter=asTarget() to return all role eligibility schedule requests created for the current user. Use $filter=asApprover() to return all role eligibility schedule requests where the current user is an approver." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role eligibility schedule requests.", + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleRequestListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleEligibilityScheduleRequestFilter", + "x-ms-examples": { + "GetRoleEligibilityScheduleRequestByScope": { + "$ref": "./examples/GetRoleEligibilityScheduleRequestByScope.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleRequests/{roleEligibilityScheduleRequestName}/cancel": { + "post": { + "tags": [ + "RoleEligibilityScheduleRequests" + ], + "operationId": "RoleEligibilityScheduleRequests_Cancel", + "description": "Cancels a pending role eligibility schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility request to cancel.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleEligibilityScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role eligibility request to cancel." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns success." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "CancelRoleEligibilityScheduleRequestByName": { + "$ref": "./examples/CancelRoleEligibilityScheduleRequestByName.json" + } + } + } + } + }, + "definitions": { + "RoleEligibilityScheduleRequestFilter": { + "properties": { + "principalId": { + "type": "string", + "description": "Returns role eligibility requests of the specific principal." + }, + "roleDefinitionId": { + "type": "string", + "description": "Returns role eligibility requests of the specific role definition." + }, + "requestorId": { + "type": "string", + "description": "Returns role eligibility requests created by specific principal." + }, + "status": { + "type": "string", + "description": "Returns role eligibility requests of specific status." + } + }, + "description": "Role eligibility schedule request filter" + }, + "RoleEligibilityScheduleRequestProperties": { + "properties": { + "scope": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule request scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID." + }, + "principalId": { + "type": "string", + "description": "The principal ID." + }, + "principalType": { + "type": "string", + "readOnly": true, + "description": "The principal type of the assigned principal ID.", + "enum": [ + "User", + "Group", + "ServicePrincipal" + ], + "x-ms-enum": { + "name": "PrincipalType", + "modelAsString": true + } + }, + "requestType": { + "type": "string", + "description": "The type of the role assignment schedule request. Eg: SelfActivate, AdminAssign etc", + "enum": [ + "AdminAssign", + "AdminRemove", + "AdminUpdate", + "AdminExtend", + "AdminRenew", + "SelfActivate", + "SelfDeactivate", + "SelfExtend", + "SelfRenew" + ], + "x-ms-enum": { + "name": "RequestType", + "modelAsString": true + } + }, + "status": { + "type": "string", + "readOnly": true, + "description": "The status of the role eligibility schedule request.", + "enum": [ + "Accepted", + "PendingEvaluation", + "Granted", + "Denied", + "PendingProvisioning", + "Provisioned", + "PendingRevocation", + "Revoked", + "Canceled", + "Failed", + "PendingApprovalProvisioning", + "PendingApproval", + "FailedAsResourceIsLocked", + "PendingAdminDecision", + "AdminApproved", + "AdminDenied", + "TimedOut", + "ProvisioningStarted", + "Invalid", + "PendingScheduleCreation", + "ScheduleCreated", + "PendingExternalProvisioning" + ], + "x-ms-enum": { + "name": "Status", + "modelAsString": true + } + }, + "approvalId": { + "type": "string", + "readOnly": true, + "description": "The approvalId of the role eligibility schedule request." + }, + "scheduleInfo": { + "properties": { + "startDateTime": { + "type": "string", + "format": "date-time", + "description": "Start DateTime of the role eligibility schedule." + }, + "expiration": { + "properties": { + "type": { + "type": "string", + "description": "Type of the role eligibility schedule expiration", + "enum": [ + "AfterDuration", + "AfterDateTime", + "NoExpiration" + ], + "x-ms-enum": { + "name": "Type", + "modelAsString": true + } + }, + "endDateTime": { + "type": "string", + "format": "date-time", + "description": "End DateTime of the role eligibility schedule." + }, + "duration": { + "type": "string", + "description": "Duration of the role eligibility schedule in TimeSpan." + } + }, + "description": "Expiration of the role eligibility schedule" + } + }, + "description": "Schedule info of the role eligibility schedule" + }, + "targetRoleEligibilityScheduleId": { + "type": "string", + "description": "The resultant role eligibility schedule id or the role eligibility schedule id being updated" + }, + "targetRoleEligibilityScheduleInstanceId": { + "type": "string", + "description": "The role eligibility schedule instance id being updated" + }, + "justification": { + "type": "string", + "description": "Justification for the role eligibility" + }, + "ticketInfo": { + "properties": { + "ticketNumber": { + "type": "string", + "description": "Ticket number for the role eligibility" + }, + "ticketSystem": { + "type": "string", + "description": "Ticket number for the role eligibility" + } + }, + "description": "Ticket Info of the role eligibility" + }, + "condition": { + "type": "string", + "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" + }, + "conditionVersion": { + "type": "string", + "description": "Version of the condition. Currently accepted value is '2.0'" + }, + "createdOn": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "DateTime when role eligibility schedule request was created" + }, + "requestorId": { + "type": "string", + "readOnly": true, + "description": "Id of the user who created this request" + } + }, + "required": [ + "roleDefinitionId", + "principalId", + "requestType" + ], + "description": "Role eligibility schedule request properties with scope." + }, + "RoleEligibilityScheduleRequest": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule request ID." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule request name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule request type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleEligibilityScheduleRequestProperties", + "description": "Role eligibility schedule request properties." + } + }, + "description": "Role Eligibility schedule request" + }, + "RoleEligibilityScheduleRequestListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleEligibilityScheduleRequest" + }, + "description": "Role eligibility schedule request list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "description": "Role eligibility schedule request list operation result." + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "description": "An error response from the service." + } + }, + "parameters": { + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "description": "The API version to use for this operation." + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/CancelRoleAssignmentScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/CancelRoleAssignmentScheduleRequestByName.json new file mode 100644 index 000000000000..75c33c124167 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/CancelRoleAssignmentScheduleRequestByName.json @@ -0,0 +1,10 @@ +{ + "parameters": { + "scope": "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleAssignmentScheduleRequestName": "fea7a502-9a96-4806-a26f-eee560e52045", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": {} + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/CancelRoleEligibilityScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/CancelRoleEligibilityScheduleRequestByName.json new file mode 100644 index 000000000000..11e856e11930 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/CancelRoleEligibilityScheduleRequestByName.json @@ -0,0 +1,10 @@ +{ + "parameters": { + "scope": "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleEligibilityScheduleRequestName": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": {} + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/DeletePrivilegedRolePolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/DeletePrivilegedRolePolicy.json new file mode 100644 index 000000000000..f5f4a24a901e --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/DeletePrivilegedRolePolicy.json @@ -0,0 +1,11 @@ +{ + "parameters": { + "scope": "subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", + "privilegedRolePolicyName": "d693780f-543d-4aad-a4c8-139ff6a1db8d", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": {}, + "204": {} + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/DeletePrivilegedRolePolicyAssignment.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/DeletePrivilegedRolePolicyAssignment.json new file mode 100644 index 000000000000..902ef7fa1d0f --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/DeletePrivilegedRolePolicyAssignment.json @@ -0,0 +1,11 @@ +{ + "parameters": { + "scope": "subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", + "privilegedRolePolicyAssignmentName": "477f2d04-0fdc-417f-ab1b-d9fff8137134_a37489be-9462-48fb-a3b6-7b9bc2debbad", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": {}, + "204": {} + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyAssignmentByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyAssignmentByName.json new file mode 100644 index 000000000000..c1aa1c255c8e --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyAssignmentByName.json @@ -0,0 +1,21 @@ +{ + "parameters": { + "scope": "subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", + "privilegedRolePolicyAssignmentName": "477f2d04-0fdc-417f-ab1b-d9fff8137134_a37489be-9462-48fb-a3b6-7b9bc2debbad", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "scope": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/a37489be-9462-48fb-a3b6-7b9bc2debbad", + "policyId": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/PrivilegedRolePolicies/477f2d04-0fdc-417f-ab1b-d9fff8137134" + }, + "name": "477f2d04-0fdc-417f-ab1b-d9fff8137134_a37489be-9462-48fb-a3b6-7b9bc2debbad", + "id": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/PrivilegedRolePolicyAssignment/477f2d04-0fdc-417f-ab1b-d9fff8137134_a37489be-9462-48fb-a3b6-7b9bc2debbad", + "type": "Microsoft.Authorization/PrivilegedRolePolicyAssignment" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyAssignmentByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyAssignmentByScope.json new file mode 100644 index 000000000000..2f9b0eba5142 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyAssignmentByScope.json @@ -0,0 +1,24 @@ +{ + "parameters": { + "scope": "subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "scope": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/a37489be-9462-48fb-a3b6-7b9bc2debbad", + "policyId": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/PrivilegedRolePolicies/477f2d04-0fdc-417f-ab1b-d9fff8137134" + }, + "name": "477f2d04-0fdc-417f-ab1b-d9fff8137134_a37489be-9462-48fb-a3b6-7b9bc2debbad", + "id": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/PrivilegedRolePolicyAssignment/477f2d04-0fdc-417f-ab1b-d9fff8137134_a37489be-9462-48fb-a3b6-7b9bc2debbad", + "type": "Microsoft.Authorization/PrivilegedRolePolicyAssignment" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyByName.json new file mode 100644 index 000000000000..4725c38859ee --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyByName.json @@ -0,0 +1,813 @@ +{ + "parameters": { + "scope": "subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", + "privilegedRolePolicyName": "d693780f-543d-4aad-a4c8-139ff6a1db8d", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "scope": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", + "displayName": null, + "description": null, + "isOrganizationDefault": false, + "lastUpdatedDateTime": "2020-12-04T18:34:17.153+00:00", + "rules": [ + { + "isExpirationRequired": false, + "maximumDuration": "90.00:00:00", + "id": "Expiration_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Approver_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "90.00:00:00", + "id": "Expiration_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Approver_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "90.00:00:00", + "id": "Expiration_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Approver_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": null, + "id": "AuthenticationContext_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "1.00:00:00", + "id": "Expiration_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": null, + "id": "Notification_Email_ALL_Approver_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "Ticketing_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ], + "effectiveRules": [ + { + "isExpirationRequired": false, + "maximumDuration": "90.00:00:00", + "id": "Expiration_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Approver_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "90.00:00:00", + "id": "Expiration_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Approver_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "90.00:00:00", + "id": "Expiration_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Approver_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": null, + "id": "AuthenticationContext_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "1.00:00:00", + "id": "Expiration_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": null, + "id": "Notification_Email_ALL_Approver_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "Ticketing_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ] + }, + "name": "d693780f-543d-4aad-a4c8-139ff6a1db8d", + "id": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/PrivilegedRolePolicies/d693780f-543d-4aad-a4c8-139ff6a1db8d", + "type": "Microsoft.Authorization/PrivilegedRolePolicies" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyByScope.json new file mode 100644 index 000000000000..1276c5661ef8 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyByScope.json @@ -0,0 +1,816 @@ +{ + "parameters": { + "scope": "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "scope": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", + "displayName": null, + "description": null, + "isOrganizationDefault": false, + "lastUpdatedDateTime": "2020-12-04T18:34:17.153+00:00", + "rules": [ + { + "isExpirationRequired": false, + "maximumDuration": "90.00:00:00", + "id": "Expiration_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Approver_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "90.00:00:00", + "id": "Expiration_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Approver_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "90.00:00:00", + "id": "Expiration_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Approver_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": null, + "id": "AuthenticationContext_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "1.00:00:00", + "id": "Expiration_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": null, + "id": "Notification_Email_ALL_Approver_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "Ticketing_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ], + "effectiveRules": [ + { + "isExpirationRequired": false, + "maximumDuration": "90.00:00:00", + "id": "Expiration_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Approver_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "90.00:00:00", + "id": "Expiration_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Approver_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "90.00:00:00", + "id": "Expiration_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Approver_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": null, + "id": "AuthenticationContext_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "1.00:00:00", + "id": "Expiration_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": null, + "id": "Notification_Email_ALL_Approver_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "Ticketing_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ] + }, + "name": "d693780f-543d-4aad-a4c8-139ff6a1db8d", + "id": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/PrivilegedRolePolicies/d693780f-543d-4aad-a4c8-139ff6a1db8d", + "type": "Microsoft.Authorization/PrivilegedRolePolicies" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleAssignmentScheduleByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleAssignmentScheduleByName.json new file mode 100644 index 000000000000..ba84e89abce6 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleAssignmentScheduleByName.json @@ -0,0 +1,33 @@ +{ + "parameters": { + "scope": "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleAssignmentScheduleName": "c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "linkedRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "assignmentType": "Assigned", + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "status": "Provisioned", + "roleAssignmentScheduleRequestId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "startDateTime": "2020-09-09T21:35:27.91Z", + "endDateTime": "2020-09-10T05:35:17.91Z", + "memberType": "Direct", + "createdOn": "2020-09-09T21:35:27.91Z", + "updatedOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + }, + "name": "c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentSchedules/c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "type": "Microsoft.Authorization/RoleAssignmentSchedules" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleAssignmentScheduleInstanceByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleAssignmentScheduleInstanceByName.json new file mode 100644 index 000000000000..667555a87649 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleAssignmentScheduleInstanceByName.json @@ -0,0 +1,34 @@ +{ + "parameters": { + "scope": "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleAssignmentScheduleInstanceName": "ed9b8180-cef7-4c77-a63c-b8566ecfc412", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "originRoleAssignmentId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleAssignments/ed9b8180-cef7-4c77-a63c-b8566ecfc412", + "linkedRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "linkedRoleEligibilityScheduleInstanceId": "21e4b59a-0499-4fe0-a3c3-43a3055b773a", + "assignmentType": "Assigned", + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "status": "Accepted", + "roleAssignmentScheduleId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentSchedules/c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "startDateTime": "2020-09-09T21:35:27.91Z", + "endDateTime": "2020-09-10T05:35:17.91Z", + "memberType": "Direct", + "createdOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + }, + "name": "ed9b8180-cef7-4c77-a63c-b8566ecfc412", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleInstances/ed9b8180-cef7-4c77-a63c-b8566ecfc412", + "type": "Microsoft.Authorization/RoleAssignmentScheduleInstances" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleAssignmentScheduleInstancesByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleAssignmentScheduleInstancesByScope.json new file mode 100644 index 000000000000..33c9f4a3911d --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleAssignmentScheduleInstancesByScope.json @@ -0,0 +1,38 @@ +{ + "parameters": { + "scope": "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "$filter": "assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "originRoleAssignmentId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleAssignments/ed9b8180-cef7-4c77-a63c-b8566ecfc412", + "linkedRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "linkedRoleEligibilityScheduleInstanceId": "21e4b59a-0499-4fe0-a3c3-43a3055b773a", + "assignmentType": "Assigned", + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "status": "Accepted", + "roleAssignmentScheduleId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentSchedules/c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "startDateTime": "2020-09-09T21:35:27.91Z", + "endDateTime": "2020-09-10T05:35:17.91Z", + "memberType": "Direct", + "createdOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + }, + "name": "ed9b8180-cef7-4c77-a63c-b8566ecfc412", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleInstances/ed9b8180-cef7-4c77-a63c-b8566ecfc412", + "type": "Microsoft.Authorization/RoleAssignmentScheduleInstances" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleAssignmentScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleAssignmentScheduleRequestByName.json new file mode 100644 index 000000000000..06b9e7f52020 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleAssignmentScheduleRequestByName.json @@ -0,0 +1,44 @@ +{ + "parameters": { + "scope": "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleAssignmentScheduleRequestName": "fea7a502-9a96-4806-a26f-eee560e52045", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "targetRoleAssignmentScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "targetRoleAssignmentScheduleInstanceId": null, + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "SelfActivate", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:35:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "08:00:00" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + }, + "name": "fea7a502-9a96-4806-a26f-eee560e52045", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "type": "Microsoft.Authorization/RoleAssignmentScheduleRequests" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleAssignmentScheduleRequestByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleAssignmentScheduleRequestByScope.json new file mode 100644 index 000000000000..01ee82a099cc --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleAssignmentScheduleRequestByScope.json @@ -0,0 +1,46 @@ +{ + "parameters": { + "scope": "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "$filter": "assignedTo('A3BB8764-CB92-4276-9D2A-CA1E895E55EA')", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": [ + { + "properties": { + "targetRoleAssignmentScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "targetRoleAssignmentScheduleInstanceId": null, + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "SelfActivate", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:35:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "08:00:00" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + }, + "name": "fea7a502-9a96-4806-a26f-eee560e52045", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "type": "Microsoft.Authorization/RoleAssignmentScheduleRequests" + } + ] + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleAssignmentSchedulesByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleAssignmentSchedulesByScope.json new file mode 100644 index 000000000000..b2bf1c53ece3 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleAssignmentSchedulesByScope.json @@ -0,0 +1,37 @@ +{ + "parameters": { + "scope": "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "$filter": "assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "linkedRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "assignmentType": "Assigned", + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "status": "Provisioned", + "roleAssignmentScheduleRequestId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "startDateTime": "2020-09-09T21:35:27.91Z", + "endDateTime": "2020-09-10T05:35:17.91Z", + "memberType": "Direct", + "createdOn": "2020-09-09T21:35:27.91Z", + "updatedOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + }, + "name": "c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentSchedules/c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "type": "Microsoft.Authorization/RoleAssignmentSchedules" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleEligibilityScheduleByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleEligibilityScheduleByName.json new file mode 100644 index 000000000000..5f7173ab7141 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleEligibilityScheduleByName.json @@ -0,0 +1,31 @@ +{ + "parameters": { + "scope": "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleEligibilityScheduleName": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "status": "Provisioned", + "roleEligibilityScheduleRequestId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "startDateTime": "2020-09-09T21:33:14.557Z", + "endDateTime": "2021-09-09T21:32:28.49Z", + "memberType": "Direct", + "createdOn": "2020-09-09T21:33:06.3Z", + "updatedOn": "2020-09-09T22:27:00.513Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + }, + "name": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilitySchedules/b1477448-2cc6-4ceb-93b4-54a202a89413", + "type": "Microsoft.Authorization/RoleEligibilitySchedules" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleEligibilityScheduleInstanceByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleEligibilityScheduleInstanceByName.json new file mode 100644 index 000000000000..1387466daa45 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleEligibilityScheduleInstanceByName.json @@ -0,0 +1,30 @@ +{ + "parameters": { + "scope": "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleEligibilityScheduleInstanceName": "21e4b59a-0499-4fe0-a3c3-43a3055b773a", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "status": "Provisioned", + "roleEligibilityScheduleId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilitySchedules/b1477448-2cc6-4ceb-93b4-54a202a89413", + "startDateTime": "2020-09-10T00:32:36.86Z", + "endDateTime": "2021-09-10T00:31:41.477Z", + "memberType": "Direct", + "createdOn": "2020-09-10T00:32:36.86Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + }, + "name": "21e4b59a-0499-4fe0-a3c3-43a3055b773a", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleInstances/21e4b59a-0499-4fe0-a3c3-43a3055b773a", + "type": "Microsoft.Authorization/RoleEligibilityScheduleInstances" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleEligibilityScheduleInstancesByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleEligibilityScheduleInstancesByScope.json new file mode 100644 index 000000000000..0250fb66e371 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleEligibilityScheduleInstancesByScope.json @@ -0,0 +1,34 @@ +{ + "parameters": { + "scope": "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "$filter": "assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "status": "Provisioned", + "roleEligibilityScheduleId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilitySchedules/b1477448-2cc6-4ceb-93b4-54a202a89413", + "startDateTime": "2020-09-10T00:32:36.86Z", + "endDateTime": "2021-09-10T00:31:41.477Z", + "memberType": "Direct", + "createdOn": "2020-09-10T00:32:36.86Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + }, + "name": "21e4b59a-0499-4fe0-a3c3-43a3055b773a", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleInstances/21e4b59a-0499-4fe0-a3c3-43a3055b773a", + "type": "Microsoft.Authorization/RoleEligibilityScheduleInstances" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleEligibilityScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleEligibilityScheduleRequestByName.json new file mode 100644 index 000000000000..275162593dd2 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleEligibilityScheduleRequestByName.json @@ -0,0 +1,44 @@ +{ + "parameters": { + "scope": "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleEligibilityScheduleRequestName": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "targetRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "targetRoleEligibilityScheduleInstanceId": null, + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "AdminAssign", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:31:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "365.00:00:00" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:32:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + }, + "name": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "type": "Microsoft.Authorization/RoleEligibilityRequests" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleEligibilityScheduleRequestByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleEligibilityScheduleRequestByScope.json new file mode 100644 index 000000000000..1a13acd146fc --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleEligibilityScheduleRequestByScope.json @@ -0,0 +1,48 @@ +{ + "parameters": { + "scope": "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "$filter": "assignedTo('A3BB8764-CB92-4276-9D2A-CA1E895E55EA')", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "targetRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "targetRoleEligibilityScheduleInstanceId": null, + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "AdminAssign", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:31:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "365.00:00:00" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:32:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + }, + "name": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "type": "Microsoft.Authorization/RoleEligibilityRequests" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleEligibilitySchedulesByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleEligibilitySchedulesByScope.json new file mode 100644 index 000000000000..ec5de9b5d207 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleEligibilitySchedulesByScope.json @@ -0,0 +1,35 @@ +{ + "parameters": { + "scope": "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "$filter": "assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "status": "Provisioned", + "roleEligibilityScheduleRequestId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "startDateTime": "2020-09-09T21:33:14.557Z", + "endDateTime": "2021-09-09T21:32:28.49Z", + "memberType": "Direct", + "createdOn": "2020-09-09T21:33:06.3Z", + "updatedOn": "2020-09-09T22:27:00.513Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + }, + "name": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilitySchedules/b1477448-2cc6-4ceb-93b4-54a202a89413", + "type": "Microsoft.Authorization/RoleEligibilitySchedules" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutPrivilegedRolePolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutPrivilegedRolePolicy.json new file mode 100644 index 000000000000..9d2c2e283b30 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutPrivilegedRolePolicy.json @@ -0,0 +1,1214 @@ +{ + "parameters": { + "scope": "subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", + "privilegedRolePolicyName": "d693780f-543d-4aad-a4c8-139ff6a1db8d", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "scope": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", + "isOrganizationDefault": false, + "rules": [ + { + "isExpirationRequired": false, + "maximumDuration": "90.00:00:00", + "id": "Expiration_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Approver_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "90.00:00:00", + "id": "Expiration_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Approver_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "90.00:00:00", + "id": "Expiration_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Approver_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": null, + "id": "AuthenticationContext_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "1.00:00:00", + "id": "Expiration_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": null, + "id": "Notification_Email_ALL_Approver_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "Ticketing_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ] + } + } + }, + "responses": { + "201": { + "body": { + "properties": { + "scope": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", + "displayName": null, + "description": null, + "isOrganizationDefault": false, + "lastUpdatedDateTime": "2020-12-04T18:34:17.153+00:00", + "rules": [ + { + "isExpirationRequired": false, + "maximumDuration": "90.00:00:00", + "id": "Expiration_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Approver_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "90.00:00:00", + "id": "Expiration_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Approver_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "90.00:00:00", + "id": "Expiration_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Approver_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": null, + "id": "AuthenticationContext_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "1.00:00:00", + "id": "Expiration_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": null, + "id": "Notification_Email_ALL_Approver_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "Ticketing_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ], + "effectiveRules": [ + { + "isExpirationRequired": false, + "maximumDuration": "90.00:00:00", + "id": "Expiration_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Approver_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_Admin_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "90.00:00:00", + "id": "Expiration_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Approver_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_Admin_ALL_Member", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "90.00:00:00", + "id": "Expiration_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Approver_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_EndUser_ALL_Eligible", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": null, + "id": "AuthenticationContext_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "1.00:00:00", + "id": "Expiration_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Admin_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "notificationLevel": "ALL", + "notificationRecipients": [ + "" + ], + "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "notificationLevel": "ALL", + "notificationRecipients": null, + "id": "Notification_Email_ALL_Approver_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "Ticketing_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "MultifactorAuthentication_EndUser_ALL_Member", + "ruleType": "PrivilegedRolePolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "ALL" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ] + }, + "name": "d693780f-543d-4aad-a4c8-139ff6a1db8d", + "id": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/PrivilegedRolePolicies/d693780f-543d-4aad-a4c8-139ff6a1db8d", + "type": "Microsoft.Authorization/PrivilegedRolePolicies" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutPrivilegedRolePolicyAssignment.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutPrivilegedRolePolicyAssignment.json new file mode 100644 index 000000000000..8391c65cfcc3 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutPrivilegedRolePolicyAssignment.json @@ -0,0 +1,28 @@ +{ + "parameters": { + "scope": "subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", + "privilegedRolePolicyAssignmentName": "477f2d04-0fdc-417f-ab1b-d9fff8137134_a37489be-9462-48fb-a3b6-7b9bc2debbad", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "scope": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/a37489be-9462-48fb-a3b6-7b9bc2debbad", + "policyId": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/PrivilegedRolePolicies/477f2d04-0fdc-417f-ab1b-d9fff8137134" + } + } + }, + "responses": { + "201": { + "body": { + "properties": { + "scope": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/a37489be-9462-48fb-a3b6-7b9bc2debbad", + "policyId": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/PrivilegedRolePolicies/477f2d04-0fdc-417f-ab1b-d9fff8137134" + }, + "name": "477f2d04-0fdc-417f-ab1b-d9fff8137134_a37489be-9462-48fb-a3b6-7b9bc2debbad", + "id": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/PrivilegedRolePolicyAssignment/477f2d04-0fdc-417f-ab1b-d9fff8137134_a37489be-9462-48fb-a3b6-7b9bc2debbad", + "type": "Microsoft.Authorization/PrivilegedRolePolicyAssignment" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutRoleAssignmentScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutRoleAssignmentScheduleRequest.json new file mode 100644 index 000000000000..0164e4fd3406 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutRoleAssignmentScheduleRequest.json @@ -0,0 +1,62 @@ +{ + "parameters": { + "scope": "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleAssignmentScheduleRequestName": "fea7a502-9a96-4806-a26f-eee560e52045", + "parameters": { + "properties": { + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "requestType": "SelfActivate", + "linkedRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "scheduleInfo": { + "startDateTime": "2020-09-09T21:35:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "08:00:00" + } + }, + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + } + }, + "api-version": "2020-10-01-preview" + }, + "responses": { + "201": { + "body": { + "properties": { + "targetRoleAssignmentScheduleId": "c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "targetRoleAssignmentScheduleInstanceId": null, + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "SelfActivate", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:35:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "08:00:00" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + }, + "name": "fea7a502-9a96-4806-a26f-eee560e52045", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "type": "Microsoft.Authorization/RoleAssignmentScheduleRequests" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutRoleEligibilityScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutRoleEligibilityScheduleRequest.json new file mode 100644 index 000000000000..628512931f60 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutRoleEligibilityScheduleRequest.json @@ -0,0 +1,61 @@ +{ + "parameters": { + "scope": "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleEligibilityScheduleRequestName": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "parameters": { + "properties": { + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "requestType": "AdminAssign", + "scheduleInfo": { + "startDateTime": "2020-09-09T21:31:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "365.00:00:00" + } + }, + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + } + }, + "api-version": "2020-10-01-preview" + }, + "responses": { + "201": { + "body": { + "properties": { + "targetRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "targetRoleEligibilityScheduleInstanceId": null, + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "AdminAssign", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:31:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "365.00:00:00" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:32:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + }, + "name": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "type": "Microsoft.Authorization/RoleEligibilityScheduleRequests" + } + } + } +} diff --git a/specification/authorization/resource-manager/readme.md b/specification/authorization/resource-manager/readme.md index 138fa9e7c59d..8998cde845bb 100644 --- a/specification/authorization/resource-manager/readme.md +++ b/specification/authorization/resource-manager/readme.md @@ -71,6 +71,28 @@ directive: reason: for this case the result of the proposed change would resemble a boolean anyways ``` +### Tag: package-2020-10-01-preview + +These settings apply only when `--tag=package-2020-10-01-preview` is specified on the command line. + +``` yaml $(tag) == 'package-2020-10-01-preview' +input-file: +- Microsoft.Authorization/preview/2015-06-01/authorization-ClassicAdminCalls.json +- Microsoft.Authorization/stable/2015-07-01/authorization-ElevateAccessCalls.json +- Microsoft.Authorization/preview/2018-01-01-preview/authorization-ProviderOperationsCalls.json +- Microsoft.Authorization/preview/2018-01-01-preview/authorization-RoleDefinitionsCalls.json +- Microsoft.Authorization/preview/2018-07-01-preview/authorization-DenyAssignmentGetCalls.json +- Microsoft.Authorization/preview/2020-04-01-preview/authorization-RoleAssignmentsCalls.json +- Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentSchedule.json +- Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleInstance.json +- Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleRequest.json +- Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilitySchedule.json +- Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleInstance.json +- Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleRequest.json +- Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicy.json +- Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicyAssignment.json +``` + ### Tag: package-2020-04-01-preview These settings apply only when `--tag=package-2020-04-01-preview` is specified on the command line. From 81addc223645c4fd23afbda4db7497bae90f1065 Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Thu, 21 Jan 2021 02:57:49 +0530 Subject: [PATCH 02/13] update readme --- specification/authorization/resource-manager/readme.md | 6 ------ 1 file changed, 6 deletions(-) diff --git a/specification/authorization/resource-manager/readme.md b/specification/authorization/resource-manager/readme.md index 8998cde845bb..c4e17b59f9d1 100644 --- a/specification/authorization/resource-manager/readme.md +++ b/specification/authorization/resource-manager/readme.md @@ -77,12 +77,6 @@ These settings apply only when `--tag=package-2020-10-01-preview` is specified o ``` yaml $(tag) == 'package-2020-10-01-preview' input-file: -- Microsoft.Authorization/preview/2015-06-01/authorization-ClassicAdminCalls.json -- Microsoft.Authorization/stable/2015-07-01/authorization-ElevateAccessCalls.json -- Microsoft.Authorization/preview/2018-01-01-preview/authorization-ProviderOperationsCalls.json -- Microsoft.Authorization/preview/2018-01-01-preview/authorization-RoleDefinitionsCalls.json -- Microsoft.Authorization/preview/2018-07-01-preview/authorization-DenyAssignmentGetCalls.json -- Microsoft.Authorization/preview/2020-04-01-preview/authorization-RoleAssignmentsCalls.json - Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentSchedule.json - Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleInstance.json - Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleRequest.json From 07d84d3f0146e83dae8b3ab47eec626beaa327c0 Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Thu, 21 Jan 2021 04:12:19 +0530 Subject: [PATCH 03/13] Update --- .../preview/2020-10-01-preview/PrivilegedRolePolicy.json | 2 +- specification/authorization/resource-manager/readme.md | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicy.json index 600393241516..5ec17c1427a1 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicy.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicy.json @@ -85,7 +85,7 @@ "tags": [ "privilegedRolePolicies" ], - "operationId": "PrivilegedRolePolicies_Update", + "operationId": "PrivilegedRolePolicies_Create", "description": "Update or create a role management policy", "parameters": [ { diff --git a/specification/authorization/resource-manager/readme.md b/specification/authorization/resource-manager/readme.md index c4e17b59f9d1..acdd37ddacea 100644 --- a/specification/authorization/resource-manager/readme.md +++ b/specification/authorization/resource-manager/readme.md @@ -85,6 +85,12 @@ input-file: - Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleRequest.json - Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicy.json - Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicyAssignment.json +- Microsoft.Authorization/preview/2015-06-01/authorization-ClassicAdminCalls.json +- Microsoft.Authorization/stable/2015-07-01/authorization-ElevateAccessCalls.json +- Microsoft.Authorization/preview/2018-01-01-preview/authorization-ProviderOperationsCalls.json +- Microsoft.Authorization/preview/2018-01-01-preview/authorization-RoleDefinitionsCalls.json +- Microsoft.Authorization/preview/2018-07-01-preview/authorization-DenyAssignmentGetCalls.json +- Microsoft.Authorization/preview/2020-04-01-preview/authorization-RoleAssignmentsCalls.json ``` ### Tag: package-2020-04-01-preview From 9041c3c6c0ffa7f7e731f4e19c62e5d5faeedc8d Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Thu, 21 Jan 2021 04:30:50 +0530 Subject: [PATCH 04/13] Update readme --- specification/authorization/resource-manager/readme.md | 6 ------ 1 file changed, 6 deletions(-) diff --git a/specification/authorization/resource-manager/readme.md b/specification/authorization/resource-manager/readme.md index acdd37ddacea..c4e17b59f9d1 100644 --- a/specification/authorization/resource-manager/readme.md +++ b/specification/authorization/resource-manager/readme.md @@ -85,12 +85,6 @@ input-file: - Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleRequest.json - Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicy.json - Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicyAssignment.json -- Microsoft.Authorization/preview/2015-06-01/authorization-ClassicAdminCalls.json -- Microsoft.Authorization/stable/2015-07-01/authorization-ElevateAccessCalls.json -- Microsoft.Authorization/preview/2018-01-01-preview/authorization-ProviderOperationsCalls.json -- Microsoft.Authorization/preview/2018-01-01-preview/authorization-RoleDefinitionsCalls.json -- Microsoft.Authorization/preview/2018-07-01-preview/authorization-DenyAssignmentGetCalls.json -- Microsoft.Authorization/preview/2020-04-01-preview/authorization-RoleAssignmentsCalls.json ``` ### Tag: package-2020-04-01-preview From b4a10473f1ee42aa1f4515022d52f5f0f0c83920 Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Fri, 22 Jan 2021 18:38:24 +0530 Subject: [PATCH 05/13] operation id fix --- .../preview/2020-10-01-preview/PrivilegedRolePolicy.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicy.json index 5ec17c1427a1..4b928ce85674 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicy.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicy.json @@ -85,7 +85,7 @@ "tags": [ "privilegedRolePolicies" ], - "operationId": "PrivilegedRolePolicies_Create", + "operationId": "privilegedRolePolicies_Create", "description": "Update or create a role management policy", "parameters": [ { From 8c712de5d1cc8bba954316554f9c7c3dee85a91c Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Fri, 22 Jan 2021 18:39:27 +0530 Subject: [PATCH 06/13] name fix --- .../preview/2020-10-01-preview/PrivilegedRolePolicy.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicy.json index 4b928ce85674..9ea0c1e46761 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicy.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicy.json @@ -140,7 +140,7 @@ "tags": [ "privilegedRolePolicies" ], - "operationId": "PrivilegedRolePolicies_Delete", + "operationId": "privilegedRolePolicies_Delete", "description": "Delete a role management policy", "parameters": [ { From 176af50ea599a07f4251df26b780f81c3e7c7965 Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Sat, 23 Jan 2021 01:38:52 +0530 Subject: [PATCH 07/13] Name changes --- ...ePolicy.json => RoleManagementPolicy.json} | 126 ++++++++-------- ...n => RoleManagementPolicyAssignments.json} | 52 +++---- ...y.json => DeleteRoleManagementPolicy.json} | 2 +- ...DeleteRoleManagementPolicyAssignment.json} | 2 +- ...RoleManagementPolicyAssignmentByName.json} | 8 +- ...oleManagementPolicyAssignmentByScope.json} | 6 +- ...son => GetRoleManagementPolicyByName.json} | 94 ++++++------ ...on => GetRoleManagementPolicyByScope.json} | 92 ++++++------ ...=> PutRoleManagementPolicyAssignment.json} | 10 +- ...olicy.json => PutRoleManagementPolicyjson} | 138 +++++++++--------- .../authorization/resource-manager/readme.md | 4 +- 11 files changed, 267 insertions(+), 267 deletions(-) rename specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/{PrivilegedRolePolicy.json => RoleManagementPolicy.json} (84%) rename specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/{PrivilegedRolePolicyAssignment.json => RoleManagementPolicyAssignments.json} (84%) rename specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/{DeletePrivilegedRolePolicy.json => DeleteRoleManagementPolicy.json} (75%) rename specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/{DeletePrivilegedRolePolicyAssignment.json => DeleteRoleManagementPolicyAssignment.json} (78%) rename specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/{GetPrivilegedRolePolicyAssignmentByName.json => GetRoleManagementPolicyAssignmentByName.json} (77%) rename specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/{GetPrivilegedRolePolicyAssignmentByScope.json => GetRoleManagementPolicyAssignmentByScope.json} (82%) rename specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/{GetPrivilegedRolePolicyByName.json => GetRoleManagementPolicyByName.json} (89%) rename specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/{GetPrivilegedRolePolicyByScope.json => GetRoleManagementPolicyByScope.json} (90%) rename specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/{PutPrivilegedRolePolicyAssignment.json => PutRoleManagementPolicyAssignment.json} (80%) rename specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/{PutPrivilegedRolePolicy.json => PutRoleManagementPolicyjson} (89%) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleManagementPolicy.json similarity index 84% rename from specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicy.json rename to specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleManagementPolicy.json index 9ea0c1e46761..57c1e3d8a94a 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicy.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleManagementPolicy.json @@ -34,12 +34,12 @@ } }, "paths": { - "/{scope}/providers/Microsoft.Authorization/privilegedRolePolicies/{privilegedRolePolicyName}": { + "/{scope}/providers/Microsoft.Authorization/roleManagementPolicies/{roleManagementPolicyName}": { "get": { "tags": [ - "privilegedRolePolicies" + "roleManagementPolicies" ], - "operationId": "privilegedRolePolicies_Get", + "operationId": "roleManagementPolicies_Get", "description": "Get the specified role management policy for a resource scope", "parameters": [ { @@ -51,7 +51,7 @@ "x-ms-skip-url-encoding": true }, { - "name": "privilegedRolePolicyName", + "name": "roleManagementPolicyName", "in": "path", "required": true, "type": "string", @@ -65,7 +65,7 @@ "200": { "description": "OK - Returns information about the role management policy.", "schema": { - "$ref": "#/definitions/PrivilegedRolePolicy" + "$ref": "#/definitions/RoleManagementPolicy" } }, "default": { @@ -76,16 +76,16 @@ } }, "x-ms-examples": { - "GetPrivilegedRolePolicyByName": { - "$ref": "./examples/GetPrivilegedRolePolicyByName.json" + "GetRoleManagementPolicyByName": { + "$ref": "./examples/GetRoleManagementPolicyByName.json" } } }, "put": { "tags": [ - "privilegedRolePolicies" + "roleManagementPolicies" ], - "operationId": "privilegedRolePolicies_Create", + "operationId": "roleManagementPolicies_Create", "description": "Update or create a role management policy", "parameters": [ { @@ -97,7 +97,7 @@ "x-ms-skip-url-encoding": true }, { - "name": "privilegedRolePolicyName", + "name": "roleManagementPolicyName", "in": "path", "required": true, "type": "string", @@ -108,7 +108,7 @@ "in": "body", "required": true, "schema": { - "$ref": "#/definitions/PrivilegedRolePolicy" + "$ref": "#/definitions/RoleManagementPolicy" }, "description": "Parameters for the role management policy." }, @@ -120,7 +120,7 @@ "201": { "description": "Created - Returns the created or updated policy.", "schema": { - "$ref": "#/definitions/PrivilegedRolePolicy" + "$ref": "#/definitions/RoleManagementPolicy" } }, "default": { @@ -131,16 +131,16 @@ } }, "x-ms-examples": { - "PutPrivilegedRolePolicy": { - "$ref": "./examples/PutPrivilegedRolePolicy.json" + "PutRoleManagementPolicy": { + "$ref": "./examples/PutRoleManagementPolicy.json" } } }, "delete": { "tags": [ - "privilegedRolePolicies" + "roleManagementPolicies" ], - "operationId": "privilegedRolePolicies_Delete", + "operationId": "roleManagementPolicies_Delete", "description": "Delete a role management policy", "parameters": [ { @@ -152,7 +152,7 @@ "x-ms-skip-url-encoding": true }, { - "name": "privilegedRolePolicyName", + "name": "roleManagementPolicyName", "in": "path", "required": true, "type": "string", @@ -177,18 +177,18 @@ } }, "x-ms-examples": { - "DeletePrivilegedRolePolicy": { - "$ref": "./examples/DeletePrivilegedRolePolicy.json" + "DeleteRoleManagementPolicy": { + "$ref": "./examples/DeleteRoleManagementPolicy.json" } } } }, - "/{scope}/providers/Microsoft.Authorization/privilegedRolePolicies": { + "/{scope}/providers/Microsoft.Authorization/roleManagementPolicies": { "get": { "tags": [ - "privilegedRolePolicies" + "roleManagementPolicies" ], - "operationId": "privilegedRolePolicies_ListForScope", + "operationId": "roleManagementPolicies_ListForScope", "description": "Gets role management policies for a resource scope.", "parameters": [ { @@ -207,7 +207,7 @@ "200": { "description": "OK - Returns an array of role management policies.", "schema": { - "$ref": "#/definitions/PrivilegedRolePolicyListResult" + "$ref": "#/definitions/RoleManagementPolicyListResult" } }, "default": { @@ -221,15 +221,15 @@ "nextLinkName": "nextLink" }, "x-ms-examples": { - "GetPrivilegedRolePolicyByRoleDefinitionFilter": { - "$ref": "./examples/GetPrivilegedRolePolicyByScope.json" + "GetRoleManagementPolicyByRoleDefinitionFilter": { + "$ref": "./examples/GetRoleManagementPolicyByScope.json" } } } } }, "definitions": { - "PrivilegedRolePolicyProperties": { + "RoleManagementPolicyProperties": { "properties": { "scope": { "type": "string", @@ -256,14 +256,14 @@ "rules": { "type": "array", "items": { - "$ref": "#/definitions/PrivilegedRolePolicyRule" + "$ref": "#/definitions/RoleManagementPolicyRule" }, "description": "The rule applied to the policy." }, "effectiveRules": { "type": "array", "items": { - "$ref": "#/definitions/PrivilegedRolePolicyRule" + "$ref": "#/definitions/RoleManagementPolicyRule" }, "readOnly": true, "description": "The readonly computed rule applied to the policy." @@ -271,7 +271,7 @@ }, "description": "Role management policy properties with scope." }, - "PrivilegedRolePolicy": { + "RoleManagementPolicy": { "properties": { "id": { "type": "string", @@ -290,18 +290,18 @@ }, "properties": { "x-ms-client-flatten": true, - "$ref": "#/definitions/PrivilegedRolePolicyProperties", + "$ref": "#/definitions/RoleManagementPolicyProperties", "description": "Role management policy properties." } }, "description": "Role management policy" }, - "PrivilegedRolePolicyListResult": { + "RoleManagementPolicyListResult": { "properties": { "value": { "type": "array", "items": { - "$ref": "#/definitions/PrivilegedRolePolicy" + "$ref": "#/definitions/RoleManagementPolicy" }, "description": "Role management policy list." }, @@ -312,7 +312,7 @@ }, "description": "Role management policy list operation result." }, - "PrivilegedRolePolicyRule": { + "RoleManagementPolicyRule": { "description": "The role management policy rule.", "type": "object", "required": [ @@ -326,19 +326,19 @@ }, "ruleType": { "description": "The type of rule", - "$ref": "#/definitions/PrivilegedRolePolicyRuleType" + "$ref": "#/definitions/RoleManagementPolicyRuleType" }, "target": { - "$ref": "#/definitions/PrivilegedRolePolicyRuleTarget", + "$ref": "#/definitions/RoleManagementPolicyRuleTarget", "description": "The target of the current rule." } } }, - "PrivilegedRolePolicyApprovalRule": { + "RoleManagementPolicyApprovalRule": { "description": "The role management policy rule.", "allOf": [ { - "$ref": "#/definitions/PrivilegedRolePolicyRule" + "$ref": "#/definitions/RoleManagementPolicyRule" } ], "type": "object", @@ -349,10 +349,10 @@ }, "ruleType": { "description": "The type of rule", - "$ref": "#/definitions/PrivilegedRolePolicyRuleType" + "$ref": "#/definitions/RoleManagementPolicyRuleType" }, "target": { - "$ref": "#/definitions/PrivilegedRolePolicyRuleTarget", + "$ref": "#/definitions/RoleManagementPolicyRuleTarget", "description": "The target of the current rule." }, "setting": { @@ -493,11 +493,11 @@ } } }, - "PrivilegedRolePolicyAuthenticationContextRule": { + "RoleManagementPolicyAuthenticationContextRule": { "description": "The role management policy rule.", "allOf": [ { - "$ref": "#/definitions/PrivilegedRolePolicyRule" + "$ref": "#/definitions/RoleManagementPolicyRule" } ], "type": "object", @@ -508,10 +508,10 @@ }, "ruleType": { "description": "The type of rule", - "$ref": "#/definitions/PrivilegedRolePolicyRuleType" + "$ref": "#/definitions/RoleManagementPolicyRuleType" }, "target": { - "$ref": "#/definitions/PrivilegedRolePolicyRuleTarget", + "$ref": "#/definitions/RoleManagementPolicyRuleTarget", "description": "The target of the current rule." }, "isEnabled": { @@ -524,11 +524,11 @@ } } }, - "PrivilegedRolePolicyEnablementRule": { + "RoleManagementPolicyEnablementRule": { "description": "The role management policy rule.", "allOf": [ { - "$ref": "#/definitions/PrivilegedRolePolicyRule" + "$ref": "#/definitions/RoleManagementPolicyRule" } ], "type": "object", @@ -539,10 +539,10 @@ }, "ruleType": { "description": "The type of rule", - "$ref": "#/definitions/PrivilegedRolePolicyRuleType" + "$ref": "#/definitions/RoleManagementPolicyRuleType" }, "target": { - "$ref": "#/definitions/PrivilegedRolePolicyRuleTarget", + "$ref": "#/definitions/RoleManagementPolicyRuleTarget", "description": "The target of the current rule." }, "enabledRules": { @@ -554,11 +554,11 @@ } } }, - "PrivilegedRolePolicyExpirationRule": { + "RoleManagementPolicyExpirationRule": { "description": "The role management policy rule.", "allOf": [ { - "$ref": "#/definitions/PrivilegedRolePolicyRule" + "$ref": "#/definitions/RoleManagementPolicyRule" } ], "type": "object", @@ -569,10 +569,10 @@ }, "ruleType": { "description": "The type of rule", - "$ref": "#/definitions/PrivilegedRolePolicyRuleType" + "$ref": "#/definitions/RoleManagementPolicyRuleType" }, "target": { - "$ref": "#/definitions/PrivilegedRolePolicyRuleTarget", + "$ref": "#/definitions/RoleManagementPolicyRuleTarget", "description": "The target of the current rule." }, "isExpirationRequired": { @@ -585,11 +585,11 @@ } } }, - "PrivilegedRolePolicyNotificationRule": { + "RoleManagementPolicyNotificationRule": { "description": "The role management policy rule.", "allOf": [ { - "$ref": "#/definitions/PrivilegedRolePolicyRule" + "$ref": "#/definitions/RoleManagementPolicyRule" } ], "type": "object", @@ -600,10 +600,10 @@ }, "ruleType": { "description": "The type of rule", - "$ref": "#/definitions/PrivilegedRolePolicyRuleType" + "$ref": "#/definitions/RoleManagementPolicyRuleType" }, "target": { - "$ref": "#/definitions/PrivilegedRolePolicyRuleTarget", + "$ref": "#/definitions/RoleManagementPolicyRuleTarget", "description": "The target of the current rule." }, "notificationType": { @@ -652,7 +652,7 @@ } } }, - "PrivilegedRolePolicyRuleTarget": { + "RoleManagementPolicyRuleTarget": { "description": "The role management policy rule target.", "type": "object", "properties": { @@ -694,18 +694,18 @@ } } }, - "PrivilegedRolePolicyRuleType": { + "RoleManagementPolicyRuleType": { "type": "string", "description": "The type of rule", "enum": [ - "PrivilegedRolePolicyApprovalRule", - "PrivilegedRolePolicyAuthenticationContextRule", - "PrivilegedRolePolicyEnablementRule", - "PrivilegedRolePolicyExpirationRule", - "PrivilegedRolePolicyNotificationRule" + "RoleManagementPolicyApprovalRule", + "RoleManagementPolicyAuthenticationContextRule", + "RoleManagementPolicyEnablementRule", + "RoleManagementPolicyExpirationRule", + "RoleManagementPolicyNotificationRule" ], "x-ms-enum": { - "name": "PrivilegedRolePolicyRuleType", + "name": "RoleManagementPolicyRuleType", "modelAsString": true } }, diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicyAssignment.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleManagementPolicyAssignments.json similarity index 84% rename from specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicyAssignment.json rename to specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleManagementPolicyAssignments.json index 1a7ddb60fa15..d1eb52df6640 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicyAssignment.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleManagementPolicyAssignments.json @@ -34,12 +34,12 @@ } }, "paths": { - "/{scope}/providers/Microsoft.Authorization/privilegedRolePolicyAssignments/{privilegedRolePolicyAssignmentName}": { + "/{scope}/providers/Microsoft.Authorization/roleManagementPolicyAssignments/{roleManagementPolicyAssignmentName}": { "get": { "tags": [ - "privilegedRolePolicyAssignments" + "roleManagementPolicyAssignments" ], - "operationId": "privilegedRolePolicyAssignments_Get", + "operationId": "roleManagementPolicyAssignments_Get", "description": "Get the specified role management policy assignment for a resource scope", "parameters": [ { @@ -51,7 +51,7 @@ "x-ms-skip-url-encoding": true }, { - "name": "privilegedRolePolicyAssignmentName", + "name": "roleManagementPolicyAssignmentName", "in": "path", "required": true, "type": "string", @@ -65,7 +65,7 @@ "200": { "description": "OK - Returns information about the role management policy.", "schema": { - "$ref": "#/definitions/PrivilegedRolePolicyAssignment" + "$ref": "#/definitions/RoleManagementPolicyAssignment" } }, "default": { @@ -77,15 +77,15 @@ }, "x-ms-examples": { "GetConfigurations": { - "$ref": "./examples/GetPrivilegedRolePolicyAssignmentByName.json" + "$ref": "./examples/GetRoleManagementPolicyAssignmentByName.json" } } }, "put": { "tags": [ - "privilegedRolePolicyAssignments" + "roleManagementPolicyAssignments" ], - "operationId": "privilegedRolePolicyAssignments_Create", + "operationId": "roleManagementPolicyAssignments_Create", "description": "Create a role management policy assignment", "parameters": [ { @@ -97,7 +97,7 @@ "x-ms-skip-url-encoding": true }, { - "name": "privilegedRolePolicyAssignmentName", + "name": "roleManagementPolicyAssignmentName", "in": "path", "required": true, "type": "string", @@ -108,7 +108,7 @@ "in": "body", "required": true, "schema": { - "$ref": "#/definitions/PrivilegedRolePolicyAssignment" + "$ref": "#/definitions/RoleManagementPolicyAssignment" }, "description": "Parameters for the role management policy assignment." }, @@ -120,7 +120,7 @@ "201": { "description": "Created - Returns the created or updated policy assignment.", "schema": { - "$ref": "#/definitions/PrivilegedRolePolicyAssignment" + "$ref": "#/definitions/RoleManagementPolicyAssignment" } }, "default": { @@ -132,15 +132,15 @@ }, "x-ms-examples": { "GetConfigurations": { - "$ref": "./examples/PutPrivilegedRolePolicyAssignment.json" + "$ref": "./examples/PutRoleManagementPolicyAssignment.json" } } }, "delete": { "tags": [ - "privilegedRolePolicyAssignments" + "roleManagementPolicyAssignments" ], - "operationId": "privilegedRolePolicyAssignments_Delete", + "operationId": "roleManagementPolicyAssignments_Delete", "description": "Delete a role management policy assignment", "parameters": [ { @@ -152,7 +152,7 @@ "x-ms-skip-url-encoding": true }, { - "name": "privilegedRolePolicyAssignmentName", + "name": "roleManagementPolicyAssignmentName", "in": "path", "required": true, "type": "string", @@ -178,17 +178,17 @@ }, "x-ms-examples": { "GetConfigurations": { - "$ref": "./examples/DeletePrivilegedRolePolicyAssignment.json" + "$ref": "./examples/DeleteRoleManagementPolicyAssignment.json" } } } }, - "/{scope}/providers/Microsoft.Authorization/privilegedRolePolicyAssignments": { + "/{scope}/providers/Microsoft.Authorization/roleManagementPolicyAssignments": { "get": { "tags": [ - "privilegedRolePolicyAssignments" + "roleManagementPolicyAssignments" ], - "operationId": "privilegedRolePolicyAssignments_ListForScope", + "operationId": "roleManagementPolicyAssignments_ListForScope", "description": "Gets role management assignment policies for a resource scope.", "parameters": [ { @@ -207,7 +207,7 @@ "200": { "description": "OK - Returns an array of role management policies.", "schema": { - "$ref": "#/definitions/PrivilegedRolePolicyAssignmentListResult" + "$ref": "#/definitions/RoleManagementPolicyAssignmentListResult" } }, "default": { @@ -222,14 +222,14 @@ }, "x-ms-examples": { "GetConfigurations": { - "$ref": "./examples/GetPrivilegedRolePolicyAssignmentByScope.json" + "$ref": "./examples/GetRoleManagementPolicyAssignmentByScope.json" } } } } }, "definitions": { - "PrivilegedRolePolicyAssignment": { + "RoleManagementPolicyAssignment": { "properties": { "id": { "type": "string", @@ -248,13 +248,13 @@ }, "properties": { "x-ms-client-flatten": true, - "$ref": "#/definitions/PrivilegedRolePolicyAssignmentProperties", + "$ref": "#/definitions/RoleManagementPolicyAssignmentProperties", "description": "Role management policy properties." } }, "description": "Role management policy" }, - "PrivilegedRolePolicyAssignmentProperties": { + "RoleManagementPolicyAssignmentProperties": { "properties": { "scope": { "type": "string", @@ -271,12 +271,12 @@ }, "description": "Role management policy assignment properties with scope." }, - "PrivilegedRolePolicyAssignmentListResult": { + "RoleManagementPolicyAssignmentListResult": { "properties": { "value": { "type": "array", "items": { - "$ref": "#/definitions/PrivilegedRolePolicyAssignment" + "$ref": "#/definitions/RoleManagementPolicyAssignment" }, "description": "Role management policy assignment list." }, diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/DeletePrivilegedRolePolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/DeleteRoleManagementPolicy.json similarity index 75% rename from specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/DeletePrivilegedRolePolicy.json rename to specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/DeleteRoleManagementPolicy.json index f5f4a24a901e..5e4676e0191e 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/DeletePrivilegedRolePolicy.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/DeleteRoleManagementPolicy.json @@ -1,7 +1,7 @@ { "parameters": { "scope": "subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", - "privilegedRolePolicyName": "d693780f-543d-4aad-a4c8-139ff6a1db8d", + "roleManagementPolicyName": "d693780f-543d-4aad-a4c8-139ff6a1db8d", "api-version": "2020-10-01-preview" }, "responses": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/DeletePrivilegedRolePolicyAssignment.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/DeleteRoleManagementPolicyAssignment.json similarity index 78% rename from specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/DeletePrivilegedRolePolicyAssignment.json rename to specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/DeleteRoleManagementPolicyAssignment.json index 902ef7fa1d0f..b21404439bbe 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/DeletePrivilegedRolePolicyAssignment.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/DeleteRoleManagementPolicyAssignment.json @@ -1,7 +1,7 @@ { "parameters": { "scope": "subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", - "privilegedRolePolicyAssignmentName": "477f2d04-0fdc-417f-ab1b-d9fff8137134_a37489be-9462-48fb-a3b6-7b9bc2debbad", + "roleManagementPolicyAssignmentName": "477f2d04-0fdc-417f-ab1b-d9fff8137134_a37489be-9462-48fb-a3b6-7b9bc2debbad", "api-version": "2020-10-01-preview" }, "responses": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyAssignmentByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleManagementPolicyAssignmentByName.json similarity index 77% rename from specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyAssignmentByName.json rename to specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleManagementPolicyAssignmentByName.json index c1aa1c255c8e..d8bb04656208 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyAssignmentByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleManagementPolicyAssignmentByName.json @@ -1,7 +1,7 @@ { "parameters": { "scope": "subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", - "privilegedRolePolicyAssignmentName": "477f2d04-0fdc-417f-ab1b-d9fff8137134_a37489be-9462-48fb-a3b6-7b9bc2debbad", + "roleManagementPolicyAssignmentName": "477f2d04-0fdc-417f-ab1b-d9fff8137134_a37489be-9462-48fb-a3b6-7b9bc2debbad", "api-version": "2020-10-01-preview" }, "responses": { @@ -10,11 +10,11 @@ "properties": { "scope": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/a37489be-9462-48fb-a3b6-7b9bc2debbad", - "policyId": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/PrivilegedRolePolicies/477f2d04-0fdc-417f-ab1b-d9fff8137134" + "policyId": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/RoleManagementPolicies/477f2d04-0fdc-417f-ab1b-d9fff8137134" }, "name": "477f2d04-0fdc-417f-ab1b-d9fff8137134_a37489be-9462-48fb-a3b6-7b9bc2debbad", - "id": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/PrivilegedRolePolicyAssignment/477f2d04-0fdc-417f-ab1b-d9fff8137134_a37489be-9462-48fb-a3b6-7b9bc2debbad", - "type": "Microsoft.Authorization/PrivilegedRolePolicyAssignment" + "id": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/RoleManagementPolicyAssignment/477f2d04-0fdc-417f-ab1b-d9fff8137134_a37489be-9462-48fb-a3b6-7b9bc2debbad", + "type": "Microsoft.Authorization/RoleManagementPolicyAssignment" } } } diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyAssignmentByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleManagementPolicyAssignmentByScope.json similarity index 82% rename from specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyAssignmentByScope.json rename to specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleManagementPolicyAssignmentByScope.json index 2f9b0eba5142..8c0130ac3231 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyAssignmentByScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleManagementPolicyAssignmentByScope.json @@ -11,11 +11,11 @@ "properties": { "scope": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/a37489be-9462-48fb-a3b6-7b9bc2debbad", - "policyId": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/PrivilegedRolePolicies/477f2d04-0fdc-417f-ab1b-d9fff8137134" + "policyId": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/RoleManagementPolicies/477f2d04-0fdc-417f-ab1b-d9fff8137134" }, "name": "477f2d04-0fdc-417f-ab1b-d9fff8137134_a37489be-9462-48fb-a3b6-7b9bc2debbad", - "id": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/PrivilegedRolePolicyAssignment/477f2d04-0fdc-417f-ab1b-d9fff8137134_a37489be-9462-48fb-a3b6-7b9bc2debbad", - "type": "Microsoft.Authorization/PrivilegedRolePolicyAssignment" + "id": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/RoleManagementPolicyAssignment/477f2d04-0fdc-417f-ab1b-d9fff8137134_a37489be-9462-48fb-a3b6-7b9bc2debbad", + "type": "Microsoft.Authorization/RoleManagementPolicyAssignment" } ] } diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleManagementPolicyByName.json similarity index 89% rename from specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyByName.json rename to specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleManagementPolicyByName.json index 4725c38859ee..2790bff70d0c 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleManagementPolicyByName.json @@ -1,7 +1,7 @@ { "parameters": { "scope": "subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", - "privilegedRolePolicyName": "d693780f-543d-4aad-a4c8-139ff6a1db8d", + "roleManagementPolicyName": "d693780f-543d-4aad-a4c8-139ff6a1db8d", "api-version": "2020-10-01-preview" }, "responses": { @@ -18,7 +18,7 @@ "isExpirationRequired": false, "maximumDuration": "90.00:00:00", "id": "Expiration_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "Admin", "operations": [ @@ -38,7 +38,7 @@ "" ], "id": "Notification_Email_ALL_Admin_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -58,7 +58,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -78,7 +78,7 @@ "" ], "id": "Notification_Email_ALL_Approver_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -93,7 +93,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "Admin", "operations": [ @@ -109,7 +109,7 @@ "isExpirationRequired": true, "maximumDuration": "90.00:00:00", "id": "Expiration_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "Admin", "operations": [ @@ -129,7 +129,7 @@ "" ], "id": "Notification_Email_ALL_Admin_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -149,7 +149,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -169,7 +169,7 @@ "" ], "id": "Notification_Email_ALL_Approver_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -184,7 +184,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "Admin", "operations": [ @@ -200,7 +200,7 @@ "isExpirationRequired": true, "maximumDuration": "90.00:00:00", "id": "Expiration_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "EndUser", "operations": [ @@ -220,7 +220,7 @@ "" ], "id": "Notification_Email_ALL_Admin_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -240,7 +240,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -260,7 +260,7 @@ "" ], "id": "Notification_Email_ALL_Approver_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -275,7 +275,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "EndUser", "operations": [ @@ -291,7 +291,7 @@ "isEnabled": false, "claimValue": null, "id": "AuthenticationContext_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyAuthenticationContextRule", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", "target": { "caller": "EndUser", "operations": [ @@ -307,7 +307,7 @@ "isExpirationRequired": true, "maximumDuration": "1.00:00:00", "id": "Expiration_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "EndUser", "operations": [ @@ -327,7 +327,7 @@ "" ], "id": "Notification_Email_ALL_Admin_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -347,7 +347,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -365,7 +365,7 @@ "notificationLevel": "ALL", "notificationRecipients": null, "id": "Notification_Email_ALL_Approver_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -380,7 +380,7 @@ { "enabledRules": [], "id": "Ticketing_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "EndUser", "operations": [ @@ -395,7 +395,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "EndUser", "operations": [ @@ -413,7 +413,7 @@ "isExpirationRequired": false, "maximumDuration": "90.00:00:00", "id": "Expiration_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "Admin", "operations": [ @@ -433,7 +433,7 @@ "" ], "id": "Notification_Email_ALL_Admin_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -453,7 +453,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -473,7 +473,7 @@ "" ], "id": "Notification_Email_ALL_Approver_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -488,7 +488,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "Admin", "operations": [ @@ -504,7 +504,7 @@ "isExpirationRequired": true, "maximumDuration": "90.00:00:00", "id": "Expiration_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "Admin", "operations": [ @@ -524,7 +524,7 @@ "" ], "id": "Notification_Email_ALL_Admin_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -544,7 +544,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -564,7 +564,7 @@ "" ], "id": "Notification_Email_ALL_Approver_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -579,7 +579,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "Admin", "operations": [ @@ -595,7 +595,7 @@ "isExpirationRequired": true, "maximumDuration": "90.00:00:00", "id": "Expiration_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "EndUser", "operations": [ @@ -615,7 +615,7 @@ "" ], "id": "Notification_Email_ALL_Admin_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -635,7 +635,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -655,7 +655,7 @@ "" ], "id": "Notification_Email_ALL_Approver_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -670,7 +670,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "EndUser", "operations": [ @@ -686,7 +686,7 @@ "isEnabled": false, "claimValue": null, "id": "AuthenticationContext_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyAuthenticationContextRule", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", "target": { "caller": "EndUser", "operations": [ @@ -702,7 +702,7 @@ "isExpirationRequired": true, "maximumDuration": "1.00:00:00", "id": "Expiration_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "EndUser", "operations": [ @@ -722,7 +722,7 @@ "" ], "id": "Notification_Email_ALL_Admin_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -742,7 +742,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -760,7 +760,7 @@ "notificationLevel": "ALL", "notificationRecipients": null, "id": "Notification_Email_ALL_Approver_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -775,7 +775,7 @@ { "enabledRules": [], "id": "Ticketing_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "EndUser", "operations": [ @@ -790,7 +790,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "EndUser", "operations": [ @@ -805,8 +805,8 @@ ] }, "name": "d693780f-543d-4aad-a4c8-139ff6a1db8d", - "id": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/PrivilegedRolePolicies/d693780f-543d-4aad-a4c8-139ff6a1db8d", - "type": "Microsoft.Authorization/PrivilegedRolePolicies" + "id": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/RoleManagementPolicies/d693780f-543d-4aad-a4c8-139ff6a1db8d", + "type": "Microsoft.Authorization/RoleManagementPolicies" } } } diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleManagementPolicyByScope.json similarity index 90% rename from specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyByScope.json rename to specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleManagementPolicyByScope.json index 1276c5661ef8..a67a7c87c400 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetPrivilegedRolePolicyByScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleManagementPolicyByScope.json @@ -19,7 +19,7 @@ "isExpirationRequired": false, "maximumDuration": "90.00:00:00", "id": "Expiration_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "Admin", "operations": [ @@ -39,7 +39,7 @@ "" ], "id": "Notification_Email_ALL_Admin_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -59,7 +59,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -79,7 +79,7 @@ "" ], "id": "Notification_Email_ALL_Approver_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -94,7 +94,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "Admin", "operations": [ @@ -110,7 +110,7 @@ "isExpirationRequired": true, "maximumDuration": "90.00:00:00", "id": "Expiration_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "Admin", "operations": [ @@ -130,7 +130,7 @@ "" ], "id": "Notification_Email_ALL_Admin_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -150,7 +150,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -170,7 +170,7 @@ "" ], "id": "Notification_Email_ALL_Approver_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -185,7 +185,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "Admin", "operations": [ @@ -201,7 +201,7 @@ "isExpirationRequired": true, "maximumDuration": "90.00:00:00", "id": "Expiration_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "EndUser", "operations": [ @@ -221,7 +221,7 @@ "" ], "id": "Notification_Email_ALL_Admin_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -241,7 +241,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -261,7 +261,7 @@ "" ], "id": "Notification_Email_ALL_Approver_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -276,7 +276,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "EndUser", "operations": [ @@ -292,7 +292,7 @@ "isEnabled": false, "claimValue": null, "id": "AuthenticationContext_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyAuthenticationContextRule", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", "target": { "caller": "EndUser", "operations": [ @@ -308,7 +308,7 @@ "isExpirationRequired": true, "maximumDuration": "1.00:00:00", "id": "Expiration_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "EndUser", "operations": [ @@ -328,7 +328,7 @@ "" ], "id": "Notification_Email_ALL_Admin_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -348,7 +348,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -366,7 +366,7 @@ "notificationLevel": "ALL", "notificationRecipients": null, "id": "Notification_Email_ALL_Approver_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -381,7 +381,7 @@ { "enabledRules": [], "id": "Ticketing_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "EndUser", "operations": [ @@ -396,7 +396,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "EndUser", "operations": [ @@ -414,7 +414,7 @@ "isExpirationRequired": false, "maximumDuration": "90.00:00:00", "id": "Expiration_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "Admin", "operations": [ @@ -434,7 +434,7 @@ "" ], "id": "Notification_Email_ALL_Admin_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -454,7 +454,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -474,7 +474,7 @@ "" ], "id": "Notification_Email_ALL_Approver_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -489,7 +489,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "Admin", "operations": [ @@ -505,7 +505,7 @@ "isExpirationRequired": true, "maximumDuration": "90.00:00:00", "id": "Expiration_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "Admin", "operations": [ @@ -525,7 +525,7 @@ "" ], "id": "Notification_Email_ALL_Admin_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -545,7 +545,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -565,7 +565,7 @@ "" ], "id": "Notification_Email_ALL_Approver_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -580,7 +580,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "Admin", "operations": [ @@ -596,7 +596,7 @@ "isExpirationRequired": true, "maximumDuration": "90.00:00:00", "id": "Expiration_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "EndUser", "operations": [ @@ -616,7 +616,7 @@ "" ], "id": "Notification_Email_ALL_Admin_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -636,7 +636,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -656,7 +656,7 @@ "" ], "id": "Notification_Email_ALL_Approver_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -671,7 +671,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "EndUser", "operations": [ @@ -687,7 +687,7 @@ "isEnabled": false, "claimValue": null, "id": "AuthenticationContext_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyAuthenticationContextRule", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", "target": { "caller": "EndUser", "operations": [ @@ -703,7 +703,7 @@ "isExpirationRequired": true, "maximumDuration": "1.00:00:00", "id": "Expiration_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "EndUser", "operations": [ @@ -723,7 +723,7 @@ "" ], "id": "Notification_Email_ALL_Admin_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -743,7 +743,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -761,7 +761,7 @@ "notificationLevel": "ALL", "notificationRecipients": null, "id": "Notification_Email_ALL_Approver_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -776,7 +776,7 @@ { "enabledRules": [], "id": "Ticketing_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "EndUser", "operations": [ @@ -791,7 +791,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "EndUser", "operations": [ @@ -806,8 +806,8 @@ ] }, "name": "d693780f-543d-4aad-a4c8-139ff6a1db8d", - "id": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/PrivilegedRolePolicies/d693780f-543d-4aad-a4c8-139ff6a1db8d", - "type": "Microsoft.Authorization/PrivilegedRolePolicies" + "id": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/RoleManagementPolicies/d693780f-543d-4aad-a4c8-139ff6a1db8d", + "type": "Microsoft.Authorization/RoleManagementPolicies" } ] } diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutPrivilegedRolePolicyAssignment.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutRoleManagementPolicyAssignment.json similarity index 80% rename from specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutPrivilegedRolePolicyAssignment.json rename to specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutRoleManagementPolicyAssignment.json index 8391c65cfcc3..0aa0afab81c8 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutPrivilegedRolePolicyAssignment.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutRoleManagementPolicyAssignment.json @@ -1,13 +1,13 @@ { "parameters": { "scope": "subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", - "privilegedRolePolicyAssignmentName": "477f2d04-0fdc-417f-ab1b-d9fff8137134_a37489be-9462-48fb-a3b6-7b9bc2debbad", + "roleManagementPolicyAssignmentName": "477f2d04-0fdc-417f-ab1b-d9fff8137134_a37489be-9462-48fb-a3b6-7b9bc2debbad", "api-version": "2020-10-01-preview", "parameters": { "properties": { "scope": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/a37489be-9462-48fb-a3b6-7b9bc2debbad", - "policyId": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/PrivilegedRolePolicies/477f2d04-0fdc-417f-ab1b-d9fff8137134" + "policyId": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/RoleManagementPolicies/477f2d04-0fdc-417f-ab1b-d9fff8137134" } } }, @@ -17,11 +17,11 @@ "properties": { "scope": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/a37489be-9462-48fb-a3b6-7b9bc2debbad", - "policyId": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/PrivilegedRolePolicies/477f2d04-0fdc-417f-ab1b-d9fff8137134" + "policyId": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/RoleManagementPolicies/477f2d04-0fdc-417f-ab1b-d9fff8137134" }, "name": "477f2d04-0fdc-417f-ab1b-d9fff8137134_a37489be-9462-48fb-a3b6-7b9bc2debbad", - "id": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/PrivilegedRolePolicyAssignment/477f2d04-0fdc-417f-ab1b-d9fff8137134_a37489be-9462-48fb-a3b6-7b9bc2debbad", - "type": "Microsoft.Authorization/PrivilegedRolePolicyAssignment" + "id": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/RoleManagementPolicyAssignment/477f2d04-0fdc-417f-ab1b-d9fff8137134_a37489be-9462-48fb-a3b6-7b9bc2debbad", + "type": "Microsoft.Authorization/RoleManagementPolicyAssignment" } } } diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutPrivilegedRolePolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutRoleManagementPolicyjson similarity index 89% rename from specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutPrivilegedRolePolicy.json rename to specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutRoleManagementPolicyjson index 9d2c2e283b30..052f54130314 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutPrivilegedRolePolicy.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutRoleManagementPolicyjson @@ -1,7 +1,7 @@ { "parameters": { "scope": "subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", - "privilegedRolePolicyName": "d693780f-543d-4aad-a4c8-139ff6a1db8d", + "roleManagementPolicyName": "d693780f-543d-4aad-a4c8-139ff6a1db8d", "api-version": "2020-10-01-preview", "parameters": { "properties": { @@ -12,7 +12,7 @@ "isExpirationRequired": false, "maximumDuration": "90.00:00:00", "id": "Expiration_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "Admin", "operations": [ @@ -32,7 +32,7 @@ "" ], "id": "Notification_Email_ALL_Admin_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -52,7 +52,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -72,7 +72,7 @@ "" ], "id": "Notification_Email_ALL_Approver_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -87,7 +87,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "Admin", "operations": [ @@ -103,7 +103,7 @@ "isExpirationRequired": true, "maximumDuration": "90.00:00:00", "id": "Expiration_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "Admin", "operations": [ @@ -123,7 +123,7 @@ "" ], "id": "Notification_Email_ALL_Admin_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -143,7 +143,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -163,7 +163,7 @@ "" ], "id": "Notification_Email_ALL_Approver_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -178,7 +178,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "Admin", "operations": [ @@ -194,7 +194,7 @@ "isExpirationRequired": true, "maximumDuration": "90.00:00:00", "id": "Expiration_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "EndUser", "operations": [ @@ -214,7 +214,7 @@ "" ], "id": "Notification_Email_ALL_Admin_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -234,7 +234,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -254,7 +254,7 @@ "" ], "id": "Notification_Email_ALL_Approver_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -269,7 +269,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "EndUser", "operations": [ @@ -285,7 +285,7 @@ "isEnabled": false, "claimValue": null, "id": "AuthenticationContext_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyAuthenticationContextRule", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", "target": { "caller": "EndUser", "operations": [ @@ -301,7 +301,7 @@ "isExpirationRequired": true, "maximumDuration": "1.00:00:00", "id": "Expiration_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "EndUser", "operations": [ @@ -321,7 +321,7 @@ "" ], "id": "Notification_Email_ALL_Admin_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -341,7 +341,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -359,7 +359,7 @@ "notificationLevel": "ALL", "notificationRecipients": null, "id": "Notification_Email_ALL_Approver_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -374,7 +374,7 @@ { "enabledRules": [], "id": "Ticketing_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "EndUser", "operations": [ @@ -389,7 +389,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "EndUser", "operations": [ @@ -419,7 +419,7 @@ "isExpirationRequired": false, "maximumDuration": "90.00:00:00", "id": "Expiration_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "Admin", "operations": [ @@ -439,7 +439,7 @@ "" ], "id": "Notification_Email_ALL_Admin_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -459,7 +459,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -479,7 +479,7 @@ "" ], "id": "Notification_Email_ALL_Approver_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -494,7 +494,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "Admin", "operations": [ @@ -510,7 +510,7 @@ "isExpirationRequired": true, "maximumDuration": "90.00:00:00", "id": "Expiration_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "Admin", "operations": [ @@ -530,7 +530,7 @@ "" ], "id": "Notification_Email_ALL_Admin_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -550,7 +550,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -570,7 +570,7 @@ "" ], "id": "Notification_Email_ALL_Approver_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -585,7 +585,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "Admin", "operations": [ @@ -601,7 +601,7 @@ "isExpirationRequired": true, "maximumDuration": "90.00:00:00", "id": "Expiration_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "EndUser", "operations": [ @@ -621,7 +621,7 @@ "" ], "id": "Notification_Email_ALL_Admin_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -641,7 +641,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -661,7 +661,7 @@ "" ], "id": "Notification_Email_ALL_Approver_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -676,7 +676,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "EndUser", "operations": [ @@ -692,7 +692,7 @@ "isEnabled": false, "claimValue": null, "id": "AuthenticationContext_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyAuthenticationContextRule", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", "target": { "caller": "EndUser", "operations": [ @@ -708,7 +708,7 @@ "isExpirationRequired": true, "maximumDuration": "1.00:00:00", "id": "Expiration_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "EndUser", "operations": [ @@ -728,7 +728,7 @@ "" ], "id": "Notification_Email_ALL_Admin_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -748,7 +748,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -766,7 +766,7 @@ "notificationLevel": "ALL", "notificationRecipients": null, "id": "Notification_Email_ALL_Approver_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -781,7 +781,7 @@ { "enabledRules": [], "id": "Ticketing_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "EndUser", "operations": [ @@ -796,7 +796,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "EndUser", "operations": [ @@ -814,7 +814,7 @@ "isExpirationRequired": false, "maximumDuration": "90.00:00:00", "id": "Expiration_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "Admin", "operations": [ @@ -834,7 +834,7 @@ "" ], "id": "Notification_Email_ALL_Admin_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -854,7 +854,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -874,7 +874,7 @@ "" ], "id": "Notification_Email_ALL_Approver_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -889,7 +889,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_Admin_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "Admin", "operations": [ @@ -905,7 +905,7 @@ "isExpirationRequired": true, "maximumDuration": "90.00:00:00", "id": "Expiration_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "Admin", "operations": [ @@ -925,7 +925,7 @@ "" ], "id": "Notification_Email_ALL_Admin_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -945,7 +945,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -965,7 +965,7 @@ "" ], "id": "Notification_Email_ALL_Approver_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "Admin", "operations": [ @@ -980,7 +980,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_Admin_ALL_Member", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "Admin", "operations": [ @@ -996,7 +996,7 @@ "isExpirationRequired": true, "maximumDuration": "90.00:00:00", "id": "Expiration_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "EndUser", "operations": [ @@ -1016,7 +1016,7 @@ "" ], "id": "Notification_Email_ALL_Admin_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -1036,7 +1036,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -1056,7 +1056,7 @@ "" ], "id": "Notification_Email_ALL_Approver_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -1071,7 +1071,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_EndUser_ALL_Eligible", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "EndUser", "operations": [ @@ -1087,7 +1087,7 @@ "isEnabled": false, "claimValue": null, "id": "AuthenticationContext_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyAuthenticationContextRule", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", "target": { "caller": "EndUser", "operations": [ @@ -1103,7 +1103,7 @@ "isExpirationRequired": true, "maximumDuration": "1.00:00:00", "id": "Expiration_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyExpirationRule", + "ruleType": "RoleManagementPolicyExpirationRule", "target": { "caller": "EndUser", "operations": [ @@ -1123,7 +1123,7 @@ "" ], "id": "Notification_Email_ALL_Admin_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -1143,7 +1143,7 @@ "" ], "id": "Notification_Email_ALL_Requestor_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -1161,7 +1161,7 @@ "notificationLevel": "ALL", "notificationRecipients": null, "id": "Notification_Email_ALL_Approver_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyNotificationRule", + "ruleType": "RoleManagementPolicyNotificationRule", "target": { "caller": "EndUser", "operations": [ @@ -1176,7 +1176,7 @@ { "enabledRules": [], "id": "Ticketing_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "EndUser", "operations": [ @@ -1191,7 +1191,7 @@ { "enabledRules": [], "id": "MultifactorAuthentication_EndUser_ALL_Member", - "ruleType": "PrivilegedRolePolicyEnablementRule", + "ruleType": "RoleManagementPolicyEnablementRule", "target": { "caller": "EndUser", "operations": [ @@ -1206,8 +1206,8 @@ ] }, "name": "d693780f-543d-4aad-a4c8-139ff6a1db8d", - "id": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/PrivilegedRolePolicies/d693780f-543d-4aad-a4c8-139ff6a1db8d", - "type": "Microsoft.Authorization/PrivilegedRolePolicies" + "id": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/RoleManagementPolicies/d693780f-543d-4aad-a4c8-139ff6a1db8d", + "type": "Microsoft.Authorization/RoleManagementPolicies" } } } diff --git a/specification/authorization/resource-manager/readme.md b/specification/authorization/resource-manager/readme.md index c4e17b59f9d1..495217501307 100644 --- a/specification/authorization/resource-manager/readme.md +++ b/specification/authorization/resource-manager/readme.md @@ -83,8 +83,8 @@ input-file: - Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilitySchedule.json - Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleInstance.json - Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleRequest.json -- Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicy.json -- Microsoft.Authorization/preview/2020-10-01-preview/PrivilegedRolePolicyAssignment.json +- Microsoft.Authorization/preview/2020-10-01-preview/RoleManagementPolicy.json +- Microsoft.Authorization/preview/2020-10-01-preview/RoleManagementPolicyAssignment.json ``` ### Tag: package-2020-04-01-preview From dc658d41f2abd2980438bf4105ac3c454d524fb7 Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Sat, 23 Jan 2021 01:49:26 +0530 Subject: [PATCH 08/13] fix --- .../{PutRoleManagementPolicyjson => PutRoleManagementPolicy.json} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/{PutRoleManagementPolicyjson => PutRoleManagementPolicy.json} (100%) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutRoleManagementPolicyjson b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutRoleManagementPolicy.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutRoleManagementPolicyjson rename to specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutRoleManagementPolicy.json From de7937cb6ca3ffcd27c7cccafddf93f6f2a88bb9 Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Sat, 23 Jan 2021 01:52:56 +0530 Subject: [PATCH 09/13] Fix --- ...PolicyAssignments.json => RoleManagementPolicyAssignment.json} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/{RoleManagementPolicyAssignments.json => RoleManagementPolicyAssignment.json} (100%) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleManagementPolicyAssignments.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleManagementPolicyAssignment.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleManagementPolicyAssignments.json rename to specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleManagementPolicyAssignment.json From 625d31b7de2f0f9fe727df7ab9ff60b42792eb1f Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Sat, 30 Jan 2021 01:01:30 +0530 Subject: [PATCH 10/13] Changes based on docs generated --- .../2020-10-01-preview/RoleAssignmentSchedule.json | 4 ++-- .../RoleAssignmentScheduleInstance.json | 4 ++-- .../2020-10-01-preview/RoleEligibilitySchedule.json | 4 ++-- .../RoleEligibilityScheduleInstance.json | 4 ++-- .../preview/2020-10-01-preview/RoleManagementPolicy.json | 8 ++++---- .../RoleManagementPolicyAssignment.json | 8 ++++---- 6 files changed, 16 insertions(+), 16 deletions(-) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentSchedule.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentSchedule.json index 632f5facd9c4..1b5f62f790a6 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentSchedule.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentSchedule.json @@ -39,7 +39,7 @@ "tags": [ "roleAssignmentSchedules" ], - "operationId": "roleAssignmentSchedules_Get", + "operationId": "RoleAssignmentSchedules_Get", "description": "Get the specified role assignment schedule for a resource scope", "parameters": [ { @@ -87,7 +87,7 @@ "tags": [ "roleAssignmentSchedules" ], - "operationId": "roleAssignmentSchedules_ListForScope", + "operationId": "RoleAssignmentSchedules_ListForScope", "description": "Gets role assignment schedules for a resource scope.", "parameters": [ { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleInstance.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleInstance.json index fab07e94b6f0..2e40668b5ea6 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleInstance.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleInstance.json @@ -39,7 +39,7 @@ "tags": [ "roleAssignmentScheduleInstances" ], - "operationId": "roleAssignmentScheduleInstances_ListForScope", + "operationId": "RoleAssignmentScheduleInstances_ListForScope", "description": "Gets role assignment schedule instances of a role assignment schedule.", "parameters": [ { @@ -91,7 +91,7 @@ "tags": [ "roleAssignmentScheduleInstances" ], - "operationId": "roleAssignmentScheduleInstances_Get", + "operationId": "RoleAssignmentScheduleInstances_Get", "description": "Gets the specified role assignment schedule instance.", "parameters": [ { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilitySchedule.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilitySchedule.json index 01c7b43c3294..015fb85906c2 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilitySchedule.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilitySchedule.json @@ -39,7 +39,7 @@ "tags": [ "roleEligibilitySchedules" ], - "operationId": "roleEligibilitySchedules_Get", + "operationId": "RoleEligibilitySchedules_Get", "description": "Get the specified role eligibility schedule for a resource scope", "parameters": [ { @@ -87,7 +87,7 @@ "tags": [ "roleEligibilitySchedules" ], - "operationId": "roleEligibilitySchedules_ListForScope", + "operationId": "RoleEligibilitySchedules_ListForScope", "description": "Gets role eligibility schedules for a resource scope.", "parameters": [ { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleInstance.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleInstance.json index 0621ec64cd79..9e4528f5d0b8 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleInstance.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleInstance.json @@ -39,7 +39,7 @@ "tags": [ "roleEligibilityScheduleInstances" ], - "operationId": "roleEligibilityScheduleInstances_ListForScope", + "operationId": "RoleEligibilityScheduleInstances_ListForScope", "description": "Gets role eligibility schedule instances of a role eligibility schedule.", "parameters": [ { @@ -91,7 +91,7 @@ "tags": [ "roleEligibilityScheduleInstances" ], - "operationId": "roleEligibilityScheduleInstances_Get", + "operationId": "RoleEligibilityScheduleInstances_Get", "description": "Gets the specified role eligibility schedule instance.", "parameters": [ { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleManagementPolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleManagementPolicy.json index 57c1e3d8a94a..fde5a49a429c 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleManagementPolicy.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleManagementPolicy.json @@ -39,7 +39,7 @@ "tags": [ "roleManagementPolicies" ], - "operationId": "roleManagementPolicies_Get", + "operationId": "RoleManagementPolicies_Get", "description": "Get the specified role management policy for a resource scope", "parameters": [ { @@ -85,7 +85,7 @@ "tags": [ "roleManagementPolicies" ], - "operationId": "roleManagementPolicies_Create", + "operationId": "RoleManagementPolicies_Create", "description": "Update or create a role management policy", "parameters": [ { @@ -140,7 +140,7 @@ "tags": [ "roleManagementPolicies" ], - "operationId": "roleManagementPolicies_Delete", + "operationId": "RoleManagementPolicies_Delete", "description": "Delete a role management policy", "parameters": [ { @@ -188,7 +188,7 @@ "tags": [ "roleManagementPolicies" ], - "operationId": "roleManagementPolicies_ListForScope", + "operationId": "RoleManagementPolicies_ListForScope", "description": "Gets role management policies for a resource scope.", "parameters": [ { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleManagementPolicyAssignment.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleManagementPolicyAssignment.json index d1eb52df6640..9a0fcb86a437 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleManagementPolicyAssignment.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleManagementPolicyAssignment.json @@ -39,7 +39,7 @@ "tags": [ "roleManagementPolicyAssignments" ], - "operationId": "roleManagementPolicyAssignments_Get", + "operationId": "RoleManagementPolicyAssignments_Get", "description": "Get the specified role management policy assignment for a resource scope", "parameters": [ { @@ -85,7 +85,7 @@ "tags": [ "roleManagementPolicyAssignments" ], - "operationId": "roleManagementPolicyAssignments_Create", + "operationId": "RoleManagementPolicyAssignments_Create", "description": "Create a role management policy assignment", "parameters": [ { @@ -140,7 +140,7 @@ "tags": [ "roleManagementPolicyAssignments" ], - "operationId": "roleManagementPolicyAssignments_Delete", + "operationId": "RoleManagementPolicyAssignments_Delete", "description": "Delete a role management policy assignment", "parameters": [ { @@ -188,7 +188,7 @@ "tags": [ "roleManagementPolicyAssignments" ], - "operationId": "roleManagementPolicyAssignments_ListForScope", + "operationId": "RoleManagementPolicyAssignments_ListForScope", "description": "Gets role management assignment policies for a resource scope.", "parameters": [ { From 5cf107e4b36070e1681a565166a024cfdd2dd023 Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Sat, 30 Jan 2021 01:23:40 +0530 Subject: [PATCH 11/13] Scope fix in example --- .../examples/GetRoleManagementPolicyByScope.json | 2 +- .../examples/PutRoleManagementPolicyAssignment.json | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleManagementPolicyByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleManagementPolicyByScope.json index a67a7c87c400..0a329c482a08 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleManagementPolicyByScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/GetRoleManagementPolicyByScope.json @@ -1,6 +1,6 @@ { "parameters": { - "scope": "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "scope": "subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", "api-version": "2020-10-01-preview" }, "responses": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutRoleManagementPolicyAssignment.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutRoleManagementPolicyAssignment.json index 0aa0afab81c8..f606dea2b49e 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutRoleManagementPolicyAssignment.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/PutRoleManagementPolicyAssignment.json @@ -6,7 +6,7 @@ "parameters": { "properties": { "scope": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", - "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/a37489be-9462-48fb-a3b6-7b9bc2debbad", + "roleDefinitionId": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/roleDefinitions/a37489be-9462-48fb-a3b6-7b9bc2debbad", "policyId": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/RoleManagementPolicies/477f2d04-0fdc-417f-ab1b-d9fff8137134" } } @@ -16,7 +16,7 @@ "body": { "properties": { "scope": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3", - "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/a37489be-9462-48fb-a3b6-7b9bc2debbad", + "roleDefinitionId": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/roleDefinitions/a37489be-9462-48fb-a3b6-7b9bc2debbad", "policyId": "/subscriptions/892f85f0-fd69-4fe8-8ee2-bda821252ac3/providers/Microsoft.Authorization/RoleManagementPolicies/477f2d04-0fdc-417f-ab1b-d9fff8137134" }, "name": "477f2d04-0fdc-417f-ab1b-d9fff8137134_a37489be-9462-48fb-a3b6-7b9bc2debbad", From 936fe97878883de771acc5be6c15a97dc96f8fd2 Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Thu, 4 Feb 2021 00:07:53 +0530 Subject: [PATCH 12/13] Updates for documentation --- .../preview/2020-10-01-preview/RoleAssignmentSchedule.json | 2 +- .../2020-10-01-preview/RoleAssignmentScheduleInstance.json | 2 +- .../2020-10-01-preview/RoleAssignmentScheduleRequest.json | 2 +- .../preview/2020-10-01-preview/RoleEligibilitySchedule.json | 2 +- .../2020-10-01-preview/RoleEligibilityScheduleInstance.json | 2 +- .../2020-10-01-preview/RoleEligibilityScheduleRequest.json | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentSchedule.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentSchedule.json index 1b5f62f790a6..ab1612d08c1c 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentSchedule.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentSchedule.json @@ -103,7 +103,7 @@ "in": "query", "required": false, "type": "string", - "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignment schedules at or above the scope. Use $filter=principalId eq {id} to return all role assignment schedules at, above or below the scope for the specified principal. Use $filter=asRequestor() to return all role assignment schedules requested by the current user. Use $filter=asTarget() to return all role assignment schedules created for the current user." + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignment schedules at or above the scope. Use $filter=principalId eq {id} to return all role assignment schedules at, above or below the scope for the specified principal. Use $filter=assignedTo('{userId}') to return all role assignment schedules for the current user. Use $filter=asTarget() to return all role assignment schedules created for the current user." }, { "$ref": "#/parameters/ApiVersionParameter" diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleInstance.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleInstance.json index 2e40668b5ea6..7e56155739ae 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleInstance.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleInstance.json @@ -55,7 +55,7 @@ "in": "query", "required": false, "type": "string", - "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignment schedules at or above the scope. Use $filter=principalId eq {id} to return all role assignment schedules at, above or below the scope for the specified principal. Use $filter=asRequestor() to return all role assignment schedules requested by the current user. Use $filter=asTarget() to return all role assignment schedules created for the current user." + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignment schedules at or above the scope. Use $filter=principalId eq {id} to return all role assignment schedules at, above or below the scope for the specified principal. Use $filter=assignedTo('{userId}') to return all role assignment schedule instances for the user. Use $filter=asTarget() to return all role assignment schedule instances created for the current user." }, { "$ref": "#/parameters/ApiVersionParameter" diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleRequest.json index fa2c3e99d0dd..16ef08399dd1 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleRequest.json @@ -404,7 +404,7 @@ }, "ticketSystem": { "type": "string", - "description": "Ticket number for the role assignment" + "description": "Ticket system name for the role assignment" } }, "description": "Ticket Info of the role assignment" diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilitySchedule.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilitySchedule.json index 015fb85906c2..aae28e8195be 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilitySchedule.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilitySchedule.json @@ -103,7 +103,7 @@ "in": "query", "required": false, "type": "string", - "description": "The filter to apply on the operation. Use $filter=atScope() to return all role eligibility schedules at or above the scope. Use $filter=principalId eq {id} to return all role eligibility schedules at, above or below the scope for the specified principal. Use $filter=asRequestor() to return all role eligibility schedules requested by the current user. Use $filter=asTarget() to return all role eligibility schedules created for the current user." + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role eligibility schedules at or above the scope. Use $filter=principalId eq {id} to return all role eligibility schedules at, above or below the scope for the specified principal. Use $filter=assignedTo('{userId}') to return all role eligibility schedules for the user. Use $filter=asTarget() to return all role eligibility schedules created for the current user." }, { "$ref": "#/parameters/ApiVersionParameter" diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleInstance.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleInstance.json index 9e4528f5d0b8..aca676b790af 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleInstance.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleInstance.json @@ -55,7 +55,7 @@ "in": "query", "required": false, "type": "string", - "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignment schedules at or above the scope. Use $filter=principalId eq {id} to return all role assignment schedules at, above or below the scope for the specified principal. Use $filter=asRequestor() to return all role eligibility schedules requested by the current user. Use $filter=asTarget() to return all role eligibility schedules created for the current user." + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignment schedules at or above the scope. Use $filter=principalId eq {id} to return all role assignment schedules at, above or below the scope for the specified principal. Use $filter=assignedTo('{userId}') to return all role eligibility schedules for the user. Use $filter=asTarget() to return all role eligibility schedules created for the current user." }, { "$ref": "#/parameters/ApiVersionParameter" diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleRequest.json index b0d7561b6c12..9957d749ffd0 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleRequest.json @@ -400,7 +400,7 @@ }, "ticketSystem": { "type": "string", - "description": "Ticket number for the role eligibility" + "description": "Ticket system name for the role eligibility" } }, "description": "Ticket Info of the role eligibility" From 9e3ee0b43d245e86f3aa9a0fdad0abb38fac1a10 Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Thu, 4 Feb 2021 00:19:03 +0530 Subject: [PATCH 13/13] Change operation name --- .../preview/2020-10-01-preview/RoleManagementPolicy.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleManagementPolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleManagementPolicy.json index fde5a49a429c..0ca289498323 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleManagementPolicy.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleManagementPolicy.json @@ -85,7 +85,7 @@ "tags": [ "roleManagementPolicies" ], - "operationId": "RoleManagementPolicies_Create", + "operationId": "RoleManagementPolicies_Update", "description": "Update or create a role management policy", "parameters": [ {